K Sowjanya (Indian Institute of Technology Delhi), Rahul Saini (Eindhoven University of Technology), Dhiman Saha (Indian Institute of Technology Bhilai), Kishor Joshi (Eindhoven University of Technology), Madhurima Das (Indian Institute of Technology Delhi)

The A1 and R1 interfaces in Open Radio Access Networks (O-RAN) play crucial roles in facilitating RAN Intelligent Controller (RIC) communication within the RAN ecosystem. The A1 interface enables high-level policy communication between the Non-Real-Time RIC (Non-RT RIC) and the Near-Real-Time RIC (Near-RT RIC), while the R1 interface connects rApps with the Non-RT RIC to support intelligent RAN operations. Current implementations of both interfaces primarily rely on Transport Layer Security (TLS) to ensure secure communication and Role Based Access Control (RBAC) for authorization. However, the evolving landscape of cyber threats and the movement towards Zero-Trust Architecture (ZTA) demands more advanced security mechanisms. This paper explores the integration of Attribute-Based Encryption (ABE) as a security enhancement for both A1 and R1 communications. ABE offers fine-grained access control by leveraging attributes, providing greater security and flexibility compared to traditional methods. We present a comprehensive threat model, justify the adoption of ABE, and evaluate its advantages over existing solutions. Additionally, we propose a novel ABE-based framework tailored to the A1 and R1 interfaces, emphasizing its scalability, efficiency, and suitability for dynamic and distributed O-RAN environments.

View More Papers

GadgetMeter: Quantitatively and Accurately Gauging the Exploitability of Speculative...

Qi Ling (Purdue University), Yujun Liang (Tsinghua University), Yi Ren (Tsinghua University), Baris Kasikci (University of Washington and Google), Shuwen Deng (Tsinghua University)

Read More

PhantomLiDAR: Cross-modality Signal Injection Attacks against LiDAR

Zizhi Jin (Zhejiang University), Qinhong Jiang (Zhejiang University), Xuancun Lu (Zhejiang University), Chen Yan (Zhejiang University), Xiaoyu Ji (Zhejiang University), Wenyuan Xu (Zhejiang University)

Read More

Inspecting Compiler Optimizations on Mixed Boolean Arithmetic Obfuscation

Rachael Little, Dongpeng Xu (University of New Hampshire)

Read More

Security Signals: Making Web Security Posture Measurable at Scale

Michele Spagnuolo (Google), David Dworken (Google), Artur Janc (Google), Santiago Díaz (Google), Lukas Weichselbaum (Google)

Read More