Security for network services delivery of 5G enabled device-to-device communications mobile network

The increase in mobile traffic led to the development of Fifth Generation (5G) mobile network. 5G will provide Ultra Reliable Low Latency Communication (URLLC), Massive Machine Type Communication (mMTC), enhanced Mobile Broadband (eMBB). Device-to-Device (D2D) communications will be used as the underlaying technology to offload traffic from 5G Core Network (5GC) and push content closer to User Equipment (UE). It will be supported by a variety of Network Service (NS) such as Content-Centric Networking (CCN) that will provide access to other services and deliver content-based services. However, this raises new security and delivery challenges. Therefore, research was conducted to address the security issues in delivering NS in 5G enabled D2D communications network. To support D2D communications in 5G, this thesis introduces a Network Services Delivery (NSD) framework defining an integrated system model. It incorporates Cloud Radio Access Network (C-RAN) architecture, D2D communications, and CCN to support 5G’s objectives in Home Network (HN), roaming, and proximity scenarios. The research explores the security of 5G enabled D2D communications by conducting a comprehensive investigation on security threats. It analyses threats using Dolev Yao (DY) threat model and evaluates security requirements using a systematic approach based on X.805 security framework. Which aligns security requirements with network connectivity, service delivery, and sharing between entities. This analysis highlights the need for security mechanisms to provide security to NSD in an integrated system, to specify these security mechanisms, a security framework to address the security challenges at different levels of the system model is introduced. To align suitable security mechanisms, the research defines underlying security protocols to provide security at the network, service, and D2D levels. This research also explores 5G authentication protocols specified by the Third Generation Partnership Project (3GPP) for securing communication between UE and HN, checks the security guarantees of two 3GPP specified protocols, 5G-Authentication and Key Agreement (AKA) and 5G Extensive Authentication Protocol (EAP)-AKA’ that provide primary authentication at Network Access Security (NAC). The research addresses Service Level Security (SLS) by proposing Federated Identity Management (FIdM) model to integrate federated security in 5G, it also proposes three security protocols to provide secondary authentication and authorization of UE to Service Provider (SP). It also addresses D2D Service Security (DDS) by proposing two security protocols that secure the caching and sharing of services between two UEs in different D2D communications scenarios. All protocols in this research are verified for functional correctness and security guarantees using a formal method approach and semi-automated protocol verifier. The research conducts security properties and performance evaluation of the protocols for their effectiveness. It also presents how each proposed protocol provides an interface for an integrated, comprehensive security solution to secure communications for NSD in a 5G enabled D2D communications network. The main contributions of this research are the design and formal verification of security protocols. Performance evaluation is supplementary

Trichorionic Quadruplet Delivered Beyond 36 Weeks of Gestation: A Case Report and Literature Review

Following one year of secondary fertility, a couple conceived with a quadruplet after transfer of three embryos through IVF-ICSI. At 36 weeks and 2 days of gestation, the mother developed gestational induced hypertension and delivered the next day by caesarean section. Pathology confirmed the zygosity to be trichorionic quadramniotic and all four babies were discharged home with their mother on postoperative day 3. Herein, we describe a successfully managed high-risk pregnancy case. A review of the literature was conducted and to our knowledge no other cases with similar criteria ever reached such advanced gestational age

Counseling Model Based on Gusjigang Culture: Conceptual Framework of Counseling Model Based on Local Wisdoms in Kudus

This article discusses the developing of conceptual framework of gusjigang counseling model as a manifestation of local wisdoms hold by the people of Kudus regency. Gusjigang is a philosophy of life taught by Sunan Kudus (one of the nine Java island\u27s first Muslim missionaries) which teaches men to have a good behavior (gus), to be good at reciting Koran (ji) as well as trading (gang). Gusjigang counseling model is close to Islamic counseling nuance which sets out the Islamic values of Kudus people who have been widely known as religious people. The goals of this counseling model are to develop men\u27s virtuous characters, scientific and systematic thoughts, and improve persistence, creativity, innovativeness to survive

Urgensi Career Decision Making Skills Dalam Penentuan Arah Peminatan Peserta Didik

Career Decision Making Skills merupakan gambaran keterampilan seorang individu dalam menentukan atau mengambil keputusan tentang kehidupan karirnya. Dalam konteks siswa keterampilan semacam ini diwujudkan dalam bentuk mengambil keputusan tentang pilihan jurusan atau sekarang dikenal dengan program peminatan. Peminatan peserta didik terarah dan terfokus pada peminatan studi dan karir atau pekerjaan. Peminatan bertujuan untuk mengembangkan potensi peserta didik secara optimum. Untuk menentukan mana pilihan yang tepat seorang siswa harus memiliki keterampilan yang memadai karena pilihannya saat ini menentukan kesuksesannya di masa yang akan datang. Artikel ini mencoba menguraikan urgensi keterampilan mengambik keputusan karir dalam penentuan arah peminatan peserta didik

Investigating network services abstraction in 5G enabled device-to-device (D2D) communications

The increased demand of data rate by mobile users has led to the evolution of mobile network technologies from the fourth generation to fifth generation (5G). 5G mobile network will support various technologies that will be able to provide low latency, offload traffic and connect vertical industries. Device-to-device (D2D) communications will be used as the underlay technology for 5G network in the offloading of traffic from the cellular network and pushing content closer to the user. With D2D communication, various network services can be implemented to improve spectral efficiency and reduce energy consumption of mobile devices. This paper gives a brief overview of D2D communication and discusses different D2D applications. It proposes a network services abstraction and suggests the mapping of existing studies with the network service abstraction which can be used in the harnessing the development and implementation of D2D communication applications in 5G network. The paper also highlights possible future research for D2D communication in 5G network

An introduction of a modular framework for securing 5G networks and beyond

Fifth Generation Mobile Network (5G) is a heterogeneous network in nature, made up of multiple systems and supported by different technologies. It will be supported by network services such as device-to-device (D2D) communications. This will enable the new use cases to provide access to other services within the network and from third-party service providers (SPs). End-users with their user equipment (UE) will be able to access services ubiquitously from multiple SPs that might share infrastructure and security management, whereby implementing security from one domain to another will be a challenge. This highlights a need for a new and effective security approach to address the security of such a complex system. This article proposes a network service security (NSS) modular framework for 5G and beyond that consists of different security levels of the network. It reviews the security issues of D2D communications in 5G, and it is used to address security issues that affect the users and SPs in an integrated and heterogeneous network such as the 5G enabled D2D communications network. The conceptual framework consists of a physical layer, network access, service and D2D security levels. Finally, it recommends security mechanisms to address the security issues at each level of the 5G-enabled D2D communications network

The case for federated identity management in 5G communications

The heterogeneous nature of fifth generation mobile network (5G) makes the access and provision of network services very difficult and raises security concerns. With multi-users and multi-operators, Service-Oriented Authentication (SOA) and authorization mechanisms are required to provide quick access and interaction between network services. The users require seamless access to services regardless of the domain, type of connectivity or security mechanism used. Hence a need for Identity and Access Management (IAM) mechanism to complement the improved user experience promised in 5G. Federated Identity Management (FIdM) a feature of IAM, can provide a user with use Single Sign On (SSO) to access services from multiple Service Providers (SP). This addresses security requirements such as authentication, authorization and user’s privacy from the end user perspectives, however 5G networks access lacks such solution. We propose a Network Service Federated Identity (NS-FId) model that address these security requirements and complements the 5G Service- Based Architecture (SBA). We present different scenarios and applications of the proposed model. We also discuss the benefits of identity management in 5G

DCSS protocol for data caching and sharing security in a 5G network

Fifth Generation mobile networks (5G) promise to make network services provided by various Service Providers (SP) such as Mobile Network Operators (MNOs) and third-party SPs accessible from anywhere by the end-users through their User Equipment (UE). These services will be pushed closer to the edge for quick, seamless, and secure access. After being granted access to a service, the end-user will be able to cache and share data with other users. However, security measures should be in place for SP not only to secure the provisioning and access of those services but also, should be able to restrict what the end-users can do with the accessed data in or out of coverage. This can be facilitated by federated service authorization and access control mechanisms that restrict the caching and sharing of data accessed by the UE in different security domains. In this paper, we propose a Data Caching and Sharing Security (DCSS) protocol that leverages federated authorization to provide secure caching and sharing of data from multiple SPs in multiple security domains. We formally verify the proposed DCSS protocol using ProVerif and applied pi-calculus. Furthermore, a comprehensive security analysis of the security properties of the proposed DCSS protocol is conducted

Formal verification of authentication and service authorization protocols in 5G-enabled device-to-device communications using ProVerif

Device-to-Device (D2D) communications will be used as an underlay technology in the Fifth Generation mobile network (5G), which will make network services of multiple Service Providers (SP) available anywhere. The end users will be allowed to access and share services using their User Equipments (UEs), and thus they will require seamless and secured connectivity. At the same time, Mobile Network Operators (MNOs) will use the UE to offload traffic and push contents closer to users relying on D2D communications network. This raises security concerns at different levels of the system architecture and highlights the need for robust authentication and authorization mechanisms to provide secure services access and sharing between D2D users. Therefore, this paper proposes a D2D level security solution that comprises two security protocols, namely, the D2D Service security (DDSec) and the D2D Attributes and Capability security (DDACap) protocols, to provide security for access, caching and sharing data in network-assisted and non-network-assisted D2D communications scenarios. The proposed solution applies Identity-based Encryption (IBE), Elliptic Curve Integrated Encryption Scheme (ECIES) and access control mechanisms for authentication and authorization procedures. We formally verified the proposed protocols using ProVerif and applied pi calculus. We also conducted a security analysis of the proposed protocols

Formal verification and analysis of primary authentication based on 5G-AKA protocol

Fifth generation mobile network (5G) is intended to solve future constraints for accessing network services. The user and network operator depend on security assurances provided by the Authentication and Key Agreement protocols (AKA) used. For 5G network, the AKA has been standardized and 5GAKA protocol is one of the primary authentication methods that have been defined. This paper models the protocol and provides comprehensive formal analysis on 5G-AKA protocol as specified by The Third Generation Partnership Project (3GPP) standard. Using ProVerif a security protocol verification tool, we perform a full systematic evaluation of the 5G-AKA protocol based on the latest 5G specifications. We present security assumptions and properties that assists on the analysis based on two taxonomies, we find out that some important security properties are not achieved and related work ignored some crucial protocol flaws. Finally, we make some recommendations to address the issues found by our security analysis