Security for 5G Mobile Wireless Networks

The advanced features of 5G mobile wireless network systems yield new security requirements and challenges. This paper presents a comprehensive survey on security of 5G wireless network systems compared to the traditional cellular networks. The paper starts with a review on 5G wireless networks particularities as well as on the new requirements and motivations of 5G wireless security. The potential attacks and security services with the consideration of new service requirements and new use cases in 5G wireless networks are then summarized. The recent development and the existing schemes for the 5G wireless security are presented based on the corresponding security services including authentication, availability, data confidentiality, key management and privacy. The paper further discusses the new security features involving different technologies applied to 5G such as heterogeneous networks, device-to-device communications, massive multiple-input multiple-output, software defined networks and Internet of Things. Motivated by these security research and development activities, we propose a new 5G wireless security architecture, based on which the analysis of identity management and flexible authentication is provided. As a case study, we explore a handover procedure as well as a signaling load scheme to show the advantage of the proposed security architecture. The challenges and future directions of 5G wireless security are finally summarized

Device-to-Device Communication in 5G Cellular Networks

Owing to the unprecedented and continuous growth in the number of connected users and networked devices, the next-generation 5G cellular networks are envisaged to support enormous number of simultaneously connected users and devices with access to numerous services and applications by providing networks with highly improved data rate, higher capacity, lower end-to-end latency, improved spectral efficiency, at lower power consumption. D2D communication underlaying cellular networks has been proposed as one of the key components of the 5G technology as a means of providing efficient spectrum reuse for improved spectral efficiency and take advantage of proximity between devices for reduced latency, improved user throughput, and reduced power consumption. Although D2D communication underlaying cellular networks promises lots of potentials, unlike the conventional cellular network architecture, there are new design issues and technical challenges that must be addressed for proper implementation of the technology. These include new device discovery procedures, physical layer architecture and radio resource management schemes. This thesis explores the potentials of D2D communication as an underlay to 5G cellular networks and focuses on efficient interference management solutions through mode selection, resource allocation and power control schemes. In this work, a joint admission control, resource allocation, and power control scheme was implemented for D2D communication underlaying 5G cellular networks. The performance of the system was evaluated, and comparisons were made with similar schemes.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

Networking Solutions for Integrated Heterogeneous Wireless Ecosystem

This work targets at applying computer networking techniques to address challenges in modern wireless networks and in various environments built around these networks. The main focus of the work is on designing and implementing prototypes and demonstrators to support research in domains of heterogeneous networks (HetNets). These research domains include centralized radio resource management in emerging cellular network architectures, network assistance role in device-to-device (D2D) communications, and studying prospective services in these networks. Within the research group the author was tasked with designing network architectures and demonstrating certain connectivity and functionality interesting for the research. The author was responsible for modifying commercial off-the-shelf equipment to become suitable for target research scenarios, selecting network technologies to achieve connectivity requirements, deploying network architecture entities within the research group's cloud platform. For HetNet track, the primary goal was to design a platform that would mimic a device connected through a heterogeneous network, allowing researchers to experiment with traffic flow optimization in an environment close to the envisioned next-generation network architecture. Prototype solution and testbed were designed building on software defined network principles of automation, abstraction and software based flow switching, and were implemented using overlay networks and virtual network functions. Within D2D communications research, the task was to design architecture demonstrating feasibility of traffic offloading from infrastructure network to direct links. Prototype was implemented with automated routing control in overlay network. To demonstrate novel services enabled by advanced security frameworks, D2D platform was augmented and a new network application has been implemented, also suitable for wearable electronics

A Comprehensive Review of D2D Communication in 5G and B5G Networks

The evolution of Device-to-device (D2D) communication represents a significant breakthrough within the realm of mobile technology, particularly in the context of 5G and beyond 5G (B5G) networks. This innovation streamlines the process of data transfer between devices that are in close physical proximity to each other. D2D communication capitalizes on the capabilities of nearby devices to communicate directly with one another, thereby optimizing the efficient utilization of available network resources, reducing latency, enhancing data transmission speed, and increasing the overall network capacity. In essence, it empowers more effective and rapid data sharing among neighboring devices, which is especially advantageous within the advanced landscape of mobile networks such as 5G and B5G. The development of D2D communication is largely driven by mobile operators who gather and leverage short-range communications data to propel this technology forward. This data is vital for maintaining proximity-based services and enhancing network performance. The primary objective of this research is to provide a comprehensive overview of recent progress in different aspects of D2D communication, including the discovery process, mode selection methods, interference management, power allocation, and how D2D is employed in 5G technologies. Furthermore, the study also underscores the unresolved issues and identifies the challenges associated with D2D communication, shedding light on areas that need further exploration and developmen

Separation Framework: An Enabler for Cooperative and D2D Communication for Future 5G Networks

Soaring capacity and coverage demands dictate that future cellular networks need to soon migrate towards ultra-dense networks. However, network densification comes with a host of challenges that include compromised energy efficiency, complex interference management, cumbersome mobility management, burdensome signaling overheads and higher backhaul costs. Interestingly, most of the problems, that beleaguer network densification, stem from legacy networks' one common feature i.e., tight coupling between the control and data planes regardless of their degree of heterogeneity and cell density. Consequently, in wake of 5G, control and data planes separation architecture (SARC) has recently been conceived as a promising paradigm that has potential to address most of aforementioned challenges. In this article, we review various proposals that have been presented in literature so far to enable SARC. More specifically, we analyze how and to what degree various SARC proposals address the four main challenges in network densification namely: energy efficiency, system level capacity maximization, interference management and mobility management. We then focus on two salient features of future cellular networks that have not yet been adapted in legacy networks at wide scale and thus remain a hallmark of 5G, i.e., coordinated multipoint (CoMP), and device-to-device (D2D) communications. After providing necessary background on CoMP and D2D, we analyze how SARC can particularly act as a major enabler for CoMP and D2D in context of 5G. This article thus serves as both a tutorial as well as an up to date survey on SARC, CoMP and D2D. Most importantly, the article provides an extensive outlook of challenges and opportunities that lie at the crossroads of these three mutually entangled emerging technologies.Comment: 28 pages, 11 figures, IEEE Communications Surveys & Tutorials 201

A Survey on Security and Privacy of 5G Technologies: Potential Solutions, Recent Advancements, and Future Directions

Security has become the primary concern in many telecommunications industries today as risks can have high consequences. Especially, as the core and enable technologies will be associated with 5G network, the confidential information will move at all layers in future wireless systems. Several incidents revealed that the hazard encountered by an infected wireless network, not only affects the security and privacy concerns, but also impedes the complex dynamics of the communications ecosystem. Consequently, the complexity and strength of security attacks have increased in the recent past making the detection or prevention of sabotage a global challenge. From the security and privacy perspectives, this paper presents a comprehensive detail on the core and enabling technologies, which are used to build the 5G security model; network softwarization security, PHY (Physical) layer security and 5G privacy concerns, among others. Additionally, the paper includes discussion on security monitoring and management of 5G networks. This paper also evaluates the related security measures and standards of core 5G technologies by resorting to different standardization bodies and provide a brief overview of 5G standardization security forces. Furthermore, the key projects of international significance, in line with the security concerns of 5G and beyond are also presented. Finally, a future directions and open challenges section has included to encourage future research.European CommissionNational Research Tomsk Polytechnic UniversityUpdate citation details during checkdate report - A

Authentication protocols for D2D communications

Dissertação (mestrado)—Universidade de Brasília, Faculdade de Tecnologia, Departamento de Engenharia Elétrica, 2019.A comunicação Dispositivo-a-Dispositivo (D2D) é uma das tecnologias promissoras para ser usada na conexão de grandes quantidades de dispositivos, como previsto para a Internet das Coisas (IoT, do inglês Internet of Things), ao proporcionar a oportunidade de conexão direta entre dispositivos, sem a obrigatoriedade de emprego da infraestrutura de redes tradicionais. A segurança é um item crucial para o sucesso da IoT e das comunicações D2D e pode ser proporcionada por protocolos de autenticação e acordo de chaves (AKA, do inglês Authentication and Key Agreement). Entretanto, os protocolos de autenticação utilizados nas redes tradicionais (como os protocolos EPS-AKA e EAP-AKA) não estão adaptados para D2D, e seu emprego em situação de grande aumento no número de dispositivos conectados imporia um elevado consumo de recursos, especialmente de banda e de processamento computacional. Adicionalmente, no início do trabalho foram identificados poucos protocolos dessa categoria, especificamente voltados para D2D. Este trabalho apresenta o projeto e a avaliação de 3 (três) protocolos de autenticação e acordo de chaves para comunicações D2D, desenvolvidos para 3 (três) cenários:1) dispositivos integrantes de Telecare Medical Information Systems (TMIS) baseados em sistema de nuvem computacional; 2) grupos de dispositivos em cenário genérico de emprego de comunicações D2D, onde sejam esperadas grandes quantidades de dispositivos; 3) grupos de dispositivos em comunicações D2D em cenário m-health. A metodologia para obtenção de novos protocolos seguros considerou, como passo inicial, uma revisão da literatura, buscando identificar protocolos que tenham sido empregados, de forma específica, em cada cenário considerado. Em seguida, foi definida uma arquitetura específica de cada cenário considerado, bem como propriedades de segurança a serem alcançadas e possíveis ataques contra os quais caberia oferecer proteção. Foram então criados novos protocolos de autenticação para os cenários e arquiteturas citados, considerando o emprego de comunicações D2D. Em todos os três cenários, dentre as propriedades de segurança tidas como requisitos para o correto funcionamento da comunicação D2D, incluem-se a preservação da confidencialidade, a integridade e a disponibilidade do sistema; em termos de possíveis ataques, ataques tais como os dos tipos man-in-the-middle, repetição e personificação foram tratados, visando proteção pelo protocolo contra os mesmos. Após a descrição de cada protocolo, esta dissertação apresenta comparações em relação a propriedades de segurança entre cada um dos protocolos propostos e alguns de seus respectivos trabalhos relacionados. Uma comparação envolvendo custos de computação, de comunicação e de energia é então realizada. Os resultados obtidos mostram bom desempenho e robustez em segurança para os três esquemas propostos. As propostas mostram-se adequadas para uso futuro, na autenticação de dispositivos IoT que utilizarem comunicação D2D, dentro dos cenários adotados e sob as condições em que foram avaliadas. Uma validação semiformal dos protocolos é também apresentada. A ferramenta AVISPA é utilizada para verificar a robustez da segurança dos protocolos desenvolvidos.Device-to-Device (D2D) communication is one of the promising technologies to be used to connect the large quantity of devices, as forecasted for the Internet of Things (IoT), by providing to devices the opportunity of connecting each other without mandatory use of traditional networks infrastructure. Security is a crucial item for the success of IoT and D2D communication and can be provided by robust authentication and key agreement protocols (AKA). However, the authentication protocols used for traditional networks (such as EPS-AKA and EAP-AKA) are not adapted for D2D and their use in the situation of large number of devices connected would impose high consume of resources, specially bandwidth and computational processing. Additionally, in the beginning of the work, it was identified a small quantity of protocols of the described category, specifically for D2D. This work provides the project and evaluation of 3 (three) authentication protocols designed to meet the demand on Device-to-Device (D2D) communications authentication and key agreement protocols, developed for 3 (three) scenarios: 1) devices that are members of Telecare Medical Information Systems (TMIS) based on cloud system; 2) groups of devices in generic scenario for the use of D2D communications, which there are expected large quantities of devices; 3) groups of devices for D2D communication in m-health scenario. The methodology for obtaining of new secure protocols considered, as initial step, a literature review, searching for protocols that might be specifically used in each of the scenarios considered. Next, a specific architecture for each scenario considered was developed, as well as security properties to be accomplished and possible attacks that might be suitable for the protocol to have protection. Therefore, authentication protocols were created for the scenarios and architecture cited, considering the use of D2D. In all three cases, among the security objectives required for the proper functioning of D2D communication, there are included the preservation of confidentiality, integrity, and availability of the system; in terms of attacks, such as man-in-the-middle, replay and impersonation were treated, aiming the protection of the protocols against the cited attacks. After the description of each protocol, this dissertation presents comparisons regarding security properties among each of the proposed protocols and some of their respective related works. A comparison involving computational, communication and energy costs is executed. The results obtained show good performance and robust security to the three proposed schemes. The proposals show up suitable future use, in the authentication of IoT devices using D2D communication, in the scenarios adopted and under the conditions evaluated. A semi-formal validation of the protocols is also presented. The tool AVISPA is used to verify the security robustness of the protocols developed

Security for network services delivery of 5G enabled device-to-device communications mobile network

The increase in mobile traffic led to the development of Fifth Generation (5G) mobile network. 5G will provide Ultra Reliable Low Latency Communication (URLLC), Massive Machine Type Communication (mMTC), enhanced Mobile Broadband (eMBB). Device-to-Device (D2D) communications will be used as the underlaying technology to offload traffic from 5G Core Network (5GC) and push content closer to User Equipment (UE). It will be supported by a variety of Network Service (NS) such as Content-Centric Networking (CCN) that will provide access to other services and deliver content-based services. However, this raises new security and delivery challenges. Therefore, research was conducted to address the security issues in delivering NS in 5G enabled D2D communications network. To support D2D communications in 5G, this thesis introduces a Network Services Delivery (NSD) framework defining an integrated system model. It incorporates Cloud Radio Access Network (C-RAN) architecture, D2D communications, and CCN to support 5G’s objectives in Home Network (HN), roaming, and proximity scenarios. The research explores the security of 5G enabled D2D communications by conducting a comprehensive investigation on security threats. It analyses threats using Dolev Yao (DY) threat model and evaluates security requirements using a systematic approach based on X.805 security framework. Which aligns security requirements with network connectivity, service delivery, and sharing between entities. This analysis highlights the need for security mechanisms to provide security to NSD in an integrated system, to specify these security mechanisms, a security framework to address the security challenges at different levels of the system model is introduced. To align suitable security mechanisms, the research defines underlying security protocols to provide security at the network, service, and D2D levels. This research also explores 5G authentication protocols specified by the Third Generation Partnership Project (3GPP) for securing communication between UE and HN, checks the security guarantees of two 3GPP specified protocols, 5G-Authentication and Key Agreement (AKA) and 5G Extensive Authentication Protocol (EAP)-AKA’ that provide primary authentication at Network Access Security (NAC). The research addresses Service Level Security (SLS) by proposing Federated Identity Management (FIdM) model to integrate federated security in 5G, it also proposes three security protocols to provide secondary authentication and authorization of UE to Service Provider (SP). It also addresses D2D Service Security (DDS) by proposing two security protocols that secure the caching and sharing of services between two UEs in different D2D communications scenarios. All protocols in this research are verified for functional correctness and security guarantees using a formal method approach and semi-automated protocol verifier. The research conducts security properties and performance evaluation of the protocols for their effectiveness. It also presents how each proposed protocol provides an interface for an integrated, comprehensive security solution to secure communications for NSD in a 5G enabled D2D communications network. The main contributions of this research are the design and formal verification of security protocols. Performance evaluation is supplementary