Brian Kelley explains how he is taking advantage of new models to protect 5G networks.
Brian Kelley, JBSA 5G Principal Investigator, JBSA 5G PMO, DOD at the Billington Cybersecurity Summit in Washington, DC on September 8, 2022. Photo Credit: Billington
As the Department of Defense continues to roll out 5G capabilities, the agency is looking to new security techniques like network hacking, blockchain, and zero trust to quickly protect and deliver sensitive data to the end user.
“We have 5G pilots underway within the continental United States for things like healthcare, maintenance, etc. What I’m really excited about is the applications for 5G in the tactical environment, for real lower range communications, and working with our allies on that as we look at the standards and the tactical applications. I think it can be a game changer,” DOD CIO John Sherman said Thursday during the Billington Cybersecurity Summit in Washington, DC.
Brian Kelley, DOD Joint Base San Antonio (JBSA) 5G Principal Investigator at the agency’s JBSA 5G PMO, explained that 5G will support edge computing and help bring applications closer to the user, reducing data latency. the communication. DOD is also investigating multi-access edge computing (MEC) to provide cloud computing capabilities and an IT service environment at the network edge.
“[5G] it is intended for scenarios where a large distribution of devices is needed to cover a wide area, but in a very dense environment,” said Kelley. “One of the benefits of 5G is the ability for the network itself to be quite malleable in terms of how it’s configured. … A lot of the 5G use cases are really critical in terms of bringing critical infrastructure on board with the 5G use cases, so we have to get to the right security.”
As the DOD continues to embrace 5G, the agency is looking at how it can protect its networks. Kelley explained that the agency is leveraging Security Perimeter Protection Proxy (SEPP) and security techniques to hide user identities. Automation techniques such as machine learning and artificial intelligence could also help the DOD better protect its networks.
“One of the key functions of the network is something called the data analysis function of the network. So this feature ties in very well with zero trust, machine learning, and continuous monitoring. These types of systems can be implemented for edge-based solutions that can maintain security,” Kelley said.
Network slicing overlays multiple virtual networks over a shared network domain, and there are native network partitions that are defined within the factory standard: one related to broadband communications, one related to ultra-reliable low-latency communications, one related to with massive “Internet”. of things” and one related to connected vehicles.
“Network segmentation – One of the things it gives you is the ability to know the quality of services for your system, so network segmentation is a formal way of saying, ‘I want this kind of quality.’ Kelley said. “If there is a vulnerability and network performance degrades, then the network segment should help in terms of being able to define what is acceptable performance.”
Kelley noted that there is an opportunity to create additional network segments that are customized and incorporate end-to-end encryption to help protect the overall network. Blockchain security could also be used to automate interactions and transactions for applications.
Kelley noted that “non-standalone versions of 5G” are one of the challenges the DOD has faced in securing its networks.
“One of the challenges is the idea of coexistence,” Kelley said. “There has to be backwards compatibility with 4G… 5G has a lot of native enhancements in terms of security that maybe didn’t exist in 4G. So when we have to co-exist with sort of backward networks… it’s a weakest link issue, where our vulnerabilities may be based on the fact that we’re connecting and integrating with a hybrid set of non-5G networks. native.”
DOD approaches security with a “layered model,” which integrates DevSecOps to build security into the development process. The model is also based on zero trust and continuous monitoring. Going forward, Kelley advocated global 5G standards, which would ultimately benefit network security.
“If we want security to be embedded…then we need to take government policies and standards and instead of having an ad hoc piece…formulate these policies and make them a standard throughout the world. I think that would be really cool,” Kelley said. “If you’re just designing a generic system without these kinds of standards, it’s much more difficult than layering a standardized model for zero trust.”