Abstract
Device-to-Device (D2D) communications will be used as an underlay technology in the Fifth Generation mobile network (5G), which will make network services of multiple Service Providers (SP) available anywhere. The end users will be allowed to access and share services using their User Equipments (UEs), and thus they will require seamless and secured connectivity. At the same time, Mobile Network Operators (MNOs) will use the UE to offload traffic and push contents closer to users relying on D2D communications network. This raises security concerns at different levels of the system architecture and highlights the need for robust authentication and authorization mechanisms to provide secure services access and sharing between D2D users. Therefore, this paper proposes a D2D level security solution that comprises two security protocols, namely, the D2D Service security (DDSec) and the D2D Attributes and Capability security (DDACap) protocols, to provide security for access, caching and sharing data in network-assisted and non-network-assisted D2D communications scenarios. The proposed solution applies Identity-based Encryption (IBE), Elliptic Curve Integrated Encryption Scheme (ECIES) and access control mechanisms for authentication and authorization procedures. We formally verified the proposed protocols using ProVerif and applied pi calculus. We also conducted a security analysis of the proposed protocols.
Highlights
The UEi is free to choose any publicly known information as its ID such as public key or Internet Protocol (IP) address based on Identity-based Encryption (IBE) scheme [51]; this can be used together with another form of ID such as the Generic Public Subscription Identifier (GPSI) from primary authentication [1,50] and external ID (EID) and federated ID (FID) from secondary authentication and authorization procedures [38,39], respectively
BBU pool finds a match from User Equipments (UEs) A, generation NodeB (gNB) sets up a link with UEB and forwards (UB), DataName and PKUEB to UE A
Three attacks were found: the attacker I starts by eavesdropping on the communication between entities, impersonates UE A continuing the protocol with UEB, which completes the protocol with the attacker instead of UE A as below
Summary
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. D2D security has been investigated in related work (e.g., [16,17,18,19]), but these research efforts did not consider 5G’s new use cases such as multiple shareholders, tactile Internet, edge and third-party services [2] This implies that existing protocols cannot be trusted to address rising security challenges based on the new use cases, such as securing data access, caching and sharing, as well as authorization and user’s access right delegation for D2D users in 5G. We propose a D2D level security solution, consisting of D2D Service security (DDSec) and D2D Attributes and Capability security (DDACap) protocols that provide authentication and authorization in network- and non-network-assisted scenarios, respectively, enabling two UEs in proximity to access, cache and share data in different scenarios.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
