The 5G era is brimming with new opportunities, opened up by enabling high throughput ultra-low latency and massive machine type communication use cases. As the networks transition from proprietary to software-centric based on open source and open architecture to meet these needs, new security risks are being introduced.
Almost ten years on from the launch of 4G, 5G will be the first cellular generation to launch in the era of global cybercrime. This cybercrime activity is heavily funded by organised crime and nation states. This is an era in which software that has contributed so much to driving the digital economy over the last ten years, is also routinely being weaponised to steal, expose, compromise or block access to data whether it is at rest or in motion.
So while telecom operators and enterprises certainly look to the 5G ecosystem of network equipment providers, cloud providers, vendors and systems integrators to help realise the opportunities of 5G, they also expect guidance from that same ecosystem around how to understand and mitigate any new risks that the 5G architecture may pose to their data security posture.
5 key components of a Trusted 5G Architecture
1. Core network: with the new Core Network, each network function no longer resides in its own isolated, secure hardware. Instead it now resides in software as a Virtual Network Function (VNF) or Cloud-native Network Function (CNF) running on shared virtualised infrastructure with other VNFs/CNFs and applications.
2. Multi-Access Edge Compute (MEC): brings application hosting from centralised data centres down to the network edge, to address low latency and bandwidth. These new services are expected to address a wide variety of verticals including healthcare, manufacturing, retail and media/entertainment.
3. Backhaul/fronthaul/mid-haul: is the part of the network that links the RAN components, the core network and the small subnetworks at the edge of the network. These now need to support high throughput and low-latency data transfer.
4. Subscriber Authentication and Privacy: with new capabilities such as network slicing, Mobile Network Operators need to provide high assurance subscriber authentication and 5G subscriber privacy (SUPI/SUCI) services.
5. Management layer: OSS / BSS: Operations Support System, covers Order Management, Network Inventory Management and Network Operations, while the Business Support System (BSS) primarily consists of Order Capture, Customer Relationship Management and Billing. These systems managing sensitive data are expected to evolve to support 5G networks.
Foundation of Digital Trust for 5G
When the 5 key components are left unprotected, the underlying infrastructure, sensitive operations and copious amounts of sensitive data processed are at risk. Thales security portfolio can help address these risks.