5G and Privacy - Webster University Geneva · 2019-02-08 · “Differently from previous telecom...
Transcript of 5G and Privacy - Webster University Geneva · 2019-02-08 · “Differently from previous telecom...
5G and Privacy
- Diversification of Services and Tenants -
Dr. Artur HeckerDirector Future Network Technologies
Munich Research CenterHuawei Technologies, GermanyContact: [email protected]
Preliminary thoughts on 5G and privacy aspects
Why? Most of real IoT today is cellular
Mostly seen from the Core network research perspective
The opinions expressed herein are strictly personal
About this talk
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 2
Public Land Mobile Networks
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 3
Also called Cellular or Mobile Networks
Success story started in 1992 with GSM (so-called 2nd Generation, 2G)
10 year generation cycles in definition, standards, R&D, deployment, etc.
1990: GSM; 2000: 3G; 2010: 4G, 2020: 5G
Since mi 90s: by 3GPP
3GPP output becomes ETSI norms
Tremendously successful
Source: GSMA, https://www.gsma.com/mobileeconomy/wp-content/uploads/2018/05/The-Mobile-Economy-2018.pdf
WORLD GLOBAL
PLMN: Basic Principles
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 4
Digital radio, hierarchical telco system
Service for mobile equipment from terrestrial radio towers organized through a core network
UE | RAN | CORE; separate user, control and management planes
Support for UE mobility with session continuity (mainly MBB service)
Requires continuous awareness of the “network” about the location of the UE
Since 2G: call from the train or car. Since 4G: “always on” Internet access service
Integrated subscriber management
Subscriber = IMSI (international mobile subscriber identity, “+49 171 12345678”)
Links contract (Mr. John Doe, payment) and technical provisions (authorizations, service types, …)
Philosophy
Operators are trustworthy, local States have the jurisdiction, technology to be adapted accordingly
Development of PLMN
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 5
Source: GSMA, https://www.gsma.com/mobileeconomy/wp-content/uploads/2018/05/The-Mobile-Economy-2018.pdf
Personal Data Protection – Regulatory Aspects
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 6
Operation subject to restrictions on the user data usage
Directive 95/46/EC (data protection)
Directive 2002/58/EC (privacy)
Directive 99/5/EC (radio equipment)
ETSI TR 187 010 - identity management
Other regulations (anti-terrorist laws, etc.)
No contract without a valid ID presentation, i.e. no anonymous SIM cards
Lawful interception
Special exceptions for disclosing of PII with law enforcement agencies: obligatory for service providers
Newer regulations
eIDAS Regulation, GDPR: establish trust in the Digital Single Market
- legal obligations to preserve a user's control of their identity in electronic communication
- obligations intended to avoid frauds
Data fusion and re-identification
Data breaches
Service termination / inaccessibility
Lock-in mechanisms
Malware
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 7
Over-collection
Mis-contextualization
User impersonation
Alteration of ownership / access
rights
Alteration of persistence
Threats to Personal Data
Cmp. ETSI TR 103 304 V1.1.1
Protection of Personal Data – Technology Aspects
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 8
Generalized cryptography usage (depending on the local jurisdiction)
Subscriber authentication using SIM card and the HSS (since 3G: mutual)
Enciphering of user payload on the radio link (since 3G: enciphering and integrity protection)
IT engineering for system protection
Pseudonyms on recurrent operations (a so-called TMSI can be used instead of IMSI)
Access controls within the control and management planes
Lawful interception
Standardized LI solutions for voice, conferencing, IMS-based services, messaging (SMS, e-mail, etc), and
Internet access
Known weak points
Roaming scenarios, SMS, internal signaling protocols, external correlation of system identifiers
4G: Implementation Architecture
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 9
Source: “Survey on Threats and Attacks on Mobile Networks”, IEEE Access, vol 4, August 2016
A system engineered to
provide mobile service to
subscribers
Subscribers: humans with handhelds
Target: always on data service
The composition of system
entities realizes the service
Reliable yet rigid
Options are contradictory
• 1 ms E2E latency (radio)
• 10Gbps per connection
• 1,000K connections per km2
• 500km/h high-speed
• Slicing network architecture
Goal: One Network Fits All Applications with High Flexibility
Ultra High Reliability Ultra Low LatencyUltra High Throughput
Smart Manufacturing Connected CarAugmented Reality
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 10
5G Use Cases
5G: Key Requirements from Business
From Huawei WP
Integration of vertical industries (Mission-)critical services
mMTC, uRLL, eMBB
Diversity of services Rapid service deployment
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 11
5G Slicing: Common Understanding
Definition: 5G E2E Network Slicing is a concept for running multiple logical networks (which could be customized and with guaranteed SLA)
as virtually independent business operations on a common physical infrastructure.
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 16
Potential Business Cases Cloud and Connectivity are the dual engines of digital transformation.
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 17
Logical Architecture for V2V Mobility
eNB
MME’
HSS
Logical Architecture
RAN CORE
MME, SGW
PGW
RU, DU
PGWSGW
MME
eNB
PCRF
HSS
GTP-U
GTP-C
Physical Network
IP backhaul
4G: single, unique LTE EPC
Logical Architecture for legacy MBB
RAN CORE
COTS Platform
Data Center
RU, DU PGWSGW
MME
eNB
PCRF
HSS
GTP-U
GTP-C
Physical Network
IP backhaul
5G, with slicing
Logical Architecture for MTC
vPGWeNB
PCRF
HSS
Slicing produces multiple versions of all instancesExamples (for cars, sensors, mobiles):- Mobility handlers- Connectivity handlers- Authentication handlers- Session handlers
Yet, many of these instances are similarAtomic FunctionsFunction Composition
Slicing and Modular Architecture
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 18
From 3GPP TR23.799Key issue 1: Support of network slicingKey issue 2: QoS frameworkKey Issue 3: Mobility management frameworkKey issue 4: Session managementKey issue 5: Enabling (re)selection of efficient user plane paths Key issue 6: Support for session and service continuityKey issue 7: Network function granularity and interactions between them Key issue 8: Next Generation core and access - functional division and interfaceKey Issue 9: 3GPP architecture impacts to support network capability exposure Key issue 10: Policy FrameworkKey issue 11: ChargingKey issue 12: Security frameworkKey issue 13: Broadcast/Multicast CapabilitiesKey Issue 14: Support for Off-Network CommunicationKey Issue 15: NextGen core support for IMSKey Issue 16: 3GPP system aspects to support the connectivity of remote UEs via relay UEs Key Issue 17: 3GPP architecture impacts to support network discovery and selectionKey Issue 18: Interworking and MigrationKey Issue 19: Architecture impacts when using virtual environmentsKey issue 20: Traffic Steering, Switching and Splitting between 3GPP and non-3GPP AccessesKey Issue 21: Minimal connectivity within extreme rural deployments
In red: priority key issues
The general direction is being standardized by 3GPP
3GPP: Slicing and atomic functions in standardization
3GPP Release 15 Working Model: TS23.501Modularization as key design elementAlso: Service-Based Architecture
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 19
NGMN: slice templates as representations of long term business contracts
First 5G-relevant release, on time but mainly MBB-oriented
Defines New Radio (NR) and 5GC (5G Core Architecture)
Core Network Architecture with SBA: TS 23.501, TS 23.502, TS 29.500 ready
Management plane work still ongoing (SA5, 28.xxx series)
Rel 16 expected to sharpen
URLLC work
mMTC work
V2X
NWDA
eSBA
Many procedures in general
3GPP Release 15
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 20
Drivers/enablers of the transformation
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 21
The magic triangle for realizing slicing:
Orchestration (mgmt)(MANO, Heat, ZooKeeper, VNE, …)
Software-Defined
Networking(SDN, ForCES,
I2RS) Network Function Virtualization
(NFV, MEC)
SDN ControllerVirtual
Infrastructure Manager
NFVSDN
NE1 CEkNEk CE1 CE2
Orchestrator
Current Reference Model
Problematic:- Artificially classifies network functions- Single entity capacity restrictions/limits- Failure treatment- Distributed network functions
S1S2 S3
S4C1
C2
C3
C4
S5S6
NF4
NF2
NF3
Continuous creation and removal of numerous components
Paths and end-points are part of the potentiallycritical internal network function realization
NF1
Guaranteed, correct execution of all this is required:- Correct local execution of hundreds of thousands of components
- Shared with other executed components, yet guaranteed – scheduling
- Correct, guaranteed interconnection of components in spite of contention- Timely control of all this
- For creation/migration, path QoS, execution guarantees, checks, quotas, …
- Correct function of the executing environment- Including all resources (compute, network)- … and their control systems
5G requires more than best effortbecause of its own realization
Slicing: from HW Composition to SW CompositionPlethora of modules/paths - must work correctly any time
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 22
5G: A metaphor
Ready to use• Can type a text straightawayHardware defines the service (1 service)• Hardware limitations = service limits
Not ready to use• Need to install and start MS Word first (mgmt)• Need to execute MS Word (runtime control)
• Runtime resource allocation (CPU, memory, disk)• In parallel to other applications
Software defines the service (N services)• Hardware limitations = service quality limits
4G 5G
NFV/SDN
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 23
#Slices X (#NF types per slice) X (#NF instances)
~1000 X ~10 ~10 = 105X
We need a lot of automation, i.e. control!
e.g. according to NGMN, operators cf. 3GPP NextGen SA2, RAN3
Number of Paths between modules: worst case scales in O(#NFI2)ϵ [106 ; 1010]
Example. Depends on type and load.e.g. how to serve billions of IoT/M2M devices?
of NF Instancesrunning in the network
Number of modules (#NFI) =
On the expected scalesNumber of modules, number of paths
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 24
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 25
Possible future of mobile systems:An on-demand interconnection of many virtual and physical entities
5G: changes on the horizon
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 26
Multiple Tenants / Multiple Slices
Advent of business users in cellular systems
More and more diversified subscribers
Potential to a more complex realization
IT/telco, virtual-physical, cloud/network, small cells
More modules/functions, more flavors, more instances
Virtualization: unrelated, unknown, shared platform usage. Curious cloud providers
Function-external user state (e.g. SBA SMF accessing external USM data)
“Differently from previous telecom scenario where user data was mostly accessible from network functional elements, several
kinds of information are today easily accessible from terminal equipments or end user devices, through open and specialized
Application Programming Interface (API). Thus, it may be difficult to have a priori knowledge of who may need access to users'
data, when and where this may happen and whether that data could be or contain PII” (from ETSI TR 103 304 V1.1.1)
Slicing and network softwarization are new challenges in networking
5G is all about vertical businesses
Potential new privacy problems due to a more complex environment
Multi-tenancy by design
New service types – new data exchanges and flows, new PII => requires new protective measures
Virtualization / external platforms
New market actors
New markets for operators, with different regulation (eHealth)
Conclusions
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 27
Normative References
A. Hecker | Geneva, Switzerland | June 1, 2018 5G and Privacy 29
3GPP TS 22.261 (requirements)
3GPP TS 23.501 (system architecture)
3GPP TS 23.502 (core network procedures)
3GPP TS 29.500 (implementation aspects)
ETSI TR 103 304 V1.1.1 (2016-07)
http://www.etsi.org/deliver/etsi_tr/103300_103399/103304/01.01.01_60/tr_103304v010101p.pdf
ETSI TR 101 567