383 research outputs found
An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European Regulation
Secure electronic identification (eID) is one of the key enablers of data protection, privacy, and the prevention of online fraud. However, until now, the lack of common legal basis prevented European Member States from recognizing and accepting eIDs issued in the other Member States. The electronic identification and trust services (eIDAS) regulation provides a solution to these issues by ensuring the cross-border mutual recognition of eIDs. FIWARE is a European initiative that provides a rather simple yet powerful set of application programming interfaces (APIs) that ease the development of smart applications in multiple vertical sectors and oriented to the future internet. In this paper, we propose a model that enables the connection of FIWARE OAuth 2.0-based services with the eID authentication provided by eIDAS reference. Thanks to this model, services already connected with an OAuth 2.0 identity provider can be automatically connected with eIDAS nodes for providing eID authentication to European citizens. For validating the proposed model, we have deployed an instance of the FIWARE identity manager connected to the Spanish eIDAS node. Then, we have registered two services, a private videoconferencing system, and a public smart city deployment, and extended their functionalities for enriching the user experience leveraging the eID authentication. We have evaluated the integration of both services in the eIDAS network with real users from seven different countries. We conclude that the proposed model facilitates the integration of generic and FIWARE-based OAuth 2.0 services to the eIDAS infrastructure, making the connection transparent for developers
Recommended from our members
Towards the Semantic Grid: A State of the Art Survey of Semantic Web Services and their Applicability to Collaborative Design, Engineering, and Procurement
Today, organizations within the engineering and manufacturing domains place as much emphasis on the management and flow of knowledge through a value chain as they do commodities that are more tangible in nature. For example, parts suppliers in the Canadian automotive sector are often asked to collaborate with auto manufacturers in designing and engineering their product, instead of simply producing and supplying it. Such fundamental changes in the overarching economics of this industry have led to a greater focus on collaboration, both in terms of communicating across geographic divides to design components, as well as new requirements to merge heterogeneous data stores in order to manage this distributed procurement process. Our work on this project centred on finding solutions to the above by surveying the state of the industry, as well as assessing the potential employability of related tools in the workplace. It was concluded that the Access Grid (a low-cost, open-source videoconferencing platform) held significant potential to facilitate the high-quality sharing of audiovisual material, while semantic technologies (the âsemantic webâ and âsemantic web servicesâ) represented a feasible solution to the issues of data integration. When combined, these technologies form the âsemantic gridâ, the focus of this paper. Overall, it is concluded that the past and present business success of this ICT in the information management sector may, with future work, link databases with the visualization interface to provide concurrent cost-benefit analyses
Security, Privacy and Safety Risk Assessment for Virtual Reality Learning Environment Applications
Social Virtual Reality based Learning Environments (VRLEs) such as vSocial
render instructional content in a three-dimensional immersive computer
experience for training youth with learning impediments. There are limited
prior works that explored attack vulnerability in VR technology, and hence
there is a need for systematic frameworks to quantify risks corresponding to
security, privacy, and safety (SPS) threats. The SPS threats can adversely
impact the educational user experience and hinder delivery of VRLE content. In
this paper, we propose a novel risk assessment framework that utilizes attack
trees to calculate a risk score for varied VRLE threats with rate and duration
of threats as inputs. We compare the impact of a well-constructed attack tree
with an adhoc attack tree to study the trade-offs between overheads in managing
attack trees, and the cost of risk mitigation when vulnerabilities are
identified. We use a vSocial VRLE testbed in a case study to showcase the
effectiveness of our framework and demonstrate how a suitable attack tree
formalism can result in a more safer, privacy-preserving and secure VRLE
system.Comment: Tp appear in the CCNC 2019 Conferenc
Working Together: ICT Infrastructures to Support Collaboration
The paper summarizes a part of research carried out in ICCI project and provides a current review of ICT infrastructures supporting collaboration. It covers taxonomies, protocols, standards, components, typical subsystems as well as future trends and recommendation for two most important technologies with applications in AEC: (1) EIP (Enterprise information portal) â a single gateway to a company's information, knowledge base, and applications for all actors; (2) RTC (Real-Time Communication and Collaboration technologies) that provide means for asynchronous communication between geographically dislocated people using ICT. Proposed future developments are: orientation towards web services - with building information models, business intelligence, personalization, AEC information retrieval, p2p workspaces and grids
Digital Transformation in Healthcare
This book presents a collection of papers revealing the impact of advanced computation and instrumentation on healthcare. It highlights the increasing global trend driving innovation for a new era of multifunctional technologies for personalized digital healthcare. Moreover, it highlights that contemporary research on healthcare is performed on a multidisciplinary basis comprising computational engineering, biomedicine, biomedical engineering, electronic engineering, and automation engineering, among other areas
- âŠ