IPO-ZTA: B5G和6G智能策略编排零信任架构

IF 4.4 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Networks Pub Date : 2025-06-18 DOI:10.1016/j.comnet.2025.111450

Yulong Fu , Yuanqi Xie , Wei Yi , Bikal Poudel , Jin Cao , Hui Li

{"title":"IPO-ZTA: B5G和6G智能策略编排零信任架构","authors":"Yulong Fu , Yuanqi Xie , Wei Yi , Bikal Poudel , Jin Cao , Hui Li","doi":"10.1016/j.comnet.2025.111450","DOIUrl":null,"url":null,"abstract":"<div><div>As 5G and 6G networks become more complex and diverse, traditional security models based on trust boundaries face significant challenges. Zero Trust Architecture (ZTA), with its core principle of “never trust, always verify”, offers a potential solution for securing these dynamic networks. However, due to the vast and complex nature of B5G and 6G, how to achieve the “zero trust” concept in a high dynamic and service oriented systems are still lack of discussion, which limits the developing of ZTA in B5G and 6G, and the network’s ability to respond effectively to emerging threats are also inappropriate. In this article, we proposed an Intelligent Policy Orchestration Zero Trust Architecture (IPO-ZTA), which combines 6G Integrated Sensing and Communication (ISAC) capabilities with AI/ML techniques to predict security requirements and dynamically adjust fine grained security policies to fill this gap. The proposed framework introduces two AI-driven components: one that predicts security demands based on real-time network data and another that adjusts security policies based on these predictions. Additionally, we present a modular 3GPP security capability library that enhances the accuracy and flexibility of policy execution. Our research shows that IPO-ZTA improves the adaptability and efficiency of security policies in real-time while fully aligning with the core Zero Trust principles defined by 3GPP for the next generation networks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"269 ","pages":"Article 111450"},"PeriodicalIF":4.4000,"publicationDate":"2025-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"IPO-ZTA: An Intelligent Policy Orchestration Zero Trust Architecture for B5G and 6G\",\"authors\":\"Yulong Fu , Yuanqi Xie , Wei Yi , Bikal Poudel , Jin Cao , Hui Li\",\"doi\":\"10.1016/j.comnet.2025.111450\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>As 5G and 6G networks become more complex and diverse, traditional security models based on trust boundaries face significant challenges. Zero Trust Architecture (ZTA), with its core principle of “never trust, always verify”, offers a potential solution for securing these dynamic networks. However, due to the vast and complex nature of B5G and 6G, how to achieve the “zero trust” concept in a high dynamic and service oriented systems are still lack of discussion, which limits the developing of ZTA in B5G and 6G, and the network’s ability to respond effectively to emerging threats are also inappropriate. In this article, we proposed an Intelligent Policy Orchestration Zero Trust Architecture (IPO-ZTA), which combines 6G Integrated Sensing and Communication (ISAC) capabilities with AI/ML techniques to predict security requirements and dynamically adjust fine grained security policies to fill this gap. The proposed framework introduces two AI-driven components: one that predicts security demands based on real-time network data and another that adjusts security policies based on these predictions. Additionally, we present a modular 3GPP security capability library that enhances the accuracy and flexibility of policy execution. Our research shows that IPO-ZTA improves the adaptability and efficiency of security policies in real-time while fully aligning with the core Zero Trust principles defined by 3GPP for the next generation networks.</div></div>\",\"PeriodicalId\":50637,\"journal\":{\"name\":\"Computer Networks\",\"volume\":\"269 \",\"pages\":\"Article 111450\"},\"PeriodicalIF\":4.4000,\"publicationDate\":\"2025-06-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Networks\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1389128625004177\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625004177","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

摘要

随着5G和6G网络日益复杂和多样化，基于信任边界的传统安全模式面临重大挑战。零信任架构（Zero Trust Architecture，简称ZTA）以“永不信任，始终验证”为核心原则，为这些动态网络的安全提供了一种潜在的解决方案。然而，由于B5G和6G的庞大和复杂性质，如何在高动态和面向服务的系统中实现“零信任”概念仍然缺乏讨论，这限制了B5G和6G中ZTA的发展，网络对新兴威胁的有效响应能力也不合适。在本文中，我们提出了一种智能策略编排零信任架构（IPO-ZTA），它将6G集成传感和通信（ISAC）功能与AI/ML技术相结合，以预测安全需求并动态调整细粒度安全策略来填补这一空白。提出的框架引入了两个人工智能驱动的组件：一个基于实时网络数据预测安全需求，另一个基于这些预测调整安全策略。此外，我们还提出了一个模块化的3GPP安全功能库，提高了策略执行的准确性和灵活性。我们的研究表明，IPO-ZTA实时提高了安全策略的适应性和效率，同时完全符合3GPP为下一代网络定义的核心零信任原则。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

IPO-ZTA: An Intelligent Policy Orchestration Zero Trust Architecture for B5G and 6G

As 5G and 6G networks become more complex and diverse, traditional security models based on trust boundaries face significant challenges. Zero Trust Architecture (ZTA), with its core principle of “never trust, always verify”, offers a potential solution for securing these dynamic networks. However, due to the vast and complex nature of B5G and 6G, how to achieve the “zero trust” concept in a high dynamic and service oriented systems are still lack of discussion, which limits the developing of ZTA in B5G and 6G, and the network’s ability to respond effectively to emerging threats are also inappropriate. In this article, we proposed an Intelligent Policy Orchestration Zero Trust Architecture (IPO-ZTA), which combines 6G Integrated Sensing and Communication (ISAC) capabilities with AI/ML techniques to predict security requirements and dynamically adjust fine grained security policies to fill this gap. The proposed framework introduces two AI-driven components: one that predicts security demands based on real-time network data and another that adjusts security policies based on these predictions. Additionally, we present a modular 3GPP security capability library that enhances the accuracy and flexibility of policy execution. Our research shows that IPO-ZTA improves the adaptability and efficiency of security policies in real-time while fully aligning with the core Zero Trust principles defined by 3GPP for the next generation networks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Computer Networks 工程技术-电信学

CiteScore

10.80

自引率

3.60%

发文量

434

审稿时长

8.6 months

期刊介绍： Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.