Author
Listed:
- Filippo Dolente
(Department of Information Engineering, University of Pisa, Via Girolamo Caruso, 16, 56122 Pisa, Italy)
- Rosario Giuseppe Garroppo
(Department of Information Engineering, University of Pisa, Via Girolamo Caruso, 16, 56122 Pisa, Italy)
- Michele Pagano
(Department of Information Engineering, University of Pisa, Via Girolamo Caruso, 16, 56122 Pisa, Italy)
Abstract
The paper presents an experimental security assessment within two widely used open-source 5G projects, namely Open5GS and OAI (Open-Air Interface). The examination concentrates on two network functions (NFs) that are externally exposed within the core network architecture, i.e., the Access and Mobility Management Function (AMF) and the Network Repository Function/Network Exposure Function (NRF/NEF) of the Service-Based Architecture (SBA). Focusing on the Service-Based Interface (SBI) of these exposed NFs, the analysis not only identifies potential security gaps but also underscores the crucial role of Mobile Network Operators (MNOs) in implementing robust security measures. Furthermore, given the shift towards Network Function Virtualization (NFV), this paper emphasizes the importance of secure development practices to enhance the integrity of 5G network functions. In essence, this paper underscores the significance of scrutinizing security vulnerabilities in open-source 5G projects, particularly within the core network’s SBI and externally exposed NFs. The research outcomes provide valuable insights for MNOs, enabling them to establish effective security measures and promote secure development practices to safeguard the integrity of 5G network functions. Additionally, the empirical investigation aids in identifying potential vulnerabilities in open-source 5G projects, paving the way for future enhancements and standard releases.
Suggested Citation
Filippo Dolente & Rosario Giuseppe Garroppo & Michele Pagano, 2023.
"A Vulnerability Assessment of Open-Source Implementations of Fifth-Generation Core Network Functions,"
Future Internet, MDPI, vol. 16(1), pages 1-24, December.
Handle:
RePEc:gam:jftint:v:16:y:2023:i:1:p:1-:d:1303402
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:16:y:2023:i:1:p:1-:d:1303402. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/gam/jftint/v16y2023i1p1-d1303402.html
