Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected...
Transcript of Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected...
![Page 1: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/1.jpg)
Security Needs for IoT: Now and in a 5G Future
Bertrand Moussel
Board Member, SIMalliance
ETSI IoT Workshop – 25 October, 2017
![Page 2: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/2.jpg)
SIMalliance: Who we are
SIMalliance members represent 90% of the global SIM market and deliver
the most widely distributed secure application delivery platform in the world (UICC/SIM/USIM)
![Page 3: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/3.jpg)
Security challenges in a connected world
* https://www.juniperresearch.com/document-library/white-papers/cybercrime-the-internet-of-threats-2017
Juniper Research predicts there will be 46 trillion
connected devices by 2021*
Trillions of connected devices
+
Unprecedented new IoT / M2M use cases
+
5G / further IoT expansion
=
Connected society grows increasingly vulnerable....
![Page 4: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/4.jpg)
What is 5G?
Low latency
High reliability
High throughput
High connectivity density
Best available coverage
High mobility range
Network operations
Massive IoT Enhanced mobile broadband
V2X Critical communications
![Page 5: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/5.jpg)
The 5G network: security from the outset
Network of networks
Consistent user experience
Progressive security
challenges
Growth in range of attack
targets
![Page 6: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/6.jpg)
Network slicing and security
![Page 7: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/7.jpg)
A multi-layer security model
Download the white paper to find out more
http://simalliance.org/wp-
content/uploads/2016/02/SIMalliance-5G-
Security-Technical-Paper.pdf
![Page 8: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/8.jpg)
Security requirements in 5G use cases
Key security requirements
Mobile edge
Authentication policies
for ultra low latency
Data authenticity
Privacy
Trust
Massive IoTCritical
communicationsV2X
Mobile
broadband
![Page 9: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/9.jpg)
Security recommendations by 5G segment
• Data value, not
device cost
• Power efficient
• Lifetime security
• Digital rights
management
• Prevent
MSISDN
takeover
• Fast re-
authentication
• Seamless
security without
security
bottleneck
• Highest
application layer
security grades
• High speed
crypto-
processing
Massive IoT Enhanced Mobile
Broadband
Critical Communications V2X
![Page 10: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/10.jpg)
Secure provisioning is vital
Unique device and user identity
Network and service level
access
Network and service level
authentication credentials
Cryptographic keys and
application identifiers
![Page 11: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/11.jpg)
Key security recommendations for 5G
Secure storage for AKA and service level credentials, based upon use case
Certification and qualification
Power efficient algorithms and policies
Quantum safe cryptography for lifetime security
![Page 12: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/12.jpg)
Technology Options: eUICC, TEE or SoftSIM
eUICC
• UICC supporting remote provisioning
• Separate, tamper resistant hardware module
• Own SIM OS and data storage separated from
device
• Certifiable and GSMA specified.
TEE based SIM
• Isolated, trusted area of main processor in
connected device
• Stores, processes and protects SIM OS and data
• Weak protection, several TEE hacks
• Not standardised.
SoftSIM
• Software applications and data with functionality of a
SIM card
• Stored in memory and processor of device
• Not possible to protect network & App assets
• Not standardised.
For use cases of critical nature, eUICC is
the most secure option.
To find out more, please download our white paper
from www.simalliance.org:
”5G Security – Making the Right Choice to Match
your Needs”
![Page 13: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/13.jpg)
SIM market monitoring data
• SIMalliance publishes annual data on SIM shipments.
• Data is reliable thanks to SIMalliance’s global footprint (approx 90% of the total market).
• Data comes from a blind process. Members declare actual quarterly deliveries (not forecasts). Only aggregated figures are known.
• Data is available, via annual subscription, on a quarterly basis.
![Page 14: Security Needs for IoT: Now and in a 5G Future · 2017-10-25 · Security challenges in a connected world ... Unprecedented new IoT / M2M use cases + 5G / further IoT expansion =](https://reader033.fdocuments.us/reader033/viewer/2022050114/5f4b82a0f7af8672697cdace/html5/thumbnails/14.jpg)
Thank youwww.simalliance.org
@SIMalliance
https://uk.linkedin.com/company/simalliance