Formal Verification of Authentication and Service Authorization Protocols in 5G-Enabled Device-to-Device Communications Using ProVerif

Device-to-Device (D2D) communications will be used as an underlay technology in the Fifth Generation mobile network (5G), which will make network services of multiple Service Providers (SP) available anywhere. The end users will be allowed to access and share services using their User Equipments (UEs), and thus they will require seamless and secured connectivity. At the same time, Mobile Network Operators (MNOs) will use the UE to offload traffic and push contents closer to users relying on D2D communications network. This raises security concerns at different levels of the system architecture and highlights the need for robust authentication and authorization mechanisms to provide secure services access and sharing between D2D users. Therefore, this paper proposes a D2D level security solution that comprises two security protocols, namely, the D2D Service security (DDSec) and the D2D Attributes and Capability security (DDACap) protocols, to provide security for access, caching and sharing data in network-assisted and non-network-assisted D2D communications scenarios. The proposed solution applies Identity-based Encryption (IBE), Elliptic Curve Integrated Encryption Scheme (ECIES) and access control mechanisms for authentication and authorization procedures. We formally verified the proposed protocols using ProVerif and applied pi calculus. We also conducted a security analysis of the proposed protocols.

Download Full-text

DCSS Protocol for Data Caching and Sharing Security in a 5G Network

Network ◽

10.3390/network1020006 ◽

2021 ◽

Vol 1 (2) ◽

pp. 75-94

Author(s):

Ed Kamya Kiyemba Edris ◽

Mahdi Aiash ◽

Jonathan Loo

Keyword(s):

Mobile Networks ◽

Service Providers ◽

Security Analysis ◽

Mobile Network ◽

End Users ◽

Third Party ◽

Control Mechanisms ◽

Security Measures ◽

Data Caching ◽

Pi Calculus

Fifth Generation mobile networks (5G) promise to make network services provided by various Service Providers (SP) such as Mobile Network Operators (MNOs) and third-party SPs accessible from anywhere by the end-users through their User Equipment (UE). These services will be pushed closer to the edge for quick, seamless, and secure access. After being granted access to a service, the end-user will be able to cache and share data with other users. However, security measures should be in place for SP not only to secure the provisioning and access of those services but also, should be able to restrict what the end-users can do with the accessed data in or out of coverage. This can be facilitated by federated service authorization and access control mechanisms that restrict the caching and sharing of data accessed by the UE in different security domains. In this paper, we propose a Data Caching and Sharing Security (DCSS) protocol that leverages federated authorization to provide secure caching and sharing of data from multiple SPs in multiple security domains. We formally verify the proposed DCSS protocol using ProVerif and applied pi-calculus. Furthermore, a comprehensive security analysis of the security properties of the proposed DCSS protocol is conducted.

Download Full-text

Connectivity Analysis of Millimeter-Wave Device-to-Device Networks with Blockage

International Journal of Antennas and Propagation ◽

10.1155/2016/7939671 ◽

2016 ◽

Vol 2016 ◽

pp. 1-9 ◽

Cited By ~ 10

Author(s):

Haejoon Jung ◽

In-Ho Lee

Keyword(s):

Millimeter Wave ◽

Antenna Arrays ◽

Network Size ◽

Wireless Devices ◽

D2d Communications ◽

High Data ◽

Fifth Generation ◽

Wave Channel ◽

Device To Device ◽

Fully Connected

We consider device-to-device (D2D) communications in millimeter-wave (mm Wave) for the future fifth generation (5G) cellular networks. While the mm Wave systems can support multiple D2D pairs simultaneously through beamforming with highly directional antenna arrays, the mm Wave channel is significantly more susceptible to blockage compared to microwave; mm Wave channel studies indicate that if line-of-sight (LoS) paths are blocked, reliable mm Wave communications may not be achieved for high data-rate applications. Therefore, assuming that an outage occurs in the absence of the LoS path between two wireless devices by obstructions, we focus on connectivity of the mm Wave D2D networks. We consider two types of D2D communications: direct and indirect schemes. The connectivity performances of the two schemes are investigated in terms of (i) the probability to achieve a fully connected network PFC and (ii) the average number of reliably connected devices γ. Through analysis and simulation, we show that, as the network size increases, PFC and γ decrease. Also, PFC and γ decrease, when the blockage parameter increases. Moreover, simulation results indicate that the hybrid direct and indirect scheme can improve both PFC and γ up to about 35% compared to the nonhybrid scheme.

Download Full-text

Improved ECC-Based Three-Factor Multiserver Authentication Scheme

Security and Communication Networks ◽

10.1155/2021/6627956 ◽

2021 ◽

Vol 2021 ◽

pp. 1-14 ◽

Cited By ~ 2

Author(s):

Tsu-Yang Wu ◽

Lei Yang ◽

Zhiyuan Lee ◽

Chien-Ming Chen ◽

Jeng-Shyang Pan ◽

...

Keyword(s):

Personal Information ◽

Security Analysis ◽

Mobile Network ◽

Authentication Scheme ◽

Ban Logic ◽

Network Services ◽

Single Server ◽

Information And Communication ◽

And Performance ◽

Three Factor

A multiserver environment can improve the efficiency of mobile network services more effectively than a single server in managing the increase in users. Because of the large number of users, the security of users’ personal information and communication information is more important in a multiserver environment. Recently, Wang et al. proposed a multiserver authentication scheme based on biometrics and proved the security of their scheme. However, we first demonstrate that their scheme is insecure against a known session-specific temporary information attacks, user impersonation attacks, and server impersonation attacks. To solve the security weakness, we propose an improved scheme based on Wang et al.’s scheme. The security of our improved scheme is also validated based on the formal security analysis, Burrows–Abadi–Needham (BAN) logic, ProVerif, and informal security analysis. Security and performance comparisons prove the security and efficiency of our scheme.

Download Full-text

VaultPoint: A Blockchain-Based SSI Model that Complies with OAuth 2.0

Electronics ◽

10.3390/electronics9081231 ◽

2020 ◽

Vol 9 (8) ◽

pp. 1231

Author(s):

Seongho Hong ◽

Heeyoul Kim

Keyword(s):

User Experience ◽

Identity Management ◽

Service Providers ◽

Security Analysis ◽

Network Environment ◽

Blockchain Technology ◽

Proposed Model ◽

Authentication And Authorization ◽

And Control

An identity management including authentication and authorization in a network environment is a critical security factor. Various models for identity management have been developed continually, from the silo model to the federated model and to the recently introduced self-sovereign identity (SSI) model. In particular, SSI makes users manage their own information by themselves independently of any organizations. SSI utilizes the newly emerged blockchain technology and many studies of it are in progress. However, SSI has not had wide public use because of its low compatibility and inconvenience. This is because it involves an unfamiliar user experience and an immature process. To solve this problem, this paper proposes a new blockchain-based SSI model that complies with the popular and mature standard of OAuth 2.0. Using blockchain, the proposed model secures users’ data sovereignty where users can use and control their own information in a decentralized manner, instead of depending on a specific monopolistic service-providers. Users and clients who are familiar with the existing OAuth can easily accept the proposed model and apply it, which makes both usability and scalability of the model excellent. This paper confirmed the feasibility of the proposed model by implementing it and a security analysis was performed. The proposed model is expected to contribute to the expansion of both blockchain technology and SSI.

Download Full-text

Locally differentially private continuous location sharing with randomized response

International Journal of Distributed Sensor Networks ◽

10.1177/1550147719870379 ◽

2019 ◽

Vol 15 (8) ◽

pp. 155014771987037 ◽

Cited By ~ 2

Author(s):

Xingxing Xiong ◽

Shubo Liu ◽

Dan Li ◽

Jun Wang ◽

Xiaoguang Niu

Keyword(s):

Location Privacy ◽

Differential Privacy ◽

Service Providers ◽

Mobile Network ◽

Temporal Correlation ◽

Location Information ◽

Continuous Location ◽

Randomized Response ◽

Fifth Generation ◽

Location Sharing

With the growing popularity of fifth-generation-enabled Internet of Things devices with localization capabilities, as well as on-building fifth-generation mobile network, location privacy has been giving rise to more frequent and extensive privacy concerns. To continuously enjoy services of location-based applications, one needs to share his or her location information to the corresponding service providers. However, these continuously shared location information will give rise to significant privacy issues due to the temporal correlation between locations. In order to solve this, we consider applying practical local differential privacy to private continuous location sharing. First, we introduce a novel definition of [Formula: see text]-local differential privacy to capture the temporal correlations between locations. Second, we present a generalized randomized response mechanism to achieve [Formula: see text]-local differential privacy for location privacy preservation, which obtains the upper bound of error, and serve it as the basic building block to design a unified private continuous location sharing framework with an untrusted server. Finally, we conduct experiments on the real-world Geolife dataset to evaluate our framework. The results show that generalized randomized response significantly outperforms planar isotropic mechanism in the context of utility.

Download Full-text

Investigating Network Services Abstraction in 5G Enabled Device-to-Device (D2D) Communications

2019 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI) ◽

10.1109/smartworld-uic-atc-scalcom-iop-sci.2019.00296 ◽

2019 ◽

Cited By ~ 2

Author(s):

Ed Kamya Kiyemba Edris ◽

Mahdi Aiash ◽

Jonathan Loo

Keyword(s):

Network Services ◽

D2d Communications ◽

Device To Device

Download Full-text

5G: ARCHITECTURE OVERVIEW AND DEPLOYMENTS SCENARIOS

ISPRS - International Archives of the Photogrammetry, Remote Sensing and Spatial Information Sciences ◽

10.5194/isprs-archives-xliv-4-w3-2020-435-2020 ◽

2020 ◽

Vol XLIV-4/W3-2020 ◽

pp. 435-440

Author(s):

I. Zaame ◽

T. Mazri ◽

A. Elrhayour

Keyword(s):

Internet Access ◽

Mobile Network ◽

Mobile Technologies ◽

Network Services ◽

Growing Up ◽

Key Technology ◽

Fifth Generation ◽

5G Network ◽

High Level ◽

Whole Word

Abstract. Due to the exclusory, growth in the number of connected devices- predicted 50 billion connected devices in 2020 (Gary Davis, 2020) that demand internet access, an upgraded network is required. The fifth generation is the newest mobile network replacing the 4G technology. Deployed from 2020 in many countries, 5G will provide revolutionary innovations in mobile technologies that will reach various high-level goals to the costumers as well as Companies .To benefit from 5G network services, the whole word is growing up rapidly towards the 5G by developing a clear perspective to include the main challenges, opportunities and key technology components. In this paper, an attempt has been made to provide an overview about the evolution of mobile generations from 1G to 5G by comparing the challenges and features that have evolved from each generation, describe the various scenario of 5G deployment, and discuss the best choice Implementation of 5G NR.

Download Full-text

Random-Access Accelerator (RAA): A Framework to Speed Up the Random-Access Procedure in 5G New Radio for IoT mMTC by Enabling Device-To-Device Communications

Sensors ◽

10.3390/s20195485 ◽

2020 ◽

Vol 20 (19) ◽

pp. 5485

Author(s):

Abel Rodriguez Medel ◽

Jose Marcos C. Brito

Keyword(s):

Mobile Networks ◽

Random Access ◽

Network Access ◽

D2d Communications ◽

Fifth Generation ◽

New Radio ◽

Device To Device ◽

Speed Up ◽

Iot Devices ◽

Gain Access

Mobile networks have a great challenge by serving the expected billions of Internet of Things (IoT) devices in the upcoming years. Due to the limited simultaneous access in the mobile networks, the devices should compete between each other for resource allocation during a Random-Access procedure. This contention provokes a non-depreciable delay during the device’s registration because of the great number of collisions experienced. To overcome such a problem, a framework called Random-Access Accelerator (RAA) is proposed in this work, in order to speed up network access in massive Machine Type Communication (mMTC). RAA exploits Device-To-Device (D2D) communications, where devices with already assigned resources act like relays for the rest of devices trying to gain access in the network. The simulation results show an acceleration in the registration procedure of 99%, and a freed space of the allocated spectrum until 74% in comparison with the conventional Random-Access procedure. Besides, it preserves the same device’s energy consumption compared with legacy networks by using a custom version of Bluetooth as a wireless technology for D2D communications. The proposed framework can be taken into account for the standardization of mMTC in Fifth-Generation-New Radio (5G NR).

Download Full-text

5G Mobile Services and Scenarios: Challenges and Solutions

Sustainability ◽

10.3390/su10103626 ◽

2018 ◽

Vol 10 (10) ◽

pp. 3626 ◽

Cited By ~ 18

Author(s):

Yousaf Zikria ◽

Sung Kim ◽

Muhammad Afzal ◽

Haoxiang Wang ◽

Mubashir Rehmani

Keyword(s):

Mobile Network ◽

Future Internet ◽

Autonomous Driving ◽

Mobile Services ◽

Data Traffic ◽

Fifth Generation ◽

Wide Range ◽

Industrial Iot ◽

5G Network ◽

Massive Number

The Fifth generation (5G) network is projected to support large amount of data traffic and massive number of wireless connections. Different data traffic has different Quality of Service (QoS) requirements. 5G mobile network aims to address the limitations of previous cellular standards (i.e., 2G/3G/4G) and be a prospective key enabler for future Internet of Things (IoT). 5G networks support a wide range of applications such as smart home, autonomous driving, drone operations, health and mission critical applications, Industrial IoT (IIoT), and entertainment and multimedia. Based on end users’ experience, several 5G services are categorized into immersive 5G services, intelligent 5G services, omnipresent 5G services, autonomous 5G services, and public 5G services. In this paper, we present a brief overview of 5G technical scenarios. We then provide a brief overview of accepted papers in our Special Issue on 5G mobile services and scenarios. Finally, we conclude this paper.

Download Full-text

Image-Based Automatic Watermeter Reading under Challenging Environments

Sensors ◽

10.3390/s21020434 ◽

2021 ◽

Vol 21 (2) ◽

pp. 434

Author(s):

Qingqi Hong ◽

Yiwei Ding ◽

Jinpeng Lin ◽

Meihong Wang ◽

Qingyang Wei ◽

...

Keyword(s):

Smart Cities ◽

Rapid Development ◽

Mobile Network ◽

Spatial Layout ◽

Single Image ◽

Automatic Instrument ◽

Intelligent Sensors ◽

Fifth Generation ◽

Instrument Reading ◽

Network Technologies

With the rapid development of artificial intelligence and fifth-generation mobile network technologies, automatic instrument reading has become an increasingly important topic for intelligent sensors in smart cities. We propose a full pipeline to automatically read watermeters based on a single image, using deep learning methods to provide new technical support for an intelligent water meter reading. To handle the various challenging environments where watermeters reside, our pipeline disentangled the task into individual subtasks based on the structures of typical watermeters. These subtasks include component localization, orientation alignment, spatial layout guidance reading, and regression-based pointer reading. The devised algorithms for orientation alignment and spatial layout guidance are tailored to improve the robustness of our neural network. We also collect images of watermeters in real scenes and build a dataset for training and evaluation. Experimental results demonstrate the effectiveness of the proposed method even under challenging environments with varying lighting, occlusions, and different orientations. Thanks to the lightweight algorithms adopted in our pipeline, the system can be easily deployed and fully automated.

Download Full-text