19,876 research outputs found
A Decentralised Digital Identity Architecture
Current architectures to validate, certify, and manage identity are based on
centralised, top-down approaches that rely on trusted authorities and
third-party operators. We approach the problem of digital identity starting
from a human rights perspective, with a primary focus on identity systems in
the developed world. We assert that individual persons must be allowed to
manage their personal information in a multitude of different ways in different
contexts and that to do so, each individual must be able to create multiple
unrelated identities. Therefore, we first define a set of fundamental
constraints that digital identity systems must satisfy to preserve and promote
privacy as required for individual autonomy. With these constraints in mind, we
then propose a decentralised, standards-based approach, using a combination of
distributed ledger technology and thoughtful regulation, to facilitate
many-to-many relationships among providers of key services. Our proposal for
digital identity differs from others in its approach to trust in that we do not
seek to bind credentials to each other or to a mutually trusted authority to
achieve strong non-transferability. Because the system does not implicitly
encourage its users to maintain a single aggregated identity that can
potentially be constrained or reconstructed against their interests,
individuals and organisations are free to embrace the system and share in its
benefits.Comment: 30 pages, 10 figures, 3 table
Secure spontaneous emergency access to personal health record
We propose a system which enables access to the user's Personal Health Record (PHR) in the event of emergency. The
access typically occurs in an ad-hoc and spontaneous manner and the user is usually unconscious, hence rendering the
unavailability of the user's password to access the PHR. The
proposed system includes a smart card carried by the user
at all time and it is personalized with a pseudo secret, an
URL to the PHR Server, a secret key shared with the PHR
Server and a number of redemption tokens generated using
a hash chain. In each emergency session, a one-time use
redemption token is issued by the smart card, allowing the
emergency doctor to retrieve the user's PHR upon successful authentication of his credentials and validation of the
redemption token. The server returns the PHR encrypted
with a one-time session key which can only be decrypted by
the emergency doctor. The devised interaction protocol to
facilitate emergency access to the user's PHR is secure and
efficient
Security Implications of Fog Computing on the Internet of Things
Recently, the use of IoT devices and sensors has been rapidly increased which
also caused data generation (information and logs), bandwidth usage, and
related phenomena to be increased. To our best knowledge, a standard definition
for the integration of fog computing with IoT is emerging now. This integration
will bring many opportunities for the researchers, especially while building
cyber-security related solutions. In this study, we surveyed about the
integration of fog computing with IoT and its implications. Our goal was to
find out and emphasize problems, specifically security related problems that
arise with the employment of fog computing by IoT. According to our findings,
although this integration seems to be non-trivial and complicated, it has more
benefits than the implications.Comment: 5 pages, conference paper, to appear in Proceedings of the ICCE 2019,
IEEE 37th International Conference on Consumer Electronics (ICCE), Jan 11-
13, 2019, Las Vegas, NV, US
A Novel Framework for Software Defined Wireless Body Area Network
Software Defined Networking (SDN) has gained huge popularity in replacing
traditional network by offering flexible and dynamic network management. It has
drawn significant attention of the researchers from both academia and
industries. Particularly, incorporating SDN in Wireless Body Area Network
(WBAN) applications indicates promising benefits in terms of dealing with
challenges like traffic management, authentication, energy efficiency etc.
while enhancing administrative control. This paper presents a novel framework
for Software Defined WBAN (SDWBAN), which brings the concept of SDN technology
into WBAN applications. By decoupling the control plane from data plane and
having more programmatic control would assist to overcome the current lacking
and challenges of WBAN. Therefore, we provide a conceptual framework for SDWBAN
with packet flow model and a future direction of research pertaining to SDWBAN.Comment: Presented on 8th International Conference on Intelligent Systems,
Modelling and Simulatio
Streamlining governmental processes by putting citizens in control of their personal data
Governments typically store large amounts of personal information on their citizens, such as a home address, marital status, and occupation, to offer public services. Because governments consist of various governmental agencies, multiple copies of this data often exist. This raises concerns regarding data consistency, privacy, and access control, especially under recent legal frameworks such as GDPR. To solve these problems, and to give citizens true control over their data, we explore an approach using the decentralised Solid ecosystem, which enables citizens to maintain their data in personal data pods. We have applied this approach to two high-impact use cases, where citizen information is stored in personal data pods, and both public and private organisations are selectively granted access. Our findings indicate that Solid allows reshaping the relationship between citizens, their personal data, and the applications they use in the public and private sector. We strongly believe that the insights from this Flemish Solid Pilot can speed up the process for public administrations and private organisations that want to put the users in control of their data
Solutions and Tools for Secure Communication in Wireless Sensor Networks
Secure communication is considered a vital requirement in Wireless Sensor Network (WSN) applications. Such a requirement embraces different aspects, including confidentiality, integrity and authenticity of exchanged information, proper management of security material, and effective prevention and reaction against security threats and attacks. However, WSNs are mainly composed of resource-constrained devices. That is, network nodes feature reduced capabilities, especially in terms of memory storage, computing power, transmission rate, and energy availability.
As a consequence, assuring secure communication in WSNs results to be more difficult than in other kinds of network. In fact, trading effectiveness of adopted solutions with their efficiency becomes far more important. In addition, specific device classes or technologies may require to design ad hoc security solutions. Also, it is necessary to efficiently manage security material, and dynamically cope with changes of security requirements. Finally, security threats and countermeasures have to be carefully considered since from the network design phase.
This Ph.D. dissertion considers secure communication in WSNs, and provides the following contributions. First, we provide a performance evaluation of IEEE 802.15.4 security services. Then, we focus on the ZigBee technology and its security services, and propose possible solutions to some deficiencies and inefficiencies. Second, we present HISS, a highly scalable and efficient key management scheme, able to contrast collusion attacks while displaying a graceful degradation of performance. Third, we present STaR, a software component for WSNs that secures multiple traffic flows at the same time. It is transparent to the application, and provides runtime reconfigurability, thus coping with dynamic changes of security requirements. Finally, we describe ASF, our attack simulation framework for WSNs. Such a tool helps network designers to quantitatively evaluate effects of security attacks, produce an attack ranking based on their severity, and thus select the most appropriate countermeasures
- …