5G Security

Standalone 5G poses new challenges for the mobile service provider, with a wide array of new technologies and techniques being introduced into the network architecture, all of which must be secure. This course takes an end to end view of 5G security, first of all determining what assets are applicable to the 5G architecture and which threats are relevant. The course then moves on to examine the security techniques being relied upon to provide end to end security, before concluding with a detailed analysis of 5G Authentication and Key Agreement.

Available as On Demand

This course is available as On Demand (e-learning / self study) with 6 months access to the training material.

Course outline

5G Assets and Threats

Topic areas covered include:

  • What are We Protecting?:
    - 5G System Architecture.
    - Critical Assets.
  • General Threat Landscape for 5G Networks:
    - General Threat Landscape Overview.
    - Spoofing Identity.
    - Tampering with Data.
    - Repudiation.
    - Information Disclosure.
    - Denial of Service.
    - Privilege Elevation.
  • 5G Core Network Threats:
    - 5G Core Network Threats Overview.
    - AMF Assets and Threats.
    - SMF Assets and Threats.
    - UPF Assets and Threats.
    - UDM Assets and Threats
  • Access Network Threats:
    - Access Network Threats Overview.
    - gNB Assets and Threats.

5G Architectural Security

Topic areas covered include:

  • Supporting Security in 5G:
    - 5G Security Overview.
    - Standards Bodies.
  • Protecting Service Based Interfaces – HTTPS:
    - TLS Overview.
    - TLS Operation.
    - Certificate Exchange.
    - TLS Cipher Suites.
  • Protecting the 5G SBA - OAuth 2.0:
    - OAuth 2.0 Basic Concept.
    - Access Token Acquisition.
    - Access Token Utilization.
  • Securing AN to CN Communication:
    - IPSec in 5G.
    - IPSec Basic Operation.
    - Establishment of gNB Security Associations.
  • End to End Security Considerations:
    - Network Slicing – NSSAAF and NSACF.
    - Multi access Edge Computing.
    - Protecting the Subscriber Identity.
  • Roaming Security:
    - Security Edge Protection Proxy.
    - PRINS.
    - IPUPS.
    - Steering of Roaming Protection.

5G Authentication and Key Agreement

Topic areas covered include:

  • 5G Cryptographic Processes:
    - 5G Security Algorithms.
    - Authentication and Key Agreement.
    - AV Generation.
  • 5G AKA:
    - Mutual Authentication.
    - High Level 5G AKA Procedure.
    - Generation of 5G-SE-AV.
    - Device Authentication.
    - Authentication Confirmation.
  • Key Derivation and Usage:
    - Encryption and Integrity Checking.
    - Key Derivation Process.
  • Security Procedures:
    - Key Distribution in 5G.
    - NAS Signalling Security.
    - RRC Signalling Security.
    - Periodic Local Authentication.