This paper presents a security framework designed for the emerging Cloud Continuum, where cloud, edge, and extreme-edge environments operate together to support next-generation 6G services. As networks become more distributed and dynamic, traditional static security mechanisms struggle to keep pace. To address this gap, the authors introduce a Programmable Security Monitoring Platform (PSMP) that enables real-time, flexible, and adaptive security operations across heterogeneous environments. The PSMP brings together multiple security monitoring capabilities at the service, infrastructure, and network layers. As shown in Figure 1 on page 3, the platform collects logs, metrics, and network traces using tools such as Fluentd, Telegraf, Falco, and Snort3, selected based on the resource constraints of cloud, edge, or extreme-edge nodes. This information flows through a Kafka-based communication bus and is aggregated using Prometheus before being stored in InfluxDB and visualized through Grafana. The platform can automatically detect anomalies, generate alerts, and adapt its monitoring configuration based on user requirements and live network conditions.
Beyond monitoring, the paper highlights how PSMP integrates with AI/ML-driven Security-as-a-Service, forming part of a closed-loop security architecture illustrated in Figure 2 on page 4. A Security Orchestrator translates service-level security requirements into actions and coordinates AI-based analysis and mitigation. When an anomaly is detected or predicted, the orchestrator triggers corrective responses, while the Configuration Manager dynamically updates monitoring and detection rules. The authors also introduce a secure dataspace architecture (Figure 3, page 5) to support trustworthy data management across the distributed continuum. Based on data fabric and data mesh principles, this dataspace enables consistent data governance, fine-grained access control, identity-verified data sharing, and secure integration of heterogeneous sources—ensuring that AI-driven decisions rely on authenticated and integrity-preserved data. Overall, the work presents a unified vision for scalable, programmable, and automated security in 6G-oriented networks. By combining closed-loop orchestration, flexible monitoring, and secure data management, the proposed platform lays a strong foundation for protecting future distributed cloud-edge infrastructures.
Securing Networks of the Future_ A Programmable Security Monitoring Platform for Cloud Continuum