TC INT working group INT AFI published White Paper in frame of 5G PoC Project
The 5G Proof of Concept (PoC) Project of ETSI WG TC INT AFI published its White Paper #6 “Generic Framework for Multi-Domain Federated ETSI GANA Knowledge Planes (KPs) for End-to-End Autonomic (Closed-Loop) Security Management & Control for 5G Networks/Services”.
Rationale
The 5G PoC White Paper #6 has now been published, and its purpose is to lay the groundwork for the standardization of “A Generic Framework for Multi-Domain Federated ETSI GANA (Generic Autonomic Network Architecture) Knowledge Planes (KPs) for End-to-End Autonomic (Closed-Loop) Security Management & Control for 5G Networks/Services”.
The White Paper is accessible for download via the INT Wiki.
ETSI TC INT has established that E2E Autonomic (Closed-Loop) Service and Security Assurance shall be achievable through the Federation of GANA Knowledge Planes (KPs) (as Platforms) that implement components for Autonomic Management and Control (AMC) intelligence for specific network segments and domains. While such an E2E Federation of KP Platforms for multiple network segments (as domains) has to be primarily considered within a single network operator administrative domain, the E2E Federation of KPs may be extended to even span multiple network operator or enterprise network administrative domains.
Today, there is no standardized Generic Framework in the industry that fulfils the requirements described in this White Paper. Therefore, the Generic Framework proposed is candidate for standardization in ETSI. Industry moves to maximize efforts to evolve Network Automation to Autonomic and Autonomous Networks of the Future that incorporate Automated and Self-Adaptive Security Policy Management & Control through Autonomics Software (powered by AI Models).
Summary of White Paper
This white paper introduces the Generic Framework for Multi-Domain Federated ETSI GANA Knowledge Planes (KPs) for End-to-End Autonomic (Closed-Loop) Security Management & Control for 5G Slices, Networks/Services.
Why “Generic”?
Because the required Security Management-DEs (Decision-making-Elements) of the framework can be innovated by any player with competence in autonomic security management and control for networks and applicable AI algorithms for the Security-Management- DEs.
The Framework defines GANA hierarchical levels at which control-loops for autonomic security management and control can be implemented in network architectures such as 5G architectures. Key information that can be exchanged by GANA Knowledge Planes (Platforms) in federated security management and control across domains, for instance:
- detected threats that may impact a peer domain
- trust model (e.g. Reputation-based trust model)
- how security threats detection or predictions information may result in the KPs collaboratively negotiating
- adaptation strategy (self-adaptation without human involvement) for adjusting security enforcement policies to realize End-to-End self-protection and self-defense by the collaborating KPs)
This Framework provides also principles that guide implementers of Autonomic Security Management and Control Components to take into consideration the interaction with other Autonomic Management and Control components such as autonomic manager components for Autonomic Quality-of-Service(QoS) Management, Autonomic Monitoring Management, etc.
The White Paper presents Check Point (a Global Network Security Solutions Vendor/Supplier) capabilities that enable to implement various aspects of the Generic Framework for Multi-Domain Federated ETSI GANA Knowledge Planes (KPs) for End-to-End Autonomic (Closed-Loop) Security Management & Control for 5G Slices, Networks/Services.
Live Demos are planned on this and readers are encouraged to follow and join the webinars and live Demos.
The Key Takeaways of this 5G PoC White Paper are summarized as follows:
- Description of the Generic Framework for Multi-Domain Federated GANA Knowledge Planes for E2E Autonomic (Closed-Loop) Security Management & Control for 5G Slices, Networks/Services
- Why Security Analytics by the GANA Knowledge Plane (KP) Security Management DE (Decision making Element) may need to dynamically trigger and program On-Demand Monitoring of certain Traffic in the Network
- Security Functions Placement/Orchestration in 5G Networks and Autonomic/Dynamic Orchestration of Security Enforcement Policies as Driven by Network Slicing Dynamics
- Programmability Requirements for Security Functions, and Autonomic/Dynamic Security Policies Enforcement by KPs, as driven by Security Attacks Detection (including Intrusions Detections and Violations Detections) and Threats Predictions
- Implementing Self-Protection & Self-Defending Behaviors for specific Network Segments/Domains by GANA Knowledge Plane Platforms, within Single Network Operator and across Multiple Network Operators
- Knowledge Plane (KP) driven “Open-Loop” and “Closed-Loop” (Autonomic) Service and Security Assurance for SDN Environments, with a desirable capability of the Security Management-DE and the Monitoring-DE of the KP in being able to collaborate in triggering On-Demand Traffic Monitoring in the Network for Analytics of Suspected Traffic at any time as may be necessary
- The Concept of Real-Time Security Threats Repository that can be implemented as part of the so-called GANA ONIX (Overlay Network for Information eXchange) system of Federated Information Servers
- Check Point (Network Security Solutions Vendor) Capabilities that help implement the GANA based Generic Framework for E2E Autonomic Security Management and Control
- Conclusions on what should be targeted for Standardization of the Generic Framework for E2E Autonomic Security Management & Control for 5G Networks