K Sowjanya (Indian Institute of Technology Delhi), Rahul Saini (Eindhoven University of Technology), Dhiman Saha (Indian Institute of Technology Bhilai), Kishor Joshi (Eindhoven University of Technology), Madhurima Das (Indian Institute of Technology Delhi)

The A1 and R1 interfaces in Open Radio Access Networks (O-RAN) play crucial roles in facilitating RAN Intelligent Controller (RIC) communication within the RAN ecosystem. The A1 interface enables high-level policy communication between the Non-Real-Time RIC (Non-RT RIC) and the Near-Real-Time RIC (Near-RT RIC), while the R1 interface connects rApps with the Non-RT RIC to support intelligent RAN operations. Current implementations of both interfaces primarily rely on Transport Layer Security (TLS) to ensure secure communication and Role Based Access Control (RBAC) for authorization. However, the evolving landscape of cyber threats and the movement towards Zero-Trust Architecture (ZTA) demands more advanced security mechanisms. This paper explores the integration of Attribute-Based Encryption (ABE) as a security enhancement for both A1 and R1 communications. ABE offers fine-grained access control by leveraging attributes, providing greater security and flexibility compared to traditional methods. We present a comprehensive threat model, justify the adoption of ABE, and evaluate its advantages over existing solutions. Additionally, we propose a novel ABE-based framework tailored to the A1 and R1 interfaces, emphasizing its scalability, efficiency, and suitability for dynamic and distributed O-RAN environments.

View More Papers

Translating C To Rust: Lessons from a User Study

Ruishi Li (National University of Singapore), Bo Wang (National University of Singapore), Tianyu Li (National University of Singapore), Prateek Saxena (National University of Singapore), Ashish Kundu (Cisco Research)

Read More

Decoupling Permission Management from Cryptography for Privacy-Preserving Systems

Ruben De Smet (Department of Engineering Technology (INDI), Department of Electronics and Informatics (ETRO), Vrije Universiteit Brussel), Tom Godden (Department of Engineering Technology (INDI), Vrije Universiteit Brussel), Kris Steenhaut (Department of Engineering Technology (INDI), Department of Electronics and Informatics (ETRO), Vrije Universiteit Brussel), An Braeken (Department of Engineering Technology (INDI), Vrije Universiteit Brussel)

Read More

Scale-MIA: A Scalable Model Inversion Attack against Secure Federated...

Shanghao Shi (Virginia Tech), Ning Wang (University of South Florida), Yang Xiao (University of Kentucky), Chaoyu Zhang (Virginia Tech), Yi Shi (Virginia Tech), Y. Thomas Hou (Virginia Polytechnic Institute and State University), Wenjing Lou (Virginia Polytechnic Institute and State University)

Read More