Formalization of a security access control model for the 5G system

The race for implementing communication services over 5G has already begun. For this, network coverage is needed and resource sharing is a way to achieve it. Therefore, each provider enforces its own security requirements. Under this scenario, it is necessary to consider security access mechanisms and policy rules, to regulate how interconnections are made between the shared network functions and how to allow specific traffic. The existing models do not address all the needs inherent to the 5G architecture, such as multi-tenancy, multi-domain and multiple security levels. To solve this challenge, this paper defines a novel access control model for 5G, leveraging on the best characteristics of traditional access control models used in operating systems and cloud scenarios. The security properties in our model obey the functional requirements within the 5G system as well as towards the customers. The actions and type of traffic of the system can be specified and enforced via an access control policy. Besides addressing the 5G system, our innovation is general enough to be applied over other types of architectures, proving its scalability and capability to incorporate more security features. To solve this challenge, this paper defines a novel access control model for 5G, leveraging on the best characteristics of traditional access control models used in operating systems and cloud scenarios. The security properties in our model obey the functional requirements within the 5G system as well as towards the customers. The actions and type of traffic of the system can be specified and enforced via an access control policy. Besides addressing the 5G system, our innovation is general enough to be applied over other types of architectures, proving its scalability and capability to incorporate more security features. Besides addressing the 5G system, our innovation is general enough to be applied over other types of architectures, proving its scalability and capability to incorporate more security features.