论文标题
6G安全的零信任体系结构
Zero Trust Architecture for 6G Security
论文作者
论文摘要
即将到来的第六代(6G)网络被认为比以前的几代更开放和异质。这挑战了常规的安全体系结构,该体系结构通常依赖于网络边界上安全周边的构建。在本文中,我们为6G网络提出了一个软件定义的零信任体系结构(ZTA),这有望建立弹性和可扩展的安全性制度。该体系结构通过涉及的控制域之间的自适应协作来实现安全的访问控制,并可以有效防止恶意访问行为,例如分布式拒绝服务(DDOS)攻击,恶意软件蔓延和零日利用。我们还介绍了该体系结构的关键设计方面,并显示了一个案例研究的仿真结果,该结果显示了ZTA对6G的有效性和鲁棒性。此外,我们讨论了开放的问题,以进一步促进这种新的建筑。
The upcoming sixth generation (6G) network is envisioned to be more open and heterogeneous than earlier generations. This challenges conventional security architectures, which typically rely on the construction of a security perimeter at network boundaries. In this article, we propose a software-defined zero trust architecture (ZTA) for 6G networks, which is promising for establishing an elastic and scalable security regime. This architecture achieves secure access control through adaptive collaborations among the involved control domains, and can effectively prevent malicious access behaviors such as distributed denial of service (DDoS) attacks, malware spread, and zero-day exploits. We also introduce key design aspects of this architecture and show the simulation results of a case study, which shows the effectiveness and robustness of ZTA for 6G. Furthermore, we discuss open issues to further promote this new architecture.