Nokia extends commitment to network security for the 5G world

June 2019 by Marc Jacob

Nokia announces a significant extension of its long-held commitment to the highest standards in network security, unveiling an enhanced security program and establishing an advanced security testing and verification laboratory: both designed to address the critical security needs of 5G end-to-end (E2E) networks.

Nokia has a long-standing commitment to creating secure products via its comprehensive, industry-leading Design For Security (DFSEC) process. DFSEC ensures that security is designed into every product from the start, undergoing rigorous security testing prior to commercial release. Launched today, a new program - DFSEC 2.0 - will build on this leadership in security development by focusing on additional verification work in the areas of E2E identity management, network slicing and SDN security, virtualization, and OAM, including patch management.

To support collaborative research and development across the DFSEC 2.0 program, Nokia is opening the "Future X Security" (FXSec) Lab. Built as an extension of Nokia’s Future X network lab in Nokia Bell Labs in Murray Hill, this lab will be open to communications service providers and industries to facilitate joint testing and verification of industrial automation solutions in private local area networks (LANs) and across public wide area networks (WANs).

Marcus Weldon, Corporate Chief Technology Officer and President of Nokia Bell Labs, says: "End-to-end 5G networks will fundamentally transform societies by providing ultra-high-speed wireless connectivity allowing massive, low latency ultra-reliable streaming data that will drive intelligent automation for a wide array of infrastructure, industries and enterprises. But with great opportunity comes significant security risk that must be addressed end-to-end, using an array of novel techniques and technologies. As the most trusted end-to-end solution provider in the 5G era, Nokia is taking a leadership position in defining and building advanced security solutions that will meet mission-critical needs, leveraging the deep and extensive security research and disruptive innovations from Nokia Bell Labs.

Defining 5G security standards for the future

The E2E 5G networks that will define this new era are a significant advance from the closed systems and technologies in previous generations. Software Defined Networking (SDN) with distributed cloud infrastructure and augmented intelligent control systems will allow networks to scale in the 5G era, powering the next billion connected things, systems, machines and people.

However, open interfaces and commonly available technology also introduce new networking infrastructure security challenges, as does the addition of billons of unverified devices that will be used to sense and control the physical world. Therefore, a new approach is warranted that goes beyond today’s security for ’best effort’ networks, to enable security for E2E mission-critical networks.

Nokia’s 7 key research areas for secure design

In building the new security approach for LAN and WAN, Nokia will be incorporating advanced research from Nokia Bell Labs to create Network Slicing Security Solutions that will ensure security and trustworthiness of the end-to-end network slices - the critical connectivity and service fabric for industrial applications in the 5G era. These security solutions are based on 7 key research areas:

"Accountable Security" that provides failproof identification of industrial IoT devices in mobile and dynamic environments

"Physical and Virtual Device Integrity Protection" that provides scalable device attestation (hardware, firmware and software) across the supply chain

Artificial Intelligence enabled "Threat Detection and Mitigation for Network Slices"

"Fine-grained Security Policy Management" which dynamically tailors network slice elements to meet specified security requirements

"Dynamic data protection" which addresses the issue of data isolation across mobile devices, applications and slices

"Microservice Behavioral Fingerprinting" that is a unique machine learning based anomalous behavior detection of third party and open-source 5G services

Paradigm shift in design for security that provides run-time mitigation of potential security concerns with rapid feedback into development cycle using DevSecOps models

The next generation "Future X Security" for end-to-end mission critical networks will leverage Nokia Bell Labs long-standing leadership in researching and standardizing security solutions. Nokia Bell Labs has the leading patent filings in key areas of security of 5G and E2E networks - including aspects of multi-tenancy, slicing, and industrial IoT - and for trust and patch management, remote attestation, security management and orchestration. Beyond patents, Nokia has taken an active leadership role in supporting the development of key industry standards by working with 3GPP and ETSI.