K Sowjanya (Indian Institute of Technology Delhi), Rahul Saini (Eindhoven University of Technology), Dhiman Saha (Indian Institute of Technology Bhilai), Kishor Joshi (Eindhoven University of Technology), Madhurima Das (Indian Institute of Technology Delhi)

The A1 and R1 interfaces in Open Radio Access Networks (O-RAN) play crucial roles in facilitating RAN Intelligent Controller (RIC) communication within the RAN ecosystem. The A1 interface enables high-level policy communication between the Non-Real-Time RIC (Non-RT RIC) and the Near-Real-Time RIC (Near-RT RIC), while the R1 interface connects rApps with the Non-RT RIC to support intelligent RAN operations. Current implementations of both interfaces primarily rely on Transport Layer Security (TLS) to ensure secure communication and Role Based Access Control (RBAC) for authorization. However, the evolving landscape of cyber threats and the movement towards Zero-Trust Architecture (ZTA) demands more advanced security mechanisms. This paper explores the integration of Attribute-Based Encryption (ABE) as a security enhancement for both A1 and R1 communications. ABE offers fine-grained access control by leveraging attributes, providing greater security and flexibility compared to traditional methods. We present a comprehensive threat model, justify the adoption of ABE, and evaluate its advantages over existing solutions. Additionally, we propose a novel ABE-based framework tailored to the A1 and R1 interfaces, emphasizing its scalability, efficiency, and suitability for dynamic and distributed O-RAN environments.

View More Papers

A Large-Scale Measurement Study of the PROXY Protocol and...

Stijn Pletinckx (University of California, Santa Barbara), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara)

Read More

Generating API Parameter Security Rules with LLM for API...

Jinghua Liu (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, China), Yi Yang (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, China), Kai Chen (Institute of Information Engineering, Chinese Academy of…

Read More

ReThink: Reveal the Threat of Electromagnetic Interference on Power...

Fengchen Yang (Zhejiang University; ZJU QI-ANXIN IoT Security Joint Labratory), Zihao Dan (Zhejiang University; ZJU QI-ANXIN IoT Security Joint Labratory), Kaikai Pan (Zhejiang University; ZJU QI-ANXIN IoT Security Joint Labratory), Chen Yan (Zhejiang University; ZJU QI-ANXIN IoT Security Joint Labratory), Xiaoyu Ji (Zhejiang University; ZJU QI-ANXIN IoT Security Joint Labratory), Wenyuan Xu (Zhejiang University; ZJU…

Read More