5G Core Network: Enabling Secure, Scalable, and Innovative Services
5G enables new business models, ecosystems, and technologies that allow enterprises and Mobile Network Operators (MNOs) to grow their businesses faster than the traditional wireless market. However, with this innovation comes increased complexity: the traditional network perimeter is disappearing, and attack surfaces are expanding. Securing a network that will touch nearly every aspect of our lives is critical. It is paramount that we deliver both human and IoT communication services in a secure and trusted environment.
The 5G Core Network (5GC) holds a key role in realizing the full potential of 5G services. Without 5GC, fully-fledged New Radio (NR) services cannot be achieved.
Service-Based Architecture (SBA)
The 5GC is built around a Service-Based Architecture (SBA)—a design pattern widely adopted in modern software development to improve modularity. In SBA, the core network is decomposed into independent, reusable services that communicate via standardized APIs. This approach allows operators to mix and match network functions from different vendors, fostering interoperability and innovation.
- Standalone (SA) 5G: Comprising 5GC and gNB, it delivers full 5G capabilities from day one.
- Non-Standalone (NSA) 5G: Leverages existing LTE infrastructure but offers only limited 5G services.
Cloud-Native Design
A cloud-native architecture is fundamental to 5GC, enabling flexible scaling, rapid upgrades, and high resilience. Key principles include:
- Stateless microservices deployed in containerized environments (e.g., Docker, Kubernetes).
- Each Network Function (NF) is composed of small, independently scalable units called NF services.
- State information is stored centrally in the Unstructured Data Storage Function (UDSF), making NFs stateless.
This design allows:
- Rapid scaling of individual services without impacting the whole system.
- Isolation of faulty components to ensure uninterrupted service.
- Faster time-to-market for new services through automated lifecycle management.
Security in 5GC
With SBA and cloud-native deployment, security must be embedded at every layer. Key security considerations include:
- Inter-NF Encryption & Integrity Protection – per 3GPP TS 33.501, using TLS and certificate management.
- Inter-NF Authentication & Authorization – leveraging OAuth 2.0.
- Signaling Protection (Release 16) – enabled by the Service Communication Proxy (SECOP), which provides:
- Secure communication between NFs and other SECOPs.
- Filtering, load balancing, and protection of HTTP/2-based signaling traffic.
- Exposed Interface Protection – particularly for the Network Exposure Function (NEF):
- Secure NF-to-NEF communication (using the same mechanisms as above).
- API security for third-party applications accessing NEF.
- Firewalling on the N33 interface and use of the Security Edge Protection Proxy (SEPP) over the N32 interface for inter-PLMN security.
Unlocking New Business Opportunities
Powered by its cloud-native, standalone, and SBA-based architecture, 5GC—combined with 5G-specific features like network slicing, ultra-low latency, and massive connectivity—enables transformative use cases such as:
- Factory automation
- Smart cities
- Autonomous driving
- Remote healthcare
These capabilities allow operators to secure new revenue streams beyond traditional connectivity services.
IPLOOK has been at the forefront of 5G deployment since day one and is fully equipped to support any operator’s 5G core network requirements—with security, scalability, and innovation built in.
