确保5G MEC安全性的基础知识

The Fundamentals ofEnsuring 5G MEC Security What is 5G MEC? Introduction 5G introduces heretofore unseen capabilities for mobile internet. Its ultra-low latencyand ultra-fast connection speeds will not just transform mobile connectivity butempower a variety of new use cases such as autonomous vehicles and smart cities. Multi-access edge computing(MEC) represents a game-changing capability in5G environments fororganizations, deliveringfaster speeds and enhancedbandwidth, thereby fosteringa new level of products andservices to their customers.To achieve that, a new levelof complexity is introducedinto the 5G equation, andwith that comes a drasticallyexpanded threat surface whichmust be accounted for withcomprehensive end-to-endcoverage. Empowering 5G, multi-access edge computing (MEC) is a technology that helpsdeliver these ultra-low latency and high bandwidth speeds by placing computingand processing capabilities as close to the end user as possible, at the edge of themobile network. As well, the cutting-edge of advantage in cloud and next-gen mobilegaming, requiring the lowest latency and highest performance possible for users, inessence defining the next generation of networking, is powered by MEC. This allows data to be processed and stored locally, reducing latency, and improvingperformance and speed. MEC is particularly powerful when used in 5G networksthat follow 3GPP standards and use cloud and virtualization technologies such asnetwork function virtualization (NFV) and software-defined networking (SDN). 5Gnetworks provide a dynamic environment for edge computing, while MEC enhances5G’s capabilities by offering ultra-low latency, extended bandwidth, and higherperformance. This white paper examines therange of threat vectors andfactors that are associated withMEC solutions and offers insightinto proven testing strategiesto assure the validation of theentire MEC solution so that itcan deliver on its promise. Both 5G and MEC rely on virtualized and disaggregated software componentsrunning on geographically distributed and open hardware. While this architectureoffers many benefits, it also exposes MEC and its stakeholders to a range ofconstantly evolving cyber threats. The impact of these attacks can extend acrossthe environments and networks in which MEC is implemented, so it is important that5G MEC is developed with security in mind from the earliest stage of planning anddevelopment. How MEC Works MEC data centers can collect local information and networkdata in real time, which can be used to gain insights aboutspecific use cases or environments, and to report onoperating conditions for easier and faster maintenance. Thisallows for faster access to those applications and services,and enables enterprises to create new and enhancedproducts and services for their customers. MEC essentially changes how data travels through a mobilenetwork. In a traditional network architecture, transactionstravel through the Radio Access Network (RAN), then throughthe 5G Core, and back again. With MEC, the speed and performance of mobile networksare improved by processing and storing data locally, at theedge of the network. This is achieved by placing serversand hosting infrastructure close to the end user and the 5GCore network. MEC can be deployed in a variety of ways,including on physical hosts like gNodeB base stations, in thecloud, or in a hybrid model that combines both physical andcloud-based deployment. MEC data centers also use local resources, allowing servicesthat rely on them to remain resilient in the event of problemsor outages on the broader network. However, MEC solutionsalso introduce new connections and components that couldbe attacked individually, so it is important to have the rightsecurity measures in place and to properly test them beforethe deployment. Security Threats to 5G via MEC Abuse of Assets The first point of concern is that the internal assets of theMEC data center might be abused by attackers, co-optingthe architecture of MEC solution to their own ends. Thesethreats include: One of the fundamental qualities of MEC solutions is thatthey are largely open environments for third parties toenable better performance for users. MEC data centers willhost a large variety of stakeholders, applications, applicationprogramming interfaces (APIs), data, and technologieswhich will constantly interact. •Zero-day vulnerabilities.If an attacker exploits a gapin either the MEC solution’s software or hardware, theycould leverage undiscovered vulnerabilities, leading toa zero-day attack which could exploit the multi-facetedMEC environment or its stakeholders. The open environments, along with a variety of stakeholders,applications, APIs, data, and technologies hosted inMEC data centers, make them vulnerable to abuse,exploitation, and misuse. These vulnerabilities can occur inthe form of abuse of assets, supply chain compromise andmisconfiguration, and weak security controls. MEC data atrest