Small Cell Forum: Member only security update from Copper Horse
Small Cell Forum aims to support all members promote the adoption of small cells across the industry. A key part of this is providing exclusively to members research, market updates and insights to key aspects of the technology which may serve to break down the barriers to widespread deployment. The Security Task Force has recently commissioned mobile security expert David Rogers, CEO & Founder of Copper Horse, to create and share an update on security in the small cells ecosystem. Presented in two parts, David’s first update will be at our member only plenary in Rome. In this blog he shares what members can expect from the report and why Rome is the ultimate destination in which to think about secure communications.
At the Small Cell Forum meeting in September, I’ll be giving a talk on security in the small cells ecosystem, including upcoming technologies. With the meeting taking place in Rome, it is interesting to reflect how security in communications compares from Roman times to now. Communications have always had a need for security since ancient times, including for the Romans who had to transmit and receive information across long distances of the Empire and on multiple types of bearers. This meant that the network and the information had to be protected.
The Cursus Publicus was used for couriering messages and goods in the Roman Empire in a relay system. Examples of abuses of the system exist. There are also examples of messengers travelling the entire length of the message route – a form of end-to-end security in that the message could be relayed verbally by the original courier which also established authenticity. Today’s internet connected systems mean that messages traverse many different routes around the world via different bearers. In remote areas, satellite backhaul is necessary. In all cases, security is necessary to ensure the integrity and confidentiality of the information that is carried as well as to ensure the availability of the network. As we head towards 5G, the physical nature of these networks will become more blurred. The virtualisation of network services and the use of open source software to base these services on brings new challenges to the world of mobile telecommunications. Old challenges still remain – the cursus publicus was no doubt disrupted by natural disasters and telecoms networks are no different. Recovering from such situations quickly is a feature of modern small cells based networks.
In Suetonius’ Life of Julius Caesar, he referred to Caesar’s use of what is now known in the security world as the “Caesar shift cipher” – a method of substituting letters of the alphabet by shifting them a certain number. It is believed Romans used semaphore and lit beacons for some of their messages so it would be fairly obvious to anyone watching what a message was if it wasn’t encoded in some way. We’ll never know how secure it was or wasn’t, but whilst Caesar’s enemies were largely illiterate, the tables have somewhat turned in the modern technology world. Modern cryptography has come a long way; however it is incredible to think that some developers are still using the woefully insecure Caesar shift as a method of hiding information in software, sometimes for critical data stored on devices and network nodes. Network security and encryption can be easy to get wrong. By following best practices, using established secure algorithms and not succumbing to “rolling your own crypto” developers can take basic measures to ensure that their data and cryptographic implementations are secure. Systems can be independently tested and audited by various security companies to help to assure that equipment is what it claims to be with regards to security.
Thankfully, the security engineers and network equipment vendors of today don’t have to rely on Fortuna, the Roman God of chance, luck and fate to make sure things don’t go wrong. By following guidelines set by the Small Cell Forum, they can protect themselves and customers from the modern issues of communication. For now, we look to the future and to the September meeting in the Eternal City.