Trust Management Framework for Containerized Workloads Applications to 5G Networks

As mobile networks grow, managing the security of communication between all its internal components becomes more challenging because of the increasing number of services, network functions, and stakeholders involved. Among the different dimensions of security, trust is one that 5G communication service providers (CSP) must prioritize to provide secure services for their users. This requires a strategy for assessing trust between network assets at scale, considering the complexity of interactions, service layers, and deployment options. To address this problem, we propose a trust management framework that deals with requests to perform operations on a Kubernetes (R) cluster based on trust labels. The context of the assets is one of the attributes used in the framework, used to describe the environment in which the assets operate. In addition, we consider past interactions between the assets. Since trust is dynamic through time, it needs to be evaluated continuously. This paper focuses on defining parameters for trust that are tailored to the unique properties of the various assets involved in the operations to be secured. The proposed model is implemented in Kubernetes (R) using its admission control module. Finally, an adversary model and a threat assessment are defined to evaluate the security of the trust framework.