Rolf Blom

Conversational IP multimedia security

With the introduction of 3G systems multimedia applications over wireless will become widely available to the general public. One such application will be peer-to-peer conversational multimedia communication in which voice, video, still pictures and other media can be used simultaneously and in an interactive way. However, in an all IP environment it is important to have high quality and efficient security services to protect the traffic against eavesdropping and manipulations. In particular, end-to-end security is considered attractive. This paper investigates the security requirements that emerge from conversational IP multimedia applications in heterogeneous environments, with special emphasis on the requirements stemming from the wireless access. The design and the design goals of both SRTP, a security protocol for protection of media traffic, and multimedia Internet keying (MIKEY), a key management protocol specially developed for those environments, are also described.

A Security Architecture for 5G Networks

5G networks will provide opportunities for the creation of new services, for new business models, and for new players to enter the mobile market. The networks will support efficient and cost-effective launch of a multitude of services, tailored for different vertical markets having varying service and security requirements, and involving a large number of actors. Key technology concepts are network slicing and network softwarization, including network function virtualization and software-defined networking. The presented security architecture builds upon concepts from the 3G and 4G security architectures but extends and enhances them to cover the new 5G environment. It comprises a toolbox for security relevant modeling of the systems, a set of security design principles, and a set of security functions and mechanisms to implement the security controls needed to achieve stated security objectives. In a smart city use case setting, we illustrate its utility; we examine the high-level security aspects stemming from the deployment of a large number of IoT devices and network softwarization.