The advancement of 5G and NextG networks through Open Radio Access Network (O-RAN) architecture enables a shift toward virtualized, modular, and disaggregated configurations. A core component of O-RAN is the RAN Intelligent Controller (RIC), which manages RAN using machine learning-driven xApps that access sensitive data from RAN and User Equipment (UE), stored in the near Real-Time RIC (Near-RT RIC) database. This shared, open environment increases the risk of unauthorized data exposure. To address these concerns, this paper proposes a zero-trust RIC (ZT-RIC) framework that preserves data privacy across the RIC platform, including the RIC database, xApps, and E2 interface. ZT-RIC employs Inner Product Functional Encryption (IPFE) to encrypt RAN/UE data at the base station, preventing leaks through the E2 interface and shared database. Additionally, ZT-RIC enables xApps to perform inference on encrypted data without exposing sensitive information. For evaluation, a state-of-the-art InterClass xApp, which detects jamming signals using RAN key performance metrics (KPMs), is implemented. Testing on an LTE/5G O-RAN testbed shows that ZT-RIC preserves data confidentiality while achieving 97.9% accuracy in jamming detection and meeting sub-second latency requirements, with a round-trip time (RTT) of 0.527 seconds.
翻译:通过开放无线接入网络(O-RAN)架构推动的5G及下一代网络发展,正促使网络向虚拟化、模块化与解耦式配置转型。O-RAN的核心组件是无线接入网智能控制器(RIC),其通过机器学习驱动的xApp管理无线接入网,这些xApp需访问来自无线接入网和用户设备(UE)并存储于近实时RIC(Near-RT RIC)数据库中的敏感数据。这种共享开放环境增加了数据非授权暴露的风险。为解决这一问题,本文提出一种零信任RIC(ZT-RIC)框架,该框架能在包括RIC数据库、xApp及E2接口在内的整个RIC平台上保障数据隐私。ZT-RIC采用内积功能加密(IPFE)技术在基站端对无线接入网/用户设备数据进行加密,从而防止数据通过E2接口和共享数据库泄露。此外,ZT-RIC支持xApp在加密数据上执行推理运算而无需暴露敏感信息。为进行评估,我们实现了一个先进的InterClass xApp,该应用利用无线接入网关键性能指标(KPM)检测干扰信号。在LTE/5G O-RAN测试平台上进行的实验表明,ZT-RIC在保障数据机密性的同时,实现了97.9%的干扰检测准确率,并满足亚秒级时延要求——其往返时间(RTT)仅为0.527秒。