The roll-out of 5G across the country could be considered one of the most highly anticipated technology advancements in recent memory. While many are focused on the advantages for consumers, organizations are also poised to reap the benefits. However, despite all the fanfare regarding next-generation cellular performance and low latency, there are still some who are concerned about whether 5G for business will meet all the security requirements of modern enterprise networking.
In actuality, cellular-enabled Wireless WAN (WWAN) has been capable of enterprise-grade security at the network’s edge for many years. Additionally, 5G is perhaps even more secure than 4G has been, given new developments at the network core level.
Improving security at the network level: from 4G to 5G
The opportunity to improve security arises with each new generation of cellular technology generation. In particular, 5G has brought several key changes:
New authentication framework: With the 5G protocol, a new authentication framework has been introduced. This is based upon a well-established and widely used IT protocol called extensible authentication protocol (EAP) that is open, network agnostic, and more secure.
Enhanced subscriber privacy: 5G offers privacy improvements against attacks that occur when a false base station pages the user equipment to tell it to come out of idle. In 5G, the International Mobile Subscriber Identity (IMSI) is not used in paging, there is less text exchanged, and the network performs analytics on the radio environment, detecting anomalous base stations.
Improved core network agility and security: The 5G network core moves to a Service-Based Architecture (SBA). This is delivered by a set of interconnected Network Functions (NFs), with authorization to access each other’s services. An SBA allows for plug-and-play software, agile programming and network slicing, which streamline operations and support greater innovation.
Extended roaming security: The 5G standard presents enhanced interconnect security between network operators, centred on a network function called Security Edge Protection Proxy (SEPP). SEPP sits at the edge of each network operator’s 5G network; each operator’s SEPP is authenticated, and application layer security protects traffic.
Advanced integrity protection of the user plane: The 5G standard introduces a new feature that protects the user plane traffic between a device and cellular tower, aiming to alleviate high-level, man-in-the-middle attacks that interfere with unprotected, sensitive over-the-air user plane information.
Credited Source
IT WORLD CANADA / JASON FALOVO / THOREN