Abstract: Provided are apparatus, method, and device capable of forwarding E2 communication a network. According to embodiments, the apparatus may include: at least one memory storage storing computer-executable instructions; and at least one processor communicatively coupled to the at least one memory storage, wherein the at least one processor may be configured to execute the instructions to: obtain a mapping between a first IP address of an instance of E2 Termination deployed at the Near-RT RIC and at least one second IP address of at least one E2 node associated with the instance of E2 Termination; receive a data from an E2 node; determine whether to directly transmit the data to the instance of E2 Termination based on the mapping.

Abstract: A system, method and device for enhanced authentication of network elements are provided. The device may be configured to: obtain device information from a network element, transmit the obtained device information to a storage device in order to determine whether the network element supports authentication in accordance with a first authentication protocol, based on determining that the network element supports the authentication in accordance with the first authentication protocol, facilitate authentication of the network element with a first authentication server configured to perform the authentication in accordance with the first authentication protocol, and based on determining that the network element does not support the authentication in accordance with the first authentication protocol, facilitate the authentication of the network element with at least one server configured to perform authentication in accordance with a second authentication protocol.

Abstract: A method performed by at least one processor includes detecting an onboarding of an application. The method further includes determining one or more application properties of the application in response to the detecting. The method further includes generating a protection program based on the one or more application properties. The method further includes deploying the protection program. The protection program provides a mitigation action in response to a detection of an attack on the application.

Abstract: A system and method of selecting a cryptography algorithm within a network. The method can include receiving network data from a one or more network interfaces or network elements; analyzing the network data to identify a cryptography algorithm from a plurality of cryptography algorithms; and identifying the cryptography algorithm from the plurality of cryptography algorithms based on at least one of the following parameters: network security level, network criticality, or energy efficiency. In addition, the step of analyzing the network data to identify the cryptography algorithm may further include receiving a plurality of identifiers associated with the network data, wherein the plurality of identifiers are each further associated with a degree of importance in connection with the network security level parameter.

Abstract: A method of providing secure connections between a shared network node and a plurality of network nodes of different mobile network operators (MNOs) is provided. The method includes: receiving, by a first network node of a first MNO among the different MNOs, a digital certificate issued to the first network node from a public key infrastructure (PKI) service provider, the PKI service provider having a trust relationship with the different MNOs; establishing, by the first network node, a secure connection with a second network node of the first MNO using the issued digital certificate and based on the trust relationship; and establishing, by the first network node, a secure connection with a third network node of a second MNO, among the different MNOs, using the issued digital certificate and based on the trust relationship.

Abstract: A system, method and device for enhanced authentication of network elements are provided. The device may be configured to: obtain device information from a network element, transmit the obtained device information to a storage device in order to determine whether the network element supports authentication in accordance with a first authentication protocol, based on determining that the network element supports the authentication in accordance with the first authentication protocol, facilitate authentication of the network element with a first authentication server configured to perform the authentication in accordance with the first authentication protocol, and based on determining that the network element does not support the authentication in accordance with the first authentication protocol, facilitate the authentication of the network element with at least one server configured to perform authentication in accordance with a second authentication protocol.

Abstract: A method, performed by at least one processor of a trust broker, for establishing trust of vendor-supplied Open Radio Access Network (O-RAN) software, includes: receiving a plurality of O-RAN software from a plurality of O-RAN software vendors, the plurality of O-RAN software respectively signed by the plurality of O-RAN software vendors; for a software, among the plurality of O-RAN software, verifying a signature included with the software using a vendor certificate issued by a certificate authority (CA) of the corresponding vendor; based on successful verification of the signature, performing a software attestation with respect to the software using a digital certificate issued by a CA of the trust broker; and providing the attested software to an operator corresponding to the O-RAN system and with which the trust broker has a trust relationship.