Recently, intensified small cell deployment with overlay coverage through coexisting heterogeneous networks has emerged as a viable solution for 5G mobile networks. However, this multi-tier architecture along with stringent latency requirements in 5G brings new challenges in security provisioning due to the potential frequent handovers and authentications in 5G small cells and HetNets. In this article, we review related studies and introduce SDN into 5G as a platform to enable efficient authentication hand – over and privacy protection. Our objective is to simplify authentication handover by global management of 5G HetNets through sharing of user dependent security context information among related access points. We demonstrate that SEN-enabled security solutions are highly efficient through its centralized control capability, which is essential for delay-constrained 5G communications.
However, the specific key designed for handover and different handover procedures for various scenarios will increase handover complexity when applied to 5G HetNets. As the authentication server is often located remotely, the delay due to frequent enquirers between small cell APs and the authentication server for user verification may be up to hundreds of milliseconds, which is unacceptable for 5G communications. The authors of have proposed simplified hand – over authentication schemes involving direct authentication between UE and APs based on public cryptography. These schemes realize mutual authentication and key agreements with new networks through a three-way handshake without contacting any third party, like an authentication, authorization, and accounting (AAA) server. Although the handover authentication procedure is simplified, computation cost and delay are increased due to the overhead for exchanging more cryptographic messages through a wireless interface. For the same reason, carrying a digital signature is secure but not efficient for dynamic 5G wireless communications. Authentication Handover and Privacy Protection in 5G HetNets Using Software-Defined Networking
Mobile services based on 4G LTE services are steadily expanding across global markets, providing subscribers with the type of responsive Internet browsing experience that previously was only possible on wired broadband connections. With more than 200 commercial LTE networks in operation as of August 2013, LTE subscriptions are expected to exceed 1.3 billion by the end of 2018. LTE’s rapid uptake, based on exponential growth in network data traffic, has opened the industry’s eyes to an important reality: the mobile industry must deliver an economically sustainable capacity and performance growth strategy; one that offers increasingly better coverage and a superior user experience at lower cost than existing wireless systems, including LTE.
This strategy will be based on a combination of network topology innovations and new terminal capabilities. Simple network economics also require that the industry’s strategy enable new services, new applications, and ultimately new opportunities to monetize the user experience. To address these pressing requirements, many expert prognosticators are turning their attention to future mobile broadband technologies and standards (i.e., 5G) as well as evolutions of the 3GPP’s existing LTE standard and IEEE 802.11 standards. 3G/4G network performance is evaluated on “hard” metrics, including peak data rates, coverage, and spectral efficiency. The 5G Era will see expanded performance metrics centered on the user’s quality of experience (QoE), including factors such as ease of connectivity with nearby devices and improved energy effi- ciency. 5G networks will offer a more user-centric and context-aware experience, delivering personalized content and assistance services. 5G network elements will need to cooperate in new ways to deliver this level of personalization.
We introduce SDN into 5G to enable the proposed authentication handover scheme in coping with the frequent handover authentication in small cells and HetNets, as shown in Fig. 4. We implement an authentication handover module (AHM) in the SDN controller to monitor and predict the location of users, and then prepare the relevant cells before the user arrives to guarantee seamless handover authentication.
We propose an SDN-enabled user-specific secure context information transfer for efficient authentication hand over and privacy protection in 5G to achieve seamless authentication during frequent hand – overs, while at the same time meeting the privacy and latency requirements effectively. Using a traffic flow template (TFT) filter (source/destination IP addresses and port numbers) and related quality of service (QoS) description, secure context information (SCI) is collected by the AHM to share along a projected user moving path (i.e., from cell A to cell B, C in Fig. 4). The relevant cell APs thus prepare resource in advance and ensure seamless user experience during mobility.
Specifically, user specific attributes including identity, location, direction, round-trip time (RTT), and physical layer characteristics have been considered as reliable SCI to assist secure handover in 5G networks, instead of using complex cryptographic exchange mechanisms. As a non-cryptographic method, user-specific attributes are able to simplify the authentication procedure by providing the unique fingerprint of the specific device without additional hardware and computation cost.
In this article, we focus on using user-specific attributes as SCI (location, direction, etc.) to realize SDN-enabled authentication handover. Based on the proposed authentication context handover, security in SDN-enabled 5G networks becomes a monitored seamless procedure instead of multiple independent verifications, which could significantly reduce the possibility of impersonation and MitM attacks.