In this paper we deal with the interactions between different types of devices and a SaaS (Software as a Service) Management System. It is our goal to provide a generic way by which users interface with their devices in terms of getting information and actually being able to communicate with them. Our effort in this proposal is the establishment of these interactions while assuring a set of requirements such as privacy, authentication, association of multiple devices to a user, etc. We provide the architectural means to support this view and ensure the communication of the IoT (Internet of Things) devices with a Cloud of Web Services, while maintaining the M2M (Machine 2 Machine) vision. To do so we define an entity, the Cloud Bridge Server, which uses the Extensible Messaging and Presence Protocol (XMPP) to interact with the devices, and which provides a Representational State Transfer (REST) API for 3rd party Web Services. We present results on how our approach performs when facing other alternatives and the main advantages of using it.

This paper describes an identity based mobility architecture, which relies on the Identity Management System for mobility decision and execution. This is achieved by clearly separating mobility into a two step procedure: decision and action. The decisions are outsourced on the Identity plane, while the action (moving) is carried out by a protocol agnostic mobility architecture.

One of the most important objectives of Identity Management (IdM) Systems is to provide end user privacy. However, these concepts rarely extend beyond the application layer. In the IST SWIFT project a special attention is given to cross-layer Identity Management support, and in this paper we show why applying only IdM solutions is insufficient to preserve user privacy if network mechanisms are not considered. We present a solution to retain user privacy by using network pseudonyms closely coordinated with the IdM framework proposed by the SWIFT project. We include these concepts in the IdM framework and present the necessary architecture and functional mechanisms required to support the privacy extensions.

In recent years, Identity Management (IdM) has gained a lot of attention in industry, standardisation and academia. In particular, a couple of research projects, like Daidalos or Prime, have invested considerable effort to bring IdM forward, to take advantage of features like improved usability and security. Nevertheless, there are important issues that have not been addressed so far. The SWIFT project leverages IdM as a key technology of the Future Internet, tackling problems like the integration of the network and application layer from an IdM perspective as well as the use of electronic identity cards. Moreover, aspects like the integration of several user devices, backward compatibility and a new access control infrastructure are required by future IdM solutions. We consider all these aspects by extending existing IdM solutions with six new security and privacy enablers that are part of the overall SWIFT framework. These enablers have been partially implemented towards a new IdM architecture. First evaluation results of the implementation are promising to pave the way towards future IdM solutions.

Identity Management (IdM) on the application layer improves the usability and security for end users by offering features like Single Sign-On and attribute provisioning. Unrelated approaches on the network layer introduce identity concepts to solve mobility problems and support multihoming. This paper describes a novel approach to the integration of IdM on the application layer with identity concepts introduced by the Host Identity Protocol (HIP). We propose an integrated architecture combining the advantages of both domains. In this scope, we tackle the mapping between the HIP namespace and user IdM namespace as well as we the management and assignment of user and host identities. The new architecture provides a unified view over user and host identities, enabling the exchange of user and host attributes, while it also provides enhanced security and network features.

In the last 3 years a medium size NGN testbed was deployed at the Instituto de Telecomunicações of Aveiro in order to support the validation of the project IST-Daidalos. This paper intends to describe not only the work done in order to setup and maintain this testbed but also to elucidate the community of some of the caveats of creating and managing such a testbed in a environment where most of the prototypes are under specification and requirements change quickly. In this paper we also present some of the methodology used in order to extract results from this testbed and an insight to what can be done in the future.

This paper discusses the challenges that arise from today's mobility management architectures, how they are restricted to specific identifiers and routes, and how they have disjoint control layers. It describes a novel approach to tackling the shortcomings of current network models, describing the challenges and solutions revolving around Identifiers and Identity based Mobility, associated with the more generic Path concept. It describes how to position communication and mobility, Identity centric, in terms of paths, and in the process solving the challenges raised by the unicast/multicast dichotomy, effectively bridging the gap between peer-to-peer overlays and point-to-point communications. The paper also discusses the need for cross-layer resolution and routing mechanisms that enable simple and consistent access to an Identity Layer, which is in fact the new control layer, leveraged by policy driven architectures enabling the necessary granularity for future network evolution.

User privacy is a growing requirement in the evolution of communication networks. In this sense, the concept of virtual personae, which corresponds to different identities of the same user, starts getting much attention. However, to provide privacy and non-linkage between these virtual users, a cross-layer approach to identity needs to be supported. This paper proposes a solution to preserve the application layer privacy models by applying the virtual personae concept throughout the network stack. It also proposes mechanisms for non-correlation between identities in 4G mobile environments, and addresses the benefits of the evolving multi-homing characteristics of 4G networks to enrich the non-linkage between identities support of our privacy solution.

Recent trends bring Identity concepts into the application layer, although usually focusing in web environments. While this enables new solutions, interactions and paradigms at the application layer, the lower layers are neglected, and considered irrelevant for identity purposes. However, making Identity information available to the OSI stack enables enhanced protocols, which better integrate with A4C mechanisms, and provide better cross-layer integration. We present a solution to integrate identity information into all layers of the OSI stack, and enhance it with resolution mechanisms, enabling full fledged use of Identity by lower layers, such as transport and network. In particular, a new mobility paradigm can be created through an identity-dependent design.

Wireless LAN and other radio broadcast technologies are now in full swing. However, the widespread usage of these technologies comes at the price of location privacy, be it by observing the communication patterns or the interface identifiers. Although a number of network level solutions have been proposed , this paper describes a novel approach to location privacy at the link layer level. We present a generic mechanism and then map it to a real protocol, IEEE 802.11. The work also provides an analysis of the protocol in terms of privacy and performance considerations.

Privacy and security are key aspects in future network architectures. The Host Identity Protocol (HIP) is a new proposal which decouples identifiers from locators and may eventually replace conventional addressing and network transport. In this document we propose an architecture that provides location privacy, based on HIP. We further validate our work by implementation and support the feasibility of our protocol by experimentation.

This paper presents an evaluation of possible a QoS architecture and the corresponding QoS signalling strategies for next generation networks, being developed inside the IST project Daidalos. We address the main results achieved in terms of their performance in an experimental testbed developed inside the project. The result provide indications on the expected performance of different signalling strategies for next generation heterogeneous networks.

This paper discusses the introduction of a new network element - MIPv6 Proxy - to act on behalf of registering nodes on a moving car network. The new element allows increased performance, while reducing communication costs and enhancing communication in general.

Vehicular communication, providing vehicle-to-vehicle and vehicle-to-roadside communication, can considerably improve traffic safety and comfort of driving and traveling. For communication in vehicular ad hoc networks, position-based routing has emerged as a promising candidate. For Internet access, Mobile IPv6 is a widely accepted solution to provide session continuity and reachability to the Internet for mobile nodes. While integrated solutions for usage of Mobile IPv6 in (non-vehicular) mobile ad hoc networks exist, we propose a solution that, built upon on a Mobile IPv6 proxy-based architecture, selects the optimal communication mode (direct in-vehicle, vehicle-tovehicle, and vehicle-to-roadside communication) and provides dynamic switching between vehicle-to-vehicle and vehicle-to-roadside communication mode during a communication session in case thatmore than one communication mode is simultaneously available.

WLAN and other radio broadcast technologies are now commonplace. However, the widespread usage of these technologies comes at the price of loss of location privacy. Although a number of network level solutions exist to lessen the problem, we describe an improved approach to location privacy at the link layer. We present a generic mechanism and then map it to the common IEEE 802.11 protocol set. The paper finally provides an analysis of our mechanism in terms of privacy and performance.

Identity Management has so far been a field mainly applications and Web focused. This paper describes a novel approach to cross layer identity management that extends digital identities to the network, the virtual identity (VID) framework. The VID framework provides strong privacy to the user, while easily supporting personalization cross-service providers. While other identity management solutions are tailored to one specific application and/or protocol domain, the proposed framework extends the use of one’s digital identity to all aspects of the network and services architecture. It is also the first to consider legal constrains, such as ownership of data and legal intercept issues, in such a broad scope. One major aspect reported here is the relevance for operators.

Privacy and security are key aspects on future communication networks. The Host Identity (HIP) aims to provide identity based security in new networks. In this document we propose an aditional framework based on the Host Identity Protocol that provides location privacy to registered attendents.

Este artigo descreve o desenvolvimento de um processador de 8 bits que executa operações aritméticas e lógicas, auxiliado por uma memória de registo e outra de armazenamento. O processador tem de executar algumas operações particulares que incluem operações entre dados residentes na memória de armazenamento, sem recorrer a memória de registos, leitura de informação da placa FPGA, e também impressão de resultados num meio visual.

This memo is a problem statement on the use of link events for enhanced handover control in network based localized mobility management. Starting from existing solutions for fast link detection the document aims at discussing possibilities to extend with a 2.5 layer the interface between MN and AR for handover control. The document also presents a set of considerations and identifies conditions where a layer 2.5 based interface offers significant advantages compared to a pure layer three solution. The document addresses separately scenarios for Localized Mobility Management and scenarios involving interactions between PMIP and CMIP.

This memo describes a framework for the Host Identity Protocol that provides location privacy and mobility to end hosts. It discusses the introduction of a new functional entity that prevents HIP enabled nodes from revealing their location.

This memo describes a framework for the Host Identity Protocol that provides location privacy and mobility to end hosts.