Secure Connectivity of Future Cyber-Physical Systems (SECUREConnect)

The next industrial revolution is foreseen to happen with upcoming Industrial Internet that combines massive data collected by industrial sensors with data analysis for improving the efficiency of operations. Collecting, pre-processing, storing and analyzing such real-time data is a complex task with stringent demands on communication intelligence, QoS and security. This talk highlight some of the networking and security challenges facing the Industrial Internet, namely integration with 5G wireless networks, Software Defined Machines, ownership and smart processing of digital sensor data. Two enabling technologies for IIoT: i.e. Smart Spaces for intelligent data processing and Virtual Private LAN Services (VPLS) for transparent secure interconnection of industrial networks are explained in details to solve these challenges.

The first comprehensive guide to the design and implementation of security in 5G wireless networks and devices. Security models for 3G and 4G networks based on Universal SIM cards worked very well. But they are not fully applicable to the unique security requirements of 5G networks. 5G will face additional challenges due to increased user privacy concerns, new trust and service models and requirements to support IoT and mission-critical applications. While multiple books already exist on 5G, this is the first to focus exclusively on security for the emerging 5G ecosystem. 5G networks are not only expected to be faster, but provide a backbone for many new services, such as IoT and the Industrial Internet. Those services will provide connectivity for everything from autonomous cars and UAVs to remote health monitoring through body-attached sensors, smart logistics through item tracking to remote diagnostics and preventive maintenance of equipment. Most services will be integrated with Cloud computing and novel concepts, such as mobile edge computing, which will require smooth and transparent communications between user devices, data centers and operator networks. Featuring contributions from an international team of experts at the forefront of 5G system design and security, this book: Provides priceless insights into the current and future threats to mobile networks and mechanisms to protect it. Covers critical lifecycle functions and stages of 5G security and how to build an effective security architecture for 5G based mobile networks. Addresses mobile network security based on network-centricity, device-centricity, information-centricity and people-centricity views. Explores security considerations for all relative stakeholders of mobile networks, including mobile network operators, mobile network virtual operators, mobile users, wireless users, Internet-of things, and cybersecurity experts. Providing a comprehensive guide to state-of-the-art in 5G security theory and practice, A Comprehensive Guide to 5G Security is an important working resource for researchers, engineers and business professionals working on 5G development and deployment.

The next mobile generation, 5G, is expected to bring an enormous amount of new services and increased user experience. However adequate protection mechanisms for data and user privacy are required as this new technology will play a crucial role in society by connecting vertical industries like smart-grid, e-health, financial, transport and manufacturing. In this paper, we identify the most important privacy issues caused by the new technologies planned to use in 5G. We make a relation between these issues and the proposed objectives for privacy protection. Finally, we show how these objectives can be met by both a regulatory and technological approach. To this end, several technological solutions are identified

This chapter presents the impact of new 5G technologies, i.e. Software-Defined Networking (SDN), Network Function Virtualization (NFV) and Cloud Computing on existing Security and Privacy Regulations. The chapter also discuss how these current regulations on Security and Privacy have to be modified to obtain the full benefits of new 5G technologies.

In this chapter, overview of the security challenges and requirements, and their possible solutions, are discussed. Starting from the recommendations and security challenges that will face 5G networks, the chapter goes in depth into the possible security technologies. Also provided are new technological concepts that are highly important in 5G with their security implications. Furthermore, the chapter provides an overview of how the new technologies such as Software Defined Networking (SDN) and Network Function Virtualization (NFV) will be used to enhance the security of 5G networks. The chapter concludes with future directions and research challenges in 5G security.

This chapter presents an overview of the architecture and security challenges of cloud and mobile edge computing in the context of 5G and future networks. It first established the need for both technologies in meeting the performance demands of future computing and networking. It then went on to present the architectural framework and deployment models of both technologies together with their evolutionary trends. Different use cases and scenarios relevant to 5G and future networks were analyzed as well as the associated security and privacy threats. The chapter further proffers some key mitigation techniques against the various identified threats and concludes with a brief description of the ongoing works by various 5G MEC and Cloud Security Research and Standardizations organizations around the world.

Virtual Private LAN Services (VPLS) is an Ethernet based VPN (Virtual Private Network) service which provides protocol independent and high speed multipoint-to-multipoint connectivity. In the article, we discuss the possibility to use emerging networks concepts such as Software Defined Networking (SDN) and Network Function Virtualization (NFV) to improve the performance, flexibility and adaptability of VPLS networks. SDN and NFV based VPLS (SoftVPLS) architectures offer new features such as centralized control, network programmability and abstraction to improve the performance, flexibility and automation of traffic, security and network management functions for future VPLS networks.

5G will provide broadband access everywhere, entertain higher user mobility, and enable connectivity of massive number of devices (e.g. Internet of Things (IoT)) in an ultrareliable and affordable way. The main technological enablers such as cloud computing, Software Defined Networking (SDN) and Network Function Virtualization (NFV) are maturing towards their use in 5G. However, there are pressing security challenges in these technologies besides the growing concerns for user privacy. In this paper, we provide an overview of the security challenges in these technologies and the issues of privacy in 5G. Furthermore, we present security solutions to these challenges and future directions for secure 5G systems.

Ethernet based VPLS (Virtual Private LAN Service) networks are now becoming attractive in many enterprise applications due to simple, protocol-independent and cost efficient operation. However, new VPLS applications demand additional requirements, such as elevated security, enhanced scalability and improved flexibility. This paper summarized the results of a thesis which focused to increase the scalability, flexibility and compatibility of secure VPLS networks. First, we propose a scalable secure flat-VPLS architecture based on Host Identity Protocol (HIP) to increase the forwarding and security plane scalability. Then, a secure hierarchical-VPLS architecture has proposed by extending the previous proposal to achieve control plane scalability as well. To solve the compatibility issues of Spinning Tree Protocol (STP) in VPLS networks, a novel Distributed STP (DSTP) is proposed. Lastly, we propose a novel SDN (Software Defined Networking) based VPLS (SoftVPLS) architecture to overcome tunnel management limitations in legacy secure VPLS architectures. Simulation models and testbed implementations are used to verify the performance of proposed solutions.

Ethernet based secure VPLS (Virtual Private LAN Services) networks require to establish full mesh of VPLS tunnels between the customer sites. However, the tunnel establishment between geographically distant customer sites introduces a significantly high delay to the user traffic transportation. In this article, we propose a novel fast transmission mechanism for secure VPLS architectures to reduce the waiting time before transmitting the data and the average data transmission delay between geographically distant customer sites. The performance of proposed mechanism is analyzed by using a simulation model and a testbed implementation.

Software Defined Network (SDN) is an advanced approach of designing dynamic, manageable, cost-effective, and adaptable network architectures. Moreover, SDN plays key role as an enabler for future 5G networks. Transferring network monitoring functions to a software working in conjunction with configurable hardware accelerators through a scheme called Software Defined Monitoring (SDM) is one promising way to attain the dynamism necessary for the monitoring of the next generation-networks. In this paper, we propose a novel SDM architecture for future mobile backhual networks. As an SDN solution, the proposed architecture provides more granular and dynamic network management functions through its programmable interface, centralized control, and virtualized abstractions. At the same time, the SDM framework intuitively seem prone to various challenges that come with the separation of the control and data planes of middleboxes. This paper collects specific opportunities, vulnerabilities as well as challenges related to SDM.Moreover, we highlight how SDM can be used to solve the current limitations in legacy monitoring systems. The feasibility of proposed SDM architecture is verified by using a testbed implementation.

The book provides a reference material to a comprehensive study of 5G security. It offers an insight into the current and future threats to mobile networks and mechanisms to protect it. It covers the critical lifecycle functions and stages of 5G security, and how to build an effective security architecture for 5G based mobile networks. This is the first time mobile network security is addressed based on Network-centricity, Device-centricity, Information-centricity and most importantly People-Centricity in a single book. This books offers security considerations for all relative stakeholders of mobile networks such as mobile network operators (MNOs), mobile network virtual operators (MVNOs), Mobile users, wireless users, IoT organizations and digital organizations. Furthermore, this book will provide very useful reference material for academic professionals and young students and researchers.

Host Identity Protocol (HIP), a novel internetworking technology proposes separation of the identity-location roles of the Internet Protocol (IP). HIP has been successful from the technological perspectives for network security and mobility, however, it has very limited deployment. In this paper we assess HIP to find the reasons behind its limited deployment and highlight the challenges faced by HIP for its commercial use. We propose technological development and outline deployment strategies for the wide use of HIP. Furthermore, this paper investigates the use of HIP in Software Defined Networks (SDN) to evaluate its performance in new disruptive networking technologies. In a nutshell, this paper presents revealing challenges for the deployment of innovative networking protocols and a way ahead for successful and large scale deployment.

The next industrial revolution is foreseen to happen with upcoming Industrial Internet that combines massive data collected by industrial sensors with data analysis for improving the efficiency of operations. Collecting, pre-processing, storing and analyzing such real-time data is a complex task with stringent demands on communication intelligence, QoS and security. In this paper we outline some challenges facing the Industrial Internet, namely integration with 5G wireless networks, Software Defined Machines, ownership and smart processing of digital sensor data. We propose a secure communication architecture for the Industrial Internet based on Smart Spaces and Virtual Private LAN Services. It is a position paper, describing state-of-the-art and a roadmap for future research on the Industrial Internet.