Telecommunications Science ›› 2020, Vol. 36 ›› Issue (12): 1-19.doi: 10.11959/j.issn.1000-0801.2020317
• Viewpoint Focus • Next Articles
Zhiqiang YANG,Li SU(),Minpeng QI,Bo YANG
Revised:
2020-12-09
Online:
2020-12-20
Published:
2020-12-23
CLC Number:
Zhiqiang YANG,Li SU,Minpeng QI,Bo YANG. Overview and prospect of 5G security[J]. Telecommunications Science, 2020, 36(12): 1-19.
"
安全测评方法论 | ||
TR33.805 | Study on security assurance methodology for 3GPP network products | 网络产品安全保障方法研究与选择 |
TR33.916 | Security assurance methodology (SCAS) for 3GPP network products | 网络产品安全保障方法论 |
TR33.926 | Security assurance specification (SCAS) threats and critical assets in 3GPP network product classes | 3GPP网元产品威胁和重要资产 |
通用安全要求 | ||
TS33.117 | Catalogue of general security assurance requirements | 网络产品通用安全保障要求及测试用例 |
5G设备特定安全要求 | ||
TS33.511 | 5G security assurance specification; NR node B (gNB) network product class | 5G基站gNB安全评估标准 |
TS33.512 | 5G security assurance specification; access and mobility management function (AMF) network product class | AMF网元(接入鉴权和移动性管理控制功能)安全评估标准 |
TS33.513 | 5G security assurance specification; user plane function (UPF) network product class | UPF网元(用户面功能,执行用户面数据转发等功能)安全评估标准 |
TS33.514 | 5G security assurance specification for the unified data management (UDM) network product class | UDM网元(统一数据库,存放用户的签约数据等)安全评估标准 |
TS33.515 | 5G security assurance specification; session management function (SMF) network product class | SMF网元(会话管理网络功能)安全评估标准 |
TS33.516 | 5G security assurance specification; authentication server function (AUSF) network product class | AUSF网元(鉴权网络功能)安全评估标准 |
TS33.517 | 5G security assurance specification for the security edge protection proxy (SEPP) network product class | SEPP网元(安全代理,漫游场景下链接HPLMN和VPLMN)安全评估标准 |
TS33.518 | 5G security assurance specification for the network repository function (NRF) network product class | NRF网元(服务注册、发现、授权等功能)安全评估标准 |
TS33.519 | 5G security assurance specification for the network exposure function (NEF) network product class | NEF网元(对外开放网络能力和服务)安全评估标准 |
"
资产 | 威胁 | 安全对象 | 需求 |
? 源代码 | ? 流氓开发者 | ? 代码变更控制 | ? 设计安全 |
? 软件包 | ? 源代码漏洞 | ? 无漏洞的软件 | ? 版本控制安全 |
? 成品 | ? 第三方代码漏洞 | ? 漏洞处理 | ? 变更跟踪 |
? 安全文件 | ? 安全设计缺陷 | ? 敏感文档不被泄露 | ? 源代码审查 |
? 在运营的产品 | ? 非正版发布 | ? 建立受保护的环境 | ? 软件安全测试 |
? 产品开发支持系统 | ? 包含漏洞的老旧版本 | ? 软件完整性保护 | ? 员工教育 |
? 篡改编译环境 | ? 软件版本识别 | ? 漏洞修补流程 | |
? 错误的文件 | ? 产品安全修复知识 | ? 漏洞修补措施独立性 | |
? 客户无人负责安全事件处理 | ? 安全设计 | ? 信息安全管理系统 | |
? 安全测试 | ? ... | ||
? 员工教育 | ? 安全联络点 | ||
? 客户文档 | |||
? 第三方组件漏洞检测 |
[1] | ITU-R. IMT vision-framework and overall objectives of the future development of IMT for 2020 and beyond:M.2083-0[S]. Geneva:ITU, 2015. |
[2] | 李正茂, 王晓云, 张同须 ,等. 5G+:5G如何改变社会[M]. 北京: 中信出版社, 2019. |
LI Z M , WANG X Y , ZHANG T X ,et al. 5G+:how 5G will change society[M]. Beijing: CITIC Publishing HousePress, 2019. | |
[3] | The White House,US. National strategy to secure 5G of the United States of America[S]. 2020. |
[4] | 3GPP.Security architecture and procedures for 5G system:TS33.501 V16.3.0[S]. 2020. |
[5] | 3GPP.System architecture for the 5G system:TS23.501 V16.3.0[S]. 2019. |
[6] | RUPPRECHT D , KOHLS K , HOLZ T ,et al. Breaking LTE on layer two[C]// Proceedings of 2019 IEEE Symposium on Security and Privacy (SP). Piscataway:IEEE Press, 2019. |
[7] | 3GPP.Study on enhancements to the service-based architecture:TR23.742 V16.0.1[R]. 2018. |
[8] | 3GPP.System architecture for the 5G system; stage 2:TS23.501 V16.1.0[S]. 2019. |
[9] | 3GPP.Authentication and key management for applications (AKMA) based on 3GPP credentials in the 5G system(5GS):TS33.535[S]. 2020. |
[10] | GSMA. Network equipment security assurance scheme-overview:FS.13 V1.0[S]. 2019. |
[11] | 3GPP.3GPP system architecture evolution (SAE)-security architecture:TS33.401 V15.6.0[S]. 2018. |
[12] | IETF. Improved extensible authentication protocol method for 3rd generation authentication and key agreement (EAP-AKA’):RFC5448[S]. 2009. |
[13] | 3GPP.Security architecture and procedures for 5G system:TS33.501 V16.0.0[S]. 2019. |
[14] | 3GPP.Study on the security of ultra-reliable low-latency communication (uRLLC) for the 5G system(5GS):TR33.825[S]. 2020. |
[15] | 3GPP.Network domain security-IP network layer security:TS33.210 V16.3.0[S]. 2020. |
[16] | 3GPP.Study on security aspects of the 5G service based architecture (SBA):TR33.855 V1.9.0[R]. 2019. |
[17] | ETSI. Network functions virtualisation (NFV); architectural framework:GS NFV 002 V1.2.1[S]. 2014. |
[18] | ONF. Software-defined networking:the new norm for networks[R]. 2012. |
[19] | 3GPP.Study on security impacts of virtualization in 5G:TR33.848 V0.5.0[R]. 2020. |
[20] | 3GPP.Security assurance methodology (SECAM) and security assurance specification:TR33.818 V0.6.0[R]. 2019. |
[21] | 粟栗, 杨波, 王珂 ,等. 面向垂直行业的5G网络切片安全白皮书[R]. 2018. |
SU L , YANG B , WANG K ,et al. 5G network slicing security white paper for vertical industries[R]. 2018. | |
[22] | 3GPP.Study on security aspects of 5G network slicing management:TR33.811[R]. 2019. |
[23] | 3GPP.Study on authentication and key management for applications based on 3GPP credential in 5G:TR33.845 V16.1.0[R]. 2019. |
[24] | ISO/IEC. Common criteria for information technology security evaluation part 1:introduction and general model version 2.3[S]. 2005. |
[25] | 3GPP.Study on security assurance methodology for 3GPP network products:TR33.805[R]. 2019. |
[26] | 3GPP.Security assurance methodology (SCAS) for 3GPP network products:TR33.916[R]. 2019. |
[27] | 3GPP.Security assurance methodology (SCAS) threats and critical assets in 3GPP network product classes:TR33.926[R]. 2019. |
[28] | 3GPP.Catalogue of general security assurance requirement:TS33.117[S]. 2019. |
[29] | 3GPP.5G security assurance specification; NR node B (gNB) network product class:TS33.511[S]. 2019. |
[30] | 3GPP.5G security assurance specification; access and mobility management function (AMF) network product class:TS33.512[S]. 2019. |
[31] | 3GPP.5G security assurance specification; user plane function (UPF) network product class:TS33.513[S]. 2019. |
[32] | 3GPP.5G security assurance specification for the unified data management (UDM) network product class:TS33.514[S]. 2019. |
[33] | 3GPP.5G security assurance specification; session management function (SMF) network product class:TS33.515[S]. 2019. |
[34] | 3GPP.5G security assurance specification; authentication server function (AUSF) network product class:TS33.516[S]. 2019. |
[35] | 3GPP.5G security assurance specification for the security edge protection proxy (SEPP) network product clas:TS33.517[S]. 2019. |
[36] | 3GPP.5G security assurance specification for the network repository function (NRF) network product class:TS33.518[S]. 2019. |
[37] | 3GPP.5G security assurance specification for the network exposure function (NEF) network product class:TS33.519[S]. 2019. |
[38] | GSMA. Network equipment security assurance scheme- overview:FS.13[S]. 2019. |
[39] | GSMA. Network equipment security assurance scheme-security test laboratory accreditation requirements and process:FS.14[S]. 2019. |
[40] | GSMA. Network equipment security assurance scheme-productdevelopment and lifecycle accreditation methodology:FS.15[S]. 2019. |
[41] | Network equipment security assurance scheme-vendor development and product lifecycle security requirements:FS.16. 16[S]. 2019. |
[42] | 杨志强, 粟栗, 杨波 ,等. 5G 安全技术与标准[M]. 北京: 人民邮电出版社, 2020. |
YANG Z Q , SU L , YANG B ,et al. 5G security technologies and standards[M]. Beijing: Posts & Telecom PressPress, 2020. |
[1] | Le ZHANG, Hongyuan MA. Practice on edge cloud security of telecom operators [J]. Telecommunications Science, 2023, 39(4): 165-172. |
[2] | Weixiong CHEN, Xiaochen YANG, Zengjun CHUN, Ruolan LI, Hua ZHANG. Research and practice of network security threat intelligence management system for power enterprise [J]. Telecommunications Science, 2022, 38(7): 184-189. |
[3] | Yatian LIU, Bowen HU, Maofei CHEN, Dongxin LIU. Study on the 5GC security situational awareness system [J]. Telecommunications Science, 2022, 38(11): 73-85. |
[4] | Yunyi LIU, Jianmin ZHANG, Xiaoli FENG, Liwei ZHANG. 5G MEC system security capability deployment scheme [J]. Telecommunications Science, 2022, 38(11): 143-152. |
[5] | Li SU, Li LU, Xing ZHANG, Chang LIU. Graph database based security protection mechanism of 5G network data flow [J]. Telecommunications Science, 2021, 37(4): 28-36. |
[6] | Yue GU, Dan LI, Kaihui GAO. Research on network traffic classification based on machine learning and deep learning [J]. Telecommunications Science, 2021, 37(3): 105-113. |
[7] | Ming GAO,Jin LUO,Huiying ZHOU,Hai JIAO,Lili YING. A differential feedback scheduling decision algorithm based on mimic defense [J]. Telecommunications Science, 2020, 36(5): 73-82. |
[8] | Yuanying XIAO,Yaodong YOU,Lixi XIANG. Causes and optimization of the false alarm rate of code review system [J]. Telecommunications Science, 2020, 36(12): 155-162. |
[9] | Guofeng HE. Application protection in 5G cloud network using zero trust architecture [J]. Telecommunications Science, 2020, 36(12): 123-132. |
[10] | Ping XIE,Xiaosong LIU. Security of the deployment of SDN-based IoT using blockchain [J]. Telecommunications Science, 2020, 36(12): 139-146. |
[11] | Hang YU,Shuai WANG,Huamin JIN. RASP based Web security detection method [J]. Telecommunications Science, 2020, 36(11): 113-120. |
[12] | Junwen WANG. Technical requirement of future industrial internet [J]. Telecommunications Science, 2019, 35(8): 26-38. |
[13] | Cong LI, Bo LEI, Chongfeng XIE, Yunhe LI. Trustworthy network based on blockchain technology [J]. Telecommunications Science, 2019, 35(10): 60-68. |
[14] | Jianquan WANG,Zhangchao MA,Xinzhong LI,Lei SUN,Changwei HU. Quantum secure communication network architecture and mobile application solution [J]. Telecommunications Science, 2018, 34(9): 10-19. |
[15] | . Interestmeasurement and system construction of personal information protectionLI Meiyan [J]. Telecommunications Science, 2018, 34(8): 160-166. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|