Stan Wong

政治機器的建立，是為了利益分配、爭取支持和影響選舉結果。現有的文獻認為政治機器一般會籠絡貧窮與教育水平低的選民，因為他們的選票相對便宜。本論文以香港為例，審視當地的執政聯盟有多大程度在選舉中利用非政策綱領的利益（non-programmatic benefits），來爭取貴得難以收買的選票。通過訪問當地的議員和分析2015年《香港選舉研究》的數據，我們發現（1）親北京的政黨傾向提供高度個人化的服務；（2）需要這些個人化服務的市民，一般都不貧窮；（3）因為不能監控個人如何投票，親北京的政黨只能利用服務和利益來影響收益者投與不投的決定，而不是投給誰的選擇。這些發現反映親北京政黨長期的得票增長，是來自他們回應了特定選民的訴求。

This article reveals an adequate comprehension of basic defense, security challenges, and attack vectors in deploying multi-network slicing. Network slicing is a revolutionary concept of providing mobile network on-demand and expanding mobile networking business and services to a new era. The new business paradigm and service opportunities are encouraging vertical industries to join and develop their own mobile network capabilities for enhanced performances that are coherent with their applications. However, a number of security concerns are also raised in this new era. In this article, we focus on the deployment of multi-network slicing with multi-tenancy. We identify the security concerns and discuss the defense approaches such as network slice isolation and insulation in a multi-layer network slicing security model. Furthermore, we identify the importance to appropriately select the network slice isolation points and propose a generic framework to optimize the isolation policy re...

The fifth generation (5G) mobile telecommunication network is expected to support Multi- Access Edge Computing (MEC), which intends to distribute computation tasks and services from the central cloud to the edge clouds. Towards ultra-responsive, ultra-reliable and ultra-low-latency MEC services, the current mobile network security architecture should enable a more decentralized approach for authentication and authorization processes. This paper proposes a novel decentralized authentication architecture that supports flexible and low-cost local authentication with the awareness of context information of network elements such as user equipment and virtual network functions. Based on a Markov model for backhaul link quality, as well as a random walk mobility model with mixed mobility classes and traffic scenarios, numerical simulations have demonstrated that the proposed approach is able to achieve a flexible balance between the network operating cost and the MEC reliability.

Virtualization, containerization and softwarization technologies enable telecommunication systems to realize multitenancy, multi-network slicing and multi-level services. However, the use of these technologies to such ends requires a redesign of the telecommunications network architecture that goes beyond the current long term evolution-advanced (LTE-A). This paper proposes a novel hierarchical and distributed Virtualized Authentication, Authorization and Accounting (V-AAA) architecture for fifth-generation (5G) telecommunications systems, conceived to handle multi-tenancy, multi-network slicing and multi-level services. It also contemplates a new hierarchical and distributed database architecture to inter-work with our 5G V-AAA, able to cope with the network flexibility, elasticity and traffic fluctuation implied in 5G. The sum achievement is the design of a new approach that can provide fast billing and multiple network services for authentication and authorization at the edge cloud.

Network function virtualization (NFV) and virtual network function (VNF) service chaining are receiving a significant attention from both academic and industry. However, most of attentions have been concentrated on delivering the flexible network architecture and optimization of VNF placement across the network infrastructure. In this paper, we focus on an important aspect of the network after its architecture is formed and its VNF placements are optimized. This aspect is related to the efficiency and effectiveness of VNF provisioning, lack of visibilities on the location of VNF, flexibility of VNF placement and VNF splitting into multiple sub-functions. This can be considered as a security issue covering the anomalies of the VNF orchestration and placement during the operation. We propose a VNF service chain anomalies detection method based on the Markov chain property in order to ensure the correctness of VNFs backward and forward placement and the K-means classification of VNF sequence patterns. This method identifies the patterns of VNF service chaining sequence in a correct behavior. This work is not just observing the existing network behavior, it also can be extended to identify the correctness of the sequence order of a new VNF service chaining request.

As the next generation networks (5G) move into a direction of virtualization and softwarization, using technologies like Software-Defined Networking (SDN) and Network Function Virtualization (NFV), one of the main benefits is the possibility of network resource sharing among different tenants and service providers. This paper focuses on how the architecture of the 5G NORMA project will tackle the issue of resource sharing. Two main areas will be explored: how to achieve efficient resource sharing among network slices, and specific solutions used by the architecture to allow for resource sharing.

The fifth generation (5G) mobile telecommunication network is expected to support multi-access mobile edge computing (MEC), which intends to distribute computation tasks and services from the central cloud to the edge clouds. Towards ultraresponsive, ultra-reliable and ultra-low-latency MEC services, the current mobile network security architecture should enable more decentralized approach for authentication and authorization process. This paper proposes a novel distributed authentication architecture that supports flexible, intelligent and low-cost local authentication with the awareness of network elements, e.g. user equipment, virtual network functions etc., context information.

The fifth generation (5G) mobile telecommunication network is expected to support MultiAccess Edge Computing (MEC), which intends to distribute computation tasks and services from the central cloud to the edge clouds. Towards ultra-responsive, ultra-reliable and ultra-low-latency MEC services, the current mobile network security architecture should enable a more decentralized approach for authentication and authorization processes. This paper proposes a novel decentralized authentication architecture that supports flexible and low-cost local authentication with the awareness of context information of network elements such as user equipment and virtual network functions. Based on a Markov model for backhaul link quality, as well as a random walk mobility model with mixed mobility classes and traffic scenarios, numerical simulations have demonstrated that the proposed approach is able to achieve a flexible balance between the network operating cost and the MEC reliability. INDEX TERMS...

This paper defines the fundamental principle of trust in technological world and also provides the foundation of the trust model with definition and mathematical proof. This paper reveals the trust model evolution in telecommunication systems which helps us to understand the 5G trust model. Basically, we provide a trust model evolution from the first generation (1G) analog mobile system to the fifth generation (5G) mobile and develop a simple explaining-away mathematical model to help the trust center implementation across the entire network in different geo-location to collect trust value from stakeholders and network entities. This mathematical trust model is based on the graphical probabilistic model (GPM) with Bayesian Network. We use historical dataset to derive the trust model and experiment.