Network Slicing: The Future of 5G?
According to ESF Project Director Jorge Laurel, 5G network slicing products won’t hit the private market for at least a couple years, and it’s not yet in full use outside of a lab environment. However, 5G network slicing’s potential is promising, particularly when it comes to network security.
Multiple virtual network slices could run on a single physical network, but users would be authenticated for only one network area to ensure data and security isolation. For federal agencies that deal with sensitive data and require low-latency communication, this kind of segmentation could be a powerful security measure.
“Network slicing is like a VPN,” Laurel says. “You have a large network, but how do you create individual secure channels within that particular network that you can pass data across? When you need priority for one particular user because of the importance of that information, low latency or overall security and privacy, you will set up a network slice.”
As with any other emerging technology, new opportunities come with added risks, and interested organizations need to be aware of the latter. The NSA and CISA outlined potential risks with network slicing and best practices on implementing it safely.
READ MORE: How to successfully migrate your agency to zero trust.
Potential Threats to 5G Network Slicing
Network slicing involves virtualizing multiple components of a network, including physical computing, storage and networking infrastructure. Network slicing components can span multiple operators, making networks more complex and difficult to manage, which can leave organizations vulnerable.
Working with different government agencies and industry partners, ESF identified three threat vectors as highly relative to network slicing:
- Denial of service attacks, which impact the availability of network slices; if network slices aren’t properly isolated, such an attack can disrupt entire systems
- “Man in the middle” attacks, which could result in confidentiality violations and the spreading of misinformation
- Configuration attacks, which could lead to key security features being turned off or system monitoring services being disabled
Laurel points out that threat vectors may become more or less relevant over time as more organizations implement network slicing.
“As standards progress, we may find that something we thought was a low relativity threat was actually going to be a high threat, and what we thought was a high threat was mitigated through new standards being put out,” he says.