5G Secondary Authentication based on EAP-TLS Protocol

With the development of mobile communication technology, we have now entered the 5G era. At the same time, vertical industries have also made new developments in 5G. Compared with ordinary users, users in vertical industries have more security requirements for their services. While vertical industries are developing in a more digital and networked direction, traditional authentication methods such as VPDN cannot satisfy the new security requirements, which brings greater challenges to the security of vertical industries. In order to satisfy the more security requirements of vertical industries, endogenous secondary authentication is introduced in the 5G network architecture, and the Extensible Authentication Protocol (EAP) is used to satisfy the different security requirements of vertical industries. This paper analyzes three kinds of secondary authentication methods based on the status quo and technological development trends of vertical industries, and proposes a 5G secondary authentication scheme based on 3GPP protocol standards. We use OpenAirInterface (OAI) to build a mobile communication network experimental platform, and realize the secondary authentication between users and authentication servers based on the EAP-TLS protocol by modifying the function of the network element. Experiment results demonstrate that our scheme has high security and reliability. It can provide a reference for the vertical industry to deploy secondary authentication in 5G.