5G security can be a double-edged sword if not carefully implemented. While it offers new security features like robust encryption algorithms and improved user authentication, it also presents challenges such as new attack vectors and a larger attack surface.
This article explores the growing complexities of securing 5G and edge connectivity for IoT devices, and introduces various strategies for addressing these challenges.
5G’s software-defined network (SDN) controllers are prime targets for attackers, who could manipulate network traffic flow to gain unauthorized access, compromise data, launch denial-of-service attacks, or disrupt network operations.
Network functions virtualization (NFV) components are also vulnerable, with potential weaknesses like weak passwords, insecure APIs, lack of network segmentation, and malware propagation risks due to virtualization.
5G networks, with their distributed nature and numerous edge nodes, provide multiple entry points for attacks, both from enterprise and telecom networks, thus expanding the attack surface (Figure 1).
5G technology security features
5G enables edge devices to process sensitive data locally, reducing the need for data transmission to centralized servers and enhancing security. Security features of 5G technology include:
- Advanced encryption algorithms like 256-bit cryptography for data protection.
- Authentication and Key Agreement protocol for verifying user, device, and network element identities.
- Integration of zero-trust security principles into the network.
- Network slicing for customized security control in different network segments.
5G network security structure
5G network security begins with mutual authentication between user equipment (UE) and base station (gNB), as depicted in Figure 2. Security in the serving or roaming networks relies on a layered approach. The central security anchor function offers the highest level of security through multiple authentication processes, starting with the universal subscriber identity module (USIM).
Figure 2. 5G network security employs multiple identification and authentication functions from UE to serving network, IP network, cloud, and home network. (Image: Verizon)
A new element, the security edge protection proxy (SEPP), was introduced in 5G to safeguard the home network. SEPP acts as a security gateway between serving and home networks through IP network and cloud, providing:
- Application layer security to prevent eavesdropping and attacks.
- End-to-end authentication and protection through signatures and encryption.
- Key management for setting cryptographic keys and secure negotiations.
- Validation of JSON objects for data storage and transport.
- Additional functions like message filtering, traffic control, network structure concealment, and sensitive information protection.
Summary
The complexity and distributed nature of 5G networks make them susceptible to cyber threats, enlarging the attack surface. Thankfully, 5G incorporates various technologies and security features to ensure robust protection. Thus, 5G serves as a secure and potent tool for connecting IoT edge devices.
References
Deciphering the evolving threat landscape: security in a 5G world, Ericsson
First principles for securing 5G, Verizon
How 5G is enabling resilient communication for the connected, intelligent edge Qualcomm
How 5G Technology Affects Cybersecurity: Looking to the Future, UpGuard
The Impact of 5G on Network Security and IoT, C Solutions IT
Related WTWH links
How Open RAN provides a secure wireless network
What to expect from 5G-Advanced
IoT devices in private 5G networks bring new verification tests
Wi-Fi 7 and 5G for FWA need testing
How can AI help maximize energy efficiency in 5G systems?
