Visible to the public Implementing a Security Policy Management for 5G Customer Edge Nodes

TitleImplementing a Security Policy Management for 5G Customer Edge Nodes
Publication TypeConference Paper
Year of Publication2020
AuthorsKabir, H., Mohsin, M. H. Bin, Kantola, R.
Conference NameNOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium
Date PublishedApril 2020
ISBN Number978-1-7281-4973-8
Keywords5G, communication security policy, network edge, Policy Management, pubcrawl, reliability, resilience, Resiliency, Scalability, Security by Default, unwanted traffic
AbstractThe upcoming 5th generation (5G) mobile networks need to support ultra-reliable communication for business and life-critical applications. To do that 5G must offer higher degree of reliability than the current Internet, where networks are often subjected to Internet attacks, such as denial of service (DoS) and unwanted traffic. Besides improving the mitigation of Internet attacks, we propose that ultra-reliable mobile networks should only carry the expected user traffic to achieve a predictable level of reliability under malicious activity. To accomplish this, we introduce device-oriented communication security policies. Mobile networks have classically introduced a policy architecture that includes Policy and Charging Control (PCC) functions in LTE. However, in state of the art, this policy architecture is limited to QoS policies for end devices only. In this paper, we present experimental implementation of a Security Policy Management (SPM) system that accounts communication security interests of end devices. The paper also briefly presents the overall security architecture, where the policies set for devices or services in a network slice providing ultra-reliability, are enforced by a network edge node (via SPM) to only admit the expected traffic, by default treating the rest as unwanted traffic.
Citation Keykabir_implementing_2020