| Abstract: | 在 the fifth generation(5G)中,因需大量導入IOT sensor,使得資料量呈現爆炸性的成長。在如此高流量的環境下卻要有低延遲的條件,這會讓無線傳輸的安全性的實現,變得極為困難。在導入Software Define Network(SDN)與Mobile Edge Computing(MEC)後,無線網路安全的問題有了新的解答。但是,在5G中因使用通訊範圍較小的small cell,與4G相比,換手的次數較為頻繁,使得網路服務或功能的遷移,變成一個極需解決的問題。在本文中,我們提出了一個在EPC或eNB下的防火牆建立流程,並結合EPS-AKA程序,達到減少封包傳遞的數量。我們也探討EPC中的實體故障,以load balance的方法,平均分配故障實體的工作量。另外,針對頻繁換手問題,我們考慮了Intra-MME, Inter-MME, Inter-EPC,三個環境下的換手流程,並結合UE handover的程序,精簡封包數量,降低換手的時間。最後,我們也有提到在非信任環境的換手,並提出一個可行的方法。我們也期望未來能夠此流程能夠擴大成其他服務也能使用,例如,即時翻譯。
In the near future, a huge amount of network will flow through the fifth generation (5G) network since a tremendous number of IOT devices/sensors will soon connect to their application platforms via 5G. In such a heavy-traffic environment, low-latency requirement will seriously impact wireless transmission security. Also, 5G adopts Software Defined Network (SDN) and Mobile Edge Computing (MEC) which conduct short transmission delays and user-defined security may be a solution. Also, in 5G due to employing small cells of small communication ranges, compared with those adopted by 4G, the number of handover will be relatively frequent, that the migration of network services or functions will be another problem yet to be solved. In this paper, we propose a firewall establishment process which installs firewalls in an EPC or eNB. We also implement a fault tolerant mechanism to detect the hardware failures in EPC and then distribute the workload of the failed network entity to other entities of the same functions following the principles of load balance. To solve the problem of frequent handover, we design a handover procedure for each of the three environments, including Intra-MME, Inter-MME and Inter-EPC, which are tightly integrated with UE handover procedure, aiming to reduce the number of transmitted messages and the time consumed by handover. Finally, we also expect that this firewall migration process can be applied to other services, e.g., the migration of instant translation function, in the near future. |
