OZTrust: an O-RAN Zero-Trust Security System

2023 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)(2023)

引用 0|浏览27
暂无评分
摘要
The Open Radio Access Network (O-RAN) has gained significant attention as a future RAN framework. However, its architectural characteristics introduce unprecedented security challenges from expanded attack surface and increased risk for proprietary data theft and RAN control manipulation. Despite extensive security analysis from industry, concrete security solutions for the evolving O-RAN framework are still lacking in the literature. In this paper, we propose OZTrust, a Zero-Trust security system tailored for the O-RAN environment. OZTrust comprises two components: access control module and policy management module. The former performs per-packet tagging and verification for each xApp as dictated by its access control policy, while the latter automatically derives necessary access control policies by discovering xApp's communication patterns through distributed tracing. Our prototype-based evaluation demonstrates that OZTrust provides more fine-grained access control for xApps than existing Role-Based Access Control (RBAC) and Container Network Interfaces (CNIs) and outperforms its predecessor.
更多
查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要