PRIVATEER - Privacy-first security enablers for 6g networks
5G has come with a new rich set of features and capabilities, which, in addition to their obvious technical and business value, as expected, are accompanied with various side-effects, one of the most important of which is the drastic increase in the attack surface, compared to legacy cellular network infrastructures. Some of these 5G-specific aspects, which, under certain circumstances, may introduce new vulnerabilities and increase the probability of a security incident, are: software-defined infrastructures (more prone to integrity violations compared to hardware functions); slicing and multi-tenancy (introducing new threats related to poor slice isolation); multi-actor infrastructures (implying privacy concerns) and complex, multi-tier architectures (amplifying the effect of cascading security incidents). Several initiatives have resulted in an exhaustive identification of the 5G landscape e.g. the Security Working Group of the 5G PPP1 or ENISA2 and have concluded to specific guidelines such as the EU 5G Cybersecurity Toolbox3. Furthermore, several EU projects (such as 5GENESIS, INSPIRE5GPLUS, SPIDER, ASSURED and PALANTIR, on all of which the PRIVATEER project will build) have developed security mechanisms to address the identified challenges.
The emergence of 6G, which is currently been envisaged as a set of new technology enablers, is expected to further widen this threat landscape4, by including aspects such as heterogeneous radio, RAN softwarisation, multi-vendor deployments, AI-driven network management. It is thus evident that the current vision for 6G calls for significantly stricter security controls compared to legacy networks.
At the same time, Privacy is considered a key pillar in EU research and development activities towards 6G network, as privacy enablement is considered a top societal aspect in the EU 6G vision5. 6G is envisaged to comprise a totally decentralized, zero-trust infrastructure, involving several actors across the service chain (core/edge/RAN infrastructure providers, service providers). In such a pluralistic environment, privacy is pivotal, not only for the end users, but also for all involved stakeholders; and it needs to be taken into account as a key requirement in all technologies of the network stack, including security mechanisms.
In other words, the challenge for security enablers in future networks is, on the one hand, to address the significantly widened 6G threat landscape, while on the other hand to preserve the privacy of all actors in the 6G chain. Intrusive security cannot be any more considered acceptable.
In this context, the aim of PRIVATEER will be exactly to promote privacy as a primary requirement in the development of 6G security enablers.