SANS: Self-sovereign Authentication for Network Slices

10/29/2020
by   Xavier Salleras, et al.
0

5G communications proposed significant improvements over 4G in terms of efficiency and security. Among these novelties, the 5G Network Slicing seems to have a prominent role: deploy multiple virtual network slices, each providing a different service with different needs and features. Like this, a Slice Operator (SO) ruling a specific slice may want to offer a service for users meeting some requirements. It is of paramount importance to provide a robust authentication protocol, able to ensure that users meet the requirements, but providing at the same time a privacy-by-design architecture. This makes even more sense having a growing density of Internet of Things (IoT) devices exchanging private information over the network. In this paper, we improve the 5G network slicing authentication using a Self-Sovereign Identity (SSI) scheme: granting users full control over their data. We introduce an approach to allow a user to prove his right to access a specific service without leaking any information about him. Such an approach is SANS, a protocol that provides non-linkable protection for any issued information, preventing an SO or an eavesdropper from tracking users' activity and relating it with their real identities. Furthermore, our protocol is scalable and can be taken as a framework for improving related technologies in similar scenarios, like authentication in the 5G Radio Access Network (RAN) or other wireless networks and services. Such features can be achieved using cryptographic primitives called Zero-Knowledge Proofs (ZKP). Upon implementing our solution using a state-of-the-art ZKP library and performing several experiments, we provide benchmarks demonstrating that our approach is affordable in speed and memory consumption.

READ FULL TEXT
research
02/18/2022

FORT: Right-proving and Attribute-blinding Self-sovereign Authentication

Nowadays, there is a plethora of services that are provided and paid for...
research
06/14/2021

A Novel Variable K-Pseudonym Scheme Applied to 5G Anonymous Access Authentication

Anonymous access authentication schemes provide users with massive appli...
research
09/04/2023

Fortifying Public Safety: A Dynamic Role-Based Access Control Paradigm for Cloud-Centric IoT

The evolution of communication technologies, exemplified by the Internet...
research
08/06/2022

Analysis of lightweight cryptographic solutions for authentication in IoT

Currently, special attention is being paid to scenarios where the interc...
research
01/26/2023

LemonLDAP::NG – A Full AAA Free Open Source WebSSO Solution

Nowadays, security is becoming a major issue and concern. More and more ...
research
08/08/2021

An Anonymous On-Street Parking Authentication Scheme via Zero-Knowledge Set Membership Proof

The amount of information generated grows as more and more sensor and Io...
research
07/12/2019

A Federated Lightweight Authentication Protocol for the Internet of Things

Considering the world's IoT development and market, it is necessary to g...

Please sign up or login with your details

Forgot password? Click here to reset