Abstract
The currently developed 5G networks using MEC technology (5G MEC) allow for the harmonious cooperation of many areas of the economy (called the vertical industries) within an integrated information network. Providing the necessary security in such a complex configuration of business partners requires the design of consistent and effective security architecture. In this paper, we present a new concept of an access control architecture for the 5G MEC network in line with the 5G network model and MEC architecture proposed by international standardization organizations. We give an overview of the high-level security architecture of 5G MEC networks, which provides security solutions for the network’s components and establishes secure access to all cooperating entities. Next, we introduce the MEC Enabler, a new network’s module, which manages security credentials required to access resources of MEC-hosted services. We consider a series of several use cases with increasing demands on network data resources and computing power. Finally, we present a sample protocol diagram for gaining access to resources (authentication in a service using MEC technology) in our access control architecture.
This paper has been supported by The National Center for Research and Development, Poland, under Decision No. DWM/POLTAJ7/9/2020.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Minimum requirements related to technical performance for IMT-2020 radio interface(s), Report ITU-R M.2410-0, ITU (2017)
Blanco, B., et al.: Technology pillars in the architecture of future 5G mobile networks: NFV MEC and SDN. Computer Standards and Interfaces 54(4), 216–228 (2017). https://doi.org/10.1016/j.csi.2016.12.007
Hu, Y.Ch., Patel, M., Sabella, D., Sprecher N., Young, V.: Mobile edge computing. A key technology towards 5G, ETSI White Paper No. 11, September 2015
Harmonizing standards for edge computing - A synergized architecture leveraging ETSI ISG MEC and 3GPP specifications, ETSI White Paper No. 36, July 2020
5G empowering vertical industries, The white paper on vertical sectors published by the 5G Public Private Partnership (2016)
Requirements definition and analysis from vertical industries and core applications, 5G EVE. Deliverable D1.2 (2019)
Kekki, S. et al.: MEC in 5G networks, ETSI White Paper No. 28, June 2018
Ferrag, M.A., Maglaras, L., Argyriou, A., Kosmanos, D., Janicke, H.: Security for 4G and 5G cellular networks: a survey of existing authentication and privacy-preserving schemes. J. Netw. Comput. Appl. 101, 55–82 (2018). https://doi.org/10.1016/j.jnca.2017.10.017
A guide to 5G network security. Conceptualizing security in mobile communication networks - how does 5G fit in? Ericsson AB (2018)
Han, B., Wong, S., Mannweiler, C.H., Rates Crippa, M., Schotten, H.D.: Context-awareness enhances 5G Multi-access edge computing reliability. IEEE Access 7, 21290–21299 (2019). https://doi.org/10.1109/ACCESS.2019.2898316
Nife, F., Kotulski, Z., Reyad, O.: New SDN-oriented distributed network security system. Appl. Math. Inf. Sci. 12(4), 673–683 (2018). https://doi.org/10.18576/amis/120401
Nife, F., Kotulski, Z.: Application-aware firewall mechanism for software defined networks. J. Netw. Syst. Manage. 28, 605–626 (2020). https://doi.org/10.1007/s10922-020-09518-z
Kotulski, Z., et al.: Towards constructive approach to End-to-End slice isolation in 5G networks. EURASIP J. Inf. Secur. 2018(2), 1–23 (2018). https://doi.org/10.1186/s13635-018-0072-0
Kotulski, Z., Nowak, T., Sepczuk, M., Tunia, M.: 5G networks: types of isolation and their parameters in RAN and CN slices. Comput. Netw. 171, 107135 (2020). https://doi.org/10.1016/j.comnet.2020.107135
Aikat, J., et al.: Rethinking security in the era of cloud computing. IEEE Secur. Priv. 15(3), 60–69 (2017). https://doi.org/10.1109/MSP.2017.80
Kumar, R., Goyal, R.: On cloud security requirements, threats, vulnerabilities and countermeasures: a survey. Comput. Sci. Rev. 33, 1–48 (2019). https://doi.org/10.1016/j.cosrev.2019.05.002
ENISA Threat Landscape for 5G Networks. Threat assessment for the fifth-generation of mobile telecommunications networks (5G), European Union Agency for Cybersecurity, November 2019
Gong, S., Azzaoui, E.L., A., Cha, J., Park, J.H.: Secure secondary authentication framework for efficient mutual authentication on a 5G data network. Appl. Sci. 10(2), 727 (2020). https://doi.org/10.3390/app10020727
Ji, X., Huang, K., Jin, L., et al.: Overview of 5G security technology, SCIENCE CHINA. Inf. Sci. 61, 081301:1–081301:25 (2018). https://doi.org/10.1007/s11432-017-9426-4
Silva, E.F., Muchaluat-Saade, D.C., Castro Fernandes, N.: ACROSS: a generic framework for attribute-based access control with distributed policies for virtual organizations. Future Gener. Comput. Syst. 78(1), 1–17 (2018). https://doi.org/10.1016/j.future.2017.07.049
Baltaci Akhuseyinoglu, N., Joshi, J.: A constraint and risk-aware approach to attribute-based access control for cyber-physical systems. Comput. Secur. 96, 101802 (2020). https://doi.org/10.1016/j.cose.2020.101802
ISO/IEC: ISO/IEC 7498–1:1994(E) Information technology - open systems interconnection - basic reference model: the basic model (1996)
Arfaoui, G., et al.: A security architecture for 5G networks. IEEE Access 6, 22466–22479 (2018). https://doi.org/10.1109/ACCESS.2018.2827419
Security architecture and procedures for 5G System (3GPP TS 33.501 version 16.3.0 Release 16), ETSI TS 133 501 V16.3.0, August 2020
Functional architecture and information flows to support Common API Framework for 3GPP Northbound APIs, 3rd Generation Partnership Project, Technical Specification Group Services and System Aspects, 3GPP TS 23.222 V17.1.0, July 2020
Li, C., et al.: Transparent AAA security design for low-latency MEC-integrated cellular networks. IEEE Trans. Veh. Technol. 69(3), 3231–3243 (2020). https://doi.org/10.1109/TVT.2020.2964596
Doan, T.V., et al.: Reusing sub-chains of network functions to support MEC services. In: IEEE Symposium on Computers and Communications (ISCC), Barcelona, Spain, pp. 1–8 (2019). https://doi.org/10.1109/ISCC47284.2019.8969699
Brik, B., Frangoudis, P.A., and Ksentini, A.: Service-oriented MEC applications placement in a federated edge cloud architecture. In: IEEE International Conference on Communications (ICC), Dublin, Ireland, pp. 1–6 (2020). https://doi.org/10.1109/ICC40277.2020.9148814
5G; Procedures for the 5G System (5GS) (3GPP TS 23.502 version 16.5.0 Release 16), ETSI TS 123 502 V16.5.0, July 2020
Sabella, et al.: Developing software for multi-access edge computing, ETSI White Paper No. 20, February 2019
Jones, M., Bradley, J., Sakimura, N.: JSON Web Token (JWT), Internet Engineering Task Force, RFC 7519, May 2015. https://doi.org/10.17487/RFC7519
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Kotulski, Z., Niewolski, W., Nowak, T.W., Sepczuk, M. (2021). New Security Architecture of Access Control in 5G MEC. In: Thampi, S.M., Wang, G., Rawat, D.B., Ko, R., Fan, CI. (eds) Security in Computing and Communications. SSCC 2020. Communications in Computer and Information Science, vol 1364. Springer, Singapore. https://doi.org/10.1007/978-981-16-0422-5_6
Download citation
DOI: https://doi.org/10.1007/978-981-16-0422-5_6
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-0421-8
Online ISBN: 978-981-16-0422-5
eBook Packages: Computer ScienceComputer Science (R0)