International Journal of Advanced Networking and Applications

Open Access Open Access  Restricted Access Subscription Access

Performance Study on 5G - NSA Backhaul Network Secured with HIP


Affiliations
1 Department of Computer Science, The Open University of Sri Lanka, Nawala, Sri Lanka
 

Fifth generation Non-Stand Alone (5G-NSA) mode offers users an earlier 5G experience before worldwide Stand Alone 5G implementation (5G-SA). In 5G-NSA, operators utilize the existing fourth-generation (4G) networks to provide pre-5G services. In some 5G-NSA deployments, the 4G backhaul network connects the 5G core (5GC) or 4G evolved packet core (EPC) to the 5G new radio (5G NR) network. Nevertheless, implementing security in all network segments is essential to assure end-to-end security in 5G-NSA implementations. Operators must use Internet Protocol security (IPsec) to secure user plane transmissions through 4G backhaul. Host Identity Protocol (HIP) is an alternative method to implement IPsec without disturbing radio or core network protocols to provide node authentication, data encryption with integrity protection, and replay protection to the user plane. This study evaluates the effectiveness of the secure HIP-4G backhaul network to assure end-to-end security in 5G-NSA. According to the results, HIP implementation does not delay message transmissions. Only a slight delay occurs at the security session establishment phase in the HIP Base Exchange process. Hence the HIP implemented 4G backhaul is appropriate to assure end-to-end security in 5G-NSA until the 5G-SA internetworking solutions are implemented.

Keywords

5G, 5G-NSA, 4G-LTE, Backhaul Network Security, Host Identity Protocol.
User
Notifications
Font Size

  • “5G Wireless Backhaul | Networks Solutions | Samsung Business Global Networks,” Samsung global_nw. https://www.samsung.com/global/business/networks/solutions/wireless-backhaul/ (accessed Jan. 20, 2023).

  • "5G Deployment Options-Operators to Drift from 4G to 5G," The 5G Zone, Dec. 23, 2019. https://the5gzone.com/index.php/5g-deployment-options/ (accessed Jan. 13, 2023).

  • “A guide to 5G network security," Ericsson.com, Sep. 18, 2019. https://www.ericsson.com/en/security/a-guide-to-5g-network-security

  • L. Badman and T. Nolle, "Enterprise 5G deployment options and how to procure them | TechTarget," Networking. https://www.techtarget.com/searchnetworking/tip/Enterprise-5G-deployment-options-and-how-to-procure-them (accessed Jan. 20, 2023).

  • B. Lavallée, “Spotlight on 4G/5G backhaul networks,” www.ciena.com. https://www.ciena.com/insights/articles/spotlight-on-4g-5g-backhaul-networks.html

  • C. Gartenberg, "5G is almost here — here's how everyone's getting ready," The Verge, Sep. 07, 2018. https://www.theverge.com/2018/9/7/17829270/5g-phone-cell-mobile-network-hardware (accessed Feb. 23, 2023).

  • “Ericsson Mobility Report,” www.ericsson.com, Sep. 07, 2020. https://www.ericsson.com/en/reports-and-papers/mobility-report

  • P. Jokela, R. Moskowitz, and J. Melen, "Using the Encapsulating Security Payload (ESP) Transport Format with the Host Identity Protocol (HIP)," IETF Datatracker, Jul. 15, 2015. Accessed: Feb. 10, 2023. [Online]. Available: https://datatracker.ietf.org/doc/html/draft-jokela-hip-rfc5202-bis-00

  • A. R. Prasad, S. Arumugam, S. B, and A. Zugenmaier, "3GPP 5G Security," Journal of ICT Standardization, vol. 6, no. 1, pp. 137–158, 2018, doi: https://doi.org/10.13052/jicts2245-800x.619.

  • J. Häglund, "How to handle 5G migration successfully," www.ericsson.com, Jul. 20, 2018. https://www.ericsson.com/en/blog/2018/7/how-to-handle-5g-migration-successfully (accessed Jan. 03, 2023).

  • “Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); LTE; 3GPP System Architecture Evolution (SAE); Security architecture (3GPP TS 33.401 version 15.7.0 Release 15).” Available: https://www.etsi.org/deliver/etsi_ts/133400_133499/133401/15.07.00_60/ts_133401v150700p.pdf

  • “5G; Security architecture and procedures for 5G System (3GPP TS 33.501 version 15.4.0 Release 15)." Accessed: Jan. 10, 2023. [Online]. Available: https://www.etsi.org/deliver/etsi_ts/133500_133599/133501/15.04.00_60/ts_133501v150400p.pdf

  • M. Liyanage, P. Kumar, M. Ylianttila, and A. Gurtov, "Novel secure VPN architectures for LTE backhaul networks," Security and Communication Networks, vol. 9, no. 10, pp. 1198–1215, Jan. 2016, doi:https://doi.org/10.1002/sec.1411.

  • “Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); LTE; 3G security; Network Domain Security (NDS); IP network layer security (3GPP TS 33.210 version 15.1.0 Release 15)," 2018. Accessed: Jan. 23, 2023. [Online]. Available: https://www.etsi.org/deliver/etsi_TS/133200_133299/133210/15.01.00_60/ts_133210v150100p.pdf

  • P. Donegan, "The Security Vulnerabilities of LTE: Risks for Operators A Heavy Reading Executive Overview," 2013. Accessed: Jan. 20, 2023. [Online]. Available: https://www.juniper.net/assets/us/en/local/pdf/additional-resources/hr-security-vul-lte-wp.pdf

  • R. Moskowitz, P. Nikander, P. Jokela, and T. Henderson, “Host Identity Protocol,” www.rfc-editor.org, Apr. 2008, doi: https://doi.org/10.17487/RFC5201.

  • https://www.facebook.com/setimerenptah, "5G vs. 4G | Differences in Speed, Latency, and Coverage Explained | Digital Trends," Digital Trends, May 2019. https://www.digitaltrends.com/mobile/5g-vs-4g/

  • “What is 5G | Everything You Need to Know About 5G | 5G FAQ | Qualcomm,” www.qualcomm.com. https://www.qualcomm.com/5g/what-is-5g/

  • “Principles of 5G Backhaul," ACiiST. https://www.aciist.com/principles-of-5g-backhaul/

  • M. M. Ahamed and S. Faruque, 5G Backhaul: Requirements, Challenges, and Emerging Technologies. IntechOpen, 2018. Available: https://www.intechopen.com/chapters/62142

  • “Backhaul Evolution for 5G," Cisco. https://www.cisco.com/c/en/us/solutions/service-provider/industry/telco/backhaul-evolution-for-5g.html#~5g-requirement (accessed Jan. 13, 2023).

  • “5G Core (5GC) network: Get to the core of 5G," Ericsson.com, 2022. https://www.ericsson.com/en/core-network/5g-core

  • “5G deployment considerations for future networks," www.ericsson.com. https://www.ericsson.com/en/reports-and-papers/5g-deployment-considerations (accessed Jan. 20, 2023).

  • V. GUEANT, "iPerf - The TCP, UDP, and SCTP network bandwidth measurement tool," Iperf.fr, 2013. https://iperf.fr/

  • “Mobile Network Security | 4g and 5G Network Security," Fortinet. https://www.fortinet.com/solutions/mobile-carrier/4g-5g-infrastructure-services (accessed Jan. 13, 2023).

  • “LTE Security for Mobile Service Provider Networks Juniper Provides a Stable and Secure LTE Network that Differentiates MSPs from the Competition," 2013. Accessed: Jan. 20, 2023. [Online]. Available: https://www.juniper.net/content/dam/www/assets/white-papers/us/en/lte-security-for-mobile-serviceprovider-networks.pdf

  • “5G White Paper 2,” NGMN, Jul. 27, 2020. https://www.ngmn.org/publications/5g-white-paper-2.html (accessed Jan. 10, 2023).

  • “Alcatel-Lucent Mobile Evolution Transport Architecture Enabling the Profitable Evolution to All-IP." Accessed: Feb. 23, 2023. [Online]. Available: http://pexx.net/pdfs/whitepapers/alcatel_lucent/mpr9500/nl_alu-metabrochure_0608.pdf

  • M. K. Rahmato, "Impacts of IPsec implementation on LTE IP connectivity," Aalto University. School of Electrical Engineering, 2010. Available: http://urn.fi/URN:NBN:fi:aalto-2020122357510

  • datenfluss, “Guidelines for LTE Backhaul Traffic Estimation,” NGMN, Aug. 12, 2011. https://www.ngmn.org/publications/guidelines-for-lte-backhaul-traffic-estimation.html (accessed Jan. 23, 2023).

  • S. Namal, J. Pellikka, and A. Gurtov, "Secure and Multihomed Vehicular Femtocells," May 2012. Accessed: Jan. 20, 2023. [Online]. Available: https://www.cs.helsinki.fi/u/gurtov/papers/femtocell-vtc.pdf

  • K. C. Amir, "Trusted Hosts in Host Identity Protocol (HIP)," 2012. Available: https://core.ac.uk/download/pdf/38067073.pdf

  • S. Kent, IP Encapsulating Security Payload (ESP). (2005). Available: https://www.ietf.org/rfc/rfc4303.txt

  • “HIPSim++,” omnetpp.org, 2010. https://omnetpp.org/download-items/HIPSim++.html (accessed Jan. 10, 2023).

  • “INET Framework - Download,” Omnetpp.org, 2018. https://inet.omnetpp.org/Download.html (accessed Dec. 19, 2019).

  • G. Nardini, G. Stea, and A. Virdis, “SimuLTE - LTE User Plane Simulation Model for INET,” simulte.com. https://simulte.com/tutorial-basic.html (accessed Jan. 20, 2023).

  • L. Bokor, S. Nováczki, L. T. Zeke, and G. Jeney, "Design and evaluation of host identity protocol (HIP) simulation framework for INET/OMNeT++," Proceedings of the 12th ACM international conference on Modeling, analysis, and simulation of wireless and mobile systems, Oct. 2009, doi: https://doi.org/10.1145/1641804.1641827.

  • A. Virdis, G. Nardini, and G. Stea, "Modeling unicast device-to-device communications with simuLTE," 2016 1st International Workshop on Link- and System Level Simulations (IWSLS), Jul. 2016, doi: https://doi.org/10.1109/iwsls.2016.7801579.

  • J. Okwuibe, "Performance evaluation of HIP-based network security solutions," 2015. Available: https://www.semanticscholar.org/paper/Performance-evaluation-of-HIP-based-network-Okwuibe/423d4bacf2c6c652fce0de3d6f9d6c064b147d69

  • P. Donegan, "IPsec Deployment Strategies for Securing LTE Networks," 2011. Accessed: Jan. 23, 2023. [Online]. Available: http://go.radisys.com/rs/radisys/images/paper-seg-ipsec-deployment.pdf


Abstract Views: 82

PDF Views: 0




  • Performance Study on 5G - NSA Backhaul Network Secured with HIP

Abstract Views: 82  |  PDF Views: 0

Authors

Chathurika Weliwita
Department of Computer Science, The Open University of Sri Lanka, Nawala, Sri Lanka

Abstract


Fifth generation Non-Stand Alone (5G-NSA) mode offers users an earlier 5G experience before worldwide Stand Alone 5G implementation (5G-SA). In 5G-NSA, operators utilize the existing fourth-generation (4G) networks to provide pre-5G services. In some 5G-NSA deployments, the 4G backhaul network connects the 5G core (5GC) or 4G evolved packet core (EPC) to the 5G new radio (5G NR) network. Nevertheless, implementing security in all network segments is essential to assure end-to-end security in 5G-NSA implementations. Operators must use Internet Protocol security (IPsec) to secure user plane transmissions through 4G backhaul. Host Identity Protocol (HIP) is an alternative method to implement IPsec without disturbing radio or core network protocols to provide node authentication, data encryption with integrity protection, and replay protection to the user plane. This study evaluates the effectiveness of the secure HIP-4G backhaul network to assure end-to-end security in 5G-NSA. According to the results, HIP implementation does not delay message transmissions. Only a slight delay occurs at the security session establishment phase in the HIP Base Exchange process. Hence the HIP implemented 4G backhaul is appropriate to assure end-to-end security in 5G-NSA until the 5G-SA internetworking solutions are implemented.

Keywords


5G, 5G-NSA, 4G-LTE, Backhaul Network Security, Host Identity Protocol.

References