The open radio access network (O-RAN) offers new degrees of freedom for building and operating advanced cellular networks. Emphasizing on RAN disaggregation, open interfaces, multi-vendor support, and RAN intelligent controllers (RICs), O-RAN facilitates adaptation to new applications and technology trends. Yet, this architecture introduces new security challenges. This article proposes leveraging zero trust principles for O-RAN security. We introduce zero trust RAN (ZTRAN), which embeds service authentication, intrusion detection, and secure slicing subsystems that are encapsulated as xApps. We implement ZTRAN on the open artificial intelligence cellular (OAIC) research platform and demonstrate its feasibility and effectiveness in terms of legitimate user throughput and latency figures. Our experimental analysis illustrates how ZTRAN's intrusion detection and secure slicing microservices operate effectively and in concert as part of O-RAN Alliance's containerized near-real time RIC. Research directions include exploring machine learning and additional threat intelligence feeds for improving the performance and extending the scope of ZTRAN.

中文翻译：

---

ZTRAN：为开放无线接入网络部署构建零信任安全 xApp 原型

开放式无线接入网络 (O-RAN) 为构建和运营先进蜂窝网络提供了新的自由度。 O-RAN 强调 RAN 分解、开放接口、多供应商支持和 RAN 智能控制器 (RIC)，有助于适应新的应用和技术趋势。然而，这种架构带来了新的安全挑战。本文建议利用零信任原则实现 O-RAN 安全。我们引入了零信任 RAN (ZTRAN)，它嵌入了封装为 xApp 的服务身份验证、入侵检测和安全切片子系统。我们在开放人工智能蜂窝（OAIC）研究平台上实施 ZTRAN，并在合法用户吞吐量和延迟数据方面证明了其可行性和有效性。我们的实验分析说明了 ZTRAN 的入侵检测和安全切片微服务如何作为 O-RAN 联盟容器化近实时 RIC 的一部分有效且协调地运行。研究方向包括探索机器学习和其他威胁情报源，以提高 ZTRAN 的性能并扩展其范围。