India’s Airtel: Security concerns should be addressed before adopting 5G; Nokia and Huawei disagree!

India Telecom operator Bharti Airtel has cautioned that security concerns [1.] should be addressed before adopting 5G in India, even if it means pushing the rollout back by 12-18 months. Telecom equipment vendors Nokia and Huawei disagreed, saying security aspects shouldn’t be overplayed, and that India should not waste time before adopting 5G.

Airtel.Reuter

Gopal Vittal, CEO-India South Asia for Bharti Airtel said India must have right security architecture and policy. 

……………………………………………………………………………………………………………………………………………………………………………………………………………………………………….

Note 1.  5G (IMT 2020) networks will also come with risks. Vastly increased numbers of devices and an elevated use of virtualization and the cloud will mean many more 5G security threats and a broader, multifaceted attack surface. To realize a strong and healthy communications future, the industry needs to maintain a laser focus on 5G security.

ITU-T SG17/Q6: Security aspects of telecommunication services, networks and Internet of Things is the lead ITU-T activity on 5G security.  Doesn’t appear anything concrete has come out yet!

………………………………………………………………………………………………………………………………………………………………………………………………………………………………………

The above referenced companies differed  on the broader issue of security, with Nokia saying security around 5G was also a geopolitical matter, and not just a matter of technology, with “trust” in the gear supplier of crucial importance. China’s Huawei – under pressure across the world owing to alleged security concerns due to its perceived proximity to the Chinese government and fighting to gain trust of countries like India – downplayed the issue, saying it was a “a technical issue, not a political one.”

The government assured it is going through all issues, adding that concerns will be addressed through the Personal Data Protection Bill.“We should not plunge into this (5G), we should take next 12-18 months …to make sure we really understand this beast thoroughly,” Gopal Vittal, CEO-India South Asia for Bharti Airtel, said at ET Telecom 5G Congress held last week. He said India must have right security architecture and policy.

“Telcos have been mandated as per the licensing conditions how they have to deal with the data…Yes, there are concerns in OTT (over-the-top, or app) players and third-party solution (providers), and data protection will be in place,” said R Shakya, deputy director general (security) at the Department of Telecommunications (DoT).  Shakya was part of a panel on Policy and Regulatory Challenges in India’s 5G Journey that was moderated by Prashant Singhal, TMT emerging markets leader at EY.

Sanjay Malik, Nokia’s head of India market, said, “There will be a bit more threat in 5G but, from launching perceptive, let’s not overburden with policy and security aspects. Maybe it needs to be seen in terms of more than just network security, (and also the) geopolitical situation.”

Huawei India CEO Jay Chen countered, saying network security in the 5G context is “a technical issue, not a political one,” which he believes the Indian government is increasingly aware of. He added that challenges can be handled by framing universal security standards, equipment testing and even thrashing out legal arrangements. Chen also said 5G technology was also a lot more secure than 2G, 3G, or 4G due to its unique architecture, and its encryption codes can only be broken by quantum computers of the future.  Huawei India’s CEO said there is no time to lose as there are already 26 commercial 5G networks worldwide as we speak, which is likely to rise to 60 by the year-end, adding that there would also be 1 million 5G base stations in China alone by next year.

References:

https://www.ctia.org/news/whats-new-in-5g-security-a-brief-explainer

http://www.5gamericas.org/files/8815/4092/3086/5G_Americas_5G_Security_White_Paper_Final.pdf

https://www.3gpp.org/news-events/1975-sec_5g

https://www.reuters.com/article/us-telecoms-5g-security/western-allies-agree-5g-security-guidelines-warn-of-outside-influence-idUSKCN1S91D2

https://www.huawei.com/minisite/5g/img/5G_Security_Whitepaper_en.pdf

https://docbox.etsi.org/Workshop/2018/201806_ETSISECURITYWEEK/5G/S01_INPUT_TO_5G/ACTIVITIES_ACTION_PLAN_5G-SEC_ITUT_YANG.pdf

https://www.itu.int/en/ITU-T/Workshops-and-Seminars/20180319/Pages/default.aspx

2 thoughts on “India’s Airtel: Security concerns should be addressed before adopting 5G; Nokia and Huawei disagree!

  1. There doesn’t appear to be any security standards for IMT 2020. How is that possible?
    White papers and recommendations are not implementable!

    There was a ITU workshop on 5G security held 19 March 2018 but little or no follow up.
    Workshop objectives were:
    – to better understand evolving threats landscape;
    – to identify security requirements from 5G manufacturers, telecommunication
    operators, regulators, and application providers;
    – to share the on-going activities among relevant groups; and
    – to identify potential directions including new topics or ongoing work requiring
    collaboration among relevant groups above.
     Speakers from Nokia, KT, China Mobile, Huawei, TNO, Trialog,
    Horst Görtz Institute, KAIST, King’s College London.
    ………………………………………………
    Takeaways and Conclusions
    1. Identified standardization groups related to 5G security: NGMN Security Competence Team (SCT), 3GPP SA3,
    ETSI ISG NFV, GSMA, OASIS, and others (for example, IETF I2NSF, TLS, QUIC,UTA).
    2. Identified SGs in ITU-T: SG11, SG13(to take the lead on 5G), SG15(transport), SG17(security aspects), Joint
    Coordination Activity on IMT2020 (JCAIMT2020) under SG13, and FG-ML5G.

    https://www.itu.int/en/ITU-T/Workshops-and-Seminars/201807/Documents/Heung_Youl_Youm_Remote.pdf

    1. Agree and I’m stumped how wireless network operators can deploy pre-standard 5G networks without any security! Worse, is that when ITU-R WP 5D completes its IMT 2020 RIT/SRIT specs in late 2020 or early 2021, there will not be any companion ITU-T specs for IMT 2020 security. IMHO, that should include secure: access network, virtual RAN, mobile packet core, edge network, etc which are all vulnerable to a cyber attacks. Physical security will ALSO be needed for the many small cells deployed, especially for mmWave deployments.

      So it appears that all the highly touted non radio technologies for 5G (network slicing, virtual RAN, automation/orchestration/service chaining, network management, fault detection/recovery, etc) will not be standardized for several years. Open source consortiums will likely become defacto standards bodies and define the functionality/interfaces for all of those.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*

 
 

 

Recent Posts