This is first part of the article based on several talks I have given on 5G security since last year. In this part I present my views about 5G. On purpose I have avoided discussion on various activities regarding 5G around the globe (3GPP, ITU etc.).
5G is expected to bring several changes in mobile communications system but watch that these changes are not something that will happen couple of years down the road instead they are already happening. First flavor of 5G is expected to be available in 2018 with the complete solution available in the market by 2020. With digitization on its way to touch every part of life, Internet of Things (IOT) will be integral part of 5G from the very beginning; this is unlike 4G where IOT came later.
In the following we will go through some of the key changes 5G is expected to bring. In the next article I will discuss security aspects.
As we move ahead, virtualization technology (network function virtualization or NFV) and software defined network (SDN) for mobile core networks will become mature and actually bring down the cost while achieving the quality requirement. This will lead to the network (core network) being increasingly built of off-the-shelf hardware and open source software, virtualization will become common and cloud based mobile network will become available. It is expected that the network should accommodate multiple radio technologies.
Changes mentioned above (virtualization and cloud) will allow networks to be launched for a specific service, a concept now being termed as network slicing or just slicing - this is what I call as vertical network that fulfill specific requirements in contrast to horizontal networks today that cater for all services. Virtualization and cloud also means that the network will become more open and accessible that will lead to network border going deeper in the network, i.e. instead of network elements as end-point a software module in the server farm will be the end-point and this end-point can migrate to different locations.
Radio Access Technology
Radio access technology will see several improvements with data-rates available from few bits going up to several gigabits, delays going down to micro- if not nano-seconds (compare it with millisecond range in today’s system). Radio access network will also become partially virtualized and cloud based.
Spectrum used for 5G will be different, there have been discussions of higher GHz bands, and thus the radio characteristics will be very different as well. The spectrum will have implications on coverage and behavior of radio access technology.
With the arrival of 5G, we should also expect wider usage of cognitive radio in mobile networks and aggregation with unlicensed band as well as usage of unlicensed band technologies.
Given the variety of scenarios and technologies expected to come in use for 5G, it is worth questioning whether the security credentials should stay the same as today and whether there will be change in technology for storage of credentials. Change in security credentials could have implications on authentication and other security mechanisms.
Storage of security credentials can be seen from both network and device side. From the network side the storage is in terms of location, whether the security credentials are stored at the mobile network domain or at partner domain. Implication is the change in authentication end-point and transfer of session related security credentials to appropriate network functions after completion of authentication.
With regard to security credential storage in devices one can consider three different forms of storage (1) secure hardware environment as we have today in the form of UICC that is commonly known as SIM card, (2) embedded secure hardware environment, e.g. a UICC or similar device is implemented in a modem, this brings us to something like embedded SIM and (3) some form of software.
End devices will see huge transformation together with technology enhancements that we are seeing around us. Already with the arrival of 4G we have seen increased usage of smartphone and over the top (OTT) services. As we move towards 5G we will see increased number of smart “devices” as well as a whole variety of IOT devices associated to a plethora of services, there will be wearables in common use and also virtual or augmented reality (VR or AR) type devices commonly available. Open source devices are available since a while now; we should expect increased usage of such devices as we move towards 5G.
With 5G we should expect mobile devices (all types like smart devices, IOT, VR, AR) to be reachable over Internet Protocol (IP) addresses, i.e. they will be directly connected to the Internet. On the other end of the spectrum there will be devices requiring long battery life (say 10 years) that are expected to work at very low data rates.
Services for VR, AR, IOT, smart devices and many more will appear as 5G will provision a platform that can fulfill variety of requirements. These services will be provisioned by the mobile operator or by a third party with or without business relation with the mobile operator.
Over the top (OTT) services are already there that have the potential of leading to potential cyber-attacks through malware, phishing etc. Sponsored data should be a source of revenue for mobile operators but misuse here leads to operator making financial loss.
We are already seeing change in business model of mobile operators. One such change is in the form of APIs being made available for third parties to launch services over the mobile network.
With 5G in picture we will also see operators getting in partnership with other companies to provision the services. This would mean that the partners would own the subscribers while the operator would be responsible for correct usage of the licensed spectrum.
5G will have much deeper penetration in the society than any of the technologies to-date. This equates to technology being used by savvy users like millennials and also Information and Communication Technology (ICT) illiterates who will leap-frog directly to the new technology. Thus the technology will go to the deepest part of life; not just human beings but animals (e.g. for vital information) and plants (e.g. for watering) will also get connected with IOT.
Photo Credit sayasatria