Solving Security Standards for the 5G Telecom Edge

Opening up Telecom last mile 5G site (“Transport risk”) to many Infrastructure players(“Public ,Silo, Open”) consumed by many developers (“some hackers also” ) with in a rugged Environment approaching freezing cold in blue mountains (“Hardware standards Risk”) is too risky an endeavor and something with zero trust on security which no Telco wished to consider a decade ago .

This will become more exciting as we move from #staticedge to #movingEdge ( Tractors for Agri and Autonomous cars V2X is that dimension)
Further proliferation of many and evolving use cases in verticals poses varying #security challenges further complicated by fact that no standards explains TSR requirements in detail for the Edge 

As per recent study by ETSI and supported by #Cyber#GSMA and #IEC a #Telco carrier grade Telecom Edge must solve following Edge Security challenges with proven roadmaps to be Deployment ready specially considering futuristic #5G deployments

1. TSR and Govt security standards need global harmony e.g EUCSA , German C5 and NIS ,EAL5 etc
2. Traditional Telecom encryption like 3GPP SA3 snow5 256bits is challenged by rise of quantum processors
3. Confidential computing solutions provided by different vendors has no harmony e.g Cisco is too different than Juniper
4. Platform attestation only protect central cloud need topology attestation for Edge Clouds 
5 whole system” security monitoring and management framework.
6 LI architecture and data protection 
7. Security Assurance systems with data protections using OATH2.0 , JWT etc 

Solutions going forward:
1. Use of AI like Intel bfloat16 for running AI for security to build accurate AI/ML models that reflect a wider dataset while retaining the privacy and locality of 
private and sensitive data
2. GPU Processing with use of RIC for possible security management and control via 3rd party security X-Apps
3. Use of Ledger in both Hardware and Cloud is the future
4 .LI ETSI GR NFV-SEC 011 and retained data protection ETSI GS NFV-SEC 010
5. Security Assurance systems ETSI SEC 021-027 to prohibit single point of entry 


Published by

Saad Sheikh

I am a Senior Architect with a passion to architect and deliver solutions addressing business adoption of the Cloud and Automation/Orchestration covering both Telco and IT Applications industry. My work in carrier Digital transformation involve Architecting and deploying Platforms for both Telco and IT Applications including Clouds both Open stack and container platforms, carrier grade NFV ,SDN and Infra Networking , DevOps CI/CD , Orchestration both NFVO and E2E SO , Edge and 5G platforms for both Consumer and Enterprise business. On DevOps side i am deeply interested in TaaS platforms and journey towards unified clouds including transition strategy for successful migration to the Cloud Please write to me on

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s