Towards Zero-Trust 6GC: A Software Defined Perimeter Approach with Dynamic Moving Target Defense Mechanism
CoRR(2023)
摘要
The upcoming Sixth Generation (6G) network is projected to grapple with a
range of security concerns, encompassing access control, authentication, secure
connections among 6G Core (6GC) entities, and trustworthiness. Classical
Virtual Private Networks (VPNs), extensively deployed in Evolved Packet Core
(EPC) network infrastructure, are notoriously susceptible to a variety of
attacks, including man-in-the-middle incursions, Domain Name System (DNS)
hijacking, Denial of Service (DoS) attacks, port scanning, and persistent
unauthorized access attempts. This paper introduces the concept of Software
Defined Perimeter (SDP) as an innovative solution, providing an alternative to
VPNs with the goal of fostering a secure zero-trust milieu within the 6G Core
networks. We capitalize on the SDP controller-based authentication and
authorization mechanisms to secure the EPC network's control and data plane
functions, conceiving an architecture that is expansible to the 6G network.
Further, we augment the SDP zero-trust capabilities via the incorporation of a
dynamic component, the Moving Target Defense (MTD). This enhances the network's
resilience against attacks targeting traditionally static network environments
established via VPNs. Following rigorous testbed analysis, our proposed
framework manifests superior resilience against DoS and port scanning attacks
when juxtaposed with traditional VPN methodologies.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要