Security for 5G will have to meet a completely new set of demands. At Ericsson Research, we are taking on the challenge of designing solutions that will provide true trustworthiness for the 5G networks of tomorrow.
Security is an extremely wide area, with disciplines including the mathematics of cryptographic algorithm design, tamper-resistant hardware, the design of key management protocols, intrusion detection, identity management, malware detection and content protection. And security is constantly evolving: when a new technology enters the scene, it usually brings with it new security challenges that we need to tackle – think of cloud computing and M2M communication as examples. Security is still a relatively young research area, at least in the public domain. Only 25 years ago, the topic was highly contentious, with encryption algorithms for example being kept secret from the public eye. You can read more about the area and its history in our white paper: Safeguarding tomorrow’s trustworthy ICT environment – the importance of research in ICT security.
Why I find security exciting
As a security researcher, you need broad competence in many areas: software technology, networking, radio technology, computer science and mathematics, to name a few. Human sciences and economics have recently become crucial competence areas too, allowing us to understand what is driving underground economies to attack systems, the psychology behind social-engineering attacks, and so on.
It is not often that I leave work at the end of the day without having had to read up on some non-security related topic. This makes my work challenging but also very stimulating – almost every day I get some sort of “aha” experience and I’m hardly ever bored.
It is also good that that Ericsson as a company and indeed the whole telecom industry have really realized the importance of this area. When I started in Ericsson around 15 years ago, security was just becoming visible on the radar: up until then, the telecom industry used proprietary designs running in isolated networks which were not really exposed to the same kind of threats as today’s more open, fully standardized solutions. I have really noticed this shift during my years at Ericsson, and it has been exciting to be a part of working with security during this transition. By the way, if you wonder why I have only mentioned security and not privacy, you can stop wondering now. Privacy has really surfaced as a key consideration over the past couple of years, with allegations of mass surveillance and intrusions into personal privacy.
The next challenge: trustworthy 5G networks
The evolution that brought us 2G, 3G and 4G networks has largely been a quantitative evolution: higher bit rates, lower latency, more antennas and so on. These will of course be defining numbers for 5G as well, but from the security and privacy angle, other, more qualitative aspects will set the requirements. Firstly, because new actors are taking on new roles in the mobile value chain, we will be facing a very different trust model, and we need additional security mechanisms to make this trust model sustainable. Secondly, 5G will be built on new paradigms for delivering networking and other services, using cloud, software-defined networking, more third-party software and so on. In many surveys, you can see that security and trust are seen as the leading obstacles to adoption of cloud technologies. My view is that we need to move from networks built on trust to networks built on trustworthiness – networks where you don’t need to rely on blind trust, but where you can actually verify that you get the security level you expect. Thirdly, as I mentioned before, attention to user privacy is greater than ever. We need to provide networks that allow more or less all traffic and data to be encrypted, and protect data integrity. The network needs to efficiently deliver “the bits” even if they are strongly protected end-to-end. Finally, 5G will host many security-critical services related to industrial automation, public safety, smart grid, e-health and other areas. This will change the threat landscape in which 5G needs to operate. You can read more about this in our white paper: 5G security – scenarios and solutions .
Biography: Dr Mats Näslund
- M.Sc. in Computer Science from the Royal Institute of Technology (KTH), Stockholm, Sweden
- Ph.D. in Computer Science, also from KTH
- Employed by Ericsson since 1999, Senior Specialist in 2002 and Principal Researcher 2009
- Adjunct professor in Secure Networks and Systems at KTH, 2015
- Standardization of 3G and 4G technologies in 3GPP, internet standards in IETF
- Participation in external research collaborations in EU FP6/7 (STORK, ECRYPT) and upcoming H2020 (5G-ENSURE), national Swedish projects such as Vinnova (HASPOC)
- Approximately 50 publications in journals, conference proceedings and books
- Received Ericsson’s Inventor of the Year award in 2009, has more than 100 filed patents