5G networks represent a tremendous leap forward for mobile communications. They offer blazing speeds, increased bandwidth, low latency and the potential for accelerated innovation in everything from autonomous driving to telemedicine.

Indeed, with public expectations for 5G soaring ahead of network rollouts in 2019, the transformative potential of 5G cannot be overstated. However, the introduction of game-changing technologies can often come with challenges and in the case of 5G, there is one element particularly crucial to its success: security.

At Wireless World Research Forum’s 5G Huddle 2019 in Tokyo, a collection of international experts discussed what it will take to make 5G a success: from deployment objectives to trials to business models and standards. Privacy and network security were also recurrent themes throughout the day.

Building confidence and trust

“A lot has to be done in order to assuage the concerns of everybody, especially the users, to gain trust in this ecosystem,” said Paris Mashile, a councillor with the Independent Communications Authority of South Africa. “The digital economy can also be affected because it’s almost like a train carrying precious cargo. If the train collapses, what happens to the cargo?”

Entitled “Building Confidence in 5G,” the panel was part of the huddle’s theme: “Can 5G keep its promises?” The panelists discussed not only consumer and business confidence in 5G, but how security requirements are changing compared with 4G. They also addressed questions on end-to-end security, resilience and best practices.

“We are connecting a lot of networks and services, and all these things are creating a lot of data on people,” said Knud Erik Skouby, Director of the Center for Communication, Media and Information Technologies, Aalborg University. “Unless the data is kept in a way they can have confidence in, and not disclosed against their wishes, they will react to how it’s being used, and this will put a brake on development.”

Because of the increased connectivity 5G will bring, the public is paying extra attention to privacy frameworks, including the European Union General Data Protection Regulation (GDPR), Skouby added. Masao Akata CTO, Carrier Network Business Group, Huawei Technologies Japan, noted that there are significant gaps in approaches to security among nations adopting 5G, such as the development of third-party security verification services. 

“We believe that if 5G lives up to its expectations, that is, connecting energy networks, healthcare networks, automated driving systems, then it will become a critical infrastructure,” said Bernard Barani, Deputy Head of Unit, Future Connectivity Systems, European Commission, pointing to a cybersecurity framework the EU published in March. “That means security must be very carefully ensured.”

Securing Rakuten’s cloud-native network

On the sidelines of the conference, panel moderator Anand Prasad, chief information security officer at Rakuten Mobile, shared his insights on how to ensure that security is a fundamental part of 5G. Rakuten Mobile is rolling out a fully virtualized end-to-end cloud-native mobile network that’s due to launch in October 2019, including 5G-ready systems architecture that will allow for 5G rollout in 2020.

“The key is to have security from the very beginning and to have people understand the importance of security,” Prasad said in an interview with Rakuten Today. “The top management of Rakuten Mobile understand the importance of security better than I have seen anywhere else.”

“We have reason to believe this will be far more secure than anything that has come before,” said Anand Prasad, chief information security officer at Rakuten Mobile. “The end result is that subscribers will get best-in-class service with security that is continuously enhanced.”

Prasad has a long history in network security, having authored books, articles and patent applications on the subject. He has also worked at various operators and vendors in the ecosystem and served as chairman of a mobile communications security standards working group.

Prasad said that Rakuten Mobile’s unprecedented cloud-based virtualized network, which will feature hardware components with built-in security, represents “a true merger” of mobile and IT networks. The two parts attracted different kinds of attacks in the past, and by merging them, there’s a potential for a greater footprint for attackers.

However, Prasad is confident that this will not be an issue for Rakuten Mobile because of six key pillars protecting the network:

1. Baseline security such as hardening and isolation

2. Network security with appropriate firewalls, DDoS protection and protocol security

3. Identity management and role as well as attribute based access control

4. Public key infrastructure (PKI)

5. Automation of security features

6. A security operations center with 24/7 threat monitoring and response      

“We have reason to believe this will be far more secure than anything that has come before,” Prasad said. “The end result is that subscribers will get best-in-class service with security that is continuously enhanced.”

Transforming society

The biggest challenge to building Rakuten Mobile as a secure network, said Prasad, is not in technology or management support, but in finding the right human resources. It is a problem that affects the network and security industries worldwide, but one that may diminish as 5G and mobile communications become even more essential in our daily lives.

“Simply put, we are here to transform and to benefit society,” explained Prasad. “That’s our mindset. I hope that comes out clearly to the people and industry of Japan. We are bringing a platform that they can develop and enhance.”