ESF Members NSA and CISA Publish Second Industry Paper on 5G Network Slicing
Enduring Security Framework (ESF) partners the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) published an assessment of 5G network slicing. ESF, a public-private cross-sector working group led by NSA and CISA, identifies three keys for keeping this emerging technology secure: Security Consideration for Design, Deployment, and Maintenance.
“This document marks an initial stride in capturing the current, but evolving, landscape of network slicing, and serves as a catalyst for initiating meaningful conversations surrounding the potential use cases for network slicing,” said Lauren Wyble, Technical Director for Network Infrastructure Security at NSA.
5G is a fifth-generation technology standard for broadband cellular networks; it can provide increased data download and upload speeds, lower latency, and allow more devices to connect to the internet at the same time. 5G network slicing is a network architecture which allows mobile service providers to divide their network up into several independent ones in order to create specific virtual networks that cater to different clients and use cases. Today’s release builds upon threat and security considerations previously published by the ESF.
The assessment intends to provide an informed methodology and a mutual understanding with industry for “federal departments and agencies (inclusive of the DoD)” to design, deploy, operate, and maintain “secure network slicing” across private, hybrid, and public networks.
This paper introduces 5G stakeholders to the benefits associated with network slicing, assesses 5G network slicing threat vectors, presents guidance in line with industry best practices, and identifies perceived risks and management strategies that may address those risks.
Although all 5G network stakeholders can benefit from this guidance, the threat and security considerations discussed in this assessment are intended for mobile service providers, hardware manufacturers, software developers, and system integrators that design, deploy, operate, or maintain 5G networks. This document aims to foster communication among these parties, and between them and network slice customers. See the other documents in the ESF 5G series below:
- Potential Threats to 5G Network Slicing
- Potential Threat Vectors to 5G Infrastructure
- Security Guidance for 5G Cloud Infrastructures: Prevent and Detect Lateral Movement (Part I)
- Security Guidance for 5G Cloud Infrastructures: Securely Isolate Network Resources (Part II)
- Security Guidance for 5G Cloud Infrastructures: Data Protection (Part III)
- Security Guidance for 5G Cloud Infrastructures: Ensure Integrity of Cloud Infrastructure (Part IV)
- Open Radio Access Network Security Considerations