Issue link: https://resources.mouser.com/i/1315957
47 | In the connection between end devices and cloud- based services, MEC systems can enhance both security and user privacy in several ways. For example, MEC systems can serve as mediators, leading to more secure authentications—not only reducing the chance of man- in-the-middle attacks but also reducing the amount of personally identifiable information (PII) available for interception. Beyond their role in these fundamental services, MEC systems can serve as connections between end devices and hybrid clouds that combine the public cloud core with private resources that protect sensitive data, including PII. While MEC elements can help tighten security, the extensive software foundation of 5G networks enables novel new approaches for enhanced security. For example, in 5G networks, virtualization offers more than the isolation that is commonly associated with virtualized environments such as cloud virtual machines or containers. In 5G wireless, this concept extends to a capability called network function virtualization (NFV). NFV transforms traditional hardware-based network node functions such as load balancers or firewalls into software-based services that providers can deploy where necessary and scale to meet changing demand. NFV: A Critical Enabler NFV is a critical enabler of the 5G vision with its potential to tune network-service delivery to just the right level of performance, reliability, and functionality needed to meet specific service objectives. NFV already serves a role in providing development features such as monitoring and testing in 5G testbeds and early deployments. For security, NFV conceptually offers a significant advantage over current approaches. Besides using virtualization broadly to scale performance, service providers can use NFV to scale threat detection and response capabilities. At the first sign of an attack, a provider's security monitoring system can upgrade an NFV firewall to provide deeper filtering and even scale its hardware resources to maintain the same quality of service during the attack. Using SDN features, the provider can even reconfigure the network to move defensive nodes closer to the source of the attack, eventually isolating bad traffic from good. Using this broad approach, service providers and third-parties can essentially parameterize configurations, node capabilities, and cloud-based applications to offer on-demand security-as-a-service offerings. This concept jells in a 5G capability called network slicing.