5G-ENSURE Security and Privacy Enablers

 In News, Press releases

5G-ENSURE sets out to become the 5G PPP reference project for 5G security, privacy and trust through iterative releases of its enablers based on a series of Technical Roadmaps. An initial set of enablers has been released and are openly specified, developed, released and documented in manuals.

The enablers focus on five technologies:

  • Authentication, Authorisation and Accounting (AAA): 5G-ENSURE will advance secure functions to support 5G use cases. Impact: 5G support for IoT and satellite systems. Trust and liability levels.
  • Privacy: 5G-ENSURE will increase users’ assurance and confidence in 5G through enhanced user data protection implemented with solutions at several layers. Impact: Creation of services and business models on top of 5G.
  • Trust: 5G-ENSURE will deliver tools using new trust models, including M2M interactions. Impact: Trustworthy dynamic 5G multi-stakeholder system.
  • Security Monitoring: 5G-ENSURE will focus on security by operations, i.e., monitoring and auditing 5G security. Impact: Resilient 5G system to implement new services.
  • Network Management & Virtualisation Isolation: 5G-ENSURE will focus on a secure network control plane including virtualised networks and network services. Impact: Mitigate security threats in SDN.

The second wave of 5G security enablers is now under specification and most of them be software released by end of the project in October 2017, thus contributing to further advance 5G Security Vision within 5G-PPP community and beyond.

Enabler Short Description Partner and contact for external use
AAA: Internet of Things (IoT) The IoT Enabler provides new definitions of protocols for credential management and authentication of users and devices, such as sensors, actuators, and IoT devices in general. The Enabler will look at the authentication of USIM-less devices, BYOi scenarios and group authentication as means to build specific support for IoT devices. Guide SICS

thomas.carnehult(Replace this parenthesis with the @ sign)ri.se

markus.ahlstrom(Replace this parenthesis with the @ sign)ri.se">Markus Ahlstrom

AAA: Fine-grained authorisation The goal of the fine-grained authorisation enabler is to provide a secure fine-grained access control to resource constrained devices. Access control paradigm based on RBAC and ABAC are taken into account by different standards and are common today. This enabler proposes to reuse these existing technologies for services and interconnected resource access control, with the constraints of these resources in mind. Guide Thales Alenia Space

gorka.lendrinovela(Replace this parenthesis with the @ sign)thalesaleniaspace.com">Gorka Lendrinovela sebastien.keller(Replace this parenthesis with the @ sign)thalesgroup.com">Sebastien Keller

Privacy Enabler: Enhanced Identity Protection The enabler aims to provide long term identifiers (IMSI) protection basically by means of asymmetric encryption techniques and use of dynamic random or pseudorandom pseudonyms instead of IMSIs. Guide TIIT

luciana.costa(Replace this parenthesis with the @ sign)it.telecomitalia.it">Luciana Costamadalina.baltatu(Replace this parenthesis with the @ sign)it.telecomitalia.it">Madalina Baltatu

Privacy Enabler: Device Identifier Privacy The enabler aims to provide anonymisation techniques on the user’s device, offering Privacy Enhanced Attachment (PEA), which provides protection against device identity (and possibly also user identity) disclosure and unauthorised device/user tracking. Guide University of Oxford

piers.ohanlon(Replace this parenthesis with the @ sign)cs.ox.ac.uk">Piers O’Hanlon

Trust Enabler: Trust Builder Provides a knowledge base of 5G assets, threats and controls and a user interface to define a system, assess threats and choose controls. Guide IT INNOVATION

ms(Replace this parenthesis with the @ sign)it-innovation.soton.ac.uk">Mike Surridge

Trust Enabler: Trust Metric Aggregates network monitoring data (related to trust) into a single trustworthiness metric. Focus is on micro-segmentation. Guide VTT

Pekka.Ruuska(Replace this parenthesis with the @ sign)vtt.fi">Pekka Ruuska

Trust Enabler: VNF Certification Enabler Provides a Digital Trustworthiness Certificate (DTwC) to certtify trust aspects of a VNF. Guide Thales Group (TCS)

sebastien.keller(Replace this parenthesis with the @ sign)thalesgroup.com">Sebastien Keller

Security Monitoring Enabler: Satellite Network Monitoring (SatNav)
The main goal of this security enabler is to provide pseudo real-time monitoring and threat detection in 5G integrated satellite and terrestrial systems. Guide Thales Alenia Space

gorka.lendrinovela(Replace this parenthesis with the @ sign)thalesaleniaspace.com">Gorka Lendrinovela

Security Monitoring Enabler: PulSAR (Proactive Security Assessment and Remediation) The purpose of PulSAR is to provide a clear view on cyber attack’s progression though attack graphs. Guide Thales Group (TS)

Olivier.Bettan(Replace this parenthesis with the @ sign)thalesgroup.com">Olivier Bettan


Security Monitoring Enabler: Generic Collector Interface The enabler aims to enable the interoperability between events and logs, in order to allow FastData technologies to be deployed inside the 5G Network. The enabler provides a unique format of log and events. Guide ORANGE

jeanphilippe.wary(Replace this parenthesis with the @ sign)orange.com">Jean-Philippe Wary

Security Monitoring Enabler: System Security State repository ​Captures the system state in a model that can be visualised and analysed to understand what threats are present and check compliance with the design. Guide IT INNOVATION

ms(Replace this parenthesis with the @ sign)it-innovation.soton.ac.uk">Mike Surridge

 Network Management and VIrtualisation Enabler: Access Control Mechanisms Enforcement of access control policies that account for the southbound API of an SDN controller. A policy specifies which network applications, which run on top of the SDN controller, are allowed to send which OpenFlow messages to which data plane components. Guide NEC

felix.klaedtke(Replace this parenthesis with the @ sign)neclab.eu">Felix Klaedtke

Network Management and Virtualisation Enabler: Component-interaction Audits Verification (during runtime or offline) of the interactions between multiple network components (e.g., network applications, controller, and switches) with respect to simple policies about the components’ exchanged OpenFlow messages. Guide NEC

felix.klaedtke(Replace this parenthesis with the @ sign)neclab.eu">Felix Klaedtke

Network Management and Virtualisation Enabler: Bootstrapping Trust This enabler addresses impersonation attacks on network components by attesting the integrity of network edge prior to enrolling them into the SDN deployment. Guide SICS

nicolae.paladi(Replace this parenthesis with the @ sign)ri.se">Nicolae Paladi

Network Management and Virtualisation Enabler: Micro-segmentation Network management enabler for single and multi-domain software networks that will facilitate dynamic arrangement of micro-segmentation, i.e., creation deletion, merging, and splitting of micro-segments. With micro-segmentation it would be possible to create secure segments where more granular access controls and stricter security policies can be enforced. Guide VTT

Kimmo.Ahola(Replace this parenthesis with the @ sign)vtt.fi">Kimmo Ahola | Olli.Mammela(Replace this parenthesis with the @ sign)vtt.fi">Olli Mammela

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.