Related papers: Establishing Trust in the Beyond-5G Core Network using Trusted Execution Environments

Establishing Trust in the Beyond-5G Core Network using Trusted Execution Environments

URL: http://arxiv.org/abs/2405.12177v1
Date: Mon, 20 May 2024 17:02:18 GMT
Title: Establishing Trust in the Beyond-5G Core Network using Trusted Execution Environments
Authors: Marinos Vomvas, Norbert Ludant, Guevara Noubir,
Abstract summary: We review the security implications introduced in B5G networks, and the security mechanisms that are supported by the 5G standard. We propose a vertical extension of Zero Trust, namely, Zero Trust Execution, to model untrusted execution environments. We provide an analysis on how to establish trust in Beyond-5G network architectures using Trusted Execution Environments.
Score: 4.235733335401408
License: http://creativecommons.org/licenses/by-nc-nd/4.0/
Abstract: The fifth generation (5G) of cellular networks starts a paradigm shift from the traditional monolithic system design to a Service Based Architecture, that fits modern performance requirements and scales efficiently to new services. This paradigm will be the foundation of future cellular core networks beyond 5G. The new architecture splits network functionalities into smaller logical entities that can be disaggregated logically, physically, and geographically. This affords interoperability between the mobile network operators and commercial software and hardware vendors or cloud providers. By making use of commodity services and products, this system construct inherits the vulnerabilities in those underlying technologies, thereby increasing its attack surface and requiring a rigorous security analysis. In this work, we review the security implications introduced in B5G networks, and the security mechanisms that are supported by the 5G standard. We emphasize on the support of Zero Trust Architecture in 5G and its relevance in decentralized deployments. We revisit the definition of trust in modern enterprise network operations and identify important Zero Trust properties that are weakened by the nature of cloud deployments. To that end, we propose a vertical extension of Zero Trust, namely, Zero Trust Execution, to model untrusted execution environments, and we provide an analysis on how to establish trust in Beyond-5G network architectures using Trusted Execution Environments. Our analysis shows how our model architecture handles the increased attack surface and reinforces the Zero Trust Architecture principles in the 5G Core, without any changes to the 5G standard. Finally, we provide experimental results over a 5G testbed using Open5GS and UERANSIM that demonstrate minimal performance overhead, and a monetary cost evaluation.

Related papers

A Zero Trust Framework for Realization and Defense Against Generative AI Attacks in Power Grid [62.91192307098067]
This paper proposes a novel zero trust framework for a power grid supply chain (PGSC) It facilitates early detection of potential GenAI-driven attack vectors, assessment of tail risk-based stability measures, and mitigation of such threats. Experimental results show that the proposed zero trust framework achieves an accuracy of 95.7% on attack vector generation, a risk measure of 9.61% for a 95% stable PGSC, and a 99% confidence in defense against GenAI-driven attack.
arXiv Detail & Related papers (2024-03-11T02:47:21Z)
Penetration Testing of 5G Core Network Web Technologies [53.89039878885825]
We present the first security assessment of the 5G core from a web security perspective. We use the STRIDE threat modeling approach to define a complete list of possible threat vectors and associated attacks. Our analysis shows that all these cores are vulnerable to at least two of our identified attack vectors.
arXiv Detail & Related papers (2024-03-04T09:27:11Z)
5G Network Security Practices: An Overview and Survey [0.10742675209112622]
This document provides an overview of 5G network security, describing various components of the 5G core network architecture and what kind of security services are offered by these 5G components. It also explores the potential security risks and vulnerabilities presented by the security architecture in 5G.
arXiv Detail & Related papers (2024-01-25T17:54:45Z)
Towards Zero-Trust 6GC: A Software Defined Perimeter Approach with Dynamic Moving Target Defense Mechanism [1.33134751838052]
This paper introduces the concept of Software Defined Perimeter (SDP) as an innovative solution. We capitalize on the SDP controller-based authentication and authorization mechanisms to secure the EPC network's control and data plane functions. We augment the SDP zero-trust capabilities via the incorporation of a dynamic component, the Moving Target Defense (MTD)
arXiv Detail & Related papers (2023-12-27T02:54:55Z)
Foundation Model Based Native AI Framework in 6G with Cloud-Edge-End Collaboration [56.330705072736166]
We propose a 6G native AI framework based on foundation models, provide a customization approach for intent-aware PFM, and outline a novel cloud-edge-end collaboration paradigm. As a practical use case, we apply this framework for orchestration, achieving the maximum sum rate within a wireless communication system.
arXiv Detail & Related papers (2023-10-26T15:19:40Z)
SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices [67.65883495888258]
We present SyzTrust, the first state-aware fuzzing framework for vetting the security of resource-limited Trusted OSes. SyzTrust adopts a hardware-assisted framework to enable fuzzing Trusted OSes directly on IoT devices. We evaluate SyzTrust on Trusted OSes from three major vendors: Samsung, Tsinglink Cloud, and Ali Cloud.
arXiv Detail & Related papers (2023-09-26T08:11:38Z)
TrustGuard: GNN-based Robust and Explainable Trust Evaluation with Dynamicity Support [59.41529066449414]
We propose TrustGuard, a GNN-based accurate trust evaluation model that supports trust dynamicity. TrustGuard is designed with a layered architecture that contains a snapshot input layer, a spatial aggregation layer, a temporal aggregation layer, and a prediction layer. Experiments show that TrustGuard outperforms state-of-the-art GNN-based trust evaluation models with respect to trust prediction across single-timeslot and multi-timeslot.
arXiv Detail & Related papers (2023-06-23T07:39:12Z)
Machine Learning Assisted Security Analysis of 5G-Network-Connected Systems [5.918387680589584]
5G networks have transitioned to software-defined infrastructures. New technologies, like network function virtualization and software-defined networking, have been incorporated in the 5G core network (5GCN) architecture to enable this transition. This article presents a comprehensive security analysis framework for the 5GCN.
arXiv Detail & Related papers (2021-08-07T20:07:08Z)
Intelligent Zero Trust Architecture for 5G/6G Tactical Networks: Principles, Challenges, and the Role of Machine Learning [4.314956204483074]
We highlight the challenges and introduce the concept of an intelligent zero trust architecture (i-ZTA) as a security framework in 5G/6G networks with untrusted components. This paper presents the architectural design of an i-ZTA upon which modern artificial intelligence (AI) algorithms can be developed to provide information security in untrusted networks.
arXiv Detail & Related papers (2021-05-04T13:14:29Z)
True-data Testbed for 5G/B5G Intelligent Network [46.09035008165811]
We build the world's first true-data testbed for 5G/B5G intelligent network (TTIN) TTIN comprises 5G/B5G on-site experimental networks, data acquisition & data warehouse, and AI engine & network optimization. This paper elaborates on the system architecture and module design of TTIN.
arXiv Detail & Related papers (2020-11-26T06:42:36Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.