European Cyber Week à Rennes: Cybersecurity and healthcare focus day

For me, the key conference today was The Future of Healthcare – Scotland: paving the way, by Pr. William (Bill) BUCHANAN (@billatnapier). This conference blew my mind away.

It is known for all of us that the current technologies that we use to access Internet and the services built over it, use inventions developed more than 30 years ago. Improvements to the web, IP and TCP have been made by patching new features over them or creating new layers over them to provide new functions. And it is not only IP, or TCP: this involves also the use of STP on L2 networks, or BGP as a protocol used on Internet route announcement (and now inside data centers). Attention please, those layers are not like abstraction layers, but layers that obscure and makes difficult the operation of the system. We are using the same old tools to try to fix new problems envisioned by the massive growth of the Internet ecosystem and all the services that are supported. As suggested by Prof. Buchanan, a master reset should be done, in order to re-create the foundations of Internet having a security framework in mind.  But so far, we know this is very difficult. Just check out the example of IPv6, in which its adoption has had a low pace, because of the lack of incentive$ for telecoms to fully deploy it. All is about businesses and the return of investment after a change in a network. 

The key message here is that we are in the middle of a great opportunity to “make things right” in the foundation of the standardization process for 5G. Learn from the old technologies, have a security and privacy mindset in the implementation. The network may be seen by others like a dumb pipe, but the communication service operators are the aggregators of those pipes, and have to make sure that those pipes behave well and do not mess one with another. On the other hand, the deployment of (virtual) network functions and applications should be taken care too: this because 5G relies on software to provide functionality and is easily corruptible. How to make sure that the (virtual) network function is issued by a trusted entity? How I make sure that the orders from OSS/BSS are legitimate?

Assorted ideas in my conversation with Prof. Buchanan: encryption should be made on the source of data generation, or near the edge. The user must have the power over the data. The network must provide the necessary QoS according to the type of data, but  has to be agnostic to the content: the operator must not know about the data.

On the other side, since this focus day is centered on healthcare, convinces me once more on my quest to have a human approach of technology: to empower, enable him to pursue its dreams, to protect  the user and his data. This way, people will trust the system.

European Cyber Week à Rennes, day three

My key points for the last day of the C&ESAR conferences:

• The conference I enjoyed the most was "une autre vision de lq Cyber Threat Intelligence (CTI) by Airbus Cybersecurity. The motive is simply the reasoning behind the threat model and the cyberdefense strategy they showed and the during the presentation. 
• Regarding the threat model, covers all the steps from motivation to perform harm, compromising the target and exploiting the vulnerability.
• About the cyberdefense strategy, covered a complete approach with:
• Strategy: administrative decisions on the defense.
• Conception: use the imagination! Architects propose a solution to the security problems.
• Tactic: the defense. How are we going to defend? Made by the security engineers. How to correlate?
• Operation: BAU. SoC, CSIRT. Technical formation to personnel.  
• This gave me a lot to think about, because having a clear threat model allows to to have a vision of how to check an architecture for weak links and possible solutions to those potential problems. At some point, we would like to have granularity of the (virtual) network functions in order to have a flexible service composition and simple lightweight functions firing up when necessary. But the problem is the multiplication of the points of failure that are created. 
• An well, securing all those points of failures have costs in terms of money, processing time, memory, delay and latency... It is a trade off with the value of what I want to protect. What is the justification for such an investment?

The afternoon session was developed in Secure-IC. The topic was about the business of digital security. The subject was a little bit more administrative to my taste (or to my interest). Some isolated comments:

• Europe has no representative in the top 10 industries in the world: first 8 are USA, last 2 of the top 10 are Chinese.
• It is a shame that all is shaped by politics, being technology also affected by this.
• 90% of advertisement in the world is captured by Google and Facebook.
• Among the technical priorities in DGA plan, they want:
• Evaluation and orientation of COTS technologies.
• Improve architecture and the resilience of large systems (ships, aircraft…) taking into account the operational constraints. 
• LOL, this sounds like they are sharing some of the functional needs of 5G along with its enabling technologies. It is a fact that SDN and NFV would help to achieve these requirements. I am imagining right now network slices for ships, aircraft, hospitals, smart cities. In fact, as the speaker said, a ship, for example, is like a smart city! has its own energy source, water supply control, temperature control, CCTV, the crew.. a small scale city.

So far, I have more ideas, more questions, more reading to do and so much to learn; got to keep going.

Faire la pause: European Cyber Week à Rennes, day two

On day two, the approach was quite different but no less interesting: the topics covered training, penetration testing and protection from treats. Key points:

• Simulation environments are very important because of the several use cases, for example, you could use a simulation to recreate an attack by leveraging on virtualization and traffic generators to replay the packets and perform a post-mortem analysis. Other use is for training by using a virtualised version of the real products, topology and traffic generators and controls to provide a learning environment. Something analogous to a flight simulator. It is way cheaper that playing with the real equipment. This makes me remember when I learned about networking protocols using Packet Tracer or GNS3.
• Testing environments are really important to provide training for personnel in order to operate a platform properly and to make hacking exercises to find vulnerabilities in  the system. Specially this last part, involves not only the technical expertise on protocols and commands but also deals with the physical aspects of the infrastructure in buildings. All attack surface, (may be virtual, physical) is susceptible to be exploited and used as entry point to compromise an organization.
• Businesses do not wait for communication Service Providers to help to implement security procedures or protection plans. Businesses and companies are taking their first approach to the problem by deploying tests and self-penetration exercises. The network is just a data pipe. This insight makes me think about the role of the infrastructure provider or slice provider to a company... A telecom would care about what traffic the customer has inside the slice? My responsibility as a telecom operator is to provide the resources and guarantee the SLAs with my customer... the same way when we provided E1s, VPLS, VPNs...
• An authorized penetration testing is a procedure that involves a lot of administrative planning! even the presenters (from SODIFRANCE) told a fun anecdote about an "out of jail card" (pun from a Monopoly card. Everything has to be set up properly.
• The approach proposed by the presenter (from Thales Communications and Security) covered a test-bed for a service. I wonder if the same could be done for the infrastructure. I think it is possible, since virtualisation techniques span the different layers of the anatomy of a service.
• There is a saying that states that if the only tool you have is a hammer, all your problems would be shaped like a nail. The key point from the presentation of Franck Sicard is that people tried to apply the same techniques used to secure an IT system to an ICS (Industrial Control System). Every system, service, industry has its special equipment, protocols and processes. The security approach is different in each case.
• The future telecommunication architecture must have the means to provide administrative rights to create snapshots of a slice, in order to provide security features, rollback of configuration and resilience to failures. Could be interesting to think about this scenario.

Faire la pause: European Cyber Week à Rennes, day one

During this week, Rennes is hosting the European Cyber Week. This event, in its second edition, covers several programs that relate to the cyber security treats in scenarios such as connected vehicles, naval environments, e-health and IoT.

This event began with the Journées C&ESAR, which will make emphasis on Data protection facing cyber threats. Conferences today covered the following use cases:

• Naval environment
• Laboratory of research
• Autonomous connected vehicles
• e-health applications and the privacy of the patient data
• IoT
• Government / enterprise reputation management

Each vertical has its own point of view about the treats and the value of its data: different core businesses, different kinds of data generators - consumers, networking requirements regarding QoS - QoE, types of information, metadata and associated value of it. Compromising these businesses would create havoc at different scales: measurements not arriving on time, stealing of sensitive research results; crash of vehicles, liberation of confidential medical data, economic and trust issues among countries all over the world, just to say some examples.

These variety of use cases and exigencies would finally land on the tangible entity all people only notices (the one to blame) when it fails: the network. Oh, well, human factor has to be taken into account too, but it is out of the scope for this moment ;)

The great challenge is to have a complete view, end to end, of all the components that make the service possible; to provide ground rules that provide coexistence and a "pacific" ecosystem. A common architecture that holds them all and provides communication capabilities as the users demand. 

• How will the operation and management chain of command operate all the components and abstractions of the underlying control and infrastructure entities?
• How involved should the communication service provider be in the data management of the segment (better: slice)?
• Up to what extent the communication service provider must comply with certifications such as HIPAA (Health Insurance Portability and Accountability Act) in order to be able to provide services to a hospital? Or an aeronautical enterprise?

I love this conferences because provides food for the thought. A lot of questions, motivated by real world scenarios, that the telecoms (and the rest of players in the industry) must be able to answer. I hope to contribute in this process during the pursuit of my doctoral studies.

How to begin learning about NFV

After the last meeting with my supervisors, it was advised to leave the superficial exploratory phase and begin to have a serious understanding of the building blocks of the technologies that enable 5G. I will begin with NFV, since I believe it is "the most important" building block of the whole ecosystem.
But wait, where can I start?
Exploring the ETSI website to search for more specific information, there is a huge amount of documentation, with highly granular search criteria: this level of granularity is good in order to narrow down your search when you know what are you looking for. But.. when you are just beginning to learn about it can be difficult.

So, I think it is necessary to understand how the standardization body organizes the information, their internal working groups and how the documentation is released.

In the case of ETSI,

ETSI has several types of standards:

And according to history, the NFV initiative was industry motivated. Son NFV belongs to the ISG committee. Inside, there are several Working Groups (WG) each one focusing on a specific problem:

According to this, think that the documentation I am interested in has to do with the proposed use cases (SOL), interfaces and architecture (IFA), security (SEC) and the old (but relevant) management and orchestration (MAN) documents.

Still, I have to take care of something: The central topic is network slicing and its security. NFV is one of the enablers of the network slicing concept, it is important to get to know it, but I am not sure how deep I have to dig. I can be a little intense when reading, so I have to learn how to stop and not loose the main objective.

Network slicing: everybody has its own view.

It's been a while. I have been reading and trying to grasp the concept of network slicing. Each SDO has its own vision of it and tries to profile the vision according to its interests and expertise.

I think all starts with the NGMN whitepaper that describes the design considerations for 5G networks, having network slicing as a key enabler to make it happen.

It describes the content of the slices, its purpose and the desire that the configuration matches a business purpose. This is very interesting: previous developments in telecommunications had an inverse approach: create something and then find the application, or tweak it for a desired necessity. In here, the business need is established before the creation of a service. This calls for the creation of a flexible enough system that covers the worst case scenario of applicability of the technology, in this case, 5G.

NGMN provides a wishlist of desired capabilities of Network Slicing in order to fulfill the needs of the main use cases proposed for 5G. Establishes the proper definitions to concepts so SDOs, manufacturers and developers can talk in the same language. Doesn't say how, does not specify the technologies or their interaction. It is just a wishlist.

The architectural view is simple:

These three layers resemble the division that most proponents have for their systems: a business entity; an instantiation of that business requirement; and a "place" where everything happens.

In ETSI point of view, they want to leverage on their NFV architectural framework and its management and orchestration scheme, which is pretty solid.

The strong quality of ETSI is that controls the life-cycle of VNF: from the management of the order from the business/operation entity, down to the instantiation in the infrastructure. And these VNFs are constituent parts of the services implemented in a Network Slice. Having control of the life-cycle of the VNFs guarantees a great interaction with ONF’s SDN architecture. A good document to check out is this one.

Now, regarding ONF, their vision on Network Slicing goes along with SDN and its application to 5G. ONF leverages in that relationship to power the association between NFV and SDN to make the slicing concept come to reality. Even though ONF does not talk about slicing inside its definition of the SDN paradigm, the way an SDN controller presents the resources to applications (via NBI) complies with the definition and concept of network slicing. That resource representation that is inside a client context (inside the SDN controller) is similar to the notion of Network Slice depicted by NGMN. Since the network view is focused in the controller, ONF points out that they rely on the APIs exposed to applications and resources in order to receive/deliver orders and commands. A great document that shows this point of view is the TR-526. It would be great to have a standard way to express the requirements to the resource context. Also I think it is necessary to establish a way to perform the segmentation of the resources from the Infrastructure Provider point of view. A standardized way to express those requirements is also desirable. ONF states that they can define and instantiate an end to end slice, but since there is no way (at the moment) to have a full data plane segmentation, this is not entirely true.

3GPP's view is more elaborate: this because it takes possible scenarios, establishes interfaces and entities that would handle the message call flows among them. It is great that leverage on well known procedures such as Attachment request messages to illustrate how an UE would suggest the core network which resources are needed and which network slice is desired. They have the power to talk in those terms since they have been standardizing the way mobile networks operate. Since an UE has requirements to choose a service to connect to, a more elaborate way to express those parameters is needed. This involves more signaling exchange with new entities inside the core network and interactions (not mentioned) with OSS/BSS and MANO entities that would administer the infrastructure and the proper way to deploy the network functions as desired by the business entities. The specification that describes the whole process is 28.801.

I expect that as I continue reading and advancing in the next topics (5G architecture and security) it could be possible to understand the relationship between these three building blocks of my research. This way, I can begin to assess the architecture, spot weaknesses and propose a complete architecture that provides a secure environment to deploy services using network slices in 5G networks. Also I would like to improve my writing style... and there is only one way to do it.

Comments are welcome.