Fog computing is an emerging computing paradigm which expands cloud-based computing services near the network edge. With this new computing paradigm, new challenges arise in terms of security and ...privacy. These concerns are due to the distributed ownership of Fog devices. Because of the large scale distributed nature of devices at the Fog layer, secure authentication for communication among these devices is a major challenge. The traditional authentication methods (password-based, certificate-based and biometric-based) are not directly applicable due to the unique architecture and characteristics of the Fog. Moreover, the traditional authentication methods consume significantly more computation power and incur high latency, and this does not meet the key requirements of the Fog. To fill this gap, this article proposes a secure decentralised location-based device to device (D2D) authentication model in which Fog devices can mutually authenticate each other at the Fog layer by using Blockchain. We considered an Ethereum Blockchain platform for the Fog device registration, authentication, attestation and data storage. We presented the overall system architecture, various participants and their transactions and message interaction between the participants. We validated the proposed model by comparing it with the existing method; results showed that the proposed authentication mechanism was efficient and secure. From the performance evaluation, it was found that the proposed method is computationally efficient and secure in a highly distributed Fog network.
Digital identity has become a significant paradigm in variety of fields such as, sociology, psychology, social studies, information science and software engineering. Digital identity, as an ...interdisciplinary research field has a plurality of concepts and terms. Therefore, Ontology is able to define a common cognitive literature and basis for active researchers and specialists in this field who need to share information. In this research a great effort was used to study digital identity using the qualitative method of “domain analysis” and to use a population of more than 228 information sources of scientific outcomes such as, articles, theses, identified books and reports from Google Scholar database, online encyclopedias, lectures and training videos, and other keyword-based online sources which can be accessed by keywords of this field on Google. Identification, aspect extraction and digital identity-related ontology were also conducted and the identified OWL language-based ontology was represented using OWLGrEd and webovowl software and then experts’ views were studied and reviewed ontologically. Different definitions and keywords of this field were identified by the conducted survey and the ontology of digital identity was provided. Features of digital identity was provided from 10 different aspects such as paradigms, constituent content, producers, data, identity representation, control, durability, life cycle, awareness and risk-challenge levels, and finally a new definition of digital identity was explained based on the extracted ontology from the field.
The digital identity is the essential human data interface when interacting on the Internet or with IT systems to enable the multitude of services. No platform can be used without creating a (at ...least temporary) data construct to the retrieving user, which reflects the identity of the user and enables an assignment of the application data. This thesis examines the construct of digital identity and puts it into the fundamental rights framework. In doing so, data protection and IT security law are also consulted as concrete manifestations of fundamental rights.
Best current practices for OAuth/OIDC Native Apps Sharif, Amir; Carbone, Roberto; Sciarretta, Giada ...
Journal of information security and applications,
March 2022, 2022-03-00, Letnik:
65
Journal Article
Recenzirano
OAuth 2.0 and OpenID Connect have been extensively integrated into mobile applications during recent years to manage access delegation and reduce password fatigue via a single sign-on experience. To ...provide a precise specification for mobile application developers on how to secure their implementations, the OAuth Working Group has published a set of best current practices called “OAuth 2.0 for Native Apps”. Nevertheless, many available mobile applications still suffer from poor implementations leading to serious security issues. To find the source of the problem, we perform a comprehensive analysis on 14 popular OAuth 2.0 and OpenID Connect providers and 87 top-ranked Google Play Store applications selected out of 2505 top-ranked applications to investigate their compliance with the best current practices for native apps. Our analysis reveals that only 7 OAuth 2.0 and OpenID Connect providers and 5 Google Play Store applications are fully compliant with the best current practices. To help mobile application developers with securing the implementation of OAuth 2.0 and OpenID Connect solutions, we introduce a wizard-based approach to assist mobile application developers to integrate multiple third-party OAuth 2.0 and OpenID Connect providers in their mobile applications. To verify the correctness and security of the integrated code by our wizard-based approach, we performed a security analysis by using both open-source and commercial source-code analysis tools. The result of security analysis confirms the security of using our approach in mobile applications, even though it raises some security issues related to the general implementation of mobile applications (e.g., insufficient code obfuscation). Despite these issues are out of the scope of our work, they stimulate interesting challenges at the intersection of theory and practice of security in mobile applications using OAuth 2.0 and OpenID Connect.
Selfie posting is now a well-established practice, particularly for young women. However, it is nevertheless much maligned in popular discourses. As a counterpoint to digital narcissism, selfie ...posting is also constituted as relational. This Q methodological study explored how young women make sense of selfie practices. Twenty-seven young women aged 18–23 sorted a set of statements about selfies into a quasi-normal grid. These sorts were factor analysed to identify shared patterns. Four factors were identified which were subsequently analysed qualitatively, producing a narrative for each. These included (1) ‘Presenting . . . Me!’, (2) ‘I am what I am’, (3) ‘Sharing is caring’ and (4) ‘The In-crowd – beautiful and popular’. The complexity of identity curation evidenced in this study highlights the importance of moving beyond both polarised characterisations and the pathologisation of young women selfie takers in order to explicate the interplay between normative femininities and the digital self.
The metaverse matrix of labour law Magdalena Nogueira Guastavino; David Mangan
Italian labour law e-journal,
07/2023, Letnik:
16, Številka:
1
Journal Article
Recenzirano
Odprti dostop
The rise of the idea of a metaverse in which the real world is replicated has implications for industrial relations. Some of the most important cross-cutting issues are raised in this study in order ...to situate the particular challenges posed to worker data. There is a pronounced need to address specific multidisciplinary studies that contribute to the development of theoretical foundations that provide legal certainty to this new reality.
Digital Identities and Verifiable Credentials Sedlmeir, Johannes; Smethurst, Reilly; Rieger, Alexander ...
Business & information systems engineering,
10/2021, Letnik:
63, Številka:
5
Journal Article
The essay analyses and explores the concept of personal identity in the light not only of the already tested digital dimension but also of a further evolution of the Internet represented by the ...so-called metaverse to be understood as a convergence zone of interactive virtual spaces, located in cyberspace and accessible by users through an avatar with the function of representing individual identity, where the issue of digital identity and its protection assumes particular importance. In fact, overcoming the concepts of virtual reality and augmented reality, and as an evolution of ubiquitous computing, the construction of a being in the presence through social technology takes advantage of the interoperability between worlds and platforms, in a research environment that creates and interconnects information, subjects, avatars and objects.
This research aims to study the most critical elements of digital identity management to recognize the pattern and the requirements of their use and implementation. Further, an attempt is made to ...identify and prioritize the criteria and their relevant indicators of digital identity management in the form of a comprehensive framework. To this end a fuzzy multicriteria decision‐making approach was utilized. The framework focuses on a comprehensive perspective to consider digital identity and deals with compiling strategies and operational patterns based on the defined priorities. This applied research with a fundamental approach has a descriptive‐explanatory method as well. Through an in depth‐review of the extant literature and designing an instrument as well as semi‐structure interview the necessary data were collected. The research population consists of 10 experts. By reviewing the theoretical literature of the research, effective factors were identified and screened by the Fuzzy Delphi method leading to six main factors and 31 subfactors. Then, the collected data were analyzed through a hybrid technique known as FDANP (Fuzzy DEMATEL‐ANP) to determine the interactions between the factors and the subfactors and to weigh and prioritize them. The obtained results revealed that “strategic planning” is the most influential factor in digital identity management. Also, the subfactors namely “The use of the maturity model of digital identity management,” “commitment to the whole organization,” “integrity of digital identity management system with other systems,” “integrity of digital identity management program,” and “integrity of the two dimensions of identity management and access management” were ranked as the most influential subfactors of “strategic planning,” respectively. “Access management” was the most permeable factor in digital identity management. It means that this factor is the main problem and could be solved with the help of the influential factors. In addition, subfactors: “Access control to all resources only through the digital identity management system,” “Solution for access management of premium accounts,” “Multi‐factor authentication support,” “Access policy to all resources and information,” and “Determination of the manner of the user access to resources outside the organization” were ranked as the most permeable subfactors.