Abstract
In order to secure wireless communications, we consider the usage of physical-layer security (PLS) mechanisms (i.e. coding for secrecy mechanisms) combined with self-interference generation. We present a prototype implementation of a scrambled coding for secrecy mechanism with interference generation by the legitimate receiver and the cancellation of the effect of self-interference (SI). Regarding the SI cancellation, two algorithms were evaluated: least mean square and recursive least squares. The prototype implementation is performed in real-world software-defined radio (SDR) devices using GNU-Radio. © 2020 IEEE.

Abstract
Device identity management and authentication are one of the critical and primary security challenges in IoT. In order to decrease the IoT attack surface and provide protection from security threats such as introduction of fake IoT nodes and identity theft, IoT requires scalable device identity management systems and resilient device authentication mechanisms. Existing mechanisms for device identity management and device authentication were not designed for huge number of devices and therefore are not suitable for IoT environments. This work presents results of a blockchain-based identity management approach with consensus authentication, as a scalable solution for IoT device authentication management. Our identity management approach relies on having a blockchain secure tamper proof registry and lightweight consensus-based identity authentication.

Abstract

Abstract
The growth in Internet usage has increased the use of electronic services requiring users to register their identity on each service they subscribe to. This has resulted in the prevalence of redundant users data on different services. To protect and regulate access by users to these services identity management systems (IdMs) are put in place. IdMs uses frameworks and standards e.g SAML, OAuth and Shibboleth to manage digital identities of users for identification and authentication process for a service provider. However, current IdMs have not been able to address privacy issues (unauthorised and fine-grained access) that relate to protecting users identity and private data on web services. Many implementations of these frameworks are only concerned with the identification and authentication process of users but not authorisation. They mostly give full control of users digital identities and data to identity and service providers with less or no users participation. This results in a less privacy enhanced solutions that manage users available data in the electronic space. This article proposes a user-centred mandate representation system that empowers resource owners to take full of their digital data; determine and delegate access rights using their mobile phone. Thereby giving users autonomous powers on their resources to grant access to authenticated entities at their will. Our solution is based on the OpenID Connect framework for authorisation service. To evaluate the proposal, we've compared it with some related works and the privacy requirements yardstick outlined in GDPR regulation [1] and [2]. Compared to other systems that use OAuth 2.0 or SAML our solution uses an additional layer of security, where data owner assumes full control over the disclosure of their identity data through an assertion issued from their mobile phones to authorisation server (AS), which in turn issues an access token. This would enable data owners to assert the authenticity of a request, while service providers and requestors also benefit from the correctness and freshness of identity data disclosed to them.

Abstract

Abstract
Digital economy relies on global data exchange flows. On May 25th 2018 the GDPR came into force, representing a shift in data protection legislation by tightening data protection rules. This paper introduces an innovative solution that aims to diminish the burden resulting from new regulatory demands on all stakeholders. The presented solution allows the data controller to collect the consent, of a European citizen, in accordance to the GDPR and persist proof of said consent on public a blockchain. On the other hand, the data subject will be able to express his consent conveniently through his smartphone and evaluate the data controller’s performance. The regulator’s role was also contemplated, meaning that he can leverage certain system capabilities specifically designed to gauge the status of the relationships between data subjects and data controllers. © Springer Nature Switzerland AG 2020.