In 6G, mobile networks are poised to transition from monolithic structures owned and operated by single mobile network operators into multi-stakeholder networks where various parties contribute with infrastructure, resources, and services. This shift brings forth a critical challenge: Ensuring secure and trustful cross-domain access control. This paper introduces a novel technical concept and a prototype, outlining and implementing a 5G Service-based Architecture that utilizes Decentralized Identifiers and Verifiable Credentials to authenticate and authorize network functions among each other rather than relying on traditional X.509 certificates or OAuth2.0 access tokens. This decentralized approach to identity and permission management for network functions in 6G reduces the risk of a single point of failure associated with centralized public key infrastructures, unifies access control mechanisms, and paves the way for lesser complex and more trustful cross-domain key management for highly collaborative network functions of a future Service-based Architecture in 6G.

翻译：在6G时代，移动网络正从由单一移动网络运营商拥有和运营的单一结构，转变为多方贡献基础设施、资源和服务的多利益相关方网络。这一转变带来了关键挑战：确保安全可信的跨域访问控制。本文提出了一种新颖的技术概念和原型，设计并实现了利用去中心化标识符和可验证凭证进行网络功能间相互认证与授权（而非依赖传统X.509证书或OAuth2.0访问令牌）的5G服务化架构。这种面向6G网络功能的去中心化身份与权限管理方法，降低了集中式公钥基础设施带来的单点故障风险，统一了访问控制机制，并为未来6G服务化架构中高度协作的网络功能铺平了降低复杂度、增强信任的跨域密钥管理道路。