关键词: 5G安全, 网络安全, 风险评估, 安全检测, 5G威胁

Abstract: The development of new architectures, technologies and applications of 5G poses new challenges to security. On the one hand, 5G introduces many IT technologies, making the form of assets more complex and diverse. The application of network slicing, multi-access edge computing, network capacity opening and other technologies brings new security threats. On the other hand, 5G is deeply integrated with vertical industries, and 5G security requires a transformation from "general security" to "on-demand security". Global System for Mobile Communications Association has established Network Equipment Security Assurance Scheme (NESAS), which leverages security evaluation to improve 5G security. However, NESAS mainly focus on large-scale 5G base station and core network equipment testing, lacking the scheme of network operation security and data protection.  A novel security evaluation model (ARMIT model) for 5G assets is proposed. The model first describes 5G assets composition and threats landscape, and then stresses the evaluation security requirements, indexes and methods regarding to 5G assets and network operation. It provides an effective reference for equipment enterprises and operators to carry out security capability evaluation of 5G products, networks and services.

Key words: 5G Security, Network security, Risk evaluation, Security test, 5G Threats