FORM 2
THE PATENTS ACT, 1970
(39 OF 1970)
&
THE PATENT RULES, 2003
COMPLETE SPECIFICATION
(See section 10 and rule 13)
“METHOD AND SYSTEM FOR BUILDING SECURITY AND COMPLIANCE ON ONE OR MORE NETWORK FUNCTIONS
(NFs)”
We, Jio Platforms Limited, an Indian National, of Office - 101, Saffron, Nr. Centre Point, Panchwati 5 Rasta, Ambawadi, Ahmedabad - 380006, Gujarat, India.
The following specification particularly describes the invention and the manner in which it is to be performed.

METHOD AND SYSTEM FOR BUILDING SECURITY AND COMPLIANCE ON ONE OR MORE NETWORK FUNCTIONS (NFs)
FIELD OF THE DISCLOSURE
[0001] Embodiments of the present disclosure generally relate to methods and systems for building security and compliance on one or more network functions (NFs). More particularly, embodiments of the present disclosure relate to baseline and vulnerability assessment in a telecommunication network.
BACKGROUND
[0002] The following description of the related art is intended to provide background information pertaining to the field of the disclosure. This section may include certain aspects of the art that may be related to various features of the present disclosure. However, it should be appreciated that this section is used only to enhance the understanding of the reader with respect to the present disclosure, and not as admissions of the prior art.
[0003] Wireless communication technology has rapidly evolved over the past few decades, with each generation bringing significant improvements and advancements. The first generation of wireless communication technology was based on analog technology and offered only voice services. However, with the advent of the second-generation (2G) technology, digital communication and data services became possible, and text messaging was introduced. 3G technology marked the introduction of high-speed internet access, mobile video calling, and location-based services. The fourth-generation (4G) technology revolutionized wireless communication with faster data speeds, better network coverage, and improved security. Currently, the fifth-generation (5G) technology is being deployed, promising even faster data speeds, low latency, and the ability to connect multiple devices simultaneously. With each generation, wireless communication

technology has become more advanced, sophisticated, and capable of delivering more services to its users.
[0004] In the 5G communication system, there is provided a plurality of network functions (NFs), for example an Access and Mobility Management Function (AMF), session management function (SMF), Authentication Server function (AUSF), a Network Slice Selection Function (NSSF), Policy control function (PCF), a Network Repository Function (NRF), Network Exposure Function (NEF) and the like. One or more of the aforementioned NFs communicates with each other, to implement multiple activities on the 5G communication system. For example, NEF is one of the key network functions, which supports for creating new services in network domain, such as data and network services, easily available for communication service providers and third-party domains.
[0005] In 5G communication systems, during installation of any operating system, such as, Red Hat Enterprise Linux (RHEL) OS, in the different nodes of communication network, OS comes with bundles of RPM packages, which may provide and support different types of functionalities and services. These packages may be present in a bulk number and may enable support for different services. When OS installation is performed, due to these bulk packages, the possibility of attacks in the communication system may increase. Since, these packages support many unwanted services such as, NFS, SAMBA etc., modules and functionalities, which are useless and not required for the network nodes and therefore may be ignored for upgradation and for performing security compliances. NFS is a network file sharing protocol that defines the way files are stored and retrieved from storage devices across networks. NFS is primarily designed for Unix-like operating systems, such as Linux and macOS, but can also be used on Windows with third-party client software. SAMBA is a file sharing protocol primarily designed to integrate non-Windows systems with Windows environments, allowing file sharing between Windows and other operating systems. Further, these unwanted and unused services may cause cyber-attacks. Therefore, security compliance of a

communication network becomes essential to keep such useless and unwanted services, modules and functionalities in compliance with security standards. Further, in conventional manner, for closing or disabling such network function nodes and/or compliance point nodes for different OS version, which have unwanted services or modules are done by manual procedures, which are prone to errors and take significant amount of time.
[0006] Thus, there exists an imperative need in the art to provide an efficient system and method for securing communication network from possible threats of attacks and security breaches by monitoring the operating system (OS) and scaling down the OS as per requirements, by removing unwanted non-used packages, by monitoring the vulnerable services which are not required for the OS, by installing only dedicated required services on the system. The present system and method provide a baseline and vulnerability assessment in an automated way. The present disclosure provides a system and method which automatically closes Infrastructural and Cloud native InfoSec security points for different OS version in communication network such as 5GCN (5G Core Network) stack at scale. The present system and method may close all industry standard points like disable unwanted services such as NFS, SAMBA etc, disable permit root login, configure Network Time Protocol (NTP) or chrony at multiple points. The chrony is a versatile implementation of the Network Time Protocol (NTP). It can synchronise the system clock with NTP servers and reference clocks (e.g. GPS receiver). The present disclosure provides a system and a method which provides baseline and vulnerability assessment in an automated way using a single platform. Instead of running never-ending compliance scans, baseline assessment helps to continuously and effortlessly monitor an organization's security baseline compliance and identify changes in real time. A security baseline profile is created which is a customized profile that can be created to assess and monitor endpoints in the organization against industry security benchmarks. When a security baseline profile is created, a template is created that consists of multiple device configuration settings and a base benchmark to compare against. Further, a vulnerability assessment is a systematic review of security

weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed.
SUMMARY
[0007] This section is provided to introduce certain aspects of the present disclosure in a simplified form that are further described below in the detailed description. This summary is not intended to identify the key features or the scope of the claimed subject matter.
[0008] An aspect of the present disclosure may relate to a method for building security and compliance on one or more network functions (NFs). The method comprises checking, by a transceiver unit, at an automation node, connectivity with the one or more network functions (NFs). The method further comprises selecting, by a processing unit, at the automation node, one or more interfaces associated with the one or more NFs. The method further comprises triggering, by an execution unit, from the automation node, a security and compliance automation task on the one or more NFs via the associated one or more interfaces. Further, the method comprises sending, by the transceiver unit from the automation node, a response for the triggered security and compliance automation task for the one or more NFs to a user interface.
[0009] In an exemplary aspect of the present disclosure, the automation node is a jump server.
[0010] In another exemplary aspect of the present disclosure, the one or more NFs are provided at the user interface.

[0011] In another exemplary aspect of the present disclosure, the security and compliance automation task is performed remotely on the one or more NFs via the associated one or more interface(s) from the automation node.
[0012] In another exemplary aspect of the present disclosure, triggering the security and compliance automation task, comprises identifying, by the execution unit, at the automation node, an operating system version for each of the one or more NFs. Then the method comprises running, by the execution unit, from the automation node, at least one of script(s), instruction (s), command(s) and a set of code (s) on the one or more NFs based on the identified OS version for each of the one or more NFs. The method also comprises performing, by the execution unit, from the automation node, configuration changes for each of the associated one or more interfaces of the one or more NFs.
[0013] In another exemplary aspect of the present disclosure, the triggered security and compliance automation task detects at least one of a security breach, a compliance violation, and a vulnerable service for the one or more NFs.
[0014] In another exemplary aspect of the present disclosure, the security and compliance automation task comprises a baseline and vulnerability assessment automation.
[0015] In another exemplary aspect of the present disclosure, the automation node sends the response with at least one of a notification and a task completion status of the security and compliance automation task to the user interface.
[0016] Another aspect of the present disclosure may relate to a system for building security and compliance on one or more network functions (NFs). The system comprises a transceiver unit, a processing unit, and an execution unit connected with each other. The transceiver unit is configured to check at an automation node, connectivity with the one or more network functions (NFs). The processing unit

configured to select, at the automation node, one or more interfaces associated with the one or more NFs. The execution unit is configured to trigger, from the automation node, a security and compliance automation task on the one or more NFs via the associated one or more interfaces. The transceiver unit is further configured to send, from the automation node, a response for the triggered security and compliance automation task for the one or more NFs to a user interface.
[0017] Yet another aspect of the present disclosure may relate to a non-transitory computer readable storage medium storing one or more instructions for building security and compliance on one or more network functions (NFs), the one or more instructions include executable code which, when executed by one or more units of a system, causes the one or more units to perform certain functions. The one or more instructions when executed causes a transceiver unit of the system to check, at an automation node, connectivity with the one or more network functions (NFs). The one or more instructions when executed further causes a processing unit to select, at the automation node, one or more interfaces associated with the one or more NFs. The one or more instructions when executed further causes an execution unit to trigger, from the automation node, a security and compliance automation task on the one or more NFs via the associated one or more interfaces. The one or more instructions when executed further causes the transceiver unit to send, from the automation node, a response for the triggered security and compliance automation task for the one or more NFs to a user interface.
OBJECTS OF THE DISCLOSURE
[0018] Some of the objects of the present disclosure, which at least one embodiment disclosed herein satisfies are listed herein below.
[0019] It is an object of the present disclosure to provide a system and a method for building security and compliance on one or more network functions (NFs).

[0020] It is an object of the present disclosure to provide a system and a method for providing baseline and vulnerability assessment in an automated way.
[0021] It is another object of the present disclosure to provide a system and a
5 method for automatically closing Infrastructural and Cloud native InfoSec security
points for 5GCN stack at scale.
[0022] It is another object of the present disclosure to provide a system and a
method for automatically closing industry standard points like disabling unwanted
10 services, permit root login, configure NTP or chrony at multiple points.
[0023] It is another object of the present disclosure to provide a system and a method for providing baseline and vulnerability assessment in an automated way using single platform. 15
BRIEF DESCRIPTION OF THE DRAWINGS
[0024] The accompanying drawings, which are incorporated herein, and constitute a part of this disclosure, illustrate exemplary embodiments of the disclosed methods
20 and systems in which like reference numerals refer to the same parts throughout the
different drawings. Components in the drawings are not necessarily to scale, emphasis instead being placed upon clearly illustrating the principles of the present disclosure. Also, the embodiments shown in the figures are not to be construed as limiting the disclosure, but the possible variants of the method and system
25 according to the disclosure are illustrated herein to highlight the advantages of the
disclosure. It will be appreciated by those skilled in the art that disclosure of such drawings includes disclosure of electrical components or circuitry commonly used to implement such components.
30 [0025] FIG. 1 illustrates an exemplary block diagram representation of 5th
generation core (5gc) network architecture.
8

[0026] FIG. 2 illustrates an exemplary block diagram of a computing device upon which the features of the present disclosure may be implemented in accordance with exemplary implementation of the present disclosure. 5
[0027] FIG. 3 illustrates an exemplary block diagram of a system for building security and compliance on one or more network functions (NFs), in accordance with exemplary implementations of the present disclosure.
10 [0028] FIG. 4 illustrates a method flow diagram for building security and
compliance on one or more network functions (NFs), in accordance with exemplary implementations of the present disclosure.
[0029] FIG. 5 illustrates an exemplary environment illustration for building
15 security and compliance on the one or more NFs, in accordance with exemplary
implementations of the present disclosure.
[0030] The foregoing shall be more apparent from the following more detailed description of the disclosure. 20
DETAILED DESCRIPTION
[0031] In the following description, for the purposes of explanation, various specific details are set forth in order to provide a thorough understanding of
25 embodiments of the present disclosure. It will be apparent, however, that
embodiments of the present disclosure may be practiced without these specific details. Several features described hereafter may each be used independently of one another or with any combination of other features. An individual feature may not address any of the problems discussed above or might address only some of the
30 problems discussed above.
9

[0032] The ensuing description provides exemplary embodiments only, and is not
intended to limit the scope, applicability, or configuration of the disclosure. Rather,
the ensuing description of the exemplary embodiments will provide those skilled in
the art with an enabling description for implementing an exemplary embodiment.
5 It should be understood that various changes may be made in the function and
arrangement of elements without departing from the spirit and scope of the disclosure as set forth.
[0033] Specific details are given in the following description to provide a thorough
10 understanding of the embodiments. However, it will be understood by one of
ordinary skill in the art that the embodiments may be practiced without these specific details. For example, circuits, systems, processes, and other components may be shown as components in block diagram form in order not to obscure the embodiments in unnecessary detail. 15
[0034] It should be noted that the terms "first", "second", "primary", "secondary", "target" and the like, herein do not denote any order, ranking, quantity, or importance, but rather are used to distinguish one element from another.
20 [0035] Also, it is noted that individual embodiments may be described as a process
which is depicted as a flowchart, a flow diagram, a data flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations may be performed in parallel or concurrently. In addition, the order of the operations may be re-arranged. A process
25 is terminated when its operations are completed but could have additional steps not
included in a figure.
[0036] The word “exemplary” and/or “demonstrative” is used herein to mean
serving as an example, instance, or illustration. For the avoidance of doubt, the
30 subject matter disclosed herein is not limited by such examples. In addition, any
aspect or design described herein as “exemplary” and/or “demonstrative” is not
10

necessarily to be construed as preferred or advantageous over other aspects or
designs, nor is it meant to preclude equivalent exemplary structures and techniques
known to those of ordinary skill in the art. Furthermore, to the extent that the terms
“includes,” “has,” “contains,” and other similar words are used in either the detailed
5 description or the claims, such terms are intended to be inclusive—in a manner
similar to the term “comprising” as an open transition word—without precluding any additional or other elements.
[0037] As used herein, a “processing unit” or “processor” or “operating processor”
10 includes one or more processors, wherein processor refers to any logic circuitry for
processing instructions. A processor may be a general-purpose processor, a special purpose processor, a conventional processor, a digital signal processor, a plurality of microprocessors, one or more microprocessors in association with a Digital Signal Processing (DSP) core, a controller, a microcontroller, Application Specific
15 Integrated Circuits, Field Programmable Gate Array circuits, any other type of
integrated circuits, etc. The processor may perform signal coding data processing, input/output processing, and/or any other functionality that enables the working of the system according to the present disclosure. More specifically, the processor or processing unit is a hardware processor.
20
[0038] As used herein, “a user equipment”, “a user device”, “a smart-user-device”, “a smart-device”, “an electronic device”, “a mobile device”, “a handheld device”, “a wireless communication device”, “a mobile communication device”, “a communication device” may be any electrical, electronic and/or computing device
25 or equipment, capable of implementing the features of the present disclosure. The
user equipment/device may include, but is not limited to, a mobile phone, smart phone, laptop, a general-purpose computer, desktop, personal digital assistant, tablet computer, wearable device or any other computing device which is capable of implementing the features of the present disclosure. Also, the user device may
30 contain at least one input means configured to receive an input from unit(s) which
are required to implement the features of the present disclosure.
11

[0039] As used herein, “storage unit” or “memory unit” refers to a machine or
computer-readable medium including any mechanism for storing information in a
form readable by a computer or similar machine. For example, a computer-readable
5 medium includes read-only memory (“ROM”), random access memory (“RAM”),
magnetic disk storage media, optical storage media, flash memory devices or other types of machine-accessible storage media. The storage unit stores at least the data that may be required by one or more units of the system to perform their respective functions.
10
[0040] As used herein “interface” or “user interface refers to a shared boundary across which two or more separate components of a system exchange information or data. The interface may also be referred to a set of rules or protocols that define communication or interaction of one or more modules or one or more units with
15 each other, which also includes the methods, functions, or procedures that may be
called.
[0041] All modules, units, components used herein, unless explicitly excluded herein, may be software modules or hardware processors, the processors being a
20 general-purpose processor, a special purpose processor, a conventional processor, a
digital signal processor (DSP), a plurality of microprocessors, one or more microprocessors in association with a DSP core, a controller, a microcontroller, Application Specific Integrated Circuits (ASIC), Field Programmable Gate Array circuits (FPGA), any other type of integrated circuits, etc.
25
[0042] As used herein the transceiver unit include at least one receiver and at least one transmitter configured respectively for receiving and transmitting data, signals, information or a combination thereof between units/components within the system and/or connected with the system.
30
12

[0043] As discussed in the background section, the current known solutions have
several shortcomings. During installation of any operating system, some unwanted
and unused services may cause cyber-attacks. Therefore, security compliance of a
communication network becomes essential to keep such useless and unwanted
5 services, modules and functionalities in compliance with security standards.
Further, in conventional manner, for closing or disabling such network function
nodes and/or compliance point nodes for different OS version, which have
unwanted services or modules are done by manual procedures, which are prone to
errors and take significant amount of time. The present disclosure aims to overcome
10 the above-mentioned and other existing problems in this field of technology by
providing method and system of building security and compliance on one or more network functions (NFs).
[0044] Hereinafter, exemplary embodiments of the present disclosure will be
15 described with reference to the accompanying drawings.
[0045] Referring to FIG. 1 an exemplary block diagram representation of 5th generation core (5GC) network architecture, in accordance with exemplary implementation of the present disclosure is shown. As shown in FIG. 1, the 5GC
20 network architecture [100] includes a user equipment (UE) [102], a radio access
network (RAN) [104], an access and mobility management function (AMF) [106], a Session Management Function (SMF) [108], a Service Communication Proxy (SCP) [110], an Authentication Server Function (AUSF) [112], a Network Slice Specific Authentication and Authorization Function (NSSAAF) [114], a Network
25 Slice Selection Function (NSSF) [116], a Network Exposure Function (NEF) [118],
a Network Repository Function (NRF) [120], a Policy Control Function (PCF) [122], a Unified Data Management (UDM) [124], an application function (AF) [126], a User Plane Function (UPF) [128], a data network (DN) [130], wherein all the components are assumed to be connected to each other in a manner as obvious
30 to the person skilled in the art for implementing features of the present disclosure.
13

[0046] The Radio Access Network (RAN) [104] is the part of a mobile
telecommunications system that connects user equipment (UE) [102] to the core
network (CN) and provides access to different types of networks (e.g., 5G network).
It consists of radio base stations and the radio access technologies that enable
5 wireless communication.
[0047] The Access and Mobility Management Function (AMF) [106] is a 5G core
network function responsible for managing access and mobility aspects, such as UE
registration, connection, and reachability. It also handles mobility management
10 procedures like handovers and paging.
[0048] The Session Management Function (SMF) [108] is a 5G core network
function responsible for managing session-related aspects, such as establishing,
modifying, and releasing sessions. It coordinates with the User Plane Function
15 (UPF) for data forwarding and handles IP address allocation and QoS enforcement.
[0049] The Service Communication Proxy (SCP) [110] is a network function in the
5G core network that facilitates communication between other network functions
by providing a secure and efficient messaging service. It acts as a mediator for
20 service-based interfaces.
[0050] The Authentication Server Function (AUSF) [112] is a network function in the 5G core responsible for authenticating UEs during registration and providing security services. It generates and verifies authentication vectors and tokens.
25
[0051] The Network Slice Specific Authentication and Authorization Function (NSSAAF) [114] is a network function that provides authentication and authorization services specific to network slices. It ensures that UEs can access only the slices for which they are authorized.
30
14

[0052] The Network Slice Selection Function (NSSF) [116] is a network function responsible for selecting the appropriate network slice for a UE based on factors such as subscription, requested services, and network policies.
5 [0053] The Network Exposure Function (NEF) [118] is a network function that
exposes capabilities and services of the 5G network to external applications, enabling integration with third-party services and applications.
[0054] The Network Repository Function (NRF) [120] is a network function that
10 acts as a central repository for information about available network functions and
services. It facilitates the discovery and dynamic registration of network functions.
[0055] The Policy Control Function (PCF) [122] is a network function responsible
for policy control decisions, such as QoS, charging, and access control, based on
15 subscriber information and network policies.
[0056] The Unified Data Management (UDM) [124] is a network function that centralizes the management of subscriber data, including authentication, authorization, and subscription information. 20
[0057] The Application Function (AF) [126] is a network function that represents external applications interfacing with the 5G core network to access network capabilities and services.
25 [0058] The User Plane Function (UPF) [128] is a network function responsible for
handling user data traffic, including packet routing, forwarding, and QoS enforcement.
[0059] The Data Network (DN) [130] refers to a network that provides data
30 services to user equipment (UE) in a telecommunications system. The data services
15

may include but are not limited to Internet services, private data network related services.
[0060] Further, the 5G core network is designed as an interconnected system of
5 Network Functions (NFs) that communicate through service-based interfaces or
reference point interfaces. Network Functions within the 5G control plane will use service-based interfaces for their interactions. The user plane functions, and radio interactions shall use the reference point interfaces. Each NF exposes specific functionality and provides services to other NFs. Therefore, any communication or
10 routing between NFs or between nodes and NFs takes place through these
interfaces. Interfaces are self-contained software modules that are reusable independently of each other and can be thought of as micro services. In an example, a N5 interface is used to connect the PCF (Policy Control Function) [122] and an AF (Application Function) [126].
15
[0061] FIG. 2 illustrates an exemplary block diagram of a computing device [200] upon which the features of the present disclosure may be implemented in accordance with exemplary implementation of the present disclosure. In an implementation, the computing device [200] may also implement a method for
20 building security and compliance on one or more network functions (NFs) [312]
utilising the system [300]. In another implementation, the computing device [200] itself implements the method for building security and compliance on the one or more network functions (NFs) [312] using one or more units configured within the computing device [200], wherein said one or more units are capable of
25 implementing the features as disclosed in the present disclosure.
[0062] The computing device [200] may include a bus [202] or other
communication mechanism for communicating information, and a hardware
processor [204] coupled with bus [202] for processing information. The hardware
30 processor [204] may be, for example, a general-purpose microprocessor. The
computing device [200] may also include a main memory [206], such as a random-
16

access memory (RAM), or other dynamic storage device, coupled to the bus [202]
for storing information and instructions to be executed by the processor [204]. The
main memory [206] also may be used for storing temporary variables or other
intermediate information during execution of the instructions to be executed by the
5 processor [204]. Such instructions, when stored in non-transitory storage media
accessible to the processor [204], render the computing device [200] into a special-
purpose machine that is customized to perform the operations specified in the
instructions. The computing device [200] further includes a read only memory
(ROM) [208] or other static storage device coupled to the bus [202] for storing static
10 information and instructions for the processor [204].
[0063] A storage device [210], such as a magnetic disk, optical disk, or solid-state drive is provided and coupled to the bus [202] for storing information and instructions. The computing device [200] may be coupled via the bus [202] to a
15 display [212], such as a cathode ray tube (CRT), Liquid crystal Display (LCD),
Light Emitting Diode (LED) display, Organic LED (OLED) display, etc. for displaying information to a computer user. An input device [214], including alphanumeric and other keys, touch screen input means, etc. may be coupled to the bus [202] for communicating information and command selections to the processor
20 [204]. Another type of user input device may be a cursor controller [216], such as
a mouse, a trackball, or cursor direction keys, for communicating direction information and command selections to the processor [204], and for controlling cursor movement on the display [212]. The input device typically has two degrees of freedom in two axes, a first axis (e.g., x) and a second axis (e.g., y), that allow
25 the device to specify positions in a plane.
[0064] The computing device [200] may implement the techniques described
herein using customized hard-wired logic, one or more ASICs or FPGAs, firmware
and/or program logic which in combination with the computing device [200] causes
30 or programs the computing device [200] to be a special-purpose machine.
According to one implementation, the techniques herein are performed by the
17

computing device [200] in response to the processor [204] executing one or more
sequences of one or more instructions contained in the main memory [206]. Such
instructions may be read into the main memory [206] from another storage medium,
such as the storage device [210]. Execution of the sequences of instructions
5 contained in the main memory [206] causes the processor [204] to perform the
process steps described herein. In alternative implementations of the present disclosure, hard-wired circuitry may be used in place of or in combination with software instructions.
10 [0065] The computing device [200] also may include a communication interface
[218] coupled to the bus [202]. The communication interface [218] provides a two-way data communication coupling to a network link [220] that is connected to a local network [222]. For example, the communication interface [218] may be an integrated services digital network (ISDN) card, cable modem, satellite modem, or
15 a modem to provide a data communication connection to a corresponding type of
telephone line. As another example, the communication interface [218] may be a local area network (LAN) card to provide a data communication connection to a compatible LAN. Wireless links may also be implemented. In any such implementation, the communication interface [218] sends and receives electrical,
20 electromagnetic or optical signals that carry digital data streams representing
various types of information.
[0066] The computing device [200] can send messages and receive data, including program code, through the network(s), the network link [220] and the
25 communication interface [218]. In the Internet example, a server [230] might
transmit a requested code for an application program through the Internet [228], the ISP [226], the local network [222], a host [224] and the communication interface [218]. The received code may be executed by the processor [204] as it is received, and/or stored in the storage device [210], or other non-volatile storage for later
30 execution.
18

[0067] Referring to FIG. 3, an exemplary block diagram of a system comprising
an automation node [300] for building security and compliance on one or more
network functions (NFs) [312], is shown, in accordance with the exemplary
implementations of the present disclosure. The automation node [300] comprises at
5 least one transceiver unit [302], at least one processing unit [304], at least one
execution unit [306] and at least one user interface [308]. The automation node [300] is in interaction with the one or more network functions (1…n) [312] via one or more interfaces (1…n) [310]. Further, the one or more network functions may include such as, but not limited to, an Access and Mobility Function (AMF) [106],
10 a Session Management Function (SMF) [108], a Service Communication Proxy
(SCP) [110], etc. Also, all of the components/ units of the automation node [300] are assumed to be connected to each other unless otherwise indicated below. As shown in the FIG.3 all units shown within the automation node [300] should also be assumed to be connected to each other. Also, in FIG. 3 only a few units are
15 shown, however, the automation node [300] may comprise multiple such units or
the automation node [300] may comprise any such number of said units, as required to implement the features of the present disclosure. Further, in an implementation, the automation node [300] may be present in a user device/ user equipment to implement the features of the present disclosure. In an implementation, the
20 automation node [300] may reside in a server or a network entity.
[0068] The automation node [300] is configured for building security and compliance on the one or more network functions (NFs) [312], with the help of the interconnection between the components/units of the automation node [300].
25 Further, in an implementation of the present disclosure, a connection is established
between the automation node [300] and the one or more NFs [312], based on network addresses, hostnames, or other unique identifiers associated with the one or more NFs. Once identified, the automation node [300] initiates a connection using a suitable communication protocol. This may involve protocols like SSH,
30 HTTPS, or others, depending on the network environment and the specific
requirements of the one or more NFs. The automation node [300] must authenticate
19

itself to the one or more NFs using credentials, such as passwords, keys, or
certificates. This confirms that the automation node [300] has the necessary
permissions to interact with the one or more NFs [312]. Finally, after successful
authentication, a secure and stable communication channel is established between
5 the automation node [300] and the one or more NFs [312].
[0069] For building security and compliance on the one or more NFs [312], the
transceiver unit [302] checks, connectivity with the one or more NFs [312], at the
automation node [300]. The connectivity between the one or more NFs [312] may
10 be checked by sending a ping or a signal or a request message, and in case, the ping,
signal, or a response message is received back, then it may be considered that the one or more NFs [312] and the automation node [300] are connected with each other.
15 [0070] In an implementation of the present disclosure, the automation node [300]
may be a jump server. A jump server is a system that provides access to and manages all devices in a separate security zone. It may be noted that building security compliance points is required for different OS versions, hence shielding host environment from external risks is necessary. For this, the jump server provides
20 a controlled means of access between different security zones.
[0071] In another implementation of the present disclosure, the one or more NFs [310] may be provided at a user interface [308]. In an implementation of the present disclosure, the user interface [308] may be a graphical user interface (GUI) or a
25 command line interface (CLI). The GUI refers to an interface for the user to interact
with the automation node [300] by visual or graphical representation of icons, menu, etc. The GUI may be used in a smartphone, laptop, computer, etc. The CLI refers to a text-based interface to interact with the automation node [300] for the user. The user may input text lines called as command lines in the CLI to access the
30 data in the automation node [300]. In an implementation of the present disclosure,
20

the user interface [308] may be used to receive inputs for further processing by the automation node [300].
[0072] On checking the connectivity, the processing unit [304] selects one or more
5 interfaces [310] associated with the one or more NFs [312], at the automation node
[300]. In an implementation, the one or more interfaces [310] are selected based on a requirement of an automation task for the one or more NFs [312]. Further, in an implementation, the one or more interfaces [312] may be selected at the user interface [308] of the automation node [300] from a list of interfaces provide at the
10 user interface [308]. An interface refers to a shared boundary across which two or
more separate components (i.e., the automation node [300] and the one or more NFs [312]) exchange information or data. It is to be noted, that the 5G core network is designed as an interconnected system of Network Functions (NFs) that communicate through service-based interfaces or reference point interfaces. NFs
15 within the 5G control plane will use service-based interfaces for their interactions.
The user plane functions, and radio interactions shall use the reference point interfaces. Each NF exposes specific functionality and provides services to other NFs. Therefore, any communication or routing between NFs or between nodes and NFs takes place through these interfaces. Interfaces are self-contained software
20 modules that are reusable independently of each other and can be thought of as
micro services. As an example, a N5 interface is used to connect the PCF (Policy Control Function) [122] and an AF (Application Function) [126].
[0073] After selection of the one or more interfaces [310], the execution unit [306]
25 triggers a security and compliance automation task on the one or more NFs [312].
The security and compliance automation task may be triggered via the one or more
interfaces [310] and is triggered from the automation node [300]. The one or more
security and compliance automation task may refer to a task or a process which is
initiated for security and compliance purpose. For example, the security and
30 compliance automation task may be a baseline assessment (BA) task or a
vulnerability assessment (VA) task. The triggering of the security and compliance
21

automation task may initiate the execution of the security and compliance
automation task. The baseline assessment (BA) is more about hardening the
environment, providing best practices to an organization and patching. Further,
vulnerability assessment (VA) scans databases for software vulnerabilities and
5 provides a list of findings. The findings can be used to remediate software
vulnerabilities and disable findings.
[0074] In one implementation of the present disclosure, the security and compliance automation task may also be performed remotely on the one or more
10 NFs [312] via the associated one or more interfaces [310] from the automation node
[300]. For example, the trigger may be a command indicating initiation of the performance of the security and compliance automation task, which may lead to sending the command from the automation node [300] to the one or more interfaces [310] that are selected. In an implementation of the present disclosure, the
15 command may be triggered at the user interface [308] of the automation node [300]
based on a user input.
[0075] It may be noted that for triggering the security and compliance automation task, the execution unit [306] identifies an operating system version for each of the
20 one or more NFs [312]. The operating system version may refer to the software
version of the operating system that is installed on the one or more network functions [312]. The identification may be done by fetching the information associated with the operating systems from the one or more NFs [312] via the one or more interfaces [310], by executing scripts, commands or a set of code.
25
[0076] Further, for triggering the security and compliance automation task, the execution unit [306] runs at least one of script(s), instruction (s), command(s) and a set of code (s) on the one or more NFs [312] based on the identified OS version for each of the one or more NFs [312]. The execution unit [306] may run at least
30 one of script(s), instruction (s), command(s) and a set of code (s) from the
automation node [300]. In an implementation of the present disclosure, the at least
22

one of script(s), instruction (s), command(s) and a set of code (s) may be initiated
by the user from the user interface [308] of the automation node [300]. The scripts,
instructions, set of codes, commands etc, are run for execution of the security and
compliance automation task. The scripts, instructions, sets of code, commands, etc,
5 comprise a set of operations to execute the security and compliance automation
task. For example, certain scripts, instructions, sets of code, commands, etc are made for assessment of vulnerabilities within the network. On assessment of vulnerabilities certain configuration changes may be required on the one or more interfaces [310] associated with the one or more NFs [312].
10
[0077] Thereafter, after triggering the security and compliance automation task, the execution unit [306] performs configuration changes for each of the associated interfaces of the one or more NFs [312]. The configuration changes may be performed from the automation node [300]. The configuration changes may refer
15 to change in configurations of the one or more interfaces [310] associated with the
one or more NFs [312] which may be done by executing various instructions through the scripts, instructions, sets of codes, commands, etc. Further, in an implementation, the configuration changes may be related to changes in the IP Tables rules and ‘sshd’ configuration changes. The IP Tables are a user-space utility
20 program that allows a system administrator to configure the IP packet filter rules of
the operating system kernel (such as Linux) firewall, implemented as different Netfilter modules. IP Tables is a security tool that helps protect Linux systems from data breaches, unauthorized access, and other network security threats. Further, ‘sshd’ is a server process of the OpenSSH (OpenSSH is the premier connectivity
25 tool for remote login with the SSH protocol). The ‘sshd’ receives the incoming
connections with the help of SSH protocol and operates as a server for this protocol. It manages encryption, file transfers, tunnelling, terminal connections, and user authentication. In an implementation of the present disclosure, the one or more interfaces [310] may be provided with resolutions based on the result of the security
30 and compliance automation task. The result of the security and compliance
automation task may be a list of findings. These findings are then used to remediate
23

the problems identified. Further, in another implementation of the present
disclosure, another task for resolving the findings may be generated automatically
by the execution unit [306], and thereafter, based on an input by the user at the user
interface [308], the configuration changes may be performed automatically on the
5 one or more interfaces [310].
[0078] In one of the implementations of the present disclosure, the security and compliance automation task that was triggered may detect at least one of a security breach, a compliance violation, and a vulnerable service for the one or more NFs
10 [312]. The scripts, instructions, sets of code, commands, etc, which comprise a set
of operations to execute the security and compliance automation task, are programmed to identify anomalies related to security breach, compliance violation and any other security risk associated with services provided by NFs. The security breach may refer to any incident that results in unauthorized access to computer
15 data, applications, networks or devices and which may result in information being
accessed without authorization. The compliance violation may refer to a violation or breach of conditions which were imposed based on certain laws and regulations and were not fulfilled for some reason. The vulnerable service may provide information associated with one or more issues regarding security which are present
20 within a particular service, for example, a particular NF from the one or more NFs
[312].
[0079] Further, in another implementation of the present disclosure, the security and compliance automation task may also comprise a baseline and vulnerability
25 assessment automation. The baseline assessment (BA), as also described before,
may be a first assessment in a general or specific area of functioning to determine capabilities and limitations of various components and devices. The vulnerability assessment (VA), as also described before, may be a process of identifying, quantifying, and prioritizing various vulnerabilities present in a network and may
30 be used to identify and assign different severity levels to security defects. These
baseline and vulnerability assessment automation task refers to automation of the
24

BA and the VA by enabling automatic performance of the assessments for security and compliance purposes.
[0080] Continuing further, after the task is triggered, the transceiver unit [302]
5 sends a response for the triggered security and compliance automation task for the
one or more NFs [312]. The response may be sent to the user interface [308], at the
automation node [300]. The response may comprise the information associated with
the result of the security and compliance automation task after its performance. The
response is sent to the user interface [308] for providing the information such as
10 showing the results of the security and compliance automation task to the user.
[0081] In one of many implementations of the present disclosure, the automation node [300] may send the response with at least one of a notification and a task completion status of the security and compliance automation task to the user
15 interface [308]. The notification may refer to indication for the results (for example
vulnerability found with a service) that are provided based on the security and compliance automation task. The task completion status may refer to the status that the security and compliance automation task has been successfully executed by the execution unit [306]. For example, the notification may indicate that vulnerabilities
20 were found, and the task completion status may indicate that the security and
compliance automation task was successfully performed.
[0082] In an implementation of the present disclosure, a sanity check may be performed after the security and compliance automation task has been executed.
25 The sanity check refers to a process for checking and validating if the security and
compliance automation task has completed without any error. In an implementation of the present disclosure, if a response to the sanity check is a positive response, it signifies that the security and compliance automation task has completed successfully, and the automation node [300] may terminate the automation task. To
30 perform the sanity check, the execution unit [306] may monitor for the response at
the user interface [308] comprising the notification or the task completion status. If
25

the response is received, the automation node may close the automation task as
complete. In another implementation of the present disclosure, if the response to
the sanity check is a negative response, the controller node [300] may wait for a
pre-defined time period before performing another sanity check. The pre-defined
5 time period may be defined by the user. The negative response indicates that no
response was received at the user interface [308] from the security and compliance automation task.
[0083] Referring to FIG. 4, an exemplary method flow diagram [400] for security
10 and compliance of one or more network functions (NFs) [312], in accordance with
exemplary implementations of the present disclosure is shown. In an
implementation the method [400] is performed by the automation node [300].
Further, in an implementation, the automation node [300] may be present in a server
device to implement the features of the present disclosure. Also, as shown in FIG.
15 4, the method [400] starts at step [402].
[0084] As may be known, the one or more network functions [312] may refer to a functional building block within a network infrastructure having well-defined external interfaces and well-defined functional behaviour. For example, the one or
20 more NFs [312] may be Access and Mobility Management Function (AMF),
Session Management Function (SMF), etc. Further, the 5G core network is designed as an interconnected system of Network Functions (NFs) that communicate through service-based interfaces or reference point interfaces. Network Functions within the 5G control plane will use service-based interfaces for their interactions. The user
25 plane functions, and radio interactions shall use the reference point interfaces. Each
NF exposes specific functionality and provides services to other NFs. Therefore, any communication or routing between NFs or between nodes and NFs takes place through these interfaces. Interfaces are self-contained software modules that are reusable independently of each other and can be thought of as micro services. In an
30 example, a N5 interface is used to connect the PCF (Policy Control Function) [122]
and an AF (Application Function) [126].
26

[0085] Initially, at step [404], the method [400] involves checking, by a transceiver
unit [302], at an automation node [300], connectivity with the one or more network
functions (NFs) [312]. The automation node [300] may refer to an entity which is
5 responsible for management of the network. For example, the automation node
[300] may be an operating system which manages various functions that are
performed within a telecommunication network such as 5G core network. Also, the
automation node [300] may refer to an entity which may be assigned for security
management and vulnerability assessment/ management. The connectivity between
10 the one or more NFs [312] may be checked by sending a ping or a signal or a request
message, and in case, the ping, signal, or a response message is received back, then it may be considered that the one or more NFs [312] and the system [300] or the automation node [300] are connected with each other.
15 [0086] In an implementation of the present disclosure, the automation node [300]
may be a jump server. A jump server is a system that provides access to and manages all devices in a separate security zone. It may be noted that building security compliance points is required for different OS versions, hence shielding host environment from external risks is necessary. For this, the jump server provides
20 a controlled means of access between different security zones.
[0087] In another implementation of the present disclosure, the one or more NFs
[312] may be provided at the user interface [308]. In an implementation of the
present disclosure, the user interface [308] may be used to receive inputs for further
25 processing by the automation node [300].
[0088] After checking the connectivity, then at step [406], the method [400] moves
to selecting, by a processing unit [304], at the automation node [300], one or more
interfaces [310] associated with the one or more NFs [312]. The one or interfaces
30 [310] are selected based on a requirement of an automation task for the one or more
NFs [312]. Further, in an implementation, the one or more interfaces [312] may be
27

selected at the user interface [308] of the automation node [300] from a list of interfaces.
[0089] On completion of selection process, then at step [408], the method [400]
5 leads to triggering, by an execution unit [306], from the automation node [300], a
security and compliance automation task on the one or more NFs [312] via the associated one or more interfaces. The one or more security and compliance automation task may refer to a task or a process which is initiated for security and compliance purpose for which automation is required. For example, the security
10 and compliance automation task may be a baseline assessment (BA) task or a
vulnerability assessment (VA) task. The triggering of the security and compliance automation task may initiate the performance of the security and compliance automation task. The baseline assessment (BA) is more about hardening the environment, providing best practices to the organization and patching. Further,
15 vulnerability assessment (VA) scans databases for software vulnerabilities and
provides a list of findings. The findings can be used to remediate software vulnerabilities and disable findings.
[0090] In one implementation of the present disclosure, the security and
20 compliance automation task may also be performed remotely on the one or more
NFs [312] via the associated one or more interfaces [310] from the automation node
[300]. For example, the trigger may be a command indicating initiation of the
performance of the security and compliance automation task, which may lead to
sending the command from the system to the one or more interfaces that are
25 selected. In an implementation of the present disclosure, the command may be
triggered at the user interface [308] of the automation node [300] based on a user input.
[0091] It may be noted that for triggering the security and compliance automation
30 task, the method [400] further involves identifying, by the execution unit [306], at
the automation node [300], an operating system version for each of the one or more
28

NFs [312]. The operating system version may refer to the software version of the
operating system that may be used by the one or more network functions (NFs)
[312] or the one or more user interfaces [310]. The identification may be done by
fetching the information associated with the operating systems from the one or more
5 NFs [312] via the one or more interfaces [310].
[0092] Further, for triggering the security and compliance automation task, the method [400] also comprises running, by the execution unit [306], from the automation node [300], at least one of script(s), instruction (s), command(s) and a
10 set of code (s) on the one or more NFs [312] based on the identified OS version for
each of the one or more NFs [312]. The scripts, instructions, set of codes, commands etc, are run for execution of the security and compliance automation task. The scripts, instructions, sets of code, commands, etc, comprise a set of operations to execute the security and compliance automation task. For example, certain scripts,
15 instructions, sets of code, commands, etc are made for assessment of vulnerabilities
within the network. On assessment of vulnerabilities certain configuration changes may be required for the one or more interfaces [310] associated with the one or more NFs [312].
20 [0093] Then, for triggering the security and compliance automation task, the
method [400] comprises performing, by the execution unit [306], from the automation node [300], configuration changes for each of the associated interfaces of the one or more NFs [312]. The configuration changes may be performed from the automation node [300]. The configuration changes may refer to change in
25 configurations of the one or more user interfaces [310] or the one or more NFs [312]
which may be done by executing various instructions through the scripts, instructions, sets of codes, commands, etc. Further, in an implementation, the configuration changes may be related to changes in the IP Tables rules and ‘sshd’ configuration changes. The IP Tables are a user-space utility program that allows a
30 system administrator to configure the IP packet filter rules of the operating system
kernel (such as Linux) firewall, implemented as different Netfilter modules. IP
29

Tables is a security tool that helps protect Linux systems from data breaches,
unauthorized access, and other network security threats. Further, ‘sshd’ is a server
process of the OpenSSH (OpenSSH is the premier connectivity tool for remote
login with the SSH protocol). The ‘sshd’ receives the incoming connections with
5 the help of SSH protocol and operates as a server for this protocol. It
manages encryption, file transfers, tunnelling, terminal connections, and user authentication.
[0094] In an implementation of the present disclosure, the user interface [308] may
10 be provided with resolutions based on the results of the security and compliance
automation task. The result of the security and compliance automation task may be
a list of findings. These findings are then used to remediate the problems identified.
Further, in another implementation of the present disclosure, another task for
resolving the findings may be generated automatically by the execution unit [306],
15 and thereafter, based on an input by the user at the user interface [308], the
configuration changes may be performed automatically on the one or more
interfaces [310].
[0095] In one of the implementations of the present disclosure, the security and
20 compliance automation task that was triggered may detect at least one of a security
breach, a compliance violation, and a vulnerable service for the one or more NFs
[312]. The security breach may refer to any incident that results in unauthorized
access to computer data, applications, networks or devices and which may result in
information being accessed without authorization. The compliance violation may
25 refer to a violation or breach of conditions which were imposed based on certain
laws and regulations and were not fulfilled for some reason. The vulnerable service
may provide information associated with one or more issues regarding security
which are present within a particular service, for example, a particular NF from the
one or more NFs [312].
30
30

[0096] Further, in another implementation of the present disclosure, the security
and compliance automation task may also comprise a baseline and vulnerability
assessment automation. The baseline assessment (BA) may be a first assessment in
a general or specific area of functioning to determine capabilities and limitations of
5 various components and devices. The vulnerability assessment (VA) may be a
process of identifying, quantifying, and prioritizing various vulnerabilities present
in a network and may be used to identify and assign different severity levels to
security defects. These baseline and vulnerability assessment automation refer to
automation of the BA and the VA by enabling automatic performance of the
10 assessments for security and compliance purposes.
[0097] Continuing further, at step [410], the method [400] comprises sending, by the transceiver unit [302] from the automation node [300], a response for the triggered security and compliance automation task for the one or more NFs [312]
15 to the user interface [308]. The response may comprise the information associated
with the results of the security and compliance automation task after its performance. The response is sent to the user interface [308] for providing the information such as showing the results of the security and compliance automation task to the user.
20
[0098] In one of many implementations of the present disclosure, the automation node [300] sends the response with at least one of a notification and a task completion status of the security and compliance automation task to the user interface. The notification may refer to indication for the results (for example
25 vulnerability found) that are provided based on the security and compliance
automation task. The task completion status may refer to the status that the security and compliance automation task has been successfully executed by the execution unit [306]. For example, the notification may indicate that vulnerabilities were found, and the task completion status may indicate that certain actions are being
30 taken for the vulnerabilities.
31

[0099] In an implementation of the present disclosure, a sanity check may be
performed after the security and compliance automation task. The sanity check
refers to a process for checking and validating if the security and compliance
automation task has completed without any error. In an implementation of the
5 present disclosure, if a response to the sanity check is a positive response, it signifies
that the security and compliance automation task has completed successfully, and the automation node [300] may terminate the automation task. To perform the sanity check, the execution unit [306] may monitor for the response at the user interface [308] comprising the notification or the task completion status. If the
10 response is received, the automation node may close the automation task as
complete. In another implementation of the present disclosure, if the response to the sanity check is a negative response, the controller node [300] may wait for a pre-defined time period before performing another sanity check. The pre-defined time period may be defined by the user. The negative response indicates that no
15 response was received at the user interface [308] from the security and compliance
automation task.
[0100] Thereafter, at step [412], the method [400] is terminated.
20 [0101] Referring to FIG. 5, an exemplary environment illustration for building
security and compliance of one or more network functions (NFs) [312] is shown in accordance with the present disclosure. As shown in the FIG. 5, at step [502], the automation node [300] checks connectivity with the one or more network functions (NFs) [312] and at step 504, the automation node [300] identifies an operating
25 system (OS) version for the one or more NFs [312] through the associated one or
more interfaces [310].
[0102] Then, at step [506], the automation node [300] triggers the security and
compliance automation task by running script(s), instruction (s), command(s) and
30 a set of code (s) on the one or more NFs [312] based on the identified OS version
for each of the one or more NFs [312]. Based on the findings of the security and
32

compliance automation task, the automation node [300] initiates configuration changes for each of the associated interfaces of the one or more NFs [312].
[0103] In an exemplary implementation, as shown in FIG. 5, if the OS version of a
5 first NF from the one or more NFs [312] is RHEL 7 version 7, then a corresponding
specific BA/VA script may be run at a first interface associated with the first NF. Similarly, if the OS version of a second NF from the one or more NFs [312] is RHEL version 8, then a corresponding specific BA/VA script may be executed on a second associated interface of the second NF.
10
[0104] Further, after the security and compliance automation task is performed, the automation node [300], based on the findings, performs various configuration changes to the one or more interfaces [310] associated with the one or more NFs [312]. The configuration changes and its associated result for the security and
15 compliance automation task may be sent for the one or more NFs [312] to a user
interface of the automation node [300].
[0105] The present disclosure further discloses a non-transitory computer readable storage medium storing one or more instructions for building security and
20 compliance on one or more network functions (NFs) [312], the one or more
instructions include executable code which, when executed by one or more units of a system [300], causes the one or more units to perform certain functions. The one or more instructions when executed causes a transceiver unit [302] of the system [300] to check, at an automation node [300], connectivity with the one or more
25 network functions (NFs) [312]. The one or more instructions when executed further
causes a processing unit [304] to select, at the automation node [300], one or more interfaces [310] associated with the one or more NFs. The one or more instructions when executed further causes an execution unit [306] to trigger, from the automation node [300], a security and compliance automation task on the one or
30 more NFs [312] via the associated one or more interfaces [310]. The one or more
instructions when executed further causes the transceiver unit [302] to send, from
33

the automation node [300], a response for the triggered security and compliance automation task for the one or more NFs [312] to a user interface [308].
[0106] As is evident from the above, the present disclosure provides a technically advanced solution for building security and compliance of the one or more network functions (NFs). The present solution enables securing communication network from possible threats of attacks and security breaches by monitoring the operating system (OS) and scaling down the OS as per requirements. The present solution further involves, removing unwanted non-used packages, by monitoring the vulnerable services which are not required for the OS, by installing only dedicated required services on the system. The present disclosure provides a baseline and vulnerability assessment in an automated way. The present disclosure provides a system and method which automatically closes Infrastructural and Cloud native InfoSec security points for different OS version in communication network such as 5GCN stack at scale. The present disclosure provides a system and method which may close all industry standard points like disable unwanted services such as NFS, SAMBA etc, disable permit root login, configure NTP or chrony at multiple points. The present disclosure provides a system and a method which provides baseline and vulnerability assessment in an automated way using a single platform. The present disclosure may fix or disable the end points which may cause cyber security threats to the network and system. In another embodiment, the present disclosure provides a system and method for a platform which may be applicable for not only 5G, but also, for any other lower or higher network communication technology.
[0107] While considerable emphasis has been placed herein on the disclosed implementations, it will be appreciated that many implementations can be made and that many changes can be made to the implementations without departing from the principles of the present disclosure. These and other changes in the implementations of the present disclosure will be apparent to those skilled in the art, whereby it is to be understood that the foregoing descriptive matter to be implemented is illustrative and non-limiting.

[0108] Further, in accordance with the present disclosure, it is to be acknowledged that the functionality described for the various components/units can be implemented interchangeably. While specific embodiments may disclose a particular functionality of these units for clarity, it is recognized that various configurations and combinations thereof are within the scope of the disclosure. The functionality of specific units as disclosed in the disclosure should not be construed as limiting the scope of the present disclosure. Consequently, alternative arrangements and substitutions of units, provided they achieve the intended functionality described herein, are considered to be encompassed within the scope of the present disclosure.

We Claim:
1. A method for building security and compliance on one or more network
functions (NFs) [312], the method comprising:
- checking, by a transceiver unit [302], at an automation node [300], connectivity with the one or more network functions (NFs) [312];
- selecting, by a processing unit [304], at the automation node [300], one or more interfaces [310] associated with the one or more NFs [312];
- triggering, by an execution unit [306], from the automation node [300], a security and compliance automation task on the one or more NFs [312] via the associated one or more interfaces [310]; and
- sending, by the transceiver unit [302] from the automation node [300], a response for the triggered security and compliance automation task for the one or more NFs [312] to a user interface [308].

2. The method as claimed in claim 1, wherein the automation node [300] is a jump server.
3. The method as claimed in claim 1, wherein the one or more NFs [312] are provided at the user interface [308].
4. The method as claimed in claim 1, wherein the security and compliance automation task is performed remotely on the one or more NFs [312] via the associated one or more interface(s) [310] from the automation node [300].
5. The method as claimed in claim 1, wherein triggering the security and compliance automation task comprises:

- identifying, by the execution unit [306], at the automation node [300], an operating system version for each of the one or more NFs [312];
- running, by the execution unit [306], from the automation node [300], at least one of script(s), instruction (s), command(s) and a set of code (s)

on the one or more NFs [312] based on the identified OS version for each of the one or more NFs [312];
- performing, by the execution unit [306], from the automation node
[300], configuration changes for each of the associated one or more
interfaces [310] of the one or more NFs [312].
6. The method as claimed in claim 1, wherein the triggered security and compliance automation task detects at least one of a security breach, a compliance violation, and a vulnerable service for the one or more NFs [312].
7. The method as claimed in claim 1, wherein the security and compliance automation task comprises a baseline and vulnerability assessment automation.
8. The method as claimed in claim 1, wherein the automation node [300] sends the response with at least one of a notification and a task completion status of the security and compliance automation task to the user interface [308].
9. A system [300] for building security and compliance on one or more network functions (NFs) [312], the system [300] comprising:
- a transceiver unit [302], the transceiver unit [302] configured to:
o check, at an automation node [300], connectivity with the one or more NFs [312];
- a processing unit [304] connected at least with the transceiver unit [302],
the processing unit [304] configured to:
o select, at the automation node [300], one or more interfaces [310] associated with the one or more NFs [312];
- an execution unit [306] connected at least with the processing unit [304],
the execution unit [306] configured to:

o trigger, from the automation node [300], a security and compliance automation task on the one or more NFs [312] via the associated one or more interfaces [310]; and - the transceiver unit [302] further configured to:
o send, from the automation node [300], a response for the triggered security and compliance automation task for the one or more NFs [312] to a user interface [308].
10. The system [300] as claimed in claim 9, wherein the automation node [300] is a jump server.
11. The system [300] as claimed in claim 9, wherein the one or more NFs [312] is provided at the user interface [308].
12. The system [300] as claimed in claim 9, wherein the security and compliance automation task is performed remotely on the one or more NFs [312] via the associated one or more interfaces [310] from the automation node.
13. The system [300] as claimed in claim 9, wherein for triggering the security and compliance automation task, the system [300] comprises:
the execution unit [306] configured to:
identify, at the automation node [300], an operating system version for each
of the one or more NFs [312];
run, from the automation node [300], at least one of script(s), instruction(s),
command(s) and a set of code(s) on the one or more NFs [312] based on the
identified OS version for each of the one or more NFs [312];
perform, from the automation node [300], configuration changes for each of
the associated one or more interfaces [310] of the one or more NFs [312].

14. The system [300] as claimed in claim 9, wherein the triggered security and compliance automation task detects at least one of a security breach, a compliance violation, and a vulnerable service for the one or more NFs [312].
15. The system [300] as claimed in claim 9, wherein the security and compliance automation task comprises a baseline and vulnerability assessment automation.
16. The system [300] as claimed in claim 9, wherein the automation node [300] sends the response with at least one of a notification and a task completion status of the security and compliance automation task to the user interface.