Implementing a network is a risky venture. One company might be eager to roll out 5G infrastructure. A user may jump at the opportunity to get a new 5G phone. When adopting new technology, one should not ignore the warning signs. It is important to know the depth of the water before you jump in. Unprepared people could face security threats from 5G wireless.
A New Network Architecture
4G is comprised of core and radio access networks. Those who are familiar with 4G will know this. The LTE core network is known as the Evolved Packaget Core (EPC), also known under System Architecture Evolution (SAE). The core includes the MME, SGW, P-GW and HSS. The e-UTRAN, which houses the eNodeBs (and the user equipment) on the radio side, holds the eNodeBs. These devices can be connected via various interfaces such as Uu (X2), S1, S11 and S5, S6 and S8.
5G is a further step in the evolution. Although the architecture is still divided into core and radio parts of the network, the focus has changed. As with all telecommunications, the evolution of the architecture has moved beyond hardware and connectivity to software applications. This is the essence of the name for the 5G core network: Service-Based Architecture.
All functions that were previously performed by physical devices in 4G can now be done by cloud-based microservices 5G. The radio side is still available, but it is now called the “gNodeB”. The 5G core is a significant step towards virtualizing infrastructure and allowing interoperability with existing 4G networks.
Learn how to become a security expert with SPOTO’s Cybersecurity Training
Start training for New Threat Surfaces
These changes present new challenges. In addition to the challenges of establishing and operating the new 5G infrastructure, 5G vendors have to be aware of a new range security threats. Virtualization can lead to the same vulnerabilities as any other software installation. Malware, data manipulation, privilege abuse — all the exploits hackers use to hack into online applications are likely plague 5G networks if they lack adequate security.
Multitenancy is another reality in the virtual world. Cloud users have access to resources that can be dynamically shared with other users. They may also be using the same physical devices as others, and may run their applications on the exact same software instance. It doesn’t matter if multitenancy is used for 5G users, it’s clear they will use the same Service-Based Architecture. 5G solutions will use network slicing. This is where specific customer use cases are served by a portion of a provider’s network. How can the provider keep these network slices separate from each other?
5G uses distributed networking in order to meet its users’ needs. This means that there are processes and threads that keep everything together despite the fact that they use a variety of resources. While we are trying to keep everything together in a new system, hackers and other bad guys will always be looking for cracks in the armor. It will not be easy.
5G Identity and Authentication
Any defense system must keep out intruders. To stop unwanted visitors, you must first know who is allowed in. For example, to gain access to a military base that is secure, you will need to show proof of authority. For some places that are extremely secure, such as data centers, you will need to provide biometric verification in order to verify your identity.
Authentication is required for virtual areas to be protected. There are currently three authentication methods available in the 5G network. 3GPP defines the Authentication and Key Agreement protocol (AKA). It uses a symmetric key that is shared by both the subscriber and a network home. EAP-AKA, a variant of AKA, is available. EAP-TLS leverages the trust relationship between UE and 5G network through the publi