The 5G-EPICENTRE Approach for Decreasing Attack Surface on Cross-Testbeds Cloud-native 5G Scenarios

The 5G-EPICENTRE EU-funded project proposes mission-critical service and application experimentation in federation, adopting a "testbed of testbeds" approach in which different 5G-based platforms are intelligently combined and calibrated from a single control point. This cross-testbed concept embraced in the 5G-EPICENTRE project, together with the transition of 5G technologies into a Cloud-native environment pose numerous challenges, including an increased attack surface and various security concerns such as how to enforce security policies at multiple levels across the entire infrastructure. In that sense, first, this paper provides an overview of such security challenges and a review of the methodologies discussed in the literature to decrease the attack surface in those complex scenarios. Later, this paper presents the 5G-EPICENTRE security approach and an early version of a security framework which considers the usage of security by design techniques, network and container-level isolation strategies and the usage of the service mesh design pattern, all of them key elements to allow to secure the overall infrastructure and monitor, mitigate and respond to security incidents.