Abstract: Every physical datacenter is located somewhere on the globe. It is subject to the
local legislation, including data protection related laws. A cloud service can
be delivered from a set of datacenters in several locations. Responsibilities
of the service provider include ensuring that legal and agreed constraints
are respected also by its subcontractors, for example, those providing cloud
computing resources. Several countries have data protection legislation that
restrict sharing copies of sensitive data to locations that do not have compliant
legislation. This paper presents ideas to dependably detect location specific
information, like the legislation properties, of the current physical host server
executing a service.
Keywords: Datacenter design, Trusted cloud geolocation, Data sovereignty,
Privacy, Confidentiality, Data integrity, Data protection.
Abstract: As we can see, most mobile operators defend their SS7 perimeter by reconfiguring
network equipment and implementing SMS Home Routing solutions.
This is the right way to withstand basic SS7 attacks, but it is not enough
to protect the network. Our research and security audit practice proves that
there are possibilities to perform SS7 attacks that bypass this kind of security
mechanisms. Moreover, real attacks tend to be more stealthy and difficult to
detect at an early stage. That is why we reckon mobile operators should engage
continuous security monitoring of external SS7 connections supported by upto-
date vulnerability base. In this talk, I will describe the most interesting
attacks on SS7 networks that have never been published before.
Keywords: SS7, Security, Location tracking, SMS interception.
Abstract: In this paper we share our experience in conducting security audits for several
different mobile network operators and discuss the difficulties encountered
in the process. We also describe successful attacks performed by us on
Diameter equipment in these environments. Some of these attacks have not
been published previously.
Keywords: Diameter, Security, 4G.
Abstract: Subscription privacy of a user has been a historical concern with all the
previous generation mobile networks, namely, GSM, UMTS, and LTE. While
a little improvement have been achieved in securing the privacy of the
long-term identity of a subscriber, the so called IMSI catchers are still in
existence even in the LTE and advanced LTE networks. Proposals have been
published to tackle this problem in 5G based on pseudonyms, and different
public-key technologies. This paper looks into the problem of concealing
long-term identity of a subscriber and presents a protocol based on identity
based encryption (IBE) to tackle it. The proposed solution can be extended
to a mutual authentication and key agreement protocol between a serving
network (SN) and a user equipment (UE). We name the protocol PEFMA
(privacy enhanced fast mutual authentication). The SN does not need to
connect with the home network (HN) on every PEFMA run. In PEFMA,
both the user equipment (UE) and the SN has public keys. A UE sends
the IMSI after encrypting it using the SN’s public key. Since both the UE
and SN have public keys, PEFMA can run without contacting the HN.
A qualitative comparison of different techniques show that our solution is
Keywords: competitive for securing the long-term identity privacy of a user in the
5G network.
Abstract: Intelligent transportation systems are on their way toward wide deployment. Vehicle to everything (V2X) communication, as an enabler for safer and more convenient transportation, has attracted growing attention from industry and academia. However, security and privacy concerns of such communication must be addressed before it can be widely adopted. In this paper we analyze the security and privacy requirements of V2X communication. Specifically, we focus on lawful identity resolution (i.e., de-anonymization) in V2X communication, and consider recent regulatory changes in this area. Based on this, we define an expanded set of technical requirements for identity resolution in V2X communication. We then propose a solution for the problem statement where the involved parties may be dishonest but not colluding.
Keywords: De-anonymization, Auditability, V2X, Security Credential
Management System (SCMS).
Cybersecurity Business Models
for IoT-Mobile Device Management Services
in Futures Digital Hospitals doi: https://doi.org/10.13052/jicts2245-800X.516
Julius Francis Gomes1, Marika Iivari1, Petri Ahokangas1,
Lauri Isotalo2 and Riikka Niemelä3
1Martti Ahtisaari Institute of Global Business & Economics,
Oulu Business School, University of Oulu, Finland
2Elisa Corporation, Finland
3MedicalMountains AG, Tuttlingen, Germany
Abstract: [+] | Download File [ 1104KB ] | Read Article Online
Abstract: Hospitals as critical infrastructures has been historically dependent on various
types of devices and equipment that are being revolutionized with digitalized
solutions. The digitalization of conventional healthcare equipment is added
with the new inclusion of numerous new devices for data collection, analysis,
communication, and so on. All in all, the futures digital hospitals in 5G will
be exponentially more data-dependent and digital-intensive. For that, this
paper looks to theorize how the security scenario in a futures digital hospital
would look like, and what relevant business possibilities could emerge for
cybersecurity providers in the healthcare context. In this paper, we open up
discussions on business possibilities relevant to Internet of Things-mobile
device management for critical infrastructures such as future digital hospital.
We apply business models as a conceptual lens to analyze how cybersecurity
business could evolve for 5G enabled IoT-Mobile device management
providers as a cybersecurity vendor.
Keywords: Internet of Things, Mobile Device Management, Business
Model, Digital Hospital, 5G Security, Cybersecurity.
