Transport Security Considerations for the Open-RAN Fronthaul

    Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review


    The Open-RAN Fronthaul is constrained by strict high performance requirements. It transports very sensitive data over Ethernet between Radio Units and Distributed Units, including Control, User, Synchronization and Management packets. Based on the various vulnerabilities of each data plane in the fronthaul interface, it may be exposed to different types of threats that compromise the operation of the network and the users it serves. Therefore, there is an urgent need of security mechanisms to protect the Open-RAN Fronthaul based on the four pillars of security: Confidentiality, Integrity, Authenticity, and Availability. MACsec is a standard security protocol that possesses these four security features. It operates in the data-link layer and therefore provides high performance advantages over other security protocols that functions in higher layers, such as IPsec. For this reason, this paper proposes that MACsec is a persuasive potential solution for the Open-RAN Fronthaul protection. However, its applicability to secure each packet type in the fronthaul requires further independent analysis as there exists different performance requirements and network architectural deployments in the Open-RAN Fronthaul that could limit the use of MACsec.
    Original languageEnglish
    Title of host publicationProceedings of IEEE 4th 5G World Forum
    Publication date2021
    ISBN (Print)9781665443081
    Publication statusPublished - 2021
    Event2021 IEEE 4th 5G World Forum - Montreal, Canada
    Duration: 13 Oct 202115 Oct 2021


    Conference2021 IEEE 4th 5G World Forum


    • Open-RAN
    • Fronthaul
    • Security
    • MACsec


    Dive into the research topics of 'Transport Security Considerations for the Open-RAN Fronthaul'. Together they form a unique fingerprint.

    Cite this