Trust Modelling in 5G mobile networks
Trust Modelling in 5G mobile networks
5G technologies will change the business landscape for mobile network operation. The use of virtualization through SDN, NFV and Cloud computing offer significant savings of CAPEX and OPEX, but they also allow new stakeholders to rent infrastructure capacity and operate mobile networks, including specialized networks supporting so-called vertical applications serving specific business sectors. In the resulting diverse stakeholder communities, the old trust assumptions between network operators will no longer apply. There is a pressing need for a far broader understanding of trust in such networks if they are to operate safely and securely for the engaged stakeholder communities. This paper describes work carried out in the 5G-ENSURE project to address this need. The starting point is the recognition that trust is a response to risk, and in a mobile network trust assumptions have to be made regarding the contributions made by each stakeholder to manage risks to themselves and to other stakeholders. To analyse trust therefore requires a consistent and reproducible catalogue of threats that pose risks to the network, and this was produced using Trust Builder, an automated threat modelling tool developed in the project. Trust Builder extends earlier work on automated threat identification to support the extraction of stakeholder dependencies and enumeration of their responsibilities to each other. This paper describes application of this tool to a simplified 5G network architecture which illustrates the main findings from work done in the project analyzing 31 use case scenarios devised by 5G-ENSURE project partners. These include key changes in trust assumptions between 5G and previous generation mobile networks, and the need for more security measures at critical points in the network.
Telecommunications Networks, 5G, Security, Trust
14-19
Association for Computing Machinery
Surridge, Mike
3bd360fa-1962-4992-bb16-12fc4dd7d9a9
Correndo, Gianluca
fea0843a-6d4a-4136-8784-0d023fcde3e2
Meacham, Ken
3d0e5c6b-8a98-4f2f-be51-aef0dad61fa5
Papay, Juri
21652b35-de29-439c-b343-cb3437ef2f9e
Phillips, Stephen
47610c30-a543-4bac-a96a-bc1fce564a59
Wiegand, Stefanie
310e7755-e32b-445d-bc51-902c1f0231f7
Wilkinson, Toby
57370d64-63d8-437d-a044-f0edb241911f
2018
Surridge, Mike
3bd360fa-1962-4992-bb16-12fc4dd7d9a9
Correndo, Gianluca
fea0843a-6d4a-4136-8784-0d023fcde3e2
Meacham, Ken
3d0e5c6b-8a98-4f2f-be51-aef0dad61fa5
Papay, Juri
21652b35-de29-439c-b343-cb3437ef2f9e
Phillips, Stephen
47610c30-a543-4bac-a96a-bc1fce564a59
Wiegand, Stefanie
310e7755-e32b-445d-bc51-902c1f0231f7
Wilkinson, Toby
57370d64-63d8-437d-a044-f0edb241911f
Surridge, Mike, Correndo, Gianluca, Meacham, Ken, Papay, Juri, Phillips, Stephen, Wiegand, Stefanie and Wilkinson, Toby
(2018)
Trust Modelling in 5G mobile networks.
In,
SecSoN '18 : Proceedings of the 2018 Workshop on Security in Softwarized Networks: Prospects and Challenges.
ACM SIGCOMM 2018 Workshop on Security in Softwarized Networks: Prospects and Challenges (24/08/18 - 24/08/18)
New York, NY.
Association for Computing Machinery, .
(doi:10.1145/3229616.3229621).
Record type:
Book Section
Abstract
5G technologies will change the business landscape for mobile network operation. The use of virtualization through SDN, NFV and Cloud computing offer significant savings of CAPEX and OPEX, but they also allow new stakeholders to rent infrastructure capacity and operate mobile networks, including specialized networks supporting so-called vertical applications serving specific business sectors. In the resulting diverse stakeholder communities, the old trust assumptions between network operators will no longer apply. There is a pressing need for a far broader understanding of trust in such networks if they are to operate safely and securely for the engaged stakeholder communities. This paper describes work carried out in the 5G-ENSURE project to address this need. The starting point is the recognition that trust is a response to risk, and in a mobile network trust assumptions have to be made regarding the contributions made by each stakeholder to manage risks to themselves and to other stakeholders. To analyse trust therefore requires a consistent and reproducible catalogue of threats that pose risks to the network, and this was produced using Trust Builder, an automated threat modelling tool developed in the project. Trust Builder extends earlier work on automated threat identification to support the extraction of stakeholder dependencies and enumeration of their responsibilities to each other. This paper describes application of this tool to a simplified 5G network architecture which illustrates the main findings from work done in the project analyzing 31 use case scenarios devised by 5G-ENSURE project partners. These include key changes in trust assumptions between 5G and previous generation mobile networks, and the need for more security measures at critical points in the network.
Text
trust-modelling-5g-13-06-2018
- Accepted Manuscript
More information
Accepted/In Press date: 4 May 2018
e-pub ahead of print date: August 2018
Published date: 2018
Venue - Dates:
ACM SIGCOMM 2018 Workshop on Security in Softwarized Networks: Prospects and Challenges, , Budapest, Hungary, 2018-08-24 - 2018-08-24
Keywords:
Telecommunications Networks, 5G, Security, Trust
Identifiers
Local EPrints ID: 423715
URI: http://eprints.soton.ac.uk/id/eprint/423715
PURE UUID: 0f3a5f24-5835-4523-b467-bfb4b575f67d
Catalogue record
Date deposited: 28 Sep 2018 16:30
Last modified: 26 Aug 2024 01:32
Export record
Altmetrics
Contributors
Author:
Mike Surridge
Author:
Gianluca Correndo
Author:
Ken Meacham
Author:
Juri Papay
Author:
Stephen Phillips
Author:
Stefanie Wiegand
Author:
Toby Wilkinson
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics