Work item:
X.5Gsec-scio
Subject/title:
Framework of security capability intelligent orchestration system for IMT-2020 network
Status:
Under study
Approval process:
TAP
Type of work item:
Recommendation
Version:
New
Equivalent number:
-
Timing:
2027-01 (Medium priority)
Liaison:
NIST, 3GPP SA3
Supporting members:
China Unicom, China Mobile, China Telecom, ZTE
Summary:
As IMT networks evolve towards diversified scenarios, emerging services such as the Internet of Things and industrial internet have raised demands for dynamic adaptation and precise protection in cybersecurity. While traditional SOAR technology relies on centralized orchestration of virtualized resource pools, its limitations have become increasingly apparent. This fragmented architecture can no longer meet the complex requirements of multi-tenant SLA assurance and cross-domain policy coordination in IMT systems.
To address these challenges, this proposal presents a Security Capability Intelligent Orchestration (SCIO) system for IMT-2020 networks, with core value demonstrated across three dimensions:
1) By abstractly modelling 3GPP network function security capabilities and third-party resource pools, it constructs a cross-domain security capability catalog to expand orchestration object dimensions.
2) Utilizing an intent-driven dual-layer orchestration engine enables intelligent collaboration between endogenous network policies and cloud services, innovating control architecture.
3) Through standardized SFV and programmable interface frameworks, it supports on-demand deployment of security capabilities from core networks to edge nodes, enhancing implementation flexibility.
The recommendation analyses the requirements of the SCIO system from four perspectives: unified security capability management, dynamic security capability allocation, security-network architecture adaptation, and security capability openness. It further provides the SCIO framework and execution process that meet these requirements.
Comment:
-
Historic references: