TR292I Security Ontology v3.5.0

The ontology model defined in this document defines the necessary vocabulary that can be used in the security domain. The focus of this document is the specification of how a security intent is expressed.

The complexity of managing a mobile network such as 5G and future networks like 6G has kept increasing due to the various subsystems, technologies, and services that must be supported. Additionally, there are new emerging and evolving attacks on different computing stacks, that are getting more complex, distributed, and targeted. To ensure smooth and resilient operation, scalability, proper configuration of the multitude of settings, policies, and service parameters, including those required for secure operations, is required. Adopting zero-touch and autonomous capabilities (i.e., self-protection capabilities) to security will support facilitating a more risk-based decision-making for security teams, simplify management, automate deployments and enhance security KPIs, for example reducing Mean Time To Detect (MTTD) and Mean Time to Response (MTTR), and reduce human intervention to ensure faster automation loops to provision controls, and detect, respond and prevent against threats.