End-to-end Network Slicing security across standards organizations

This paper makes a holistic analysis of the security aspects specified for 5G network slicing across the main standards and industry organizations, namely 3GPP, ETSI, ITU and GSMA. A network slice is a logical end-to-end network that provides specific network capabilities and characteristics to serve a defined business purpose of CSP (Carrier Service Providers) customers. That purpose can be motivated by CSP internal reasons such as network operation optimization, services classification, or specific customer demands. Network slicing can be defined as a paradigm where network slices are created with appropriate isolation, set of resources, and optimized topology, becoming a key feature and business driver for 5G. The overall security architecture of 5G network is being constantly enhanced with new security features, available as well in network slices as logical networks created within the 5G network. In contrast, the threat surface is increased with network slicing as new factors such as business models, tenants, functions, interfaces and signaling flows are introduced, especially when the isolation among network slices is not well designed and effectively enforced. By analyzing the underlying security threats on network slicing, the paper derives the corresponding security requirements and studies the specified mechanisms to protect the network slices. The paper concludes pointing out several gaps in current standards with respect to 5G network slicing security and depicts possible next steps for further investigation.