Study on Security of 5G and Satellite Converged Communication Network

doi:10.12142/ZTECOM.202104009

Abstract

Abstract:

The 5G and satellite converged communication network (5G SCCN) is an important component of the integration of satellite-terrestrial networks, the national science, and technology major projects towards 2030. Security is the key to ensuring its operation, but at present, the research in this area has just started in our country. Based on the network characteristics and security risks, we propose the security architecture of the 5G SCCN and systematically sort out the key protection technologies and improvement directions. In particular, unique thinking on the security of lightweight data communication and design reference for the 5G SCCN network architecture is presented. It is expected to provide a piece of reference for the follow-up 5G SCCN security technology research, standard evolution, and industrialization.

Key words: 5G SCCN, non-terrestrial networks, 5G security, satellite security, integration of satellite-terrestrial networks

YAN Xincheng, TENG Huiyun, PING Li, JIANG Zhihong, ZHOU Na. Study on Security of 5G and Satellite Converged Communication Network[J]. ZTE Communications, 2021, 19(4): 79-89.

Figures/Tables 10

References 29

1	3GPP. Study on new services and markets technology enablers: 3GPP TR 22.891 V14.2.0 [S]. 2016
2	XU B Y, HAN M. Study on international standards of satellite communications [J]. Information and communications technology and policy, 2019, (17): 41–44
3	WANG C T, LI N, ZHAI L J, et al. Preliminary study on the integration of satellite communications and terrestrial 5G network [J]. Satellite & network, 2018, (9): 14–21
4	KONSTANTINOS L, ALEXANDER G, RAY S, et al. Use cases and scenarios of 5G integrated satellite‑terrestrial networks for enhanced mobile broadband: the SaT5G approach [J]. International journal of satellite communications and networking, 2019, 37（2）: 91–112
5	LIU S J, HU Y M, WANG D P. Overview of studies on the satellite⁃5G integration [J]. Information and communications technology and policy, 2019, (5)
6	SHEN Y Y. The Development trend of satellite communications in 5G era. Space international [J]. 2020, (1): 48–52
7	CRUICKSHANK H, IYENGAR S, SUN Z L. Securing IP multicast over GEO satellites [C]//IEEE Seminar on Broadband Satellite: The Critical Success Factors Technology, Services and Markets. London, UK: IEEE, 2000. DOI: 10.1049/ic: 20000534 DOI
8	NOUBIR G, LVON ALLMEN. Security issues in Internet protocols over satellite links [C]//50th Vehicular Technology Conference. Amsterdam, Netherlands: IEEE, 1999: 2726–2730. DOI: 10.1109/VETECF.1999.800282 DOI
9	ROY⁃CHOWDHURY A, BARAS J S, HADJITHEODOSIOU M, et al. Security issues in hybrid networks with a satellite component [J]. IEEE wireless communications, 2005, 12(6): 50–61. DOI: 10.1109/MWC.2005.1561945 DOI
10	JIANG Y W, ZHANG G X, ZHAO L D, et al. Summary of satellite communication and 5G convergence system development [C]//The 15th Annual Conference of satellite Communication. Beijing, China: CIC, 2019: 56–65
11	CHEN S Z, SUN S H, KANG S L. System integration of terrestrial mobile communication and satellite communication-the trends, challenges and key technologies in B5G and 6G [J]. China communications. 2020, 17(12): 16
12	KODHELI O, GUIDOTTI A, VANELLICORALLI A. Integration of Satellites in 5G through LEO Constellaions [C]//IEEE Global Communications Conference. Singapore, Singapore: IEEE, 2017:1–6. DOI: 10.1109/GLOCOM.2017.8255103 DOI
13	CHEN T T, WANG W J, DING R, et al. Location⁃based timing advance estimation for 5G integrated LEO satellite communications [C]//IEEE global communications conference. Taipei, China: IEEE. 2020: 1–6. DOI: 10.1109/GLOBECOM42002.2020.9322428 DOI
14	TANG Q Q, XIE R C, LIU X, et al. MEC enabled satellite⁃terrestrial network: architecture, key technique and challenge [J]. Journal on communications, 2020, 41(4): 162–182
15	ZHANG Z, ZHANG W, TSENG F H. Satellite mobile edge computing: improving QoS of high⁃speed satellite⁃terrestrial networks using edge computing techniques [J]. IEEE Network, 2019, 33(1): 70–76
16	LI F H, YIN L H, WU W. Research status and development trends of security assurance for space⁃ground integration information network [J]. Journal on communications. 2016, (11): 160–172
17	JI X S, LIANG H, HU H C. New thoughts on security technologies for space⁃ground integration information network [J]. Telecommunications science. 2017, (12): 30–41
18	Huang Zhan. Research on security protocol of broadband satellite network [D]. Harbin Institute of Technology, 2012
19	ITU⁃R M. Key elements for integration of satellite systems into next generation access technologies [EB/OL]. (2019⁃07⁃02) [2021⁃04⁃06].
20	3GPP. Study on new radio (NR) to support non-terrestrial networks: TR 38.811 V15.4.0 [S]. 2020
21	3GPP. Study on using satellite access in 5G: 3GPP TR 22.822 V16.0.0 [S]. 2018
22	3GPP. Study on scenarios and requirements for next generation access technologies: 3GPP TR 38.913 V16.0.0 [S]. 2020
23	3GPP. Study on architecture for next generation system: 3GPP TR 23.799 V14.0.0 [S]. 2016
24	3GPP. Service requirements for the 5G system: 3GPP TS 22.261 V17.2.0 [S]. 2020
25	ZHANG Z J, ZHOU Q, ZHANG C. New low⁃earth orbit satellites authentication and group key agreement protocol [J]. Journal on communications. 2018, (6):150–158. DOI: 10.11959/j.issn.1000–436x.2018102 DOI
26	BRAGA R, MOTA E, PASSITO A. Lightweight DDoS flooding attack detection using NOX/OpenFlow [C]//IEEE Local Computer Network Conference. Denver, USA: IEEE, 2010: 408–415. DOI: 10.1109/LCN.2010.5735752 DOI
27	DEEPA V, SUDAR K M, DEEPALAKSHMI P. Detection of DDoS attack on SDN control plane using hybrid machine learning techniques [C]//International Conference on Smart Systems and Inventive Technology. Tirunelveli, India: IEEE, 2018: 299–303. DOI: 10.1109/ICSSIT.2018.8748836 DOI
28	JIA M, SHU Y J, GUO Q, et al. DDoS attack detection method for space–based network based on SDN architecture [J]. ZTE communications, 2020, 18(4): 18–25. DOI: 10.12142/ZTECOM.202004004 DOI
29	YANG L F, ZHAO H. DDoS attack identification and defense using SDN based on machine learning method [C]//The 15th International Symposium on Pervasive Systems, Algorithms and Networks (I⁃SPAN). Yichang, China: IEEE, 2018: 174–178. DOI: 10.1109/I
	–SPAN.2018.00036

Network Layer	Security Attributes	Categories of Security Technology	Sub-Categories of Security Technology
Network application layer	Communication security	Data communication security	User data communication security
Network function layer	Authenticity	Identity authenticity	Terminal access authentication
	Authenticity	Identity authenticity	Authentication between network nodes
	Availability	Network availability	Anti-DDoS attack
	Availability	Network availability	Anti-UE random access attack
	Communication security	Network resource sharing	RAN slice isolation
		Network resource sharing	Core network slice isolation
		Data communication security	Network function communication security
Network transmission layer	Communication security	Network resource sharing	Bearer network slice isolation
	Communication security	Data communication security	Bearer network communication security
	Availability	Network availability	Anti-DDoS attack
	Authenticity	Identity authenticity	Authentication between network nodes
Infrastructure layer	Availability	Network availability	Anti-wireless communication interference
Infrastructure layer	Authenticity	Identity authenticity	Trusted boot of satellite nodes

Network Layer	Security Attributes	Categories of Security Technology	Sub-Categories of Security Technology
Network application layer	Communication security	Data communication security	User data communication security
Network function layer	Authenticity	Identity authenticity	Terminal access authentication
	Authenticity	Identity authenticity	Authentication between network nodes
	Availability	Network availability	Anti-DDoS attack
	Availability	Network availability	Anti-UE random access attack
	Communication security	Network resource sharing	RAN slice isolation
		Network resource sharing	Core network slice isolation
		Data communication security	Network function communication security
Network transmission layer	Communication security	Network resource sharing	Bearer network slice isolation
	Communication security	Data communication security	Bearer network communication security
	Availability	Network availability	Anti-DDoS attack
	Authenticity	Identity authenticity	Authentication between network nodes
Infrastructure layer	Availability	Network availability	Anti-wireless communication interference
Infrastructure layer	Authenticity	Identity authenticity	Trusted boot of satellite nodes