Future work streams for GSMA and 3GPP
As the field of telecommunication security continues to evolve, the attack surfaces widen with the introduction of Information technology components in 5G networks, Non-terrestrial networks (NTNs), and the future 6G networks. There are still many gaps unaddressed by the GSMA Fraud and Security Group and 3GPP SA3 Group. This article will highlight the security items or streams that have not been covered by both organizations, which I intend to present at some point at the GSMA meeting.
1. Lack Of 3GPP SCAS and NESAS For 2G-3G, IMS(IP Multimedia Subsystem) network elements and & Compact Core EPC & 5G
The 3GPP Security Assurance specifications, in short SCAS, are a list of security specifications with test cases instructions to verify and test the effectiveness of the security controls in the telecommunications devices for 4G and 5G networks. However, the industry still makes use of 2G,3G, and IMS(IP Multimedia Subsystem) networks, and none of the devices for these mobile generations are covered in 3GPP SCAS, and if the SCAS specification does not cover them, then they are also not covered by the GSMA NESAS program, which is a certification program based on 3GPP SCAS.
