We will bring together our MobiFlow Auditor, 5G-Spector, and 5G-KubeArmor, under a unified security management interface that will simplify the task of managing the security posture of all assets within a 5G network deployment. We will champion the notion of an all-in-one 5G-native management platform (5GNAPP) that centralizes 5G runtime monitoring, audit and alert management, threat response, configuration validation, and compliance validation. We intend to leverage the same visual presentation methods, status displays, auditing, systems management principles, and visual presentations that administrators already rely on daily to manage their IP networks and cloud assets.
A Complete 5G Security Management System
The key security functions that a 5GNAPP management system will deliver are as follows:
Configuration Validation: SD-RAN Kubernetes configuration security validation
xApp and RIC Security Compliance: Automated YAML policy generation for xApp and the nRT-RIC
Control Plane Compliance Enforcement Inline control plane policy monitoring and inline prevention (using 5G-KubeArmor)
Live RF-Threat Monitoring: Runtime 5G-IDS analyses of MobiFlow security audit streams (using 5G-Spector) to detect RF-based attacks and conduct anomaly detection of RAN operations
Audit Governance: Consolidate report generation to capture base-station layer security-relevant statistics, security policy violation, and warning alerts, 5G-Spector RF-attack detection alerts, and SD-RAN configuration validation summaries.
The figure above shows our Phase I 5GNAPP Mockup screen, which is based on our existing AccuKnox Cloud Security Posture Management (CSPM) Interface. AccuKnox is a technology leader in the Zero-trust Cloud-native Application Protection Platforms (CNAPP) marketspace, and we will leverage its expertise in designing an entirely novel 5G security-management system. Three critical services enable the 5GNAPP management interface to provide comprehensive coverage of the 5G network infrastructure. First, the MobiFlow Auditor enables the system to display the state of all UE-to-base-station interactions, and it captures critical base station performance statistics that are relevant in detecting probes, floods, DoS attacks, and other anomalous phenomena that affect RAN operations. Second, 5G-Spector enables the system to identify specific hostile RF actors that target either UEs or the base station, delivering a unique runtime 5G-IDS service that alerts the operator to malicious RF phenomena as it happens. Third, 5G-KubeArmor enables the system to deploy and enforce least-permissive application-layer security policies to lock down the entire nRT-RIC Kubernetes pod. Combined, these security sensors and services enable the 5GNAPP interface to display the health and status of every asset within the network.