INSPIRE-5Gplus aims to make a radical shift in the security management of 5G networks and beyond at the level of platforms and vertical applications and services.
To meet this goal, INSPIRE-5Gplus will devise and implement a fully automated end-to-end smart network and service security management framework that empowers not only protection but also trustworthiness and liability in managing 5G network infrastructures across multi-domains. INSPIRE-5Gplus will ensure that the provided security is compliant with the expected Security Service Level Agreement (SSLA) and the regulation requirements.
High-level conceptual architecture
The high-level conceptual architecture of INSPIRE-5Gplus (see figure) is split into security management domains (SMDs) to support the separation of security management concerns. Each SMD is responsible for intelligent security automation of resources and services within its scope. The end-to-end (E2E) service SMD is a special SMD that manages security of end-to-end services, like, e.g., network slices that span multiple domains. The E2E service SMD coordinates between domains using orchestration.
Each SMD, including the E2E service SMD, comprises a set of functional modules that operate in an intelligent closed-loop way to provide a software-defined security orchestration and management that enforces and controls security policies of network resources and services in real-time.