Security and privacy challenges for next generation 5G technologies

5G security design will have to be all-encompassing in order to provide enough protection for the ‘everything-connected’ world. Its systems are going to be service-oriented, implying the need for a special emphasis on security and privacy from the angle of services as Huawei’s new White Paper, 5G Security: Forward Thinking, explains.

The thing about 5G is that it will not be confined to individual customers, as with 2G, 3G and 4G. It is not simply about having a faster mobile network or richer functions in smartphones.

5G will also serve vertical industries, from which a great diversity of new services will stem.

As vertical industries are thriving - the Internet of Things (IoT), connected vehicles, augmented and virtual reality, to name but a few - they will all demand fast, ubiquitous network access.

The rise of new business, new architecture and new technologies through 5G will present significant challenges for security and privacy protection.

In the context of vertical industries, security demands could vary greatly among services. For instance, mobile IoT devices only require lightweight security, while high-speed mobile services demand highly-efficient mobile security.

The network-based “hop-by-hop” security approach, used today to secure the path between communicating parties, may not be efficient enough to build differentiated end-to-end (E2E) security for various services.

As IoT gains momentum, more people will be able to remotely operate or "talk" to networked devices, for instance in instructing facilities in smart homes. There is a need, therefore, for a more stringent authentication method, e.g. biometrics, to prevent unauthorised access to IoT devices.

Security and privacy for such a vast, global system as 5G cannot be properly built on top of other parts of the system design. Instead, security and privacy features must be built into the system design right from the start.

Security and privacy requirements are often seen as obstacles or burdens in the system design, but ignoring them in the beginning is not cost-efficient in the long run. Adding features afterwards is less effective and is often more costly.

Dialogue between the security and privacy communities, and all other parties who contribute to 5G technologies, can begin to solve all these issues.

The time is right to take the security of 5G infrastructures into consideration, as “virtual” new technologies, such as Software Defined Networking (SDN) and Network Functions Virtualisation (NFV), take over. For this, 5G security design will have to consider issues of how to isolate, deploy and manage virtual network “slices” securely.

Another consideration for security designers is building security architecture suitable for different access technologies. IoT devices have many choices in the way they access networks. For instance, they may connect to networks directly, or via a gateway, or in Device-to-Device (D2D) or relay fashion.

Networks will also have to be able to sense what type of service a user is using, but sensing the service type may involve user privacy. Add all this together and privacy protection in 5G is also more challenging.

The basic questions revolving around 5G security at the moment can be summarised as follows:

• 1. 

  Whether 5G security and privacy solutions will cover the service layer in addition to the access layer;

• 2. 

  Whether to extend the role of end-to-end protection mechanisms from those of previous generations, and;

• 3. 

  Whether to aim for extended protection of identity and location privacy against active attackers.

Whatever the answers, there will be a fast-growing need for secure infrastructure, including stringent identity management and data protection, as well as a vast array of system-level protections in place to defend against distributed denial of service (DDoS) and other attacks.

For its part, Huawei is perfectly positioned to provide its clients with wide-ranging solutions to protect every aspect of their businesses as 5G comes on line at the end of this decade.

5G Security: Forward Thinking - Huawei White Paper