Security architecture for authorized anonymous communication in 5G MEC

The use of services provided in modern mobile networks using edge servers (5G MEC) requires extended security solutions. One of them is an access control system adapted to the different needs and requirements of end users and service providers. Another, equally important, is the protection against the takeover of the service during its lifetime, which leads to the inevitable leakage of information and economic losses. In this paper, we present a new access control architecture for the 5G MEC network, which meets both security requirements in a flexible and lightweight way. First, we specify the architecture scheme and its central element, MEC Enabler, which manages access control security policies and generates access credentials (tokens). Next, we describe the method of securing data packets in the communication process related to the service provided by the MEC server, preventing the session from being intercepted by an unauthorized user. The countermeasure is designed to protect data identifying packets (node addresses, port numbers) and prevent identification of packets' connection with the protected service. Experiments on the operation of the service with the implemented protection mechanism made in a testbed show that the proposed security solution has a negligible effect on the MEC-hosted application delays.

Automated summary

This paper presents a new access control architecture for the 5G MEC network, which meets security requirements in a flexible and lightweight way. It introduces the MEC Enabler as the central element for managing access control security policies and generating access credentials. The paper also describes a method to secure data packets in communication process to prevent unauthorized interception of sessions.