{"id":"https://openalex.org/W4389313029","doi":"https://doi.org/10.1109/nfv-sdn59219.2023.10329620","title":"OZTrust: An O-RAN Zero-Trust Security System","display_name":"OZTrust: An O-RAN Zero-Trust Security System","publication_year":2023,"publication_date":"2023-11-07","ids":{"openalex":"https://openalex.org/W4389313029","doi":"https://doi.org/10.1109/nfv-sdn59219.2023.10329620"},"language":"en","primary_location":{"id":"doi:10.1109/nfv-sdn59219.2023.10329620","is_oa":false,"landing_page_url":"https://doi.org/10.1109/nfv-sdn59219.2023.10329620","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100600104","display_name":"Hao Jiang","orcid":"https://orcid.org/0000-0003-0990-6581"},"institutions":[{"id":"https://openalex.org/I223532165","display_name":"University of Utah","ror":"https://ror.org/03r0ha626","country_code":"US","type":"education","lineage":["https://openalex.org/I223532165"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Hao Jiang","raw_affiliation_strings":["School of Computing, University of Utah,Salt Lake City,United States","School of Computing, University of Utah, Salt Lake City, United States"],"affiliations":[{"raw_affiliation_string":"School of Computing, University of Utah,Salt Lake City,United States","institution_ids":["https://openalex.org/I223532165"]},{"raw_affiliation_string":"School of Computing, University of Utah, Salt Lake City, United States","institution_ids":["https://openalex.org/I223532165"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025679986","display_name":"Hyunseok Chang","orcid":"https://orcid.org/0000-0002-2840-1143"},"institutions":[{"id":"https://openalex.org/I2738502077","display_name":"Nokia (Finland)","ror":"https://ror.org/04pkc8m17","country_code":"FI","type":"company","lineage":["https://openalex.org/I2738502077"]},{"id":"https://openalex.org/I72090969","display_name":"Nokia (United States)","ror":"https://ror.org/038km2573","country_code":"US","type":"company","lineage":["https://openalex.org/I2738502077","https://openalex.org/I72090969"]}],"countries":["FI","US"],"is_corresponding":false,"raw_author_name":"Hyunseok Chang","raw_affiliation_strings":["Nokia Bell Labs,Network Systems and Security Research Department,Murray Hill,United States","Network Systems and Security Research Department, Nokia Bell Labs, Murray Hill, United States"],"affiliations":[{"raw_affiliation_string":"Nokia Bell Labs,Network Systems and Security Research Department,Murray Hill,United States","institution_ids":["https://openalex.org/I2738502077"]},{"raw_affiliation_string":"Network Systems and Security Research Department, Nokia Bell Labs, Murray Hill, United States","institution_ids":["https://openalex.org/I72090969"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008448513","display_name":"Sarit Mukherjee","orcid":"https://orcid.org/0000-0002-5861-940X"},"institutions":[{"id":"https://openalex.org/I72090969","display_name":"Nokia (United States)","ror":"https://ror.org/038km2573","country_code":"US","type":"company","lineage":["https://openalex.org/I2738502077","https://openalex.org/I72090969"]},{"id":"https://openalex.org/I2738502077","display_name":"Nokia (Finland)","ror":"https://ror.org/04pkc8m17","country_code":"FI","type":"company","lineage":["https://openalex.org/I2738502077"]}],"countries":["FI","US"],"is_corresponding":false,"raw_author_name":"Sarit Mukherjee","raw_affiliation_strings":["Nokia Bell Labs,Network Systems and Security Research Department,Murray Hill,United States","Network Systems and Security Research Department, Nokia Bell Labs, Murray Hill, United States"],"affiliations":[{"raw_affiliation_string":"Nokia Bell Labs,Network Systems and Security Research Department,Murray Hill,United States","institution_ids":["https://openalex.org/I2738502077"]},{"raw_affiliation_string":"Network Systems and Security Research Department, Nokia Bell Labs, Murray Hill, United States","institution_ids":["https://openalex.org/I72090969"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5076342321","display_name":"Jacobus Van der Merwe","orcid":"https://orcid.org/0000-0001-5148-8278"},"institutions":[{"id":"https://openalex.org/I223532165","display_name":"University of Utah","ror":"https://ror.org/03r0ha626","country_code":"US","type":"education","lineage":["https://openalex.org/I223532165"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jacobus Van der Merwe","raw_affiliation_strings":["School of Computing, University of Utah,Salt Lake City,United States","School of Computing, University of Utah, Salt Lake City, United States"],"affiliations":[{"raw_affiliation_string":"School of Computing, University of Utah,Salt Lake City,United States","institution_ids":["https://openalex.org/I223532165"]},{"raw_affiliation_string":"School of Computing, University of Utah, Salt Lake City, United States","institution_ids":["https://openalex.org/I223532165"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5100600104"],"corresponding_institution_ids":["https://openalex.org/I223532165"],"apc_list":null,"apc_paid":null,"fwci":2.8412,"has_fulltext":false,"cited_by_count":14,"citation_normalized_percentile":{"value":0.91398862,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"129","last_page":"134"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10796","display_name":"Cooperative Communication and Network Coding","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12791","display_name":"Full-Duplex Wireless Communications","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ran","display_name":"Ran","score":0.8835015296936035},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.8020431995391846},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7692681550979614},{"id":"https://openalex.org/keywords/container","display_name":"Container (type theory)","score":0.6015055179595947},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5664185881614685},{"id":"https://openalex.org/keywords/tracing","display_name":"Tracing","score":0.5650404691696167},{"id":"https://openalex.org/keywords/radio-access-network","display_name":"Radio access network","score":0.5508478283882141},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.5082018375396729},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5054547786712646},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.4821186065673828},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.4710436165332794},{"id":"https://openalex.org/keywords/network-access-control","display_name":"Network Access Control","score":0.4330100119113922},{"id":"https://openalex.org/keywords/discretionary-access-control","display_name":"Discretionary access control","score":0.41678622364997864},{"id":"https://openalex.org/keywords/role-based-access-control","display_name":"Role-based access control","score":0.39453715085983276},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.1594497263431549},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.11746320128440857},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.07688462734222412}],"concepts":[{"id":"https://openalex.org/C160704184","wikidata":"https://www.wikidata.org/wiki/Q18031028","display_name":"Ran","level":2,"score":0.8835015296936035},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.8020431995391846},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7692681550979614},{"id":"https://openalex.org/C2781018962","wikidata":"https://www.wikidata.org/wiki/Q5164884","display_name":"Container (type theory)","level":2,"score":0.6015055179595947},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5664185881614685},{"id":"https://openalex.org/C138673069","wikidata":"https://www.wikidata.org/wiki/Q322229","display_name":"Tracing","level":2,"score":0.5650404691696167},{"id":"https://openalex.org/C106365562","wikidata":"https://www.wikidata.org/wiki/Q3078360","display_name":"Radio access network","level":4,"score":0.5508478283882141},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.5082018375396729},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5054547786712646},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4821186065673828},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.4710436165332794},{"id":"https://openalex.org/C14982408","wikidata":"https://www.wikidata.org/wiki/Q11006334","display_name":"Network Access Control","level":4,"score":0.4330100119113922},{"id":"https://openalex.org/C48814466","wikidata":"https://www.wikidata.org/wiki/Q1228590","display_name":"Discretionary access control","level":4,"score":0.41678622364997864},{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.39453715085983276},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.1594497263431549},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.11746320128440857},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.07688462734222412},{"id":"https://openalex.org/C68649174","wikidata":"https://www.wikidata.org/wiki/Q1379116","display_name":"Base station","level":2,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C207029474","wikidata":"https://www.wikidata.org/wiki/Q384018","display_name":"Mobile station","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/nfv-sdn59219.2023.10329620","is_oa":false,"landing_page_url":"https://doi.org/10.1109/nfv-sdn59219.2023.10329620","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G7499104671","display_name":null,"funder_award_id":"1827940","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W2766503369","https://openalex.org/W2896287242","https://openalex.org/W2929826675","https://openalex.org/W3092382617","https://openalex.org/W3094094693","https://openalex.org/W4221148057","https://openalex.org/W4292686432","https://openalex.org/W4317796310","https://openalex.org/W4328053442","https://openalex.org/W6784004519","https://openalex.org/W6809932472"],"related_works":["https://openalex.org/W3018338683","https://openalex.org/W3037103914","https://openalex.org/W4315630224","https://openalex.org/W2148952798","https://openalex.org/W2902151128","https://openalex.org/W104163691","https://openalex.org/W2436923341","https://openalex.org/W4381187802","https://openalex.org/W4383173632","https://openalex.org/W4386533748"],"abstract_inverted_index":{"The":[0,84],"Open":[1],"Radio":[2],"Access":[3,134],"Network":[4,139],"(O-RAN)":[5],"has":[6],"gained":[7],"significant":[8],"attention":[9],"as":[10,94],"a":[11,64],"future":[12],"RAN":[13,35],"framework.":[14],"However,":[15],"its":[16,97,144],"architectural":[17],"characteristics":[18],"introduce":[19],"unprecedented":[20],"security":[21,40,45,66],"challenges":[22],"from":[23,42],"expanded":[24],"attack":[25],"surface":[26],"and":[27,34,80,89,137,142],"increased":[28],"risk":[29],"for":[30,47,69,91,129],"proprietary":[31],"data":[32],"theft":[33],"control":[36,78,99,108,128],"manipulation.":[37],"Despite":[38],"extensive":[39],"analysis":[41],"industry,":[43],"concrete":[44],"solutions":[46],"the":[48,56,70,102],"evolving":[49],"O-RAN":[50,71],"framework":[51],"are":[52],"still":[53],"lacking":[54],"in":[55],"literature.":[57],"In":[58],"this":[59],"paper,":[60],"we":[61],"propose":[62],"OZTrust,":[63],"Zero-Trust":[65],"system":[67],"tailored":[68],"environment.":[72],"OZTrust":[73,123],"comprises":[74],"two":[75],"components:":[76],"access":[77,98,107,127],"module":[79],"policy":[81],"management":[82],"module.":[83],"former":[85],"performs":[86],"per-packet":[87],"tagging":[88],"verification":[90],"each":[92],"xApp":[93],"dictated":[95],"by":[96,110],"policy,":[100],"while":[101],"latter":[103],"automatically":[104],"derives":[105],"necessary":[106],"policies":[109],"discovering":[111],"xApp's":[112],"communication":[113],"patterns":[114],"through":[115],"distributed":[116],"tracing.":[117],"Our":[118],"prototype-based":[119],"evaluation":[120],"demonstrates":[121],"that":[122],"provides":[124],"more":[125],"fine-grained":[126],"xApps":[130],"than":[131],"existing":[132],"Role-Based":[133],"Control":[135],"(RBAC)":[136],"Container":[138],"Interfaces":[140],"(CNIs)":[141],"outperforms":[143],"predecessor.":[145]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":8},{"year":2024,"cited_by_count":5}],"updated_date":"2026-03-14T08:43:22.919905","created_date":"2025-10-10T00:00:00"}