ITrust6G

Programmable security as a service

The 6th generation of mobile networks is expected to be more open than this predecessor to cope with new connectivity needs and use cases. This openness stems from new requirements on network infrastructure that involve additional actors:

  1. The increased integration of networks to capitalise on legacy networks and specific infrastructure (e.g. non-terrestrial resources) induces an increased number of infrastructure providers providing specific and heterogeneous computing resources and data plane resources to secure,
  2. The network exposure interface to create new services exposing network features, network control and data analytics with third-party applications involved new service providers and entities interacting with the capabilities of the network,
  3. The continuous upgrade of the network software fabric is anticipated to capitalise on the desegregation of network appliances into cloud-native and micro-serviced applications provided by multiple software providers. These applications are expected to come from service providers' proprietary code, commercial off-the-shelves (COTS) from solutions vendors, and open-source software (OSS) made publicly available.

Therefore, this openness is anticipated to limit capital expenditures (CapEX) and operational (OpEx) for the next generation of the network but induce several security challenges that may jeopardise (i) service-level agreement, (ii) judiciary liability and (iii) respect of legal obligation toward critical service providers (e.g. Important entities and Essential entities in NIS2 terminology).

In this use case, we propose to explore the applicability of security programmability to (i) increase the observability of network resources, (ii) decouple the security management from the technical context of resources to facilitate security orchestration, and (iii) compose adequate security enablers to ensure scalability, minimum security overhead, and facilitate security self-configuration.

Type of experiment:
Proof of Concept

Functionality:
Cloud-Native Architecture

Location(s):
Spain

Vertical sector(s):
Security/ PPDR

ITrust6G


Duration:

GA Number: 101139198

SNS JU Call (Stream):
Call 2
Stream B