Loay Abdelrazek

Loay Abdelrazek

Modern 5G-Advanced and emerging 6G cloud-native telecom architectures encounter unprecedented hyper-complexity, multi-layered threat vectors, and fluid structural topologies. Managing infrastructure security using manual, imperative configurations introduces a severe latency gap, presenting attackers with an exploitable window. This paper presents a declarative, autonomous, self-protecting framework based on our design and standardization of the TM Forum TR292I Security Ontology v4.0.0. Our approach leverages Description Logic (DL) and automated graph reasoning within a closed-loop execution pipeline to dynamically neutralize live threats. Crucially, the system balances functional protection expectations with non-functional resource impact considerations (e.g., latency vs. compute overhead). We validate our model-driven architecture through a structural formal verification walkthrough of a distributed Denial of Service (DDoS) attack mitigation sequence on a disaggregated Next-Generation NodeB (gNB) slice, demonstrating how automated reasoning resolves runtime constraint conflicts without human intervention.

Loay Abdelrazek, Leyli Karacay, Marin Orlic

As 6G architectures transition toward decentralized Multi-Agent Systems (MAS), ensuring secure access to shared Knowledge Bases (KB) is critical. Traditional authorization models like RBAC fail to provide the granularity required for autonomous agents interacting with Semantic-based data. This work proposes a hybrid authorization framework that integrates roles and First-Order Logic (FOL) predicates to enforce zero-trust principles at the knowledge-graph level. We eliminate permission inheritance by enforcing authorization at the triple level (Subject-Predicate-Object), ensuring agents only access metadata required for their specific functional lifecycle.