IPO-ZTA: B5G和6G智能策略编排零信任架构

IF 4.4 2区 计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE
Yulong Fu , Yuanqi Xie , Wei Yi , Bikal Poudel , Jin Cao , Hui Li
{"title":"IPO-ZTA: B5G和6G智能策略编排零信任架构","authors":"Yulong Fu ,&nbsp;Yuanqi Xie ,&nbsp;Wei Yi ,&nbsp;Bikal Poudel ,&nbsp;Jin Cao ,&nbsp;Hui Li","doi":"10.1016/j.comnet.2025.111450","DOIUrl":null,"url":null,"abstract":"<div><div>As 5G and 6G networks become more complex and diverse, traditional security models based on trust boundaries face significant challenges. Zero Trust Architecture (ZTA), with its core principle of “never trust, always verify”, offers a potential solution for securing these dynamic networks. However, due to the vast and complex nature of B5G and 6G, how to achieve the “zero trust” concept in a high dynamic and service oriented systems are still lack of discussion, which limits the developing of ZTA in B5G and 6G, and the network’s ability to respond effectively to emerging threats are also inappropriate. In this article, we proposed an Intelligent Policy Orchestration Zero Trust Architecture (IPO-ZTA), which combines 6G Integrated Sensing and Communication (ISAC) capabilities with AI/ML techniques to predict security requirements and dynamically adjust fine grained security policies to fill this gap. The proposed framework introduces two AI-driven components: one that predicts security demands based on real-time network data and another that adjusts security policies based on these predictions. Additionally, we present a modular 3GPP security capability library that enhances the accuracy and flexibility of policy execution. Our research shows that IPO-ZTA improves the adaptability and efficiency of security policies in real-time while fully aligning with the core Zero Trust principles defined by 3GPP for the next generation networks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111450"},"PeriodicalIF":4.4000,"publicationDate":"2025-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"IPO-ZTA: An Intelligent Policy Orchestration Zero Trust Architecture for B5G and 6G\",\"authors\":\"Yulong Fu ,&nbsp;Yuanqi Xie ,&nbsp;Wei Yi ,&nbsp;Bikal Poudel ,&nbsp;Jin Cao ,&nbsp;Hui Li\",\"doi\":\"10.1016/j.comnet.2025.111450\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>As 5G and 6G networks become more complex and diverse, traditional security models based on trust boundaries face significant challenges. Zero Trust Architecture (ZTA), with its core principle of “never trust, always verify”, offers a potential solution for securing these dynamic networks. However, due to the vast and complex nature of B5G and 6G, how to achieve the “zero trust” concept in a high dynamic and service oriented systems are still lack of discussion, which limits the developing of ZTA in B5G and 6G, and the network’s ability to respond effectively to emerging threats are also inappropriate. In this article, we proposed an Intelligent Policy Orchestration Zero Trust Architecture (IPO-ZTA), which combines 6G Integrated Sensing and Communication (ISAC) capabilities with AI/ML techniques to predict security requirements and dynamically adjust fine grained security policies to fill this gap. The proposed framework introduces two AI-driven components: one that predicts security demands based on real-time network data and another that adjusts security policies based on these predictions. Additionally, we present a modular 3GPP security capability library that enhances the accuracy and flexibility of policy execution. Our research shows that IPO-ZTA improves the adaptability and efficiency of security policies in real-time while fully aligning with the core Zero Trust principles defined by 3GPP for the next generation networks.</div></div>\",\"PeriodicalId\":50637,\"journal\":{\"name\":\"Computer Networks\",\"volume\":\"269 \",\"pages\":\"Article 111450\"},\"PeriodicalIF\":4.4000,\"publicationDate\":\"2025-06-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Networks\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1389128625004177\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625004177","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0

摘要

随着5G和6G网络日益复杂和多样化,基于信任边界的传统安全模式面临重大挑战。零信任架构(Zero Trust Architecture,简称ZTA)以“永不信任,始终验证”为核心原则,为这些动态网络的安全提供了一种潜在的解决方案。然而,由于B5G和6G的庞大和复杂性质,如何在高动态和面向服务的系统中实现“零信任”概念仍然缺乏讨论,这限制了B5G和6G中ZTA的发展,网络对新兴威胁的有效响应能力也不合适。在本文中,我们提出了一种智能策略编排零信任架构(IPO-ZTA),它将6G集成传感和通信(ISAC)功能与AI/ML技术相结合,以预测安全需求并动态调整细粒度安全策略来填补这一空白。提出的框架引入了两个人工智能驱动的组件:一个基于实时网络数据预测安全需求,另一个基于这些预测调整安全策略。此外,我们还提出了一个模块化的3GPP安全功能库,提高了策略执行的准确性和灵活性。我们的研究表明,IPO-ZTA实时提高了安全策略的适应性和效率,同时完全符合3GPP为下一代网络定义的核心零信任原则。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
IPO-ZTA: An Intelligent Policy Orchestration Zero Trust Architecture for B5G and 6G
As 5G and 6G networks become more complex and diverse, traditional security models based on trust boundaries face significant challenges. Zero Trust Architecture (ZTA), with its core principle of “never trust, always verify”, offers a potential solution for securing these dynamic networks. However, due to the vast and complex nature of B5G and 6G, how to achieve the “zero trust” concept in a high dynamic and service oriented systems are still lack of discussion, which limits the developing of ZTA in B5G and 6G, and the network’s ability to respond effectively to emerging threats are also inappropriate. In this article, we proposed an Intelligent Policy Orchestration Zero Trust Architecture (IPO-ZTA), which combines 6G Integrated Sensing and Communication (ISAC) capabilities with AI/ML techniques to predict security requirements and dynamically adjust fine grained security policies to fill this gap. The proposed framework introduces two AI-driven components: one that predicts security demands based on real-time network data and another that adjusts security policies based on these predictions. Additionally, we present a modular 3GPP security capability library that enhances the accuracy and flexibility of policy execution. Our research shows that IPO-ZTA improves the adaptability and efficiency of security policies in real-time while fully aligning with the core Zero Trust principles defined by 3GPP for the next generation networks.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Computer Networks
Computer Networks 工程技术-电信学
CiteScore
10.80
自引率
3.60%
发文量
434
审稿时长
8.6 months
期刊介绍: Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信