Huawei 5G Security White Paper
As mobile broadband begins to reach every corner of the world, people's desire to unfold the blueprint of the coming fully connected world is increasing. In the era where all things will be connected over mobile network. 5G faces security challenges and opportunities brought by new services, architectures, and technologies, as well as higher user privacy and protection requirements. The industry needs to understand the requirements of diversified scenarios and better define 5G security standards and technologies to address the associated risks. During 2018, the 3rd Generation Partnership Project (3GPP) SA3 held seven meetings. 74 companies (including their subsidiaries) sent technical experts to attend the meetings, with the key objective of formulating 5G security standards. The 3GPP SA3 has comprehensively analyzed 5G threats and risks in 17security areas. Security architecture, authentication, security context and key management, radio access network (RAN) security, Security within NG-UE , authorization, subscription privacy, network slicing security, relay security, network domain security, security visibility and configurability, credential provisioning, interworking and migration, small data, broadcast/multicast security, management security, and cryptographic algorithms. Key assets of 5G networks include users' personal data and communication data, hardware and software.
Assets of wireless and core networks, computing resource assets, as well as accounts, passwords, logs, Configurations, and charging data records (CDRs) operated and maintained by operators. Hackers attack wireless networks in an attempt to steal and tamper with users' personal data or compromise the availability of networks or computing resources. According to 3GPP specifications, "The SUPI should not be transferred in clear text over NG-RAN except routing information, e.g. Mobile Country Code (MCC) and Mobile Network Code (MNC)." The Packet Data Convergence Protocol (PDCP) can be used for the air interface and IPsec for transmission to guarantee the confidentiality and integrity of users' personal data. 5G gNodeBs, however, face wireless signal interference on external air interfaces and attacks on protocols to compromise service availability. Some 5G core network elements, such as UDM, process and store users' personal data. As a result, 5G core networks face breach of users' personal data as well as attacks to compromise resource availability. Because the central equipment rooms for core network deployment generally adopt high-level security protection, the risks of malicious invasion can be effectively mitigated.
Huawei released 5G Security white paper, it will describe industry standards, Huawei's approaches, and joint efforts of industry partners.
This 5G security white paper focuses on the following:
- Why is 5G secure? How do experts from industry and standards organizations ensure that 5G security risks can be effectively managed in terms of security protocols and standards as well as security assurance mechanisms?
- Why is Huawei 5G secure? What technical approaches has Huawei adopted to ensure cyber security of Huawei equipment?
- How to ensure 5G cyber security, including Huawei's support for cyber resilience and recommendations on how to deploy and operate 5G networks in a secure manner.
- How to continuously improve the 5G security level from the perspectives of different stakeholders in order to address future challenges.
- Call for stakeholders to work together to ensure that 5G security risks are controllable.
HUAWEI 5G Security White Paper (2019.5) (PDF, 5.16MB)