The Open-RAN Fronthaul is constrained by strict high performance requirements. It transports very sensitive data over Ethernet between Radio Units and Distributed Units, including Control, User, Synchronization and Management packets. Based on the various vulnerabilities of each data plane in the fronthaul interface, it may be exposed to different types of threats that compromise the operation of the network and the users it serves. Therefore, there is an urgent need of security mechanisms to protect the Open-RAN Fronthaul based on the four pillars of security: Confidentiality, Integrity, Authenticity, and Availability. MACsec is a standard security protocol that possesses these four security features. It operates in the data-link layer and therefore provides high performance advantages over other security protocols that functions in higher layers, such as IPsec. For this reason, this paper proposes that MACsec is a persuasive potential solution for the Open-RAN Fronthaul protection. However, its applicability to secure each packet type in the fronthaul requires further independent analysis as there exists different performance requirements and network architectural deployments in the Open-RAN Fronthaul that could limit the use of MACsec.
|Title of host publication||Proceedings of IEEE 4th 5G World Forum|
|Publication status||Published - 2021|
|Event||2021 IEEE 4th 5G World Forum - Montreal, Canada|
Duration: 13 Oct 2021 → 15 Oct 2021
|Conference||2021 IEEE 4th 5G World Forum|
|Period||13/10/2021 → 15/10/2021|