Tackling Security Challenges in 5G Networks
Today, 5G mobile networks are being deployed rapidly around the globe. According to GSMA Mobile Economy 2021, 5G mobile connections in North America accounted for 3 percent of all mobile connections in 2020, but that number is expected to climb to 51 percent by 2025.
On top of the accelerated deployment of public 5G networks, private 5G networks based on unlicensed spectrum and open 5G solutions supporting open interfaces and interoperability are also emerging. It’s anticipated that 5G networks—both public and private—will become predominant in the near future.
From a security perspective, 5G networks introduce both new security enhancements and new security challenges. Particularly, the move of 5G core networks to service-based and virtualized architectures will create new security challenges. How to securely deploy 5G networks to protect both subscribers and 5G network infrastructure is of top concern to both executives and practitioners using and managing 5G technologies.
Filling the Gap in 5G Security Standards
The good news is that the National Cybersecurity Center of Excellence (NCCoE), part of the National Institute of Standards and Technology (NIST), is developing 5G cybersecurity guidance to help organizations effectively mitigate 5G-related security risks. In particular, the NCCoE seeks to address the gap in current 5G cybersecurity standards development, which primarily focuses on the security of the interfaces between 5G components. These standards don’t specify the cybersecurity protections for the underlying IT components that support and operate the 5G system.
CableLabs, along with our fellow collaborators, worked with the NCCoE on developing a 5G cybersecurity practice guide and a secure 5G reference architecture to mitigate 5G cybersecurity risks. We considered both 5G standards-based security features and a secure cloud-based hosting IT infrastructure.
The guide provides recommendations related to implementing a secure cloud environment for hosting 5G core networks—for example, by leveraging server hardware root of trust to enable remote attestation of the trustworthiness of cloud computing platforms. To date, 3GPP SA3 has yet to complete its study of security impacts resulting from the virtualization of the 5G core. Therefore, the NCCoE’s guidance and recommendations for securing the 5G cloud platform will help fill the gap in current 5G security standards and help inform 3GPP’s work in this area.