Page 311 - 5G Basics - Core Network Aspects
P. 311

Core network aspects                                            1


            10.1.3  Data security

            In traditional single-path transmission control, data security mainly includes data confidentiality and data
            integrity. To provide a service with higher security than regular single-path transmission, data security is
            required to be considered in multi-path transmission control. Data security is used to protect data from
            malicious attacks, such as: intercept, unauthorized disclosure, duplication, modification. The data security is
            described in detail in this clause.

            1)      Data confidentiality
                    Data confidentiality protects data from unauthorized disclosure. Some private data are of great
                    importance in a multi-path transmission model, such as addresses of an MPT-enhanced MUE or
                    other attribute information of one or more transport paths. Once they are disclosed, it results in
                    security  threats  such  as  identity  imitation  of  attackers  or  data  falsification  and  modification.
                    Therefore, data confidentiality mechanisms are necessary. Encryption is an important method to
                    provide data confidentiality. It ensures that only the session entity with the correct key can read the
                    data.  Encryption  algorithms  such  as  DES  and  RSA  can  be  deployed  optionally.  Enforcing  file
                    permissions and the use of access control lists to restrict access to sensitive data also contribute to
                    data confidentiality.
            2)      Data integrity

                    Data integrity aims to maintain the consistency, accuracy, and trustworthiness of data over their
                    entire life cycle. It ensures that data have not been altered or destroyed in an unauthorized or
                    undetected manner. Since data are sensitive to modification, it is necessary to ensure data integrity.
                    For example, modification or destruction of the signalling data used for path control may lead to
                    unpredictable communication consequences.

                    Data integrity can be provided by integrity check value (ICV) processing. ICV processing may be used
                    to detect unauthorized modification of MPT user data and security control information while the
                    data is in transit between communicating transport entities. Hashing algorithms such as MD5 and
                    SHA1 can also be used for checking data integrity.

            10.2    Attack defence
            10.2.1  Flooding attacks

            Flooding attacks, also known as bombing attacks, mean that with the help of a third party, an MPT-enhanced
            MUE transmits large amounts of data to the target. Flooding attacks send a large amount of data which
            exceeds the service ability of the victim, consumes the limited resources of available to the victim, such as
            network bandwidth, CPU processing power, memory and network connections, and which result in the denial
            of service of the victim.
            Before launching an attack, the attacker initiates a session to a source, S, and establishes the first path from
            S.  The  attacker  then  starts  downloading  a  great  amount  of  traffic  from  source  S.  Next,  the  attacker
            impersonates  the  victim  and  sends  a  signalling  packet  conveying  the  address  of  the  victim  to  establish
            another  path  belonging  to  the  existing  transport  layer  connection  with  S.  Now,  two  paths  have  been
            established between the attacker and the victim. In this case, one path is actually between S and the attacker,
            and the other path is between S and the victim. However, source S believes that the two paths are both
            between itself and the attacker.
            After completing the above, the attacker can send some mendacious information to notify S to transmit
            traffic to the victim through the path between the attacker and the victim.

            If the attacker can successfully make the attack, source S falsely transmits a large amount of traffic to the
            victim. The amount of traffic is often beyond the resources available to the victim and results in the victim
            suffering a serious attack. In this process, source S always thinks that it is sending data to the attacker.
            For the victim, some countermeasures can be taken to avoid this type of attack. When receiving packets from
            an unknown path, the victim can issue reset (RST) packets to the peer MPT node, which is the source of these
            packets. RST packets can interrupt the multi-path transmission connection. Thus, after source S receives the


                                                                                                         301
   306   307   308   309   310   311   312   313   314   315   316