Page 218 - Kaleidoscope Academic Conference Proceedings 2021
P. 218

Session 4: Policies and ontology for security management

             S4.1      Collaborative 5G multiaccess computing security: Threats, protection requirements and scenarios*
                       Gang Zhao,  Feng Zhang, Le Yu, Hongyang Zhang, Qin Qiu and  Sijia Xu (China Mobile, China)

                       5G MEC is a new model for 5G network architecture that moves cloud computing capabilities and
                       IT service environments to the edge of mobile communication networks, providing nearby services
                       for users. This establishes a carrier-class service environment with high performance, low latency,
                       and high bandwidth. 5G MEC enables new applications by moving core network functions to the
                       network edge. However, it also brings new security challenges and increases security supervision
                       difficulty. This paper proposes 5G MEC security protection policies for operators and 5G industry
                       customers  by  drawing  on  successful  industry  practices.  The  goal  of  these  policies  is  to  help
                       industry customers implement the three sync requirements (synchronous planning, synchronous
                       construction, and synchronous maintenance) on security while developing 5G MEC applications,
                       as well as guiding the industry to improve MEC security capabilities.
             S4.2      Security vulnerability expressions: A technology for empowering novice practitioners around the
                       world with security maturity capabilities*
                       Jacques Francoeur (Security Inclusion Now, USA)


                       The evolution of security over several decades by advanced countries has generated vast amounts
                       of valuable security knowledge ("Knowledge") contained in standards, regulations and guidance
                       ("Frameworks") published in the form of documents and spreadsheets. Knowledge captured in this
                       form is very difficult to consume and adapt, especially by novice practitioners. If this barrier could
                       be removed, it would release its enormous locked-in value to the rest of the world who desperately
                       need  it.  A  model  and  enabling  software  application  ("Technology")  is  proposed  for  novice
                       practitioners to quickly ingest existing, readily available knowledge contained in frameworks;
                       thereby  enabling  easy  access,  search,  visualization,  navigation,  and  consumption  of  the
                       frameworks and their maps. This technology will be made available as open source to the world.












































                                                          – 156 –
   213   214   215   216   217   218   219   220   221   222   223