Network Security engineers at Verizon recently engaged in a series of successful trials to future-proof its 5G network against security threats and advance security measures to protect the confidentiality, integrity and availability of the 5G network. Verizon is focused on protecting against threats to customers’ security and ensuring the reliability and resilience of communications services against all manner of hazards, including cyber threats.
“As the design and deployment of networks becomes more complicated and the capabilities of networks allow for much more robust systems, securing those networks is the highest priority,” said Srini Kalapala, Vice President of Network Planning for Verizon. “Not only has our network team built our 5G network with industry-leading security, but our team is anticipating and planning for future security issues to protect our network and mitigate risks today and in the future.”
While Verizon boasts a highly secure 5G network presently, Verizon engineers are continuing to drive innovation and leadership in the area of cyber security, knowing that threats evolve nearly as quickly as new technology is introduced. To that end, Verizon engineers and partners are advancing a series of initiatives as follows.
Security Network Accelerators to improve latency and operational efficiency
As network operations become more complex, additional purpose-built hardware supporting security functions such as firewalls, IDS, DDoS, Probes and Packet brokers are deployed throughout the network. The addition of this hardware introduces additional latency and opens the door for greater maintenance as well as additional points of vulnerability. To solve for this, Verizon engineers have virtualized many of these functions and moved them to the cloud. However, for higher performance security functions, however, Verizon engineers are working to install programmable network accelerators as a way to mesh together multiple high performance, latency dependent security functions into a single, AI ML driven Network Accelerator, reducing operational expenses, reducing reliance on programming by people and increasing the efficiency of delivering these security functions. Verizon is working with the University of California Santa Barbara to develop AI ML driven firewall and IDS capabilities that are able to be delivered in a whitebox network accelerator.
AI/ML is a technology that is being broadly adopted in all industries, including 5G, to automate decision making, troubleshooting, forecasting, network management, security, and more. With the acceleration in use of AI ML throughout networks, Verizon engineers are developing an AI ML Security Framework which will offer additional protection in the AI ML models that power the network. This AI ML Security Framework will help verify the providence of information being fed into AI ML algorithms, ensure the AI ML models are operating correctly, and will manage the security around where that information goes and how it is interpreted and used. Verizon engineers are trialing the framework in two AI ML use cases at present; one to detect security anomalies in the network and the other to analyze MIMO antenna performance at cell tower.
Machine State Integrity (MSI)
Understanding the criticality of both the confidentiality and integrity of data, Verizon is working with Guardtime and WWT to provide near real-time, non-repudiated evidence of tampering in a machine’s state while also providing meaningful reductions in time between a machine’s compromise and its detection. If a security breech or incident occurs, it is critical to be able to quickly identify changes in data. With the amount of data stored in systems today, identifying breeches in data integrity can be a time consuming and onerous task. Verizon engineers and our vendors are using cryptographically secure functions to create digital fingerprints of data and store them in a blockchain so they cannot be modified. These fingerprints are fully secure, unhackable and accessible anywhere in the world. By comparing fingerprints stored in the blockchain to fingerprints taken during or after a cyber attack, companies can more quickly and easily determine if the integrity of their data was compromised. Verizon, Guardtime and WWT are preparing for trials of this new technology to begin. When complete, Verizon engineers will be able to leverage machine state integrity to more effectively protect the data on the Verizon network including configuration of towers, Verizon Cloud servers and more.
Secure Credentialing Management System (SCMS) for connected vehicles
Connected vehicles need to connect to each other, to roadside infrastructure, to other road users and to cloud-based services. SCMS is the fundamental mechanism to ensure those connections are protected against attacks on integrity, confidentiality, and repudiation. The SCMS provides digitally signed certificates and activation codes that are used to validate vehicle safety messages. For the first time in the Connected Vehicle industry, a joint Verizon and LG team effort validated and secured CV2X Basic Safety Messages (BSMs) using a standards-compliant SCMS hosted on a Verizon 5G MEC. This milestone was completed at the Mcity Test Track in Ann Arbor, MI and validates Verizon’s core capabilities in 5G network connectivity. It also demonstrates how 5G MEC can be leveraged for public safety and Connected Vehicle security.
Security of Verizon’s 5G network
In addition to advancing future security initiatives, Verizon’s Network Security team recently produced a white paper entitled “The Security of Verizon’s 5G Network”, which describes how every element of Verizon’s 5G network implements security controls that deliver confidentiality, integrity, and availability so the overall network provides subscribers with a secure communications channel.
“In all aspects of our network, from the core of the network, to the radio access edge, even to the customer device, we have built our network to be secure,” said Kalapala. “From design, to implementation, to deployment the 5G network, built on the foundation of the best 4G security, is the gold-standard in the industry. We will not compromise when it comes to the security of our network and that of our customers’ data.”
This new white paper comes on the heels of an additional security white paper, which describes how the new architecture and capabilities of 5G networks will allow operators to detect and address cyber threats faster and more efficiently than ever before.