| CPC H04W 12/122 (2021.01) [G06F 21/53 (2013.01); H04L 41/0806 (2013.01); H04L 47/22 (2013.01); H04W 12/03 (2021.01); G06F 2221/033 (2013.01); H04W 84/042 (2013.01)] | 9 Claims |
|
1. A computer-implemented method for increasing resistance to side-channel attacks on a first slice of a 5G (fifth generation) network having a plurality of slices, including at least a second slice, that share underlying physical network resources and infrastructure in a core network, radio access network, and wide area network, the method comprising:
receiving data packets to be carried by the slice, the data packets associated with a workload to which secret information is associated, the data packets having transmission characteristics with a natural timing distribution that is inherent to the workload;
configuring a slice controller in the 5G network to control transmission of traffic over the slice, the traffic including the data packets, and wherein the slice controller is implemented as a software-defined networking (SDN) component instantiated on the underlying physical network infrastructure for controlling slicing in the core network, radio access network, and wide area network; and
operating the slice controller to perform secret-independent shaping for the traffic to obfuscate the secret information associated with the workload for the first slice from the second slice, wherein the secret-independent shaping comprises enforcing temporal isolation of shared physical network resources between the first slice and second slice in which the slice controller alternately allocates shared physical network resources to the first slice and the second slice to prevent simultaneous use of the shared physical network resources by the first slice and the second slice.
|