Litcius/Paper detail

Security Threat Analysis and Treatment Strategy for ORAN

Chih-Ting Shen, Yue Xiao, Yi‐Wei Ma, J.L. Chen, Cheng-Mou Chiang, S.J. Chen, Y. C. Pan

20222022 24th International Conference on Advanced Communication Technology (ICACT)34 citationsDOI

Abstract

Owing to the rapid development of networks and their gradual evolution from a closed architecture to an open architecture, the open radio access network (O-RAN) has been developed and offers new possibilities. However, because the ORAN contains many new open interfaces, new information security issues may emerge. In this study, information security is discussed and a case analysis is performed based on vulnerability, exposed assets, threat models, security strategies, and test case modules. Missing authentication and authorization vulnerabilities are emphasized in this study. Affected assets such as O-RAN’s Service Management and Orchestration(SMO), Near-RT RIC, and the O1 interface are discussed, and the threat model and security solution strategy are analyzed. Test cases are implemented to verify the effectiveness of the solution strategy. It is envisioned that the case analysis and development of missing authentication and authorization performed in this study will aid future mobile communication operators in addressing information security issues.

Topics & Concepts

Computer securityComputer scienceAuthentication (law)Vulnerability (computing)Security serviceEnterprise information security architectureSecurity information and event managementOrchestrationInformation securityNetwork Access ControlVulnerability assessmentSecurity communityCloud computing securityCloud computingOperating systemPsychological resilienceArtPsychotherapistVisual artsPsychologyMusicalVehicular Ad Hoc Networks (VANETs)Opportunistic and Delay-Tolerant NetworksAdvanced Malware Detection Techniques