Conference paper
Transport Security Considerations for the Open-RAN Fronthaul
The Open-RAN Fronthaul is constrained by strict high performance requirements. It transports very sensitive data over Ethernet between Radio Units and Distributed Units, including Control, User, Synchronization and Management packets. Based on the various vulnerabilities of each data plane in the fronthaul interface, it may be exposed to different types of threats that compromise the operation of the network and the users it serves.
Therefore, there is an urgent need of security mechanisms to protect the Open-RAN Fronthaul based on the four pillars of security: Confidentiality, Integrity, Authenticity, and Availability. MACsec is a standard security protocol that possesses these four security features. It operates in the data-link layer and therefore provides high performance advantages over other security protocols that functions in higher layers, such as IPsec.
For this reason, this paper proposes that MACsec is a persuasive potential solution for the Open-RAN Fronthaul protection. However, its applicability to secure each packet type in the fronthaul requires further independent analysis as there exists different performance requirements and network architectural deployments in the Open-RAN Fronthaul that could limit the use of MACsec.
Language: | English |
---|---|
Publisher: | IEEE |
Year: | 2021 |
Pages: | 253-258 |
Proceedings: | 2021 IEEE 4<sup>th</sup> 5G World Forum |
ISBN: | 1665443081 and 9781665443081 |
Types: | Conference paper |
DOI: | 10.1109/5GWF52925.2021.00051 |
ORCIDs: | Berger, Michael Stubert |