To address the lack of coordinated security protection between the control and user planes, and the weak native security capabilities in multi-vendor environments under the O-RAN open architecture, this paper proposes O-ZTA—the first Zero Trust Architecture (ZTA) specifically designed for O-RAN. O-ZTA deeply integrates O-RAN’s programmability and open interfaces to establish a dynamic, fine-grained cross-plane access control mechanism, incorporating SDN-driven real-time policy enforcement, behavior-based lightweight threat detection, and closed-loop response. We systematically identify and resolve three key challenges: absence of trustworthy identity anchors, difficulty in ensuring inter-plane policy consistency, and ZTA lightweight deployment under resource constraints. Experimental evaluation demonstrates that O-ZTA effectively mitigates representative internal and external attacks—including API hijacking and unauthorized RAN slicing access—while maintaining sub-millisecond signaling latency. The work delivers a theoretically grounded, implementable framework and architectural prototype for native security in wireless access networks.

Cellular networks have become foundational to modern communication, supporting a broad range of applications, from civilian use to enterprise systems and military tactical networks. The advent of fifth-generation and beyond cellular networks (B5G) introduces emerging compute capabilities into the Radio Access Network (RAN), transforming it from a traditionally closed, vendor-locked infrastructure into an open and programmable ecosystem. This evolution, exemplified by Open-RAN (O-RAN), enables the deployment of control-plane applications from diverse sources, which can dynamically influence user-plane traffic in response to real-time events. As cellular infrastructures become more disaggregated and software-driven, security becomes an increasingly critical concern. Zero-Trust Architecture (ZTA) has emerged as a promising security paradigm that discards implicit trust assumptions by acknowledging that threats may arise from both external and internal sources. ZTA mandates comprehensive and fine-grained security mechanisms across both control and user planes to contain adversarial movements and enhance breach detection and attack response actions. In this paper, we explore the adoption of ZTA in the context of 5G and beyond, with a particular focus on O-RAN as an architectural enabler. We analyze how ZTA principles align with the architectural and operational characteristics of O-RAN, and identify key challenges and opportunities for embedding zero-trust mechanisms within O-RAN-based cellular networks.