ABSTRACT
Global navigation satellite systems (GNSSs) provide accurate positioning and timing services in a large gamut of sectors, including financial institutions, Industry 4.0, and Internet of things (IoT). Any industrial system involving multiple devices interacting and/or coordinating their functionalities needs accurate, dependable, and trustworthy time synchronization, which can be obtained by using authenticated GNSS signals. However, GNSS vulnerabilities to time-spoofing attacks may cause security issues for their applications. Galileo is currently developing new services aimed at providing increased security and robustness against attacks, such as the open service navigation message authentication (OS-NMA) and commercial authentication service (CAS). In this paper, we propose a robust and secure timing protocol that is independent of external time sources, and solely relies on assisted commercial authentication service (ACAS) and OS-NMA features. We analyze the performance of the proposed timing protocol and discuss its security level in relation to malicious attacks. Lastly, experimental tests were conducted to validate the proposed protocol.
ABSTRACT
The fifth generation (5G) of cellular networks improves the precision of user localization and provides the means to disclose location information to over-the-top (OTT) service providers. The network data analytics function (NWDAF) can further elaborate this information at an aggregated level using artificial intelligence techniques. These powerful features may lead to the improper use of user location information by mobile network operators (MNOs) and OTT service providers. Moreover, vulnerabilities at various layers may also leak user location information to eavesdroppers. Hence, the privacy of users is likely at risk, as location is part of their sensitive data. In this paper, we first go through the evolution of localization in cellular networks and investigate their effects on location privacy. Then, we propose a location-privacy-preserving integrated solution comprising virtual private mobile networks, an independent authentication and billing authority, and functions to protect wireless signals against location information leakage. Moreover, we advocate the continuous and detailed control of localization services by the user.
