To ensure traffic safety and proper operation of vehicular networks, safety messages or beacons are periodically broadcasted in Vehicular Adhoc Networks (VANETs) to neighboring nodes and road side units (RSU). Thus, authenticity and integrity of received messages along with the trust in source nodes is crucial and highly required in applications where a failure can result in life-threatening situations. Several digital signature based approaches have been described in literature to achieve the authenticity of these messages. In these schemes, scenarios having high level of vehicle density are handled by RSU where aggregated signature verification is done. However, most of these schemes are centralized and PKI based where our goal is to develop a decentralized dynamic system. Along with authenticity and integrity, trust management plays an important role in VANETs which enables ways for secure and verified communication. A number of trust management models have been proposed but it is still an ongoing matter of interest, similarly authentication which is a vital security service to have during communication is not mostly present in the literature work related to trust management systems. This paper proposes a secure and publicly verifiable communication scheme for VANET which achieves source authentication, message authentication, non repudiation, integrity and public verifiability. All of these are achieved through digital signatures, Hash Message Authentication Code (HMAC) technique and logging mechanism which is aided by blockchain technology.
The Rekovind2 project, financed by the Swedish Energy Agency, focuses on digitizing wind turbine blade streams for reuse and recycling. This is of the utmost importance to enable new, more circular technical solutions that can replace today’s non-sustainable recycling, i.e. landfill and incineration of wind turbine blades. In this report, the work carried out to map the wind turbine blades in service in Sweden is presented. The digital platform intended to make possible the re-use of blades reaching end-of-life is build around key features that will be required for re-use: blade database with all needed informations on the blade (age, damages, material, model, ...), map with blades geolocation, digital tool to help blade processing such as cutting, and information on what can be done with EoL blades.
To overcome the latency issue in real-time communication, a number of research based solutions and architectures are being proposed. In all these, security is not considered an important factor since it causes extra delay in the communication and introduces overhead. Therefore, a design decision is needed to assess tradeoff between efficiency and security mechanisms. In this respect, we designed a security approach in Software Defined Networks (SDN) based Vehicular Autonomous Ad hoc Network (VANET) where low latency and security are essential elements. VNAET provides a system of systems approach where various hybrid solutions are integrated and installed on number of network nodes managed by SDN. In such networks, our novel approach exchanges security context in a synchronized manner to serve as a baseline for network nodes to dynamically adopt security features as per security requirements of these nodes. Hence, various security contexts are designed and categorized based on the nature of information exchange between nodes, mainly, to offer authentication, secure and trustworthy communication services. These well-designed security contexts enable devices of different capabilities to securely communicate by using predefined security parameters and cryptographic functions. This eliminates the need to negotiate any secure communication parameters and hence results in less communication overhead. In addition, our approach is integrated with verifiable identities (Veidblock) concept which addresses privacy issues through anonymity. These security contexts are verified by using scyther by demonstrating that the trustworthiness is achieved by countering non-repudiation, impersonation, tampering, eavesdropping and replay attacks.
Traffic safety applications and other communication systems for vehicles together with data collection sensors have the potential to improve road safety. For this to be viable however, it is important that the data collection and communication can be trusted so that erroneous or malicious data does not impact the use cases of the applications. This paper studies current and upcoming solutions to such problems and how they can be modified and applied to meet both technical requirements as well as the needs of relevant stakeholders. The paper defines the TruVeLedger framework using technology from the fields of distributed ledgers and vehicular ad hoc networks (VANETs) to create a trusted platform. The paper considers the viability of different approaches to such a platform as well as defining a verifiable trusted communication protocol for vehicular networks.
Intent-based Software-Defined Networking can automate mapping of customer services to transport services. We demonstrate this using a multi-layer orchestrator that provisions a complex customer service over an IP/Optical testbed.
The demonstration presents the first implementation of a resource negotiation scheme between users and a network for the provisioning of application-aware connectivity services. This active interaction enables the users, who request connectivity services with multiple application requirements, to select an alternative solution when the network does not have enough resources to satisfy the original requests.
Life-cycle management of stateful VNF services is a complicated task, especially when automated resiliency and scaling should be handled in a secure manner, without service degradation. We present FlowSNAC, a resilient and scalable VNF service for user authentication and service deployment. FlowSNAC consists of both stateful and stateless components, some of that are SDN-based and others that are NFVs. We describe how it adapts to changing conditions by automatically updating resource allocations through a series of intermediate steps of traffic steering, resource allocation, and secure state transfer. We conclude by highlighting some of the lessons learned during implementation, and their wider consequences for the architecture of SDN/NFV management and orchestration systems.
Smart city digital twins can provide useful insights by making effective use of multidisciplinary urban data from diverse sources. Whilst these insights provide new information that helps cities in decision making, verifying the authenticity, integrity, traceability and data ownership across various functional units have become critical characteristics to ensure the data is from an authentic and trustworthy source. However, these characteristics are rarely considered in a digital twin ecosystem. In this research we introduce a novel framework, namely, 'SIGNED: Smart cIty diGital twiN vErifiable Data framework' that is designed on the basis of data ownership, selective disclosure and verifiability principles. Using Verifiable Credentials, SIGNED ensures digital twin data are verifiably authentic i.e., it covers provenance, transparency, and reliability through verifiable presentation. A proof of concept is designed and evaluated based on a smart water management use case to demonstrate the effectiveness of SIGNED in securing verifiable exchange of digital twin data across multiple functional units. The proof-of-concept demonstrates that SIGNED successfully allows the exchange of data in a trusted and verifiable manner at negligible performance cost, thus enhancing security and alleviating privacy issues when sharing data between various functional units in a smart city.
Application-centric networking is a novel approach to construct transport networks that allows application-specific requirements to be taken into account through the entire service provisioning process: the service offered to each application is differentiated at each layer of the transport network, from IP to optical. This approach replaces the grooming of traffic with different requirements into a shared path in the transport layer, and allows for a finer control and utilization of network resources by network operators. To make this concept viable, an interface for requesting a connectivity service by applications requires an abstraction with respect to the various underlying network technologies. Interfaces based on the concept of Intents provide such an abstraction: applications can describe what they need from the network (their requirements) rather than how to achieve them. This paper describes the design and implementation of the solution we propose: DISMI, the Intent-based North-Bound Interface of a network controller.