DCSS Protocol for Data Caching and Sharing Security in a 5G Network

Fifth Generation mobile networks (5G) promise to make network services provided by various Service Providers (SP) such as Mobile Network Operators (MNOs) and third-party SPs accessible from anywhere by the end-users through their User Equipment (UE). These services will be pushed closer to the edge for quick, seamless, and secure access. After being granted access to a service, the end-user will be able to cache and share data with other users. However, security measures should be in place for SP not only to secure the provisioning and access of those services but also, should be able to restrict what the end-users can do with the accessed data in or out of coverage. This can be facilitated by federated service authorization and access control mechanisms that restrict the caching and sharing of data accessed by the UE in different security domains. In this paper, we propose a Data Caching and Sharing Security (DCSS) protocol that leverages federated authorization to provide secure caching and sharing of data from multiple SPs in multiple security domains. We formally verify the proposed DCSS protocol using ProVerif and applied pi-calculus. Furthermore, a comprehensive security analysis of the security properties of the proposed DCSS protocol is conducted.

[1]  Mahdi Aiash,et al.  The Case for Federated Identity Management in 5G Communications , 2020, 2020 Fifth International Conference on Fog and Mobile Edge Computing (FMEC).

[2]  Yan Zhang,et al.  Cooperative Content Caching in 5G Networks with Mobile Edge Computing , 2018, IEEE Wireless Communications.

[3]  Mohsen Guizani,et al.  5G Optimized Caching and Downlink Resource Sharing for Smart Cities , 2018, IEEE Access.

[4]  TIANKUI ZHANG,et al.  Content-Centric Mobile Edge Caching , 2020, IEEE Access.

[5]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[6]  Maede Ashouri-Talouki,et al.  Lightweight and anonymous three-factor authentication and access control scheme for real-time applications in wireless sensor networks , 2019, Peer-to-Peer Netw. Appl..

[7]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[8]  Mahdi Aiash,et al.  Formal Verification and Analysis of Primary Authentication based on 5G-AKA Protocol , 2020, 2020 Seventh International Conference on Software Defined Systems (SDS).

[9]  Jack B. Dennis,et al.  Programming semantics for multiprogrammed computations , 1966, CACM.

[10]  Xiaofei Wang,et al.  Cache in the air: exploiting content caching and delivery techniques for 5G systems , 2014, IEEE Communications Magazine.

[11]  Ralf Sasse,et al.  A Formal Analysis of 5G Authentication , 2018, CCS.

[12]  Andrew D. Gordon,et al.  Verified implementations of the information card federated identity-management protocol , 2008, ASIACCS '08.

[13]  Xiqi Gao,et al.  A Survey of Physical Layer Security Techniques for 5G Wireless Networks and Challenges Ahead , 2018, IEEE Journal on Selected Areas in Communications.

[14]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[15]  Su Hu,et al.  Physical Layer Security in 5G Based Large Scale Social Networks: Opportunities and Challenges , 2018, IEEE Access.

[16]  Jari Arkko,et al.  Improved Extensible Authentication Protocol Method for 3GPP Mobile Network Authentication and Key Agreement (EAP-AKA , 2020 .

[17]  David A. Basin,et al.  The TAMARIN Prover for the Symbolic Analysis of Security Protocols , 2013, CAV.

[18]  Martín Abadi,et al.  The Applied Pi Calculus , 2016, J. ACM.

[19]  Noel Crespi,et al.  A new scalable authentication and access control mechanism for 5G-based IoT , 2020, Future Gener. Comput. Syst..

[20]  Ning Zhang,et al.  LACS: A Lightweight Label-Based Access Control Scheme in IoT-Based 5G Caching Context , 2017, IEEE Access.

[21]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[22]  David F. Ferraiolo,et al.  Guide to Attribute Based Access Control (ABAC) Definition and Considerations , 2014 .

[23]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[24]  Jonathan Loo,et al.  Formal Verification of Authentication and Service Authorization Protocols in 5G-Enabled Device-to-Device Communications Using ProVerif , 2021, Electronics.

[25]  Ivan Damgård,et al.  Access Control Encryption: Enforcing Information Flow with Cryptography , 2016, TCC.

[26]  Qiang Wang,et al.  Formal Analysis of 5G EAP-TLS Authentication Protocol Using Proverif , 2020, IEEE Access.

[27]  Byung-Seo Kim,et al.  ICN with edge for 5G: Exploiting in-network caching in ICN-based edge computing for 5G networks , 2020, Future Gener. Comput. Syst..

[28]  Mahdi Aiash,et al.  Network Service Federated Identity (NS- FId) Protocol for Service Authorization in 5G Network , 2020, 2020 Fifth International Conference on Fog and Mobile Edge Computing (FMEC).

[29]  Rahim Tafazolli,et al.  Mobility as a Service (MaaS): A D2D-Based Information Centric Network Architecture for Edge-Controlled Content Distribution , 2018, IEEE Access.

[30]  Sudhan Majhi,et al.  Beamforming and Power Optimization for Physical Layer Security of MIMO-NOMA Based CRN Over Imperfect CSI , 2021, IEEE Transactions on Vehicular Technology.

[31]  Ahmed A. Abd El-Latif,et al.  Efficient quantum-based security protocols for information sharing and data protection in 5G networks , 2019, Future Gener. Comput. Syst..

[32]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[33]  Jari Arkko,et al.  A USIM Compatible 5G AKA Protocol with Perfect Forward Secrecy , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[34]  Rose Qingyang Hu,et al.  Security for 5G Mobile Wireless Networks , 2018, IEEE Access.

[35]  Li Sun,et al.  Physical layer security with its applications in 5G networks: A review , 2017, China Communications.

[36]  Ali Chehab,et al.  Efficient data confidentiality scheme for 5G wireless NOMA communications , 2021, J. Inf. Secur. Appl..

[37]  Jonathan Loo,et al.  Investigating Network Services Abstraction in 5G Enabled Device-to-Device (D2D) Communications , 2019, 2019 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI).

[38]  Mahdi Aiash,et al.  Formal verification of secondary authentication protocol for 5G secondary authentication , 2020 .

[39]  Mohammad S. Obaidat,et al.  An Authenticated Key Exchange Protocol for Multi-Server Architecture in 5G Networks , 2020, IEEE Access.

[40]  Dick Hardt,et al.  The OAuth 2.0 Authorization Framework , 2012, RFC.

[41]  Ben Smyth,et al.  ProVerif 1.85: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial , 2011 .

[42]  Elisa Bertino,et al.  Identity Management: Concepts, Technologies, and Systems , 2010 .

[43]  Ning Ge,et al.  Physical Layer Security for UAV Communications in 5G and Beyond Networks , 2021, ArXiv.

[44]  Taekyoung Kwon,et al.  A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things , 2020, IEEE Access.

[45]  Alessandro Armando,et al.  Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for google apps , 2008, FMSE '08.

[46]  Renpeng Zou,et al.  A Novel Variable K-Pseudonym Scheme Applied to 5G Anonymous Access Authentication , 2021, ArXiv.

[47]  Jason Crampton,et al.  Delegation in role-based access control , 2007, International Journal of Information Security.

[48]  Hyungweon Park,et al.  A Multi-Server Authentication Protocol Achieving Privacy Protection and Traceability for 5G Mobile Edge Computing , 2021, 2021 IEEE International Conference on Consumer Electronics (ICCE).

[49]  Jonathan Loo,et al.  A formally verified access control mechanism for information centric networks , 2015, 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE).

[50]  Asit Chakraborti,et al.  Deploying ICN in 3GPP’s 5G NextGen Core Architecture , 2018, 2018 IEEE 5G World Forum (5GWF).

[51]  Fan Wu,et al.  Authentication Protocol for Distributed Cloud Computing: An Explanation of the Security Situations for Internet-of-Things-Enabled Devices , 2018, IEEE Consumer Electronics Magazine.