Secure Billing for Ubiquitous Service Delivery

Abstract. This work presents a secure interaction framework for establishing ad-hoc billing paths between untrusted players in a global telecommunications network. User authentication is supported through the introduction of a Billing provider, responsible for identifying users and acting as a proxy financial entity to visited service providers. Authentication, Integrity, Validity and non-repudiation issues are addressed, along with the processes involved

A System to Support Active Telecommunications Services

Abstract. In this paper, a telecommunications service configuration management issue is addressed, and an active service model is proposed. Like in active networks where incorporating programmability into the network and manipulating transport system's behavior are targeted, the active service model is intended to extend or adapt service behavior (functionality) at runtime by injecting custom-made code into a service software component system. The primary goal of active services is to allow users to customize plain services according to their personal needs and preferences. We believe active services stand as the ultimate level of customization: users are able to enhance service functionality dynamically and on their own initiative, thus becoming actors and no longer spectators (passive consumers). For the implementation part, the proposed active service model is based on the mobile agent technolog

A System to Support Active Telecomunications Services

. In this paper, a telecommunications service configuration management issue is addressed, and an active service model is proposed. Like in active networks where incorporating programmability into the network and manipulating transport system's behavior are targeted, the active service model is intended to extend or adapt service behavior (functionality) at runtime by injecting custom-made code into a service software component system. The primary goal of active services is to allow users to customize plain services according to their personal needs and preferences. We believe active services stand as the ultimate level of customization: users are able to enhance service functionality dynamically and on their own initiative, thus becoming actors and no longer spectators (passive consumers). For the implementation part, the proposed active service model is based on the mobile agent technology product ObjectSpace Voyager. We give the design details of the suggested system. Keywords: tele..

Generic Information Architecture for Service Management

. To meet customers' demands for high-quality telecommunications and multimedia services and to guarantee service performance in a highly competitive environment, an efficient service management should be performed. The very first step for designing service management tools is identifying the information to be handled. This paper proposes a generic object-oriented informational architecture which is split into two sublayers, one dealing with the abstract communication flows, and another one with a range of service members, additional objects, and diverse relationships between them. A primary care is given to the definition of various types of parties participating in a service session, service contract management, accounting related objects and service charges' calculation process. The standards-based Systems Management Functions (SMFs) have been integrated into our service information model allowing us to benefit from the predefined support services. Keywords: service, service managem..

Secure Billing For Ubiquitous Service Delivery

This document explores the financial system for automatically negotiated service level agreements. Focus is placed on billing and a solution is proposed based on autonomous, negotiating agents. Security, non-repudiation and authentication issues are addressed, along with the role of speculation and aggregation and within the system

5G-ENSURE - D3.2 5G-PPP security enablers open specifications (v1.0)

This document describes the open specifications of 5G Security enablers planned to compose the first software release (i.e. v1.0) of 5G-ENSURE Project due in September 2016 (M11). The enablers’ open specifications are presented per security areas in scope of the project, namely: Authentication, Authorization and Accounting (AAA), Privacy, Trust, Security Monitoring, and Network management & virtualisation isolation. For each of these categories the open specifications of all enablers planned in the project's Technical Roadmap for v1.0 and having features for v1.0 are detailed following the same template. Overall, this deliverable paves the way towards the development and demonstration of the first set of 5G-ENSURE security enablers as planned for v1.0 in the project's Technical Roadmap (i.e. D3.1). It is also a valuable input to both works on the 5G Security architecture and 5G Security testbed, since it provides the details regarding security enablers necessary in order to understand their mapping to 5G security architectural components, as well as their integration, testing, demonstration, and assessment on the 5G security testbe

5G-ENSURE - D3.1 5G-PPP security enablers technical roadmap (early vision)

This document provides an early vision (at M4) of the 5G security and privacy enablers proposed by the 5G-ENSURE project, and that are planned to be developed through two major releases: v1.0 (R1) due at M11/Sep’16 and v2.0 (R2) due at M22/Aug’17. It details the Technical Roadmap for v1.0 (R1) in terms of enablers in scope and their features, while providing insights for v2.0 (R2) enablers that will be fully detailed in an update of this deliverable (D3.5 due at M13/Nov’16) taking account of the progress and achievements made by that time. Enablers envisioned are here presented organized in categories, which represent major security areas recognized as topmost priorities for 5G-PPP & 5G Security: Authentication, Authorization and Accountability (AAA); Privacy; Trust; Security Monitoring and Network management & virtualization isolation. They are also presented following a common template covering each of the following key aspects: product vision, technology area, security aspects, security challenges, technical roadmap for first release vs. next release.In the AAA category the main focus is on 5G users’ authentication, authorization and accounting, but the contribution of the AAA enablers goes beyond the incremental improvements to security that one would expect in a next-generation network. The evolving 5G network will support an unpredictable number of devices due to the boom of Internet of Things (IoT), whose security these enablers will aim to address. Moreover, the enablers target to integrate authentication and authorization functions between satellite and terrestrial systems.The main objective of the 5G-Ensure Privacy enablers is to identify in advance 5G user privacy requirements and to provide security mechanisms able to prevent privacy violations by adopting a proactive, privacy-by-design approach. For each 5G use case, the privacy mitigation technology (e.g., anonymity by using temporary identity, access control mechanisms, new encryption system and procedures, etc.) was also investigated so as to satisfy privacy requirements. The privacy enablers aim to enhance user data protection by proposing solutions at several layers: at the network layer, as well as application layer, i.e., privacy as a service.The Trust category will provide trust models which will address the complex relationships between the many actors in 5G networks including the machine-to-machine interactions characterising the next generation networks. The trust model needs to address the different aspects of trust, between automated systems (M2Mt), between human stakeholders holding responsibilities for different parts of 5G networks, between user and network operators and between users of the network (U2Ut), trust that a human stakeholder has towards a system (U2Mt), that an automated system (machine) has in users that it interacts with.5G-ENSURE project also aims at providing new innovative solutions ensuring the highest level of security and resilience in 5G network. Mobile networks will dramatically evolve with the fifth generation of networks compared to 3/4G, in particular with new concepts and technologies such Internet of Things, infrastructure virtualization (SDN, NFV), network resource sharing, new access interfaces, dynamic network topologies, slicing and so forth. These technologies introduce new security and resilience and provide new opportunities to implement extensive and accurate security solutions. Thus, new innovative approaches to predict and counter these challenges will be considered by the category devoted to Monitoring the 5G security

5G-ENSURE D2.4: Security Architecture (draft)

This deliverable (D2.4) of the 5G-ENSURE project describes a draft security architecture for 5G networks. The focus lies on a logical and functional architecture and omits (most) aspects related to physical/deployment architecture. This focus is motivated by general trends such as network de-perimetrization as well as 5G systems’ strong dependency on software defined networking and virtualization in general. Furthermore, this focus has reduced the otherwise strong interdependency between this architecture task and the trust modelling and risk analysis tasks in 5G-ENSURE. Still, each of these three tasks have at the time of writing produced initial draft documents, which will then be re-used in a second iteration of all three tasks, producing updated, final versions

5G-ENSURE D2.4: Security Architecture (draft)

This deliverable (D2.4) of the 5G-ENSURE project describes a draft security architecture for 5G networks. The focus lies on a logical and functional architecture and omits (most) aspects related to physical/deployment architecture. This focus is motivated by general trends such as network de-perimetrization as well as 5G systems’ strong dependency on software defined networking and virtualization in general. Furthermore, this focus has reduced the otherwise strong interdependency between this architecture task and the trust modelling and risk analysis tasks in 5G-ENSURE. Still, each of these three tasks have at the time of writing produced initial draft documents, which will then be re-used in a second iteration of all three tasks, producing updated, final versions