[Partner Blog – Gemalto] Network Slicing: How 5G Can Transform Mobile Security Across Industry by Leveraging Chains of Trust

5G is one of the most hotly anticipated network technologies in decades. The GSMA, working with mobile network operators and the wider ecosystem, is accelerating its deployment by helping the industry overcome technical barriers and developing a variety of businesses cases for the new technology. One of 5G’s most distinctive features, ‘network slicing’, is attracting considerable attention for its ability to enable an array of disparate sectors to optimise network use according to specific needs. Earlier this month, we interviewed Gemalto’s 5G Strategy & Partnerships Director Paul Bradley to discover more about how network slicing will transform the industry.

5G will fast become a commercial reality through network slicing. That has emerged as a consensus view across the prospective ecosystem for the introduction of 5G services, as we look ahead to rollout in 2020. Network slicing allows operators to create what are essentially private networks tailored to each client’s needs, which both simplifies configuration and enables greatly enhanced agility including configurable speed and latency. With the industry settling on network slicing as the route to 5G’s commercial viability, therefore, we must consider the essential challenge of security. With global concern over digital fraud and privacy as high as it has ever been, consumer confidence is of paramount importance to 5G’s success.

So how is security evolving to accommodate network slicing? Just as the connectivity of each ‘slice’ is tailored to the requirements of the use case – in terms of bandwidth, latency, mobility and so on – so will the security of each be ensured by delineation. Each slice will be securely isolated from one another, sharing only the common security principles of privacy, confidentiality and integrity. They will not only contain slice-specific network functions, but will also host service-provider applications and data that need to be analysed in real-time at the edge of the network, to trigger automated events. For example, an autonomous vehicle would need to be alerted to an obstacle ahead in near-real-time, meaning that the communications latency from the application hosted at the edge of the network to the vehicle itself must be almost invisible.

Data-handling is perhaps the most sensitive of all security concerns in our increasingly connected age.  A record 1.4 billion data records were    As we start to connect almost every capable appliance, the stakes become much higher still. Where security issues around today’s networks concern things like eavesdropping attacks, we will become increasingly concerned with fraudulent triggering of automated actions: will criminals devise ways to open connected doors, siphon energy, or turn off the security apparatus of target premises?

The answer here will come from ensuring that the data flowing from device end-points to the service provider cloud is compartmentalised, so that a given set of sensors can speak only to the corresponding application in the cloud. This might be through a centralised application hosted in a virtualised core network cloud, or a localised application running at the edge of the network which carries out preliminary analysis, and consolidates the data for submission to a service-provider cloud.  By isolating slices we can securely compartmentalise all the separate data flowing along what, at Gemalto, we refer to as secure chains of trust; we can then choose different security mechanisms to authenticate the device to the network and also to the service-provider cloud, and ultimately protect the data flowing along the chain.

Gemalto carried out a study investigating what kind of end-to-end security would be required per 5G use-case. Gemalto considered the power consumption and processing power of a given device; how much the connectivity would add to the devices bill of materials; how much the service provider may be willing to pay the operator for that connectivity, in view of the alternatives; and, most importantly, what the data in transit is worth and the consequences of it being compromised or modified in transit.  We concluded that different degrees of security can be implemented economically – depending on the value of the data and the automated tasks depending on it – based on combinations of credential protection at the device end-point, in concert with network-based detection solutions. Each device connected via a 5G slice can, in short, be configured so as to be operable only within that slice. Criminals can, unlike in eavesdropping scenarios, be shut out on the basis of their point of connection.

5G is of course not solely about faster connectivity. It also presents opportunities to enable revolutionarily disruptive business models, for example through much smarter use of data analytics.  Consider recent disruptions, such as Uber or WeChat: the enhanced customer experiences have come from improvements to existing business models, in way enabled by new technology.  With respect to 5G, while the refrain “data is the new oil” is now well-worn, more precise might be that “insights are the new oil”. Insights are what allow us to make sense of what data can tell us – what gives us capacity to gain a full and accurate understanding of whatever that data relates to. The more data that we can analyse together from many sources, therefore, the more insights we can generate. The role of 5G network slicing in refining data analytics, by helping to move from bulk data aggregation to more targeted collection, could be a crucial one. Need everyone deploying sensors collect every piece of data they may possibly need by themselves, or could a partnership model emerge out of the need for greater efficiency, as the amount of data created continues to skyrocket?

It seems likely to us that the key role of data broker will emerge, to enable anonymised data interchange across network slices in a secure way. Applying machine learning and AI technologies to the data available helps to refine it into meaningful information, producing insights and triggering automated actions in an appropriate way. This ultimately saves users and businesses time by not having to do monotonous manual tasks, bringing productivity and efficiency gains. By organising specific data sets into delineated and secure streams, 5G slicing will provide new methods for this data brokerage to operate in much more targeted ways. And with those data sets streaming along secure chains of trust, to which only network-authorised parties can gain access, it may too begin to set minds at rest over the privacy and ownership of that data. The productivity gains made possible by 5G are profoundly considerable, and by ensuring this user confidence we can expect to enjoy them by 2020 as anticipated.


Next Steps

  • The GSMA has recently published a report entitled ‘An Introduction to Network Slicing’. Click here to download the report.
  • To find out more about the GSMA Future Networks programme, please click here.