Explore a comprehensive analysis of 5G security risks and mitigating controls in this 46-minute RSA Conference talk by Zhijun Zhang, Lead Security Architect at The World Bank Group. Delve into the new technology components and services of 5G networks, examining potential threats through a custom-developed threat model. Gain insights into the 5G ecosystem's security challenges, including radio access network, core network architecture, trust model, and multi-access edge computing. Learn about the threat modeling process, actors, and actions using the STRIDE+LM framework. Discover how to apply this knowledge to assess risks and implement effective security measures in 5G environments. Prerequisite understanding of threat models such as STRIDE is recommended for maximum benefit from this informative presentation.
Demystifying 5G Security through Threat Modeling
Overview
Syllabus
Intro
What is 5G ?
Generations of Mobile Technologies
5G Features - Performance
56 Features - Technology Revolution
Supported by Network Slicing and Virtualization
5G Security - Radio Access Network
5G Security - Core Network - Service-based Architecture
5G Security - Trust Model
5G Security - Multi-Access Edge Computing (MEC)
5G Security - Key Elements
5G Security Challenges
The Threat Modeling Process
Threat Actors
Threat Actions - STRIDE + LM
Threats (Actors Performing Actions)
Threat Model for a Specific Use Case
Sample Threat Table for the Use Case
Sample Risk Assessment and Disposition
5G Threats - Major Mitigating Controls
Apply What You Have Learned Today
References
Taught by
RSA Conference
