Accepted paper for EuCNC2019

Our paper has been accepted for a presentation in a conference session at #EuCNC19: "Defining a Communication Service Management Function for 5G Network Slices". Authors from @IRT_BCom @UBO_UnivBrest @IMTAtlantique #5G #NetworkSlicing pic.twitter.com/bvFWTjtcAx

— Luis Kr (@lcsuarezt) 29 avril 2019

Resource sharing is a necessary evil.

Food for the thought. #network #sharing #resources Taken from "Building a secure computer system", Morrie Gasser pic.twitter.com/x02Cyn4sDZ

— Luis Kr (@lcsuarezt) 6 avril 2019

TLS v1.3 vs. eTLS

Some months ago, ETSI released the TS103 523-3, which describes the usage of an implementation variant of TLS v1.3 for the Middle Box Security Protocol.

The key complaint is that TLS v1.3 does not allow passive decryption, which is necessary to comply with requests from authorities to have clear text information of an exchange of traffic. This, because TLS v1.3 does not support RSA key exchange and uses ephemeral Diffie-Hellman, instead of static Diffie-Hellman key exchange. These two improvements constitute a high degree of security compared to the previous version of TLS.

I have seen some comments on social networks complaining about the nature of ETSI’s technical specification, which would constitute a downgrade of the security level of the data in transit for the users. And, well, I have some quick thoughts about this.

eTLS features a scheme for longer-lived static Diffie-Hellman keys and allow to re-use the keys across multiple sessions. These characteristics pose high risks, since it would imply to go back to a similar state that we had in TLS v1.2. But if we analyze the use cases under which eTLS is used, I see no difference with common practices in Internet Service Providers (ISP) regarding the routing of encrypted user traffic.

The most common use case is described in clause 4.2.1 (eTLS with enterprise servers) which describes the situation when a customer wants to access some content offered by an ISP.

It describes that TLS v1.3 is used up to the border firewall, and from that point on, eTLS is used between firewall and internal servers.

I find that is a usual practice to break the TLS connection at some point inside the ISP. It may be at the border firewall or in an internal device such as a WAF (Web Application Firewall). This is done to manipulate the user flows in the internal infrastructure. That is the case when it is necessary to perform load balancing between servers. The key idea in here is that the encryption of this data in transit is managed internally by the ISP, secured by certificates between the involved servers. The confidentiality and integrity of the data is not lost and the ISP can have the way to manage the traffic to offer a better service.

In summary, TLS v1.3 would be used over the public Internet (where the most dangerous threats are located), and the less secure eTLS is used inside ISP premises (where one suppose that the threats are reduced).

Now, the worry is about how the ISP is going to manage the static keys (their life cycle management, up to their destruction to guarantee forward secrecy), assure their chain of custody and ensure that there is no abuse of privileges from employees that could use these powerful “keys” to read personal data. This is a topic that relates to the trust that we deposit in our service providers.

Reflections after 5G Transformer plenary

Last week I had the opportunity to assist to a 5G Transformer plenary. It was hosted by IRT bcom, here in Rennes. This project, which belongs to the European Commission, has the objective to transform today’s mobile transport network into an SDN/NFV-based Mobile Transport and Computing Platform (MTP). With this, incorporate the Network Slicing paradigm into mobile transport networks, empowering the operator to provision and manage MTP slices designed to fulfill specific needs of vertical industries.

This was a great experience, on two planes. On the personal one, it was great to meet people with tons of experience and expertise. Each one with unique points of view about the proposed challenges, with disposition to share and construct knowledge. It was interesting to experience the openness to listen: I had the opportunity to talk with some of them about my thesis and provided valuable feedback and references to explore further. On the technical plane, seems like their problems are also my problems about network slicing, how to orchestrate the resources and abstract correctly the resources for consumers. I also witnessed the importance of the participation of stakeholders like telecom operators and the automotive industry into the plenary, because provide concrete use cases and practical views on the subject. 

 One aspect that caught my attention was the trade-off between the desire to provide a complete architecture (one that looks into the future, that is flexible enough to embrace the use cases we still have not thought of) and the complex task of explaining this architecture to a stakeholder. I sensed that there was a inner desire to avoid complexity and just provide an architecture for a simple scenario, that is easy to support and communicate. I sincerely dislike this approach, since we would be limiting the scope of the architecture to simple use cases. 

Future scenarios will involve intensive mobility management, frequent handover, heterogeneous (access and core) networks spanning through multiple domains and administrative boundaries. Do you need to support and push forward ($$€€) this complex idea to a stakeholder? Call a marketing guy, which I am sure can come up with a business idea that would support the use case. We have to aim higher and try to cover as many scenarios as possible. Make the architecture as flexible and open as possible. This will ensure that all sectors of society are included and that technology will find a way to contribute not only to industries, government, cities, but to benefit people, enhancing its quality of living. We need to focus on humanity.

Or maybe there were other interests behind that I could not grasp at the moment, who knows. In either case, it was a great experience, I learned a lot, and had a view of the complexity of putting a large audience on the same page, the difficult task of persuading people, how to lead a technical discussion and the different methods that can be used to present ideas and technical information. 

Twitter reflection: PNF -> VNF -> CNF

Going from Physical Network Functions (PNF) to Virtual Network Functions (VNF) to Container-ized Network Functions (CNF). Faster and smaller footprint. How much faster/smaller can we go? Full data center in your mobile phone.

— Luis Kr (@lcsuarezt) 31 décembre 2017

European Cyber Week à Rennes: Cybersecurity of Internet of Things

The last session of the European Cyber Week had a focus on IoT .

The key messages in this session were:

• Even though that the approach to security has to be end-to-end, each layer of the SOA for IoT (sensing layer, network layer, service layer, interface layer) must try to enforce its own security mechanism. Each layer as its own weaknesses.
• The security mindset has to be used since the conception of the service. As an example, the election of the sensors and actuators plays an important role, because they are manufactured by third party companies that seek economy, fast delivery, sell millions of devices at a very low cost. It is common that their security mechanisms on those systems on chips are not the best. 
• Since R8, 3GPP has pushed evolution towards LTE-A and LTE-A Pro. The standardization entity has designed mechanisms to enable IoT systems to reduce power consumption, expose services via Service Capability Exposure Function (SCEF)... and well, 5G seeks to enhance escalability by providing the same architecture no matter the radio access technology of the IoT system. The new generation core would receive traffic from heterogeneous access technologies.
• For a service operator, the cloud plays a key role, not only as a "place" where data is received, processed and stored, but as a central intelligence analysis center in order to detect anomalous activity and deploy countermeasures: detecting evil behavior is necessary, but trying to dynamically deploy the defense mechanism is also important. 
• Since at the end all is measured with numbers (costs and return of investment), there is a trade-off between how exigent is the SLA provided (availability, integrity and confidentiality) for the data and the analysis of the risk of being compromised. I think that the parameters of risk could be the value of the data, how important it is for the business, the additional latency and decreased battery life for a sensor when a full security scheme is deployed. Parameters are countless. 
• I think that some of the challenges for IoT regarding security (scalability, interoperability, management, security and privacy) can be addressed via the network slicing concept. This by providing means to escalate the network resources as needed and by deploying IDS/IPS functions on-demand, where needed. The isolation that a network slice provides could enable the contention of an attack by creating network honeypots or quarantine slices to contain malicious or suspicious activity. Feedback loops and OSS/BSS interaction is important to achieve this.

From my point of view, the service operators have no awareness of where is the service implemented inside the cloud. they are blind to the physical location of the functions. And well, should they worry? they just need the service, don't care how it is implemented. For them, something important is that the SLA promised by the cloud provider are accomplished properly. It is inside a network slice? it is in a physical dedicated server? it is up to the communications service provider to make the decision and deploy the best infrastructure for the customer.

This whole week was amazing. Has given me great view of the importance of security for industry and all the requirements that an architecture should support in order to meet the exigencies of the (new) use cases that industry and other actors would be implementing.

European Cyber Week à Rennes: Cybersecurity and healthcare focus day

For me, the key conference today was The Future of Healthcare – Scotland: paving the way, by Pr. William (Bill) BUCHANAN (@billatnapier). This conference blew my mind away.

It is known for all of us that the current technologies that we use to access Internet and the services built over it, use inventions developed more than 30 years ago. Improvements to the web, IP and TCP have been made by patching new features over them or creating new layers over them to provide new functions. And it is not only IP, or TCP: this involves also the use of STP on L2 networks, or BGP as a protocol used on Internet route announcement (and now inside data centers). Attention please, those layers are not like abstraction layers, but layers that obscure and makes difficult the operation of the system. We are using the same old tools to try to fix new problems envisioned by the massive growth of the Internet ecosystem and all the services that are supported. As suggested by Prof. Buchanan, a master reset should be done, in order to re-create the foundations of Internet having a security framework in mind.  But so far, we know this is very difficult. Just check out the example of IPv6, in which its adoption has had a low pace, because of the lack of incentive$ for telecoms to fully deploy it. All is about businesses and the return of investment after a change in a network. 

The key message here is that we are in the middle of a great opportunity to “make things right” in the foundation of the standardization process for 5G. Learn from the old technologies, have a security and privacy mindset in the implementation. The network may be seen by others like a dumb pipe, but the communication service operators are the aggregators of those pipes, and have to make sure that those pipes behave well and do not mess one with another. On the other hand, the deployment of (virtual) network functions and applications should be taken care too: this because 5G relies on software to provide functionality and is easily corruptible. How to make sure that the (virtual) network function is issued by a trusted entity? How I make sure that the orders from OSS/BSS are legitimate?

Assorted ideas in my conversation with Prof. Buchanan: encryption should be made on the source of data generation, or near the edge. The user must have the power over the data. The network must provide the necessary QoS according to the type of data, but  has to be agnostic to the content: the operator must not know about the data.

On the other side, since this focus day is centered on healthcare, convinces me once more on my quest to have a human approach of technology: to empower, enable him to pursue its dreams, to protect  the user and his data. This way, people will trust the system.

European Cyber Week à Rennes, day three

My key points for the last day of the C&ESAR conferences:

• The conference I enjoyed the most was "une autre vision de lq Cyber Threat Intelligence (CTI) by Airbus Cybersecurity. The motive is simply the reasoning behind the threat model and the cyberdefense strategy they showed and the during the presentation. 
• Regarding the threat model, covers all the steps from motivation to perform harm, compromising the target and exploiting the vulnerability.
• About the cyberdefense strategy, covered a complete approach with:
• Strategy: administrative decisions on the defense.
• Conception: use the imagination! Architects propose a solution to the security problems.
• Tactic: the defense. How are we going to defend? Made by the security engineers. How to correlate?
• Operation: BAU. SoC, CSIRT. Technical formation to personnel.  
• This gave me a lot to think about, because having a clear threat model allows to to have a vision of how to check an architecture for weak links and possible solutions to those potential problems. At some point, we would like to have granularity of the (virtual) network functions in order to have a flexible service composition and simple lightweight functions firing up when necessary. But the problem is the multiplication of the points of failure that are created. 
• An well, securing all those points of failures have costs in terms of money, processing time, memory, delay and latency... It is a trade off with the value of what I want to protect. What is the justification for such an investment?

The afternoon session was developed in Secure-IC. The topic was about the business of digital security. The subject was a little bit more administrative to my taste (or to my interest). Some isolated comments:

• Europe has no representative in the top 10 industries in the world: first 8 are USA, last 2 of the top 10 are Chinese.
• It is a shame that all is shaped by politics, being technology also affected by this.
• 90% of advertisement in the world is captured by Google and Facebook.
• Among the technical priorities in DGA plan, they want:
• Evaluation and orientation of COTS technologies.
• Improve architecture and the resilience of large systems (ships, aircraft…) taking into account the operational constraints. 
• LOL, this sounds like they are sharing some of the functional needs of 5G along with its enabling technologies. It is a fact that SDN and NFV would help to achieve these requirements. I am imagining right now network slices for ships, aircraft, hospitals, smart cities. In fact, as the speaker said, a ship, for example, is like a smart city! has its own energy source, water supply control, temperature control, CCTV, the crew.. a small scale city.

So far, I have more ideas, more questions, more reading to do and so much to learn; got to keep going.

Faire la pause: European Cyber Week à Rennes, day one

During this week, Rennes is hosting the European Cyber Week. This event, in its second edition, covers several programs that relate to the cyber security treats in scenarios such as connected vehicles, naval environments, e-health and IoT.

This event began with the Journées C&ESAR, which will make emphasis on Data protection facing cyber threats. Conferences today covered the following use cases:

• Naval environment
• Laboratory of research
• Autonomous connected vehicles
• e-health applications and the privacy of the patient data
• IoT
• Government / enterprise reputation management

Each vertical has its own point of view about the treats and the value of its data: different core businesses, different kinds of data generators - consumers, networking requirements regarding QoS - QoE, types of information, metadata and associated value of it. Compromising these businesses would create havoc at different scales: measurements not arriving on time, stealing of sensitive research results; crash of vehicles, liberation of confidential medical data, economic and trust issues among countries all over the world, just to say some examples.

These variety of use cases and exigencies would finally land on the tangible entity all people only notices (the one to blame) when it fails: the network. Oh, well, human factor has to be taken into account too, but it is out of the scope for this moment ;)

The great challenge is to have a complete view, end to end, of all the components that make the service possible; to provide ground rules that provide coexistence and a "pacific" ecosystem. A common architecture that holds them all and provides communication capabilities as the users demand. 

• How will the operation and management chain of command operate all the components and abstractions of the underlying control and infrastructure entities?
• How involved should the communication service provider be in the data management of the segment (better: slice)?
• Up to what extent the communication service provider must comply with certifications such as HIPAA (Health Insurance Portability and Accountability Act) in order to be able to provide services to a hospital? Or an aeronautical enterprise?

I love this conferences because provides food for the thought. A lot of questions, motivated by real world scenarios, that the telecoms (and the rest of players in the industry) must be able to answer. I hope to contribute in this process during the pursuit of my doctoral studies.

How to begin learning about NFV

After the last meeting with my supervisors, it was advised to leave the superficial exploratory phase and begin to have a serious understanding of the building blocks of the technologies that enable 5G. I will begin with NFV, since I believe it is "the most important" building block of the whole ecosystem.
But wait, where can I start?
Exploring the ETSI website to search for more specific information, there is a huge amount of documentation, with highly granular search criteria: this level of granularity is good in order to narrow down your search when you know what are you looking for. But.. when you are just beginning to learn about it can be difficult.

So, I think it is necessary to understand how the standardization body organizes the information, their internal working groups and how the documentation is released.

In the case of ETSI,

ETSI has several types of standards:

And according to history, the NFV initiative was industry motivated. Son NFV belongs to the ISG committee. Inside, there are several Working Groups (WG) each one focusing on a specific problem:

According to this, think that the documentation I am interested in has to do with the proposed use cases (SOL), interfaces and architecture (IFA), security (SEC) and the old (but relevant) management and orchestration (MAN) documents.

Still, I have to take care of something: The central topic is network slicing and its security. NFV is one of the enablers of the network slicing concept, it is important to get to know it, but I am not sure how deep I have to dig. I can be a little intense when reading, so I have to learn how to stop and not loose the main objective.

New challenge! Ph.D.

Well, it is time to revisit my blog and start writing again. I think this will be a good exercise, because it will help to relieve from stress, have a way to "talk to myself" and express ideas about the current challenge I am facing. 

As I read somewhere: "if you can't explain it, you don't understand it". So this will be a way to test myself if I am improving the understanding of the topics.

The new challenge refers to my doctoral study about securization of network slices for 5G. The topic is brand-new, with a lot of subtopics to consider. There can be several approaches depending on the background expertise: the radio access network (RAN), the core network (user plane? control plane?) access to services and applications... I think my focus would be in the core network regarding the way in which the network slices are created and the life-cycle management. 

The idea is to begin exploring and start to get a better understanding of the concepts and try to build a road-map in order to not get lost in this quest.