Security is an important aspect of architectures. Security analysis at the architecture level is very useful. Fifth-generation (5G) wireless networks have been in use for a few years now. Securing 5G network architecture has many challenges not present in fourth-generation (4G) wireless networks. This book provides an extensive analysis of 5G architectures. It is mainly written for professionals in wireless networks and can be used as a textbook in security courses.
Every chapter begins with a list of topics covered and a list of individuals/teams, so readers can identify their particular interests when choosing where to start. Each chapter ends with a summary, a list of acronyms used, and references. Many of the references are by the author himself, from Cisco, and some of them are standards and articles from 5G-related organizations.
Readers interested in more detail can read chapters 4 through 9; security domain content is discussed along with use cases. Readers starting from scratch should begin at chapter 1. A security-related introduction is first found in chapter 3. Motivational chapters 1 through 3 explain specific 5G architectural challenges with respect to security. The challenges are not only due to the way 5G is specified, but also its expected associations with modern technologies such as virtualization, the cloud, and Internet of Things (IoT) devices. For analysis purposes, standalone 5G and 5G mixed with 4G are distinguished. For each type of domain, architectures, possible threats for those architectures, ways to secure those architectures, and example use cases are described.
High-level architects can read chapter 10, which is on building end-to-end architectures secured for 5G. The identified security domains are 5G network components, devices attached to networks, and consumers. The chapter presents the tenets of 5G security architectures. Nation-state actors may use 5G architectures for supply chain management. The chapter gives some guidelines for cybersecurity agencies for securing against supply-chain-based threats. The zero trust principle is described for securing user and device access. The description includes zero trust security models for 5G and how to apply the principle for various architecture deployments. For securing inter/intra network connectivity, the chapter presents multilayer control architectures and provides checklists for various controls. For application-level security, it advocates an application-first security methodology and gives various requirements needed for vendors. It identifies key functional requirements for vulnerability management and forensics and describes monitoring architecture for security concerns related to end-to-end visibility. In the end, it briefly talks about security concerns due to 5G and 4G interoperability and 5G network slicing.
Chapter 11 describes a two-step method for prioritizing security controls. It practically shows the method being applied in two scenarios. Chapter 12 is on adaptabilities of architecture security for 5G and beyond.