The security conundrum of 5G network slicing

One benefit of moving to a standalone 5G network is that it makes it possible for wireless operators to implement network slicing, which means they can run multiple dedicated networks that all share a common, physical infrastructure. Each network slice can have its own characteristics and identity – but that also means it will have its own risks.

For example, one slice might be intended for an artificial reality (AR) use case and therefore be provisioned for high throughput and low latency. Another network slice might be intended for an Internet of Things (IoT) use case and be provisioned for extreme reliability and a lower speed. Using network slicing, operators will be able to partition their networks for these different use cases and run them independently.

This network slicing vision is appealing because it will let operators develop different business cases for each slice. But it is also a challenge because wireless operators will need to make sure that each network slice is protected from interference from the other slices and immune to distributed denial of service (DDoS) attacks and other security breaches. “The security challenge is to provide different dynamic security policies for different slices,” said Sree Koratala, vice president of product management for network security at security company Palo Alto Networks. “For example, enterprise-grade security is needed for enterprises served by 5G network slices.”

No standard
How operators handle the security of their network slices is up to them. The 3GPP, an industry standards group, has defined specifications for how operators build their 5G networks, but it hasn’t developed any protocol for how security should be handled for network slicing.

However, the GSMA, an industry trade group, has created a security document that provides recommendations to operators on how to detect and prevent attacks using GPRS tunneling protocol (GTP-U).

To read the complete article, visit Light Reading.