13,258 research outputs found
A Decentralised Digital Identity Architecture
Current architectures to validate, certify, and manage identity are based on
centralised, top-down approaches that rely on trusted authorities and
third-party operators. We approach the problem of digital identity starting
from a human rights perspective, with a primary focus on identity systems in
the developed world. We assert that individual persons must be allowed to
manage their personal information in a multitude of different ways in different
contexts and that to do so, each individual must be able to create multiple
unrelated identities. Therefore, we first define a set of fundamental
constraints that digital identity systems must satisfy to preserve and promote
privacy as required for individual autonomy. With these constraints in mind, we
then propose a decentralised, standards-based approach, using a combination of
distributed ledger technology and thoughtful regulation, to facilitate
many-to-many relationships among providers of key services. Our proposal for
digital identity differs from others in its approach to trust in that we do not
seek to bind credentials to each other or to a mutually trusted authority to
achieve strong non-transferability. Because the system does not implicitly
encourage its users to maintain a single aggregated identity that can
potentially be constrained or reconstructed against their interests,
individuals and organisations are free to embrace the system and share in its
benefits.Comment: 30 pages, 10 figures, 3 table
Spectrum sharing security and attacks in CRNs: a review
Cognitive Radio plays a major part in communication technology by resolving the shortage of the spectrum through usage of dynamic spectrum access and artificial intelligence characteristics. The element of spectrum sharing in cognitive radio is a fundament al approach in utilising free channels. Cooperatively communicating cognitive radio devices use the common control channel of the cognitive radio medium access control to achieve spectrum sharing. Thus, the common control channel and consequently spectrum sharing security are vital to ensuring security in the subsequent data communication among cognitive radio nodes. In addition to well known security problems in wireless networks, cognitive radio networks introduce new classes of security threats and challenges, such as licensed user emulation attacks in spectrum sensing and misbehaviours in the common control channel transactions, which degrade the overall network operation and performance. This review paper briefly presents the known threats and attacks in wireless networks before it looks into the concept of cognitive radio and its main functionality. The paper then mainly focuses on spectrum sharing security and its related challenges. Since spectrum sharing is enabled through usage of
the common control channel, more attention is paid to the
security of the common control channel by looking into its
security threats as well as protection and detection mechanisms. Finally, the pros and cons as well as the comparisons of different CR - specific security mechanisms are presented with some open research issues and challenges
A privacy-preserving approach to grid balancing using scheduled electric vehicle charging
The introduction of renewable energy generation (e.g. solar and wind) in the energy distribution infrastructure makes balancing the total energy load and production in the grid more challenging due to the weather-dependent nature of these energy sources. One approach to mitigate the issue is to use weather forecasts to predict the production and then offer incentives to electric vehicle users (EVUs) to charge their vehicles during the times of energy surplus. However, doing this without leaking sensitive information about the EVUs location and identity presents challenges to the system design. This thesis proposes a privacy-preserving architecture that allows the grid operator to offer incentives for contributing to the grid stability, and to reliably and automatically quantify the extent of each contribution while still maintaining the privacy of the EVUs. Furthermore, the architecture enables decentralised privacy-preserving dispute resolution without leaking any personally identifiable information (PII). The architecture fulfils the goal by utilising self-sovereign identity technologies, such as decentralised identifiers (DIDs), and privacy-preserving digital credentials solutions, such as verifiable credentials (VCs). They allow the solution to utilise ephemeral identifiers and to compartmentalise the information into three different knowledge domains to ensure that only the minimum amount of information needed crosses any domain border. An analysis of the solution indicates that the architecture ensures relatively strong privacy guarantees to the EVUs and solves the grid balancing problem while reducing the number of assumptions to the minimum. This makes the architecture applicable to a wide set of use cases in the EV charging field. Future work includes a detailed performance analysis of a proof-of-concept (PoC), although the information available from related research already indicates relatively low latency and a good level of deployability even on resource-constrained Internet-of-things (IoT) devices
Trustworthy content push
Delivery of content to mobile devices gains increasing importance in
industrial environments to support employees in the field. An important
application are e-mail push services like the fashionable Blackberry. These
systems are facing security challenges regarding data transport to, and storage
of the data on the end user equipment. The emerging Trusted Computing
technology offers new answers to these open questions.Comment: 4 pages, 4 eps figure
reclaimID: Secure, Self-Sovereign Identities using Name Systems and Attribute-Based Encryption
In this paper we present reclaimID: An architecture that allows users to
reclaim their digital identities by securely sharing identity attributes
without the need for a centralised service provider. We propose a design where
user attributes are stored in and shared over a name system under user-owned
namespaces. Attributes are encrypted using attribute-based encryption (ABE),
allowing the user to selectively authorize and revoke access of requesting
parties to subsets of his attributes. We present an implementation based on the
decentralised GNU Name System (GNS) in combination with ciphertext-policy ABE
using type-1 pairings. To show the practicality of our implementation, we
carried out experimental evaluations of selected implementation aspects
including attribute resolution performance. Finally, we show that our design
can be used as a standard OpenID Connect Identity Provider allowing our
implementation to be integrated into standard-compliant services.Comment: 12 page
- …