Securing 5G+ Edge Application
Please Sign In to read the complete article
in the 5G Magazine
The edge promises and security needs
Transformational edge applications require efficient data processing near the source, low latency bandwidth, and highly scalable distributed systems. Smart IoT sensors, 5G+ wireless, AI, Cloud, Microservices, Kubernetes, and MLOps are the key enablers of complex edge solutions. Edge applications such as Autonomous Cars, Integrated Smart Factory, Smart Patient Monitoring, Smart Grid, Precision Farming, Remote Monitoring of Oil & Gas Drilling, promise tremendous value to businesses in terms of cost optimization, revenue growth, and innovation.
Business and IT leaders focus on applications affecting business operations and securing them stays their top priority. The recent trends in sophisticated ransomware attacks trying to control operations have elevated their concerns much higher. It is not uncommon to see topics such as cybersecurity and edge security being discussed at the board level. As a result, security has become the backbone of 5G+ edge applications, while securing them poses a true challenge for software and hardware technologists.
Complexities in edge application architecture
Edge applications are distributed across three application layers: Enterprise Cloud, Core Edge, and Far Edge. The three-layer architecture enables edge applications to run at scale, stable, and secure. The Enterprise Cloud layer consists of master services to handle data store, analytics, AI models, network, security, and application management. Far Edge node services process data received from hundreds of IoT devices in remote locations and perform real-time analytics at the edge. Core Edge acts as a regional application center to combine many far edge services and coordinate actions to be executed.
The edge application is decomposed into loosely coupled microservices and deployed onto Kubernetes clusters. The Security Services manage security requirements for data, network, edge, and application. All the distributed services must be well managed and coordinated to work in synchrony, be fault-tolerant, and be able to run at scale. See 5G Magazine for Figure 1 5G+ Edge application landscape.
Security challenges in edge application
While stability, scalability, and security are the key pillars of 5G+ edge business applications, stability may be addressed through efficient DevOps, reliable infrastructures, and high availability systems. Scalability may be addressed by over-sizing the resources or by having spare clusters on hot stand-by. Security on the other hand cannot be substituted by alternate approaches. With multiple application layers, distributed microservices, hardware-software integrations, and processing of sensitive data outside of the IT centers, edge applications open up multiple points of “security vulnerability”.
The following list highlights the key aspects to be considered in securing 5G+ edge applications:
- IoT sensors must be protected physically and digitally
- The network, 5G+ wireless must be secured for access, interruptions, and attacks
- The data must be secured during transit and at rest
- The messages must be secured against interception and distortions
- The AI models must be secured from access and updates
- The application services must be secured for access, interruptions, and malwares
See 5G Magazine, for the table providing indicative representation of security threats and risk levels across the edge application layers. For the overall application efficiency, security functions must be optimized based on the security threats and the assessed risk level across the application layers including the edge devices.
The way forward in securing 5G+ edge application
Security must be built from the core and integrated end-to-end across the edge application. Enterprise solutions experts strongly recommend a thorough approach in securing the key elements of edge applications.
Securing IoT Devices: Millions of IoT Sensors from remote locations generate large amounts of sensitive data required for the application. Smart sensors have processing capabilities that must be protected against malware and trojan injections. Advanced edge network attacks can inject fake nodes to cipher messages and take control of assets. Edge devices must be protected from physical tampering, circuit modifications, and isolation. Security defense logics can leverage machine learning models to detect hardware trojans and camouflaged edge nodes. Device manufacturers are offering smart sensors with embedded security and enable capabilities to live update the firmware and security features to address evolving threats.
Securing Network & 5G+ wireless: Edge networks are prone to “routing attacks” at the communication layer affecting the latency and throughput. Distributed denial of services (DDoS) attacks can overwhelm the edge network and make the nodes dysfunction. 5G+ wireless opens up additional security vulnerabilities. Securing a network starts with fundamental definitions of policies and processes to prevent unauthorized access, modifications, and interruptions. Cryptographic protocols such as TLS secure the messages across the network. By analyzing threat patterns in the core and edge network, AI models can be developed to detect and prevent attacks before they can happen. Telcos are investing to enhance the security features in their offering through IMSI encryption, SDN, MG 3GPP, and NFV.
Securing Systems & Software: Systems and software must be protected both at the hardware and operating system level. Edge servers have inbuilt security features to augment the operating system securities. The network gateways must be secured from physical and network access. Data stored in the systems, insights developed through processing the data, AI models, and services must be protected against access and hacking. Application codes and policies must be validated using AI-infused vulnerability checks. Cybersecurity and storage companies are fast developing advanced data encryption and security tools perfected for edge applications.
Security innovations in the horizon
The modern-day security threats are highly dynamic and unpredictable. Each day, cybercriminals are getting smarter and more sophisticated. The defense strategies must stay one step ahead to effectively counter the constantly evolving threats. Edge applications architecture allows for the distribution of security updates. The Security detection and deterrent services must auto-learn over time and initiate alarm or shutdown triggers to handle breaches such as ransomware that threaten business outages.
In recent years, security threat detection and event management solutions elevated the protection level significantly by using AI techniques. Competitive cybersecurity and cloud vendors are teaming up to combat the ever-increasing threats from malware and ransomware. Innovative techniques should enable continuous learning of threat patterns and automated updates of protection logic should become a standard feature. Quantum safe encryption and quantum-safe networks have promising solutions suited for edge applications.
In the coming years, 5G+ edge applications will accelerate digital transformation, drive topline and bottom-line improvements for businesses around many industries. Security must be incorporated at the application core and integrated across the edge solution. Security services should use modern AI techniques and support dynamic updates to defend the rapidly evolving sophisticated attacks. It is also promising to note that software and hardware vendors are investing heavily to embed security as an integral feature of their offering. Through further innovations using AI and quantum technologies, we can expect a “team of virtual smart edge sentinels” that will ensure total security to business-critical 5G+ edge applications.