Decentralized Identity and Access Management Framework for Internet of Things Devices

The emerging Internet of Things (IoT) domain is about connecting people and devices and systems together via sensors and actuators, to collect meaningful information from the devices surrounding environment and take actions to enhance productivity and efficiency. The proliferation of IoT devices from around few billion devices today to over 25 billion in the next few years spanning over heterogeneous networks defines a new paradigm shift for many industrial and smart connectivity applications. The existing IoT networks faces a number of operational challenges linked to devices management and the capability of devices’ mutual authentication and authorization. While significant progress has been made in adopting existing connectivity and management frameworks, most of these frameworks are designed to work for unconstrained devices connected in centralized networks. On the other hand, IoT devices are constrained devices with tendency to work and operate in decentralized and peer-to-peer arrangement. This tendency towards peer-to-peer service exchange resulted that many of the existing frameworks fails to address the main challenges faced by the need to offer ownership of devices and the generated data to the actual users. Moreover, the diversified list of devices and offered services impose that more granular access control mechanisms are required to limit the exposure of the devices to external threats and provide finer access control policies under control of the device owner without the need for a middleman. This work addresses these challenges by utilizing the concepts of decentralization introduced in Distributed Ledger (DLT) technologies and capability of automating business flows through smart contracts. The proposed work utilizes the concepts of decentralized identifiers (DIDs) for establishing a decentralized devices identity management framework and exploits Blockchain tokenization through both fungible and non-fungible tokens (NFTs) to build a self-controlled and self-contained access control policy based on capability-based access control model (CapBAC). The defined framework provides a layered approach that builds on identity management as the foundation to enable authentication and authorization processes and establish a mechanism for accounting through the adoption of standardized DLT tokenization structure. The proposed framework is demonstrated through implementing a number of use cases that addresses issues related identity management in industries that suffer losses in billions of dollars due to counterfeiting and lack of global and immutable identity records. The framework extension to support applications for building verifiable data paths in the application layer were addressed through two simple examples. The system has been analyzed in the case of issuing authorization tokens where it is expected that DLT consensus mechanisms will introduce major performance hurdles. A proof of concept emulating establishing concurrent connections to a single device presented no timed-out requests at 200 concurrent connections and a rise in the timed-out requests ratio to 5% at 600 connections. The analysis showed also that a considerable overhead in the data link budget of 10.4% is recorded due to the use of self-contained policy token which is a trade-off between building self-contained access tokens with no middleman and link cost

A Survey on Security and Privacy of 5G Technologies: Potential Solutions, Recent Advancements, and Future Directions

Security has become the primary concern in many telecommunications industries today as risks can have high consequences. Especially, as the core and enable technologies will be associated with 5G network, the confidential information will move at all layers in future wireless systems. Several incidents revealed that the hazard encountered by an infected wireless network, not only affects the security and privacy concerns, but also impedes the complex dynamics of the communications ecosystem. Consequently, the complexity and strength of security attacks have increased in the recent past making the detection or prevention of sabotage a global challenge. From the security and privacy perspectives, this paper presents a comprehensive detail on the core and enabling technologies, which are used to build the 5G security model; network softwarization security, PHY (Physical) layer security and 5G privacy concerns, among others. Additionally, the paper includes discussion on security monitoring and management of 5G networks. This paper also evaluates the related security measures and standards of core 5G technologies by resorting to different standardization bodies and provide a brief overview of 5G standardization security forces. Furthermore, the key projects of international significance, in line with the security concerns of 5G and beyond are also presented. Finally, a future directions and open challenges section has included to encourage future research.European CommissionNational Research Tomsk Polytechnic UniversityUpdate citation details during checkdate report - A

Mission-Critical Communications from LMR to 5G: a Technology Assessment approach for Smart City scenarios

Radiocommunication networks are one of the main support tools of agencies that carry out actions in Public Protection & Disaster Relief (PPDR), and it is necessary to update these communications technologies from narrowband to broadband and integrated to information technologies to have an effective action before society. Understanding that this problem includes, besides the technical aspects, issues related to the social context to which these systems are inserted, this study aims to construct scenarios, using several sources of information, that helps the managers of the PPDR agencies in the technological decisionmaking process of the Digital Transformation of Mission-Critical Communication considering Smart City scenarios, guided by the methods and approaches of Technological Assessment (TA).As redes de radiocomunicações são uma das principais ferramentas de apoio dos órgãos que realizam ações de Proteção Pública e Socorro em desastres, sendo necessário atualizar essas tecnologias de comunicação de banda estreita para banda larga, e integra- las às tecnologias de informação, para se ter uma atuação efetiva perante a sociedade . Entendendo que esse problema inclui, além dos aspectos técnicos, questões relacionadas ao contexto social ao qual esses sistemas estão inseridos, este estudo tem por objetivo a construção de cenários, utilizando diversas fontes de informação que auxiliem os gestores destas agências na tomada de decisão tecnológica que envolve a transformação digital da Comunicação de Missão Crítica considerando cenários de Cidades Inteligentes, guiado pelos métodos e abordagens de Avaliação Tecnológica (TA)

Telecommunication Economics

This book constitutes a collaborative and selected documentation of the scientific outcome of the European COST Action IS0605 Econ@Tel "A Telecommunications Economics COST Network" which run from October 2007 to October 2011. Involving experts from around 20 European countries, the goal of Econ@Tel was to develop a strategic research and training network among key people and organizations in order to enhance Europe's competence in the field of telecommunications economics. Reflecting the organization of the COST Action IS0605 Econ@Tel in working groups the following four major research areas are addressed: - evolution and regulation of communication ecosystems; - social and policy implications of communication technologies; - economics and governance of future networks; - future networks management architectures and mechanisms

Telecommunication Economics

This book constitutes a collaborative and selected documentation of the scientific outcome of the European COST Action IS0605 Econ@Tel "A Telecommunications Economics COST Network" which run from October 2007 to October 2011. Involving experts from around 20 European countries, the goal of Econ@Tel was to develop a strategic research and training network among key people and organizations in order to enhance Europe's competence in the field of telecommunications economics. Reflecting the organization of the COST Action IS0605 Econ@Tel in working groups the following four major research areas are addressed: - evolution and regulation of communication ecosystems; - social and policy implications of communication technologies; - economics and governance of future networks; - future networks management architectures and mechanisms

Actas da 10ª Conferência sobre Redes de Computadores

Universidade do MinhoCCTCCentro AlgoritmiCisco SystemsIEEE Portugal Sectio

Legal and regulatory aspects of mobile financial services

The thesis deals with the emergence of bank and non-bank entities that provide a range of unique transaction-based payment services broadly called Mobile Financial Services (MFS) to unbanked, underserved and underbanked persons via mobile phones. Models of MFS from Mobile Network Operators (MNOs), banks, combinations of MNOs and banks, and independent Mobile Financial Services Providers are covered. Provision by non-banks of ‘bank-type’ services via mobile phones has been termed ‘transformational banking’ versus the ‘additive banking’ services from banks. All involve the concept of ‘branchless banking’ whereby ‘cash-in/cash out’ services are provided through ‘agents.’ Funds for MFS payments may available through a Stored Value Product (SVP), particularly through a Stored Value Account SVP variant offered by MNOs where value is stored as a redeemable fiat- or mobile ‘airtime’-based Store of Value. The competitive, legal, technical and regulatory nature of non-bank versus bank MFS models is discussed, in particular the impact of banking, payments, money laundering, telecommunications, e-commerce and consumer protection laws. Whether funding mechanisms for SVPs may amount to deposit-taking such that entities could be engaged in the ‘business of banking’ is discussed. The continued use of ‘deposit’ as the traditional trigger for the ‘business of banking’ is investigated, alongside whether transaction and paymentcentric MFS rises to the ‘business of banking.’ An extensive evaluation of ‘money’ based on the Orthodox and Claim School economic theories is undertaken in relation to SVPs used in MFS, their legal associations and import, and whether they may be deemed ‘money’ in law. Consumer protection for MFS and payments generally through current statute, contract, and payment law and common law condictiones are found to be wanting. Possible regulatory arbitrage in relation to MFS in South African law is discussed. The legal and regulatory regimes in the European Union, Kenya and the United States of America are compared with South Africa. The need for a coordinated payments-specific law that has consumer protections, enables proportional risk-based licensing of new non-bank providers of MFS, and allows for a regulator for retail payments is recommended. The use of trust companies and trust accounts is recommended for protection of user funds. | viPublic, Constitutional and International LawLL. D

Safety and Reliability - Safe Societies in a Changing World

The contributions cover a wide range of methodologies and application areas for safety and reliability that contribute to safe societies in a changing world. These methodologies and applications include: - foundations of risk and reliability assessment and management - mathematical methods in reliability and safety - risk assessment - risk management - system reliability - uncertainty analysis - digitalization and big data - prognostics and system health management - occupational safety - accident and incident modeling - maintenance modeling and applications - simulation for safety and reliability analysis - dynamic risk and barrier management - organizational factors and safety culture - human factors and human reliability - resilience engineering - structural reliability - natural hazards - security - economic analysis in risk managemen