Privacy-first Security Enablers for 6G Networks

Privacy is considered a key pillar in EU research and development activities towards 6G. In the 6G multi-actor pluralistic environment, privacy is pivotal, not only for the end users, but also for all involved stakeholders; and it needs to be taken into account as a key requirement in all technologies of the network stack, including security mechanisms. In other words, the challenge for security enablers in future networks is, on the one hand, to address the significantly widened 6G threat landscape, while on the other hand to preserve the privacy of all actors in the 6G chain. Intrusive security cannot be any more considered acceptable.
In this context, the mission of PRIVATEER is to pave the way for 6G “privacy-first security” by studying, designing and developing innovative security enablers for 6G networks, following a privacy-by-design approach.
The PRIVATEER "privacy-first" 6G security framework consists of a set of enablers built around four pillars: i) decentralised robust security analytics, towards avoiding data centralisation as well as AI mechanisms hardened against adversarial actions resulting in privacy breaches; ii) privacy-aware slicing and security service orchestration, introducing "privacy intent" as an additional factor affecting network service lifecycle management; iii) distributed attestation and identity check, making authentication and integrity verification more privacy-friendly; and iv) searchable encryption mechanisms for privacy-preserving Cyber Threat Intelligence (CTI) sharing.
The integrated PRIVATEER framework will be deployed in a campus-wide B5G test network and evaluated against relevant vertical use case scenarios. The security enablers developed in PRIVATEER will complement (and be compatible with) “native” 5G/6G security controls as standardized by 3GPP for basic functionalities (network attachment, authentication, authorization etc.) to achieve a holistic, privacy-friendly security solution for future networks.

Shortly after its start, PRIVATEER has delivered an identification of the 6G threat landscape, taking into account the current technological trends and key enablers for 6G. A set of security-related KPIs and KVIs were also identified, while a separate white paper was published for this purpose. The project identified relevant use case scenarios associated with 6G threats and elicited a set of functional and non-functional requirements to drive the PRIVATEER developments. A first version of the PRIVATEER framework components was implemented, towards the fulfillment of the project's technical objectives, i.e. i) enabling privacy-preserving explainable and decentralised robust AI-driven security analytics for 6G networks; ii) introduction of user “privacy intent” in 6G slicing and orchestration, and iii) enabling privacy-preserving distributed attestation, identification and CTI-sharing within the 6G ecosystem, with specific focus on dynamic zero-trust infrastructures. All these components have been integrated into a coherent framework ("PRIVATEER Release A") on a B5G test infrastructure. In the context of end-to-end demonstration, the project has designed and implemented three workflows that verify the integration between various components, ensuring that they interact efficiently and effectively to form a cohesive system. Each workflow highlights specific functionalities of the components deployed as part of this release and demonstrates the integration between these components. Finally, towards impact maximisation, the project established its website and social media channels, as well as its Zenodo community, where the project's public documents were published, achieving remarkable engagement. The project has also achieved significant impact in standardisation, and has elaborated a plan for the exploitation of its results.

The project has delivered the following innovative results: A Report on 6G threat landscape, privacy aspects and gap analysis, a set of security/privacy-related KPIs and KVIs for 6G, as well as a set of use cases related to privacy-friendly security. It has also implemented the first version of its key innovative technical components, namely: Decentralized AI-models hardened against adversarial attacks; XAI toolbox for decentralized security analytics; Data anonymization streaming pipelines; Explainable decision-making slicing and orchestration tools with privacy-preserving capabilities; Privacy-preserving Proof-of-Transit mechanisms; Privacy-preserving CTI sharing mechanisms; Trusted and secure edge accelerators; Runtime attestation of (B)5G control plane; Blockchain-based Trust Exposure Layer for data harmonisation; and Level of Trust Assessment Enablers.