5G Network Security Solutions

5G Security Solutions
from the Edge to the Core

A New Trust Model For
Securing 5G Networks

5G promises rich new business models for enterprises. However, these benefits come with risks to the confidentiality and integrity of sensitive data if security challenges are not addressed with a new trust model for the 5G era.

Download the White Paper

thrive background

How Thales Can Help

data in motion icon

Protecting point-to-point network links

Maximize 5G security without compromising performance
protect identity icon

Protect subscriber credentials & privacy

Secure subscriber privacy and authentication from the data center to the edge
data at rest icon

Protecting persistent data for Kubernetes deployment

Protect sensitive data across containers, on-premises, cloud, or hybrid storage

Thales 5G security solutions deliver end-to-end encryption and authentication to help organizations protect data across fronthaul, midhaul, and backhaul operations as data moves from users and IoT, to radio access, to the edge (including multi-user edge computing), and, finally, in the core network and data stores, including containers.

5g Security Challenges Diagram

5G Security Solutions for Protecting Point-to-Point Network Links

In the past, networks were mostly hardware-based. However, 5G enables a much broader array of connections, including:

  • Hardware communicating with virtual machines.
  • Virtual machines communicating with virtual machines.
  • Virtual machines communicating with containers.
  • Containers communicating with containers, and so on.

Thales data in motion security solutions enable Mobile Network Operators to overcome those obstacles by maximizing 5G security without compromising performance, with low latency, near-zero jitter, and high throughput.

Thales High Speed Encryptors are specifically designed to protect data in motion. They work in Open System Interconnection (OSI) layers 2, 3, and 4 and are three times faster and deliver much lower latency than IPSec. They can be deployed either as hardware or virtual appliances and are FIPS 140-2 level 3, Common Criteria, NATO, and UC APL certified. Our High Speed Encryptors also integrate with quantum security solutions, ensuring relevance for years to come.

Data in Motion Security Through a 5G Infrastructure

Today’s networks are an interconnected menagerie of diverse mediums. Copper, Fibre, WiFi, Satellite and LTE are just a few examples of the diverse paths that data packets can travel through on the way to their final destination. Beyond these wired and wireless links, there are a number of diverse transport protocols to contend with, each of which have layer-specific security solutions that can affect both connectivity and performance. For far too long, security of data in motion has been handcuffed to the massive overhead constraints of IPsec and stifled by network interoperability issues associated with MACsec.

5G Security Solutions to Protect Subscriber Credentials & Privacy

In the core network, 5G raises significant security challenges:

  • Subscriber authentication vector generation: Authentication-related keys could be compromised during the authentication process.
  • 5G subscriber privacy: Insecure subscription permanent identifier (SUPI) encryption key generation, storage, and use could compromise subscriber privacy.
  • Subscriber key provisioning: Authentication-related keys could be compromised during SIM personalization and provisioning.
  • 5G Kubernetes Secrets and Dockers containers: Containers running application such as open SSL with cryptographic keys and crypto operations that need to run within the secure boundaries of a FIPS 140-2 L3 hardware Secure Module (HSM).
  • PKI Root of Trust: It is paramount to execute all cryptographic functions within a secure environment to ensure both the integrity and the confidentiality of the keys used to encrypt and decrypt data and perform functions such as signing.

Thales solutions meet the performance, flexibility, and scalability needed to secure subscriber privacy and authentication from the data center to the edge. 5G Luna HSMs provide extra security to public key infrastructures (PKIs), including digital certificate management for cell towers. In addition, they perform the de-conceal function for SUPI and Subscriber Concealed Identifier (SUCI) mobile applications faster than any other HSM on the market.

Chen - Securing 5G

Ericsson and Thales Partner to offer a premium 5G Secure Authentication and Subscriber Privacy solution

Ericsson’s Authentication Security Module solution to broaden security for user privacy, based on a physical dedicated module for central management of authentication procedures in 5G Core networks powered by Thales 5G Luna Hardware Security Module (HSM).

Read About Authentication in 5G

5G Security Solutions for Protecting Persistent Data for Kubernetes Deployment

With 5G, different types of data will be processed at locations from edge to the network core. Securing 5G requires ensuring sensitive data security while also minimizing impact on time to market. Encryption combined crypto key management provide consistent protection for sensitive data across containers, on-premises, cloud, or hybrid storage.

CipherTrust Transparent Encryption provides consistent encryption of sensitive data across all network configurations and virtual network functions with granular access control. The solution can be deployed in a Kubernetes infrastructure allowing a containerized application to interact with existing persistent storage. This transparently protects the data. CipherTrust Manager centralizes cryptographic key management across multiple cloud vendors and hardware storage providers.

Benefits include:

  • Transparency: Solution offers encrypting data generated from containerized applications without any change to application business logic
  • Scalability: Solution supports deployments using existing Kubernetes orchestration tools to easily expand or shrink the deployments as per the application requirements
  • Control: Thales CipherTrust Manager centralizes cryptographic key management across multiple cloud vendors and hardware storage providers
  • Auditability: The solution supports access control and provides the capability to audit all file operation/access events to protected data. Users can monitor usage via SIEMs to better understand who is accessing the information.
Talk to a specialist about 5G security

Ericsson Extends 5G Core Authentication Solution with Thales Hardware Security Module

5G is changing the security landscape. The need for security increases to effectively address a growing number of new use cases, new devices, going well beyond consumer mobile broadband to industries and enterprises. The Ericsson Authentication Security Module integrates the Thales 5G Luna Hardware Security Module to enable communication service providers (CSPs) to provide premium security for markets and use cases that have more strict security requirements.

Read About 5G Authentication Methods with HSMs
Jabr 5G Blog

Watch our Webinar Series

Maximize Your 5G Security without Compromising Performance

 

Maximize Your 5G Security without Compromising Performance

 

Watch the Webinar

5G Data Security Challenges - How to embrace the new Telecoms Security Standards

 

5G Data Security Challenges - How to embrace the new Telecoms Security Standards

 

Watch the Webinar

 

Network Data Security Vulnerabilities: Cybersecurity Survey Reveals Weaknesses

 

Network Data Security Vulnerabilities: Cybersecurity Survey Reveals Weaknesses

 

Watch the Webinar

 

Accenture 5G security solutions powered by Thales Data Security Solutions

 

Accenture 5G security solutions powered by Thales Data Security Solutions

 

Watch the Webinar

 

Related Resources

Data in Motion Security Through a 5G Infrastructure

Today’s networks are an interconnected menagerie of diverse mediums. For far too long, security of data in motion has been handcuffed to the massive overhead constraints of IPsec and stifled by network interoperability issues associated with MACsec.

5G Data In Motion Security

The introduction of 5G networks within both physical and virtualized environments presents unparalleled challenges for securing data in motion. The security of separate and decentralized 5G interfaces require efficiency, timing, and unparalleled performance to meet end-user customer expectations.

5G Subscriber Privacy and Authentication HSM Protection

The complexity of the infrastructure; the distributed nature of the 5G networks; the astounding number of devices including the growth in the Internet of Things (IoT) add to this complexity. The use of open source platforms and multi-vendor networks; cloud; and the evolution from 3G and 4G networks all present challenges to ensuring the protection and authenticity of subscriber authentication and privacy.

Thales 5G Luna Network HSM

Secure your critical 5G networks and easily scale with Thales 5G Luna Network Hardware Security Modules (HSMs). The 5G Luna HSM offers high assurance key protection, and up to 6,070 transactions per second (tps) for Profile B Decrypt P-256, 1,660 tps for Profile A Decrypt 25519, to meet security, throughput, and scalability requirements for 5G.

Frequently Asked Questions

What is 5G and how does it work ?

5G is the next technology standard for cellular networks. Each service area is called a cell, and all the wireless devices are connected by radio waves through an antenna. 5G offers higher bandwith than previous cellular networks, and higher download speeds of up to 10 gigabits per second.

Does 5G have security?

5G security uses more encryption than previous generations of cellular networks. 5G also is more cloud and software based than previous generations thus allowing potential threats to be identified quicker.

What are the top 5G security challenges?

Some of the top challenges to securing 5G are:

  • More bandwidth and devices for hackers to breach
  • Virtualization along with network slicing could bring more risks if the different layers are insulated from each other
  • The need to automate the identification of and defense against all the new threats posed versus manually spotting hacking attempts

What company has a 5G security solution?

Thales offers mobile connectivity security solutions as well as data threat solutions for fronthaul, midhaul, and backhaul operations.

How does 5G improve security?

5G improves security with improved data encryption and stronger user authentication. 5G also offers better roaming encryption than 4G.