Could Telcos Securely Run Their Networks in Public Clouds?

The recently published European Telecommunications Standards Institute (ETSI) TS 103 457 standard promises to define how to secure sensitive functions in a virtualized environment. ETSI’s announcement says they have standardized…

…an interface between a “secure vault” that is trusted and a cloud that could be anywhere, where such sensitive data is stored in the vault. This allows a sensitive function to exist in a lower security environment, with data held securely.

Combining public clouds with network virtualization gives rise to intriguing possibilities, some of which are further elaborated by ETSI:

For instance, this interface can be used with new network function virtualization (NFV) technology to allow secure authentication of users for billing purposes. Virtualization means that processing can happen anywhere and might be untrusted, therefore these secure vaults are needed to protect sensitive functions and data. This is more common than ever as NFV technology becomes widespread.

But does this mean that telcos could seriously consider running network functions using the cloud computing services provided by Amazon’s AWS or Google’s GCP? Telecoms security analyst Patrick Donegan believes so.

Running public telecom network services out of a public cloud might not be at the top of
the agenda but for some telcos, that could emerge as one of the many partnership
models they are continuing to explore with cloud providers. Recent public examples, still
focused very much on business services, include the following:

  • Vodafone and Telefonica are among those telcos that have latched onto AWS’ new
    Outpost product line. This runs AWS services on AWS-designed hardware that sits
    in the enterprise premises to support hybrid cloud models.
  • One of Oracle’s key messages at the recent Mobile World Congress in Barcelona was
    pitched at building its own 5G core network elements; layering their market-leading
    analytics portfolio on top of them; and selling ‘slices’ of these 5G cloud networking
    resources wholesale to telco partners.

Donegan has written a short briefing to explain the implications of the new ETSI standard; find his analysis here.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.