The current device-centric protection model against security threats has serious limitations. On the one hand, the proliferation of user terminals such as smart-phones, tablets, notebooks, smart TVs, game consoles and desktop computers makes it extremely difficult to achieve the same level of protection regardless of the device used. On the other hand, when various users share devices (e.g., parents and kids using the same devices at home), the set up of distinct security profiles, policies, and protection rules for the different users of a terminal is far from trivial. In light of this, this paper advocates for a paradigm shift in user protection. In our model, the protection is decoupled from the users' terminals, and it is provided by the access network through a Trusted Virtual Domain (TVD). Each TVD provides unified and homogeneous security for a single user, irrespective of the terminal employed. We describe a user-centric model, where non-technically savvy users can define their own profiles and protection rules in an intuitive way. We show that our model can harness from the virtualization power offered by nextgeneration access networks, especially, from Network Functions Virtualization (NFV) in the Points of Presence (POPs) at the edge of Telecom operators. We also analyze the distinctive features of our model, and the challenges faced based on the experience gained in the development of a proof-of-concept.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.