Navigating security challenges of 5G

Presented at Cyber Intelligence Forum Indonesia

2021.08
 目录
Contents

5G Cyber Security 5G E2E Network

01 Challenges 02 Security Solution 03 Summary
3 Huawei Confidential
Emerging Technologies Drive Digital Growth While Bringing New
Challenges to Cyber Security and Privacy Protection

New technologies New opportunities New challenges

Cloudification enables resource sharing

The traditional boundaries for protection
and service platforms transform from
become increasingly blurred.
closed platforms to open platforms.

Cloud SDN/NFV AI AI and big data power the in-depth Data processing is more complex and the
mining of information. risk of data leaks is increasing.

Mobile networks and sensors help us The attack surface is larger and
achieve high-density interconnection. vulnerabilities are increasing.
5G IoT

Cyberattacks and Data fraud/theft are among the top 10 Global risks
Source: The World Economic Forum Global Risks Report 2020

4 Huawei Confidential
Key Security Challenges of 5G Networks

Business Network Technological

changes changes change

The 5G network expands the
vertical services of URLLC and
mMTC from eMBB. Higher security
requirements of the industry must
be met.
The SBA and slicing architecture provide
flexible service deployment capabilities,
and UPF downsink supports low-latency
services, but also makes the network
boundary complex and dynamic.
The introduction of new technologies,
such as virtualization and
cloudification, supports fast service
deployment, but also the core
network is layered and decoupled.

5G E2E network security topology

eMBB EMS SOC

Inter
net
mMTC
IoT
Built-in MEC SeGW Firewall
URLLC Firewall
5G RAN 5G Transport 5G Core V2X

5 Huawei Confidential
5G networks bear vertical industries, meeting higher security
requirements
5G Enables Thousands of Industries, and Cyber Security Key Industry Opinion: Security Is the Key Guarantee for
Issues Affect Production and Company Survival 5G Industry Applications
Service evolution:
1. Industry applications are carried over 5G networks, and enterprise
networks and carrier networks are converged.
2. Diversified vertical service applications and differentiated industry
requirements
Media live Intelligent Smart industry 3. The UPF is deployed at the edge to connect to the enterprise network
broadcast control to carry enterprise applications and meet low latency requirements.

Enterprise
5G base
station
MEC Applications and 5GC
Data

Smart Grid Smart Agriculture Smart healthcare

Security challenges:
1. 5G networks are part of enterprise network infrastructure and need to
be protected based on the industry requirements of the enterprise.
2. Different services in an enterprise have different requirements on
experience and security. Differentiated security capabilities are
required.
urban security Smart Intelligent
3. Ensure that enterprise data does not leave the campus network and
protection Education driving
ensure the security of enterprise applications and data.

6 Huawei Confidential
5G network software and deployment architecture change,
introducing new interfaces and boundaries
The new architecture of SBA and slicing needs to adapt to 5GC UP supports downsink deployment, and MEC
new security security capabilities need to be built

Site Local Regional

SBA architecture slice
UDM AUSF PCF
Slice # 1 5GC CP/UP
AMF SMF
AMF SMF
Slice # 2
N2 AUSF UDM UPF
N3
UE gNB UPF

Software Architecture Changes MEC

• 5GC internal modules are reconstructed as a service (SBA) to support
UPF
on-demand service deployment.
• 5G slicing enables fast service deployment and capacity expansion,
reducing costs. UPF deployment position change
• UPF supports downsink deployment (MEC) to support local traffic
Security Challenges
distribution and reduce service latency.
• 5GC NE identity authentication and message communication based on
SBA need to be protected. Security Challenges
• The boundaries between slices must be isolated to prevent attacks • The UPF runs from the central equipment room to the edge equipment
between slices. room or enterprise campus. Border protection needs to be enhanced.

7 Huawei Confidential
5G network introduces virtualization/cloudification technologies, and
core network NEs are decoupled by layer
Legacy NFV 1
Infrastructure resource sharing
• Traditional physical security boundaries are
3
broken: resource sharing, unauthorized
MANO resource preemption, application-layer
IMS EPC IMS EPC 5G NFVO data access, and image tampering, etc.

2 Adding a Virtualization Layer

S- • Common software at the IaaS layer. Open-
2 VNFM
source software may introduce industry
Virtualization layer
vulnerabilities, and open vulnerabilities are
more likely to be exploited for attacks.
1 Hardware Basics
VIM
3 Virtualized resource management MANO
• In virtual resource management, user
spoofing and high-risk operations cause
• Standalone hardware • Resource sharing
• Adding a virtualization layer resource abuse.
• Physical border isolation • If the orchestration process is attacked, the NE
• Adding a MANO
software package can be tampered with.

NFV is optional in 4G and mandatory in 5G.

8 Huawei Confidential
5G Network Threats Analysis
External Network
O&M Clients
4
eMBB Operator's Network PAM EMS
5GC FW
VPLMN
8 3
1
URLLC 6 Slices
SBA
5 SecGW
Switch/Router AMF UDM SMF
RAN
mMTC 7 NFVI 9 2 Internet
MEC UPF MEP APP1 APP2 APP3

Hardware + Cloud OS 9

External Threats Internal Threats

1 Air Itf Threats
• Theft/Tampering of
user data and
information
• Deny user Access due
to DDoS attack
• Fake base station
• Malicious interference
2 Internet Threats 3 Roaming Threats 4 External Access to 5 Transport 6 Slicing Threats 7 MEC Threats 8 5GC Threats
EMS Threats Threats
• Leakage or tampering • Leakage or • Unauthorized • Perimeter attack • Perimeter attack
of user data during tampering of data • Leakage of sensitive • Data O&M Access
• Attacking of MEC/ • DDoS attacks
transmission during transmission info during Eavesdropping
• Resource Abuse UPF by Malicious
transmission • SBA threats
• Denying data • Forgery transfer • Data Tampering among slices APP
services due to DDos carrier and rejection • Unauthorized
(Between • Data leakage
attack on internet. Service operations by 9 Cloudification Threats
5GC/MEC/gNB) among slices
unauthorized users
• Unauthorized access • NFV threats, e.g. resource abuse
to exposure APIs • Malicious operations
(NEF) by authorized users • Container threats • MANO threats

9 Huawei Confidential
 目录
Contents

5G E2E Network
01 5G Cyber Security
Challenges
02 Security Solution 03 Summary

10 Huawei Confidential
5G E2E Cyber Security: Layered Models Become Industry Consensus

Terminal Provider Vertical Industry Provider Industry Standards and

L3: Application Security (The carrier provides Methodologies:
(SP compliance, application security, service protection) capability)

IEC62443 IACS,
APPs ISO/IEC 27034

Operator
L2: Network Security + O&M security (The vendor provides
(Secure deployment, O&M security, network protection) capability)
NIST CSF,
NCSC CAF,
3GPP

Vendor
AAU
BBU
Router
ISO19600, NIST SSDF,
Base Station Core
NIST SP800-160, 3GPP,
L1: NE Security
(Standard Compliance, SDL security development lifecycle, NE protection) NESAS/SCAS

The 3-layer security model is widely accepted in telecom industry including 3GPP, 5GPPP etc.
5G security requires ”shared responsibility” among different stake holders.
11 Huawei Confidential
Build E2E cyber security solutions for 5G network scenarios

Enabling Industry
L3 Security
Terminal access security Data security Border security

support

O&M Cross-domain security

Operator SOC/PAM/IAM...
Security management

Northbound interface

Single-domain
User management Security alarms/logs Security configuration check Zero trust in O&M MANO security
management (EMS layer)

L2 Network Networking Security Three-plane isolation Secure transmission RAN Sharing Security Slicing security
Security

RAN Security 5GC Security MEC Security

Fake base station Border Anti-DDoS Interface Anti-malicious

detection security attack security app attacks
Anti-DDoS attacks
on air interfaces Virtualization security

NE Security System
Trusted environment Data security System security hardening
Security
L1
Standard 256-bit encryption User plane User privacy Flexible Unified Roaming
Security algorithm integrity protection protection Security Policy authentication security

12 Huawei Confidential
5G Enhances Network Security Capabilities Based on 4G
• The 4G network is based on a series of security solutions and has not been attacked in a large scale in the past 10 years.
• 5G reuses the 4G security architecture and further enhances security for some known risks.

5G
Unified
Stronger Better Stronger Flexible Enhanced
User authentication
cryptographic algorithm Air interface security User privacy protection Security Policy Roaming security
experience

256-bits encryption User Plane Integrity User privacy protection Subscriber-level Unified Roaming security
algorithm (after R18) Protection SUCI security policy authentication SEPP

LTE
e.g.
IPX hSEPP
L=256 vSEPP
5G CP
L=256
Wi-Fi
VPLMN HPLMN
L=128

4G
No Separate Plaintext
128 bits Plaintext Network-level
integrity protection for UP Different authentication for transmission of roaming
encryption transmission of IMSI security policy
different access subscriber data

13 Huawei Confidential
5G standard evolution: The network architecture is finalized in R15
and functions are continuously enhanced in later versions
2017 2018 2019 2020 2021 2022 -

Rel-15 Rel-16 Rel-17 Rel-18 - (TBD)

5G Basic Security Architecture and
eMBB Security Functions
• Integrity protection for air
interface user plane
• Subscriber-level security policies
(finer granularity)
• Enhanced air interface encryption
protection for user IDs
• SEPP Protection Inter-PLMN
Roaming Messages
• SBA Security
• Unified authentication
Vertical industry security enhancement
• URLLC security: dual-path transmission
security
• mMTC (cIoT) Security: Lightweight Small
Packet Transmission Security
• Slice security: Defines NSSAAF slice
authentication NEs and supports slice
secondary authentication.
• Non-public network (NPN) security:
EAP-based non-public network
authentication
Security authentication
• SCAS 1.0
Continuous evolution of security
functions
• Security Capability Exposure:
AKMA Authentication and Key
Management Based on 3GPP
Credentials
• Enhanced slice security: ID
broadcast privacy protection
• MEC security (Support for Edge
Computing in 5GC): interface
security, client authentication
and authorization
Secure authentication
• SCAS 2.0
Future-oriented security
evolution
• 256-bit key algorithm (anti-
quantum attack and higher
security)
• Fake base station (FBS)
detection
• Automatic 5GC virtual NE
certificate management
Security authentication
• SCAS Evolution

eMBB
eMBB URLLC, mMTC URLLC, mMTC (enhanced) Future-oriented evolution

• 5G SA security has been defined since R15 and is enhanced.

• More URLLC and mMTC scenarios are defined in R16 and R17.

14 Huawei Confidential
 Cyber Security is a Shared Global Challenge Requiring Standards and
Verification Based Approach, Multi-party Collaboration

Government NESAS/SCAS Scheme

Develop legislation and regulations, for Mobile Communications Industry
implement E2E supervision.
Standard Evaluation Equipment
& Spec. methodology test
specifications

Vertical Industry Standard Evaluation Evaluation

Define E2E Organizations Methodology Institutes Security

Evaluation
service Security Define Scheme
baseline, requirements Carrier + Regulators
Facilitate Threat Collaboration, & standard
Intelligence scheme
Shared Responsibility
Sharing
Launched jointly by GSMA and 3GPP, Provides a
security baseline for
ICT Suppliers Telecom Operators • Network equipment security requirements
Innovation, Develop Build and operate a • Vendor development and product lifecycle process
secure products with secure and
security process resilient network
NESAS: Network Equipment Security Assurance Scheme

15 Huawei Confidential
Nation 5G Security Standard System Proposal

Cyber security standards and certification system≈(Management +Technology ) Assessment System

National Cyber Security Strategy

Cyber Security Standard and Certification System National Cyber Security Governance Fundamental Principles

Critical Information Cyber Security and privacy Data security and privacy
Infrastructure Cyber Security clauses in related fields protection
Application Security Standards and Certification 1. End user: Mindset and culture 1. Public law 1. Data security, data protection,
(Vertical/Application Provider) 2. Criminal law
2. Service provider: Application and cross-border legal and
3. Civil Procedure Law
security
Network Security Standards and Certification 4. Business Law secure flow of data,
3. Network Operator: Operation
(Operator) 5. Banking Law
security, deployment security 2. Enterprise Information
6. Stock Exchange Act
4. Equipment vendor
Product Security Standards and Certification 7. Civil Code Protection: Legal Compliance
(Equipment Vendor) 5. 3rd party security certification 8. Payment method
3. Personal privacy protection
labs 9. Patent Law
10. Others 4. Others
Cyber Security Management
Standards and Certification system
6. Ecosystem partners
(Organizations such as enterprises and institutions)
National Cyber Security Management Standards system:
Cyber Security Governance Foundation Law
ISO/IEC 27000/1, ISO 28000,supply chain security standard and etc.
(Government) Indonesia Indeks KAMI
National Cyber Security Laws

16 Huawei Confidential
 目录
Contents

Company Overview

01 5G Cyber Security
Challenges
02 5G E2E Network
Security Solution
03 Summary

17 Huawei Confidential
Closing Thoughts: Threat Will Never Stop, We Never Stop

 For the past 30 years, Huawei has served more than 3 billion people, supported more than 1,500
carrier networks, and earned the trust of ten thousands of customers in over 170 countries

 Cybersecurity and user privacy protection are of utmost importance as top priority

 Huge investment in people and resources to manage risk effectively, steeped in standards and
best practices, separation of duties, and independent verification

 Both trust and distrust should be based on facts, not feelings. Facts must be verifiable, and
verification must be based on unified standards.

 5G security requires collaboration between equipment vendors, operators, and application

service providers to build a 5G security system.

18 Huawei Confidential
In the Digital Intelligent World, Business Success cannot go without Cyber Security, Trustworthiness and Privacy Protection

19 Huawei Confidential We Welcome All Stakeholders to Use the Transparency Centers to

Collaborate More Closely on Security Standards, Verification, and Innovation
Thank you. 把数字世界带入每个人、每个家庭、
每个组织，构建万物互联的智能世界。
Bring digital to every person, home, and
organization for a fully connected,
intelligent world.

Copyright©2018 Huawei Technologies Co., Ltd.

All Rights Reserved.

The information in this document may contain predictive

statements including, without limitation, statements regarding
the future financial and operating results, future product
portfolio, new technology, etc. There are a number of factors that
could cause actual results and developments to differ materially
from those expressed or implied in the predictive statements.
Therefore, such information is provided for reference purpose
only and constitutes neither an offer nor an acceptance. Huawei
may change the information at any time without notice.