Future of Mobile Roaming: critical use-cases and security in 4G & 5G networks

Many blogs are already written about the evolution of networks from person-to-person to machine-to-person and finally machine-to -machine. Mobile roaming is revolutionizing the telecommunications landscape. Understanding the critical use cases, security measures, and regional traffic trends is essential for mobile operators to capitalize on these advancements and provide exceptional service. This post aims to clarify these aspects, helping MNOs navigate the complexities of modern connectivity.

What is a "Critical Use Case"?

A?critical use case?refers to an application or service requiring higher performance, stricter SLA and reliability standards due to its efficiency and user experience. These use cases often demand ultra-low latency, high reliability, and robust security measures. There is a lot of discussions about future use cases which will be available within 5G SA Roaming, but what are the ones already available via 4G/5G NSA? Let’s go through this list together.

Critical use cases supported by 4G & 5G NSA Roaming

Voice and Video Calls: ensuring secure, high-quality communication with minimal latency.

Mobile Internet Browsing: safe and secure access to web services.

Basic IoT Applications: such as smart meters and asset tracking, which require reliable and secure connectivity but not necessarily ultra-low latency.

Mobile Broadband Services: high-speed internet access for laptops and tablets, ensuring data integrity and security.

Critical use cases supported by 5G SA Roaming

Ultra-Reliable Low Latency Communications (URLLC): applications like autonomous vehicles, remote surgery, and industrial automation, which require near-instantaneous data transmission and ultra-high reliability.

Massive IoT: supporting a vast number of IoT devices with stringent security requirements, such as smart cities and connected health.

Enhanced Mobile Broadband (eMBB): high-bandwidth applications like 4K/8K video streaming, AR/VR experiences, and immersive gaming.

Private Networks: Enterprise solutions that demand high security and privacy, such as corporate communications and secure government networks.

Critical use-cases requiring mixt technologies

The list is not exhaustive, but it clearly shows how interdependent the world of IOT M2M is:

Automotive: many vehicles still use older technologies for connectivity. Ensuring compatibility with 2G/3G is crucial for verification and to avoid coverage loss.

Rural and Remote Areas: older technologies like 2G/3G are often more widespread in rural and remote areas, ensuring broader coverage.

Being available today through 4G/5G NSA or tomorrow through 5G SA Roaming, all these examples require higher security, which is one of our key focus areas at Deutsche Telekom Global Carrier. Therefore, we go further and differentiate “regular security” from “security premium”. It is worth mentioning that depending on protocol (4G/5G NSA or 5G SA Roaming) requirements for both the approach will be different. ?[SB1]?[DN2]?

Regular Security Measures

As 4G (and 5G NSA together with it) was initially designed with less inbuild security compared to 5G SA, the requirements for regular security are larger: Diameter Firewall is a must, it has to filter all inbound traffic. For 5G SA Roaming, regular security is determined by GSMA and is represented by SEPP, which is needed to launch the service. What do we mean then by “security premium” and why is it needed?

Security premium approach of Deutsche Telekom Global Carrier

4G & 5G NSA

Several factors are impacting the safety of the messages exchanged via 4G/5G NSA: the designed vulnerability of the protocol is causing a high ratio of fraud, decreasing levels of trust between roaming partners, an increasing variety of roaming scenarios (also due to the subject of today’s discussion – IOT M2M), and, finally, very limited security options you can apply to STP’s and other legacy elements. All messages sent over Diameter are open to man-in-the-middle attacks as they are seen & answered by several systems numerous times; the return answer always takes the same IP-path (Carrier) back to the sender of the request – thus, Firewall won’t give you a 100% protection. DESS (Diameter End-to-End Security Solution) is an additional protection level offering inbuilt integrity and authentication.

Another element of security premium for 4G / 5G NSA will be the security monitoring and IPX approach. In case of Deutsche Telekom, we limit our IPX network to MNO-only, making some exceptions for M2M players but studying each case very carefully.

5G SA

As this protocol is secured by design, it requires special attention. In addition to the GSMA-required SEPP, we offer a complimentary approach, whereby we guarantee incapsulated security towards any destination by keeping our “Family” (our NatCos) in a protected infrastructure, which is also available to “friends” (mobile operators who are our strategic partners).

For questions related to 5G, please contact Francesco Votta .