Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Hierarchical Micro-Segmentations for Zero-Trust Services via Large Language Model (LLM)-enhanced Graph Diffusion

Yinqiu Liu, Guangyuan Liu, Hongyang Du, Dusit Niyato, Jiawen Kang, Zehui Xiong, Dong In Kim, Xuemin Shen

TL;DR

This paper model zero-trust networks via hierarchical graphs via hierarchical graphs, thereby jointly considering the resource- and trust-level features to optimize service efficiency and presents LEGD-Adaptive Maintenance (LEGD-AM), providing an adaptive way to perform task-oriented fine-tuning on LEGD.

Abstract

In the rapidly evolving Next-Generation Networking (NGN) era, the adoption of zero-trust architectures has become increasingly crucial to protect security. However, provisioning zero-trust services in NGNs poses significant challenges, primarily due to the environmental complexity and dynamics. Motivated by these challenges, this paper explores efficient zero-trust service provisioning using hierarchical micro-segmentations. Specifically, we model zero-trust networks via hierarchical graphs, thereby jointly considering the resource- and trust-level features to optimize service efficiency. We organize such zero-trust networks through micro-segmentations, which support granular zero-trust policies efficiently. To generate the optimal micro-segmentation, we present the Large Language Model-Enhanced Graph Diffusion (LEGD) algorithm, which leverages the diffusion process to realize a high-quality generation paradigm. Additionally, we utilize policy boosting and Large Language Models (LLM) to enable LEGD to optimize the generation policy and understand complicated graphical features. Moreover, realizing the unique trustworthiness updates or service upgrades in zero-trust NGN, we further present LEGD-Adaptive Maintenance (LEGD-AM), providing an adaptive way to perform task-oriented fine-tuning on LEGD. Extensive experiments demonstrate that the proposed LEGD achieves 90% higher efficiency in provisioning services compared with other baselines. Moreover, the LEGD-AM can reduce the service outage time by over 50%.

Hierarchical Micro-Segmentations for Zero-Trust Services via Large Language Model (LLM)-enhanced Graph Diffusion

TL;DR

This paper model zero-trust networks via hierarchical graphs via hierarchical graphs, thereby jointly considering the resource- and trust-level features to optimize service efficiency and presents LEGD-Adaptive Maintenance (LEGD-AM), providing an adaptive way to perform task-oriented fine-tuning on LEGD.

Abstract

In the rapidly evolving Next-Generation Networking (NGN) era, the adoption of zero-trust architectures has become increasingly crucial to protect security. However, provisioning zero-trust services in NGNs poses significant challenges, primarily due to the environmental complexity and dynamics. Motivated by these challenges, this paper explores efficient zero-trust service provisioning using hierarchical micro-segmentations. Specifically, we model zero-trust networks via hierarchical graphs, thereby jointly considering the resource- and trust-level features to optimize service efficiency. We organize such zero-trust networks through micro-segmentations, which support granular zero-trust policies efficiently. To generate the optimal micro-segmentation, we present the Large Language Model-Enhanced Graph Diffusion (LEGD) algorithm, which leverages the diffusion process to realize a high-quality generation paradigm. Additionally, we utilize policy boosting and Large Language Models (LLM) to enable LEGD to optimize the generation policy and understand complicated graphical features. Moreover, realizing the unique trustworthiness updates or service upgrades in zero-trust NGN, we further present LEGD-Adaptive Maintenance (LEGD-AM), providing an adaptive way to perform task-oriented fine-tuning on LEGD. Extensive experiments demonstrate that the proposed LEGD achieves 90% higher efficiency in provisioning services compared with other baselines. Moreover, the LEGD-AM can reduce the service outage time by over 50%.
Paper Structure (44 sections, 27 equations, 15 figures, 1 algorithm)

This paper contains 44 sections, 27 equations, 15 figures, 1 algorithm.

Table of Contents

  1. Introduction
  2. Related Work and Motivation
  3. Zero-trust Network Architecture
  4. Micro-segmentation
  5. Graph Neural Networks in Networking
  6. System Model: Hierarchical Micro-Segmentations for Zero-trust Services
  7. Network Modeling via Hierarchical Graph
  8. Stakeholder
  9. Network
  10. Zero-Trust Policy and Micro-segmentation
  11. Physical Resources Models
  12. Service Latency
  13. Service Throughput
  14. Zero-Trust Model
  15. Trustworthiness-aware Service Accomplishment
  16. ...and 29 more sections

Figures (15)

  • Figure 1: System model. A: The illustration of a three-step SFC. B: The zero-trust network modeling using a hierarchical graph.
  • Figure 2: A: The illustration of two micro-segmentations (marked by gray and yellow, respectively) over the trust layer of Fig. 1. B: The zero-trust policy. C: The calculation of $E_s$ on node $v_1$. D: The example to explain trustworthiness equilibrium.
  • Figure 3: The illustration of LEGD algorithm. A: The layer fusion and one-hot embeddings of the graph structure. B: The illustration of the denoising process and the trajectory collection module. C: The architecture design of the denoising network.
  • Figure 4: The illustration of an interest zone. A: The zero-trust network and the original micro-segmentation. Note that a type-2 node is removed due to over-low trustworthiness. B: 1-degree interest zone, which is highlighted by pink circles, including all remaining type-2 nodes and their 1-degree neighbors. C: 2-degree interest zone, adding the 2-degree neighbors, which are highlighted in orange. The nodes marked by black crosses will be marked and filtered by the adaptive mask.
  • Figure 5: The generation and activation of heuristic filters by the LLM-empowered agent.
  • ...and 10 more figures

Theorems & Definitions (4)

  • Remark 1
  • Remark 2
  • Remark 3
  • Definition 1