Yulong Fu , Yuanqi Xie , Wei Yi , Bikal Poudel , Jin Cao , Hui Li
{"title":"IPO-ZTA: B5G和6G智能策略编排零信任架构","authors":"Yulong Fu , Yuanqi Xie , Wei Yi , Bikal Poudel , Jin Cao , Hui Li","doi":"10.1016/j.comnet.2025.111450","DOIUrl":null,"url":null,"abstract":"<div><div>As 5G and 6G networks become more complex and diverse, traditional security models based on trust boundaries face significant challenges. Zero Trust Architecture (ZTA), with its core principle of “never trust, always verify”, offers a potential solution for securing these dynamic networks. However, due to the vast and complex nature of B5G and 6G, how to achieve the “zero trust” concept in a high dynamic and service oriented systems are still lack of discussion, which limits the developing of ZTA in B5G and 6G, and the network’s ability to respond effectively to emerging threats are also inappropriate. In this article, we proposed an Intelligent Policy Orchestration Zero Trust Architecture (IPO-ZTA), which combines 6G Integrated Sensing and Communication (ISAC) capabilities with AI/ML techniques to predict security requirements and dynamically adjust fine grained security policies to fill this gap. The proposed framework introduces two AI-driven components: one that predicts security demands based on real-time network data and another that adjusts security policies based on these predictions. Additionally, we present a modular 3GPP security capability library that enhances the accuracy and flexibility of policy execution. Our research shows that IPO-ZTA improves the adaptability and efficiency of security policies in real-time while fully aligning with the core Zero Trust principles defined by 3GPP for the next generation networks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111450"},"PeriodicalIF":4.4000,"publicationDate":"2025-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"IPO-ZTA: An Intelligent Policy Orchestration Zero Trust Architecture for B5G and 6G\",\"authors\":\"Yulong Fu , Yuanqi Xie , Wei Yi , Bikal Poudel , Jin Cao , Hui Li\",\"doi\":\"10.1016/j.comnet.2025.111450\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>As 5G and 6G networks become more complex and diverse, traditional security models based on trust boundaries face significant challenges. Zero Trust Architecture (ZTA), with its core principle of “never trust, always verify”, offers a potential solution for securing these dynamic networks. However, due to the vast and complex nature of B5G and 6G, how to achieve the “zero trust” concept in a high dynamic and service oriented systems are still lack of discussion, which limits the developing of ZTA in B5G and 6G, and the network’s ability to respond effectively to emerging threats are also inappropriate. In this article, we proposed an Intelligent Policy Orchestration Zero Trust Architecture (IPO-ZTA), which combines 6G Integrated Sensing and Communication (ISAC) capabilities with AI/ML techniques to predict security requirements and dynamically adjust fine grained security policies to fill this gap. The proposed framework introduces two AI-driven components: one that predicts security demands based on real-time network data and another that adjusts security policies based on these predictions. Additionally, we present a modular 3GPP security capability library that enhances the accuracy and flexibility of policy execution. Our research shows that IPO-ZTA improves the adaptability and efficiency of security policies in real-time while fully aligning with the core Zero Trust principles defined by 3GPP for the next generation networks.</div></div>\",\"PeriodicalId\":50637,\"journal\":{\"name\":\"Computer Networks\",\"volume\":\"269 \",\"pages\":\"Article 111450\"},\"PeriodicalIF\":4.4000,\"publicationDate\":\"2025-06-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Networks\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1389128625004177\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625004177","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
IPO-ZTA: An Intelligent Policy Orchestration Zero Trust Architecture for B5G and 6G
As 5G and 6G networks become more complex and diverse, traditional security models based on trust boundaries face significant challenges. Zero Trust Architecture (ZTA), with its core principle of “never trust, always verify”, offers a potential solution for securing these dynamic networks. However, due to the vast and complex nature of B5G and 6G, how to achieve the “zero trust” concept in a high dynamic and service oriented systems are still lack of discussion, which limits the developing of ZTA in B5G and 6G, and the network’s ability to respond effectively to emerging threats are also inappropriate. In this article, we proposed an Intelligent Policy Orchestration Zero Trust Architecture (IPO-ZTA), which combines 6G Integrated Sensing and Communication (ISAC) capabilities with AI/ML techniques to predict security requirements and dynamically adjust fine grained security policies to fill this gap. The proposed framework introduces two AI-driven components: one that predicts security demands based on real-time network data and another that adjusts security policies based on these predictions. Additionally, we present a modular 3GPP security capability library that enhances the accuracy and flexibility of policy execution. Our research shows that IPO-ZTA improves the adaptability and efficiency of security policies in real-time while fully aligning with the core Zero Trust principles defined by 3GPP for the next generation networks.
期刊介绍:
Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.