Abstract
The advent of 6G networks is anticipated to introduce a myriad of new technology enablers, including heterogeneous radio, RAN softwarization, multi-vendor deployments, and AI-driven network management, which is expected to broaden the existing threat landscape, demanding for more sophisticated security controls. At the same time, privacy forms a fundamental pillar in the EU development activities for 6G. This decentralized and globally connected environment necessitates robust privacy provisions that encompass all layers of the network stack. In this paper, we present PRIVATEER’s approach for enabling “privacy-first” security enablers for 6G networks. PRIVATEER aims to tackle four major privacy challenges associated with 6G security enablers, i.e., i) processing of infrastructure and network usage data, ii) security-aware orchestration, iii) infrastructure and service attestation and iv) cyber threat intelligence sharing. PRIVATEER addresses the above by introducing several innovations, including decentralised robust security analytics, privacy-aware techniques for network slicing and service orchestration and distributed infrastructure and service attestation mechanisms. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023.

Abstract
IntroductionPerinatal asphyxia is one of the most frequent causes of neonatal mortality, affecting approximately four million newborns worldwide each year and causing the death of one million individuals. One of the main reasons for these high incidences is the lack of consensual methods of early diagnosis for this pathology. Estimating risk-appropriate health care for mother and baby is essential for increasing the quality of the health care system. Thus, it is necessary to investigate models that improve the prediction of perinatal asphyxia. Access to the cardiotocographic signals (CTGs) in conjunction with various clinical parameters can be crucial for the development of a successful model. ObjectivesThis exploratory work aims to develop predictive models of perinatal asphyxia based on clinical parameters and fetal heart rate (fHR) indices. MethodsSingle gestations data from a retrospective unicentric study from Centro Hospitalar e Universitario do Porto de Sao Joao (CHUSJ) between 2010 and 2018 was probed. The CTGs were acquired and analyzed by Omniview-SisPorto, estimating several fHR features. The clinical variables were obtained from the electronic clinical records stored by ObsCare. Entropy and compression characterized the complexity of the fHR time series. These variables' contribution to the prediction of asphyxia perinatal was probed by binary logistic regression (BLR) and Naive-Bayes (NB) models. ResultsThe data consisted of 517 cases, with 15 pathological cases. The asphyxia prediction models showed promising results, with an area under the receiver operator characteristic curve (AUC) >70%. In NB approaches, the best models combined clinical and SisPorto features. The best model was the univariate BLR with the variable compression ratio scale 2 (CR2) and an AUC of 94.93% [94.55; 95.31%]. ConclusionBoth BLR and Bayesian models have advantages and disadvantages. The model with the best performance predicting perinatal asphyxia was the univariate BLR with the CR2 variable, demonstrating the importance of non-linear indices in perinatal asphyxia detection. Future studies should explore decision support systems to detect sepsis, including clinical and CTGs features (linear and non-linear).

Abstract
Regulated exocytosis consists of the fusion between vesicles and the plasma membranes, leading to the formation of a narrow fusion pore through which secretions exit the vesicle lumen into the extracellular space. An increase in the cytosolic concentration of free Ca2+ ([Ca2+](i)) is considered the stimulus of this process. However, whether this mechanism can be preserved in a simplified system of membrane lawns with docked secretory vesicles, devoid of cellular components, is poorly understood. Here, we studied peptide discharge from individual secretory vesicles docked at the plasma membrane, prepared from primary endocrine pituitary cells (the lactotrophs), releasing hormone prolactin. To label secretory vesicles, we transfected lactotrophs to express the fluorescent atrial natriuretic peptide (ANP.emd), previously shown to be expressed in and released from prolactin-containing vesicles. We used stimulating solutions containing different [Ca2+] to evoke vesicle peptide discharge, which appeared similar in membrane lawns and in intact stimulated lactotrophs. All vesicles examined discharged peptides in a subquantal manner, either exhibiting a unitary or sequential time course. In the membrane lawns, the unitary vesicle peptide discharge was predominant and slightly slower than that recorded in intact cells, but with a shorter delay with respect to the stimulation onset. This study revealed directly that Ca2+ triggers peptide discharge from docked single vesicles in the membrane lawns with a half-maximal response of similar to 8 mu M [Ca2+], consistent with previous whole-cell patch-clamp studies in endocrine cells where the rapid component of exocytosis, interpreted to represent docked vesicles, was fully activated at <10 mu M [Ca2+]. Interestingly, the sequential subquantal peptide vesicle discharge indicates that fluctuations between constricted and dilated fusion pore states are preserved in membrane lawns and that fusion pore regulation appears to be an autonomously controlled process.

Abstract
With the recent advancements in wireless networks, Joint Communication and Sensing (JCAS) has become a growing field that is expected to be included in next-generation standards. However, not only is the current performance of the sensing ability still lacking to be used in real-world scenarios, proper security of such privacy-invasive technology has not been fully explored. To this end, we propose the creation of a more robust framework, capable of cross-domain detection and long-term analysis for improved detection, which will also serve as the basis for a security and privacy analysis of the threat landscape and solutions in this field.

Abstract
Location Privacy-Preserving Mechanisms (LPPMs) have been proposed to mitigate the risks of privacy disclosure yielded from location sharing. However, due to the nature of this type of data, spatio-temporal correlations can be leveraged by an adversary to extenuate the protections. Moreover, the application of LPPMs at collection time has been limited due to the difficulty in configuring the parameters and in understanding their impact on the privacy level by the end-user. In this work we adopt the velocity of the user and the frequency of reports as a metric for the correlation between location reports. Based on such metric we propose a generalization of Geo-Indistinguishability denoted Velocity-Aware Geo-Indistinguishability (VA-GI). We define a VA-GI LPPM that provides an automatic and dynamic trade-off between privacy and utility according to the velocity of the user and the frequency of reports. This adaptability can be tuned for general use, by using city or country-wide data, or for specific user profiles, thus warranting fine-grained tuning for users or environments. Our results using vehicular trajectory data show that VA-GI achieves a dynamic trade-off between privacy and utility that outperforms previous works. Additionally, by using a Gaussian distribution as estimation for the distribution of the velocities, we provide a methodology for configuring our proposed LPPM without the need for mobility data. This approach provides the required privacy-utility adaptability while also simplifying its configuration and general application in different contexts.

Abstract
FIDO2 is becoming a defacto standard for passwordless authentication. Using FIDO2 and WebAuthn, web applications can enable users to associate cryptographic credentials to their profiles, and then rely on an external authenticator (e.g., a hardware token plugged into the USB port) to perform strong signature-based authentication when accessing their accounts. The security of FIDO2 has been theoretically validated, but these analyses follow the threat model adopted in the FIDO2 design and explicitly exclude some attack vectors as being out of scope. In this paper we show that two of these attacks, which appear to be folklore in the community, are actually straightforward to launch in practice (user PIN extraction, impersonation and rogue key registration). We demonstrate a deployment over vanilla Linux distributions and commercial FIDO2 authenticators. We discuss the potential impact of our results, which we believe will contribute to the improvement of future versions of the protocol.