ITU-T X.1047 PDF

This Recommendation specifies:

• security requirements for network slice management and orchestration;

• security requirements for network slice subnet (NSS) management and orchestration;

• security requirements for service-based interfaces for the logical management functions

• security requirements for the interface between the network slice subnet (NSS) management and orchestration and the network function virtualization-management and orchestration (NFV-MANO) / network function management (NFM) / transport network controller (TNC) logical functions;

• a security reference architecture for network slice management and orchestration (MANO);

• how to apply the security reference architecture to the automatic creation of end-to-end (E2E) network slice with customized security capabilities, such as being isolated with fine-grained isolation policy and preventing network attacks at the edge of NSS domains;

• how to evaluate tamper-proof and access control mechanisms for network slice management data in order to make network slice management data traceable, verifiable and immutable, as well as guaranteeing that only authorized data consumers can access network slice management data based on fine-grained access control policy.

This is done in order to deploy a full-scale E2E network slicing securely for consumers, businesses and government segments.