The secret to 5G security? Turn the network into a sensor

Issue 1 2020 Integrated Solutions

Intelligent, ‘human-critical’ networks built on 5G technology stand to make every aspect of our lives smarter, safer and more sustainable. They will combine high data rate, instantaneous communications with low-latency network performance and massive connectivity, enabling new applications for everything from eHealth and autonomous vehicles to smart cities, smart homes and the Internet of Things (IoT).

The more we depend on networks, the more we need to make sure they’re protected. The next generation of networks will have to be more secure than any that has come before. Instead of being applied ‘to’ network services after the fact, security will need to be ‘built in’ from the start – with the entire network acting as one giant, unified sensor to keep infrastructure and services safe.

Security must keep up with network services

With 5G, there will be more networks doing more complex things and delivering more kinds of services than we’re used to. ‘Slicing’ will become the norm: virtualisation that allows network resources to be shared with third parties, with guaranteed quality of service (QoS) and isolation. Having end-to-end slices that terminate in private networks will increase the attack surface service providers need to protect: beyond securing the network as a whole, they will have to protect every individual slice, each with its own distinct requirements.

Another change that will require providers to fundamentally shift how they think about security is the nature of the services themselves. Today’s network services tend not to change once they’ve been designed, and they operate more or less in isolation from each other. They’re static and siloed. But slice-based 5G network services will be incredibly dynamic, responding to evolving conditions in real time.

For example, imagine a remote worksite with autonomous vehicles transporting people or materials from place to place. To keep passengers safe, those vehicles need to be able to respond very quickly to shifting conditions – whether that’s avoiding a herd of animals on the road or adjusting for weather-related hazards like flooding or black ice. Some of this will happen inside the vehicle and some of it will happen in the network. Vehicles’ onboard sensors and processors will combine with the network and control mechanisms in a single, end-to-end ecosystem. Security has to extend across this entire ecosystem and be as flexible and adaptive as the services it’s protecting.

5G security requires visibility from the device level through the network and into the cloud, covering a wide range of parameters.

Henrique Vale.

Analytics and automation are vital

What does flexible, adaptive, end-to-end security look like in a 5G scenario, and how can service providers build it in from the start?

The first prerequisite is visibility from the device up through the network and into the cloud. Without the ability to collect, correlate and analyse data from end to end, security threats could easily be missed. In a way, with 5G the entire network becomes a sensor (or, really, a series of sensors), drawing data from various systems and devices to provide a complete, comprehensive, real-time view for maximum security.

5G security operations also need to be predictive and automated. That means using machine learning, multidimensional analytics and threat intelligence to correlate data from multiple domains and sources, catch anomalies, provide contextual intelligence about threats, weigh business risks and recommend (or enact) mitigation steps.

Analytics are important because many threats are designed to stay undetected for as long as possible, under the radar of the network security operation centre or hiding in the information noise of minor, relatively harmless attacks. Machine learning and artificial intelligence (AI) can discover these kinds of ‘lurking’ malicious activities and trigger countermeasures.

Embedding security in the network

While firewalls and other defences will still be important to help stop hackers before they access the network, attacks will inevitably get through. This is especially true in 5G because the network will not have conventional boundaries: it will be an open ecosystem in which all kinds of unmanaged third-party devices are connected.

Strong security should be provided within the network to protect data and infrastructure. Integrated security workflow automation and orchestration are key to this, transitioning from static defences to agile, adaptive, accurate threat responses.

Ultimately, these security capabilities add up to a set of required applications: active monitoring and workflow orchestration, privileged access management and analytics of user behaviour, certification and management of digital identities of network entities, machine learning of traffic patterns for threat detection, automated incident responses, and more.

Designing for security

Service providers want to engage the market and monetise the investments they’re making in their networks to deliver on the new 5G use cases. As they do, they will need end-to-end security performance – at scale, from the edge to the core – to defend against advanced, persistent threats. The new 5G security approach integrates and automates 5G network security by treating the entire network as a sensor. Data taken from existing systems is used to give a much greater level of information. For that, security must be provided at four key layers.

At the base level, security must be in place for both the service network and the cloud infrastructure. Moving up the stack, the entire infrastructure – spanning software, virtual machines, hardware and devices – also needs to be ‘trustable’. Automated security management and orchestration provide frictionless security across all these dynamically changing elements, and all sensitive data must be secure, providing access control, privacy and regulatory compliance.

Finally, to proactively detect and respond to security threats, security-related intelligence must be shared across all the parts of the network, among suppliers, partners and customers.

At Nokia, we’re working with standardisation bodies, partners and customers to build integrated 5G end-to-end security that applies across all the layers of the network. We also have an advanced security testing and verification laboratory to address the critical security needs of end-to-end networks.

The job of security teams in the 5G era will be to limit how and where hackers can attack networks and services. They’ll also need to be more accurate in determining which threats are real and which can be ignored, and speed up mitigation when a defensive response is needed. We’re committed to providing to provide a robust 5G infrastructure that is resilient for these new apps and services.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Building a nervous system for smart cities
Issue 1 2020, Pinnacle Instruments SA , Integrated Solutions
Build a central nervous system for smart cities, by employing real-time situation reporting and analysis that unites the powers of cloud computing, AI, IoT and big data.

The move to services and RMR
Issue 1 2020, Merchant West, G4S South Africa, Technews Publishing , Integrated Solutions
Project work used to be the staple diet for system integrators, but that was before the services model changed the way businesses buy and use their security systems.

Global security industry adopts servistisation models
Issue 1 2020 , Integrated Solutions
New as-a-service business models are gaining traction because they reduce capital expenditure and cost of ownership, finds Frost & Sullivan.

Looking ahead with mobile access technologies
Access & Identity Management Handbook 2020, Technews Publishing, HID Global, dormakaba South Africa, Salto Systems Africa, Suprema, Gallagher , Access Control & Identity Management, Integrated Solutions
Given the broad use of smartphones around the world and the numerous technologies packed into these devices, it was only a matter of time before the access control industry developed technology that would ...

Scalable access solution
Access & Identity Management Handbook 2020 , Access Control & Identity Management, Integrated Solutions
Bosch Building Technologies makes access management simple, scalable and always available with Access Management System 2.0.

Securing perimeters of secure locations
November 2019, Axis Communications SA, Modular Communications, Hikvision South Africa, Nemtek Electric Fencing Products, Technews Publishing, Stafix , Government and Parastatal (Industry), Perimeter Security, Alarms & Intruder Detection, Integrated Solutions
Hi-Tech Security Solutions asked a number of companies offering perimeter security solutions for their insights into protecting the boundaries of national key points.

The safe city and its need for interoperability
November 2019 , Integrated Solutions, CCTV, Surveillance & Remote Monitoring
Interoperability continues to present one of the greatest challenges, particularly with video management systems, video recording devices and cameras.

Analytics-driven solutions for smart infrastructure
November 2019, Bosch Building Technologies , Integrated Solutions
Video analytics technology can bring intelligence to infrastructure by delivering solutions for traffic flow, improved safety, smart parking, and data collection.

A platform approach to innovation and value
CCTV Handbook 2019, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, IT infrastructure
Moving to the platform model of doing business holds tremendous advantages for end users and smaller developers, but also for the whole technology supply chain.

Open does not always mean easy integration
CCTV Handbook 2019, Veracitech, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Customers who opt for best-of-breed solutions will have to rely on their integrators to develop customised integrated solutions for them.