A stakeholder-oriented security analysis in virtualized 5G cellular networks

Besides significantly outperforming past generations in terms of capacity and throughput, 5G networks and systems will provide an infrastructure for the support of highly diversified services and verticals. Indeed, the major paradigm shift with respect to previous cellular network generations, specifically oriented to one class of terminals (namely, people's cell phones), is the largely heterogeneous nature of the multiplicity of end systems supported. Within a 5G infrastructure, playing the role of network of networks, traditionally independent technical and business stakeholders are now called to cooperate in the deployment of crucial infrastructure components relying on innovative (for the Telecom world) technologies such as virtualization, not in the traditional operators' portfolio, and eventually placed in security-critical parts of the network - think e.g. to Multi Access Edge Computing systems. Goal of this survey is to analyze the complex threat landscape of 5G systems, by taking the point of view of the involved stakeholders. The motivation behind our proposed analysis revolves on the observation that, in complex and virtualized systems such as the 5G infrastructure, an attack to a system component under the responsibility of a given stakeholder may yield a dramatic impact to a completely different player. Therefore, while reviewing the many 5G security risks and relevant threats which the main stakeholders operating in virtualized 5G cellular networks are exposed to, we will try to showcase the sometimes non-obvious relation between impact and responsibility, as well as identify shared responsibilities.

Automated summary

5G networks and systems will not only outperform past generations in terms of capacity and throughput, but also provide infrastructure for a wide range of services and applications. Unlike previous cellular networks, 5G systems will support various types of end devices, requiring cooperation from different technical and business stakeholders to deploy crucial infrastructure components.