Search for: All records

The open radio access network (O-RAN) offers new degrees of freedom for building and operating advanced cellular networks. Emphasizing on RAN disaggregation, open interfaces, multi-vendor support, and RAN intelligent controllers (RICs), O-RAN facilitates adaptation to new applications and technology trends. Yet, this architecture introduces new security challenges. This article proposes leveraging zero trust principles for O-RAN security. We introduce zero trust RAN (ZTRAN), which embeds service authentication, intrusion detection, and secure slicing subsystems that are encapsulated as xApps. We implement ZTRAN on the open artificial intelligence cellular (OAIC) research platform and demonstrate its feasibility and effectiveness in terms of legitimate user throughput and latency figures. Our experimental analysis illustrates how ZTRAN's intrusion detection and secure slicing microservices operate effectively and in concert as part of O-RAN Alliance's containerized near-real time RIC. Research directions include exploring machine learning and additional threat intelligence feeds for improving the performance and extending the scope of ZTRAN. 

The open radio access network (O-RAN) is recognized for its modularity and adaptability, facilitating swift responses to emerging applications and technological advancements. However, this architecture's disaggregated nature, coupled with support from various vendors, introduces new security challenges. This paper proposes an innovative approach to bolster the security of future O-RAN deployments by leveraging RAN slicing principles. Central to this security enhancement is the concept of secure slicing. We introduce SliceX, an xApp designed to safeguard RAN resources while ensuring strict throughput and latency requirements are met for legitimate users. Leveraging the open artificial intelligence cellular re-search (OAIC) platform, we observed that the network latency averages around ten microseconds in a default configuration without SliceX. The latency escalates to over seven seconds in the presence of a malicious user equipment (UE) flooding the net-work with requests. SliceX intervenes, restoring network latency to normal levels, with a maximum latency of approximately 2.3 s. These and other numerical findings presented in this paper affirm the tangible advantages of SliceX in mitigating security threats and ensuring that 0- RAN deployments meet stringent performance requirements. Our research demonstrates the real-world effectiveness of secure slicing, making SliceX a valuable tool for military, government, and critical infrastructure opera-tors reliant on public wireless communication networks to fulfill their security, resiliency, and performance objectives.