Zero-Trust Strategies for O-RAN Cellular Networks: Principles, Challenges and Research Directions
Charalampos Katsis, Imtiaz Karim, Elisa Bertino
TL;DR
This work analyzes how Zero-Trust Architecture can be embedded in Open-RAN (O-RAN) to secure disaggregated 5G and B5G networks. It maps ZTA foundations from NIST and CISA to both the control and data planes of O-RAN, identifies gaps in secure onboarding, policy enforcement, and AI/ML supply chains, and proposes a policy-driven framework that uses Near-Real-Time RIC and SMO to enforce fine-grained, stateful security policies. The paper surveys industry perspectives from Nokia and Ericsson, discusses secure procurement, monitoring, and lifecycle management of third-party components, and highlights research directions to extend ZTA to the cellular data plane, including device attestation, state synchronization, and edge enforcement. Collectively, the work argues that end-to-end ZTA is essential for trustworthy, programmable, and resilient O-RAN ecosystems and outlines concrete avenues to achieve it. It emphasizes practical steps toward scalable policy languages, continuous trust evaluation, and verifiable AI pipelines to realize security across both control and data planes in future networks.
Abstract
Cellular networks have become foundational to modern communication, supporting a broad range of applications, from civilian use to enterprise systems and military tactical networks. The advent of fifth-generation and beyond cellular networks (B5G) introduces emerging compute capabilities into the Radio Access Network (RAN), transforming it from a traditionally closed, vendor-locked infrastructure into an open and programmable ecosystem. This evolution, exemplified by Open-RAN (O-RAN), enables the deployment of control-plane applications from diverse sources, which can dynamically influence user-plane traffic in response to real-time events. As cellular infrastructures become more disaggregated and software-driven, security becomes an increasingly critical concern. Zero-Trust Architecture (ZTA) has emerged as a promising security paradigm that discards implicit trust assumptions by acknowledging that threats may arise from both external and internal sources. ZTA mandates comprehensive and fine-grained security mechanisms across both control and user planes to contain adversarial movements and enhance breach detection and attack response actions. In this paper, we explore the adoption of ZTA in the context of 5G and beyond, with a particular focus on O-RAN as an architectural enabler. We analyze how ZTA principles align with the architectural and operational characteristics of O-RAN, and identify key challenges and opportunities for embedding zero-trust mechanisms within O-RAN-based cellular networks.