Managing Differentiated Secure Connectivity using Intents

• URL: http://arxiv.org/abs/2509.25462v1
• Date: Mon, 29 Sep 2025 20:08:23 GMT
• Title: Managing Differentiated Secure Connectivity using Intents
• Authors: Loay Abdelrazek, Filippo Rebecchi,
• Abstract summary: We propose the concept of differentiated security levels and leveraging intents as a management framework.<n>Our work aims at advance security automation, improve adaptability, and strengthen the resilience and security posture of the next-generation mobile networks.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Mobile networks in the 5G and 6G era require to rethink how to manage security due to the introduction of new services, use cases, each with its own security requirements, while simultaneously expanding the threat landscape. Although automation has emerged as a key enabler to address complexity in networks, existing approaches lack the expressiveness to define and enforce complex, goal-driven, and measurable security requirements. In this paper, we propose the concept of differentiated security levels and leveraging intents as a management framework. We discuss the requirements and enablers to extend the currently defined intent-based management frameworks to pave the path for intent-based security management in mobile networks. Our approach formalizes both functional and non-functional security requirements and demonstrates how these can be expressed and modeled using an extended TM Forum (TMF) intent security ontology. We further discuss the required standardization steps to achieve intent-based security management. Our work aims at advance security automation, improve adaptability, and strengthen the resilience and security posture of the next-generation mobile networks.

Related papers

• PoSafeNet: Safe Learning with Poset-Structured Neural Nets [49.854863600271614]
  existing approaches often enforce multiple safety constraints uniformly or via fixed priority orders, leading to infeasibility and brittle behavior.<n>We formalize this setting as poset-structured safety, modeling safety constraints as a partially ordered set and treating safety composition as a structural property of the policy class.<n>Building on this formulation, we propose PoSafeNet, a differentiable neural safety layer that enforces safety via sequential closed-form projection.
  arXiv  Detail & Related papers  (2026-01-29T22:03:32Z)
• Advancing LLM-Based Security Automation with Customized Group Relative Policy Optimization for Zero-Touch Networks [56.2003512635877]
  6G Zero-Touch Networks (ZTNs) represent a transformative paradigm toward fully automated and intelligent network management.<n>Security automation aims to enable intelligent security management across dynamic and complex environments.
  arXiv  Detail & Related papers  (2025-12-10T10:04:11Z)
• OS-Sentinel: Towards Safety-Enhanced Mobile GUI Agents via Hybrid Validation in Realistic Workflows [77.95511352806261]
  Computer-using agents powered by Vision-Language Models (VLMs) have demonstrated human-like capabilities in operating digital environments like mobile platforms.<n>We propose OS-Sentinel, a novel hybrid safety detection framework that combines a Formal Verifier for detecting explicit system-level violations with a Contextual Judge for assessing contextual risks and agent actions.
  arXiv  Detail & Related papers  (2025-10-28T13:22:39Z)
• Bridging the Mobile Trust Gap: A Zero Trust Framework for Consumer-Facing Applications [51.56484100374058]
  This paper proposes an extended Zero Trust model designed for mobile applications operating in untrusted, user-controlled environments.<n>Using a design science methodology, the study introduced a six-pillar framework that supports runtime enforcement of trust.<n>The proposed model offers a practical and standards-aligned approach to securing mobile applications beyond pre-deployment controls.
  arXiv  Detail & Related papers  (2025-08-20T18:42:36Z)
• Toward an Intent-Based and Ontology-Driven Autonomic Security Response in Security Orchestration Automation and Response [1.0027737736304287]
  We bridge the gap between two research directions: Intent-Based Cyber Defense and Autonomic Cyber Defense.<n>We propose a unified, ontology-driven security intent definition leveraging the MITRE-D3FEND cybersecurity ontology.<n>We also propose a general two-tiered methodology for integrating such security intents into decision-theoretic Autonomic Cyber Defense systems.
  arXiv  Detail & Related papers  (2025-07-16T09:17:53Z)
• LLM Agents Should Employ Security Principles [60.03651084139836]
  This paper argues that the well-established design principles in information security should be employed when deploying Large Language Model (LLM) agents at scale.<n>We introduce AgentSandbox, a conceptual framework embedding these security principles to provide safeguards throughout an agent's life-cycle.
  arXiv  Detail & Related papers  (2025-05-29T21:39:08Z)
• Zero-Trust Foundation Models: A New Paradigm for Secure and Collaborative Artificial Intelligence for Internet of Things [61.43014629640404]
  Zero-Trust Foundation Models (ZTFMs) embed zero-trust security principles into the lifecycle of foundation models (FMs) for Internet of Things (IoT) systems.<n>ZTFMs can enable secure, privacy-preserving AI across distributed, heterogeneous, and potentially adversarial IoT environments.
  arXiv  Detail & Related papers  (2025-05-26T06:44:31Z)
• Measuring Security in 5G and Future Networks [0.0]
  Mobile networks, such as 5G and future generations such as 6G, play a pivotal role and must be considered as critical infrastructures.<n>We introduce a state machine model designed to capture the security life cycle of network functions.<n>We identify three essential security metrics -- attack surface exposure, impact of system vulnerabilities, and effectiveness of applied security controls.
  arXiv  Detail & Related papers  (2025-05-09T04:24:17Z)
• An LLM-based Self-Evolving Security Framework for 6G Space-Air-Ground Integrated Networks [49.605335601285496]
  6G space-air-ground integrated networks (SAGINs) offer ubiquitous coverage for various mobile applications.<n>We propose a novel security framework for SAGINs based on Large Language Models (LLMs)<n>Our framework produces highly accurate security strategies that remain robust against a variety of unknown attacks.
  arXiv  Detail & Related papers  (2025-05-06T04:14:13Z)
• Operationalizing Cybersecurity Knowledge: Design, Implementation & Evaluation of a Knowledge Management System for CACAO Playbooks [0.29998889086656577]
  cybersecurity playbooks are key enablers, providing a structured, reusable, and continuously improving approach to incident response.<n>The emerging Collaborative Automated Course of Action Operations (CACAO) standard defines a common machine-processable schema for cybersecurity playbooks.<n>This work presents the design, development, and evaluation of a Knowledge Management System (KMS) for managing CACAO cybersecurity playbooks.
  arXiv  Detail & Related papers  (2025-03-07T07:54:43Z)
• Intent Assurance using LLMs guided by Intent Drift [5.438862991585019]
  Intent-Based Networking (IBN) promises to align intents and business objectives with network operations--in an automated manner. In this paper, we define an assurance framework that allows us to detect and act when intent drift occurs. We leverage AI-driven policies, generated by Large Language Models (LLMs), which can quickly learn the necessary in-context requirements.
  arXiv  Detail & Related papers  (2024-02-01T16:09:19Z)
• Safe RAN control: A Symbolic Reinforcement Learning Approach [62.997667081978825]
  We present a Symbolic Reinforcement Learning (SRL) based architecture for safety control of Radio Access Network (RAN) applications. We provide a purely automated procedure in which a user can specify high-level logical safety specifications for a given cellular network topology. We introduce a user interface (UI) developed to help a user set intent specifications to the system, and inspect the difference in agent proposed actions.
  arXiv  Detail & Related papers  (2021-06-03T16:45:40Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.