The National Cybersecurity Center of Excellence is inviting comment on its latest 5G cyber security white paper.
The series targets technology, cybersecurity, and privacy program managers within commercial mobile network operators, potential private 5G network operators, and organisations using and managing 5G-enabled technology who are concerned with how to identify, understand, assess, and mitigate risk for 5G networks.
In white paper series recommends practices and illustrates how to implement them. All of the capabilities featured in the white papers have been demonstrated on the NCCoE testbed on commercial-grade 5G equipment.
5G technology for broadband cellular networks will significantly improve how humans and machines communicate, operate, and interact in the physical and virtual world. 5G provides increased bandwidth and capacity and low latency. However, professionals in fields like technology, cybersecurity, and privacy are faced with safeguarding this technology while its development, deployment, and usage are still evolving.
This white paper provides an overview of no Subscription Permanent Identifier (SUPI) based paging, a 5G capability for protecting users from being identified and located by an attacker.
Unlike previous generations of cellular systems, new requirements in 5G protect subscriber confidentiality by using a temporary identity (ID) instead of SUPI for the paging protocol, and explicitly define when the temporary ID must be reallocated (refreshed). 5G network operators and organisations using 5G technologies are encouraged to verify that the paging is happening as described in the 5G standards.
Comments, which can be made via the National Cybersecurity Center of Excellence, close at the end of February 2025.
