A flexible architecture for privacy-aware trust management

In service-oriented systems a constellation of services cooperate, sharing potentially sensitive information and responsibilities. Cooperation is only possible if the different participants trust each other. As trust may depend on many different factors, in a flexible framework for Trust Management (TM) trust must be computed by combining different types of information. In this paper we describe the TAS3 TM framework which integrates independent TM systems into a single trust decision point. The TM framework supports intricate combinations whilst still remaining easily extensible. It also provides a unified trust evaluation interface to the (authorization framework of the) services. We demonstrate the flexibility of the approach by integrating three distinct TM paradigms: reputation-based TM, credential-based TM, and Key Performance Indicator TM. Finally, we discuss privacy concerns in TM systems and the directions to be taken for the definition of a privacy-friendly TM architecture.\u

Security of 5G-V2X: Technologies, Standardization and Research Directions

Cellular-Vehicle to Everything (C-V2X) aims at resolving issues pertaining to the traditional usability of Vehicle to Infrastructure (V2I) and Vehicle to Vehicle (V2V) networking. Specifically, C-V2X lowers the number of entities involved in vehicular communications and allows the inclusion of cellular-security solutions to be applied to V2X. For this, the evolvement of LTE-V2X is revolutionary, but it fails to handle the demands of high throughput, ultra-high reliability, and ultra-low latency alongside its security mechanisms. To counter this, 5G-V2X is considered as an integral solution, which not only resolves the issues related to LTE-V2X but also provides a function-based network setup. Several reports have been given for the security of 5G, but none of them primarily focuses on the security of 5G-V2X. This article provides a detailed overview of 5G-V2X with a security-based comparison to LTE-V2X. A novel Security Reflex Function (SRF)-based architecture is proposed and several research challenges are presented related to the security of 5G-V2X. Furthermore, the article lays out requirements of Ultra-Dense and Ultra-Secure (UD-US) transmissions necessary for 5G-V2X.Comment: 9 pages, 6 figures, Preprin

The Beginnings and Prospective Ending of “End-to-End”: An Evolutionary Perspective On the Internet’s Architecture

The technology of “the Internet” is not static. Although its “end-to- end” architecture has made this “connection-less” communications system readily “extensible,” and highly encouraging to innovation both in hardware and software applications, there are strong pressures for engineering changes. Some of these are wanted to support novel transport services (e.g. voice telephony, real-time video); others would address drawbacks that appeared with opening of the Internet to public and commercial traffic - e.g., the difficulties of blocking delivery of offensive content, suppressing malicious actions (e.g. “denial of service” attacks), pricing bandwidth usage to reduce congestion. The expected gains from making “improvements” in the core of the network should be weighed against the loss of the social and economic benefits that derive from the “end-to-end” architectural design. Even where technological “fixes” can be placed at the networks’ edges, the option remains to search for alternative, institutional mechanisms of governing conduct in cyberspace.

Issues using COTS simulation software packages for the interoperation of models

This paper intends to examine the interoperation of simulation models from the viewpoint of a simulation engineer who uses standard tools and methods to create these models. The paper will look at the models in the context of COTS (commercially available off-the shelf) simulation packages with a view to applying distributed simulation (DS) theory to the subject. By studying current methods employed which enable COTS simulation packages to interoperate, this paper will discuss the tools currently used and examine their appropriateness. The paper will also suggest how an example COTS simulation package could be modified to provide the necessary functions and interoperability required to allow full distributed simulation

Economic Policy Analysis and the Internet: Coming to Terms with a Telecommunications Anomaly

The significant set of public policy issues for economic analysis that arise from the tensions between the ‘special benefits’ of the Internet as a platform for innovation, and the drawbacks of the “anomalous” features of the Internet viewed as simply one among the array of telecommunications systems, is the focus of discussion in this chapter. Economists concerned with industrial organization and regulation (including antitrust and merger law) initially found new scope for application of their expertise in conventional policy analyses of the Internet’s interactions with other segments of the telecommunications sector (broadcast and cable television, radio and telephone), and emphasized the potential congestion problems posed by user anonymity and flat rate pricing. Policy issues of a more dynamic kind have subsequently come to the fore. These involve classic tradeoffs between greater efficiency and producer and consumer surpluses today, and a potential for more innovation in Web-based products and service in the future. Many such tradeoffs involve choices such as that between policies that would preserve the original ‘end-to-end’ design of the original Internet architecture, and those that would be more encouraging of market-driven deployment of new technologies that afforded ISPs with greater market power the opportunity to offer (and extract greater profits from) restricted-Web services that consumers valued highly, such as secure and private VOIP.public policy, telecommunications, Web-based products, user anonymity

Future consumer mobile phone security: a case study using the data centric security model

In the interconnected world that we live in, traditional security barriers are\ud broken down. Developments such as outsourcing, increased usage of mobile\ud devices and wireless networks each cause new security problems.\ud To address the new security threats, a number of solutions have been suggested,\ud mostly aiming at securing data rather than whole systems or networks.\ud However, these visions (such as proposed by the Jericho Forum [9] and IBM\ud [4]) are mostly concerned with large (inter-) enterprise systems. Until now, it is\ud unclear what data-centric security could mean for other systems and environments.\ud One particular category of systems that has been neglected is that of\ud consumer mobile phones. Currently, data security is usually limited to a PIN\ud number on startup and the option to disable wireless connections. The lack of\ud protection does not seem justified, as these devices have steadily increased in\ud capabilities and capacity; they can connect wirelessly to the Internet and have\ud a high risk of being lost or stolen [8]. This not only puts end users at risk, but\ud also their contacts, as phones can contain privacy sensitive data of many others.\ud For example, if birth dates and addresses are kept with the contact records, in\ud many cases a thief will have enough information to impersonate a contact and\ud steal his identity.\ud Could consumer mobile phones benefit from data-centric security? How\ud useful is data-centric security in this context? These are the core questions we\ud will try to address here