Mobile security industry calls for 5G standard designed to provide “robust safeguards” for use cases
SIMalliance’s technical White Paper analyses the functional and security requirements (together with proposed solutions) for 5G across five specific market segments – massive Internet of Things (IoT), critical communications, enhanced mobile broadband, Vehicle to X (V2X) and network operations.
The new White Paper, entitled 5G Security – Making the Right Choice to Match Your Needs, determines that appropriate security that’s relevant to a wide range of use cases and their requirements should be built into 5G from the outset in order to prevent the need for retrofitting the right level of security at a later date.
The detailed document asserts that, while many devices using the 5G network will be simple and low cost, and particularly so across the IoT segment, security decisions must take into account the value of data being stored or transferred and not just the device cost. 5G security measures must protect subscribers, devices and their communications as well as the integrity of the network itself.
The White Paper examines a range of use cases in each of the five segments listed. It explains how 5G will result in a wide variety of functional requirements, such as greater throughput, lower latencies, higher connectivity density and better coverage. In addition, it ably demonstrates how these functional requirements interrelate with security requirements in the 5G environment.
Subsequently, the White Paper then maps security requirements to different aspects of the 5G ecosystem – network, services, applications, devices and users – and calls for (as well as making specific recommendations aimed at) security at all levels of the value chain.
Finally, the document compares three potential solutions that have been mooted for 5G security: the eUICC, Trusted Execution Environment (TEE)-based SIM and SoftSIM. It highlights that service providers should consider the confidentiality, privacy and integrity requirements of data being transmitted before arriving at the secure storage solution they believe to be appropriate for their use case.
The White Paper also presents these findings in an Executive Summary targeting the non-technical reader.
Overriding requirements for security and privacy
The White Paper expands on SIMalliance’s marketing paper, entitled An Analysis of the Security Needs of the 5G Market, that was published earlier this year. This document concluded that, while requirements will differ across each market segment, the need for security and privacy in 5G networks will be fundamental across all of them.
Commenting on the publication of the White Paper, Hervé Pierre (chairman of SIMalliance) informed Risk UK: “5G will realise a huge variety of use cases and an equally large range of security threats and risks. SIMalliance believes that, at every stage of the 5G standardisation process and across every segment, security and privacy remain fundamental requirements. Appropriate security, relevant to the broadest range of use cases, is therefore in the interests of all actors in the 5G arena. It’s vital to build security into 5G from the outset, for what is not built in from the beginning cannot easily be added later on.”
Pierre continued: “This new SIMalliance White Paper explores various security solutions for 5G and analyses them based on their ability to meet functional and security requirements across key market segments. The end result is a comparison accompanied by a recommendation on security solution viability for different use cases. While I would urge interested parties to read the White Paper for detailed conclusions, SIMalliance’s position overall is to encourage actors to apply end-to-end security techniques based upon the value of the data in transit as the wrong decision about security today will prove a false economy in the future.”
*5G Security – Making the Right Choice to Match Your Needs can be downloaded from the SIMalliance website