Securing connected
and mobile services

New Mobile Security Industry Paper Analyses 5G Security Requirements

Paper calls for security to be built into 5G from the outset, to address varying requirements across market segments

18 February 2016 – SIMalliance has published a new white paper, which analyses security needs across four market segments for 5G – Massive IoT, Critical Communications, Enhanced Mobile Broadband and Network Operations. The paper, titled ‘An Analysis of the Security Needs of the 5G Market’ [insert link], concludes that while requirements will differ across each market segment, the need for security and privacy in 5G networks will be fundamental across them all. As a result, the paper calls for security to be built into the yet-to-be-determined 5G standard from the very outset.

When compared to 4G, 5G networks are expected to provide greater throughput, higher connectivity density with low latency, better coverage, greater reliability, efficient handover between heterogenous RATs and a higher mobility range with much greater service differentiation than previous network technologies. These features will be provided by different network layers. Security, privacy, trust and identity must therefore be delivered within a highly diverse technical and functional environment.

The paper finds that security needs and threats will vary by market segment and use case, because service specific technologies will themselves vary in terms of complexity, speed and attractiveness as attack targets. For example, at one end of the spectrum, there are low cost sensors in IoT that will require extended lifespans but may only need to be polled once a day or even less frequently, exchanging very small amounts of data. At the other end, there are emergency services within the Critical Communications segments, with corresponding high speed, low latency requirements in order to have access to information in real-time to save lives.

The paper, which is aimed at non-technical readers, identifies threats that, amongst others, may come from attack agents using IoT devices to access the network, to cloned equipment impacting network quality of service, to man in the middle attacks interrupting remote surgery or first responder services, or simply phishing attacks.

Commenting on the release of the paper, Hervé Pierre, Chairman of SIMalliance says: “It is early days for 5G. While the industry has a clear vision of services that it hopes 5G will facilitate, much remains to be determined on the technical front with standardisation activities just beginning.

“The aim of this paper is to provide a preliminary, much needed analysis of security requirements across the different 5G segments, to help inform the standardisation process. From our analysis, it is clear that each of these segments has different business, technical and security requirements, which may necessitate different solutions. Yet one thing is clear; security and privacy will remain absolutely fundamental requirements in 5G, as they have always been for mobile applications and services across devices that access wireless networks, if not more so. This is especially so, as the changes foreseen for 5G are likely to broaden the range of attractive attacks targets and elevate vulnerabilities. For this reason, the paper strongly concludes that it is crucial that security is considered and built into the 5G standard right from the very beginning.

“SIMalliance invites engagement with interested industry participants in the emerging 5G ecosystem, in order that tamper-resistant hardware-based device security can be explored as an option, and fine–tuned as necessary, to protect 5G networks and the many new services which will be deployed across the various market segments.”

An Analysis of the Security Needs of the 5G Market, can be downloaded for free from the SIMalliance website. The SIMalliance’s next step will be to publish a technical paper on 5G later in 2016.

 

-Ends-

Note to Editors:

About SIMalliance (Security, Identity, Mobility)

SIMalliance is the global, non-profit industry association which simplifies aspects of hardware-based device security to drive the creation, deployment and management of secure mobile services. The organisation promotes the essential role of  a dedicated tamper resistant hardware module in delivering secure mobile applications and services across all devices that can access wireless networks. By identifying and addressing related technical issues, and both clarifying and recommending existing technical standards relevant to the implementation of hardware security, the SIMalliance aims to facilitate and accelerate delivery of secure mobile applications globally.

SIMalliance members represent 90% of the global SIM card market. As such, the SIMalliance’s membership is responsible for delivering the most widely distributed secure application delivery platform in the world (UICC/SIM/USIM).

SIMalliance members are Card Centric Solutions, Eastcompeace, Gemalto, Giesecke & Devrient, Incard, Kona I, Morpho, Oasis Smart SIM, Oberthur Technologies, VALID, Watchdata, Wuhan Tianyu and XH Smartcard (Zhuhai) Co. Ltd.

SIMalliance Strategic Partners are Comprion, Linxens and Movenda.

For more information visit www.simalliance.org

Press contact:

Lucy Smith
iseepr
+44 (0) 1943 468007
lucy@iseepr.co.uk