Abstract
Alongside enabling connectivity for people and societies, the fifth-Generation networks (5G) aimed towards establishing an all-inclusive ecosystem for Internet of Things to sustain variety of industrial verticals such as e-health, smart home, smart city, etc. With the successful implementation of 5G infrastructure, it is understood that the traditional security approaches incorporated in the previous 4th generation networks (4G) may not suffice to protect users and industries from adversaries that develop more advanced attack vectors. This is mostly attributed the vulnerabilities imposed by softwareization (Softwareization of networks, clouds, and internet of things https://onlinelibrary.wiley.com/doi/pdf/10.1002/nem.1967.) and virtualization of the network which compromise the isolation and protection of the 5G network slices essential for the support of IoT verticals. In this work, we propose an innovative approach to enhance the isolation of network slices by employing the Enhanced Virtual Private Network+ (VPN+) technology. Furthermore, we demonstrate the impact of an encrypted communication at the transport backhaul network in 5G scenario in terms of defensive success against virtualization layer attacks in the cloud.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
OpenStack Foundation: Over 60 Global Organizations Join in Establishing ‘Open Infrastructure Foundation’ to Build the Next Decade of Infrastructure for AI, 5G, Edge. https://www.openstack.org/news/view/463/over-60-global-organizations-join-in-establishing-open-infrastructure-foundation-to-build-the-next-decade-of-infrastructure-for-ai-5g-edge. Accessed 22 Dec 2020
Feng, B., et al.: Secure 5G network slicing for elderly care. In: Awan, I., Younas, M., Ünal, P., Aleksy, M. (eds.) MobiWIS 2019. LNCS, vol. 11673, pp. 202–213. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-27192-3_16
Ahmad, I., Kumar, T., et al.: Overview of 5G security challenges and solutions. IEEE Commun. Stand. Mag. 2(1), 36–43 (2018). https://doi.org/10.1109/MCOMSTD.2018.1700063
MITRE project: Common Vulnerabilities and Exposures (2021). https://cve.mitre.org/
IETF TEAS Working Group: A framework for enhanced virtual private networks (VPN+) service (2020). https://tools.ietf.org/html/draft-ietf-teas-enhanced-vpn-06
Narayana Samy, G., Ahmad, R., Ismail, Z.: Security threats categories in healthcare information systems. Health Inf. J. 16, 201–209 (2010). https://doi.org/10.1177/1460458210377468
McDermott, D.S., Kamerer, J.L., Birk, A.T.: Electronic health records - a literature review of cyber threats and security measures. Int. J. Cyber Res. Educ. (IJCRE) 1, 42–49 (2019). https://doi.org/10.4018/IJCRE.2019070104
Latif, S., Qadir, J., Farooq, S., Imran, M.: How 5G wireless (and concomitant technologies) will revolutionize healthcare?. Future Internet 9(4), 93 (2017). https://doi.org/10.3390/fi9040093
ETSI TS.123.501 v15.8.0 technical specification: 5G; System Architecture for the 5G System (5GS) (3GPP TS 23.501 version 15.8.0 Release 15) (2020). https://www.etsi.org/deliver/etsi_ts/123500_123599/123501/15.08.00_60/ts_123501v150800p.pdf
OpenStack cloud software: Official documentation. https://www.openstack.org/. Accessed 30 Mar 2021
Docker container technology: Official documentation. https://www.docker.com/. Accessed 30 Mar 2021
Kubernetes container orchestration platform: Official documentation. https://kubernetes.io/. Accessed 30 Mar 2021
Barakabitze, A.A., Ahmad, A., Mijumbi, R., Hines, A.: 5G network slicing using SDN and NFV: a survey of taxonomy, architectures and future challenges. Comput. Netw. 167, 106984 (2020). https://doi.org/10.1016/j.comnet.2019.106984. ISSN 1389-1286
Dzogovic, B., Do, T.V., Santos, B., Jacot, N., Feng, B., Thuan, D.V.: Secure healthcare: 5G-enabled network slicing for elderly care. In: 2020 International Conference on Computer and Communication Systems (ICCCS), Shanghai, China, pp. 864–868 (2020). https://doi.org/10.1109/ICCCS49078.2020.9118583
3GPP Specification TR 38.801: Study on new radio access technology: Radio access architecture and interfaces (2018). https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3056
Dzogovic, B., Thuan, D.V., Santos, B., Do, T.V., Feng, B., Jacot, N.: Thunderbolt-3 backbone for augmented 5G network slicing in cloud-radio access networks. In: 2019 IEEE 2nd 5G World Forum (5GWF), Dresden, Germany, pp. 415–420 (2019). https://doi.org/10.1109/5GWF.2019.8911710
OpenAirInterface5G: OpenAirInterface Software Alliance. https://openairinterface.org/. Accessed 02 Feb 2021
Open5GS: Open-source project of 5GC and EPC Release-16. https://open5gs.org/. Accessed 02 Feb 2021
OpenStack project Tacker: VNF Forwarding Graphs. https://docs.openstack.org/tacker/latest/user/vnffg_usage_guide.html. Accessed 02 Feb 2021
OpenStack project Tacker: ESTI NFV-SOL, Experimenting CNF with Kubernetes VIM. https://docs.openstack.org/tacker/latest/user/index.html. Accessed 02 Feb 2021
RedHat OpenShift: About Single Root I/O Virtualization (SR-IOV) hardware networks. https://docs.openshift.com/container-platform/4.4/networking/hardware_networks/about-sriov.html. Accessed 02 Feb 2021
OpenStack SR-IOV: OpenStack Neutron SR-IOV functionality. https://docs.openstack.org/neutron/pike/admin/config-sriov.html. Accessed 02 Feb 2021
Juniper Networks: LTE Security for Mobile Service Provider Networks (White Paper) (2015). https://www.juniper.net/us/en/local/pdf/whitepapers/2000536-en.pdf
Liyanage, M., Gurtov, A.: Secured VPN models for LTE backhaul networks. In: 2012 IEEE Vehicular Technology Conference (VTC Fall), Quebec, Canada, pp. 1–5 (2012). https://doi.org/10.1109/VTCFall.2012.6399037
Farrel, A.: What is ACTN framework. Metro-Haul Project. https://metro-haul.eu/2018/08/30/what-is-actn/. Accessed 08 Feb 2021
3GPP specification TS 28.530: management and orchestration; concepts, use cases and requirements, version 16.4.0 (2020). https://www.etsi.org/deliver/etsi_ts/128500_128599/128530/16.04.00_60/ts_128530v160400p.pdf
Open-RAN: Alliance for Open Radio Access Networks. https://www.o-ran.org/. Accessed 30 Mar 2021
Data Plane Development Kit: Official documentation. https://www.dpdk.org/. Accessed 30 Mar 2021
5G Infrastructure Public Private Partnership (5GPPP): View on 5G Architecture, version 3.0. URL: https://5g-ppp.eu/wp-content/uploads/2019/07/5G-PPP-5G-Architecture-White-Paper_v3.0_PublicConsultation.pdf (2019).
3GPP specification TS 38.300: Technical specification group radio access network; NR; NR and NG-RAN overall description; stage-2, Release 16. Version 16.4.0 (2020). https://www.etsi.org/deliver/etsi_ts/138300_138399/138300/16.04.00_60/ts_138300v160400p.pdf
GSMA: An Introduction to Network Slicing, white paper (2017). https://www.gsma.com/futurenetworks/wp-content/uploads/2017/11/GSMA-An-Introduction-to-Network-Slicing.pdf
3GPP specification TS 33.126: Lawful Interception Requirements (Release 16), version 16.3.0 (2021). https://www.etsi.org/deliver/etsi_ts/133100_133199/133126/16.03.00_60/ts_133126v160300p.pdf
Acknowledgement
This paper is a result of the H2020 Concordia project (https://www.concordia-h2020.eu) which has received funding from the EU H2020 programme under grant agreement No 830927. The CONCORDIA consortium includes 23 partners from industry and other organizations such as Telenor, Telefonica, Telecom Italia, Ericsson, Siemens, Airbus, etc. and 23 partners from academia such as CODE, university of Twente, OsloMet, etc.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Dzogovic, B. et al. (2021). Advanced 5G Network Slicing Isolation Using Enhanced VPN+ for Healthcare Verticals. In: Pires, I.M., Spinsante, S., Zdravevski, E., Lameski, P. (eds) Smart Objects and Technologies for Social Good. GOODTECHS 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 401. Springer, Cham. https://doi.org/10.1007/978-3-030-91421-9_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-91421-9_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-91420-2
Online ISBN: 978-3-030-91421-9
eBook Packages: Computer ScienceComputer Science (R0)