A Survey of 5G Core Network User Identity Protections, Concerns, and Proposed Enhancements for Future 6G Technologies

Paul Scalise, Michael Hempel () and Hamid Sharif
Additional contact information
Paul Scalise: Department of Electrical and Computer Engineering, University of Nebraska-Lincoln, Lincoln, NE 68588, USA
Michael Hempel: Department of Electrical and Computer Engineering, University of Nebraska-Lincoln, Lincoln, NE 68588, USA
Hamid Sharif: Department of Electrical and Computer Engineering, University of Nebraska-Lincoln, Lincoln, NE 68588, USA

Future Internet, 2025, vol. 17, issue 4, 1-21

Abstract: Fifth-Generation (5G) cellular networks extensively utilize subscriber identifiers throughout the protocol stack, thereby linking subscribers to their activities on the network. With the inherent use of linked identifiers comes the potential capability to track subscribers’ location and behavior, which poses critical challenges for user identity protections and privacy in sensitive applications like military or healthcare operating over public 5G infrastructure. The reliance on such personal identifiers threatens a user’s right to privacy and brings to light the importance of proper mechanisms to mitigate these risks for current and future cellular network technologies. In this paper, we explore the 5G specifications to understand the most important list of identifiers and their use across Virtual Network Functions (VNF), and points of exposure within the Core Network (CN). We also examine the existing literature regarding identity protections and efforts to mitigate privacy concerns targeted in the CN. Findings include the need for a trust relationship between users and their network providers to protect and safeguard their identity. While 5G technology has greater user identity protections compared to previous cellular generations, our analysis shows that several areas of concern remain, particularly in the exchange of subscriber metadata. This work also finds that new technologies adopted in 5G networks add further complexity to maintaining a strict posture for safeguarding user identity and privacy protections. This paper also reviews the scientific community’s proposed enhancements for future 6G networks’ user identity and privacy protections, with a focus on emerging Artificial Intelligence (AI) and Machine Learning (ML) applications. The ethical implications of private or anonymous communications are also carefully weighed and examined to understand the multifaceted nature of this topic. Our work is concluded by proposing important further research to reduce the prevalence and reliance on personal identifiers such as the SUPI (Subscription Permanent Identifier) within 5G Core operations to help better protect user identity. We also propose replacing the widespread use of the SUPI between VNFs with ephemeral identifiers, building upon efforts by 3GPP aiming for 5G to protect the SUPI from eavesdroppers.

Keywords: privacy; 5G; core network; supi; virtual network functions; service-based architecture; personal identifiers; anonymity; responsible privacy protection (search for similar items in EconPapers)
JEL-codes: O3 (search for similar items in EconPapers)
Date: 2025
References: View references in EconPapers View complete reference list from CitEc
Citations:

Downloads: (external link)
https://www.mdpi.com/1999-5903/17/4/142/pdf (application/pdf)
https://www.mdpi.com/1999-5903/17/4/142/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jftint:v:17:y:2025:i:4:p:142-:d:1619738

Access Statistics for this article

Future Internet is currently edited by Ms. Grace You

More articles in Future Internet from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().