5G Security:Analysis Of Threatsand Solutions - Oulu
5G Security: Analysis of Threats and SolutionsIjaz Ahmad , Tanesh Kumar† , Madhusanka Liyanage‡ , Jude Okwuibe§ , Mika Ylianttila¶ , Andrei Gurtovk †‡§¶ Centrekfor Wireless Communications, University of Oulu, FinlandDepartment of Computer and Information Science, Linköping University, SE-581 83 Linköping, SwedenEmail: [ Ijaz.Ahmad,† Tanesh.Kumar‡ Madhusanka.Liyanage§ Jude.Okwuibe¶ Mika.Ylianttila]@oulu.fik gurtov@acm.orgAbstract—5G will provide broadband access everywhere, entertain higher user mobility, and enable connectivity of massivenumber of devices (e.g. Internet of Things (IoT)) in an ultrareliable and affordable way. The main technological enablers suchas cloud computing, Software Defined Networking (SDN) andNetwork Function Virtualization (NFV) are maturing towardstheir use in 5G. However, there are pressing security challenges inthese technologies besides the growing concerns for user privacy.In this paper, we provide an overview of the security challenges inthese technologies and the issues of privacy in 5G. Furthermore,we present security solutions to these challenges and futuredirections for secure 5G systems.Index Terms—Security; 5G Security; SDN; NFV; Cloud; Privacy; Communication ChannelsI. I NTRODUCTIONThe vision of 5G wireless networks lies in providing veryhigh data rates and higher coverage through dense base stationdeployment with increased capacity, significantly better Quality of Service (QoS), and extremely low latency [1]. To providethe necessary services envisioned by 5G, novel networking,service deployment, storage and processing technologies willbe required. Cloud computing provides an efficient way foroperators to maintain data, services and applications withoutowning the infrastructure for these purposes. Therefore, mobileclouds using the same concepts will bring technologicallydistinct systems into a single domain on which multiple services can be deployed to achieve a higher degree of flexibilityand availability with less Capital Expenditures (CapEx) andOperational Expenses (OpEx).Softwarizing the network functions will enable easier portability and higher flexibility of networking systems and services. Software Defined Networking (SDN) enables networkfunction softwarization by separating the network control anddata forwarding planes. SDN brings innovation in networkingthrough abstraction on one hand and simplifies the networkmanagement on the other hand. Network Function Virtualization (NFV) provides the basis for placing various networkfunctions in different network perimeters on a need basis andeliminates the need for function or service-specific hardware.SDN and NFV, complementing each other, improve the network elasticity, simplify network control and management,break the barrier of vendor specific proprietary solutions, andthus are considered highly important for future networks. Yetwith these novel technologies and concepts, network securityand user privacy remain a big challenge for future networks.Wireless communication systems have been prone to security vulnerabilities from the very inception. In the first generation (1G) wireless networks, mobile phones and wirelesschannels were targeted for illegal cloning and masquerading.In the second generation (2G) of wireless networks, messagespamming became common not only for pervasive attacksbut injecting false information or broadcasting unwantedmarketing information. In the third generation (3G) wirelessnetworks, IP-based communication enabled the migration ofInternet security vulnerabilities and challenges in the wirelessdomains. With the increased necessity of IP based communication, the fourth Generation (4G) mobile networks enabledthe proliferation of smart devices, multimedia traffic, and newservices into the mobile domain. This development led to morecomplicated and dynamic threat landscape. With the advent ofthe fifth generation (5G) wireless networks, the security threatvectors will be bigger than even before with greater concernfor privacy.Therefore, it is crucial to highlight the security challengesthat are threatening not only due to the wireless nature ofmobile networks, but exist in the potential technologies thatare highly important for 5G. In this paper, we highlight thesecurity challenges that are on the forefront of 5G and needprompt security measures. We further discuss the securitysolutions for the threats described in this paper. The rest ofthe paper is organized as follows: Section II describes thekey security challenges followed by security solutions for thehighlighted security challenges in Section III. The paper isconcluded in Section IV.II. K EY S ECURITY C HALLENGES IN 5G5G will connect critical infrastructure that will require moresecurity to ensure safety of not only the critical infrastructurebut safety of the society as a whole. For example, a securitybreach in the online power supply systems can be catastrophicfor all the electrical and electronic systems that the societydepends upon. Similarly, we know that data is critical indecision making, but what if the critical data is corruptedwhile being transmitted by the 5G networks? Therefore, itis highly important to investigate and highlight the importantsecurity challenges in 5G networks and overview the potentialsolutions that could lead to secure 5G systems. The basicchallenges in 5G highlighted by Next Generation MobileNetworks (NGMN) [2] and highly discussed in the literatureare as follows:
Flash network traffic: High number of end-user devicesand new things (IoT). Security of radio interfaces: Radio interface encryptionkeys sent over insecure channels. User plane integrity: No cryptographic integrity protection for the user data plane. Mandated security in the network: Service-driven constraints on the security architecture leading to the optionaluse of security measures. Roaming security:User-security parameters are notupdated with roaming from one operator network toanother, leading to security compromises with roaming. Denial of Service (DoS) attacks on the infrastructure:Visible nature of network control elements, and unencrypted control channels. Signaling storms: Distributed control systems requiringcoordination, e.g. Non-Access Stratum (NAS) layer ofThird Generation Partnership Project (3GPP) protocols. DoS attacks on end-user devices: No security measuresfor operating systems, applications, and configurationdata on user devices.The 3GPP working group i.e. SA WG3 [3] is activelyinvolved in determining the security and privacy requirements,and specifying the security architectures and protocols for 5G.The Open Networking Foundation (ONF) [4] is dedicated toaccelerating the adoption of SDN and NFV and publishestechnical specifications including specifications for security ofthe technologies.The 5G design principles outlined by NGMN beyond radioefficiency are: creating a common composable core and simplified operations and management by embracing new computingand networking technologies. Therefore, we focused on thesecurity of those technologies that will fulfill the designprinciples outlined by NGMN i.e. mobile clouds, SDN andNFV and the communication links used by or in between thesetechnologies. Due to the increasing concerns for user privacy,we have also highlighted the potential privacy challenges. Thesecurity challenges are pictured in Fig. 1 and presented inTable 1. Table 1 provides an overview of different types ofsecurity threats and attacks, the targeted elements or servicesin a network, and the technologies that are most prone to theattacks or threats are tick-marked. These security challengesare briefly described in the following sections. A. Security Challenges in Mobile CloudsSince cloud computing systems comprise various resourceswhich are shared among users, it is possible that a user spreadmalicious traffic to tear down the performance of the wholesystem, consume more resources or stealthily access resourceof other users. Similarly, in multi-tenant cloud networks wheretenants run their own control logic, interactions can causeconflicts in network configurations. Mobile Cloud Computing(MCC) migrates the concepts of cloud computing into the 5Geco-systems. This creates a number of security vulnerabilitiesthat mostly arise with the architectural and infrastructuralFigure 1.5G network and the threat landscape.modifications in 5G. Therefore, the open architecture of MCCand the versatility of mobile terminals create vulnerabilitiesthrough which adversaries could launch threats and breachprivacy in mobile clouds [5].In this work, we categorize MCC threats according totargeted cloud segments into front-end, back-end and networkbased mobile security threats. The front-end of the MCCarchitecture is the client platform which consists of the mobileterminal on which applications and interfaces required toaccess the cloud facilities run. The threat landscape on this segment may range from physical threats; where the actual mobiledevice and other integrated hardware components are primarytargets, to application-based threats; where malware, spyware,and other malignant software are used by adversaries to disruptuser applications or gather sensitive user information [6], [7].The back-end platform consists of the cloud servers, datastorage systems, virtual machines, hypervisor and protocolsrequired to offer cloud services. On this platform, securitythreats are mainly targeted towards the mobile cloud servers.The scope of these threats may range from data-replication toHTTP and XML DoS (HX-DoS) attacks [8], [9].Network-based mobile security threats are targeted towardsthe Radio Access Technologies (RATs) that interface mobiledevices to the cloud. This may be traditional Wi-Fi, 4G LongTerm Evolution (LTE) or other novel RATs that will comewith 5G. Attacks in this category include Wi-Fi sniffing, DoSattacks, address impersonation, and session hijacking [6], [8].Cloud Radio Access Network (C-RAN) is another key areaof interest in analyzing the security challenges in 5G mobileclouds. C-RAN has the potential of addressing the industry’scapacity growth needs for higher mobility in 5G mobile
Table IS ECURITY CHALLENGES IN 5GTECHNOLOGIES .Security ThreatTarget Point/Network ElementDoS attackHijacking attacksSignaling stormsResource (slice) theftConfiguration attacksSaturation attacksPenetration attacksUser identity theftTCP level attacksMan-in-the-middle attackReset and IP spoofingScanning attacksSecurity keys exposureSemantic information attacksTiming attacksBoundary attacksIMSI catching attacksCentralized control elementsSDN controller, hypervisor5G core network elementsHypervisor, shared cloud resourcesSDN (virtual) switches, routersSDN controller and switchesVirtual resources, cloudsUser information data basesSDN controller-switch communicationSDN controller-communicationControl channelsOpen air interfacesUnencrypted channelsSubscriber locationSubscriber locationSubscriber locationSubscriber identitycommunication systems [10]. C-RAN is however prone toinherent security challenges associated with virtual systemsand cloud computing technology, for instance, the centralizedarchitecture of C-RAN suffers the threat of single point offailure. Other threats like intrusion attacks where adversariesbreak into the virtual environment to monitor, modify, orrun software routines on the platform while undetected alsoconstitutes substantial threats to the system [10].B. Security Challenges in SDN and NFVSDN centralizes the network control platforms and enablesprogrammability in communication networks. These two disruptive features, however, create opportunities for crackingand hacking the network. For example, the centralized controlwill be a favorable choice for DoS attacks, and exposingthe critical Application Programming Interfaces (APIs) tounintended software can render the whole network down [11].The SDN controller modifies flow rules in the data path,hence the controller traffic can be easily identified. This makesthe controller a visible entity in the network rendering it afavorite choice for DoS attacks. The centralization of networkcontrol can also make the controller a bottleneck for thewhole network due to saturation attacks as presented in [12],[13]. Since most network functions can be implemented asSDN applications, malicious applications if granted access canspread havoc across a network [14].Even though NFV is highly important for future communication networks, it has basic security challengessuch as confidentiality, integrity, authenticity and nonrepudiation [15], [16]. From the point of view of its use inmobile networks, it is presented in [17], [18], that the currentNFV platforms do not provide proper security and isolationto virtualized telecommunication services. One of the mainchallenges persistent to the use of NFV in mobile networksis the dynamic nature of Virtual Network Functions (VNFs)that leads to configuration errors and thus security lapses [19].Further challenges are highlighted in Table 1, but the mainSDNXXXXEffected TechnologyNFV allenge that need immediate attention is that the wholenetwork can be compromised if the hypervisor is hijacked [15].C. Security Challenges in Communication Channels5G will have complex ecosystem involving drones and airtraffic control, cloud driven virtual reality, connected vehicles,smart factories, cloud driven robots, transportation and ehealth. Thus the applications need secure communication systems that support more frequent authentication and exchangeof more sensitive data. Also, many new players such as publicservice providers, Mobile Network Operators (MNOs), andcloud operators will get involved with these services. In suchan eco-system several layers of encapsulated authenticationsare required at both network access and service levels, andfrequent authentication is required between actors.Before 5G networks, mobile networks had dedicated communication channels based on GTP and IPsec tunnels. Thecommunication interfaces, such as X2, S1, S6, S7, whichare used only in mobile networks, require significant level ofexpertise to attack these interfaces. However, SDN-based 5Gnetworks will not have such dedicated interfaces but rathercommon SDN interfaces. The openness of these interfaceswill increase the possible set of attackers. The communicationin SDN based 5G mobile networks can be categorized into three communication channels i.e. data channel, controlchannel and inter-controller channel [20]. In current SDNsystem, these channels are protected by using TLS (TransportLayer Security)/ SSL (Secure Sockets Layer) sessions [21].However, TLS/SSL sessions are highly vulnerable to IP layerattacks [22], SDN Scanner attacks [23] and lack strong authentication mechanisms [24].D. Privacy Challenges in 5GFrom the user’s perspective, the major privacy concernscould arise from data, location and identity [25]. Most smartphone applications require details of subscriber’s personalinformation before the installation. The application developers
or companies rarely mention that how the data is stored andfor what purposes it is going to be used. Threats such assemantic information attacks, timing attacks, and boundaryattacks mainly target the location privacy of subscribers [26].At the physical layer level, location privacy can be leaked byaccess point selection algorithms in 5G mobile networks [27].International Mobile Subscriber Identity (IMSI) catching attacks can be used to reveal the identity of a subscriber bycatching the IMSI of the subscriber’s User Equipment (UE).Such attacks can also be caused by setting up a fake basestation which is considered as preferred base station by theUE and thus subscribers will respond with their IMSI.Moreover, 5G networks have different actors such as VirtualMNOs (VMNOs), Communication Service Providers (CSPs)and network infrastructure providers. All of these actors havedifferent priorities for security and privacy. The synchronization of mismatching privacy policies among these actorswill be a challenge in 5G network [28]. In the previousgenerations, mobile operators had direct access and controlof all the system components. However, 5G mobile operatorsare losing the full control of the systems as they will relyon new actors such CSPs. Thus, 5G operators will lose thefull governance of security and privacy [29]. User and dataprivacy are seriously challenged in shared environments wherethe same infrastructure is shared among various actors, forinstance VMNOs and other competitors. Moreover, there areno physical boundaries of 5G network as they use cloud baseddata storage and NFV features. Hence, the 5G operators haveno direct control of the data storing place in cloud environments. As different countries have different level of dataprivacy mechanisms depending upon their preferred context,the privacy is challenged if the user data is stored in a cloudin a different country [30].III. P OTENTIAL S ECURITY S OLUTIONSIn this section, we highlight security solutions for thesecurity challenges outlined in the previous section. The challenges of flash network traffic can be solved by either addingnew resources or increasing the utility of existing systemswith novel technologies. We believe that new technologiessuch as SDN and NFV can solve these challenges morecost effectively. SDN has the capability to enable run-timeresource, e.g. bandwidth, assignment to particular parts ofthe network as the need arises [31]. In SDN, the controllercan gather network stats through the south-bound API fromnetwork equipment to see if the traffic levels increase. UsingNFV, services from the core network cloud can be transferredtowards the edge to meet the user requirements. Similarly,virtual slices of the network can be dedicated only to areaswith high density of UEs to cope with flash network traffic.The security of the radio interface keys is still a challenge,that needs secure exchange of keys encrypted like the proposed Host Identity Protocol (HIP) based scheme in [32].Similarly, the user plane integrity can be achieved by end-toend encryption technologies suggested in [33], [24]. Roamingsecurity and network-wide mandated security policies can beachieved using centralized systems that have global visibilityof the users’ activities and network traffic behavior e.g. SDN.The signaling storms will be more challenging due to theexcessive connectivity of UEs, small base stations, and highuser mobility. C-RAN and edge computing are the potentialproblem solvers for these challenges, but the design of thesetechnologies must consider the increase in signaling trafficas an important aspect of the future networks as describedby NGMN. Solutions for DoS attacks or saturation attackson network control elements are presented in the followingsections.Due to space limitation and for brevity the security solutionsfor the threats in technologies described in the previous sectionare listed in Table II and the methodologies are describedbelow.A. Security Solutions for Mobile CloudsMost proposed security measures in MCC revolve aroundthe strategic use of virtualization technologies, the redesign ofencryption methods and dynamic allocation of data processingpoints. Hence, virtualization comes as a natural option forsecuring cloud services since each end-node connects to a specific virtual instance in the cloud via a Virtual Machine (VM).This provides security through the isolation of each user’svirtual connection from other users. Similarly, service-basedrestriction will also enable secure use of cloud computing technologies. For example, the authors in [51], proposed “SecureSharing and Searching for Real-Time Video Data in MobileCloud”, an infrastructure that leverages on cloud platform and5G technology to secure cloud services and enable mobileusers share real-time videos on 5G enabled clouds. Unlikeexisting solutions where users with shared links are able toaccess such online video feeds, this architecture restricts accessto only authorized viewers. For specific security threats suchas HX-DoS, specific solutions such as learning-based systemse.g. [9] are more useful than generic approaches. For example,the learning-based system [9] take a certain number of samplesof packets and analyze them for various known attributes todetect and mitigate threats.To secure the mobile terminals, the use of anti-malwarescould well improve the overall resistance to malware attacks.Anti-malware solutions are installed on the mobile terminalor hosted and served directly from the cloud [7]. In MCCdata and storage, the security framework will consist of energyefficient mechanisms for the integrity verification of data andstorage services in conjunction with a public provable datapossession scheme and some lightweight compromise resilientstorage outsourcing. For application security, some proposedframeworks are based on securing elastic applications onmobile devices for cloud computing, lightweight dynamiccredential generation mechanism for user identity protection,in-device spatial cloaking mechanism for privacy protectionas well as MobiCloud which is a secure cloud framework formobile computing and communication [50].For Radio Access Network (RAN) security, a cloud basedframework i.e. C-RAN is proposed for optimizing and provid-
Table IIS ECURITY TECHNOLOGIES AND SOLUTIONSSecurity TechnologyPrimary FocusDoS, DDoS detection [34], [35]Configuration verification [36], [37]Access control [38], [39] [40]Traffic isolation [41]Link security [42], [24], [43]Identity verification [44], [45], [46]Identity security [47], [48]Location security [26], [27]IMSI security [49]Mobile terminal security [7]Integrity verification [50]HX-DoS metigation [9]Service access Control [51]Security of centralized control pointsFlow rules verification in SDN switchesControl access to SDN and core network elementsEnsures isolation for VNFs and virtual slicesProvide security to control channelsUser identity verification for roaming and clouds servicesEnsure identity security of usersEnsure security of user locationSecure the subscriber identity through encryptionAnti-maleware technologies to secure mobile terminalsSecurity of data and storage systems in cloudsSecurity for cloud web servicesService-based access control security for cloudsing safer RANs for 5G clouds. In [52], authors described howC-RAN can dynamically enhance the end-to-end performanceof MCC services in next generations wireless networks. However, for C-RAN to meet this demand, it needs to providea high level of reliability comparable to traditional opticalnetworks like Synchronous Digital Hierarchy (SDH), andone way to achieve this is through the massive adoption ofmechanisms like fiber ring network protection, which presentlyare mostly found in industrial and energy fields [53].B. Security Solutions for SDN and NFVDue to the logically centralized control plane with globalnetwork view and programmability, SDN facilitates quickthreat identification through a cycle of harvesting intelligencefrom the network resources, states and flows. Therefore,the SDN architecture supports highly reactive and proactivesecurity monitoring, traffic analysis and response systems tofacilitate network forensics, the alteration of security policiesand security service insertion [54]. Consistent network securitypolicies can be deployed across the network due to globalnetwork visibility, whereas security systems such as firewallsand Intrusion Detection Systems (IDS) can be used for specifictraffic by updating the flow tables of SDN switches.The security of VNFs through a security orchestrator incorrespondence with the ETSI NFV architecture is presentedin [55]. The proposed architecture provides security not onlyto the virtual functions in a multi-tenant environment, but alsoto the physical entities of a telecommunication network. Usingtrusted computing, remote verification and integrity checkingof virtual systems and hypervisors is proposed in [56] toprovide hardware-based protection to private information anddetect corrupt software in virtualized environments.C. Security Solutions for Communication Channels5G needs proper communication channels security not onlyto prevent the identified security threats but also to maintainthe additional advantages of SDN such as centralized policymanagement, programmability and global network state visibility. IPsec is the most commonly used security protocol toSDNXXXXTarget TechnologyNFV ChannelsCloudXXXPrivacyXXXXXXXXXXsecure the communication channels in present day telecommunication networks such as 4G-LTE[57]. It is possible touse IPsec tunneling to secure 5G communication channelswith slight modifications as presented in [22] and [24].Moreover, the security for LTE communications is provided byintegrating various security algorithms, such as authentication,integrity and encryption. However, the main challenges in suchexisting security schemes are high resource consumption, highoverhead and lack of coordination. Therefore, these solutionsare not viable for critical infrastructure communication in 5G.Thus a higher level of security for critical communicationis achievable by utilizing new security mechanisms suchas physical layer security adopting Radio-Frequency (RF)fingerprinting [58], using asymmetric security schemes [59]and dynamically changing security parameters according tothe situation [21]. Similarly, end-to-end user communicationcan be secured by using cryptographic protocols like HIP aspresented in [60].D. Security Solutions for Privacy in 5G5G must embody privacy-by-design approaches where privacy is considered from the beginning in the system and manynecessary features must be available built-in. A hybrid cloudbased approach is required where mobile operators are able tostore and process high sensitive data locally and less sensitivedata in public clouds. In this way, operators will have moreaccess and control over data and can decide where to shareit. Similarly, service oriented privacy in 5G will lead to moreviable solution for preserving privacy [61].5G will require better mechanisms for accountability, dataminimization, transparency, openness and access control [25].Hence during the standardization of 5G, strong privacy regulations and legislation should be taken into account [29]. Theregulatory approach can be classified into three types [62].First is the government level regulation, where governmentsmainly make country-specific privacy regulations and throughmulti-national organizations such as the United Nations (UN)and European Union (EU). Second is the industry level, wherevarious industries and groups such as 3GPP, ETSI, and ONFcollaboratively draft the best principles and practices to protect
privacy. Third is the consumer level regulations where desiredprivacy is ensured by considering consumers requirements.For location privacy, anonymity based techniques must beapplied where the subscriber real identity could be hidden andreplaced with pseudonyms [63]. Encryption based practicesare also useful in this case, for instance message can beencrypted before sending to Location-Based Services (LBS)provider [64]. Techniques such as obfuscation are also useful, where the quality of location information is reduced inorder to protect location privacy [65]. Moreover, locationcloaking based algorithms are quite useful to handle some ofmajor location privacy attacks such as timing and boundaryattacks [26].IV. C ONCLUSION5G will use mobile clouds, SDN and NFV to meet thechallenges of massive connectivity, flexibility, and costs. Withall the benefits, these technologies also have inherent securitychallenges. Therefore, in this paper we have highlighted themain security challenges that can become more threateningin 5G, unless properly addressed. We have also presented thesecurity mechanisms and solutions for those challenges. However, due to the limited standalone and integrated deploymentof these technologies in 5G, the security threat vectors cannotbe fully realized at this time. Similarly, the communicationsecurity and privacy challenges will be more visible whenmore user devices e.g. IoT are connected and new diversesets of services are offered in 5G. To sum it up, it is highlylikely that new types of security threats and challenges willarise along with the deployment of novel 5G technologiesand services. However, considering these challenges right fromthe initial design phases to the deployment will minimize thelikelihood of potential security and privacy lapses.ACKNOWLEDGMENTThis work was supported by TEKES Finland and Academyof Finland under projects: The Naked Approach, TowardsDigital Paradise and SecureConnect. Andrei Gurtov was supported by the Center for Industrial Information Technology(CENIIT).R EFERENCES[1] M. Agiwal, A. Roy, and N. Saxena, “Next Generation 5G WirelessNetworks: A Comprehensive Survey,” IEEE Communications SurveysTutorials, vol. 18, no. 3, pp. 1617–1655, thirdquarter 2016.[2] N. Alliance, “NGMN 5G white paper,” Next Generation Mobile Networks, White paper, 2015.[3] security[4] ONF. (2013) SDN Security Considerations in the DataCenter. Open Networking Foundation. [Online]. rces/sdn-library[5] P. Kulkarni, R. Khanai, and G. Bindagi, “Security frameworks formobile cloud computing: A survey,” in 2016 International Conference onElectrical, Electronics, and Optimization Techniques (ICEEOT), March2016, pp. 2507–2511.[6] S. S. Vikas, K. Pawan, A. K. Gurudatt, and G. Shyam, “Mobilecloud computing: Security threats,” in 2014 International Conferenceon Electronics and Communication Systems (ICECS), Feb 2014, pp. 1–4.[7] M. L. Polla, F. Martinelli, and D. Sgandurra, “A Survey on Securit
security challenges that are on the forefront of 5G and need prompt security measures. We further discuss the security solutions for the threats described in this paper. The rest of the paper is organized as follows: Section II describes the key security challenges followed by security solutions for the highlighted security challenges in .
AVG Internet Security 9 ESET Smart Security 4 F-Secure Internet Security 2010 Kaspersky Internet Security 2011 McAfee Internet Security Microsoft Security Essentials Norman Security Suite Panda Internet Security 2011 Sunbelt VIPRE Antivirus Premium 4 Symantec Norton Internet Security 20
Application Security Testing (DAST) Origin Analysis / Software Composition Analysis (SCA) Mobile Application Security Testing (MAST) Application Security Testing as a Service (ASTaaS) Correlation Tools Application Security Testing Orchestration (ASTO) Database Security Scanning Test Coverage Analyzers Interactive Application Security Testing .
Slack’s security team, led by our Chief Security Officer (CSO), is responsible for the implementation and management of our security program. The CSO is supported by the members of Slack’s Security Team, who focus on Security Architecture, Product Security, Security Engineering and Opera
3 CONTENTS Notation 10 Preface 12 About the Author 18 PART ONE: BACKGROUND 19 Chapter 1 Computer and Network Security Concepts 19 1.1 Computer Security Concepts 21 1.2 The OSI Security Architecture 26 1.3 Security Attacks 27 1.4 Security Services 29 1.5 Security Mechanisms 32 1.6 Fundamental Security Design Principles 34 1.7 Attack Surfaces and Attack Trees 37
Within the guidance provided by these security foundations, two sets of concepts are particularly relevant to the design and understanding of the AWS SRA: security epics (also called security areas) and security design principles. Security epics Both the security perspective of the AWS CAF and the security pillar of Well-Architected
Chapter 6 Security in the Cloud 153 6.1 Chapter Overview 153 6.2 Cloud Security Challenges 158 6.3 Software-as-a-Service Security 162 6.3.1 Security Management (People) 164 6.3.2 Security Governance 165 6.3.3 Risk Management 165 6.3.4 Risk Assessment 165 6.3.5 Security Portfolio Management 166 6.3.6 Security Awareness 166
Cybersecurity is one part of a larger security plan A security plan serves as a management tool to guide a facility's security and response efforts. A strong security plan integrates all major security goals into a holistic approach. This reduces duplication of effort and allows facilities to identify security gaps. Facility Security Plan
IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, VOL. 33, NO. 9, SEPTEMBER 2014 1277 Placement for Binary-Weighted Capacitive Array in SAR ADC Using Multiple Weighting Methods Yongfu Li, Student Member, IEEE, Zhe Zhang, Student Member, IEEE, Dingjuan Chua, Student Member, IEEE, and Yong Lian, Fellow, IEEE Abstract—The overall accuracy and linearity of a matching .
