Multicast Mobility in Mobile IP Version 6 (MIPv6) : Problem Statement and Brief Survey

Publisher PD

Enabling Disaster Resilient 4G Mobile Communication Networks

The 4G Long Term Evolution (LTE) is the cellular technology expected to outperform the previous generations and to some extent revolutionize the experience of the users by taking advantage of the most advanced radio access techniques (i.e. OFDMA, SC-FDMA, MIMO). However, the strong dependencies between user equipments (UEs), base stations (eNBs) and the Evolved Packet Core (EPC) limit the flexibility, manageability and resiliency in such networks. In case the communication links between UEs-eNB or eNB-EPC are disrupted, UEs are in fact unable to communicate. In this article, we reshape the 4G mobile network to move towards more virtual and distributed architectures for improving disaster resilience, drastically reducing the dependency between UEs, eNBs and EPC. The contribution of this work is twofold. We firstly present the Flexible Management Entity (FME), a distributed entity which leverages on virtualized EPC functionalities in 4G cellular systems. Second, we introduce a simple and novel device-todevice (D2D) communication scheme allowing the UEs in physical proximity to communicate directly without resorting to the coordination with an eNB.Comment: Submitted to IEEE Communications Magazin

Cryptographic Key Management in Delay Tolerant Networks (DTNs): A survey

Since their appearance at the dawn of the second millennium, Delay or Disruption Tolerant Networks (DTNs) have gradually evolved, spurring the development of a variety of methods and protocols for making them more secure and resilient. In this context, perhaps, the most challenging problem to deal with is that of cryptographic key management. To the best of our knowledge, the work at hand is the first to survey the relevant literature and classify the various so far proposed key management approaches in such a restricted and harsh environment. Towards this goal, we have grouped the surveyed key management methods into three major categories depending on whether the particular method copes with a) security initialization, b) key establishment, and c) key revocation. We have attempted to provide a concise but fairly complete evaluation of the proposed up-to-date methods in a generalized way with the aim of offering a central reference point for future research

Cooperating broadcast and cellular conditional access system for digital television

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.The lack of interoperability between Pay‐TV service providers and a horizontally integrated business transaction model have compromised the competition in the Pay‐TV market. In addition, the lack of interactivity with customers has resulted in high churn rate and improper security measures have contributed into considerable business loss. These issues are the main cause of high operational costs and subscription fees in the Pay‐TV systems. This paper presents a novel end‐to‐end system architecture for Pay‐TV systems cooperating mobile and broadcasting technologies. It provides a cost‐effective, scalable, dynamic and secure access control mechanism supporting converged services and new business opportunities in Pay‐TV systems. It enhances interactivity, security and potentially reduces customer attrition and operational cost. In this platform, service providers can effectively interact with their customers, personalise their services and adopt appropriate security measures. It breaks up the rigid relationship between a viewer and set‐top box as imposed by traditional conditional access systems, thus, a viewer can fully enjoy his entitlements via an arbitrary set‐top box. Having thoroughly considered state‐of‐the‐art technologies currently being used across the world, the thesis highlights novel use cases and presents the full design and implementation aspects of the system. The design section is enriched by providing possible security structures supported thereby. A business collaboration structure is proposed, followed by a reference model for implementing the system. Finally, the security architectures are analysed to propose the best architecture on the basis of security, complexity and set‐top box production cost criteria

Cryptographic Key Management in Delay Tolerant Networks (DTNs): A survey

Since their appearance at the dawn of the second millennium, Delay or Disruption Tolerant Networks (DTNs) have gradually evolved, spurring the development of a variety of methods and protocols for making them more secure and resilient. In this context, perhaps, the most challenging problem to deal with is that of cryptographic key management. To the best of our knowledge, the work at hand is the first to survey the relevant literature and classify the various so far proposed key management approaches in such a restricted and harsh environment. Towards this goal, we have grouped the surveyed key management methods into three major categories depending on whether the particular method copes with a) security initialization, b) key establishment, and c) key revocation. We have attempted to provide a concise but fairly complete evaluation of the proposed up-to-date methods in a generalized way with the aim of offering a central reference point for future research

Risk driven models & security framework for drone operation in GNSS-denied environments

Flying machines in the air without human inhabitation has moved from abstracts to reality and the concept of unmanned aerial vehicles continues to evolve. Drones are popularly known to use GPS and other forms of GNSS for navigation, but this has unfortunately opened them up to spoofing and other forms of cybersecurity threats. The use of computer vision to find location through pre-stored satellite images has become a suggested solution but this gives rise to security challenges in the form of spoofing, tampering, denial of service and other forms of attacks. These security challenges are reviewed with appropriate requirements recommended. This research uses the STRIDE threat analysis model to analyse threats in drone operation in GNSS-denied environment. Other threat models were considered including DREAD and PASTA, but STRIDE is chosen because of its suitability and the complementary ability it serves to other analytical methods used in this work. Research work is taken further to divide the drone system into units based in similarities in functions and architecture. They are then subjected to Failure Mode and Effects Analysis (FMEA), and Fault Tree Analysis (FTA). The STRIDE threat model is used as base events for the FTA and an FMEA is conducted based on adaptations from IEC 62443-1-1, Network and System Security- Terminology, concepts, and models and IEC 62443-3-2, security risk assessment for system design. The FTA and FMEA are widely known for functional safety purposes but there is a divergent use for the tools where we consider cybersecurity vulnerabilities specifically, instead of faults. The IEC 62443 series has become synonymous with Industrial Automation and Control Systems. However, inspiration is drawn from that series for this work because, drones, as much as any technological gadget in play recently, falls under a growing umbrella of quickly evolving devices, known as Internet of Things (IoT). These IoT devices can be principally considered as part of Industrial Automation and Control Systems. Results from the analysis are used to recommend security standards & requirements that can be applied in drone operation in GNSS-denied environments. The framework recommended in this research is consistent with IEC 62443-3-3, System security requirements and security levels and has the following categorization from IEC 62443-1-1, identification, and authentication control, use control, system integrity, data confidentiality, restricted data flow, timely response to events and resource availability. The recommended framework is applicable and relevant to military, private and commercial drone deployment because the framework can be adapted and further tweaked to suit the context which it is intended for. Application of this framework in drone operation in GNSS denied environment will greatly improve upon the cyber resilience of the drone network system

Context-Awareness Enhances 5G Multi-Access Edge Computing Reliability

The fifth generation (5G) mobile telecommunication network is expected to support Multi- Access Edge Computing (MEC), which intends to distribute computation tasks and services from the central cloud to the edge clouds. Towards ultra-responsive, ultra-reliable and ultra-low-latency MEC services, the current mobile network security architecture should enable a more decentralized approach for authentication and authorization processes. This paper proposes a novel decentralized authentication architecture that supports flexible and low-cost local authentication with the awareness of context information of network elements such as user equipment and virtual network functions. Based on a Markov model for backhaul link quality, as well as a random walk mobility model with mixed mobility classes and traffic scenarios, numerical simulations have demonstrated that the proposed approach is able to achieve a flexible balance between the network operating cost and the MEC reliability.Comment: Accepted by IEEE Access on Feb. 02, 201