On the other hand , it is clear that it is not sufficient just to |
New IT technologies , like virtualization and Software |
provide the same security features as in the legacy systems |
Defined Network ( SDN )/ Network Functions Virtualization |
because there may be new security requirements and |
( NFV ), are seen as a way to make 5G networks more |
challenges . 5G systems are going to be service-oriented . |
nimble and efficient , yet less costly . While CT are happy to |
This implies there will be a special emphasis on security |
see IT injecting new vigor into their networks , new security |
and privacy requirements that stem from the angle of |
concerns are emerging . |
services . |
Security cannot be built for 5G services unless the network |
Traditional Security Practice |
infrastructure is robust . In legacy networks , security of |
Mobile communications systems have evolved through |
function network elements ( NEs ) relies largely on how well |
wireless technology innovation into 2G , 3G , and then 4G to |
their physical entities could be isolated from each other . |
keep pace with ever increasing voice and data traffic . |
However , in 5G , the isolation will work differently as virtual |
Tougher security mechanisms are in place to safeguard |
NEs on cloud-based infrastructure . It ’ s likely that time is |
today ’ s mobile communication systems . For instance , oneway |
right to take 5G infrastructure security into consideration . |
authentication in 2G has been elevated to mutual |
SDN is proved to be of help in improving transmission |
authentication in 3G & 4G ; key length and algorithms are |
efficiency and resource configuration . On the other hand , it |
becoming more robust ; as mobility management is |
is important to consider in the 5G security design that it |
improving , a forward key separation in handovers has been |
could be managed in terms of the isolation for network |
added in 4G ; also more effective privacy protection is |
nodes such as control nodes and forwarding nodes , and |
considered . |
the secure and correct enforcement of the SDN flow table . |
Traditional security architectures focus on protection of |
Based on network virtualization technology , a network |
voice and data , and they all have the following security |
could build different virtual network slices . Each virtual |
features in common : |
network slice could accommodate a particular service |
Ÿ User identity management based on ( U ) SIM |
requirement and thereby may require differentiated |
Ÿ Mutual authentication between networks and users |
security capabilities . 5G security design may need to |
Ÿ Securing the path between communicating parties hopvirtual by-hop |
network slices securely . consider issues of how to isolate , deploy , and manage |
Security Challenges Ahead of 5G |
Heterogeneous Access |
|
New Business Models
In traditional mobile communications networks , the primary goal is to enrich people ' s life through communication . Users may communicate by text messages , voice calls , and video calls , or surf Internet or access app services using smart phones . However , 5G is no longer confined to individual customers . It ' s not simply about having a faster mobile network or richer functions in smart phones . 5G will also serve vertical industries , from which a diversity of new services are going to stem .
In the context of vertical industry , security demands could vary significantly among services . For instance , mobile
Internet of Things ( IoT ) devices require lightweight security while high-speed mobile services demand high efficient mobile security . The network based hop-by-hop security approach may not be efficient enough to build differentiated end-to-end ( E2E ) security for different services . As IoT is gaining momentum , more people will be able to remotely operate or " talk " to networked devices , for instance , instructing facilities at a smart home to get up . Therefore , there is a need of a more stringent authentication method to prevent unauthorized access to
|
Heterogeneous will be one of the network features of next-generation access networks . The heterogeneous nature comes not only from the use of different access technologies ( WiFi and LTE ), but also from multi-network environment , which might imply that the access network architecture from different networks are different . So a consideration for security designers is building security architecture suitable for different access technologies .
IoT devices have many choices in the way they access networks . For instance , they may connect to networks directly , or via a gateway , or in the D2D or Relay fashion .
Comparing to mobile handset , security management of IOT device in 5G may be efficient and lightweight in order to establish trust relationships between devices and networks .
Privacy Protection
With the advances of mobile Internet , more and more vertical industries , including health care , smart home , and smart transport , will resort to 5G networks . As open network platforms , 5G networks raise serious concerns on privacy leakage . In many cases , privacy leakage can cause serious consequences .
|
IoT devices . For example , biometric identification could be |
As primary method for network accessing , mobile |
part of the authentication in smart homes . |
networks carries data and signaling that contains many |
IT-Driven Network Architecture |
personal privacy information ( for instance , identity , |