With that basic understanding about at the high level design of 5G security framework in mind, let's look at some of the specific ways in which 5G are not only increases data security, but also offers enhanced user privacy. The first aspect of increased level of security is that of integrator security credentials. Now, most of you know that the way security is provided or at least configured in our everyday phones, is by means of a SIM card. When you subscribe to a cellular network operators service, it provides you with a SIM card and some of the authentication and other credentials are stored on that SIM card to a certain extent. Now, your phone is always in your control. But imagine some of the industrial IoT devices, such as security cameras or robotic manufacturing arms. Some of those devices might be unmanned and they might go unmonitored for several hours at a stretch. How do we make sure that somebody just doesn't unplug the SIM card out of those devices, thereby jeopardizing the security of those devices? Well, an upcoming option in 5G paradigm is that of integrated security. In that, just like the software of that device will be integrated with the device, with the device hardware, the security keys such as encryption, authentication, and any other keys as maybe necessary. Some of those credentials will also be integrated with the device itself. Because the security parameters are closely tied to the device itself, it will be much more difficult for anybody to compromise the security of that particular device, at least more difficult than it would be to just take the SIM card out of such a device. Another aspect of 5G security is that of deeper key hierarchy. Although it might sound technical, let me help you understand that in very simple language. In a typical cellular network, there are two types of connectivity that a user can leverage when the user is in the coverage provided by its native cellular operator. It is set to be in the home network. Whereas when the user moves to a different town or a state, or maybe even a different country where the subscribed cellular network operator does not or cannot provide coverage, that network operator partners with certain other network operators locally in order to provide roaming coverage. Given that mobility is an integral part of 5G networks, how can this framework ensure that security is provided not just in the home network, but in the roaming network as well. That is the fundamental premise of deeper key hierarchy. At a high level what it means is that no matter where the user is located, home network or a different rooming network, some of the fundamental security mechanisms, including your security keys, etc, will always be hosted in the home network. In a simple language, no matter where the user is, the user will always have an end-to-end secure data tunnel, so to speak, with its home network and thereby ensuring that no matter where the user is, it's security is not compromised because it follows the same grid as a security in the home network because there is this secure virtual data tunnel going from the home network to the user no matter where he is located. The final aspect is that of improved protection to both data plane as well as control plane. I hope we all remember what data plane versus control plane are. Legacy technologies such as LT, did have the mechanism of integrity protection, wherein you add a certain metadata with your data of interest so that if an attacker in the middle got access to the data, and maliciously changed are some of the data to a different set of bits and bytes, the ultimate receiver, using the metadata, would still be able to tell whether somebody tampered with the data in transit or whether that data came in without being tampered. That is the basic premise of integrity protection. Legacy technologies like LT limited that integrity protection only to control plane. But 5G has now expanded our integrity protection to user plane as well. That even not just the signaling but even user plane data, if it is tampered with by an attacker in the middle, such as your picture or your email, your 5G phone will be able to tell that that data was tampered with and as such to discard that data if it is observed to have been tampered with, and it will ask the network for a different copy of the same data. In addition to integrity protection goes without saying that both control and user plane feature encryption, meaning that the data that is sent on control or user plane can be successfully decoded only by the user for which that data is intended for because when you subscribe to the service from a cell phone operator, as I said, in most cases, at least in everyday parlance, you'll get a SIM card, the keys corresponding to those that are stored in your SIM card are also stored in the operator score network. That is how 5G network precisely knows what encryption keys we use in order to encrypt data for a specific user so that that transmission can be successfully decoded only by that user and no other user. With this understanding of enhanced our security mechanisms in mind, let's also look at how 5G tries to protect user privacy by making certain announcements.
