ZSM Framework for Autonomous Security Service Level Agreement Life-Cycle Management in B5G Networks

Rodrigo Asensio-Garriga, Alejandro Molina Zarca (), Jordi Ortiz, Ana Hermosilla, Hugo Ramón Pascual, Antonio Pastor and Antonio Skarmeta
Additional contact information
Rodrigo Asensio-Garriga: Department of Information and Communications Engineering, University of Murcia, 30100 Murcia, Spain
Alejandro Molina Zarca: Spanish Air Force Academy, University Center of Defense, 30729 San Javier, Spain
Jordi Ortiz: Spanish Air Force Academy, University Center of Defense, 30729 San Javier, Spain
Ana Hermosilla: Department of Information and Communications Engineering, University of Murcia, 30100 Murcia, Spain
Hugo Ramón Pascual: Telefónica I + D, 28013 Madrid, Spain
Antonio Pastor: Telefónica I + D, 28013 Madrid, Spain
Antonio Skarmeta: Department of Information and Communications Engineering, University of Murcia, 30100 Murcia, Spain

Future Internet, 2025, vol. 17, issue 2, 1-28

Abstract: In the rapidly evolving landscape of telecommunications, the integration of commercial 5G solutions and the rise of edge computing have reshaped service delivery, emphasizing the customization of requirements through network slices. However, the heterogeneity of devices and technologies in 5G and beyond networks poses significant challenges, particularly in terms of security management. Addressing this complexity, our work adopts the Zero-touch network and Service Management (ZSM) reference architecture to enable end-to-end automation of security and service management in Beyond 5G networks. This paper introduces the ZSM-based framework, which harnesses software-defined networking, network function virtualization, end-to-end slicing, and orchestration paradigms to autonomously enforce and preserve security service level agreements (SSLAs) across multiple domains that make up a 5G network. The framework autonomously manages end-to-end security slices through intent-driven closed loops at various logical levels, ensuring compliance with ETSI end-to-end network slice management standards for 5G communication services. The paper elaborates with an SSLA-triggered use case comprising two phases: proactive, wherein the framework deploys and configures an end-to-end security slice tailored to the security service level agreement specifications, and reactive, where machine learning-trained security mechanisms autonomously detect and mitigate novel beyond 5G attacks exploiting open-sourced 5G core threat vectors. Finally, the results of the implementation and validation are presented, demonstrating the practical application of this research. Interestingly, these research results have been integrated into the ETSI ZSM Proof of Concept #6: ’Security SLA Assurance in 5G Network Slices’, highlighting the relevance and impact of the study in the real world.

Keywords: ZSM; B5G; security; automation; E2E network slicing; multi-domain; MANO (search for similar items in EconPapers)
JEL-codes: O3 (search for similar items in EconPapers)
Date: 2025
References: View complete reference list from CitEc
Citations:

Downloads: (external link)
https://www.mdpi.com/1999-5903/17/2/86/pdf (application/pdf)
https://www.mdpi.com/1999-5903/17/2/86/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jftint:v:17:y:2025:i:2:p:86-:d:1589613

Access Statistics for this article

Future Internet is currently edited by Ms. Grace You

More articles in Future Internet from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().