The owner, the provider and the subcontractors : how to handle accountability and liability management for 5G end to end service

The adoption of 5G services depends on the capacity to provide high-value services. In addition to enhanced performance, the capacity to deliver Security Service Level Agreements (SSLAs) and demonstrate their fulfillment would be a great incentive for the adoption of 5G services for critical 5G Verticals (e.g., service suppliers like Energy or Intelligent Transportation Systems) subject to specific industrial safety, security or service level rules and regulations (e.g., NIS or SEVESO Directives). Yet, responsibilities may be difficult to track and demonstrate because 5G infrastructures are interconnected and complex, which is a challenge anticipated to be exacerbated in future 6G networks. This paper describes a demonstrator and a use case that shows how 5G Service Providers can deliver SSLAs to their customers (Service Owners) by leveraging a set of network enablers developed in the INSPIRE-5Gplus project to manage their accountability, liability and trust placed in subcomponents of a service (subcontractors). The elaborated enablers are in particular a novel sTakeholder Responsibility, AccountabIity and Liability deScriptor (TRAILS), a Liability-Aware Service Management Referencing Service (LASM-RS), an anomaly detection tool (IoT-MMT), a Root Cause Analysis tool (IoT-RCA), two Remote Attestation mechanisms (Systemic and Deep Attestation), and two Security-by-Orchestration enablers (one for the 5G Core and one for the MEC)

Security Context Migration in MEC: Challenges and Use Cases

Modern and future services require ultra-reliable mobile connections with high bandwidth parameters and proper security protection. It is possible to ensure such conditions by provisioning services in the Multi-Access Edge Computing system integrated with fifth-generation mobile networks. However, the main challenge in the mentioned architecture is providing a secure service migration with all related data and security requirements to another edge computing host area when the user changes its physical location. This article aims to present the state of research on the migration of the security context between service instances in Edge/MEC servers, specify steps of the migration procedure, and identify new security challenges inspired by use cases of 5G vertical industries. For this purpose, the analysis of the security context’s structure and basic concept of the Security Service Level Agreement was performed and presented in the document. Next, a further investigation of the security context was conducted, including requirements for its reliable migration between edge serves instances. The study mainly focused on crucial migration challenges and possible solutions to resolve them. Finally, the authors presented how the proposed solution can be used to protect 5G vertical industries services based on several mobile use cases

Security Context Migration in MEC: Challenges and Use Cases

Modern and future services require ultra-reliable mobile connections with high bandwidth parameters and proper security protection. It is possible to ensure such conditions by provisioning services in the Multi-Access Edge Computing system integrated with fifth-generation mobile networks. However, the main challenge in the mentioned architecture is providing a secure service migration with all related data and security requirements to another edge computing host area when the user changes its physical location. This article aims to present the state of research on the migration of the security context between service instances in Edge/MEC servers, specify steps of the migration procedure, and identify new security challenges inspired by use cases of 5G vertical industries. For this purpose, the analysis of the security context’s structure and basic concept of the Security Service Level Agreement was performed and presented in the document. Next, a further investigation of the security context was conducted, including requirements for its reliable migration between edge serves instances. The study mainly focused on crucial migration challenges and possible solutions to resolve them. Finally, the authors presented how the proposed solution can be used to protect 5G vertical industries services based on several mobile use cases

Verticals in 5G MEC-Use Cases and Security Challenges

5G is the fifth-generation cellular network satisfying the requirements IMT-2020 (International Mobile Telecommunications-2020) of the International Telecommunication Union. Mobile network operators started using it worldwide in 2019. Generally, 5G achieves exceptionally high values of performance parameters of access and transmission. The application of edge servers has been proposed to facilitate implementing such requirements of 5G, resulting in 5G MEC (Multi-access Edge Computing) technology. Moreover, to optimize services for specific business applications, the concept of 5G vertical industries has been proposed. In this article, we study how the application of the MEC technology affects the functioning of 5G MEC-based services. We consider twelve representative vertical industries of 5G MEC by presenting their essential characteristics, threats, vulnerabilities, and known attacks. Furthermore, we analyze their functional properties, give efficiency patterns and identify the effect of applying the MEC technology in 5G on the resultant network’s quality parameters to determine the expected security requirements. As a result of the research, we identify the impact of classified threats on the 5G empowered vertical industries and identify the most sensitive cases to focus on their protection against network attacks in the first place

Towards constructive approach to end-to-end slice isolation in 5G networks

Abstract Although 5G (fifth generation) networks are still in the realm of ideas, their architecture can be considered as reaching a forming phase. There are several reports and white papers which attempt to precise 5G architectural requirements presenting them from different points of view, including techno-socio-economic impacts and technological constraints. Most of them deal with network slicing aspects as a central point, often strengthening slices with slice isolation. The idea of isolation in the network is not new. However, currently considered technologies give new capabilities that can bring added value in this field. The goal of this paper is to present and examine the isolation capabilities and selected approaches to its realization in network slicing context. As the 5G architecture is still evolving, the specification of isolated slices operation and management brings new requirements that need to be addressed, especially in a context of end-to-end (E2E) security. Thus, an outline of recent trends in slice isolation and a set of challenges are presented. The challenges, if properly addressed, could be a step from the concept of 5G networks to proof-of-concept solutions which provide E2E user’s security based on slices isolation. Among other things, the key features are proper slice design and establishment, security at interfaces, suitable access protocols, correct virtual resources sharing, and an adaptable management and orchestration architecture (MANO). In conclusion of the paper, short outlines of two of the main secure isolation challenges are given: a proper definition of isolation parameters and designing suitable MANO system