ExpectedOutcome:
- Novel technologies/methods for ensuring Trust and Reliability, evolving 5G, in a very distributed multi-stakeholder context, extending the concept of edges from small CPEs and IoT devices to regional datacentres, enabling full control over end-to-endend-to-end data flows and trust on the execution environments.
- Further evolving security of 5G towards the notion of building and maintaining Trust in deployed and interconnected 5G systems and services.
- An open, flexible architecture, for evolved 5G, able to cope with widely distributed, federated, and dynamic systems for data processing, data storage and communication tackling data reliability challenges.
- The outcome should build trust and reliability, significantly advanced beyond the baseline security measures of 5G.
Objective:
Please refer to the "Specific Challenges and Objectives" section for Stream A in the Work Programme, available under ‘Topic Conditions and Documents - Additional Documents’.
Scope:
The work addresses the reliability/trust challenges created by fully virtualized solutions, increased network programmability, extended network exposure and tight integration to service providers and non-public networks spanning the business actors of the value-chain. It includes:
- Secure and reliable technologies for efficient containers and smart and secure container orchestration, with reliable software virtualization, with fast instantiations and mobility support seen as promising primitives for supporting these novel security architectures, and subsequently be transferred to standardization bodies.
- Support of flexible security policies in very distributed (and continuously changing) settings complementing traditional perimeter protection technologies.
- Holistic approaches to reliability, spanning the lifecycle of smart networks and services.
- Novel requirements from challenging verticals, jointly using secure software engineering and operational procedures to manage risks across multiple stakeholders including quantification of security attributes and communication of associated risk for stakeholders.
- Better tools for initial ‘security by design’ and for creation of “safer” code, collaborative methods, and run-time tools to manage risks, and measures to cope with new developments in areas such as AI.
- Virtualisation of security functions (Protection, detection, remediation) and Exposure and integration of security services (MSSP, NOC-SOC interactions).
- Enablement of service and infrastructure providers (including end-users) to enter into agreements with infrastructure maintainers, based on the capabilities of the SBA-architectures, to provide storage and/or communication of data without the need for all parties to trust each other.
- Adherence with and improvements of efficient data sovereignty strategies in different domains (including bridging public and private networks) by enabling secure applications in different vertical domains should be demonstrated notably through measurable/observable outputs in terms of trust in networked components and subsystems.
- The definition of a security verification policy and associated credentialing of the secure communication system capability via the development and testing in accordance with processes that allow guaranteeing the required level of security in a way that is accepted by all service providers and system developers, especially with respect to the notion of trust.
