Zero-Trust Strategies for O-RAN Cellular Networks: Principles, Challenges and Research Directions
- URL: http://arxiv.org/abs/2511.18568v1
- Date: Sun, 23 Nov 2025 18:25:19 GMT
- Title: Zero-Trust Strategies for O-RAN Cellular Networks: Principles, Challenges and Research Directions
- Authors: Charalampos Katsis, Imtiaz Karim, Elisa Bertino,
- Abstract summary: Zero-Trust Architecture (ZTA) has emerged as a promising security paradigm that discards implicit trust assumptions.<n>ZTA mandates comprehensive and fine-grained security mechanisms across both control and user planes to contain adversarial movements.<n>This paper explores the adoption of ZTA in the context of 5G and beyond, with a particular focus on Open-RAN (O-RAN) as an architectural enabler.
- Score: 9.311361097270153
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Cellular networks have become foundational to modern communication, supporting a broad range of applications, from civilian use to enterprise systems and military tactical networks. The advent of fifth-generation and beyond cellular networks (B5G) introduces emerging compute capabilities into the Radio Access Network (RAN), transforming it from a traditionally closed, vendor-locked infrastructure into an open and programmable ecosystem. This evolution, exemplified by Open-RAN (O-RAN), enables the deployment of control-plane applications from diverse sources, which can dynamically influence user-plane traffic in response to real-time events. As cellular infrastructures become more disaggregated and software-driven, security becomes an increasingly critical concern. Zero-Trust Architecture (ZTA) has emerged as a promising security paradigm that discards implicit trust assumptions by acknowledging that threats may arise from both external and internal sources. ZTA mandates comprehensive and fine-grained security mechanisms across both control and user planes to contain adversarial movements and enhance breach detection and attack response actions. In this paper, we explore the adoption of ZTA in the context of 5G and beyond, with a particular focus on O-RAN as an architectural enabler. We analyze how ZTA principles align with the architectural and operational characteristics of O-RAN, and identify key challenges and opportunities for embedding zero-trust mechanisms within O-RAN-based cellular networks.
Related papers
- MobiLLM: An Agentic AI Framework for Closed-Loop Threat Mitigation in 6G Open RANs [13.455356391515913]
We present an agentic AI framework for fully automated, end-to-end threat mitigation in 6G O-RAN environments.<n> MobiLLM orchestrates security through a modular multi-agent system powered by Large Language Models.<n>Initial evaluations demonstrate that MobiLLM can effectively identify and orchestrate complex mitigation strategies.
arXiv Detail & Related papers (2025-09-25T21:49:43Z) - Bridging the Mobile Trust Gap: A Zero Trust Framework for Consumer-Facing Applications [51.56484100374058]
This paper proposes an extended Zero Trust model designed for mobile applications operating in untrusted, user-controlled environments.<n>Using a design science methodology, the study introduced a six-pillar framework that supports runtime enforcement of trust.<n>The proposed model offers a practical and standards-aligned approach to securing mobile applications beyond pre-deployment controls.
arXiv Detail & Related papers (2025-08-20T18:42:36Z) - Generative AI-Empowered Secure Communications in Space-Air-Ground Integrated Networks: A Survey and Tutorial [107.26005706569498]
Space-air-ground integrated networks (SAGINs) face unprecedented security challenges due to their inherent characteristics.<n>Generative AI (GAI) is a transformative approach that can safeguard SAGIN security by synthesizing data, understanding semantics, and making autonomous decisions.
arXiv Detail & Related papers (2025-08-04T01:42:57Z) - Large AI Model-Enabled Secure Communications in Low-Altitude Wireless Networks: Concepts, Perspectives and Case Study [92.15255222408636]
Low-altitude wireless networks (LAWNs) have the potential to revolutionize communications by supporting a range of applications.<n>We investigate some large artificial intelligence model (LAM)-enabled solutions for secure communications in LAWNs.<n>To demonstrate the practical benefits of LAMs for secure communications in LAWNs, we propose a novel LAM-based optimization framework.
arXiv Detail & Related papers (2025-08-01T01:53:58Z) - Zero-Trust Foundation Models: A New Paradigm for Secure and Collaborative Artificial Intelligence for Internet of Things [61.43014629640404]
Zero-Trust Foundation Models (ZTFMs) embed zero-trust security principles into the lifecycle of foundation models (FMs) for Internet of Things (IoT) systems.<n>ZTFMs can enable secure, privacy-preserving AI across distributed, heterogeneous, and potentially adversarial IoT environments.
arXiv Detail & Related papers (2025-05-26T06:44:31Z) - An LLM-based Self-Evolving Security Framework for 6G Space-Air-Ground Integrated Networks [49.605335601285496]
6G space-air-ground integrated networks (SAGINs) offer ubiquitous coverage for various mobile applications.<n>We propose a novel security framework for SAGINs based on Large Language Models (LLMs)<n>Our framework produces highly accurate security strategies that remain robust against a variety of unknown attacks.
arXiv Detail & Related papers (2025-05-06T04:14:13Z) - Rogue Cell: Adversarial Attack and Defense in Untrusted O-RAN Setup Exploiting the Traffic Steering xApp [24.941343115166436]
Open Radio Access Network (O-RAN) architecture is revolutionizing cellular networks with its open, multi-vendor design and AI-driven management.<n>Previous studies have mainly examined vulnerabilities arising from O-RAN's intelligent components.<n>This paper is the first to focus on the security challenges and vulnerabilities introduced by transitioning from single-operator to multi-operator RAN architectures.
arXiv Detail & Related papers (2025-05-03T13:19:44Z) - Towards Secure Intelligent O-RAN Architecture: Vulnerabilities, Threats and Promising Technical Solutions using LLMs [12.016792293867278]
Open radio access network (O-RAN) is a new concept defining an intelligent architecture with enhanced flexibility, openness, and the ability to slice services more efficiently.
In this paper, we present an in-depth security analysis of the O-RAN architecture.
We discuss the potential threats that may arise in the different O-RAN architecture layers and their impact on the Confidentiality, Integrity, and Availability (CIA) triad.
arXiv Detail & Related papers (2024-11-13T14:31:52Z) - Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
We investigate the security implications of and software-based Open Radio Access Network (RAN) systems.
We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
arXiv Detail & Related papers (2024-05-03T07:18:45Z) - Implementing and Evaluating Security in O-RAN: Interfaces, Intelligence, and Platforms [18.106587432715155]
The Open Radio Access Network (RAN) builds on top of cloud-based, multi-vendor, open and intelligent architectures to shape the next generation of cellular networks for 5G and beyond.
This article is the first work in approaching the security aspect of O-RAN holistically and with experimental evidence obtained on a state-of-the-art programmable O-RAN platform.
arXiv Detail & Related papers (2023-04-21T17:02:35Z) - Intelligent Zero Trust Architecture for 5G/6G Tactical Networks:
Principles, Challenges, and the Role of Machine Learning [4.314956204483074]
We highlight the challenges and introduce the concept of an intelligent zero trust architecture (i-ZTA) as a security framework in 5G/6G networks with untrusted components.
This paper presents the architectural design of an i-ZTA upon which modern artificial intelligence (AI) algorithms can be developed to provide information security in untrusted networks.
arXiv Detail & Related papers (2021-05-04T13:14:29Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.