When Agile Security Meets 5G

• Published in: IEEE access Vol. 8; pp. 166212 - 166225
• Main Authors: Carvalho, Glaucio H. S., Woungang, Isaac, Anpalagan, Alagan, Traore, Issa
• Format: Journal Article
• Language: English
• Published: Piscataway IEEE 2020; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: 5G mobile communication; 5G security; agile security; Cloud computing; cloud security; Critical infrastructure; Cybersecurity; Edge computing; Exhaustion; Infrastructure; Mobile computing; Monitoring; Network function virtualization; Resource management; Risk management; Security; security risk management; Servers; Wireless networks
• ISSN: 2169-3536; 2169-3536
• DOI: 10.1109/ACCESS.2020.3022741

5G is a critical infrastructure that will connect the whole society and bridge other critical infrastructure systems. Thus, cybersecurity emerges as crucial tenet within the 5G pathway. In this article, we discuss the concept of agile security within a 5G infrastructure taking into account two of its major technologies: Mobile Edge Computing (MEC) and Network Functions Virtualization (NFV). In this sense, we first discuss the 5G-driven MEC deployment from a NFV perspective. Secondly, we present the concept of agile security and how it can be embedded in the daily activities of mobile network operators (MNOs). Thirdly, we discuss risk management as a key element of the agile security framework. To illustrate its application, we propose the design of an agile security risk-aware edge server mechanism for 5G driven MEC deployment, which uses multiple thresholds and a load-balancing security control to mitigate the risks of resource exhaustion and violation of the service level agreement (SLA) faced by the edge servers while taking advantage of multiple cloud layers to increase the degree of availability and dependability of the system. Numerical results show that the proposed mechanism is able to keep the risk at lower levels.