The defining features of the Internet of Things systems and networks, including high network density, the presence of heterogeneous devices characterized by the availability of multiple Radio Access Technologies, the integration between user networks and critical infrastructure systems, and the presence of Device-2-Device links beyond the traditional Device-2-Infrastructure communications, pose new, challenging security issues, calling for new strategies in order to ensure authentication of users/devices and confidentiality/integrity of information. An additional feature of the 5G radio interfaces that are expected to be an integral part of IoT deployment can however support the design of such new strategies: this is the support for high accuracy indoor positioning.
The SecurPos project investigates the interaction between indoor positioning and security in 5G IoT systems. The project addresses this topic from a twofold point of view. On one hand, SecurPos aims at defining new algorithms for indoor positioning in 5G systems that take into account the security threats inherent to the novel network scenarios introduced by the IoT paradigm, and take advantage of the features of 5G devices in order to face such threats while guaranteeing the required accuracy and availability of position information. On the other hand, SecurPos assesses how position information can be used as an additional security feature, in particular for IoT devices that do not possess the hardware and processing capabilities required to implement advanced physical layer security strategies.
The theoretical analysis leading to the design of positioning algorithms and security strategies is supported by performance evaluation carried out by means of computer simulations as well as of experiments run on an indoor positioning testbed supporting multiple wireless technologies.
The SecurPos project will tackle an extremely innovative problem: how to take advantage of specific 5G technologies and networks characteristics to obtain accurate, reliable position information in presence of security threats, and how to use this position information to improve security even for low cost, low complexity devices, that cannot adopt CSI-based approaches to enforce physical layer security.
In doing so, SecurPos will go beyond the current state of the art under several aspects, as detailed in the following:
1) Impact of 5G high device density on the performance and robustness to security threats of distributed indoor positioning algorithms - distributed indoor positioning has been a hot research topic since the idea of ad hoc networks surfaced, but researchers soon realized that this approach only makes sense when network density is sufficiently high to ensure that most network devices obtain enough information to determine their own position. The high density that is expected to characterize 5G networks will allow to effectively implement these algorithms; in addition a higher density will potentially allow to counteract the presence of malicious devices aiming to disrupt the positioning service either by injecting fake data or by modifying data received by other legit devices before forwarding them.
2) Use of multiple Radio Access Technologies (RATs) to support scalable, secure indoor positioning - Indoor positioning algorithms based on RF technologies have usually assumed the use of a single RAT, e.g. WiFi or Bluetooth. Current devices are however typically characterized by multiple RATs, and 5G ones are expected to exacerbate this trend. The use of multiple RATs is thus a natural evolution in the design of indoor positioning algorithms, and will be indeed explored in SecurPos. The use of multiple RATs will be considered with two main objectives in mind: an increase in accuracy and availability of position information, resulting from the additional data available for determining the position of devices, and an increase in robustness to the security threats posed by rogue infrastructure elements and malicious devices, thanks to the possibility of cross-checking the data obtained on different RATs. Algorithms will be designed so to define the role of different devices in positioning according to their positioning capabilities and expected robustness to security threats. As an example, MIMO systems are often considered as more robust to security threats thanks to their capability to steer signal so to "avoid" malicious receivers: this capability should be taken into account in defining their role in a distributed positioning system.
3) Design of adaptive indoor positioning algorithms - The extremely variegate network topologies expected to be available in 5G IoT systems, composed by overlapping infrastructure and D2D links, will open the way to the design of algorithms that will adaptively switch from distributed to centralized positioning (and viceversa) depending on network topology and assessed security conditions. As an example, when many trusted devices are available the algorithm should rely on distributed positioning, but switch to infrastructure when assessment of data indicates that one or more devices are potentially security risks (e.g. based on crosschecking of different RATs or reports from neighboring devices), aiming to obtain in all cases the best tradeoff between accuracy, availability and reliability of position information.
4) Use of position information to support and complement physical layer security in 5G networks - The availability of position information may be an additional safe guard when an undetected network breach would allow access to network information to a malicious user, in particular in the case of fake identities, where a malicious device is spoofing the identity of another active device and transmitting from a different position. In order to be useful, however, the position information should be accurate and reliable enough to correctly identify two devices using the same identity. The expected higher accuracy of 5G-based positioning will have to match the higher device density, that will reduce the average distance between devices, and make harder to distinguish different devices. SecurPos will investigate the impact of errors in indoor positioning on device identification, and assess the impact of erroneous threat identification and corresponding corrective measures (e.g. wrongful exclusion of a device from the network) on network performance.