Several characteristics of 5G lend themselves to transformation of industries such as connected vehicles, manufacturing (smart factories), eHealth and construction.
5G connectivity will be the primary communication technology for connecting objects in the IoT environment and transmitting data over 5G networks for processing as well as remote data storage. One of the advantages is high sensor density for data gathering, which will allow factory floor, hospital or home digitization with an elevated user experience by means of increased visualisation and productivity, without the requirement for complex networking or legacy hardware.
However, 5G technology faces additional security threats, because there are more vectors through which adversaries can attack. As 5G will cater for increased bandwidth requirements as well as vast numbers of IoT connected devices, increased data security and privacy challenges become key components of an operator's brand. If data falls into the wrong hands, this could result in a catastrophic occurrence, for both environment and reputation.
Security mechanisms need to be in place that are reliant on Public Key Infrastructure (PKI) where a Certificate Authority (CA) issues certificates to each of the communication endpoints in order to mitigate spoofing of messages. This also enables transport protection of the communication (confidentiality, integrity, replay protection), to mitigate tampering, repudiation and information disclosure of messages, as well as securing communication when authorising any request, preventing an attacker from gaining illicit access.
Future proofing the communications infrastructure is vital for all major carriers in order to guarantee confidentiality between parties in the presence of a third-party eavesdropper.
Applications for Trusted Digital End-to-End Processes
5G Technology
With 5G networks being built on software based models, ensuring security from the infrastructure layer to the application layer is an essential factor for consideration. A scalable and customizable solution for subscriber authentication and key agreement in mobile networks becomes a necessity. 5G developments are enabling the delivery of different virtual networks on the top of a shared infrastructure much more easily. Each part of the network will be able to offer services with predefined specifications and service level agreements (SLAs).
5G Security
Utimaco provides a cyber-secure environment, protecting against physical attacks in compliance with 3GPP Technical Specification 33.501 “Security architecture and procedures for 5G System”. Utimaco’s HSM-protected 5G creates a secure operational environment, supporting all relevant 3G, 4G and 5G Subscriber Authentication and Key Agreement (AKA) protocols. Other security features include subscriber identity de-concealing function (SIDF), key generation according to AKA protocols and tailored & secured API
Public Key Infrastructure (PKI)
Security of 5G device-to-device communication requires a secure PKI-Infrastructure to manage encryption of mobile traffic, ensuring confidentiality, integrity, and authenticity of sensitive information. Encrypting data at rest and in transit guards it against theft or tampering, and guarantees that digital identity provides secure authentication of users, connected devices and applications to protect against fraud. A PKI solution also turns certificate management scalable to support the networking power of 5G, meeting growing IoT requirements.
Post Quantum Crypto Agility (Future Proofs and PQC)
At this time, no quantum computer can run quantum algorithms, however once they are able to, these computers will decimate the security infrastructure of the digital world. Telecommunication networks support millions of organisations and billions of individuals. Data in transit should be secured against both existing and emerging threats, such as quantum computing. With the growth of quantum technologies, traditional cryptographic techniques may be compromised due to their mathematical computation based construction. Post-quantum crypto-agility is a necessity for the telecommunications infrastructure to be able to evolve in the advent of a new generation of attacks and consequently evolving cryptographic standards and algorithms.
Cloud Service Architecture
Multi-factor authentication securely restricts access to the service infrastructure and reliably identifies the user. Hardware security modules (HSMs) generate, manage and store the secure cryptographic keys required for authenticating a user or device in a broader network.
Multi-cloud Key Management
Bring-your-own-key concept allows to securely and remotely generate & manage keys across the hybrid cloud and the complete life cycle, retaining full control over the data, and assuring data security and privacy at any time and at any location.
