Implementing a Security Policy Management for 5G Customer Edge Nodes

Hammad Kabir, Muhammad Hassaan Bin Mohsin, Raimo Kantola

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

6 Citations (Scopus)


The upcoming 5th generation (5G) mobile networks need to support ultra-reliable communication for business and life-critical applications. To do that 5G must offer higher degree of reliability than the current Internet, where networks are often subjected to Internet attacks, such as denial of service (DoS) and unwanted traffic. Besides improving the mitigation of Internet attacks, we propose that ultra-reliable mobile networks should only carry the expected user traffic to achieve a predictable level of reliability under malicious activity. To accomplish this, we introduce device-oriented communication security policies. Mobile networks have classically introduced a policy architecture that includes Policy and Charging Control (PCC) functions in LTE. However, in state of the art, this policy architecture is limited to QoS policies for end devices only. In this paper, we present experimental implementation of a Security Policy Management (SPM) system that accounts communication security interests of end devices. The paper also briefly presents the overall security architecture, where the policies set for devices or services in a network slice providing ultra-reliability, are enforced by a network edge node (via SPM) to only admit the expected traffic, by default treating the rest as unwanted traffic.

Original languageEnglish
Title of host publicationProceedings of IEEE/IFIP Network Operations and Management Symposium 2020
Subtitle of host publicationManagement in the Age of Softwarization and Artificial Intelligence, NOMS 2020
ISBN (Electronic)9781728149738
Publication statusPublished - Apr 2020
MoE publication typeA4 Conference publication
EventIEEE/IFIP Network Operations and Management Symposium - Budapest, Hungary
Duration: 20 Apr 202024 Apr 2020

Publication series

NameIEEE/IFIP Network Operations and Management Symposium
ISSN (Print)1542-1201
ISSN (Electronic)2374-9709


ConferenceIEEE/IFIP Network Operations and Management Symposium
Abbreviated titleNOMS


  • 5G
  • communication security policy
  • network edge
  • Policy Management
  • reliability
  • unwanted traffic


Dive into the research topics of 'Implementing a Security Policy Management for 5G Customer Edge Nodes'. Together they form a unique fingerprint.

Cite this