Home | Reports | Technical Documents | Tech-Blog | One-Shot Gallery | Korea ICT News | About Us | List of Contributors | Become a Contributor |  How to Advertise  
Section 5G 4G LTE C-RAN/Fronthaul Gigabit Internet IPTV/Video Streaming IoT SDN/NFV Wi-Fi KT SK Telecom LG U+ Network Protocol Samsung   Korean Vendors
CHANNELS HFRFRONTHAUL NetvisionMPTCP Springwave1588 PTP        


Migration to 5G: Security?
February 22, 2018 | By Anand R. Prasad @ 3GPP/NEC
Online viewer:
Comments (0)

We are pleased to share with you all an interesting article contributed by Anand R. Prasad who is information security leader experienced in developing successful businesses with over 20 years of proven professional track record. 



Anand R. Prasad 

Chairman of 3GPP security working group (SA3) and Chief Advanced Technologist at NEC


All Articles by Anand R. Prasad 

  How to contribute your article to Netmanias.com !  
  List of Contributors  




In this brief article I will touch on 3GPP recent achievements regarding 5G followed by high level discussion on migration associated security aspects and finally details of 3GPP specifications on Non-Stand-Alone or 4G-5G Dual Connectivity.


3GPP Recent Achievements

5G architecture and radio specifications were approved in December 2017! Click here to check 3GPP news. This is as planned, see my earlier article 5G Security - Tomorrow and day after? Among others, one of the achievements of 3GPP was the completion of 5G-4G dual connectivity specifications where a device can connect to 5G and 4G base-stations simultaneously while the 5G base-station is connected to the 4G core network. Such dual connectivity solution allows early availability of 5G to the market and serves as a migration path from 4G to 5G. Certainly, there are other options for migration to 5G - more details can be found in clause 7.2 of technical report 38.801"Study on new radio access technology: Radio access architecture and interfaces".


Migration Security

Here I present high level thoughts on security for migration to 5G and 3GPP security specification on Non-Stand-Alone / 4G-5G Dual Connectivity.


General Aspect


Looking at the global mobile communications market, operators might migrate to 5G not only from 4G but also from 3G and even some from 2G. Thus migration will be happening from very different types of system. At a high level, some of the aspects requiring security consideration from migration perspective are: (1) Deploying a secure 5G network; this includes secure network design, security assurance of network function and provisioning of security monitoring as well as security operations center - see figure on Network Guardian. Network design security should include interactions with legacy system. This gives us a clean 5G only environment. (2) Several existing databases will require migration to new system, adequate security consideration should be given to these. Special attention should be paid to those databases associated with user authentication, charging etc. (3) Adequate security consideration will also be required for security associated with OSS/BSS and O&M. (4) Migration towards 5G will also lead to increased deployment of virtualization. Depending on strategy and national regulations, shared or private virtualization infrastructure might be used thus calling for security considerations for cloud and virtualization. (5) Security should also be provisioned for new services that 5G will bring and for open APIs. This security must be provisioned with legacy networks in mind.


Non-Stand-Alone / 4G-5G Dual Connectivity Security


Now let us look at security for 4G-5G dual connectivity (non-stand-alone) specification as discussed earlier in the article. The mobile device first connects to 4G network thus from security perspective mobile device capability for 5G and authorization of subscriber to access 5G network should be verified. Followed by that keys should be derived for secure communication over 5G. Let us look at this in further details: The Master eNodeB (MeNB), i.e. the 4G base-station to which the mobile device is connected to, verifies whether the device is authorized to access 5G services. Once that is done, the MeNB derives and sends the key to be used by the Secondary gNB (SgNB), i.e. the 5G base-station; the mobile device also derives the same key. Both user-data communication and signaling takes place between the mobile device and SgNB. Thus further keys are derived from key sent to SgNB, these are (a) confidentiality key for user-data and (b) both confidentiality and integrity keys for signaling. Note that integrity key will be derived and integrity will be provisioned for user-data for complete 5G system, i.e., non-dual connectivity case.



Thank you for visiting Netmanias! Please leave your comment if you have a question or suggestion.
Related Contents
Netmanias Blog
Netmanias Blog
Netmanias Blog
Netmanias Blog
Netmanias Blog
Netmanias Blog
Netmanias Blog





Subscribe FREE >>

Currently, 49,000+ subscribed to Netmanias.

  • You can get Netmanias Newsletter

    (New contents, Korea ICT News)

  • You can view all netmanias' contents

  • You can download all netmanias'

    contents in pdf file











Open vs. Proprietary 5G Fronthaul Interface: SK Telecom Case

Published: January 11, 2018










How to contribute articles to Netmanias!

We always welcome contributed articles. Share your expertise and inspire others!






View All (764)
4.5G (1) 5G (76) AI (4) AR (1) ARP (3) AT&T (1) Akamai (1) Authentication (5) Big Data (2) Blockchain (3) C-RAN/Fronthaul (17) CDN (4) CPRI (4) Carrier Ethernet (3) China (1) China Mobile (2) Cisco (1) Cloud (4) CoMP (6) Connected Car (4) DHCP (5) Ericsson (2) FTTH (6) GSLB (1) GiGAtopia (2) Gigabit Internet (19) Google (7) Google Global Cache (3) HLS (5) HSDPA (2) HTTP Adaptive Streaming (5) Handover (1) Huawei (1) IEEE 802.1 (1) IP Routing (7) IPTV (21) IoST (3) IoT (53) KT (40) Korea (19) Korea ICT Market (1) Korea ICT Service (13) Korea ICT Vendor (1) LG U+ (18) LSC (1) LTE (76) LTE-A (16) LTE-B (1) LTE-H (2) LTE-M (3) LTE-U (4) LoRa (7) MPLS (1) MPTCP (3) MWC 2015 (8) NB-IoT (6) Netflix (2) Network Protocol (20) Network Slicing (4) New Radio (8) Nokia (1) OSPF (2) OTT (3) PCRF (1) Platform (2) QoS (3) RCS (3) SD-WAN (15) SDN/NFV (59) SK Broadband (2) SK Telecom (33) Samsung (5) Security (15) Self-Driving (1) Small Cell (2) Spectrum Sharing (2) Switching (6) TAU (2) UHD (5) VR (2) Video Streaming (12) VoLTE (8) VoWiFi (2) Wi-Fi (27) YouTube (6) eICIC (1) eMBMS (1) iBeacon (1) telecoin (1)
Password confirmation
Please enter your registered comment password.