Security and privacy in 5G

Abstract

The current advancements of communication systems and their applications have changed our lives and will influence them further in the future. Next generation 5G networks will represent a salient technological breakthrough that combines old and new technologies and involves, among all, new models of service provisioning and resource sharing. In particular, they will lead to the emergence of mechanisms and architectures towards the on-demand multi-tenant philosophy. In this new eco- system, it will be necessary to address the trust question among stakeholders as well as their security. The 5G revolution brings new pitfalls due to novel forms of human-to-device in- teractions and the even higher pervasiveness of the technology in human life. As an example, in the Internet of Things (IoT), devices equipped with sensing, processing, storage and decision-making capabilities, can actively interact with one another and with humans. Although their design could strictly adhere to the principles of pri- vacy and security, several factors, such as weak implementations of communication protocols, metadata information exchange, and architectural flaws, could jeopardise the security and privacy of their owners. Moreover, the augmented complexity and heterogeneity deriving from the ultra-densification of communication infrastructures, although it can improve data rate, reduce delay, and coverage of cellular networks, might raise new threats to the privacy of network subscribers. In the first part of this thesis, we provide an overview of 5G networks and analyse the security, trust, and privacy problems in it. Then, we discuss the mutual impact of security and privacy of stakeholders and the use of semantic reasoning systems for the trust evaluation. In this vein, we studied the features of security ontologies that can influence the automated threat identification process and laid out a road towards ontologies simplification. In the second part of this thesis, we give a brief introduction to the privacy issues in the IoT. Then, we propose a methodology of analysis for identification of privacy threats in the IoT which can explore the privacy issue space from different perspectives and at various levels of abstraction. In the third part of this thesis, we explore the effect of both user equipment and access points densification on the location privacy. We characterised the relationship between density of users and the success of at- tacks aiming at disclosing the location of subscribers. Hence, we propose a mitigation strategy founded on the concept of virtual cells.