Challenges of Multi-Factor Authentication for Securing Advanced IoT (A-IoT) Applications

The unprecedented proliferation of smart devices together with novel communication, computing, and control technologies have paved the way for the Advanced Internet of Things~(A-IoT). This development involves new categories of capable devices, such as high-end wearables, smart vehicles, and consumer drones aiming to enable efficient and collaborative utilization within the Smart City paradigm. While massive deployments of these objects may enrich people's lives, unauthorized access to the said equipment is potentially dangerous. Hence, highly-secure human authentication mechanisms have to be designed. At the same time, human beings desire comfortable interaction with their owned devices on a daily basis, thus demanding the authentication procedures to be seamless and user-friendly, mindful of the contemporary urban dynamics. In response to these unique challenges, this work advocates for the adoption of multi-factor authentication for A-IoT, such that multiple heterogeneous methods - both well-established and emerging - are combined intelligently to grant or deny access reliably. We thus discuss the pros and cons of various solutions as well as introduce tools to combine the authentication factors, with an emphasis on challenging Smart City environments. We finally outline the open questions to shape future research efforts in this emerging field.Comment: 7 pages, 4 figures, 2 tables. The work has been accepted for publication in IEEE Network, 2019. Copyright may be transferred without notice, after which this version may no longer be accessibl

Research Priorities for Robust and Beneficial Artificial Intelligence

Success in the quest for artificial intelligence has the potential to bring unprecedented benefits to humanity, and it is therefore worthwhile to investigate how to maximize these benefits while avoiding potential pitfalls. This article gives numerous examples (which should by no means be construed as an exhaustive list) of such worthwhile research aimed at ensuring that AI remains robust and beneficial.Comment: This article gives examples of the type of research advocated by the open letter for robust & beneficial AI at http://futureoflife.org/ai-open-lette

Trust Evaluation for Embedded Systems Security research challenges identified from an incident network scenario

This paper is about trust establishment and trust evaluations techniques. A short background about trust, trusted computing and security in embedded systems is given. An analysis has been done of an incident network scenario with roaming users and a set of basic security needs has been identified. These needs have been used to derive security requirements for devices and systems, supporting the considered scenario. Using the requirements, a list of major security challenges for future research regarding trust establishment in dynamic networks have been collected and elaboration on some different approaches for future research has been done.This work was supported by the Knowledge foundation and RISE within the ARIES project

Cross-layer Approach for Designing Resilient (Sociotechnical, Cyber-Physical, Software-intensive and Systems of) Systems

Our society’s critical infrastructures are sociotechnical cyber-physical systems (CPS) increasingly using open networks for operation. The vulnerabilities of the software deployed in the new control system infrastructure will expose the control system to many potential risks and threats from attackers. This paper starts to develop an information systems design theory for resilient software-intensive systems (DT4RS) so that communities developing and operating different security technologies can share knowledge and best practices using a common frame of reference. By a sound design theory, the outputs of these communities will combine to create more resilient systems, with fewer vulnerabilities and an improved stakeholder sense of security and welfare. The main element of DT4RS is a multi-layered reference architecture of the human, software (cyber) and platform (physical) layers of a cyber-physical system. The layered architecture can facilitate the understanding of the cross-layer interactions between the layers. Cyber security properties are leveraged to help analyzing the interactions between these layers

Measurement and reporting of climate-smart agriculture: technical guidance for a countrycentric process

Given the extent of climate-smart agriculture (CSA) initiatives at project, national, regional and global levels, there is increasing interest in tracking progress in implementing CSA at national level. CSA is also expected to contribute to higher-level goals (e.g., the Paris Agreement, Africa Union’s Vision 25x25, and the Sustainable Development Goals [SDGs], etc.). Measurement and reporting of climate-smart agriculture (MR of CSA) provides intelligence on necessary the status, effectiveness, efficiency and impacts of interventions, which is critical for meeting stakeholders’ diverse management and reporting needs. In this paper, we build the case for a stakeholder-driven, country-centric framework for MR of CSA, which aims to increase coordination and coherence across stakeholders’ MR activities, while also aligning national reporting with reporting on international commitments. We present practical guidance on how to develop an integrated MR framework, drawing on findings from a multi-country assessment of needs, opportunities and capacities for national MR of CSA. The content of a unified MR framework is determined by stakeholders’ activities (how they promote CSA), needs (why MR is useful to them) and current capacities to conduct periodic monitoring, evaluation and reporting (how ready are institutions, staff and finances). Our analysis found that explicit demand for integration of data systems and active engagement of stakeholders throughout the entire process are key ingredients for building a MR system that is relevant, useful and acted upon. Based on these lessons, we identify a seven-step framework for stakeholders to develop a comprehensive information system for MR of progress in implementing CSA