Recent analyst reports forecast the total number of LTE connected devices shipped worldwide will exceed 1.89 billion devices by the end of 2019, exposing mobile security threats as one of the weakest links in network security. Speaking to a packed audience at the MEF “Carrier Ethernet 2.0 Revolution” seminar, Vitesse Semiconductor CTO Dr. Martin Nuss advocated a holistic approach to mobile security that encompasses the network infrastructure, applications and network synchronization.
Dr. Nuss noted that mobile network air interface links are always encrypted by default, as mandated by 3GPP, but applications may not be. Even if they are, the infrastructure itself needs to be secured to begin with, including network timing, which is vital to the operation of LTE-Advanced (LTE-A) and future 5G networks. Mobile networks, with the widespread use of small cells needed for improving LTE and LTE-A capacity, are inherently less secure due to their accessibility at street-level. He continued that the ideal way to secure these links is to encrypt at the lowest layer possible in the OSI stack. IEEE 802.1AE MACsec, which works at Layer 2, protects not only the route and network timing, but also enables link and device authentication. Dr. Nuss highlighted the link/device layer as particularly vulnerable, since street-level cells could easily be swapped out with rogue devices which could then access the entire network.
“No single security scheme can solve all potential vulnerabilities,” observed Martin Nuss, CTO at Vitesse. “That’s why it’s imperative to secure applications, networks and devices. Authentication, authorization and accounting, combined with data encryption, are commonplace for the applications layer. We as an industry now need to take a more integrated approach to security and apply the same principles to the network infrastructure and device/link layer. As more and more ‘things,’ in addition to mobile devices for humans, connect to LTE networks, these security concerns will become paramount for the Internet of Things as well.”
Dr. Nuss is a recognized industry expert in Ethernet technology including timing and synchronization for public and private communications networks, with over 25 years of technical and management experience. A fellow of the Optical Society of America and IEEE member, Dr. Nuss also serves on the board of directors for the Alliance for Telecommunications Industry Solutions (ATIS).