The European Union Agency for Cybersecurity (ENISA) publishes a report on eSIMs and a second on fog and edge computing in 5G. Both reports aim to provide insights into the challenges faced by these technologies.
ENISA dives deep into the security challenges of eSIM technology and examines security issues for fog and edge computing in 5G to support the national security authorities of the ECASEC group and the NIS Cooperation Group workstream on 5G cybersecurity.
The case of eSIMs
eSIM is the generic term for the embedded form of a SIM card (Subscriber Identity Module). The eSIM built into the device is hosted on a tiny chip that allows the details of the mobile phone contract to be stored in digital format.
Like the regular SIM card, the eSIM identifies a subscriber in a mobile operator’s network and can be found in a wide range of products, including wearable devices, computers, medical Internet-of-Things (IoT) devices, home automation and security systems, and wearable points -of-sale devices.
The report published today provides an overview of eSIM technology, assesses the market potential in Europe and includes identified security challenges and proposed mitigation measures.
The security challenges identified are related to software attacks such as eSIM swapping, memory exhaustion and under memory attacks, bloated profiles and lock profile attacks. Cyber criminals can cause unavailability of services or gain access to confidential information.
Still, no major technical vulnerability has been discovered to date, and only limited cybersecurity breaches have been reported. However, large-scale IoT deployment and the resulting increase in the use of eSIMs could lead to an increase in such cyber incidents.
Learn more in the Embedded SIM Ecosystem, Security Risks and Measures report
The Case of Fog and Edge Computing: The Role It Plays in 5G
Fog and edge computing have created new opportunities and novel applications in the 5G ecosystem. However, the telecom, cloud and industrial communities face multimodal security challenges.
Since the architecture is a layer below cloud computing, the main goal of fog and edge computing is to reduce the workload of edge and cloud devices by offering additional network and hardware resources to both parties.
Leveraging this technology, computing, storage data, and application services are provided to end users while being hosted at the edge of the network. It reduces service latency and improves the overall end-user experience. End users benefit from remote access to data storage and availability of services without requiring extensive resources, reducing costs.
The report provides an overview of fog and edge technologies related to 5G in terms of their architecture, attributes and security aspects. In addition, the different architectural approaches and their applications are presented. In addition, the standardization solutions are outlined and application scenarios are analyzed.
Learn more in the Fog and Edge Computing in 5G report.
39th meeting of the ECASEC expert group
Organized in a hybrid format both in Dublin, Ireland and online, the meeting brought together around 60 experts from national authorities from EU, EFTA, EEA and EU accession countries overseeing the European telecoms sector.
The group’s experts discussed the new work program and also focused on the potential update of the existing security measures and incident reporting framework to reflect the changes introduced by the NIS2 Directive.