Feb 14 2019

With growing network performance requirements as 5G unfolds, how rigorous are your ground-up security processes?

在线免费观看With unmatched reliability, capacity and low latency, the new generation of 5G cellular networks now being rolled out in lead countries like the US bring the promise of connecting everything from sensors and systems to robots and platforms, in order to form an automated ‘whole’ that operates in mission-critical environments.

They also bring new and sizable security risks relative to what we have known just in recent times.

For years, telecommunication networks were essentially isolated networks built on proprietary telecom protocols. Now, they are migrating to Internet-facing, all-IP networks with standardized protocols. Fed by automation and virtualization, this major technology shift unfolding has both significantly shortened development and deployment cycles and given bad actors a much broader canvas – more opportunities in a network – on which to seize vulnerabilities.

Thus, this technology shift challenges everyone, from industry to regulators to consumers, to evolve the way we approach security and mitigate risks.

在线免费观看With a long track record of producing secure products for mission-critical networks, the Nokia brand, as one rooted in our Finnish history, has long been a byword for trust with our customers.

Even so, the learning, and the doing, never stop, given the challenges of implementing strong product security in today’s fast-evolving technology landscape. This has meant learning that it is not enough to just have process controls and deliverables, nor enough just to have mandatory technical requirements and expecting things to be implemented.

在线免费观看While having a security development process and a set of technical security requirements is a good start, none of these matter if you do not follow up, measure and observe the level of implementation – and have everyone, up and down an organization, committed to maintaining rigorous security practices and policies.

在线免费观看Our lessons learned are continuously built into what we call Design for security (DFSEC) – Nokia’s way of creating products from the ground up; from the initial development stage that address the security challenges of today and those we believe we will see tomorrow.

Nokia’s Design For Security (DFSEC)

NOKIA’s Design For Security (DFSEC)

As a proactive approach by design, DFSEC standards, tools and processes ensure that security and privacy are implemented before a product is ever built in any of our business groups.

We have built over time a catalogue of security requirements, grouped per priority and severity, that are mandatory in every product. This forms the proactive core of our DFSEC process, which is also informed by our external engagement in industry forums like 3GPP and with customers and regulatory bodies. Taken together, all the various inputs are incorporated into Nokia’s mandatory security requirements.

Our products are then assessed to establish a security baseline and to define roadmaps on security, privacy and interoperability; and later subjected to rigorous testing using both internal and commercially available tools. Wherever feasible, we utilize both static and dynamic code analysis as well as strong cryptography to ensure the integrity of our products throughout the development cycle.

Now, we understand that even the best software, rigorously tweaked and tested over and over again, could end up being shown later to have an exploitable flaw, and Nokia continuously monitors public and private sources for indications that our own software or 3rd party software embedded in our products could have a security vulnerability. Vulnerabilities are graded on a scale in the context of each product, and our R&D teams take a variety of actions to troubleshoot  these. This applies across all our R&D teams, who in turn are accountable for adhering to the DFSEC principles while we monitor the compliance centrally.

在线免费观看Automation is also essential for the development process and security enforcement. We aim to provide developers with automated feedback about potential security problems in their code at the earliest possible stage of development; and seek to automate network vulnerability scans and various application security tests to ensure they are regularly and consistently executed. As we do that, early stage indicators and more comprehensive product tests are tracked by our R&D and security management teams to enable rapid intervention where it is needed. In cases of non-compliance, Nokia’s security department can issue a veto on a product – and, we have no qualms about doing that; the cost of poor quality is simply too high for our customers.

There will always be work ahead for us and for all relevant stakeholders on the security front, as bad actors look for the next new vulnerability to exploit. Still, as we move forward in the 5G era, the systems we have in place through DFSEC give us a very solid center of gravity for effectively optimizing our security checks and delivering the type of reliable and secure products our customers have long come to expect from Nokia.

在线免费观看Share your thoughts on this topic by joining the Twitter discussion with @nokia and @nokianetworks using #security #5G #cybersecurity

About Petteri Rantanen

Petteri is the Chief Security Officer and VP, HSSE at Nokia. He is responsible for all aspects of safety, security and privacy worldwide. This includes establishing security strategy, information security, product security, business continuity management and other security services across all Nokia businesses.

Tweet us at

Article Tags
日本黄大片免费播放器-日本阿v片在线播放免费_日本一级特黄大片 777米奇影院 超碰 久久热在线视频精品 久久热最新地址 久久热 久久视频 久久小说下载网 久久热在线视频精品店 99艺术网 东京热 人体艺术 人体艺术写真 免费无码在线播放av_色天使色姐妹在线视频_色姐妹久久综合在线av 亚洲人成视频在线播放免费人成视频_欧美成人网站 免费观看 一本道在线高清无视码v视频日本,-一本道在线高清无视码v视频日本,-一本道免费v码在线,-日本一道本香蕉视频, 可乐操_好屌操_天天操_操你啦视频_大爷操影院 色色网站_婷婷五月俺去也人妻_成人色色网_色姐妹av高清 伊人影院蕉久大香蕉影院在线,伊人影院蕉久院在线大香蕉,伊人影院蕉久影院在线无码大香蕉