On the other hand, it is clear that it is not sufficient just to |
New IT technologies, like virtualization and Software |
provide the same security features as in the legacy systems |
Defined Network( SDN)/ Network Functions Virtualization |
because there may be new security requirements and |
( NFV), are seen as a way to make 5G networks more |
challenges. 5G systems are going to be service-oriented. |
nimble and efficient, yet less costly. While CT are happy to |
This implies there will be a special emphasis on security |
see IT injecting new vigor into their networks, new security |
and privacy requirements that stem from the angle of |
concerns are emerging. |
services. |
Security cannot be built for 5G services unless the network |
Traditional Security Practice |
infrastructure is robust. In legacy networks, security of |
Mobile communications systems have evolved through |
function network elements( NEs) relies largely on how well |
wireless technology innovation into 2G, 3G, and then 4G to |
their physical entities could be isolated from each other. |
keep pace with ever increasing voice and data traffic. |
However, in 5G, the isolation will work differently as virtual |
Tougher security mechanisms are in place to safeguard |
NEs on cloud-based infrastructure. It’ s likely that time is |
today’ s mobile communication systems. For instance, oneway |
right to take 5G infrastructure security into consideration. |
authentication in 2G has been elevated to mutual |
SDN is proved to be of help in improving transmission |
authentication in 3G & 4G; key length and algorithms are |
efficiency and resource configuration. On the other hand, it |
becoming more robust; as mobility management is |
is important to consider in the 5G security design that it |
improving, a forward key separation in handovers has been |
could be managed in terms of the isolation for network |
added in 4G; also more effective privacy protection is |
nodes such as control nodes and forwarding nodes, and |
considered. |
the secure and correct enforcement of the SDN flow table. |
Traditional security architectures focus on protection of |
Based on network virtualization technology, a network |
voice and data, and they all have the following security |
could build different virtual network slices. Each virtual |
features in common: |
network slice could accommodate a particular service |
Ÿ User identity management based on( U) SIM |
requirement and thereby may require differentiated |
Ÿ Mutual authentication between networks and users |
security capabilities. 5G security design may need to |
Ÿ Securing the path between communicating parties hopvirtual by-hop |
network slices securely. consider issues of how to isolate, deploy, and manage |
Security Challenges Ahead of 5G |
Heterogeneous Access |
|
New Business Models
In traditional mobile communications networks, the primary goal is to enrich people ' s life through communication. Users may communicate by text messages, voice calls, and video calls, or surf Internet or access app services using smart phones. However, 5G is no longer confined to individual customers. It ' s not simply about having a faster mobile network or richer functions in smart phones. 5G will also serve vertical industries, from which a diversity of new services are going to stem.
In the context of vertical industry, security demands could vary significantly among services. For instance, mobile
Internet of Things( IoT) devices require lightweight security while high-speed mobile services demand high efficient mobile security. The network based hop-by-hop security approach may not be efficient enough to build differentiated end-to-end( E2E) security for different services. As IoT is gaining momentum, more people will be able to remotely operate or " talk " to networked devices, for instance, instructing facilities at a smart home to get up. Therefore, there is a need of a more stringent authentication method to prevent unauthorized access to
|
Heterogeneous will be one of the network features of next-generation access networks. The heterogeneous nature comes not only from the use of different access technologies( WiFi and LTE), but also from multi-network environment, which might imply that the access network architecture from different networks are different. So a consideration for security designers is building security architecture suitable for different access technologies.
IoT devices have many choices in the way they access networks. For instance, they may connect to networks directly, or via a gateway, or in the D2D or Relay fashion.
Comparing to mobile handset, security management of IOT device in 5G may be efficient and lightweight in order to establish trust relationships between devices and networks.
Privacy Protection
With the advances of mobile Internet, more and more vertical industries, including health care, smart home, and smart transport, will resort to 5G networks. As open network platforms, 5G networks raise serious concerns on privacy leakage. In many cases, privacy leakage can cause serious consequences.
|
IoT devices. For example, biometric identification could be |
As primary method for network accessing, mobile |
part of the authentication in smart homes. |
networks carries data and signaling that contains many |
IT-Driven Network Architecture |
personal privacy information( for instance, identity, |