Chapter 7
Security
First published: 08 March 2019
Summary
This chapter provides insights into the Fifth Generation (5G) security vision and architecture. It explains device and network domain security, Network Function Virtualization (NFV), Software Defined Networking (SDN) and network slicing security details.
References
- Nokia White Paper, “ Security challenges and opportunities for 5G mobile networks”, 2017, available at https://resources.nokia.com/asset/201049https://www.ngmn.org/5g-white-paper/5g-white-paper.html.
- Next Generation Mobile Network Alliance, “ 5G White Paper”, Version 1.0 Feb 17, 2015, available at https://www.ngmn.org/5g-white-paper/5g-white-paper.html.
- Next Generation Mobile Network Alliance, “ 5G Security Recommendations Package #1”, “5G Security Recommendations Package #2: Network Slicing”, “5G Security – Mobile Edge Computing/Low Latency/Consistent User Experience”, (available at https://www.ngmn.org/de/publications/technical.html).
- Forsberg, D., Horn, G., Moeller, W.D., and Niemi, V. (2013). LTE Security, 2e. Wiley.
- 3GPP TR 33.821: “ Rationale and track of security decisions in Long Term Evolved (LTE) RAN/3GPP System Architecture Evolution (SAE)”.
- 3GPP TS 22.261: “ Service requirements for the 5G system”.
- ETSI GS NFV 004: “ Network Functions Virtualization; Virtualization Requirements”.
- GS NFV-SEC 001: “ Network Functions Virtualization; NFV Security; Problem Statement”.
- GS NFV-SEC 003: “ Network Functions Virtualization; NFV Security; Security and Trust Guidance”.
- GS NFV-SEC 012: “ Network Functions Virtualization; Release 3; Security; System architecture specification for execution of sensitive NFV components”.
- ISO/IEC 11889-1:2015: “ Information technology – Trusted platform module library – Part 1: Architecture”.
- NIST SP 800-162: “ Guide to Attribute Based Access Control (ABAC) Definition and Considerations”.
- IETF RFC 5246: “ The Transport Layer Security (TLS) Protocol”.
- Open Networking Foundation TR 511: “ Principles and Practices for Securing Software-Defined Networks”.
- 3GPP TS 33.401: “ 3GPP System Architecture Evolution (SAE); Security architecture”.
- 3GPP TS 33.402: “ 3GPP System Architecture Evolution (SAE); Security aspects of non-3GPP accesses”.
- Nokia White Paper: “ Trusted NFV systems”, available at https://resources.ext.nokia.com/asset/201400.
- 3GPP TS 33.501: “ Security architecture and Procedures for 5G System”.
- 3GPP TR 33.899: “ Study on the security aspects of the next generation system”.
- IETF RFC 3748: “ Extensible Authentication Protocol (EAP)”.
- IETF RFC 5488: “ Improved Extensible Authentication Protocol Method for Third Generation Authentication and Key Agreement (EAP-AKA')”.
- IETF RFC 7296: “ Internet Key Exchange Protocol Version 2 (IKEv2)”.
- IETF RFC 4301: “ Security Architecture for the Internet Protocol”.
- IETF RFC 7540: “ Hypertext Transfer Protocol Version 2 (HTTP/2)”.
- IETF RFC 6733: “ Diameter Base Protocol”.
- IETF RFC 6749: “ OAuth2.0 Authorization Framework”.
- IETF RFC 4251: “ The Secure Shell (SSH) Protocol Architecture”.
- Schneider, P., Mannweiler, C., and Kerboef, S. (2018). Providing strong 5G mobile network slice isolation for highly sensitive third-party services. In: Proceedings of the IEEE WCNC. ISBN: 978-1-5386-4068-5.
- Nokia, “ Building Secure Telco Clouds”, 2014, available at https://resources.nokia.com/asset/200289.
