The growing market share of connecting flights on intercontinental routes is largely due to the success of the airport hub-and-spoke model such as Dubai and Istanbul international airports. The Hub model for airlines and passengers transformed the concept of a connected world, putting the vast majority of destinations only two flights away. Today it is possible to fly from Mardin to Delhi and from there to multiple locations, building connections that would be unimaginable otherwise.
Like in the aviation industry, roaming hubs have fueled competition, fostered new routes and enabled a large array of new business models. Like with airport hubs, in order to extend their reach, many operators use roaming hubs when getting started, or when the business opportunity is not large enough to justify a new bilateral connection. It makes sense as these hubs provide instant and broad roaming partner coverage.
Like with the previous generation of wireless technologies, roaming hubs are expected to play an important role in the launch of 5G roaming. However, operating roaming hubs in a 5G environment presents a series of challenges due to 5G security by design architecture.
As part of the measures implemented to improve 5G security, the entire roaming architecture is based on bilateral, direct connections between two roaming partners.
The available 5G roaming solutions compliant with 3GPP standards require roaming partners to establish a direct secure connection between their Security Edge Protection Proxy (SEPP) with no intermediaries.
This is a radical change compared to the hop-by-hop model used today, which enables for example, IPX providers to play a role in this ecosystem. The GSMA, the industry body representing the worldwide mobile communications ecosystem, launched a task force to prevent the disruption of the well-established roaming business model while the industry moves from 4G to a more secure 5G ecosystem. The following 5G roaming scenarios are currently under discussion in the GMSA 5G Mobile Roaming Revisited (5GMRR) group of which Mobileum is a very active contributor:
- Vanilla 3GPP: operators connect their SEPPs using TLS (Transport Layer Security) - The drawback of this approach for the current roaming business model is that it makes it technically more difficult to accommodate the existing role of roaming VAS operators, roaming HUBs, and IPX carriers. While this may be the most secure solution for bilateral agreements, it will also drive the industry backward in terms of flexibility, making it more difficult to rapidly launch and expand new global coverage agreements.
- PRINS (Protocol for N32 Interconnect Security) – Another option “currently on the table” is PRINS, also specified in 3GPP where the MNO allows some of the information exchanged between the SEPPs to be manipulated by third parties, such as IPX providers, in such a way that every roaming partner is aware of what fields have been modified by whom. When the IPX provider makes a change, it signs off that change with a certificate, and the receiving MNO can verify who made the change and its compliance with permissions. Besides being complex to manage, this option also has technical issues related to the fact that often operators prefer not to let the roaming partner know what the original value was when a field is modified.
- Outsourced SEPP (Security Edge Protection Proxy) – 3GPP specifies that SEPP is at the edge of the security perimeter of a mobile operator, and this has opened the door to the possibility of outsourcing the SEPP to a third party. Scenarios where it makes sense include group operators in a region providing a single exit point or for connections that would be too costly to maintain in house. IPX providers or roaming hubs can step in taking care of managing the secure connection with roaming partners. The main disadvantage is that the connection between the SEPP and the operator’s 5G core is no longer internal and needs to be carefully secured. The solution is similar to a concept that we know from 4G as ‘hosted DEA’. When the IPX provider hosts the SEPP function, it can apply the necessary VAS and apply TLS towards the SEPP of the other MNO (or the IPX provider of the other MNO).
These solutions of course are not mutually exclusive, but having to support both PRINS and direct TLS will result in an increase in complexity and costs and consequently delays in the establishment of global 5G roaming coverage. The industry does not want to see itself again in a scenario like with VoLTE roaming where operators were uncertain about which GSMA roaming model to embrace, Local Break-Out (LBO) or S8 Home Routed (S8HR).
As we see it, the industry should not follow a path that makes it impossible to deploy roaming hubs, as they are critical in creating a truly fully interconnected world. The security “cost” of letting trusted roaming hubs access to some privileged information about roaming subscribers should be weighted against the benefits. Besides, using roaming hubs is not mandatory and the information they need access to is shared with roaming partners which may in some cases be even less trustworthy.
Mobileum is working to ensure that the 5GMRR task force defines guidelines for a flexible, practical and secure 5G roaming model that represents the best compromise between security, ease of operation, and support of current business.
While working with its peers and customers to create the standards that enable 5G roaming flexibility and security, Mobileum is also engineering 5G solutions that make the global connectivity secure, namely:
- SEPP - policing the control plane in a roaming relationship
- 5G firewall - complementing the SEPP in securing the 5G core network from attacks
- SCP - regulating the flow of messages between network functions in the visited and home network
If you’re interested to get in more details, please leave your comment below or contact us.