Towards a systematic security evaluation of the automotive Bluetooth interface

In-cabin connectivity and its enabling technologies have increased dramatically in recent years. Security was not considered an essential property, a mind-set that has shifted significantly due to the appearance of demonstrated vulnerabilities in these connected vehicles. Connectivity allows the possibility that an external attacker may compromise the security - and therefore the safety - of the vehicle. Many exploits have already been demonstrated in literature. One of the most pervasive connective technologies is Bluetooth, a short-range wireless communication technology. Security issues with this technology are well-documented, albeit in other domains. A threat intelligence study was carried out to substantiate this motivation and finds that while the general trend is towards increasing (relative) security in automotive Bluetooth implementations, there is still significant technological lag when compared to more traditional computing systems. The main contribution of this thesis is a framework for the systematic security evaluation of the automotive Bluetooth interface from a black-box perspective (as technical specifications were loose or absent). Tests were performed through both the vehicle’s native connection and through Bluetoothenabled aftermarket devices attached to the vehicle. This framework is supported through the use of attack trees and principles as outlined in the Penetration Testing Execution Standard. Furthermore, a proof-of-concept tool was developed to implement this framework in a semi-automated manner, to carry out testing on real-world vehicles. The tool also allows for severity classification of the results acquired, as outlined in the SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems. Results of the severity classification are validated through domain expert review. Finally, how formal methods could be integrated into the framework and tool to improve confidence and rigour, and to demonstrate how future iterations of design could be improved is also explored. In conclusion, there is a need for systematic security testing, based on the findings of the threat intelligence study. The systematic evaluation and the developed tool successfully found weaknesses in both the automotive Bluetooth interface and in the vehicle itself through Bluetooth-enabled aftermarket devices. Furthermore, the results of applying this framework provide a focus for counter-measure development and could be used as evidence in a security assurance case. The systematic evaluation framework also allows for formal methods to be introduced for added rigour and confidence. Demonstrations of how this might be performed (with case studies) were presented. Future recommendations include using this framework with more test vehicles and expanding on the existing attack trees that form the heart of the evaluation. Further work on the tool chain would also be desirable. This would enable further accuracy of any testing or modelling required, and would also take automation of the entire process further

Prioritized data synchronization with applications

We are interested on the problem of synchronizing data on two distinct devices with differed priorities using minimum communication. A variety of distributed sys- tems require communication efficient and prioritized synchronization, for example, where the bandwidth is limited or certain information is more time sensitive than others. Our particular approach, P-CPI, involving the interactive synchronization of prioritized data, is efficient both in communication and computation. This protocol sports some desirable features, including (i) communication and computational com- plexity primarily tied to the number of di erences between the hosts rather than the amount of the data overall and (ii) a memoryless fast restart after interruption. We provide a novel analysis of this protocol, with proved high-probability performance bound and fast-restart in logarithmic time. We also provide an empirical model for predicting the probability of complete synchronization as a function of time and symmetric differences. We then consider two applications of our core algorithm. The first is a string reconciliation protocol, for which we propose a novel algorithm with online time com- plexity that is linear in the size of the string. Our experimental results show that our string reconciliation protocol can potentially outperform existing synchroniza- tion tools such like rsync in some cases. We also look into the benefit brought by our algorithm to delay-tolerant networks(DTNs). We propose an optimized DTN routing protocol with P-CPI implemented as middleware. As a proof of concept, we demonstrate improved delivery rate, reduced metadata and reduced average delay

Adapting mobile systems using logical mobility primitives

Mobile computing devices, such as personal digital assistants and mobile phones, are becoming increasingly popular, smaller, more capable and even fashionable personal items. Combined with the recent advent of wireless networking techniques, users are equipped with mobile devices of significant computational abilities, which are able to wirelessly access information by dynamically connecting to many different networks. Despite the ubiquity of mobile devices, mobile systems are built using monolithic architectures, use a small set of predefined interaction paradigms and do not exploit or adapt to the dynamicity of their local or remote context. Applications deployed on mobile devices face considerable challenges posed by their changing surroundings. One of the main peculiarities of mobile devices is heterogeneity, which may occur in software, hardware and network protocols. Mobile systems may carry a large number of different applications, use different operating systems and middleware and, often, have more than one network interface. A further challenge is their considerable variation in the computational resources available, such as battery power, CPU speed, network bandwidth and volatile and persistent memory. Moreover, mobile computing systems are highly dynamic systems, in terms of their surroundings, implying that the requirements for applications deployed on a mobile device are a moving target. Changes in the requirements (such as integration with a new service) may require changes to the application. Consequently, these changes may mean that the application behaviour needs to adapt. This thesis argues that the potential of the ubiquity of mobile devices cannot be realised using static and monolithic architectures, as mobile systems need to be able to adapt to accommodate changes to their environment. It investigates the use of three technologies to offer adaptation to mobile devices: Logical mobility techniques, component systems and middleware technologies. More specifically, this thesis presents the SATIN (System Adaptation Targeting Integrated Networks) component metamodel, a lightweight local component metamodel that offers the flexible use of logical mobility primitives. The metamodel is instantiated to build the SATIN middleware system, a component-based mobile computing middleware that uses the mobility primitives exported by the metamodel to reconfigure itself and applications running on top of it. The suitability of SATIN for the creation of adaptable mobile systems is demonstrated, by using it to implement and evaluate a number of applications showing different aspects of adaptation. Moreover, existing projects are reengineered to run as SATIN components, showing the flexibility of the approach and the advantages gained over the originals

Cloud Services Brokerage for Mobile Ubiquitous Computing

Recently, companies are adopting Mobile Cloud Computing (MCC) to efficiently deliver enterprise services to users (or consumers) on their personalized devices. MCC is the facilitation of mobile devices (e.g., smartphones, tablets, notebooks, and smart watches) to access virtualized services such as software applications, servers, storage, and network services over the Internet. With the advancement and diversity of the mobile landscape, there has been a growing trend in consumer attitude where a single user owns multiple mobile devices. This paradigm of supporting a single user or consumer to access multiple services from n-devices is referred to as the Ubiquitous Cloud Computing (UCC) or the Personal Cloud Computing. In the UCC era, consumers expect to have application and data consistency across their multiple devices and in real time. However, this expectation can be hindered by the intermittent loss of connectivity in wireless networks, user mobility, and peak load demands. Hence, this dissertation presents an architectural framework called, Cloud Services Brokerage for Mobile Ubiquitous Cloud Computing (CSB-UCC), which ensures soft real-time and reliable services consumption on multiple devices of users. The CSB-UCC acts as an application middleware broker that connects the n-devices of users to the multi-cloud services. The designed system determines the multi-cloud services based on the user's subscriptions and the n-devices are determined through device registration on the broker. The preliminary evaluations of the designed system shows that the following are achieved: 1) high scalability through the adoption of a distributed architecture of the brokerage service, 2) providing soft real-time application synchronization for consistent user experience through an enhanced mobile-to-cloud proximity-based access technique, 3) reliable error recovery from system failure through transactional services re-assignment to active nodes, and 4) transparent audit trail through access-level and context-centric provenance

Cooperative Data Backup for Mobile Devices

Les dispositifs informatiques mobiles tels que les ordinateurs portables, assistants personnels et téléphones portables sont de plus en plus utilisés. Cependant, bien qu'ils soient utilisés dans des contextes où ils sont sujets à des endommagements, à la perte, voire au vol, peu de mécanismes permettent d'éviter la perte des données qui y sont stockées. Dans cette thèse, nous proposons un service de sauvegarde de données coopératif pour répondre à ce problème. Cette approche tire parti de communications spontanées entre de tels dispositifs, chaque dispositif stockant une partie des données des dispositifs rencontrés. Une étude analytique des gains de cette approche en termes de sûreté de fonctionnement est proposée. Nous étudions également des mécanismes de stockage réparti adaptés. Les problèmes de coopération entre individus mutuellement suspicieux sont également abordés. Enfin, nous décrivons notre mise en oeuvre du service de sauvegarde coopérative. ABSTRACT : Mobile devices such as laptops, PDAs and cell phones are increasingly relied on but are used in contexts that put them at risk of physical damage, loss or theft. However, few mechanisms are available to reduce the risk of losing the data stored on these devices. In this dissertation, we try to address this concern by designing a cooperative backup service for mobile devices. The service leverages encounters and spontaneous interactions among participating devices, such that each device stores data on behalf of other devices. We first provide an analytical evaluation of the dependability gains of the proposed service. Distributed storage mechanisms are explored and evaluated. Security concerns arising from thecooperation among mutually suspicious principals are identified, and core mechanisms are proposed to allow them to be addressed. Finally, we present our prototype implementation of the cooperative backup servic

Teenustele orienteeritud ja tõendite-teadlik mobiilne pilvearvutus

Arvutiteaduses on kaks kõige suuremat jõudu: mobiili- ja pilvearvutus. Kui pilvetehnoloogia pakub kasutajale keerukate ülesannete lahendamiseks salvestus- ning arvutusplatvormi, siis nutitelefon võimaldab lihtsamate ülesannete lahendamist mistahes asukohas ja mistahes ajal. Täpsemalt on mobiilseadmetel võimalik pilve võimalusi ära kasutades energiat säästa ning jagu saada kasvavast jõudluse ja ruumi vajadusest. Sellest tulenevalt on käesoleva töö peamiseks küsimuseks kuidas tuua pilveinfrastruktuur mobiilikasutajale lähemale? Antud töös uurisime kuidas mobiiltelefoni pilveteenust saab mobiilirakendustesse integreerida. Saime teada, et töö delegeerimine pilve eeldab mitmete pilve aspektide kaalumist ja integreerimist, nagu näiteks ressursimahukas töötlemine, asünkroonne suhtlus kliendiga, programmaatiline ressursside varustamine (Web APIs) ja pilvedevaheline kommunikatsioon. Nende puuduste ületamiseks lõime Mobiilse pilve vahevara Mobile Cloud Middleware (Mobile Cloud Middleware - MCM) raamistiku, mis kasutab deklaratiivset teenuste komponeerimist, et delegeerida töid mobiililt mitmetele pilvedele kasutades minimaalset andmeedastust. Teisest küljest on näidatud, et koodi teisaldamine on peamisi strateegiaid seadme energiatarbimise vähendamiseks ning jõudluse suurendamiseks. Sellegipoolest on koodi teisaldamisel miinuseid, mis takistavad selle laialdast kasutuselevõttu. Selles töös uurime lisaks, mis takistab koodi mahalaadimise kasutuselevõttu ja pakume lahendusena välja raamistiku EMCO, mis kogub seadmetelt infot koodi jooksutamise kohta erinevates kontekstides. Neid andmeid analüüsides teeb EMCO kindlaks, mis on sobivad tingimused koodi maha laadimiseks. Võrreldes kogutud andmeid, suudab EMCO järeldada, millal tuleks mahalaadimine teostada. EMCO modelleerib kogutud andmeid jaotuse määra järgi lokaalsete- ning pilvejuhtude korral. Neid jaotusi võrreldes tuletab EMCO täpsed atribuudid, mille korral mobiilirakendus peaks koodi maha laadima. Võrreldes EMCO-t teiste nüüdisaegsete mahalaadimisraamistikega, tõuseb EMCO efektiivsuse poolest esile. Lõpuks uurisime kuidas arvutuste maha laadimist ära kasutada, et täiustada kasutaja kogemust pideval mobiilirakenduse kasutamisel. Meie peamiseks motivatsiooniks, et sellist adaptiivset tööde täitmise kiirendamist pakkuda, on tagada kasutuskvaliteet (QoE), mis muutub vastavalt kasutajale, aidates seeläbi suurendada mobiilirakenduse eluiga.Mobile and cloud computing are two of the biggest forces in computer science. While the cloud provides to the user the ubiquitous computational and storage platform to process any complex tasks, the smartphone grants to the user the mobility features to process simple tasks, anytime and anywhere. Smartphones, driven by their need for processing power, storage space and energy saving are looking towards remote cloud infrastructure in order to solve these problems. As a result, the main research question of this work is how to bring the cloud infrastructure closer to the mobile user? In this thesis, we investigated how mobile cloud services can be integrated within the mobile apps. We found out that outsourcing a task to cloud requires to integrate and consider multiple aspects of the clouds, such as resource-intensive processing, asynchronous communication with the client, programmatically provisioning of resources (Web APIs) and cloud intercommunication. Hence, we proposed a Mobile Cloud Middleware (MCM) framework that uses declarative service composition to outsource tasks from the mobile to multiple clouds with minimal data transfer. On the other hand, it has been demonstrated that computational offloading is a key strategy to extend the battery life of the device and improves the performance of the mobile apps. We also investigated the issues that prevent the adoption of computational offloading, and proposed a framework, namely Evidence-aware Mobile Computational Offloading (EMCO), which uses a community of devices to capture all the possible context of code execution as evidence. By analyzing the evidence, EMCO aims to determine the suitable conditions to offload. EMCO models the evidence in terms of distributions rates for both local and remote cases. By comparing those distributions, EMCO infers the right properties to offload. EMCO shows to be more effective in comparison with other computational offloading frameworks explored in the state of the art. Finally, we investigated how computational offloading can be utilized to enhance the perception that the user has towards an app. Our main motivation behind accelerating the perception at multiple response time levels is to provide adaptive quality-of-experience (QoE), which can be used as mean of engagement strategy that increases the lifetime of a mobile app

Mobile commerce business models and technologies towards success

Mobile commerce is any transaction with a monetary value that is conducted via a mobile telecommunications network. This thesis tries to examine the factors leading to the success of mobile commerce as well as factors that may hinder its success. This research is separated into five parts: In the first part of this thesis, an analysis of wired e-commerce businesses is made; followed by advantages of mobile commerce over wired e-commerce. In the second part of this thesis, new wireless business models that are expected to generate substantial revenue flows as well as some successful examples of these business models are discussed. In the third part of this thesis, advances in wireless technologies that will lead to the success of mobile commerce are discussed. In the fourth part of this thesis, competition strategies and revenue structure of mobile commerce are discussed. And finally, in the fifth part of this thesis, drawbacks of wireless technologies towards the success of mobile commerce as well as how they can be overcome are discussed. The research and the conclusion suggest that although wireless technologies and their related business models are fairly new, they are growing at rapid speed. These are incredible sources of revenue. Once the factors hindering their usability, reliability, development and deployment are overcome, mobile technologies show great potential as revenue generators for both existing and newly developing businesse

XML Messaging for Mobile Devices

In recent years, XML has been widely adopted as a universal format for structured data. A variety of XML-based systems have emerged, most prominently SOAP for Web services, XMPP for instant messaging, and RSS and Atom for content syndication. This popularity is helped by the excellent support for XML processing in many programming languages and by the variety of XML-based technologies for more complex needs of applications. Concurrently with this rise of XML, there has also been a qualitative expansion of the Internet's scope. Namely, mobile devices are becoming capable enough to be full-fledged members of various distributed systems. Such devices are battery-powered, their network connections are based on wireless technologies, and their processing capabilities are typically much lower than those of stationary computers. This dissertation presents work performed to try to reconcile these two developments. XML as a highly redundant text-based format is not obviously suitable for mobile devices that need to avoid extraneous processing and communication. Furthermore, the protocols and systems commonly used in XML messaging are often designed for fixed networks and may make assumptions that do not hold in wireless environments. This work identifies four areas of improvement in XML messaging systems: the programming interfaces to the system itself and to XML processing, the serialization format used for the messages, and the protocol used to transmit the messages. We show a complete system that improves the overall performance of XML messaging through consideration of these areas. The work is centered on actually implementing the proposals in a form usable on real mobile devices. The experimentation is performed on actual devices and real networks using the messaging system implemented as a part of this work. The experimentation is extensive and, due to using several different devices, also provides a glimpse of what the performance of these systems may look like in the future.Matkapuhelimien ja muiden mobiililaitteiden määrä on kasvanut erittäin nopeasti viime vuosina. Laitteiden pieni koko, niiden tarjoamat ohjelmointimahdollisuudet ja langattomat verkkoyhteydet mahdollistavat Internet- ja muiden verkkosovellusten käytön kaikkialla. Akusta johtuva rajallinen käyttöaika, heikko suoritusteho ja verkkokäytön vaatima virta ja aika toimivat kuitenkin selkeinä rajoitteina mobiililaitteiden mahdollisuuksille, ja jotta mobiilimaailma ei joutuisi kokonaan tulevaisuuden Internetin ulkopuolelle, järjestelmien ja sovellusten suunnittelussa on otettava sen erityispiirteet huomioon. Tulevaisuuden verkkosovelluksissa suoran päätelaitteiden välisen viestinnän odotetaan olevan keskeinen osa sovelluksen toimintaa. Nyky-Internetissä tällaisessa viestinnässä käytetään yhä useammin XML-kieltä, joka laajennettavuutensa ja helppokäyttöisyytensä ansiosta vähentää sovelluskehittäjän taakkaa. XML-kielen ongelmina ovat kuitenkin sen vaatimat suuret tiedonsiirto- ja käsittelyajat, jotka ovat olleet esteenä XML:n laajalle käytölle mobiiliympäristöissä. Väitöskirja tutkii XML-pohjaisen laitteiden välisen viestinnän perusedellytyksiä mobiililaitteilla langattomissa verkoissa. Keskeiset tutkimuskohteet ovat tiivis ja tehokkaasti käsiteltävä XML-esitysmuoto, XML:n käsittelyyn paremmin sopivat ohjelmointirajapinnat ja mobiiliympäristön viestiprotokollat. Työn tuloksena on syntynyt mobiililaitteille suunniteltu XML-pohjainen viestintäjärjestelmä, joka on sellaisenaan käytettävissä verkkosovellusten perustana. Järjestelmälle on suoritettu kattavat mittaukset, jotka osoittavat järjestelmän sopivuuden käyttötarkoitukseensa. Tulosten analyysissa otetaan myös huomioon, miten järjestelmän eri ominaisuudet sopivat kuhunkin mobiililaitteiden tukemaan ympäristöön, sekä tarkastellaan, miltä tulevaisuuden mobiililaitteiden suorituskyky saattaisi näyttää

Flexible cross layer optimization for fixed and mobile broadband telecommunication networks and beyond

In der heutigen Zeit, in der das Internet im Allgemeinen und Telekommunikationsnetze im Speziellen kritische Infrastrukturen erreicht haben, entstehen hohe Anforderungen und neue Herausforderungen an den Datentransport in Hinsicht auf Effizienz und Flexibilität. Heutige Telekommunikationsnetze sind jedoch rigide und statisch konzipiert, was nur ein geringes Maß an Flexibilität und Anpassungsfähigkeit der Netze ermöglicht und darüber hinaus nur im begrenzten Maße die Wichtigkeit von Datenflüssen im wiederspiegelt. Diverse Lösungsansätze zum kompletten Neuentwurf als auch zum evolutionären Konzept des Internet wurden ausgearbeitet und spezifiziert, um diese neuartigen Anforderungen und Herausforderungen adäquat zu adressieren. Einer dieser Ansätze ist das Cross Layer Optimierungs-Paradigma, welches eine bisher nicht mögliche direkte Kommunikation zwischen verteilten Funktionalitäten unterschiedlichen Typs ermöglicht, um ein höheres Maß an Dienstgüte zu erlangen. Ein wesentlicher Indikator, welcher die Relevanz dieses Ansatzes unterstreicht, zeichnet sich durch die Programmierbarkeit von Netzwerkfunktionalitäten aus, welche sich aus der Evolution von heutigen hin zu zukünftigen Netzen erkennen lässt. Dieses Konzept wird als ein vielversprechender Lösungsansatz für Kontrollmechanismen von Diensten in zukünftigen Kernnetzwerken erachtet. Dennoch existiert zur Zeit der Entstehung dieser Doktorarbeit kein Ansatz zur Cross Layer Optimierung in Festnetz-und Mobilfunknetze, welcher der geforderten Effizienz und Flexibilität gerecht wird. Die übergeordnete Zielsetzung dieser Arbeit adressiert die Konzeptionierung, Entwicklung und Evaluierung eines Cross Layer Optimierungsansatzes für Telekommunikationsnetze. Einen wesentlichen Schwerpunkt dieser Arbeit stellt die Definition einer theoretischen Konzeptionierung und deren praktischer Realisierung eines Systems zur Cross Layer Optimierung für Telekommunikationsnetze dar. Die durch diese Doktorarbeit analysierten wissenschaftlichen Fragestellungen betreffen u.a. die Anwendbarkeit von Cross Layer Optimierungsansätzen auf Telekommunikationsnetzwerke; die Betrachtung neuartiger Anforderungen; existierende Konzepte, Ansätze und Lösungen; die Abdeckung neuer Funktionalitäten durch bereits existierende Lösungen; und letztendlich den erkennbaren Mehrwert des neu vorgeschlagenen Konzepts gegenüber den bestehenden Lösungen. Die wissenschaftlichen Beiträge dieser Doktorarbeit lassen sich grob durch vier Säulen skizzieren: Erstens werden der Stand der Wissenschaft und Technik analysiert und bewertet, Anforderungen erhoben und eine Lückenanalyse vorgenommen. Zweitens werden Herausforderungen, Möglichkeiten, Limitierungen und Konzeptionierungsaspekte eines Modells zur Cross Layer Optimierung analysiert und evaluiert. Drittens wird ein konzeptionelles Modell - Generic Adaptive Resource Control (GARC) - spezifiziert, als Prototyp realisiert und ausgiebig validiert. Viertens werden theoretische und praktische Beiträge dieser Doktorarbeit vertiefend analysiert und bewertet.As the telecommunication world moves towards a data-only network environment, signaling, voice and other data are similarly transported as Internet Protocol packets. New requirements, challenges and opportunities are bound to this transition and influence telecommunication architectures accordingly. In this time in which the Internet in general, and telecommunication networks in particular, have entered critical infrastructures and systems, it is of high importance to guarantee efficient and flexible data transport. A certain level of Quality-of-Service (QoS) for critical services is crucial even during overload situations in the access and core network, as these two are the bottlenecks in the network. However, the current telecommunication architecture is rigid and static, which offers very limited flexibility and adaptability. Several concepts on clean slate as well as evolutionary approaches have been proposed and defined in order to cope with these new challenges and requirements. One of these approaches is the Cross Layer Optimization paradigm. This concept omits the strict separation and isolation of the Application-, Control- and Network-Layers as it enables interaction and fosters Cross Layer Optimization among them. One indicator underlying this trend is the programmability of network functions, which emerges clearly during the telecommunication network evolution towards the Future Internet. The concept is regarded as one solution for service control in future mobile core networks. However, no standardized approach for Cross Layer signaling nor optimizations in between the individual layers have been standardized at the time this thesis was written. The main objective of this thesis is the design, implementation and evaluation of a Cross Layer Optimization concept on telecommunication networks. A major emphasis is given to the definition of a theoretical model and its practical realization through the implementation of a Cross Layer network resource optimization system for telecommunication systems. The key questions answered through this thesis are: in which way can the Cross Layer Optimization paradigm be applied on telecommunication networks; which new requirements arise; which of the required functionalities cannot be covered through existing solutions, what other conceptual approaches already exist and finally whether such a new concept is viable. The work presented in this thesis and its contributions can be summarized in four parts: First, a review of related work, a requirement analysis and a gap analysis were performed. Second, challenges, limitations, opportunities and design aspects for specifying an optimization model between application and network layer were formulated. Third, a conceptual model - Generic Adaptive Resource Control (GARC) - was specified and its prototypical implementation was realized. Fourth, the theoretical and practical thesis contributions was validated and evaluated

Optimisation of Traffic Steering for Heterogeneous Mobile Networks

Mobile networks have changed from circuit switched to IP-based mobile wireless packet switched networks. This paradigm shift led to new possibilities and challenges. The development of new capabilities based on IP-based networks is ongoing and raises new problems that have to be tackled, for example, the heterogeneity of current radio access networks and the wide range of data rates, coupled with user requirements and behaviour. A typical example of this shift is the nature of traffic, which is currently mostly data-based; further, forecasts based on market and usage trends indicate a data traffic increase of nearly 11 times between 2013 and 2018. The majority of this data traffic is predicted to be multimedia traffic, such as video streaming and live video streaming combined with voice traffic, all prone to delay, jitter, and packet loss and demanding high data rates and a high Quality of Service (QoS) to enable the provision of valuable service to the end-user. While the demands on the network are increasing, the end-user devices become more mobile and end-user demand for the capability of being always on, anytime and anywhere. The combination of end-user devices mobility, the required services, and the significant traffic loads generated by all the end-users leads to a pressing demand for adequate measures to enable the fulfilment of these requirements. The aim of this research is to propose an architecture which provides smart, intelligent and per end-user device individualised traffic steering for heterogeneous mobile networks to cope with the traffic volume and to fulfil the new requirements on QoS, mobility, and real-time capabilities. The proposed architecture provides traffic steering mechanisms based on individual context data per end-user device enabling the generation of individual commands and recommendations. In order to provide valuable services for the end-user, the commands and recommendations are distributed to the end-user devices in real-time. The proposed architecture does not require any proprietary protocols to facilitate its integration into the existing network infrastructure of a mobile network operator. The proposed architecture has been evaluated through a number of use cases. A proof-of-concept of the proposed architecture, including its core functionality, was implemented using the ns-3 network simulator. The simulation results have shown that the proposed architecture achieves improvements for traffic steering including traffic offload and handover. Further use cases have demonstrated that it is possible to achieve benefits in multiple other areas, such as for example improving the energy efficiency, improving frequency interference management, and providing additional or more accurate data to 3rd party to improve their services