Privacy-Enhanced AKMA for Multi-Access Edge Computing Mobility

Gizem Akman*, Philip Ginzboorg*, Mohamed Taoufiq Damir, Valtteri Niemi

*Corresponding author for this work

Research output: Contribution to journalArticleScientificpeer-review

2 Citations (Scopus)
95 Downloads (Pure)

Abstract

Multi-access edge computing (MEC) is an emerging technology of 5G that brings cloud computing benefits closer to the user. The current specifications of MEC describe the connectivity of mobile users and the MEC host, but they have issues with application-level security and privacy. We consider how to provide secure and privacy-preserving communication channels between a mobile user and a MEC application in the non-roaming case. It includes protocols for registration of the user to the main server of the MEC application, renewal of the shared key, and usage of the MEC application in the MEC host when the user is stationary or mobile. For these protocols, we designed a privacy-enhanced version of the 5G authentication and key management for applications (AKMA) service. We formally verified the current specification of AKMA using ProVerif and found a new spoofing attack as well as other security and privacy vulnerabilities. Then we propose a fix against the spoofing attack. The privacy-enhanced AKMA is designed considering these shortcomings. We formally verified the privacy-enhanced AKMA and adapted it to our solution.

Original languageEnglish
Article number2
Pages (from-to)1-41
Number of pages41
JournalComputers
Volume12
Issue number1
DOIs
Publication statusPublished - Jan 2023
MoE publication typeA1 Journal article-refereed

Keywords

  • 5G
  • AKMA
  • formal verification
  • MEC
  • MEC mobility
  • privacy
  • ProVerif
  • security

Fingerprint

Dive into the research topics of 'Privacy-Enhanced AKMA for Multi-Access Edge Computing Mobility'. Together they form a unique fingerprint.

Cite this