Visible to the public Identity and Access Control for Micro-services Based 5G NFV Platforms

TitleIdentity and Access Control for Micro-services Based 5G NFV Platforms
Publication TypeConference Paper
Year of Publication2018
AuthorsGuija, Daniel, Siddiqui, Muhammad Shuaib
Conference NameProceedings of the 13th International Conference on Availability, Reliability and Security
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-6448-5
Keywords5G, authentication, Authorization, controller area network security, Cyber-physical systems, DevOps, identity, Internet of Things, JSON Web Token, Keycloak, micro-services, network services, NFV MANO, pubcrawl, resilience, virtual network functions
AbstractThe intrinsic use of SDN/NFV technologies in 5G infrastructures promise to enable the flexibility and programmability of networks to ensure lower cost of network and service provisioning and operation, however it brings new challenges and requirements due to new architectural changes. In terms of security, authentication and authorization functions need to evolve towards the new and emerging 5G virtualization platforms in order to meet the requirements of service providers and infrastructure operators. Over the years, a lot of authentication techniques have been used. Now, a wide range of options arise allowing to extend existing authentication and authorization mechanisms. This paper focuses on proposing and showcasing a 5G platform oriented solution among different approaches to integrate authentication and authorization functionalities, an adapted secure and stateless mechanism, providing identity and permissions management to handle not only users, but also system micro-services, in a network functions virtualization management and orchestration (NFV MANO) system, oriented to deploy virtualized services. The presented solution uses the NFV-based SONATA Service Platform which offers capabilities for a continuous integration and delivery DevOps methodology that allow high levels of programmability and flexibility to manage the entire life cycle of Virtual Network Functions, and enables the perfect scenario to showcase different approaches for authentication and authorization mechanisms for users and micro-services in a 5G platform.
Citation Keyguija_identity_2018