is your future safe with 5g? · building on the proven, solid security foundation of 4g lte. 1....
TRANSCRIPT
Is your future safe with 5G?Jesse SeedSenior Director, Security Product ManagementQualcomm Technologies, Inc. (QTI)
October 24, 2019 MWC LA
2
5G standard brings enhanced security and privacyBuilding on the proven, solid security foundation of 4G LTE
1. International Mobile Subscriber Identity
Tighter securityTo expand protection and
increase flexibility
Added user plane integrity protection; lower trust in serving networks; subscription credentials can be stored in secure hardware element
Enhanced privacyTo eliminate communication of
unprotected device-specific information
User permanent identity (e.g., IMSI1) and device-specific information are ciphered before being exchanged over the air
Flexible framework To support new devices, use
cases, and deployments
Unified authentication for 3GPP & non-3GPP access (e.g., Wi-Fi), security anchor function, and network slicing
5G security core network
3GPP device
Non-3GPP device
3
5G enables massive IoT deploymentsWhere virtually everyone and everything is intelligently connected
4
5G enables massive IoT
1: Symantec ISTR 24, Feb 20192: Kapersky Lab IOT Report, Sep 20183: Symantec ISTR 24, Feb 2019
3X increase in malware
attacks on IOT devices in first
half 2018 2
Are our endpoints secure?
Top 3 Mirai DDoS attack
in 2018! 3
5200avg attacks a
month on connected devices 1
5
User Authentication,
Permissions and Roles
Man-in-the-Middle
Password Compromise, Man-in-the-Middle
User Authentication,
Permissions and Roles
Device Security Needs
Code Modification, Key Compromise, Password Compromise
Code Modification
Common device security needs and the attacks they protect against
Key Compromise,Man-in-the-Middle
Software IntegritySoftware Integrity
Data-at-Rest and Data-in-Transit
Protection
Device-Cloud Authentication &
Attestation
Device-Cloud Authentication &
AttestationFirmware
Upgrade and Lifecycle
Management
Firmware Upgrade and
Lifecycle Management
ROOT-OF-TRUST
66
Why Root-of-Trust mattersSecurely connect and manage devices at scale from chipset Root-of-Trust
Chipset factory
IoT devices
7
Industry Regulation, Standards, and Certifications
ARM PSA Certified
8
New experiences Privacy/security
New verticals Immediacy
Private/public networks Personalization
Customized/local value Reliability
EfficiencyProcessing
over 5G
Edge cloud On-device• Devices of all costs should consider
essential platform security features
• Strong root of trust is needed, at the SOC level
• 5G is rolling out now, with it comes enhanced network security
• End point security is also required; current devices often fall short
• Regulations, standards, and certifications rolling out for endpoint
security
Follow us on:For more information, visit us at:www.qualcomm.com & www.qualcomm.com/blog
Thank you!
Nothing in these materials is an offer to sell any of the components or devices referenced herein.
©2018-2019 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
Qualcomm is a trademark of Qualcomm Incorporated, registered in the United States and other countries. Other products and brand names may be trademarks or registered trademarks of their respective owners.
References in this presentation to “Qualcomm” may mean Qualcomm Incorporated, Qualcomm Technologies, Inc., and/or other subsidiaries or business units within the Qualcomm corporate structure, as applicable. Qualcomm Incorporated includes Qualcomm’s licensing business, QTL, and the vast majority of its patent portfolio. Qualcomm Technologies, Inc., a wholly-owned subsidiary of Qualcomm Incorporated, operates, along with its subsidiaries, substantially all of Qualcomm’s engineering, research and development functions, and substantially all of its product and services businesses, including its semiconductor business, QCT.