Know about 5G Network Security| DROP Organization

Posted by on

 

Beginning of a New Era

Continuous advancements and evolution in mobile telecommunication networks has paved the for a digital transformation. This has resulted in disrupting industries of every type and forced to rethink about the traditional ways of working. Value chains are becoming value networks, where one-to-one relations between suppliers, vendors, operators and end users are being reintroduced as ecosystems of partners and co-creators.

If we look as a general perspective, 5G is inherently different from any of the previous mobile generations. The significant strategic difference and unique selling point of 5G in the long run is its machine-type communication. The 5G networks will drastically serve as critical infrastructures to elevate the digitalization, automation, and connectivity to machines, robots and transport solutions, etc. This carries a significant value at stake and a potential tolerance for risk, thus, marks the beginning of a new era of network security.

Security in Telecom Networks

What is a Telecom Network?

The telecom network is a mechanism that transfers voice and data across the globe with high quality and consistency. User devices such as mobile phones can stay connected irrespective of time and location, This has become possible because of the standardized signaling systems and interfaces. 

How does Telecom Network work?

There are four main logical network parts of a mobile telecommunication networks namely- radio access network, core network, transport network, and interconnect network. Each part of the network consists of three so-called planes, which are responsible for carrying a different type of traffic. This comprises of the control plane which carries the signaling traffic, the user plane with carries the payload traffic, and the management plane which carries the management traffic. 

In sight of network security, all the three planes can be vulnerable to different types of threats. The core network functions and management systems are essential asses in a mobile network. The compromise of the core network or management systems, affects the confidentiality, availability and integrity of the entire mobile network services. 

On the other hand, radio access network is too a critical asset, as it manages user data and may be placed in critical locations. In the initial stage of edge computing, many core network functions are expected to deploy closer to the access sites, which makes the access, a difficult one.

Data is another most important assets in mobile networks, among which subscriber data is the most critical one in this industry. Subscriber data comprises of communication data (voice, text, and data sessions) as well as subscriber related information, such as identities, locations, subscription profile and connection metadata (call data records or signaling traces). This data needs to be protected at storage and at transport, to protect subscriber privacy.

All data which seems to be critical, need protection over its entire lifecycle, including secure deletion. For that purpose, it is essential to enforce secure handling of encryption keys and use of cryptographic algorithms and protocols of definite strength. The protection should include file system protection, encryption, integrity protection and strict access control. Together with this, additional controls are required for data-in-transit such as traffic analysis to detect passing data to unexpected communication endpoints transport layer encryption.

Key Security Considerations

The following layers defines the telecommunication network security that determine the network security experience of end users. 

  • Network Operation- The operational processes which permit the networks to function and deliver targeted levels of security are highly dependent on the deployment and operations of the network itself.
  • Network Deployment- At this phase, the networks are configured for a targeted security level. This acts as a key to setting security parameter, along with strengthening the security and resilience of the network.
  • Vendor Product Development- Network vendors design, develop and execute the agreed standards for functional network elements and systems. This play an important role in making the end network product both functional and secure.
  • Telecommunication Standardization- At this phase, the operators, vendors and other stakeholders set standards for how networks around the globe will function together. It includes how best we protect networks and users against threat actors.

General Threats of Telecom Network

It is well-observed that the number of cyber security threats across the globe and in different industries has increased in recent years. Same goes with the telecommunication industry, which is facing an increasing number of attacks and attempts of attack, impacting the integrity, availability and confidentiality of the infrastructure. 
These attacks are enables by trivial security errors such as improper hardening, configuration and usage of deprecated, vulnerable software versions. In the contrary, telecom  networks include components of bespoke specialized equipment and can only be targeted by malware which can be anything but trivial. Several types of malware and attack toolkits are sold as-service, complemented with options like trial periods, 24/7 user support, dedicated discussion forums and multi-language documentation. Because of this development, there has been a drastic increase in the frequency of cyber security attacks, that has low-risk and high-pay-off. With the digitalization of industries and public services, the increased value of attack targets has also been aggravated by increased severity of impact that a cyber security attack can lead to.

Security Architecture in 5G


The 3GPP standardization section focused on security mechanisms in scope for 3GPP, that can be the functional elements and interfaces. The additional security considerations related to deployment scenarios of 5G system:
System-wide security (Horizontal security)
  • Network level
  • Slicing
  • Application level security
  • Confidentiality and integrity protection 
  • Interconnect (SBA)
5G function element deployments (Vertical security)
  • NFVi (virtualized or cloud native)
  • Appliance based functions
  • Distributed clouds and edge computing

Evolution toward 5G and Key Technology Trends

The 5G network system may only appear as a faster and more versatile radio technology, but it is more than that. 5G is the first generation that was designed with virtualization and cloud-based technology in mind. The 5G system is not static for any specific access type or radio technology. For example, new services provided by the 5G core network are also available through 4G radio, Wi-Fi or fixed access depending on the network configuration. The focus in telecom networks was shifted from circuit switched telephony services to packet switched networks and mobile broadband, with the evolution towards the 5G system. 

Increased use of cloud-based technologies, software execution can now be disconnected from specific physical hardware like removing the need for boxed, e.g. hardware dependent functions. This is possible because of Software Defined Networking (SDN) and Network Function Virtualization (NFV). SDN provides flexibility to configure the routing paths between dynamically configured virtualized network functions.

The emergence of AI and increasingly powerful computers, with a blend of cloud technologies, will become a key driver of automation technologies. Hence, the dominant tendency in these technology trends will result in telecom networks becoming more and more software driven. Distributed cloud computing makes it possible to create partitioning for better resilience and latency.
Want to start your learning journey on Cyber Security and Ethical Hacking field?




Comments

Post a Comment