Date: Tuesday October 1, 2019
Room: Conference Room 3
Title: 5G, IoT and Trusted Computing: Security Challenges and Security Opportunities
While trusted computing, the standards and hardware have been around for twenty years or more, their uptake in even server equipment has been superficial to say the least. Firmware security overall and the firmware supply-chain is extremely weak and fragile. Now that 5G is starting to be deployed we have an extremely strong focus on end-to-end security and trust from the core NFV systems, across the Edge and IoT in one dimension, vertically from hardware to workload to data provenance and further across the supply-chain. This gives the impetus to focus on building not just security, but trusted and thus trustable system from manufacture to deployment. Technologies such as Trusted Platform Module (in various guises) provide a basis for device identity and integrity – a critical component of IoT system – but with a set of challenges regarding update, mobility and dynamicity that we repercussions over the 3 dimensions described earlier. In this talk we will explore what is achievable, what is required and what remains to be done and the challenges and opportunities that lie ahead in providing trusted and trustworthy 5G.
Speaker: Ian Oliver, Nokia
Title: 5G security and privacy – a standardization perspective
3GPP SA3 security working group has the overall responsibility for security and privacy in 3GPP systems. Based on threat analyses, the group determines the security and privacy requirements for 3GPP systems, and specifies the security architectures and protocols. After providing an overview of the 5G working areas handled by the SA3, Dr. Anja Jerichow will highlight 5G security and privacy features of the first release of the 5G System (Rel-15), and give an outlook of enhancements currently discussed in Rel-16.
Speaker: Anja Jerichow, Nokia Bell Labs
Title: Bootstrapping Authentication and Authorization solutions for IoT in 5G standard communication technologies
The Internet of Things (IoT) has revolutionized our lives as it has paved the way for a plethora of applications and services never imagined few time ago. Undoubtedly, the IoT ecosystem will be integrated as part of the upcoming 5G paradigm. Before the final development and deployment of 5G systems,a lot of effort is being devoted to the security aspects of this novel architecture. It is envisioned that by the convergence of these technologies our daily life will be almost continuously connected, hence several challenges related to security and privacy emerge.The main goal of this presentation is to analyze the main security issues that must be addressed by LP-WAN technologies, and the implications on the development of future 5G deployments. The presentation aims to focus on current research proposals and standardization efforts related to authentication and authorization aspects in emerging LP-WAN technologies, such as NB-IoT, LoRaWAN.
Speaker: Dr. Antonio Skarmeta, Universidad de Murcia
Title: V2X in 5G Era: Achieving Security, Privacy and Trust in Blockchain Way
Today 5G communication networks connect much of the world’s populations, including the incumbent V2X networks, providing accessibility to global information, and services. 3GPP C-V2X and DSRC (IEEE 802.11p) both stand out as the mainstream technologies and innovations for connecting vehicle to vehicle (V2V) , vehicle to infrastructure(V2I), or in general vehicle to everything (V2X) . However we also observe the slow adoption of the these technologies in today’s automobile industries due to various concerns, among which, Security and Privacy top the list. Automotive sensors and on board systems usually equipped with weak or zero security protection which are not complying with industrial security and safety standard, such as ITS, ISO 26262 etc. There are some increasing security and privacy risks associated with V2X networks, i.e Safety signal tempering and jamming; User identification spoofing and tracking; OTA data breaching and spoofing; Privacy information abuse, such as location, behavior information etc. To counter the risks, there are many cybersecurity technologies are being deployed to provide strong security, such as: Implementing X.509 PKI based authentication and authorization, employing high order cryptographic algorithms, etc. These technologies significantly improve the security and privacy in V2X networks, but they also demonstrate pitfalls or shortcomings, such as: Vehicle Identification Registration, Authentication and Authorization are more relying on the centralized AAA servers and infrastructures. SPF (Single Point Failure) could result in the collapse of the total V2X networks; User Private Data, such as, Voice, Video, location information are involuntarily shared with requesters, without the consensus from the user; Autonomous Driving is heavily depending on the firmware OTA, the integrity and transparency of the data needs to be guaranteed; Etc. Over the last decade, Blockchain has emerged as one of the most successful technologies in industry. In this presentation, we introduce a framework of fully distributed, consensus driven vehicle networks, based on a set of Rapid and leaderless Byzantine Fault Tolerance (BFT) protocols. These protocols provide the strong security and privacy assurance required by the regulations in different regions and industrial business practices. By combing with network attestation methodologies, the protocols can also present a trustworthy V2X networks to build the foundations towards true autonomous driving in the future.
Speaker: Rob Sun, Huawei