Wed. Sep 22nd, 2021

AT&T Exec: 5G Private Networks are coming soon + 5G Security Conundrum?

5g

Just two weeks after Verizon won a 5G Private Network contract in the UK, AT&T now says that Private 5G Networks are coming soon to your office or campus.  AT&T’s Rita Marty wrote in a blog post that many companies want “5G in a private space.”

“We’ve done exactly that at AT&T Stadium in Dallas. Fans will get experiences like live stats projected over the field on their smartphone camera.”

“Some organizations want a truly private, standalone 5G system. They envision full control of a “local area network” similar to corporate Wi-Fi, but with the performance, reliability and security of cellular.  Nellis Air Force Base in Nevada is testing one flavor: a 5G-powered command-and-control center on a trailer. It will form the hub of a moveable, private cellular network for local personnel in a conflict area.

Ms. Marty alluded to network slicing and edge computing in her blog post.  Those are two ultra hyped technologies that have yet to be deployed at scale by any 5G network operator.

“Other organizations are enhancing their 5G coverage with the ability to control specific local traffic themselves. They can peel off (via network slicing) certain data flows for “edge computing.” This means alarms in a factory, for instance, could be processed right on the premises – and thus much more quickly. MxD, a manufacturing innovation center in Chicago, is showing how fractions of seconds can help solve quality, safety and inventory issues.

Network slicing allows 5G network operators to create different sub-networks (which can be private) networks with different properties. Each sub-network slices the resources from the physical network to create its own independent, no-compromised network for its preferred applications.  It requires a 5G standalone core network, the implementation of which has not been standardized and AT&T has yet to deploy.

Most of AT&T’s activities in mobile edge computing and private 5G networks are in trials and testing.  AT&T is working to bring enhanced capabilities to their edge computing solutions by testing AT&T Network Edge (ANE) with cloud providers.  AT&T says ANE’s potential benefits include:

  • Lower latency: Deliver low-latency connectivity to high performance compute
  • Network routing optimization: Network integration with cloud providers
  • Extended cloud ecosystem: AT&T intends to develop an extended ANE ecosystem, allowing customers to use cloud services like they do today.

Image Credit:  AT&T

Private networks also need careful thought and consultation, Ms. Marty stated. “Considerations include design, spectrum, and who’s going to actually run it. Even a standalone network, and even 5G, must be set up properly to achieve the highest security against cyberattacks,” she added.

5G Security Conundrum:

As leader of AT&T’s 5G security team, Ms. Marty has her work cut out for her.  Especially considering choosing which of the 3GPP 5G SA security specs to support.  Many of them are not complete and targeted for 3GPP Release 17.  Also, European network operators have taken different approaches to 5G security and this will likely be a global phenomenon.

The real work on 5G security is being done by 3GPP with technical specification (TS) 33.501 Security architecture and procedures for 5G system being the foundation 5G security document.  That 3GPP spec was first published in Release 16, but the latest version dated 16 December 2020 is targeted at Release 17.  You can see all versions of that spec here.

3GPP’s 5G security architecture is designed to integrate 4G equivalent security. In addition, the reassessment of other security threats such as attacks on radio interfaces, signaling plane, user plane, masquerading, privacy, replay, bidding down, man-in-the-middle and inter-operator security issues have also been taken in to account for 5G and will lead to further security enhancements.

Another important 3GPP Security spec is TS 33.51 Security Assurance Specification (SCAS) for the next generation Node B (gNodeB) network product class, which is part of Release 16.  The latest version is dated Sept 25, 2020.

Here’s a chart on 3GPP and GSMA specs on 5G Security,  courtesy of Heavy Reading:

Question: When do you plan to implement the following 5G security specifications? (n=105-108) (Source: Heavy Reading)

Scott Poretsky, Ericsson’s Head of Security, wrote in an email:

“The reason for the inconsistent implementation of the 5G security requirements is the language in the 3GPP specs that make it mandatory for vendor support of the security features and optional for the operator to decide to use the feature.  The requirements are defined in this manner because some countries did not want these security features implemented by their national telecoms due to these security features also providing privacy.  The U.S. was not one of those countries.”

 

Source:- https://techblog.comsoc.org/2021/04/15/att-exec-5g-private-networks-are-coming-soon-5g-security/