Securing 5G and Evolving Architectures
Securing 5G and Evolving Architectures
Nair, Pramod
Pearson Education (US)
01/2022
624
Mole
Inglês
9780137457939
15 a 20 dias
1000
Preface xvi
Acknowledgments xxi
About the Author xxii
Part I Evolution of Cellular Technologies to 5G, Security Enhancements, and Challenges
Chapter 1: Evolution from 4G to 5G 2
Mobile Network Evolution from 4G to 5G.. . . . . . . . . . . . . . . . . . 4
Key 5G Features in 3GPP Releases.. . . . . . . . . . . . . . . . . . . . 18
Key 5G Advanced Features.. . . . . . . . . . . . . . . . . . . . . . . 20
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Chapter 2: Deployment Modes in 5G 26
5G NSA and SA Deployments.. . . . . . . . . . . . . . . . . . . . . . 27
5G Time-Sensitive Networks.. . . . . . . . . . . . . . . . . . . . . . . 42
5G Local Area Network-Type Service.. . . . . . . . . . . . . . . . . . . 44
Private 5G/Non-Public Networks.. . . . . . . . . . . . . . . . . . . . . 46
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Chapter 3: Securing 5G Infrastructure 56
3GPP 5G Security Enhancements.. . . . . . . . . . . . . . . . . . . . . 57
Security Challenges in 5G. . . . . . . . . . . . . . . . . . . . . . . . 74
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Acronyms Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Part II Securing 5G Architectures, Deployment Modes, and Use Cases
Chapter 4: Securing RAN and Transport Deployments in 5G 82
5G RAN and Transport Threats. . . . . . . . . . . . . . . . . . . . . . 84
Securing 5G RAN and Transport.. . . . . . . . . . . . . . . . . . . . . 92
Real Scenario Case Study: Examples of Threat Surfaces and Their Mitigation. . 125
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
Chapter 5: Securing MEC Deployments in 5G 142
Service Provider Network-Based MEC.. . . . . . . . . . . . . . . . . . 144
Enterprise Network-Based MEC.. . . . . . . . . . . . . . . . . . . . . 145
MEC Deployment Models.. . . . . . . . . . . . . . . . . . . . . . . . 146
Threat Surfaces in 5G MEC Deployments.. . . . . . . . . . . . . . . . . 154
Securing 5G MEC.. . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Real Scenario Case Study: MEC Threats and Their Mitigation.. . . . . . . . . 217
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Chapter 6: Securing Virtualized 5G Core Deployments 234
A Brief Evolution of Virtualization in Telecommunications.. . . . . . . . . . . 235
Threats in Virtualized 5G Packet Core Deployments.. . . . . . . . . . . . . 240
Securing Virtualized 5G Packet Core Deployments.. . . . . . . . . . . . . 257
Real Scenario Case Study: Virtualized 5GC Threats and Mitigation.. . . . . . . 281
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Chapter 7: Securing Network Slice, SDN, and Orchestration in 5G 298
Network Slicing and Its Enablers-SDN and Orchestration. . . . . . . . . . 299
Threat Surfaces in 5G Network Slice, SDN, and Orchestration Deployments.. . . 309
Mitigation of Threats.. . . . . . . . . . . . . . . . . . . . . . . . . . 327
Real Scenario Case Study: Threats in the 5G Network Slice, SDN, and Orchestration Deployments and Their Mitigation. . . . . . . . . . . . . 355
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
Key Acronyms.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374
Chapter 8: Securing Massive IoT Deployments in 5G 376
Massive IoT-Based Threats in 5G.. . . . . . . . . . . . . . . . . . . . 380
Securing mIoT Deployments in 5G Networks.. . . . . . . . . . . . . . . . 391
Real Scenario Case Study: mIoT Threats and Their Mitigation.. . . . . . . . . 414
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Key Acronyms.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 420
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422
Chapter 9: Securing 5G Use Cases 424
Secure 5G Smart Factory and Manufacturing. . . . . . . . . . . . . . . . 425
Critical Infrastructure.. . . . . . . . . . . . . . . . . . . . . . . . . . 437
5G Vehicle-to-Everything (5G-V2X).. . . . . . . . . . . . . . . . . . . . 447
Standards and Associations.. . . . . . . . . . . . . . . . . . . . . . . 463
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465
Key Acronyms.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 465
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467
Part III End-to-End 5G Security Architecture and Prioritizing Security Investments
Chapter 10: Building Pragmatic End-to-End 5G Security Architecture 468
Foundations of 5G Security.. . . . . . . . . . . . . . . . . . . . . . . 470
Key Tenets of 5G Security Architecture.. . . . . . . . . . . . . . . . . . 472
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497
Acronyms Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 498
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501
Chapter 11: Prioritizing 5G Security Investments 502
Method of Prioritizing Security Controls.. . . . . . . . . . . . . . . . . . 505
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532
Acronyms Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 533
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534
Part IV Emerging Discussions
Chapter 12: 5G and Beyond 536
Adoption and Adaptability of 5G and Evolving Technologies.. . . . . . . . . 537
Convergence of Wi-Fi and Evolving Cellular Technologies.. . . . . . . . . . 539
Use of AI and ML in Securing 5G and Evolving Networks.. . . . . . . . . . . 543
Crypto Agility in 5G and Evolving Technologies.. . . . . . . . . . . . . . . 546
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548
Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550
9780137457939, TOC, 10/27/2021
Preface xvi
Acknowledgments xxi
About the Author xxii
Part I Evolution of Cellular Technologies to 5G, Security Enhancements, and Challenges
Chapter 1: Evolution from 4G to 5G 2
Mobile Network Evolution from 4G to 5G.. . . . . . . . . . . . . . . . . . 4
Key 5G Features in 3GPP Releases.. . . . . . . . . . . . . . . . . . . . 18
Key 5G Advanced Features.. . . . . . . . . . . . . . . . . . . . . . . 20
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Chapter 2: Deployment Modes in 5G 26
5G NSA and SA Deployments.. . . . . . . . . . . . . . . . . . . . . . 27
5G Time-Sensitive Networks.. . . . . . . . . . . . . . . . . . . . . . . 42
5G Local Area Network-Type Service.. . . . . . . . . . . . . . . . . . . 44
Private 5G/Non-Public Networks.. . . . . . . . . . . . . . . . . . . . . 46
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Chapter 3: Securing 5G Infrastructure 56
3GPP 5G Security Enhancements.. . . . . . . . . . . . . . . . . . . . . 57
Security Challenges in 5G. . . . . . . . . . . . . . . . . . . . . . . . 74
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Acronyms Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Part II Securing 5G Architectures, Deployment Modes, and Use Cases
Chapter 4: Securing RAN and Transport Deployments in 5G 82
5G RAN and Transport Threats. . . . . . . . . . . . . . . . . . . . . . 84
Securing 5G RAN and Transport.. . . . . . . . . . . . . . . . . . . . . 92
Real Scenario Case Study: Examples of Threat Surfaces and Their Mitigation. . 125
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
Chapter 5: Securing MEC Deployments in 5G 142
Service Provider Network-Based MEC.. . . . . . . . . . . . . . . . . . 144
Enterprise Network-Based MEC.. . . . . . . . . . . . . . . . . . . . . 145
MEC Deployment Models.. . . . . . . . . . . . . . . . . . . . . . . . 146
Threat Surfaces in 5G MEC Deployments.. . . . . . . . . . . . . . . . . 154
Securing 5G MEC.. . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Real Scenario Case Study: MEC Threats and Their Mitigation.. . . . . . . . . 217
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Chapter 6: Securing Virtualized 5G Core Deployments 234
A Brief Evolution of Virtualization in Telecommunications.. . . . . . . . . . . 235
Threats in Virtualized 5G Packet Core Deployments.. . . . . . . . . . . . . 240
Securing Virtualized 5G Packet Core Deployments.. . . . . . . . . . . . . 257
Real Scenario Case Study: Virtualized 5GC Threats and Mitigation.. . . . . . . 281
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Chapter 7: Securing Network Slice, SDN, and Orchestration in 5G 298
Network Slicing and Its Enablers-SDN and Orchestration. . . . . . . . . . 299
Threat Surfaces in 5G Network Slice, SDN, and Orchestration Deployments.. . . 309
Mitigation of Threats.. . . . . . . . . . . . . . . . . . . . . . . . . . 327
Real Scenario Case Study: Threats in the 5G Network Slice, SDN, and Orchestration Deployments and Their Mitigation. . . . . . . . . . . . . 355
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
Key Acronyms.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374
Chapter 8: Securing Massive IoT Deployments in 5G 376
Massive IoT-Based Threats in 5G.. . . . . . . . . . . . . . . . . . . . 380
Securing mIoT Deployments in 5G Networks.. . . . . . . . . . . . . . . . 391
Real Scenario Case Study: mIoT Threats and Their Mitigation.. . . . . . . . . 414
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Key Acronyms.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 420
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422
Chapter 9: Securing 5G Use Cases 424
Secure 5G Smart Factory and Manufacturing. . . . . . . . . . . . . . . . 425
Critical Infrastructure.. . . . . . . . . . . . . . . . . . . . . . . . . . 437
5G Vehicle-to-Everything (5G-V2X).. . . . . . . . . . . . . . . . . . . . 447
Standards and Associations.. . . . . . . . . . . . . . . . . . . . . . . 463
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465
Key Acronyms.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 465
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467
Part III End-to-End 5G Security Architecture and Prioritizing Security Investments
Chapter 10: Building Pragmatic End-to-End 5G Security Architecture 468
Foundations of 5G Security.. . . . . . . . . . . . . . . . . . . . . . . 470
Key Tenets of 5G Security Architecture.. . . . . . . . . . . . . . . . . . 472
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497
Acronyms Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 498
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501
Chapter 11: Prioritizing 5G Security Investments 502
Method of Prioritizing Security Controls.. . . . . . . . . . . . . . . . . . 505
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532
Acronyms Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 533
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534
Part IV Emerging Discussions
Chapter 12: 5G and Beyond 536
Adoption and Adaptability of 5G and Evolving Technologies.. . . . . . . . . 537
Convergence of Wi-Fi and Evolving Cellular Technologies.. . . . . . . . . . 539
Use of AI and ML in Securing 5G and Evolving Networks.. . . . . . . . . . . 543
Crypto Agility in 5G and Evolving Technologies.. . . . . . . . . . . . . . . 546
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548
Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548
References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550
9780137457939, TOC, 10/27/2021