When 5G powers security
- By Gerald Reddig
- May 14, 2020
Currently, we reside in a society that depends on networks. However, it is about to become one that runs on networks, thanks to the 5G revolution. 5G will combine with other key disruptors such as artificial intelligence, the cloud, machine learning and robotics, to transform even the most tangible social activities into digitally enabled ones. There will hardly be a single critical infrastructure, industrial segment or public service that won’t run via 5G.
That said, anyone who works in security acknowledges that it’s hard not to get butterflies when they read those words. If the 5G network security is compromised, the consequences can prove endless. Moreover, the more indispensable 5G networks become, the bigger the prize awaiting hackers and hostile foreign and domestic agents. This explains why governments are extremely cautious about how they choose to deploy 5G. Every aspect of government operations, including essential services and national defense, are potentially vulnerable if 5G security fails.
Laying the groundwork for a security architecture
While at first glance, keeping all the networking eggs in the 5G basket may seem imprudent, it offers an advantage over previous networks -- ubiquity. Given everything will be on 5G, nothing will escape notice. For example, current IP networks are not designed to know much beyond the next router or peering point, giving hackers opportunities to marshal captured botnets while remaining unobserved and undetected. That leaves security systems in reaction mode and overwhelmed when struck by such a cyberattack.
5G networks are built around technologies such as machine learning, big data, internet of things and AI; they have the potential to create a global sensor that can identify multi-dimensional attack vectors and instantly spot discrepancies. This kind of intelligence is necessary to accommodate the multiple performance parameters and use cases 5G networks will be required to meet. It also equips them with the resources and intelligence to sense attacks and defend themselves when necessary.
5G’s security architecture has four layers:
- At its base level, security must be implemented for both the cloud infrastructure and service network. Multilayer, defense-in-depth security with protection mechanisms and robust encryption must be present.
- Moving up the stack, the entire infrastructure, including hardware, software, devices and virtual machines, must be "trusted." Automated security management and orchestration must also allow frictionless security across all these dynamically altering elements.
- At the third level, all sensitive data must be secure, providing access control, compliance and privacy.
- Finally, security-related intelligence has to be shared across all aspects of the network to assist with identifying abnormal behavior and traffic while proactively addressing it.
Building cohesive end-to-end security for 5G government and defense networks must include all these layers and capabilities. Additionally, security labs play a crucial role in rigorously and continuously testing whether critical security needs are met.
Armed with the intelligence and sensing capabilities of 5G, next-generation security teams will be tasked with limiting how and where hackers can attack services and networks and determining which threats are valid and which can be disregarded. Fortunately, AI and machine learning tools can help governments identify problems and accelerate mitigation, ensuring their vital 5G-enabled operations are protected from dangerous cybercriminals.
Gerald Reddig is global product marketing director for security, network management and SON at Nokia, and is based in Berlin, Germany.