A Standardized Ontology for Intent-Based Security Management in Autonomous Networks

Abstract

Modern 5G-Advanced and emerging 6G architectures face complex, multi-layered threat vectors that outpace traditional manual security configurations. Shifting security management towards autonomous, self-protecting operation requires formal semantic frameworks. This work specifies the TM Forum TR292I Security Ontology v4.0.0, a standardized Resource Description Framework Schema (RDFS) compliant vocabulary for declarative security management. By natively extending the TM Forum Intent Common Model (ICM), the ontology decouples high-level security goals from underlying technical controls. Crucially, it embeds resource cost mapping properties to ensure autonomous mitigation actions safeguard Service Level Agreements (SLAs). We validate this model-driven architecture through a formal semantic walkthrough of a distributed Denial of Service (DDoS) mitigation sequence on a disaggregated Next-Generation NodeB (gNB) slice using W3C Turtle and SPARQL. The results demonstrate that runtime constraint conflicts are resolved dynamically without human intervention, establishing a reproducible framework for standardized, intent-driven network security orchestration.