Powering 5G innovation through security, open standards and flexible integration

As mobile networks have become more critical to society, they have also become a target for cyberattacks, leading to more focus on infrastructure security. As operators have progressed from 4G to 5G infrastructure, ensuring security has become more difficult through the growing number of vendors and devices, and thereby more complex processes.

With the customer experience of utmost importance, operators have adopted standard-based approach (3GPP) for the development and integration of solutions for digital identities for infrastructure components across the national and international networks.

For the TIM Group, a leading telecommunication and ICT solution provider in Italy and Brazil, it is a critical requirement to secure the delivery of services to over 90 million customers across its fixed, mobile, and cloud infrastructures and data centres. The TIM Group portfolio of services and products for communication and entertainment are complemented by IoT capabilities that provide an integrated digital solution for citizens, businesses, and public administrations.

Leading the TIM Group activities for identity and digital validation is Telecom Italia Trust Technologies, a Certificate Authority that is 100% owned by Olivetti, the main driver for IoT technologies and qualified trusted services within the Group. TI Trust Technologies has twenty years’ experience in PKI service management and guarantees all levels of security necessary to offer the forementioned services within its ISO 27001-certified operations.

To ensure security and interoperability, TI Trust Technologies is compliant with several standards including the Agency for Digital Italy (AgID) and eIDAS (electronic IDentification Authentication and Signature) to help it deliver best-in-class “Trusted Services”. These standards have been adopted by TIM Group to meet several use cases including Strong Authentication for PSD2 compliance, Digital Signature, Electronic Registered Delivery services, Legal Archiving services and innovative blockchain solutions.

TI Trust Technologies was engaged by TIM Group as a PKI (Public Key Infrastructure) service provider for a large project to secure its 4G and 5G mobile networks. The project involved about 55,000 devices equipped with a digital certificate to use the ‘IPsec’ secure communication standard as a key part of its backhaul network.

As Salvatore Nappi, Managing Director at Telecom Italia Trust Technologies explains, “We are looking at a future where there are more vendors, technologies, and hybrid ways of working and within this environment we need to collaborate with partners that have the best technology, are open and share the philosophy of continuous evolution – this is why we view PrimeKey as a critical partner for us at a strategic level - as we share many common values.” 

According to Pierre Codis, Director of Sales Southern Europe at PrimeKey, “the project has the challenging requirement of delivering a solution able to issue certificates to devices from different vendors using the CMPv2 protocol as defined by the 3GPP framework. TI Trust Technologies turned to PrimeKey expertise to build a technological solution that navigated the subtle differences between the rival vendor interpretations and therefore compatibility of various standards. The flexibility of EJBCA Enterprise allowed the delivery of a single framework able to seamlessly integrate every device and vendor combination across the disparate environment”.

The project delivered a solution for and Public Key Infrastructure (PKI) that connects across the TIM network through Security Gateway (SecGW) and supports TIM’s reference technology deployed in its 4G and 5G mobile networks. The PKI service is based on EJBCA Enterprise, a PrimeKey product that is already successfully used by major telecommunication providers with similar requirements.

The PKI platform was installed in a TIM Group dedicated data centre, and delivered to TIM as an end-to-end managed service, with the issuance and management of all the certificates necessary for the coverage of the 4G and 5G networks. Even with 55,000 devices to secure across multiple vendors, the project was delivered on time and within budget. The solution also went through a rigorous interoperability testing phase to deliver a high degree of confidence in the ability of the TIM Group to easily create and manage services, underpinned by secure digital identity validation across a wide range of use cases critical to its current and future business strategy

As Salvatore Nappi explains, “Interoperability testing was near flawless and changes were straightforward which led to the project being viewed as a major success by the Group, especially during what has been a challenging time due to the pandemic. PrimeKey is an important part of this team effort, and we will work together as technology and standards evolve to ensure that TIM is always in a position to securely innovate its products and services.”

Download PDF