Towards constructive approach to end-to-end slice isolation in 5G networks

Zbigniew Kotulski, Tomasz Wojciech Nowak, Mariusz Sepczuk, Marcin Tunia, Rafal Artych, Krzysztof Bocianiak, Tomasz Osko, Jean-Philippe Wary
2018 EURASIP Journal on Information Security  
Although 5G (fifth generation) networks are still in the realm of ideas, their architecture can be considered as reaching a forming phase. There are several reports and white papers which attempt to precise 5G architectural requirements presenting them from different points of view, including techno-socio-economic impacts and technological constraints. Most of them deal with network slicing aspects as a central point, often strengthening slices with slice isolation. The idea of isolation in the
more » ... network is not new. However, currently considered technologies give new capabilities that can bring added value in this field. The goal of this paper is to present and examine the isolation capabilities and selected approaches to its realization in network slicing context. As the 5G architecture is still evolving, the specification of isolated slices operation and management brings new requirements that need to be addressed, especially in a context of end-to-end (E2E) security. Thus, an outline of recent trends in slice isolation and a set of challenges are presented. The challenges, if properly addressed, could be a step from the concept of 5G networks to proof-of-concept solutions which provide E2E user's security based on slices isolation. Among other things, the key features are proper slice design and establishment, security at interfaces, suitable access protocols, correct virtual resources sharing, and an adaptable management and orchestration architecture (MANO). In conclusion of the paper, short outlines of two of the main secure isolation challenges are given: a proper definition of isolation parameters and designing suitable MANO system. which is close to end users and ensuring an end-toend security services chain realized by virtualized open access physical layer security (PLS). These novel crosslayer approaches to security address such areas as: data confidentiality, data integrity, provider's resources isolation, and authentication and authorization. The security aspects of 5G networks are discussed in 5G-ENSURE project [3] . Main goals of the initiative focus on developing non-intrusive security and privacy mechanisms, which will ensure the following: AAA services, privacy, trust, network management and monitoring, and virtualization isolation for the core 5G architecture. Within the project, the 5G security testbed with proposed security components was demonstrated. The 5G NORMA (Novel Radio Multi-service adaptive network Architecture) [4] project has the key objective to develop a novel, adaptive, and future-oriented 5G mobile network architecture. The created architecture should provide network customizability and, at the same time, ensure meeting requirements associated with rigorous performance, energy saving, cost
doi:10.1186/s13635-018-0072-0 fatcat:ybxlnfjj75fq3jftj66jbobkzi