Mitigating privacy and security threats under 5G technology is an ongoing effort.
Regulators are in a tough spot having to walk a fine line between protecting privacy, safeguarding national security, stimulating economic growth, and benefiting society as a whole.
To succeed with 5G transformation, industries need to gather competence, understand new threats and learn how to mitigate them.
It’s generally agreed that building the inherently secure 5G system requires a holistic effort, rather than focusing on individual parts in isolation. This is why several organizations such as the 3GPP, ETSI, and IETF have worked together to jointly develop the 5G system, each focusing on specific parts.
For example, 3GPP (the standards organization which develops protocols for mobile telephony) focuses on enhancing protection of subscriber privacy against false base stations known as IMSI catchers or Stingrays. Consequently it has become impractical for false base stations to identify and trace subscribers by using conventional attacks like passive eavesdropping or active probing of permanent and temporary identifiers.
Also, with the backing of 3GPP, 5G has been proactively designed to make it harder for attackers to identify a single subscriber by correlating protocol messages.
Additionally, the use of a service-based architecture (SBA) has pushed for protection at higher protocol layers as well as protection of the communication between core network entities at the internet protocol (IP) layer. This results in 5G core network functions supporting state of the art security protocols such as TLS 1.2 and 1.3 to protect the communication at the transport layer.
Overall, the improvement provided by 3GPP SA3 to the interconnect security consists of three building blocks:
- A new network function called security edge protection proxy (SEPP)
- Authentication between SEPPs is required
- A new application layer security solution on the N32 interface to provide protection of sensitive data
Want to know more about 5G cybersecurity? Tonex offers 5G Cybersecurity Bootcamp, a 4-day course that’s a combination of theoretical lectures and practical insight that helps participants gain in-depth knowledge about current and future state of 5G mobile technology, architecture, protocols and 5G cybersecurity.
Additionally, Tonex offers 20 more cutting edge 5G Wireless courses with titles like:
D2D Communications Training (2 days)
LTE Advanced Pro Training (3 days)
5G Wi-Fi Offload Training (2 Days)
5G and mmWave Antenna Engineering Training (3 days)
Mobile Broadband Transformation Training Bootcamp (4 days)
For more information, questions, comments, contact us