Idem: an Identity Middleware for Interoperable and Heterogeneous

Pós-Graduação em Ciência da Computação

FELIPE SILVA FERRAZ

IDeM: An Identity-Driven Middleware for Interoperable and Heterogeneous Systems

Universidade Federal de Pernambuco [email protected] www.cin.ufpe.br/~posgraduacao

RECIFE 2016

Felipe Silva Ferraz

IDeM: An Identity-Driven Middleware for Interoperable and Heterogeneous Systems

Este trabalho foi apresentado à Pós-Graduação em Ciência da Computação do Centro de Informática da Universidade Federal de Pernambuco como requisito parcial para obtenção do grau de Doutor em Ciência da Computação.

ORIENTADOR: Prof. Carlos André Guimarães Ferraz

RECIFE 2016

Catalogação na fonte Bibliotecária Monick Raquel Silvestre da S. Portes, CRB4-1217

F381i Ferraz, Felipe Silva IDeM: an identity-driven middleware for interoperable and heterogeneous systems / Felipe Silva Ferraz. – 2016. 168 f.: il., fig., tab.

Orientador: Carlos André Guimarães Ferraz. Tese (Doutorado) – Universidade Federal de Pernambuco. CIn, Ciência da Computação, Recife, 2016. Inclui referências e anexo.

1. Sistemas distribuídos. 2. Privacidade. I. Ferraz, Carlos André Guimarães (orientador). II. Título.

004.36 CDD (23. ed.) UFPE- MEI 2017-29

c 4

Felipe Silva Ferraz

IDeM: an Identity-Driven Middleware for Interoperable and Heterogeneous Systems

Tese de Doutorado apresentada ao Programa de Pós- Graduação em Ciência da Computação da Universidade Federal de Pernambuco, como requisito parcial para a obtenção do título de Doutora em Ciência da Computação.

Aprovado em: 09/09/2016.

______Orientador: Prof. Dr. Carlos André Guimarães Ferraz

BANCA EXAMINADORA

______Prof. Dr. Kelvin Lopes Dias Centro de Informática / UFPE

______Prof. Dr. Divanilson Rodrigo de Sousa Campelo Centro de Informática / UFPE

______Prof. Dr. Jones Oliveira de Albuquerque Departamento de Estatística e Informática / UFRPE

______Profa. Dra. Rossana Maria de Castro Andrade Departamento de Computação / UFC

______Profa. Dra. Thais Andrade Batista Departamento de Informática e Matemática Aplicada / UFRN

À Mãe, Pai, Fofucha, ao Cara lá de cima, Ao Rock and roll e aos amigos!

ACKNOWLEDGEMENTS

Eu primeiro pensei em escrever essa sessão em inglês seguindo o ritmo do restante do trabalho, mas depois me lembrei que eu escrevi a tese em inglês por mero reuso de muita coisa que já tinha sido feita, teria sido muito mais fácil escrever em português, então para não me faltarem palavras dentro do nosso rico vocabulário, essa parte aqui vai em português mesmo.

Escrever, corrigir, escrever de novo e apresentar esse trabalho é uma conquista que eu não consigo expressar em palavras de dois ou três idiomas, acho que só quem tem passado alguns anos vivendo na ansiedade desse momento pode compartilhar um pouco do que eu estou sentindo, e em sendo esse caminho tão tortuoso e no mínimo incerto, não há como dizer que se chega aqui sozinho e sem um empurrão, e não estamos falando de uma ajuda qualquer, é, de fato, um empurrão quase que como um imposição e investimento de uma força necessária para seguir em frente. Seguir em frente, nas palavras do grande Rocky “the italian stalian” Balboa, “… it is not about how hard you hit, it is about how hard you can get hit and keep moving forward…” e completado pelas palavras do, não tão grande, King Leonidas, “Never to retreat, never to surrender…”. Seguir em frente, com o que quer q esteja pela frente, sem recuar, sem desistir. É fácil. Basta ter a quem agradecer. E essa sessão é para você meu amigo e minha amiga que tem dado esse empurrãozinho consciente ou inconsciente.

Primeiramente ao cara lá de cima, a quem no escuro dessa madrugada é o único a me escutar falando sozinho, “Tu é o cara!”.

Depois a Carlos André Guimarães Ferraz, todas as sistemáticas “porradas no lombo” e as horas investidas em me ajudar a entender, pensar e escrever esse trabalho, necessariamente nessa orde.

Seguido bem de perto por mainha e painho, que dispensam qualquer tipo de apresentação.

Em um paragrafo separado, minha fofucha linda, amor da minha vida, companheira de viagens, jantares, de uma vida inteira, a quem eu tenho imensamente que agradecer por ajudar, ter tido paciência, traduzir, revisar, codificar, me amar pura e verdadeiramente… ahhhh sim, e por ter aceitado passar o resto da vida comigo.

E agora, como não podia deixar de ser, aos amigos, até por que se eu continuar com melosidade eu choro, então, Professores Francisco Icaro e Diego “The meteor” Souza, obrigado por todos os almoços falando besteira e eguagem tirando um pouco do peso das costas. Eugs e 7

Mister Potter pelas calórias extras e bem gastas e todas as sessões de cinema, professooora MCTS e Alan de Alagoas duas figuras ilustres e a quem tenho um bem-querer sem tamanho! Neu reitor(vulgo Carlos Sampaio) e Tresso, por ser um ponto de conversa nerd e inútil diários, as éguas (Dr. Pedim, Abrantes-El Ratón e Dr. Xandão) obrigado pelo eguagem, ah sim, sem esquecer da grande família Cabral em especial Dona Sandra Cabral, por fim, Rafael “Cabeção” Ribeiro, da mesma forma que eu escrevi em 2010 no meu mestrado, eu não sei nem por onde começar a te xingar.. por tanto ei de silenciar-me.

Beto Macedo e Super Sérgio pelas constantes cobranças, Allan Bahia, TRI!!!!. Crix, Peru, Rachel e toda mundiça… digo… povo do suporte e agregados (Sim, Sarah, vc tb está aqui!), por fornecer o café nosso de cada dia “Amem!”. Lendários, Acabou o Social Futebol Clube, Nobreguenses, Octeto do Amor e demais grupos do whatsapp, um xero enorme no coração de todos vocês

Tarciana, Seu Urbano, Leo Macedo, Todos dos projetos da HP, FIAT, Motorola, Sonae, aos amigos da FBV ( Diegão-Patativa, Ronaldão, Hubert, Ricardo Ciriaco, Emilia e Álvaro, Sophia e Antonio, Bella, Cecilia, Jana, Rafael, Pedrão, Iara e demais coordenadores de engenharia) meu muito obrigado. Gusta, Furtado, Wal, Val, Fábio e Marie, meu muito obrigado em dobro!

E como não podia deixar de ser, se o cara lá de cima é o único a me escutar, como não agradecer as únicas vozes que estão a se fazer presente em tão tardia hora?! Um agradecimento especial a Eric “slow hands” Clapton, Chico Buarque e Science, Eddie Vedder, Elton John, David Grohl, B.B King, Norah Jones, ao Led, Marvin Gaye, Nat King Cole e Ella Fritzgerald….Ao rock roll e ao blues! 8

“… and why do we fall, Bruce? So we can learn to pick ourselves up.” ― Thomas Wayne 8

ABSTRACT

In mid-2000s, for the first time in human history, urban cities started to harbor more than half of world's population. The concept of Smart Cities emerged in such context. Smart Cities can be defined as an urban environment where innovative services under an available infrastructure are provided to citizens with the use of information technology (IT). However, even though people use and take advantage of available information, there is a natural resistance to disclosure and expose personal data, which will get known by other citizens and businesses. This generates a sense of insecurity and privacy loss. This thesis explores information security issues related to identity and identifier management and proposes a solution that guarantees the privacy and anonymity of users within interoperable and heterogeneous environments. This thesis proposes a solution based on the creation of a multi-identity environment, in which a user has different identities, for different systems using the same identifier, that way it is possible to connect with different services, solutions and others, using the same login but having different representations within each solution, that will guarantee privacy, different level of security and interoperability. The proposed solution is demonstrated through the creation of a middleware within the context of smart cities. Finally, this thesis presents a set of experiments that use the proposed middleware to protect citizens’ sensitive data.

Keywords: Privacy. Security. Anonymity. Middleware

RESUMO

Em meados dos anos 2000, pela primeira vez na história da humanidade, as grandes cidades começaram a abrigar mais da metade da população mundial. É no contexto dessa mudança que surge o conceito de Smart Cities, tal conceito pode ser definido como um ambiente urbano onde, com uso de tecnologia da informação, serviços inovadores e com infraestrutura disponível, são fornecidos para os cidadãos. Em contra ponto a essa dinâmica está o fato de que essas mesmas pessoas, que fazem uso das informações, tem uma resistência natural relacionada a divulgação de seus dados, e que estes sejam expostos e conhecidos por demais cidadões e empresas, gerando um cenário de insegurança e perda de privacidade. Este trabalho explora problemas de segurança da informação relacionados a gerenciamento de identidade e identificadores, propõe a criação de uma solução que permita manter a privacidade e o anonimato de usuários, ainda que anônimo, dentro de ambientes interoperáveis e heterogêneos. Essa tese propõe um solução baseada na creação de um ambiente multi identidade, no qual um usuário terá diferentes identidades, para diferentes sistemas, usando o mesmo identificador, dessa forma é possivel garantir a conexão com diferentes serviços, soluções e outros componentes, usando o mesmo login, por exemplo, porém tendo diferentes representações em cada solução, isso garantirá, entre outros, privacidade, diferentes niveis de segurança e interoperabilidade. Tal solução será descrita na forma de um middleware explorado dentro do contexto de cidades inteligente. Por fim, este trabalho apresentará um conjuntos de experimentos que utilizam o middleware, para proteger dados confidenciais dos cidadãos.

Palavras-chave: Privacidade. Segurança. Anonymity. Middleware

ACRONYMS

AWS Amazon Web Services EC2 Elastic Cloud Computing FIDIS Future of Identity in Information Society IDex ID extractor IDrep ID repository IDre ID resolver IDM Identity Management IdP Identity Provider IDeM Identity-Driven Middleware IoT Internet of Things NFC Near Field Communication OWASP Open Web Application Security Project PKI Public Key Infrastructure PRIME Privacy and Identity Management for Europe RDS Relational Database Service STORK Secure Identity Across Borders Linked SWIFT Secure Widespread Identities for Federated Telecommunications SM Service Manager SP Service Provider VID Virtual Identity

LIST OF ILLUSTRATIONS

Figure 1: Research steps...... 20 Figure 2: General view of a smart city environment...... 39 Figure 3: Conceptual description of the IoT architecture ...... 47 Figure 4: Message format ...... 48 Figure 5: Architecture of NFC in the cloud ...... 48 Figure 6: Proposed architecture with context-aware capabilities ...... 50 Figure 7: Architecture overview ...... 52 Figure 8: General architectural overview ...... 57 Figure 9: Communication flow in proposal ...... 59 Figure 10: Patterns definition ...... 61 Figure 11: Detailed architectural view...... 62 Figure 12: General concept vision ...... 65 Figure 13: Middleware Main flow ...... 66 Figure 14: Request and resolve ID sequence diagram ...... 67 Figure 15: ID changing sequence diagram ...... 70 Figure 16: Anonymity sequence diagram ...... 72 Figure 17: Scenarios Interpretation ...... 74 Figure 18: AWS infrastructure, presented with IDeM and implemented systems...... 87 Figure 19: Experiment flow ...... 89 Figure 20: PREVENT architecture overview ...... 97 Figure 21: Case Study Healthcare Security Layer Basic Flow...... 99 Figure 22: Case Study Record sample ...... 100 Figure 23: Patient Records Persisted in Google Cloud Datastore ...... 102 Figure 24: Generated IDs for Protected Patient Record in Case Study ...... 103 Figure 25: FHIR Health Record Snippet BEFORE HSL approach ...... 104 Figure 26: FHIR Health Record Snippet AFTER HSL approach ...... 104 Figure 27: AWS infrastructure for experiment C ...... 110 Figure 28: Educational values ...... 113 Figure 29: Government Tax System ...... 113 Figure 30: Resource system ...... 114 Figure 31: middleware main table content...... 115 Figure 32: Student table after middleware ...... 115 Figure 33: Grades and courses ...... 116 Figure 34: Taxes spent using middleware ...... 116 Figure 35: Citizens’ use of natural resources ...... 117

LIST OF TABLES

Table 1: Security Issues in the role of a smart city literature ...... 37 Table 2: Compilation on Identity Issues ...... 38 Table 3: Consolidated view ...... 53 Table 4: IDeM comparing with others ...... 78 Table 5: Issues analyses under IDeM optic (FERRAZ et al., 2015b) ...... 81 Table 6: Experiment A infrastructure ...... 88 Table 7: Citizens ID and Names ...... 89 Table 8: Systems A, B and C data ...... 90 Table 9: IDeM generated ID, citizen ID and System id ...... 91 Table 10: Systems A, B, C data with identifiers changed ...... 92 Table 11: 1.000 and 10.000 citizens’ simulation ...... 95 Table 12: Summary of available services ...... 107 Table 13: testbed random values ...... 108 Table 14: Infrastructure ...... 112 Table 15: Resource ranking with and without IDeM ...... 118 Table 16: Taxes based on resources analysis ...... 119 Table 17: Taxes based on Education ...... 120

CONTENTS

CHAPTER 1 INTRODUCTION ...... 14 1.1 CONTEXT ...... 14 1.2 PROBLEM STATEMENT ...... 17 1.3 OBJECTIVE ...... 18 1.4 RESEARCH QUESTION ...... 18 1.5 HYPOTHESES ...... 19 1.6 RESEARCH METHODS ...... 20 1.7 STRUCTURE OF THE THESIS ...... 21 CHAPTER 2 IDENTITY MANAGEMENT AND SMART CITIES: CONCEPTS AND DEFINITIONS ...... 23 2.1 ENTITY, IDENTITY AND IDENTIFIERS ...... 23 2.2 IDENTITY MANAGEMENT REQUIREMENTS ...... 25 2.3 IDENTITY MANAGEMENT MODELS ...... 27 2.4 IDENTITY MANAGEMENT PARADIGMS ...... 29 2.5 ABOUT SMART CITIES AND ITS COMPONENTS ...... 31 2.6 SECURITY UNDER THE SMART CITIES PERSPECTIVE...... 36 CHAPTER 3 EXISTING ARCHITECTURES AND PROJECTS ...... 40 3.1 IDENTITY RELATED PROJECTS AND SOLUTIONS ...... 40 3.1.1. ABOUT IDM TECHNOLOGIES ...... 42 3.2 SECURITY RELATED PROJECTS AND ARCHITECTURES ...... 45 3.2.1. IMPROVING SECURITY AND PRIVACY IN IOT APPLICATIONS ...... 46 3.2.2. CLOUD ARCHITECTURE BASED ON NFC IN A SMART CITY ...... 47 3.2.3. CLOUD-BASED ARCHITECTURE FOR CITIZEN SERVICES IN SMART CITIES ...... 50 3.2.4. SEPARATION OF IDENTIFIER AND LOCATOR...... 51 3.3 ANALYSIS ...... 52 CHAPTER 4 IDEM: AN IDENTITY-DRIVEN MIDDLEWARE FOR INTEROPERABLE AND HETEROGENEOUS SYSTEMS ...... 56 4.1 MIDDLEWARE: CONCEPTS AND COMPONENTS ...... 56 4.2 IDEM: HOW IT WORKS ...... 64 4.3 GENERAL DYNAMICS ...... 65 4.3.1. REQUEST AND RESOLVE ID ...... 67 4.3.2. ID CHANGING ...... 70 4.3.3. ANONYMITY ...... 72 4.4 IMPACTS AND CONSEQUENCES OF IDEM ADOPTION ...... 73 CHAPTER 5 EXPERIMENTS AND VALIDATION ...... 85 5.1 VALIDATION PLANNING ...... 85 5.2 EXPERIMENT A: GENERIC ...... 86 5.3 EXPERIMENT B: IDENTITY MANAGEMENT IN HEALTHCARE SYSTEMS ...... 96 5.4 EXPERIMENT C: MULTI INTEROPERABLE ...... 106 5.5 FINAL ANALYSIS ...... 123 CHAPTER 6 CONCLUSION ...... 125 6.1 CONTRIBUTION...... 126 6.2 LIMITATIONS AND FUTURE WORKS ...... 128 REFERENCES ...... 129 APENDIX A ...... 135

Chapter 1 Introduction

This Chapter explains why this study was undertaken; what problem it seeks to address; what the hypotheses are that underpin the decisions made and which are based on an extensive review of the literature; the general and specific objectives are; and finally, what the methodological approach used to conduct the research is.

1.1 Context

The term “city”, in general, means a place or urban area which is demographically enclosed and which operates under an economic and political understanding (JOHNSTON; GREGORY, 1981). Operationally, cities are organized based on a number of core systems comprising different networks, infrastructures, and environments related to their key functions, including services for citizens, and for businesses, such as: transport, water, energy and others (DIRKS; GURDGIEV; KEELING, 2010). Those systems are to be connected using different means and the Internet, diverse components and parts to ensure that connection. One of those components is responsible for defining permissions and identities of both isolated and interconnected environments, this component is known as Identity Management System.

An Identity Management (IdM) system represents a system responsible for providing information about users, services, systems, any other entity, and the identities of those involved in an identification-based relation (TORRES; NOGUEIRA; PUJOLLE, 2013). IdM systems are the core mechanisms that are responsible for establishing trust between the system, the entity and the identity of that entity. At a second moment, the IdM also provides the identity permissions needed to perform actions in the requested system (HANSEN; SCHWARTZ; COOPER, 2008). Moreover, a typical IdM system is composed of processes and technologies to manage and secure data, information and information assets of an organization and, at the same time, protect the user and customer profiles (MPOFU; VAN STADEN, 2014).

Nevertheless, new identity-based models have been proposed, some of which are optimized to meet user’s goals (MARTINEZ-BALLESTE; PEREZ-MARTINEZ; SOLANAS, 2013; TORRES; NOGUEIRA; PUJOLLE, 2013), while others are optimized 15 so as to address issues related to the infrastructure of the network or the requirements of the application and the services (ADDO et al., 2014; TORRES; NOGUEIRA; PUJOLLE, 2013) and finally, in some previous work, we have presented problems related to city services in the context of a “smart city”, security and identity (FERRAZ; SAMPAIO; FERRAZ, 2013).

A Smart City can be defined as an intelligent environment, which embeds information and communication technologies (ICT), creating digital environments for physical consequences. From this perspective, a Smart City refers to a physical environment where the information and communication technologies, including sensor systems, disappear as long as they become ubiquitous (HARRISON et al., 2010). Smart cities are evolving towards a strong integration of all dimensions of intelligence available in a city: individual, collective, and artificial. They are built as multi-dimensional agglomerate, combining those three main dimensions (SCHAFFERS et al., 2011) (CHOURABI et al., 2012).

There is still no consensus when it comes to the concept of Smart City. Chourabi et. al (CHOURABI et al., 2012) list some concepts presented in practical and academic use. Among them, it is possible to quote: A more efficient and sustainable city, in constant progress to become more equal and livable; A city that uses computational intelligence to enable critical components and services – including its management, education, health, public safety, real estate, transportation and utilities – more intelligent, interconnected and efficient.

The increasing interest on smart environments from academia and industry is promoting the emergence of new value-added services for societies, and enabling unprecedented economic and social opportunities for government and private organizations. However, the enormous potential derived from this increasing data exchange raises serious privacy concerns, since collecting and processing of sensitive information (e.g. related to health, physical location or power consumption and others) will be common in these scenarios. Furthermore, unlike current explored concepts of smart scenarios, smart city ecosystems are expected to be made of a potentially huge amount of heterogeneous smart services and data that consume and/or generate entities capable of exchanging information and data in order to improve the city performance in general. Therefore, privacy, security and identity management solutions have to deal with 16 new challenges due to intrinsic nature and requirements of a Smart City which is being extended as part of our personal data (RAMOS; BERNABE; SKARMETA, 2014). Through an ideal IdM system, each user and/or citizen can choose how much control it may have on their information, and how much of that information is to be released or used by third parties. Also, anonymity and pseudonymity concepts have been under development in order to control information disclosure (TORRES; NOGUEIRA; PUJOLLE, 2013).

Going even further, also cities will be affected by such scenarios since the planet has passed through a process of rapid urbanization over the last few years. In the 1950s, more than 70% of people worldwide lived in rural areas, while the other 30% could be found in urban areas. In a change of context, in the years of 2013–2014, 54% of the world’s population was living in urban places. This urban population is expected to continue to grow, so that near to the year 2050, 34% of the world’s citizens will be living in rural areas and the other two-thirds (66%) (MORVAJ; LUGARIC; KRAJCAR, 2011) will live in big cities, roughly the reverse of the global rural–urban population distribution of the mid-twentieth century (UNIES, 1995).

This so-called city growth or emerging urban life is driving city infrastructure into a stress level never seen before, as the demand for basic services increases and also are exponentially overloaded (CARAGLIU; DEL BO; NIJKAMP, 2011).

Cities have to begin evolve without further delay as they are to meet the demands that will arise from this growth in population. They have improved the capabilities of their current service delivery and the foundations of these capabilities themselves by making their core systems (transport, public safety, government, education, health, and natural resources) “smarter” (FERRAZ; FERRAZ, 2014a). This can be further enhanced by applying Information Technology, Analytics, Design, and Systems in the right places, provided that data from the core systems can be exchanged with auxiliary systems in order to create new information that is more useful for the city, so that it can drive a thriving, knowledge economy in a fast-forward gear (DIRKS; KEELING, 2009).

1.2 Problem Statement

The concept of smart city is based on an environment that is instrumented, interconnected, and intelligent (HARRISON et al., 2010), (FERRAZ; SAMPAIO; FERRAZ, 2013). ‘Instrumented’ refers to a city covered by a set of sensors that could be both physical and social. By using such sensors, the core systems of cities can have access to real-time and consistent data. ‘Interconnected’ refers to a vast set of systems working together to offer information from different sources and origins. A combination of interconnected and instrumented systems creates a connection between the physical world and the virtual world by transmitting data collected from sensors to systems. ‘Intelligent’ refers to an instrumented and interconnected environment that makes the best use of data obtained from different sensors and systems in order to offer a better life to citizens (FERRAZ; SAMPAIO; FERRAZ, 2013), (DIRKS; KEELING, 2009).

However, by providing an environment which is so widely interconnected could have the side effect of creating a different set of scenarios where flaws in information security could be created and adversely exploited. Nonetheless, to ensure interoperability and to create a system of systems, it is important to make use of citizens’ data, despite the fact that some or even much of them are confidential in the sense that legal safeguards with respect to a citizen´s privacy must be met (FERRAZ; SAMPAIO; FERRAZ, 2013). On the other hand, the impact of citizens participating in the process is a sensitive issue because data will be openly and widely used. Therefore, Dirks et al, states that the importance on creating an integrative solution in which the parties involved have and retain a high level of confidence in each other. When this confidence cannot be established directly, it is necessary to go through an intermediary that is trusted by both parties (DIRKS; KEELING, 2009).

In order to address the challenges of privacy and security preserving in data sharing solutions, this work presents an Identity-based solution that uses concepts of multi- identity and the separation of identifiers from its data, in order to increase security, anonymity and privacy, while still enforcing interoperability. The proposed solution will be validated in the form of a middleware, applied in an interoperable paradigm of a smart environment, such as a smart city, and it may represent any entity able to generate and consume data and information. It is assumed that a smart object possesses a real identifier 18 that in a specific context represents its identity. Based on this, the proposed design allows managing identity and identifiers to increase citizens’ privacy and preserve their anonymity by adding new layers of security related to how smart systems hold citizens’ data. The designed depicted in this work represents a step forward in order to achieve an integral, flexible and privacy-preserving shared model to be used in the upcoming generation of smart cities.

1.3 Objective

The main objective of this thesis is to design an identity-based solution for an interoperable environment which is able to increase the security of how information about users is held by and exchanged by systems through managing identity and identifiers.

In order to do so, the specific objectives are:

a. To define fundamental characteristics of identity and identifier approach;

b. To analyze security gaps and failures within an identity based techniques;

c. To define specific security issues applied to a scenario of a smart city;

d. To propose a validation for the identity-based solution in the form of a middleware in order to verify which and how security issues of interoperable environments are addressed;

e. To stablish an experiment based on a set of prototypes using the aforementioned environment, applying the proposed middleware so as to demonstrate the validity and applicability of this concept.

1.4 Research question

Nonetheless, one of the most critical restrictions for mainstream users (or citizens) in adopting the solution of smart cities is the concern over how their data will be kept safe in, and among, all the various collaborative systems that are part of the set of solutions for solving urban environment problems (FERRAZ; FERRAZ, 2014a). 19

More than simply providing an environment with authentication and authorization, it is important to provide city systems with a reference infrastructure with the capability to manage data and identities throughout heterogeneous environments (HARRISON et al., 2010; MARTINEZ-BALLESTE; PEREZ-MARTINEZ; SOLANAS, 2013; WANG; ZHOU, 2012) without compromising the interoperability of the environment and citizens’ privacy and anonymity. Hence, identity management is a fundamental part for evolving and maintaining smart cities (FERRAZ; SAMPAIO; FERRAZ, 2013).

In this context, this thesis seeks to answer the following questions:

a. Among the classical characteristics of IdM solutions, which ones are suitable and needed for an IdM-based system for smart cities?

b. In the context of smart city security issues, how does the management of identity and identifier increase an entity’s privacy and security?

c. How can a solution be proposed to improve information security without changing the city system in a deep way?

1.5 Hypotheses

Based on the problem and main objectives, this thesis raises the following set of hypotheses with regard to adopting a specific solution for interoperable environments:

• By adopting a multi-identity based solutions it is possible to increase security, anonymity and privacy, while still enforcing interoperability and data exchange in heterogeneous systems;

• By adopting the proposed approach, security issues specific to a smart city will be addressed; and

• By implementing software artifacts, in this case in the form of a middleware, it is possible to enhance security and generate minimum changes in the addressed systems.

1.6 Research methods

The method used to develop the proposed solution is based on a segmented research, in which specific differences of Information Security in smart cities are highlighted. A model and a middleware are proposed and discussed.

In order to validate the proposed solution, an analysis of security issues and concerns over creating a smart city is defined and performed. Finally, a set of prototypes is developed in order to check performance and security impacts. Figure 1 depicts the process and steps.

Figure 1: Research steps

1 2 3

Problem Analyse Research Specific Definition Solutions Aspects

Experiments and Development, Solution applications and Evaluation Proposal definition

6 5 4

Source: The author. The first phase is when the problem in this thesis was defined and explored. In this step, the main and specific objectives were proposed.

Based on the definition of the problem, some solutions related to the main topics of this thesis are analyzed, the results of which are used as the foundations defined in the steps that follow.

The Security Specific Aspects phase tackles defining and analyzing a series of security technologies and issues having specifically to do with identity management 21 under the scope of a smart city environment. This step is particularly important for defining the grounds for affirming that Information Security in Smart Cities is different from that of other areas, such as mobile phone development or cloud computing security (FERRAZ; FERRAZ, 2014a).

After defining what role security issues play in a smart city, the next step is to set out an identity-based solution that takes into account the characteristics of an urban interoperable environment.

Defining the experiment and application follows on from that. In this step, a simulated environment of a city and other scenarios are created; at the same time, a set of three experiments are defined. The three samples serve to demonstrate how the proposed solution will be used and how it will behave while the proposed experiment is being developed and implemented.

The last phase is that of defining, developing and evaluating the experiments; in other words, experiments will be developed and conducted using the proposed IdM middleware evaluating its impacts such as security and privacy increasing.

1.7 Structure of the Thesis

This thesis is structured as follows:

Chapter 1 - This first chapter has introduced the context of this thesis and discussed the research problems, methodologies and hypotheses.

Chapter 2 – Theoretical underpinning. The main definitions used in this thesis are explored in this chapter. This chapter explores concepts, challenges, and definitions regarding the topic of Smart Cities under the identity management perspective.

Chapter 3 – Architecture and Security Technologies. This chapter will describe a series of frameworks and architectures, used in co-related areas such as IoT (Internet of Things) and distributed systems, as well as those in related and similar works.

Chapter 4 – Chapter 4 will put forward a middleware that increases information security. The main objective of the proposed solution is to act as an Identifier and Identity manager that keeps Entities, Identities, and Identifiers separate from the associated Data. 22

Finally, this chapter conducts an architectural analysis on the aforementioned Security Issues, under the scope of architectures and frameworks presented in Chapter 3.

Chapter 5 - Validations. This chapter explores a set of experiments conducted by describing the infrastructure used, the number of servers, the tools, the behavior of applications being tested and the benefits from using the proposed solution. It serves to validate the problem solution proposed in this thesis.

Chapter 6 – Conclusion. Finally, Chapter 6 draws conclusions, presents this thesis results and contributions, and recommends topics for future research.

Chapter 2 Identity Management and Smart Cities: Concepts and Definitions

This chapter introduces and discusses concepts and themes related to Identity Management (IdM) and components of a smart city. It presents definitions and characteristics of Identity Management systems based on a systematic review published by Nogueira et al (TORRES; NOGUEIRA; PUJOLLE, 2013) and it also presents characteristics and components of smart cities based on another work previously published (FERRAZ; SAMPAIO; FERRAZ, 2013). By the end of the chapter, an analysis on the depicted components of a smart city and IdM is made. The focus for this analysis is to define specific needs related to security in the context of interoperable smart cities.

2.1 Entity, Identity and Identifiers

An entity can be a person, a network service, a computing device or a mobile device, a sensor, a citizen, an actuator or a system. They use credentials and have a lifecycle which is separate from any identity or identifier associated with it. On the other hand, an identity is not absolute. An identity describes an entity within a specific scope (BOSWORTH et al., 2005).

The identity of an entity, within a scope, is the set of all characteristics attributed to this entity within that scope. For example, an identity could be related to an educational system that contains information about one’s educational record, courses taken, and/or grades received. Another possible example in an identity related to natural resource consumptions, or it could even be related to the money and any other funds that someone holds in bank accounts or in an investment portfolio. Therefore, any identity is only valid within one specific field and represents more than simple information used to distinguish one entity from another; it also represents who such entities are, along with their individual characteristics (BOSWORTH et al., 2005)(TORRES; NOGUEIRA; PUJOLLE, 2013). 24

To identify a unique entity, it is necessary to rely on identifiers, not only on identities. This distinction between identity and identifier is essential, and not always properly stated. In this thesis it is assumed that, an identity is related to personal data or information used to identify an entity. An entity is considered to be components of a unique identifier. Note that identifiers (such as a user name, sensor UIDs, social number, passport number, serial number, or serial ID) are also only valid and guaranteed to be unique within a given scope. Instead of regarding an entity with one single identifier as representing a single identity across different systems, it is more natural to view an entity as a collection of multiple identifiers (a set of sets). Each set has its own scope which can represent different identities of the same entity because this entity is identified differently within different possibilities.

2.1.1. Credentials and Identity Lifecycle

The core concept of an IdM includes three entities: the user, the service provider and the identity provider. A user, or an entity, is an actor that that uses services that are provided by the service provider (SP), i.e., a user is a client of a service. Users need to use IdM systems when the services that they demand require a third party to certify the user´s attributes. Users, who can be a public organization, a human, a virtual entity such as software, etc., must have an identity in order to have access to the services. Identity Providers (IdPs) are the core of IdM systems. An identity provider controls the credentials of the entity and provides authentication services. Thus, it provides different levels of trust and access to different types of user. For example, a common user and an administrator user in the same company should have different privileges when accessing the company’s services.

The main two functions of an IdP are 1) to provide some services to the user such as registration, verification; 2) to process the requests from the services and users for authentication. An identity provider can be classified by functionality as being one of four kinds (BOSWORTH et al., 2005)(TORRES; NOGUEIRA; PUJOLLE, 2013), as depicted:

 Credential Identity Service: this kind of identity provider uses credentials, such as user identity for authentication. 25

 Identifier Identity Service: An identifier is the representation of a user, such as a name, an email account or ID-card number assigned to a user.

 Attribute Identity Service: An attribute is information that can be used to define user identity, such as part of the credential or the process of assigning the identifier e.g., name, address, contact information etc. This kind of IdP should provide a mechanism so that the user identity attribute can be verified.

 Pattern Identity Service: Uses patterns, reputation, honor, trust records and history access records to describe or verify user identity. Regarding security, some patterns can help to find possible hackers/attackers by using a model that matches the characteristics of an attacker.

2.2 Identity Management Requirements

In an interoperable environment, i.e., one in which several systems communicate with each other, an IdM has an important role, namely it provides identities, credentials and a lifecycle for the credentials provided, this being its main role within that environment. To do these, it is vital that certain requirements must be in place so that an IdM can adequately offer the aforementioned characteristics. This section will discuss some of these requirements.

2.2.1. Privacy, Integrity and Availability

In a common definition, privacy is a term used in Information Security to describe one of its goals. Integrity is the ability to maintain a piece of information or data without changes; Availability is the characteristic of keeping a piece of information or data available, when needed; and, Privacy is a characteristic of keeping information or data private and therefore not subject to undesired access (SCHUMACHER et al., 2006).

In its main context, privacy is about the importance of preventing a piece of information from being accessed, changed and used by non-authorized personal. In an IdM, the privacy debate is about discussing the importance of ensuring that the data that 26 an IdM uses remains private, in the context of Identity Providers, and therefore that intruders do not have access to sensitive information. Moreover, discussion about user privacy in general must include how to keep a user’s identity private. This is an important characteristic of IdM systems, as this entails ensuring that information about the user remains private and is held as securely as possible (BOSWORTH et al., 2005).

Privacy will be one of the main focus of this thesis approach, and will be further explored in the following chapters

2.2.2. Usability

In general, making IdM systems simple and easy to use reduces barriers to adopting them. Usability refers to the effectiveness, efficiency, and satisfaction with which specified users achieve specified goals in particular environments (DHAMIJA; DUSSEAULT, 2008).

A lack of usability can have a negative impact on functionality, security and privacy. Although many IdM systems claim to be designed with the user in mind, most still present important usability issues (ALPÁR; HOEPMAN; SILJEE, 2011)(DHAMIJA; DUSSEAULT, 2008).

2.2.3. Trustworthiness

Trustworthiness is a requirement for all transactions defined and maintained by an IdM in order that a user trusts the service provider (SP) or the system. Therefore, the good reputation of software and hardware providers and SPs is an asset in the market. Although the notion of trust may depend on many factors, it is clear that privacy, security and usability are preconditions for trustworthiness (BOSWORTH et al., 2005)(TORRES; NOGUEIRA; PUJOLLE, 2013).

Any IdM system has to take full account of the legal requirements with regard to law enforcement in the countries in which it will be used. However, these requirements are sometimes contradictory between different countries, and even regions within a given country, as the result of there being different cultures and realities. For example, in the 27

USA, different states can have different laws that govern certain activities that are conducted in all or most other states. However, in some parts of the world, the rule of law set by central government is not necessarily respected or upheld in remoter regions which engage on the same activities as areas of the country fully under the control of central government (BOSWORTH et al., 2005)(TORRES; NOGUEIRA; PUJOLLE, 2013).

2.2.4. Interoperability

Interoperability among existing systems is a basic requirement for an IdM system. IdM systems should implement interfaces compatible with international and ubiquitous standards. In order to ensure that users are willing to accept these interfaces, it is important that the dominant players in the respective markets for IdM systems declare their support for them and advertise them. It is possible that certain players may resist making their products compatible with these interfaces in order to protect their national market and overall systems. Should this happen, it may be more difficult for IdM systems to acquire a critical mass in regions of the world where such resistance is extensive.

Achieving interoperability across different contexts is impossible without a comprehensive and broad adopted protocol or specification that defines the interfaces to communicate with one another (TORRES; NOGUEIRA; PUJOLLE, 2013)(BEN AYED; GHERNAOUTI-HÉLIE, 2012).

2.3 Identity Management models

As discussed in the previous section, Identity Management has its own characteristics and crucial requirements which must be met in order to offer interoperable systems. Based on these initial characteristics, different models for IdM systems could be provided. This section will discuss the following approaches: an isolated, a centralized and a federated model.

2.3.1. Isolated Models

An isolated model is the simplest IdM model. The service provider acts both as a service provider and as an Identity Provider (IdP). The functionalities of SP and IdP are integrated with each other. So, a single server is responsible for performing all the identity storage and user operations such, as allocating, deleting, modifying, authenticating and authorizing unique identities.

Although this is a simple model, users need to manage a very large amount of information and credentials, such as usernames and passwords. If credentials are lost or passwords forgotten, this creates a huge obstacle to usage, and this will entail that many services cannot be guaranteed to be fully functional. Thus, the cost of password recovery will increase the cost of SP especially if the services offered need to be at a high level of security (TORRES; NOGUEIRA; PUJOLLE, 2013).

2.3.2. Centralized Models

On the other hand, a centralized model is implemented in a client-server strategy. Unlike in isolated models, there are separate components that are needed for a centralized model to act as either an SP or an IdP. In this situation, all SPs use a unique IdP which is responsible for managing the storage of user identities and authentication. When the SP needs to authenticate a user, it will send the user’s information to the IdP to finish the process.

This model is suitable for scenarios in which there are requirements for managing a large number of users. However, several disadvantages are to be found in such a model. For example, the fact that it stores all identities in a single IdP may cause privacy protection problems. Also, delegation of user privilege and crossing domains are not well supported (KIM; JIN; LIM, 2010)(DHAMIJA; DUSSEAULT, 2008).

An example of an IdM network-centric paradigm is a Microsoft Windows domain governed by a set of predefined administrator and domain controller (DC) servers (JIN et al., 2010). 29

2.3.3. Federated Models

A federation is composed of an association of different service providers in order to enable users to interact with different domains without having to re-authenticate every time that a server or service is accessed. It integrates different domains and creates a global unique domain, so, a federation can be described as the set of agreements, patterns, methodologies and technologies that let a group of service providers recognize user identities from other SPs in the domain of a federated trust.

The model enables users from a specific domain to access services in another domain without requiring re-authentication. In this case, if the user wants to access many services in the federated domain, only a single identifier and credential is needed. Also, this whole IdM system is transparent to the user and acts as a unique SP (KIM; JIN; LIM, 2010)(DHAMIJA; DUSSEAULT, 2008).

2.4 Identity Management Paradigms

Besides having a model and characteristics, an IdM solution has different kinds of branches of action; in other words, a federated IdM solution may focus on the network used by that federation or may focus on the user who uses that solution or even on the services offered in that environment. This section discusses these areas of focus for IdM.

2.4.1. Network-centric

The ease with which software can be deployed over a network has given rise to network-centric software systems. A network-centric perspective is concerned with the hardware and circumstances of a network, such as managing and configuring the elements within and managing the security of its infrastructure, controlling access to it, etc. This paradigm is intended to cover the needs of Identity Management for networks and network providers. The advantages of this architecture are (JIN et al., 2010):

 It reduces the financial costs to a remarkable extent in comparison to the existing infrastructure; 30

 It maximizes the reuse of resources;

 It controls the interaction of information exchange within the system;

 It ensures that the system is secure on the transfer layer. One of its main characteristics is the focus on solving specific problems of these environments such as, for example, fraud or theft of services.

2.4.2. Service-centric

Services from different providers across multiple domains comprise the service- centric paradigm. The major point of this paradigm is to be able to choose between services in a dynamic way. As the number of services provided for users on the Internet or locally has arisen, SPs may need to have the ability to choose, dynamically, the services that the user should use (JIN et al., 2010).

One example of this situation is a cloud storage service. The selected storage service depends on the user´s preferences. They may choose between iCloud, Dropbox, Google drive, etc. If a new storage service enters the market, the IdM service-centric paradigm has to adapt to this new service at runtime. Also, it should provide a way for the user to be able to dynamically and explicitly delegate their access rights to the new storage service.

There are two main challenges in implementing a system according to the IdM service-centric paradigm: It is not easy to combine and store services from different SPs and domains since each service may have a different access control mechanism and trust level and that Delegating the users’ access rights from one service to another is not simple. Also, users behavior is not easy to track and control (JIN et al., 2010).

2.4.3. User-centric

The main principle relates to a user controling their identity throughout the whole lifecycle of the identity. So, responsibility for and control over user’s information falls to users themselves, and not to an external entity. This notion has been implemented in many 31 technologies, such as Security Assertion Markup Language (SAML 2.0), the UAC (User Access Control) of Windows and SUDO of Linux.

Another important point of the user-centric perspective is that the user has to choose which one from among multiple identity providers to use. Currently, this perspective is the most popular in the Internet world, and there are many solutions. Some specific examples are: Liberty Alliance, OpenID (SINGH; CHATTERJEE, 2015), Higgins (TORRES; NOGUEIRA; PUJOLLE, 2013) and WS-Federation. However, this perspective also has disadvantages. Since the users are in control, they also need to configure the complicated security settings and this makes it difficult to share decisions. It also raises maintenance problems since the organization first needs to obtain the user’s consent of this (KIM; JIN; LIM, 2010)(JIN et al., 2010)(TORRES; NOGUEIRA; PUJOLLE, 2013).

2.5 About Smart Cities and its components

The integration of the identity of a citizen across multiple systems and services, and the ability to provide a joint response to the needs of daily events, comprise the goal of allowing citizens to manage their own identities. This also includes the type of information on the citizen that is released to whom or when, whereas anonymously aggregated data are made more widely available (HARRISON et al., 2010)(BOSWORTH et al., 2005).

Thus, IdM is a key enabler for future cities. A unified identity system, while it can integrate itself to multiple Identity Providers (IdPs) and different ways of authentication and identification, is necessary for managing the extensively “wired” nature of the city and density of data transaction, and the diversity of possible solutions (HARRISON et al., 2010).

Citizens or entities can use their identities to gain access to services and systems, and to the benefits that they offer. This is a way of integrating several solutions (systems and services). Entities and services eventually repeat their identification artifact at different points in time and in different situations. 32

Ideally, every citizen and/or entity should have a number of identifiers related to a number of identities, each of which consists of the scope combined with several attributes that are either exposed or used to validate a claim without exposing information. The use of multiple identifiers and identities limits the exposure of truly important credentials, thus minimizing the risk of abuse and identity theft, while allowing the exposure of less critical information that is helpful for participants in the city’s ecosystem, such as retailers, building operators, service providers, and governments (HARRISON et al., 2010).

Not only are citizens responsible for their identities, but also for the information that constitutes such identities and when this information can be exposed. This thesis explores the impact in security of identity management in smart cities.

While the previous sections explored concepts and components related to IdM. The next section will depict some of those items related to smart cities.

2.5.1. Smart Cities: Components

The composition of smart city concepts is related to urban systems and services, which offer utilities to ordinary citizens for their daily needs. In a given system, we discuss different systems types that are involved in Smart City areas. They are: Education, Public Safety, Transportation, Energy and Water, Healthcare and Government Services (FERRAZ; SAMPAIO; FERRAZ, 2013):

Education Systems: Represent every system that is, directly or indirectly, related to educational services. Public Safety: Represents every system that aims to help public areas and citizens to guarantee city safety. Examples are, but not limited to, surveillance systems or crime report systems. Transportation System: Represents every system that, in different ways, leads citizens to better moving around a city. The mobility could be either with or without using automotive transport. Energy and Water System: Defines any system that acts directly focusing on the management of natural resources, more specifically on Energy or Water consumption. 33

Healthcare System: Every system that aims to aid health service, thereby providing a faster and accurate patient care and diagnosis, improving the patient overall experience according to the definition of healthcare information systems. Government Services: This term depicts every system that works within government scenarios. It can vary from a justice web system that displays legal issues for each citizen, to a platform that opens governmental data to the city itself. For example, the Open Government Data1 and British Data.gov.uk2 fall under this same idea.

All these systems are interconnected. This interconnection represents challenges to the cities and how information from different systems will emerge as valuable new data for citizens and cities.

Additionally, a smart city must know how to transform its systems and optimize the use of its finances. It has the duty to provide many resources and services to its citizens and it should look at its systems and make them more efficient and effective, which means they should become more intelligent.

Within these scenarios, Smart City environments, or solutions, face three specific topics, namely: System Interoperability, Platforms and Applications (FERRAZ; SAMPAIO; FERRAZ, 2013).

2.5.2. System Interoperability

In the last few decades, major cities around the globe have emerged to a reality in which every major public and urban system is now represented in the form of a Computer System. Urban systems like the ones responsible for: Education, Public Safety, Transportation, Energy and Water, Healthcare and Services are now present and vital for the continuity of these cities. Furthermore, these systems deal with a huge amount of historical data that would be impossible to manage in any different way.

One of the problems faced by such environments is that their solutions are isolated from each other. As a result of which it is difficult to gather information from one system

1 Http://opengovernmentdata.org/ last accessed in July 22, 2016 2 Https://data.gov.uk last accessed in July 22, 2016. 34 that can be used in another system, thereby creating more valuable information (DIRKS; KEELING, 2009; NAPHADE et al., 2011)

To deal with that, research studies show that is crucial that cities open their systems so as to make it possible for other entities to interact with as many systems as possible in order to provide citizens, public and private institutions with more valuable information (CARAGLIU; DEL BO; NIJKAMP, 2011; DIRKS; KEELING, 2009; NAPHADE et al., 2011).

2.5.3. Platforms or Frameworks

Once it is understood that urban systems face problems related to their interconnection, a second approach puts forward the proposal for the creation of platforms or frameworks to connect different units, in order to interact through this environment. These units are represented in the form of a set of specific profiles that are directly related to citizens, buildings or companies and “things” (ATTWOOD et al., 2011; CHOURABI et al., 2012; LUGARIC; KRAJCAR; SIMIC, 2010).

In this option, great emphasis is placed on adopting the concept of The Internet of Things (IoT) which creates situations where sensors and different entities can and will interact with each other. Furthermore, there is the concept of social sensor, which is represented by values provided directly by citizens through social networks such as Twitter or Facebook. Even though social networks, are a well-established concept, their importance to urban life rests upon the messages, or posts, created by the user (citizen) to be taken into consideration, leading to the vision that one citizen, or their information, is as equally important as that of any other citizen (DURAVKIN, 2010; SKIBA, 2011).

Thus, Platforms and Frameworks emerge as the infrastructure in which the concept of sensor information, which could be both physical and a social sensor, emerges and such information is used as input to instantiate specific solutions for different urban environments. For instance, there is Xively3, formerly known as Cosm and Pachube, a platform for Energy connection that uses a physical sensor to monitor energy consumption on Twitter profiles that tracks traffic problems by working as a social sensor.

3 http://www.xively.com last accessed in July 22, 2016 35

2.5.4. Applications

The important difference between Platform and Applications is that a platform is built with the assumption that the power to decide how it is going to be used depends upon the choices made by the user that instantiates it. For instance, it is possible to see the same platform built to serve as a dynamic panel which shows opinions or as a medical solution showing what the status of all systems in a hospital is (BLACKSTOCK et al., 2010). Hence, this is about dealing with a more abstract approach, which usually comes combined with an application in order to find a solution.

On the other hand, solutions made for urban systems that are represented by applications appear to be more dedicated, practical and less abstract. For example, Waze4 in an application that tackle problems related to traffic; Dwolla5 tackles attacks scenarios of economic behavior and Crime Reports6 deals with security measures.

2.5.5. Sensors

Sensors play an important role in producing the values consumed by platforms or applications. Platforms and applications woks with the same concept; This concepts being that there are entities responsible for gathering information and these are represented as Physical Sensors and/or Social Sensors (FERRAZ; SAMPAIO; FERRAZ, 2013).

Sensors that generate an expected format of data and non-personal information represent a Physical Sensor, i.e., Thermal Sensors, Presence Sensors, Magnetic Sensors, RFID tags and so forth.

A Social Sensor represents an entity for which data is created by a person and contains personal information attached, for example, a post on Twitter, or any other social network.

4 https://www.waze.com last accessed in July 22, 2016 5 https://www.dwolla.com last accessed in July 22, 2016 6 https://www.crimereports last accessed in July 22, 2016 36

2.5.6. Actuators

A sensor, Physical or Social, represents entities responsible for gathering information from the environment. On the other hand, an actuator represents the ways that the information gathered by the Sensor components is sent back to the user. Take for example a system that collects information about traffic, combining Twitter with camera images, and then sends back to the driver's Smartphone a piece of information about which parts of the city are experiencing traffic congestion and which are not. In this case, both the application and the Smartphone are Actuators (FERRAZ; SAMPAIO; FERRAZ, 2013).

The actuators can be either Direct or Indirect; this classification will depend on whether the access to the information is directed to a specific user, e.g. on a Smartphone, or is directed to a broad audience, e.g. displayed on a smart panel.

The data generated, used, and stored by these solutions, and the system responsible for such data, each has a set of challenges of its own. Security is one of those challenges (BARTOLI, 2011; SEN et al., 2013). The entire set of solutions consists of applications, networks and infrastructure, and all of them have security concerns.

2.6 Security under the smart cities perspective

Urban Systems comprise Citizens who use Solutions. Such Solutions can be Platforms, Frameworks, and Applications, all built on Technologies that receive and use Data. Urban System Security Issues or Security Issues in the role of a smart city are situations that can pose problems to the infrastructure in its entirety (FERRAZ; FERRAZ, 2014a).

Table 1 presents a brief description of each issue in a group of nine issues, followed by the impacts that these issues produce (FERRAZ; FERRAZ, 2014b)(FERRAZ; FERRAZ, 2014a).

Table 1: Security Issues in the role of a smart city literature

Issue Description Impact Access to Information This issue relates to capture of information Privacy and Integrity from Application flowing from a service to an application.

Information Tracking This is related to disclosing the source of the Privacy and Interoperable data. Security

Citizen Tracking This issue relates to sensor data being used Privacy to track citizens, their steps, decisions, and other information about them User/Citizen Data Loss This issue considers the notion that Privacy and Availability applications save valuable data in devices, and if not well treated, these values could be lost. Crossed Access to This issue relies on the correct restriction Privacy and Integrity Information in Data and boundary definitions in an interoperable Centers environment Crossed Access in This issue considers information that has Privacy and Integrity Client Side leaked from System A to System B within the client side. Lack of Security in This issue relates to systems that do not Interoperable Security Depth validate data in different layers, and are infected by data coming from different points. Viral Effect in Urban It relates to a cascade effect in which one Interoperable Security and Environment system infects another system that infects Integrity other systems that continue infecting other parts of other systems, thus compromising the entire network. Infection Traceability This issue presents a consequence of the Integrity and Availability and Recovery previous issue due to the amount of data and interconnected systems. It is possible for the origin of an infection to remain undetected and therefore to make data recovery impossible. Source: (FERRAZ; FERRAZ, 2014a, 2014b). The issues mentioned in Table 1 present a set of generic and architectural issues discussed in some of the papers in the literature (FERRAZ; FERRAZ, 2014a, 2014b), in those papers are discussed several issues, present in different papers, and that poses as security threat to interoperable environments of smart cities.

On looking more closely into security issues, it is possible to select more specific kinds of security vulnerabilities, namely identity security issues. Table 2 presents a brief compilation on identity issues that, despite their vast use in the IdM environment, is a new subject if looked at under the perspective of smart cities.

Table 2: Compilation on Identity Issues

Issue Description Identity management is An identity management system should focus on methods to simplify not a primary objective daily tasks while offering the security, transparency, and privacy that a user needs. Citizens expect an Identity Management system to be secure and transparent, and privacy to be enforced in such a manner that daily tasks become easier and not more complex.

Identity trust is a No organization can guarantee a completely trustable system. Any bad sensitive matter and actor involved in the system can create a prejudiced reputation for other must be earned users. Therefore, an identity provider must ensure that organizations act appropriately and safely, and protect the identity and privacy of the actor.

Various types of access Illegal access to different types of account could impact finances and the to systems and services correct use of a system. In this context, the danger involved in using IdM systems will mainly affect a user, in a Smart City context; it may impact citizens and sensors. This affects an identity management system by enforcing membership, by creating different trust relations, rather than enforcing data ownership.

The paradigm of a single A significant part of identity and identifier information is stored with the access point provider; in this scenario, entities can take no action other than simply trusting the identity server and service to preserve their privacy, identifiers, and security, and to secure their information properly. However, mistakes can occur and privacy-sensitive information can become public; a group of attackers can focus their effort on invalidating the server, or a bottleneck from entities to a service could be created, thus making the service unavailable.

An easy phish to catch A centralized solution must be created and defined in which it is feasible even in the ocean of to moderate the number of points in the transactions performed in order identity security issues to reduce the possible locations where a phish could occur. This feature would also allow data to be updated when a system flaw or compromise occurs

To be or not to be, an One of the many advantages of identity management for citizens is that identity crisis the entities do not need to remember every single identifier that may be used in order to access various solutions. In some scenarios, an entity requires only one identifier, e.g., a user name and password, in order to log in and receive a multisite token

Linkability across To maintain privacy, it should be possible for users to keep their domains information and data private, or to create a scenario in which it is not possible for a domain to resolve "who" an identifier is in another domain, thus preventing the domain from maintaining records of who an entity is and what the entity has been doing.

Source: (FERRAZ; FERRAZ, 2016).

Relating the aforementioned concepts with security issues, a general framework for smart cities contemplates citizens, the focus of which is on solutions such as platforms, frameworks and applications that are powered by technologies in order to connect with 39 city systems. Figure 2 represents a general view of all components needed to enable solutions for smart cities.

Figure 2: General view of a smart city environment.

Source: (FERRAZ; FERRAZ, 2014b)

The concepts explored in Figure 2 present the connectivity between different solutions, components and parts involved in a smart city environment. As presented in Tables 1 and 2, all the components present in a smart city solution are subject to security issues and more specifically to identity issues. That having been said, information security must be an entity that cuts right across the rest of the environment. Even more, assuming identity as one of the pillars of information security, it brings forth the need for solutions related to IdM specifically designed for smart city environment, in order to increase security and privacy through IdM solutions.

This thesis will set out an identity-based approach to increase security in an interoperable smart city environment, the identity solution is depicted as a user-centric centralized solution. It will present an identity-based middleware. In order to posit this approach, the next chapter will put forward identity-based and security solutions.

Chapter 3 Existing Architectures and projects

Identity management will play an important role in addressing some of the issues mentioned in the previous chapter. This chapter depicts related works with the proposed in this thesis, analyzing strengths, weaknesses and characteristics of such work in order to create a base in which the proposed work can be compared.

This thesis proposes a middleware that increases security through identifiers and identity management, in that matter, the proposed middleware provides privacy and anonymity capabilities through the separation of user’s identifier form its data. Next sections will depict two sets of works, divided in two groups, the first one refers to IdM solutions depicted in a systematic review presented in the previous chapter (TORRES; NOGUEIRA; PUJOLLE, 2013) and another set of solutions that presents similar characteristics with the middleware proposed in this thesis.

Finally, by the end of this chapter, an analysis of those solutions is performed to present points to clarify the need for identity management in smart cities.

3.1 Identity related projects and solutions

IdM plays an important role in system development. Using different technologies and approaches, it is possible to build systems and concepts, such as single sign on (SCHUMACHER et al., 2006) and independent logins.

In smart city environments, IdM can play an even more vital role in the creation of such concept. It is through IdM advances that every citizen, sensor, or system can guarantee the correct use of their data (DHAMIJA; DUSSEAULT, 2008; TORRES; NOGUEIRA; PUJOLLE, 2013).

Regardless of various studies and protocols related to information security, the number of vulnerabilities in connected applications has increased during the past few years (GONÇALVES, 2010). Therefore, smart city systems require a distinct approach to address specific information security challenges (BARTOLI, 2011; FERRAZ; FERRAZ, 2014b). 41

According to (FERRAZ; SAMPAIO; FERRAZ, 2013; HARRISON et al., 2010; LIU; PENG, 2013; SUCIU et al., 2013), smart city solutions depend on a high degree of connectivity in order to allow their systems (such as Education, Government, Traffic, Security, Resources, and Health) to create an interoperable network, thereby offering citizens more powerful, accurate, and innovative (BATTY et al., 2012) services. Thus, one of the major challenges in smart city development is related to information security in the scope of interoperable systems (DIRKS; KEELING, 2009).

In addition to deliberate attacks, such as those from disgruntled employees, industrial espionage, and terrorism, information security must address accidental compromises of the information infrastructure caused by user errors, equipment failures, and natural disasters. Vulnerabilities could allow attackers to penetrate networks, gain access to control the software (FERRAZ; FERRAZ, 2014b; SEN et al., 2013), and modify load conditions to destabilize systems unpredictably. In order to protect smart cities effectively, various security problems must be addressed according to specific designs or plans.

The belief that a traditional security approach based on privacy maintenance, authorization, and authentication can simply be added to the critical infrastructure of a city to make it safer, because the city becomes smarter, does not correspond to actual scenarios (MARTINEZ-BALLESTE; PEREZ-MARTINEZ; SOLANAS, 2013).

The following section depicts a group of state of the art identity management related projects. The solutions presented are detailed in the systematic review previously mentioned (TORRES; NOGUEIRA; PUJOLLE, 2013).

This presentation is needed in order to define basic features and requirements of identity management systems in order to understand what kind of behaviors are expected from an IdM. The solutions presented and commented are: PRIME7, SWIFT, Kantara8, FIDIS9, SAML, Higgins10, OpenID, STORK11 and PICOS12.

7 https://www.prime-project.eu/ November 2016 8 https://kantarainitiative.org/ November 2016 9 http://www.fidis.net/ November 2016 10 http://www.eclipse.org/higgins/ November 2016 11 https://www.eid-stork.eu/ November 2016 12 http://www.picos-project.eu/ November 2016 42

3.1.1. About IdM technologies

PRIME stands for Privacy and Identify Management for Europe. The goals of this project are to address the lack of identity infrastructure for the Internet, identify essential requirements, such as security and privacy, and define the right balance of such requirements in emerging IdM architectures. The project aimed to develop a working prototype to improve IdM system’s privacy through the use of partial identities.

Components of data repositories are responsible for storing different sets of data and metadata that is held by the party where these data belong to or any other party. A user- side system will have a single data repository that stores its own data encrypted, and an enterprise will have multiple data repositories to address its data management needs. The repositories can be accessed by other components within the PRIME system and also by outside requestors, such as the user or a service.

An important point to be enlighten on PRIME is that it focus on privacy and has a strong characteristic of anonymity related to how it handles users identification. However due to its centralized structure it does not present interoperability among its strengths, and through its mechanism of authentication and authorization it provides an user-centric characteristic offering its user with mechanisms of asset control. It assumes that user data is managed on the user’s own devices, using the creation of a framework responsible for dealing with life-long privacy.

SWIFT stands for Secure Widespread Identities for Federated Telecommunications, is the evolution of Daidalos13, it proposes an architecture that acts as the backbone to the whole system. It depends on the notion of digital identity, which is provided by linking attributes, authentication and other information about the user. While the information itself is never stored in one place, the framework acts as a contact point for external services to resolve information about the user or one of his digital identities.

Since it is necessary to create a new generation of user-centered manageable communication infrastructure to attend different goals, Daidalos main goal is to integrate heterogeneous network technologies that allow network operators and service providers to offer new services. As an IdM architecture, Daidalos gives users access to a wide range

13 http://www.ikr.uni-stuttgart.de/Content/ResearchProjects/View/Full.html?daidalos-ii last accessed in November 2016 43 of personalized voice, data, and multimedia services. It works on a single ID based scenario in which the same identifiers creates the identification of each user, even though the ID is described as virtual identity it is still a unique ID associated with user spite of the service accessed by that user, it means that what is been created is a unique identification used in the system, and, as presented, in chapter 2 could let to undesirable situations like using breached information of one system to extract information of another.

On the other hand SWIFT project is composed by five security enablers on the user device interconnected by a virtual identity Manager and a Credential Manager. Even though SWIFT is an evolution of Daidalos it was built under the same assumption as its predecessor, SWIFT uses a unique ID through the whole solution, in other hand it has developed different means to aggregate identities in early phases of it identification process, also it has added features related to interoperability reducing concerns about security. Until the end of this review, both Daidalos and SWIFT have been discontinued and the information presented was gathered from sparse references such as (TORRES; NOGUEIRA; PUJOLLE, 2013).

Kantara an evolution of Liberty Alliance, was established in 2008 with the purpose of creating a robust focal point for collaboration within the identity community. The program aims to bring together work on key issues, including interoperability and compliance testing, identity assurance, policy, privacy and software development, it’s a SAML based protocol that also offers federation and mobility capabilities within an interoperable systems..

FIDIS stands for Future of Identity in Information Society. It is composed by a network of academic institutions and companies across Europe that has discussed the changing face of identity. This (Network of Excellence (NoE)) is supported by the European Union and was created in 2004. This project purpose was to integrate research efforts across different European nations focusing on challenging problems. FIDIS defines seven research branches that focus on identity aspects: identity of identity, profiling, interoperability of IDs and IdM systems, forensic implications, privacy and the legal-social content of identity, high Tech ID and, mobility and identity. One of the main research activities of the project aims to explore the definition of identity and 44 identification. It is called Identity of Identity and focus on creating an inventory of definitions in the identity domain and their respective use cases.

SAML (Security Assertion Markup Language) is a set of web standardized services protocols. SAML versions 1.0 and 1.1 were published in 2002 and 2005. Currently, SAML has a large contribution from Liberty Alliance. It is a XML standard for exchanging authentication and authorization data between services and its main goal is to provide interoperability among web sign-on products. The typical use case involves a user that is authenticated by an IdP that maintains an account for the user.

This XML standard solves two problems: single sign-on and federated identities. Also, it is mostly intended for business partners that require a standard for exchanging security information. Federated identity technology allows organizations using disparate authentication and authorization methods to interoperate, extending the capability to each organization’s existing services rather than forcing their replacement. Besides that, federated identity helps users by taking advantage of their familiarity with existing sign- on systems and reducing the number of passwords they need to memorize (FERRAZ et al., 2015a).

Higgins is an open source software project that aims to develop an extensible, platform-independent, identity protocol independent, software framework to support existing and new applications that give users more convenience, privacy and control over their identity information. It works with all popular digital identity protocols, such as WS- Trust, OpenID, SAML, XDI, LDAP, and so on. It enables the development of applications and services that work with various IdM systems, which allow developers to incorporate identity standards into their software. Within the user point of view, Higgins gives people more control over their digital identities, personal information and social relationships. Interoperability, security and privacy in a decoupled architecture are the main goals. This system is true user-centric based on federated IdM where the user has the ability to use a pseudonym or simply reply anonymously.

OpenID is a decentralized and free framework for user centric digital identity and its main purpose is to solve the single sign on problem for web services the first version of the OpenID protocol was developed by Brad Fitzpatrick in 2005, since then, it has gained massive attention from the Internet developer community and including hige corporations. Today, Google, IBM, Microsoft, VeriSign, and Yahoo! are OpenID 45

Foundation corporate board members. OpenID allows Internet users to log into many different web sites based on single digital identity, eliminating the need for multiple usernames and passwords for each site (FERRAZ et al., 2015a).

STORK (Secure idenTity acrOss boRders linKed) is a framework, co-funded by the European Union. Its purpose is to create a European Union wide interoperable system for recognition of eID and authentication that will enable businesses, citizens and government employees to use their national electronic identities in any Member State. STORK follows a user-centric approach, i.e., the user is always in control of which data they are sending. The role of the STORK platform is to identify a user who is in a session with a SP, and then send their data to this service. While the SP may request various data items, the user always controls the data to be sent. Before sending the data to the SP, an explicit consent of the owner of the data is always required.

PICOS is developing a state of the art platform and focus on mobile communities. It stands for Privacy and Identity Management for Community Services. Its objective is to advance the state of the art in technologies that provide privacy-enhanced identity and trust management features within complex community-supporting services that are built on Next Generation Networks and delivered by multiple communication SPs. This user- centric approach aims to research, develop, build trial and evaluate an open, privacy- respecting, trust-enabling IdM platform that supports the provision of community services by mobile communication service providers. PICOS introduces the concept of blurring, which allows mobile users to hide their exact location within a previously defined radius. It also has a useful Privacy Advisor, which aims to create awareness of online privacy risks. It does this by notifying the user when they are about to disclose personal information.

3.2 Security related projects and Architectures

As opposed to previous section, this section focus on studies that have a major concern about Information Security, and even more, information security related to IoT and smart cities environments. The same way as previously exposed, also this section establish some ground rules related to identity, but this time demonstrating that identity 46 is an important part of information security assurance. Finally, the projects listed below present similarities with the middleware proposed in this work.

3.2.1. Improving Security and Privacy in IoT Applications

An architecture proposed to improve security and privacy in Internet of Things (IoT) applications (ADDO et al., 2014) it is a cloud based and ubiquitous solution whose main focus is health intervention systems. The architecture handles sensitive health-related data, which are collected and stored in a cloud-based solution. This provides a framework to guarantee privacy, anonymity, and security, which are central concerns in the application development lifecycle. The main motivation is to maximize the potential of IoT, ubiquitous computing, and cloud computing solutions (ADDO et al., 2014).

As key features for the reference architecture, major areas have been defined that result in positive impacts when adopting the proposed solution, which help to ensure credibility among citizens and the end users of IoT solutions, in general, the architecture employed should be compatible with all IoT application and solutions. In addition, it should be sufficiently transparent to have no adverse impacts on the applications. Also to support a crescent demand for resource the architecture is used within a cloud-based environment, finally the architecture is presented as a series of layers, which are service oriented and address different concerns, including security and privacy.

An illustration of the layers in the proposed reference architecture is presented in Figure 3.

Figure 3: Conceptual description of the IoT architecture

Source: (ADDO et al., 2014). The following key requirements are desirable and they should be implemented in the proposed architecture. In terms of security and privacy in IoT solutions, it is important to note that the main considerations are related to pervasive and ubiquitous systems, which often collect and exchange data in this environment. Also present a solution for IoT security as a service-base and cloud-based and IoT been one of the foundations of a smart city, has positioned Addo’s work as an interesting approach that should be taken under consideration. As for a smart city, even if there is no IoT approach related, it is important to take scalability and elasticity under consideration in order to handle a huge amount of information traffic coming from and to citizens and other entities.

3.2.2. Cloud Architecture Based on NFC in a Smart City

NFC is a contactless technology that is more powerful than RFID. Using NFC, it is possible to create solutions that employ a mobile phone (or other device) to interact with other systems simply by moving it closer to a device. In a future smart city environment, NFC technologies will play important roles in keeping citizens updated and always connected.

In this study, a cloud-based architecture is proposed using cryptography and unified interfaces to receive and send messages via any NFC application. The proposed method 48 considers that many solutions already use NFC, so among other features, it includes the capacity to connect different applications with a security system.

Figure 4: Message format

M(E) = K(RK) (AID + K(AK) (message))

Source: (WANG; ZHOU, 2012). An example of a message is presented in Figure 4, where this message refers to a packet sent from one device to the server. Other messages can be used in the proposed solution, but it is not possible to describe all of them due to considerations of space.

In the message, M(E) refers to the encrypted message; K(RK) refers to the root key of the NFC issuers; AID refers to identity that the application will be assigned in cloud;

K(AK) refers to the application key of the application provider; and message is the real message that will be processed by the application.

Figure 5 describes the cloud-based system, which employs the logic discussed in previous sections. Figure 5: Architecture of NFC in the cloud

Source: (WANG; ZHOU, 2012). The layers and main components shown in are described as follows. 49

Cloud Interface is a web interface responsible for publishing a set of services to the Internet. To achieve this, a device connects with the appropriate service and communicates with it.

Application Interface is a component responsible for the collaboration between the cloud interface and the application itself. The proposed architecture serves as a hub to connect several applications in the NFC context.

Resource Scheduling is a layer that defines the parts of the cloud responsible for a set of processes. Resource scheduling comprises the node controller, the middle layer is the cluster controller, and the top layer is the cloud controller.

Other components such as virtual machines (VMs), user information, and device information are treated as resources that can be addressed and used by the layer. VMs represent points where processes occur. User information comprises related information for each user of the system. Device information comprises data related to each device.

User information storage: the user information is not contained in resource scheduling or stored by specialized agencies. Instead, the user information is encrypted in order to acquire authentication in each layer of this cloud architecture.

Device information: the device information is used mainly for scheduling cloud resources. The device management module maintains the device information, which includes adding a new device and removing some devices. However, the resource scheduling module controls the way these devices are scheduled. This module is described in the next section.

Even though the architectures depicts a solution based on NFC and cloud computing, it is important to notice that the solution uses identifiers and private keys to ensure security in messaging exchange, the main weakness in this works it not to adopt the NFC and its representations as actuators or sensors in different, exploring how those sensors would deal with different sets of keys and in interoperable environments. 50

3.2.3. Cloud-based Architecture for Citizen Services in Smart Cities

In a previous study, the authors of “A cloud-based architecture for citizen services in smart cities” (KHAN; KIANI, 2012) specified the requirements for a cloud-based environment to provide smart cities with integrative and intelligent capabilities. These capabilities provide a solid basis for developing context-aware components in a smart city solution using a cloud environment.

In (KHAN; KIANI, 2012), based on the previously proposed method, a context- aware capability was introduced to respond to the need for contextual access information by any entity, which also allows data provisioning on the basis of demand. All of the layers found in this system are illustrated in Figure 6.

Figure 6: Proposed architecture with context-aware capabilities

Source: (KHAN; KIANI, 2012). The architecture proposed by Khan, presents an integration layer that comprises a cyber-infrastructure based on a cloud environment, which ensures data access in cross systems; a data acquisition and analysis layer used to access environmental data from various sources, including remote database repositories; a thematic layer which is responsible for classify acquired data into application-specific thematic categories; a composition layer responsible for design workflows, identify data sources, and link necessary processing; an application service layer that uses the outcomes from the service 51 composition layer in application domain-specific tools; and finally a security, management and integration layer used to automate the flow of filtered data and information and to allow necessary authentication, authorization, and auditing required for the use of data and services by legitimate users.

Also, the solution is presented in its early stages, but it is, however, one of the first to put the citizen in the center of the process highlighting how important it is to adopt concepts of smart cities into cities environment. The solution facilitates citizen and other users to acquire contextual information been more assertive, innovative, more productive, and be able to make based on a more specific and contextual set of information.

3.2.4. Separation of Identifier and Locator

A previous study entitled “Beyond the separation of identifier and locator: building an identity-based overlay network architecture for the future Internet” (MARTINEZ- JULIA; SKARMETA, 2013) discussed the importance of decoupling an identifier from its locator, i.e., an ID-location split, which is a key challenge in the future development of systems on the Internet. The authors proposed several approaches for addressing specific concerns in this scenario.

To address the ID-location split, the host identity protocol (HIP) and locator- identifier separation protocol (LISP) were analyzed for an intermediate identifier-based layer located between the transport and network layers in the current Internet model.

Several different approaches have been proposed in previous studies on the ID- locator problem. One of these solutions is called the identity-based network protocol (INP), which is used to build an identity-based overlay network, thereby providing ID- locator separation, a higher level of node granularity, and naming management. A general view of the proposed architecture is shown in Figure 7.

Figure 7: Architecture overview

Source: (MARTINEZ-JULIA; SKARMETA, 2013). The main component of the proposed architecture is the construction of an overlay network that creates actual network nodes organized separately from the networks that the node may be part of. The proposed architecture proposes to use the separation of node identities to a better interoperability and identification. Among others, the proposed architecture does not contemplate the network virtualization management, a feature highly related with cloud computing and also, it does not present with means to deal with ID separation at services and application levels, which is not under the focus of interoperable smart cities, as it will be depicted in the next chapter.

3.3 Analysis

In this section, we provide a brief summary of the studies presented before. Table 3 presents a consolidation about the characteristics in each presented work, the following characteristics were first used, to classify IdM solutions, in (TORRES; NOGUEIRA; PUJOLLE, 2013) and are here represented. Torres et al, selected those characteristics from the projects selected on their systematic review. 53

Table 3: Consolidated view

Source: The author. As presented in Table 3, each IdM initiative has advantages and disadvantages. Among the initiatives studied, there are some European research projects in the area of IdM, including PRIME with its successor PRIMELife. PRIME and PRIMELife assumes that user data is managed on the user’s own computer, defining a framework that deals mainly with life-long privacy, while Daidalos and SWIFT projects assume that the user data will be stored by third parties to be entrusted, and propose a crosslayer IdM system based on the management of VIDs.

The Liberty Alliance has proposed a framework using federated identities. Nevertheless, due to the specifications it tend to be extensive, therefore, it becomes difficult to understand and adopt. The Kantara Initiative, an evolution of Liberty Alliance, aims at addressing the identity problem in a much extensive landscape, adopting existing identity solutions. 54

The Higgins project is setting up a multiprotocol identity framework and promoting interoperability among different authentication protocols. In Higgins, the user is free to visit all Web sites without worrying about the IdM system used by the provider. This framework is based on SAML, and unifies all identity interactions across multiple heterogeneous systems through a common user interface based on information cards.

According to the OpenID proposed solution, a user can perform a single login operation in an OpenID conformant site by inserting a URL instead of a username. Moreover, Shibboleth is an identity framework for authentication and authorization for federated identities centered specially in the academic area.

STORK is a project aiming at designing a European eID interoperability Platform that will allow citizens to establish new e-relations by presenting their national eID. PICOS is developing a state of the art platform aimed at controlling the private information traces left behind within a specific service provisioning infrastructure.

Moving to security based solutions section, it is possible to notice that Improving security and privacy in IoT applications presents a security architecture for IoT solutions, the article presents that there is no other reference architecture specifically for modern IoT applications where security is the main objective, most of the reference architectures are applicable to broader domains, and thus they are not suitable for an interoperable environment such as a smart city. As a study case, the architecture was applied to a social network application and evaluated.

In a Cloud architecture based on NFC in the smart city, the authors present the main focus of this architecture as a solution to provide a cryptographic structure that uses NFC identifiers to build private and secure messages, the proposed approach is a candidate to be used in smart cities environment, but a city scenario is not considered and further details are required about how the layers can be built to provide the main functions.

Cloud-based architecture for citizen services in smart cities proposes an architecture that comprises a more complete set of capabilities and the applicability in the context of a smart city. This architecture has a security layer, but the layer focus o minor aspects of authentication, authorization, and auditing not including a broad scenario of information security in smart cities. 55

Separation of identifier and locator proposes an architecture decouples the identification and location mechanisms for use in the future Internet, it compares with existing approaches that fail to support specific capabilities that are provided by the study. The proposed solution operates at the network level, thereby avoiding additional extra layers, but this method is still unsuitable for specific services and urban environments.

The middleware proposed in the next chapter focuses on identifiers and identity management in a similar manner to the cloud architecture based on NFC in a smart city, thereby increasing security in urban interoperable environments. However, in contrast to the cloud-based architecture for citizen services in smart cities and improved security and privacy in IoT applications, the main focus is to explore security gains achieved by identifier management in smart cities, finally it proposes the decoupling of identities and data, like in the study Separation of identifier and locator but different from that, the separation will be performed in the application layer, chapter 5 presents an implementation of such approach in different scenarios and explains how security is dealt in this thesis context among other characteristics.

The solution will be presented in the form of an identity based middleware, this way, attending different needs of a heterogeneous environment and aiming to be a solution that will increase security though identity and identifier management, without or with small impacts to entities using such solution.

Chapter 4 IDeM: an Identity-driven middleware for interoperable and heterogeneous systems

This chapter describes a middleware, referenced as IDeM, whose main focus is to increase security in interoperable environments using identifiers and identity management concepts, more specifically using multiple identities in interoperable smart cities. Revisiting the conclusions and analysis on chapter 3, it is possible to extract several characteristics, for instance, anonymity and interoperability, that are addressed by Higgins and SAML, but are not present in PrimeLife, also, different approaches are applied by different solutions leading to distinctive results, such as separation of identity and data at network level (MARTINEZ-JULIA; SKARMETA, 2013), or message exchange based on IDs and cryptography (WANG; ZHOU, 2012). In all of those cases, it is clear that the main objective is to increase security, but under the circumstances of an interoperable smart environment, all of them fail in addressing security like in the issues mentioned in chapter 2 or the characteristics explored in chapter 3 (FERRAZ; SAMPAIO; FERRAZ, 2013), (AMÉLIA; FERRAZ, 2014; FERRAZ et al., 2015a, 2015b). The middleware implements concepts of separating identifiers from identities and, consequently, from its data and is built using message exchanges. Differing from some common single-identity approaches, the present solution proposes the composition of different identifiers to different identities in different contexts, even with heterogeneous technologies and approaches.

4.1 Middleware: Concepts and Components

This section describes general concepts and components of the proposed solution. Figure 8 presents the middleware positioned between entities and, in this scenario, the middleware will act as a component responsible by managing identifiers and, therefore, identities.

Figure 8: General architectural overview

Source: The author.

The proposed middleware contemplates the full operational stack in interoperable environments. Its main objective is to offer an isolated environment to maintain a separation between entities identifiers and their underlying own data. The core component illustrated in Figure 8 acts by decoupling identifiers from their data. Other components are presented as vital parts guaranteeing, for instance, authorization and safe communication in the information exchanging flow. The architectural component types are described as follows:

Personas and Technologies: They are represented by entities that are composed by platforms, frameworks, and applications. It refers to all actors involved in the scenario as depicted in previous works. Those actors can be anything from a person, to a service, or even a sensor (FERRAZ; SAMPAIO; FERRAZ, 2013).

Identity Management: The component, responsible for the identity, is intentionally represented as a separate part. It is expected to have IdM responsibilities and to separate from personas and systems, in order to guarantee the correctness and that no parts involved have impact over the IdM components.

City Scenarios: Since it is explored in specific scenarios of a smart city, in which interoperable services and systems empower a city with more precise and different services, the systems here exemplified, represent the context of urban environments, 58

such as, but not limited to, Educational, Natural Resources and Health Services (FERRAZ; SAMPAIO; FERRAZ, 2013), all of them represent the services that are accessed and used through the proposed middleware.

Security in Depth: According to Schumacher et al. (SCHUMACHER et al., 2006), security in depth refers to the adoption of several security measures in different parts of a system, or solution, in order to increase overall security. Security in depth is here presented as the foundation needed to ensure security measures in different portions of the systems responsible for service and identifier management. In other words, the implementation must consider good practices related to security, such as avoiding security risks highlighted by the Open Web Application Security Project (OWASP) (OWASP, 2013) and in every aspect of individual or collective systems. It is not a concept to be implemented in the form of a software, it is a concept related with the adoption of different security measures in different parts of a systems and not concentrate in one point. The aforementioned scenario refers to the fundamentals of the middleware and its position. One of the objectives presented in chapter 1 discusses the importance of increasing security through IdM adoption. In such objective, security in depth refers to the possibility of security increase in different levels of the explored solutions by separating IDs and data. This concept is further explored in the following sections.

Information Flow: Finally, Information Flow refers to how data are exchanged from entities to system and from system to entity, in a highly connected and interoperable environment from system to system.

Aiming the mentioned interoperable environment, it is important to offer solutions and options that increase security, but do not impact in the development of such heterogeneous environment.

Figure 9: Communication flow in proposal

Source: The author.

Deriving from previous Figure 8, Figure 9 brings forth the concept of messages that are sent from entities to the identity-driven middleware and from that component to the systems and services. Such messages exchange are susceptible to eavesdropping, and other security flaws. As stated before, the main objective in the proposed solution is to offer an isolated environment to maintain a separation between entities identifiers and its underlying owned data. As a consequence to this scenario, an increase in security through identity modification and occasionally management, is also achieved. Message from entities to the identity component: The message payload and its compatible formats are represented as follows.

Message(ID,MSG,Destination) -> Format( JSON | XML | TEXT)

Each message sent from an entity (e.g. a person or a sensor) to a system, and passing through the proposed IdM solution, is formed by an ID that refers to the entity’s real identifier, a MSG that represents the message containing the entity’s data and, finally, the Destination that refers to which system is to receive that message. Those three values are compatible with JSON, XML, plain text and other formats for message delivery, that way 60 accenting the interoperable characteristics and the compatibility with heterogeneous environments.

Messages from identity component to systems: The message payload and its compatible formats are represented as follows.

Message(ID*,MSG) -> Format( JSON | XML | TEXT)

Each message sent from the proposed middleware to a system, is formed by an ID* that refers to the entity’s new and modified identifier, and MSG that represents the message containing the entity’s data.

There is no Destination field in this payload, because the destination is already known from the message sent from the entity to the IdM component. That message format is compatible with JSON, XML, plain text and other formats, also important to enforce the interoperability need for heterogeneous environments.

Other Components: Represents the flexibility and the requirements of the proposed middleware for adopting other technologies to address a different set of concerns in a secure environment. For instance:

Communication: The middleware explores how identifier management can increase security. Communication from an entity to Identity-drive middleware and from the middleware to a service, should be performed using security communication protocols, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS), Digital Certification, RSA, and others.

Authentication/Authorization: It is the part of the proposed solution that is responsible for authentication and authorization features. There are different standards and technologies available in this specific field, such as OAuth, OpenID, and SAML that are to be used in order to enforce authentication and authorization and that are not under the scope of this middleware. 61

The details presented so far are important to illustrate where the middleware is inserted and more, to add new parts responsible for different security aspects that were not introduced until now.

To enforce a safe communication, authentication and authorization concerns are under the responsibility of different solutions. Still for that reason, it is important that the presented architecture is built in order to be compatible with those other technologies.

As for the middleware, it is a software layer that provides a set of functionalities in order to facilitate communication for different entities, mostly in a interoperable environment (FERSI, 2015) and also to hide heterogeneity from different environments creating transparency mechanisms for distributed platforms.

Figure 10: Patterns definition

Source: The author. The proposed middleware is composed of, and defined by, a set of remote patterns (KIRCHER, 2004). An interface description that acts as an API specification for remote services, in this case services related to identity and identifiers management. The client proxy pattern transforms the invocations received from interfaces into requestor invocations, after lookup for the right identifier to be used. Finally, there is a transparent payload marshaller and unmashaller, that will guarantee the communication from 62

Entities to Entities’, as mentioned in chapter 2, entities refers to any actor involved in the systems relation. Figure 10 describes the relationship among the mentioned patterns.

Figure 11, presents a detailed view of the proposed middleware alongside with other components that are part of the bigger scenario.

Figure 11: Detailed architectural view

Source: The author. The general view of the proposed middleware takes into consideration that Citizens uses Platforms, Frameworks, and Applications (FERRAZ; SAMPAIO; FERRAZ, 2013) to interact with Smart City services. Each interaction performed by a citizen with a service, in the scope of the middleware, uses a MESSAGE, composed of an ID, the message itself, and a destination. Once this message is intercepted by IDeM, its components have responsibilities as described in the following:

The middleware (FERRAZ et al., 2015b) is responsible for receiving a set of information and combining it to create a new identifier for each entity. It is composed of several modules, responsible for the identity generation and management and that implements the patterns shown in Figure 10. Each module present in Figure 11 is described as follows: 63

IDex: The ID extractor represents a module responsible for the detection of the ID in a message and its replacement with the combined ID.

IDre: The ID resolver represents a module that, using the extracted ID and the destination ID, creates or selects the IdMW in IDrep.

IDrep: The ID repository represents a module that stores the tuple< IDeM ID, extracted ID, destination ID>. SM: The service manager represents a module responsible for managing service identification and names. The core functionalities of this module are to register, maintain, and update services and systems, as parts of a smart city environment.

Communication: Represents the available communication protocol that needs to be implemented in order to ensure that the IDeM is compatible with services that are already in place.

In a general view the component is presented in an environment whose purpose is to act as a solution that contemplates Entities, Identities and Systems, aiming to increase security. Furthermore, Figure 9 shows the need for other additional technologies with different focuses, for instance good practices such as OWASP guidelines and authorization and authentication, in order to ensure different levels of security. Those security levels are not part of the proposed solution neither should they be implemented nor be perceived as a primary goal for this research that must take into consideration.

4.1.1. Objective

IDeM main objective is to promote the separation of entities’ identifiers from their identities, and therefore from their data. Such a separation it is expected to increase security under the context of interoperable systems and software used by citizens or any other actor. As an example, let’s assume that: To create the new identifier, the data coming from the entity (citizen, system or sensor), and the second data refers to a service/system Identification. In other words, to generate the new identifier, it is proposed to combine an entity ID that can be represented by a passport number, social security number, email or another unique value associated with the entity and the service ID that can also be 64 represented as a random number, an unique name, a specific address or another unique value. The result of this combination must be a unique value, as described by the following sentence.

∀ IDeMID : ∃! ID ∈ S{ID, (EntityID,ServiceID)}

Other points of thesis could be expressed in the form of algebraic sentences, but the scopus are related to ID changing and management, so only ID related sentences are depicted.

For all IDeMID, there is exactly one ID in the group of possible results from the combination of EntityID and ServiceID. This unique value will create a scenario where the same entity accesses different services and/or systems posing as different entities depending on the context.

4.2 IDeM: How it works

Figure 12 depicts an entity using a group of identifiers to represent each identity he/she possess. For instance, a passport number is the identifier used by a citizen traveling to another country. Under an identity concept, a passport number represents the traveler- citizen identity. In another example, the social security number can be used as the identifier of a citizen consulting with a doctor about some health condition. In that scenario, the social security number represents the patient-citizen identity. This same social security number can be used as the identifier in another scenario, for instance in a bank account or in a school. It means that, in a common scenario, the same information (social security number or passport, in this example) is used to represent and identify a different number of identities in the same system. Figure 12 describes a citizen that is connecting to a different set of services (1) using the same identifier (2), and, as presented in previous chapters, this may pose as a problem, since if one ID is compromised in one service or system (3) it can compromise the same entity in another service. The Smart Cities scenario was used to show this problem. 65

Figure 12: General concept vision

Source: the author. In this context, the proposed solution creates a mechanism to provide the environment of an interoperable smart city with a service that offers different identifiers, to the same citizen, and then creating a multi identity and identifier environment. The solution here proposed can be generalized into similar scenarios such as an interoperable service-service systems.

4.3 General Dynamics

The proposed middleware is a mechanism based on the concept of changing identifiers involved in a system relationship. A system relationship relates to an entity sending and receiving data from a set of different systems or services. Changing the identifiers will promote the separation of an identifier from its identity, and thus it leads to the separation of an entity from its data.

These components are responsible for providing a basic infrastructure, which allows an entity to communicate with a service through the Internet. Thus, they manage different identifiers for different identities of the same entity.

The Service Manager (SM) works as a name register service, which is responsible for receiving an address from a service. This address represents the system that handles requests from entities. The transmitted address is securely stored and an identifier for that 66 address is created and sent back to the requester. This service identifier must be used by any entity that demands to communicate with that service through IDeM.

Figure 16 represents the basic flow associated with the architecture mechanism responsible for changing the identifiers.

Figure 13: Middleware Main flow

Source: the author.

Figure 13 illustrates the items used in the middleware and its dynamics as follows:

Entity: A component that requests information from a service. An entity can be anything ranging from a citizen to a sensor or service that interoperates with another one.

Service: Represents any service among the systems in an urban environment, which can be requested by any entity.

Communication layer: Represents a contact point between an entity and a service, which is responsible for changing the identifier sent by the entity to the correct identity that needs to be used within the service.

ID service: Represents a component responsible for storing and managing information needed to generate the correct identity. 67

The basic information flow in Figure 13 represents an entity sending a message including an Entity_ID, a Service_ID, and the message content (A).

This message is processed in the middleware, where the Entity_ID and the Service_ID are combined. In our experiments, in chapter 6, we combine these values to generate a 256-bit HASH (B).

This HASH is checked against an internal database. If the HASH does not exist, a hash value is generated and a new entry is created with the service ID, the entity ID, and the hash itself (CN). If the HASH already exists, it can be passed to the service or used to retrieve the entity’s original ID (CY). This HASH is used as the entity ID, and the message packet is then sent to the service retrieved from the SM using the past Service_ID (D).

4.3.1. Request and resolve ID

Middleware basic information flow deals with receiving an identifier coming from an entity, and resolving it into the identifier used by the system or service accessed by the entity.

Figure 14: Request and resolve ID sequence diagram

Source: the author. 68

The flow presented in Figure 14 is depicted as follows: 1: requestToService: The first step represents an entity, here denoted as Entity, sending a message request to IDeM.

The message payload, as presented before, is composed by the following set of information EntityID, ServiceID and MessageContent, and an EntityID* which is the generated identifier.

2: resolveServiceID: The second step resolves the service based on the ServiceID dispatched.

3: response, serviceID: The ID Resolver response contains a ServiceID and a service information that will be used to generate the new EntityID*, also the ServiceID is used in the following step to access the correct service.

4: entityIDdefinition: Based on the combined information, the EntityID* is defined, and then modified into the message received.

5: requestToService: After IDeM has finished its processing, and the EntityID* is retrieved, a request is created to the proper service, passing the EntityID* and the MessageContent.

It is, however, important to mention that the MessageContent expected by a service has to remain unchanged by IDeM. Also, eventual errors or failures created by an entity are not under the influence of this work. Moreover, in order to ensure an extra layer of security, it is recommended that additional approaches are adopted by the service, for instance using PKI as in (WANG; ZHOU, 2012) or other cryptographic technique, and since the dynamics of IDeM is based on the separation of identity, it is highly important that the EntityID and EntityID* are not transmitted inside the same message packet, given that this strategy could compromise the entire solution.

6: serviceProcessing: In the current step, the service processes the message sent from IDeM, using the EntityID* as the real identifier of an entity.

7: response: A response is sent back to IDeM. 69

8: internalChecks: Aditional actions could be taken at this point. For instance, if the entity is requesting instead of sending data, IDeM change identifiers, avoiding eventual breaches.

9: response: Finally the response is sent to the requester.

Step 8 offers opportunities to different scenarios that need to be addressed. Some of those are explored as follows:

Scenario A, an entity is sending personal values to update its recording in a system. Using IDeM, this EntityID will be replaced by the proper and known system value (EntityID*). In this case of an entity-to-system relation, there is no need for further messages.

Scenario B could represent the same entity requesting its personal data from the same system. The entity requests the desired information passing its EntityID as argument, then IDeM will retrieve EntityID*, and send a request to the target service using this EntityID*. The service will reply with the information requested by the entity, and, at that point, IDeM has the opportunity to replace the EntityID* with the original EntityID, that way avoiding the entity to discover the ID used by the system in an entity-to-system relation.

Scenario C, an entity A knows values regarding other entities and systems, and needs to exchange data with different systems, let us assume that the systems are called: SB and SC.

At this point, a request is made passing the EntityID known by entity A, and based on that ID, IDeM has the opportunity to exchange that EntityID with the proper EntityID*, familiar to SB and SC. A request to SB and SC is sent, and then the response is processed in IDeM, replacing the IDs recognized by SB and SC with the ones known by A.

Regardless of the case, an IDeM implementation must not forward an ID to another part, not from an entity to a service, neither from a service to an entity. That way, a barrier of isolation is created and finally the managed IDs becomes unknown to the parts involved. 70

4.3.2. ID changing

More than just enabling identifiers, identities modification, and, consequently the separation between IDs and their data, having a central IdM component allows for the creation of new and different functions that aim to increase information security.

One example worth mentioning is ID changing. If a system suffers from undesired access and, by any means, the compromised entity or entities need to change their identifiers, without IDeM it would be necessary to establish direct contact for each and every systems requesting to update/change IDs. On the other hand, using IDeM, a single request from the entity to IDeM will produce all the necessary changes in every managed ID, without further impacts to the entity/user.

The following sequence diagram (Figure 15) describes a change of IDs functionality.

Figure 15: ID changing sequence diagram

Source: the author.

Figure 15 described the sequence of actions needed to perform a general ID changing, using IDeM. All actions are described as follows: 71

1: requestToService: The first step represents an entity, sending a message request to IDeM. The message payload is similar to the one presented in section 4.1 of this chapter, and is composed by an EntityID, and an optional list of ServiceIDs.

2: resolveServiceID: The second step resolves the service based on the list of ServiceIDs sent.

If the option of sending a list of ServiceIDs is not implemented, IDeM will query inside its database, in our experiment on chapter 5 was used a MySQL database on a cloud environment, for all system and services related to that EntityID and will generate new EntityID*s to each service, OR if a list of services is implemented, IDeM will generate and update the EntityID*s to each system contained in the list.

3: response, serviceID: ID Resolver response is composed by a service ID and the address that will be used to generate the new EntityID*.

4: entityIDChanging: The main step in this action involves, the definition and creation of new identifiers and, therefore, new identities for the requesting entity.

This functionality is vital to assure a long term maintenance of that approach. Anytime the systems or the entity detects an undesired behavior associated with an entity, a request to change an ID can be made, modifying the known values related to a user.

5: changeIDs: Once the system receives the notification of changing ID from IDeM, the new EntityID*s have to be updated in the internal database.

The ability to update identifiers in a transparent way is crucial to assure/secure identity lifecycle in the IdM solution. Similar to key exchanges in PKI and digital certification, it is important to be able to, from time to time, exchanges used values in order to prevent statistical attacks

. 72

4.3.3. Anonymity

One of the key requirements to a security-based environment and to IdM solutions is to offer anonymity to an user (TORRES; NOGUEIRA; PUJOLLE, 2013). In that context, IDeM offers the potential to anonymize an entity in every system that is under its management. IDeM can remove all references of an entity in a system.

Figure 16 depicts how these actions are possible.

Figure 16: Anonymity sequence diagram

Source: the author.

1: anonymityRequest: The same way as in previous action (ID changing), an anonymity request is made to IDeM, informing the identifier that is supposed to be anonymized. It is important to state that if the entity has more than one identifier, for instance a passport number and an email, it will have to make one anonymity request for each identity.

Different from ID Changing, an anonymity request has to act in every service and system. That is the reason for not being required to send the list of service IDs. 73

2: resolveIDs: Once the identity to be anonymized is known, IDeM queries in its records for all associated services and IDs.

3: verifyIDs: ServiceIDs are verified against ID Resolver, in order to validate and/or retrieve ServiceIDs.

4: returnWithIDs: ID Resolver responds with services and systems addresses.

5: notifySystems: Systems and services are notified. Different from ID Changing, in this case the notified system does not need to take any action regarding the EntityID* removal.

6: removeIDs: Finally, the IDs are internally removed. Without the records in IDeM to relate one EntityID to all of its EntityID*s, it will not be possible to track an entity.

Steps 3, 4 and 5 are optional measures, proposed in order to offer different alternatives for extra checking. Also, step 6 could be implemented using a logic removal, this way, in a near future, would still be possible to retrieve information from the environment by reverting the removal.

The adoption of IDeM creates the possibility for more functions besides the ones already mentioned. In previous sections, we presented functionalities explained through 3 sequence diagrams, all of those somehow related to Identity Management using Identifiers Management. The scenarios introduced are used to illustrate that IDeM adoption offers more than just separation between IDs and their underlying data. In the next sections, the architectural impacts will be explored in the same way as exhibited in Chapter 3. Additionally, security impacts are also explored, focusing on the issues mentioned in Chapter 2.

4.4 Impacts and Consequences of IDeM adoption

This work proposes that through changes on entity’s Identifier, in order to create a set of different and unique Identifiers for each entity’s Identity, it is possible to increase security in an interoperable environment, in a more specific scenario of smart cities.

The solution’s main strength relies on the identifier management capabilities offered, and in the separation between identifiers, identities and data. 74

Through IDeM adoption, the scenario represented in Figure 17 is accomplished.

Figure 17: Scenarios Interpretation

Source: the author.

In the beginning of this chapter, a scenario in which a citizen uses systems and solutions without IDeM were depicted. After that, with IDeM adoption a citizen will connect to different services; with the IDeM promoting different identities, the separation of identifiers from its data and the possibility of real anonymity, as will be depicted in chapter 5.

Figure 17 presents the concept behind the ID change. In a first part (1) the citizen sends his/her ID together with the packet containing the data to the service and the destination service. Once it is intercepted by the security component (2,3), the ID is modified, creating or retrieving, a different and unique ID for that entity, and enabling a set of other functionalities related to the citizen’s privacy and security.

Through that, a new identifier will be associated to the citizen’s data and, therefore, a new identity is created (3).

This new identity and identifier is sent to the service, the service will store and process those data, as it would do without the IDeM, and so even if the system is breached or invaded, the citizen’s real identity (the one used before the IDeM, referenced before as EntityID) is kept private. Also since the IDs stored in each system are different one from 75 the other, even if all systems are breached, it is not possible to match information from one system to another just by relying on an entities identifier.

The main assumption of this approach is that it is possible to increase security, when keeping an entity, identifier, and identity separated from its data. In this manner, problems related to information security in the context of smart cities are reduced.

Next section presents an architectural analysis on how the proposed middleware impacts on security and identity issues listed in chapter 2.

4.4.1. Rules of thumb

This section presents a compilation of previous sections, highlighting general concerns related to the adoption of the proposed middleware. This section presents a set of rules to be respected when implementing and adopting the proposed solution.

Rule 1: EntityID, ServiceID, MessageContent and EntittyID* are transmitted and used in the solution, respectively representing the entity’s identifier, the desired service identifier, the message data sent and the generated identifier. Under the context and scope of this work, it is possible to have different identifiers for each given context.

Rule 2: EntityID* must be used as the entity’s identifier in every scenario under the influence of the proposed approach. There must not be exceptions in which the EntityID* defined by the framework is not used. Changing or breaching this information may lead to several damages to the environment.

Rule 3: Any information might be used as entity’s identifier such as, email, social security number, and passport among others.

Rule 4: The algorithm used to generate the EntityID* should be compatible with as much ID possibilities as possible. Since we are talking about a smart city environment, it would 76

probably be necessary to cope with an amount that is equivalent to the number of citizens, sensors, services and systems of a city.

Rule 5: Security in MessageContent is not part of the scope of this research, it should be implemented through another structure, such as, but not limited to PKI.

Rule 6: Under any circumstances EntityID and EntityID* should be disclaimed, respectively to services and other entities. In other words, the entity must not know the ID used by the requested service, and the requested service also cannot know the ID used by the entity.

Rule 7: Security and privacy under the perspective of eavesdropping between entity and IDeM and IDeM to the services must be implemented using other solutions based on PKI.

Rule 8: To enforce security and privacy the IdM solution must act as an isolated component from users and other systems administration.

Rule 9: Other functionalities like anonymization or ID changing must be developed under an authentication and authorization infrastructure to avoid that non-authorized personal can execute those functions.

Next section will depict which and how each characteristic detailed in chapter 3 is impacted by this work adoption.

4.4.2. Addressed characteristics

As mentioned in the first part of this chapter, solutions explored in chapter 3 brought important characteristics while creating interoperable and secure environments. Some of those, for instance, interoperability and anonymity are important to smart cities, its citizens and users. 77

The middleware porposed in this work is composed by different components that act in different levels in order to ensure information security into interoperable environments, whose system relies on a high degree of interconnection to provide better and more widely available services to the users, and that needs to ensure different levels of security and approaches to citizens.

Nevertheless, IDeM will add extra levels of security, into an environment that is threatened by issues as the ones illustrated in chapter 2. Among the positive addition introduced by IDeM, and based on the same criteria as in chapter 3, the following characteristics can be listed:

Characteristic 1 - Privacy:

This work approaches separate data from its real identifier and identity, and, therefore, from the actors involved with the system. Assuming that the association of data and citizen does not exist, even though they still may suffer a breach, the user will not have his/her data revealed. Therefore, the citizens’ privacy is increased and maintained.

Characteristic 2 - Anonymity:

IDeM enables a user to become completely anonymous in the environment by interacting with the proposed solution. The same way as in Privacy, Anonymity is ensured through the separation of identities from their data, that way, if anonymity is expected, an interaction with IDeM is needed to delete the information that relates a data to its owner.

Characteristic 3 - Interoperability:

Even though the proposed middleware promotes the isolation between systems, data and its identities, it is still possible to enforce a high degree of interaction between those components, through IDeM. In other words, it is possible to isolate, anonymize and secure data and still allow exchange of data between systems and services.

Characteristic 4 - Security:

Data and entity’s privacy and anonymity are two aspects already explored and that are under the context of security, moreover, the adoption of middleware also increases 78

security when relating the architectural security issues mentioned in Chapter 2. The next section will depict specifically how the adoption of middleware impacts in both, security and identity

Characteristic 5 - User-Centric:

User-centric definitions are related with the possibility of a user to have control over their data. In the context of IdM systems, User-Centric systems is a system that permits its user to have full control over its identity. Using the proposed work it is possible to achieve a User-Centric system through the implementation of anonymity and ID changing methods, which gives a user the possibility to remove or change all of their information from an environment.

Table 1 presented in chapter 2, is complemented with the aspects raised by IDeM and is represented in Table 4.

Table 4: IDeM comparing with others

Source: the author. 79

IDeM is positioned in a context where it is both an IdM solution and it can lead to improvements in terms of security within interoperable environments. Because of that, it is positioned as an intersection between Identity Management based Solutions and Security based solutions. Also it presents the characteristics previously exhibited.

When compared with other solutions, it is possible to realize that the proposed solution have characteristics that are similar to the ones found on the presented works in chapter 3 such as Privacy, Security and User-Centric, but it also provides with means to implement other set of methods and characteristics, such as Anonymity.

When relating IDeM specifically with Higgins, it is possible to conclude that even though both IDeM and Higgins has the same benefits, Higgins refers to a commercial software solution rather than focusing on the approach for IDM and IDeM is here depicted as a middleware but it presents another set of functionalities that goes beyond a middleware or an architecture.

Alongside with the aspects mentioned above, the adoption of IDeM strategy offers other gains, for instance related to the issues mentioned in chapter 2. Next section briefly explains how this approach is significant in security issues for smart cities.

4.4.3. Security Issues Analysis

The issues pointed out in chapter 4 will be presented with a number in order to make further references easier. They are: access to information from applications #1, information tracking #2, citizens tracking #3, user/citizen data loss #4, crossed access to information in data centers #5, crossed access in client side #6, lack of security in depth #7, viral effect in urban environment #8, and infection traceability and recovery #9.

In the following section, the issues will be analyzed under the perspective of architectural impact, in order to validate if some of the depicted technologies have impacted on each assessed issue.

4.4.3.1. Smart City Security Architecture

This section briefly analyzes architectural impacts of IDeM adoption in a smart city environment, comparing the characteristics of each issue previously mentioned with the strengths presented by IDeM.

Access to information from applications: Assuming the behavior that each packet will be sent through a network with different user IDs per system or service, even though an eavesdropper can capture many of those packets, this attacker is not able to match the data in the packet with its owner.

Information Tracking: For issue #2, the same condition to identify each user will isolate information, at the same pace it will also influence in issue #3, isolating the citizen as well, since information about the entity will be protected, as a consequence the entity will also be untraceable.

Citizen tracking: Through the adoption of the proposed middleware, data and information, about a citizen, is no longer trackable due to the characteristic of data and identifier separation, offered by the proposed architecture.

User/Citizen data loss: Given that IDeM concepts propose to change and separate an identifier from its identity, for a set of data and/or information that a citizen is losing, IDeM has no capabilities to avoid or prevent the loss or misuse of data by a citizen.

Crossed access to information in data centers: Issue #5 is addressed by IDeM from the point of view that even though an attacker can compromise a system and gather information about citizen A, this attacker will have the perception that the systems databases are composed by different entities. Nonetheless for each system/service an entity will be presented differently.

Crossed access in client side: The consequence behind this issue is directly related to an application A accessing information from application B in the client side, without the authorization to do so. Within IDeM context, it has no impact in this matter since identifiers changes do not occur in the client.

Lack of Security in Depth: IDeM adoption will add an extra layer, responsible for creating and maintaining different IDs for different users, with this layer it is possible to 81 remove identity information from a data, creating two distinct and independent systems, if one of the systems is compromised, in terms of security, the other one it is not necessary compromised, therefore it is a new layer, acting, among others, in security aspects.

Viral effect in urban environment: The basic idea from issue #6 applies to issue #8. It is more difficult to explore breaches due to the existence of an extra layer, but, issue #8 deals with a further consequence, which is the creation of a viral effect, and that effect could be produced in different forms and with different types of data, not only a citizen ID, that said, issue #7 is only partially addressed.

Infection traceability and recovery: The adoption of IDeM will increase security. As a consequence, this will promote systems isolation. Even though they are isolated, they are connected through the information in IDeM.

The following Table 5 presents a consolidation of the impact of IDeM in each issue.

Table 5: Issues analyses under IDeM optic (FERRAZ et al., 2015b) ISSUES Coverage Middleware Access to information from applications. T Information Tracking T Citizens Tracking T User/Citizen data loss N Crossed access to information in data centers T

Crossed access in client side N Lack of Security in Depth T

Viral effect in urban environment P Infection traceability and recovery T P=partially addresses the issue; T=total addresses the issue; N=No impacts;

Source: (FERRAZ et al., 2015b).

4.4.3.2. Identity Issues analyzes

The identity issues listed in chapter 2 are analyzed against IDeM in this section. 82

Identity management is not a primary objective: Identity management will remain a secondary objective; however, the use of the middleware approach permits this concern to be less important.

The proposed approach will ensure that an Identity System is responsible for dealing with identities and identifiers, thus diminishing the need for citizens to be concerned about this particular aspect.

Sensing that I have been followed: The main strength of the proposed architecture is in being a solution that separates real IDs from operational IDs used by city systems. Thus, only the central ID manager will have the ability to retrieve the ID of a citizen; however, the information related to each ID would not be available to the central ID manager. This information is maintained in the city system.

The city system has only a partial subset of information; the actual ID is not available to this system. Thus, each component of this environment will have a certain part of the entire data, and therefore, linking information to an ID, and an ID to a citizen will not be possible.

Identity trust is a sensitive matter and must be earned: Consider a scenario in which citizens would not need to be worried about identity issues by allowing a single third party to be responsible for managing their identifiers. This situation would probably increase their trust because the third party will have access to identifiers and not identities, and, therefore, the data of the citizens will be safely kept in the system.

The notion that even if the system responsible for managing the data is breached, and the identities will remain secure is a powerful motivation for trusting IDeM.

Various types of system and services access: This issue deals with problems related to identity management systems that are responsible for applying various types of access rights and permissions. Although OAuth and other frameworks have been specified as authorization and authentication frameworks that could be used with the remainder of the solution, they do not addresses this issue.

The paradigm of a single access point: The adoption of a single system responsible for identity and identifier management will enable the strength to be focused at a single point, thus increasing the overall security. The system responsible for the identifiers is the one 83 that must be secure; this situation is equivalent to protecting the keys in a key-locker system. One does not need to protect the entire environment but only the portion that is capable of identifying the rest of the environment.

However, significant attention must be given to this characteristic due to the fact that if the solution fails, the entire city will be unable to function because it will not be possible to resolve an entity ID.

An easy fish to catch even in the ocean: This issue is not addressed by the proposed approach because authentication and authorization concerns are beyond the scope of this proposal. Although we have suggested the adoption of different authentication and authorization handlers, such as OAuth and SAML, IDeM has no impact on this issue, since its focus is to address identifier and identity management and the security gains from that.

To be or not to be, an identity crisis: The existence of a single identity manager enables the citizen and other city entities to refer to a unique point using a single identifier to access all other identities that the entity may have within the entire environment.

This notion permits one identifier to be multiplexed by N other identifiers by a third party, thus avoiding problems related to managing a group of IDs.

What you are looking at and should not: Privacy issues: Privacy issues are partially solved by identity and identifiers management. As mentioned earlier, the primary consequence of the adoption of the proposed architecture is a separation of data and citizen identifiers, and, thus a separation of identity and identifiers.

Even if certain data is revealed, it will not be possible to determine the entity that the data belongs to or the data of a specific entity. Therefore, the information of a citizen will remain private.

Linkability across domains: This issue is addressed by IDeM owing to the capability already mentioned earlier. The same entity account will be identified differently in each system and/or service of a city; thus, the maintenance of linkability across domains will be difficult for an attacker. In order to validate an ID recovered from a system, an attacker must initially pass through the identification service, and then, discover the equivalent identity in a secondary system. 84

Where has my data gone? : IDeM proposes to change the manner in which identifiers are sent and used by systems, and therefore, it does not present gains over data loss and theft. Even if a malicious user copies the lost data and, the changed ID will not allow this user to track the original citizen, the data will still be lost, the strengths of IDeM will not prevent this from happening.

Crossed access to information in data centers: This issue is addressed by IDeM. Although an attacker can compromise a system, gather information about this citizen, and access other systems through the compromised one, the attacker will have the perception that the system databases are composed of different entities.

This chapter presented the depicted issues of chapter 2 analyzed under the perspective of architectural impacts of IDeM. The general security and identity issues were analyzed under the scope of IDeM. The next chapter will exhibit a set of case studies based on a cloud-based testbed, built for smart city applications validation. This will be performed aiming to validate the proposed middleware, focusing on the security impacts and gains over smart cities. 85

Chapter 5 Experiments and validation

This chapter validates the proposed middleware by embracing a set of three experiments. The three experiments are defined as follows: the first experiment addresses a generic scenario, in which IDeM is used to validate its concept; the second scenario is a domain-specific scenario in which an information-based health system is implemented without and with the proposed approach; and finally, a third implementation is conducted using a testbed that simulates different systems of urban scenarios.

5.1 Validation planning

The validation described in this chapter adopts concepts related to quasi-experiments. According to Steve Easterbrook (EASTERBROOK et al., 2008), an experiment conducts an investigation over a hypothesis based on one or more variables that could be manipulated to measure its impacts and effects over the experimented item. Moreover, a simple experiment can be conducted using just two treatments representing two levels of a unique variable, for instance, using vs not using a tool. In our case, using and not using the proposed middleware. Furthermore, a quasi-experiment is defined as an experiment in which, for reasons not controlled by the researcher, the subject and scenario must be defined and may be conducted in a simulated environment.

The experiments conducted in this chapter use, respectively, a canonical system in order to validate the approach and its architectural impacts in a controlled system. The second experiment uses a healthcare system in order to validate the approach applicability in a research that is already in advanced stages and that is not under the unique influence of this thesis’ author. Finally, the last experiment uses a testbed to simulate applications created under the context of smart cities.

The hypotheses that are guiding the experiments are defined as follows:

Null Hypothesis (H1): The middleware adoption does not change any aspect of the environment in terms of security. 86

Alternative Hypothesis (H2): Information security is improved through the middleware adoption and the number of issues decreases when comparing with solutions without the middleware.

Alternative Hypothesis (H3): The adoption of the proposed middleware generates minimum or no-modification in the applications using the middleware.

Negative Hypothesis (H4): Security is decreased using the approach and other issues may be present.

5.2 Experiment A: Generic

The main focus of this chapter is to validate the middleware and no other technologies involved in a big scenario. For instance, this chapter will not take under consideration use of authentication and authorization solutions, because it is assumed that the technologies involved are consolidated or under the scope of study of other works.

5.2.1. About the experiment

The proposed middleware is used to enforce security through identity and identifier management. This experiment focuses in the middleware and on its dynamics regarding identifiers, generating a set of data to validate the logics behind the main functionalities.

Figure 18 represents the Amazon Web Service (AWS) used infrastructure to host the mentioned experiment.

Figure 18: AWS infrastructure, presented with IDeM and implemented systems

IDeM

Source: The author. The infrastructure in this experiment uses 3 Elastic Cloud Computing (EC2), each one configured as t2.medium instance, and used to represent systems A, B and C. Each system uses MySQL database services on a db.t2.small, this service is known as a Relational Database Service.

The middleware is deployed using a t2.medium and on a db.t2.medium. A t2.medium is used to generate the random data used. The description of each type instance (EC2 and RDS) is described in Table 6. Also Table 6 presents the consolidation of each service used. 88

Table 6: Experiment A infrastructure

AWS Used Infrastructure

Responsibility Type Number Configuration

Systems A,B and C t2.medium / db.t2.small 3/3 2 vCPU and 4GB / 1 vCPU and 2GB

Middleware t2.medium / db.t2.medium 1/1 2 vCPU and 4GB / 2 vCPU and 4GB

Data Generation t2.medium 3 2 vCPU and 4GB

Source: The author. In the Data Generation instance, data are created based on the system that has been requested. The generation uses the name of the requested system, in this case, it generates textual values “Data A”, “Data B” and “Data C”, respectively, for systems A, B and C. Also, the Data Generation creates random ID represented by a numeric value and a random name. In the end, each dataset used in this experiment is composed of a random numeric value, a random name and a String “Data A”, “Data B” or “Data C”.

The cases explored in this experiment are created based on a number of “Citizens”. This number is used to generate the amount of IDs and names used in the experiment. Once the Citizens representation is created, it is sub-divided into 3 groups representing systems A, B and C. Each group is composed of a set of citizens randomly chosen, and that is no bigger than 40% of the total number of citizens in the group. That way, citizen A may have data generated in Systems B and C, but not on system A, citizen Z has data in all three systems.

This experiment uses 100, 1000 and 10000 citizens, each experiment uses an amount of citizens’ data that are sent to systems A, B and C.

In a first moment, the execution is made without the use of middleware, and, after that, the execution is made using the proposed middleware, each execution is made 5 times. Figure 19 presents the explored flow and steps used in this experiment.

Figure 19: Experiment flow

Source: The author. Next section presents the results of one of the executions to represent and describe the behavior of the proposed work.

5.2.2. Generic experiment without middleware

This section explores values, names and IDs, created for each citizen and system. Table 7 represents part of the data stored in each system.

Table 7: Citizens ID and Names

ID Name ID Name ID Name 2175 Mairaildrim 11715 Aerdaraeldar 11725 Shetennin 176 Zyoth Dicus 21716 Selmahnes Ancio 15726 Aeraeltherel 577 Amadrim Alautin 7717 Kahalsan 15727 Luenin 2178 Eiryth Audacio 11718 Aelsanthernes 28728 Sumriadrim 2879 Eiryth Dutin 9719 Amtheress 7729 Sylrailoth 7710 Laraillian Enulius 28720 Kanelsan Dogutin 3711 Angeannes Anules 1721 Amsan Bres 16712 Ladar Banus 27722 Fidar Audator 3713 Afraileanevar 10723 Ansraeran 18714 Zaduldul Aulius Source: The author. 90

Table 7 presents a portion of citizens’ names with their IDs. After the citizens’ names are created the next step is to connect with systems A, B and C in order to create the values as presented in Table 8, through a JSON http request.

Table 8: Systems A, B and C data

SYSTEM A SYSTEM B SYSTEM C ID DATA ID DATA ID DATA 1570 DATA A 7710 DATA B 28720 DATA C 2171 DATA A 3711 DATA B 1721 DATA C 172 DATA A 16712 DATA B 27722 DATA C 73 DATA A 3713 DATA B 10723 DATA C 2274 DATA A 18714 DATA B 5724 DATA C 2175 DATA A 11715 DATA B 11725 DATA C 176 DATA A 21716 DATA B 15726 DATA C 577 DATA A 7717 DATA B 15727 DATA C 2178 DATA A 11718 DATA B 28728 DATA C 2879 DATA A 9719 DATA B 7729 DATA C 7710 DATA A 28720 DATA B

3711 DATA A 1721 DATA B 16712 DATA A 27722 DATA B 3713 DATA A 10723 DATA B 18714 DATA A Source: The author. The values presented in Table 8 refer to data used without the IDeM proposed in this thesis. If we take as an example id 3711, whose name is Angeannes Anules, it is possible to validate that it has DATA A and DATA B, associated with systems A and B. However, in this portion of the table, this user has no DATA C, and id 27722, whose name is Fidar Audator, has DATA in systems B and C but has no data in system A.

Even if the name is suppressed from the systems and, in this view, from the tables, it is possible to correlate data from the same user in different scenarios. For instance, if we are talking about a health system and an educational systems, respectively, as system A and B, it would be possible to refer to Angeannes Anules data from different systems and to know any diseases or medical condition that this citizen has and also his/her grades in school.

The proposed middleware works creating different IDs for each citizen in every system (A, B, and C). Each ID is created to be different from the citizen’s real identifiers in a multi-ID environment, unlike the mentioned technologies and others explored in chapter 3 that focus on identification with single identifiers in many systems. 91

5.2.3. Generic experiment with middleware

The second scenario uses the same behavior of previous section. A set of citizens are created based on a random amount of 10000, 1000 and 100, and the data generated are an ID, name and DATA A, B and C.

Once the citizens’ data are generated, requests to the systems, passing through IDeM are made. Each citizen has its data created in systems A, B and C, but with its identifiers changed by the identifiers generated in the middleware. That behavior is the central point of the proposed work.

In this example, the new IDs are created using the citizens ID and the systems ID (A, B or C) combined using a hash function. Table 9 presents a portion of the generated data. Highlighted in light-grey, 2 users accessing the 3 systems, with their respective new IDs.

Table 9: IDeM generated ID, citizen ID and System id

Generated ID ( System A,B and C) ID System

26faf727ef3090a55c7801a637f184ba213b7489663c82a68907bb1e070acd6c 3711 A e5d3b5a13c820ef755946d41a733a0bbb203df9a963d54b940a91ad4bdd5c928 16712 A cee9edc84a87fc65364c32c9fde079725e618a29c3a2671857f260c286b0d6a9 3713 A fb5e091a7a2395eb0ee28b12b705cf7d665be5551cf9c0efdf631028db738607 18714 A 9a8f525f66691d24cfde4458c231332af876d007975a761541a6d2353c98c3e5 3711 B 84f086837b9734311d5ef3f57e60a11fbaa3c2c47fb87df38589bdeea41cdbf3 16712 B a5711e9da2010e29975945a7b3caa858a7ff1b223d1f5775eb0db9f85e84759a 28720 B 230ce78b67806f6b5f694b9a1997400dc90c44b7666da948dea5c09079519e59 1721 B d119cc0c9576dda8adb348b484d901165663944805976c1e27f039d21c8af351 27722 B 3258dd39c50909cd65cb5dc9b68ee853c356d0f975edd2d67262ede04115b75b 10723 B 4718b98aa64d1d7e92fdb23ed0548dfc4b14bc4fa2c19942887bc936ce94190a 28720 C 9830b95aaaacc1e3a64caac3c3ee462e02565fd5c5352ae360761255b7fdf8ef 1721 C 3050c8d2fb18d7542c559d3b42de22d51581cfdd145588ae5f60f280d4745abb 27722 C ad1b748b8a35960da733fbb6a72d26ed66dfc3d413f0861f1d2a6db21e2a5afa 10723 C Source: The author. Taking as an example citizens 3711 and 27722, instead of using those two identifiers (3711, 27722) in systems A, B or C, using the middleware, a total of 4 different IDs are created. In system A, 26faf727ef3…, System B, 9a8f525f6669… and d119cc0c957... and, finally, in system C, 3050c8d2... . Without the information presented in Table 9, it 92 is highly unlikely or nearly impossible to associate a user to its data. The data, with their respective new ID, are presented in Table 10.

Table 10: Systems A, B, C data with identifiers changed

ID ( System A,B and C) Data

SYSTEM A 26faf727ef3090a55c7801a637f184ba213b7489663c82a68907bb1e070acd6c DATA A e5d3b5a13c820ef755946d41a733a0bbb203df9a963d54b940a91ad4bdd5c928 DATA A cee9edc84a87fc65364c32c9fde079725e618a29c3a2671857f260c286b0d6a9 DATA A fb5e091a7a2395eb0ee28b12b705cf7d665be5551cf9c0efdf631028db738607 DATA A SYSTEM B 9a8f525f66691d24cfde4458c231332af876d007975a761541a6d2353c98c3e5 DATA B 84f086837b9734311d5ef3f57e60a11fbaa3c2c47fb87df38589bdeea41cdbf3 DATA B a5711e9da2010e29975945a7b3caa858a7ff1b223d1f5775eb0db9f85e84759a DATA B 230ce78b67806f6b5f694b9a1997400dc90c44b7666da948dea5c09079519e59 DATA B d119cc0c9576dda8adb348b484d901165663944805976c1e27f039d21c8af351 DATA B 3258dd39c50909cd65cb5dc9b68ee853c356d0f975edd2d67262ede04115b75b DATA B SYSTEM C 4718b98aa64d1d7e92fdb23ed0548dfc4b14bc4fa2c19942887bc936ce94190a DATA C 9830b95aaaacc1e3a64caac3c3ee462e02565fd5c5352ae360761255b7fdf8ef DATA C 3050c8d2fb18d7542c559d3b42de22d51581cfdd145588ae5f60f280d4745abb DATA C ad1b748b8a35960da733fbb6a72d26ed66dfc3d413f0861f1d2a6db21e2a5afa DATA C Source: The author. Without the information stored in Table 9, a malicious user having access to the information stored in A, B, C finds 4 different IDs instead of 2, in that way, even though the data is exposed, the citizen is not compromised since the attacker will not have the information about the citizens’ real ID.

5.2.4. Evaluation

A. Exploring Anonymity and ID changing

To explore anonymity it is necessary to analyze this feature under two different perspectives. The first topic refers to a citizen having its private data disclosed. In this case, it is also important to analyze it under other two views, the data can be removed and 93 the data cannot be removed from the mentioned systems. The second topic refers to an anonymity request made on purpose by a user’s request, without no important reason.

1. First topic: User has data breached. Let us assume that a malicious user has access to a citizen’s record related to health system or other sensitive information. Even though the citizen/user has the possibility to remove its information from the breached system, the data is already under the possession of the malicious user, and so it makes no difference in the situation for the citizen in terms of privacy.

This general topic refers to the fact that there is no point in anonymizing something that is already in the knowledge of others. Also, it is possible to dismantle this scenario in other two more specific situations. i. There is no point in removing/anonymizing something or someone already breached, the data is not a sensitive data and can be removed avoiding further consequences. ii. There is no point in removing/anonymizing something or someone already breached, the data are sensitive and cannot be removed without compromising the citizen, like in the case of medical records. 2. Second topic: The user wants to preventively have its anonymization. Let us assume that a citizen chooses to have its data anonymized. If we are talking about an interoperable environment with dozens of system communicating with each other, it would be at least difficult to remove the data from system to system and that citizen would depend on a system feature to allow that. The fact that the proposed work deals with an approach to separate data from their identifiers, allows the citizen to treat both scenarios accordingly. In the first case, if data is breached, the malicious user will at first (i) have access to data that are not related to anyone’s real identity, and secondly (ii) have to deal with new identifiers changed in the IdM and spread to the systems, creating a different user’s identity through a different( and new) identifier. In the second (ii) case, to anonymize a citizen the interaction will only be with the IdM system. 94

In another topic, through an ID change, a virtual anonymization would be achieved, since an ID associated with a system would cease to exist, being exchanged by a new id. That creates a scenario in which an Identity no longer exists and a new identity is created by the new identifier creation.

B. General analysis

Using the previous experiment, it is possible to have the following impacts regarding IDeM usage:

a. Identifiers separation maintaining identities separated from data and information.

b. Creation of a scenario of multiple identities using a unique identifier.

c. The multiple-ID scenario is independent from third parties to authorize, which is the case of, for instance, OAuth and OpenID. The third party only manages identifier.

d. Since the use is based on HTTP request, and, in the mentioned experiment, JSON packets, it allows compatibility with a broad range of frameworks to fulfill the middleware proposed in chapter 4.

e. Creation of a real anonymization and id changing environment.

f. Performance: As mentioned in the beginning of the chapter, each system A, B and C, was filled with 100, 1.000 and 10.000 random users. This scenario was repeated 5 times, at first without the IDeM approach and after using IDeM to validate how performance is impact in a first glance.

Table 11 presents the average times (Av), the median times (Md) and the amount of citizens created (#) using 1.000 and 10.000 values. It is also presented the results for each of the 5 execution, both with and without IDeM, for each of the three systems explored (A, B and C). Finally, the column labeled Gen., summarize and presents the average, median and number of citizen, from all executions.

Table 11: 1.000 and 10.000 citizens’ simulation

1.000 cittizens execution 10.000 citizens execution Without middleware I II III IV V Gen. I II III IV V Gen. Av 15,66 15,71 16,31 15,93 15,46 15,79 15,80 15,77 15,81 15,83 15,78 15,80 A Md 15 15 15 15 15 15 15 15 15 15 15 15 # 480 388 331 407 407 2013 3273 3772 3986 3738 3257 18026 Av 15 14,83 15,41 15,39 15,41 15,19 15,05 15,29 15,08 15,09 15,16 15,12 B Md 15 14 15 15 15 15 15 15 15 15 15 15 # 97 97 97 97 97 2131 4685 3065 4911 3408 3241 19310 Av 15,99 15,70 15,21 15,77 15,96 15,71 15,62 15,64 15,64 15,88 15,54 15,67 C Md 15 15 15 15 15 15 15 15 15 15 15 15 # 367 435 422 448 365 2037 4212 3369 3939 4571 4514 20605 With middleware I II III IV V Gen. I II III IV V Gen. Av 19,84 19,69 19,58 20,06 19,82 19,80 19,70 19,64 19,68 19,61 19,67 19,77 A M 19 19 19 19 19 19 19 19 19 19 19 19 # 354 303 374 364 434 1829 3956 3819 3348 3642 3729 18494 Av 18,45 20,20 19,32 18,91 19,78 19,06 19,13 19,29 19,22 19,19 18,96 19,14 B Md 18 19 19 18,5 19 19 19 19 19 19 19 19 # 110 110 110 110 110 2101 4426 4902 4746 4740 3421 22235 Av 19,60 19,77 19,88 19,68 19,47 19,69 19,93 19,73 19,96 19,62 19,66 19,78 C Md 19 20 19 19 19 19 19 19 19 19 19 19 # 300 302 485 494 374 1955 3788 4887 3557 3538 3941 19711 Source: The author. In a brief analysis, comparing the values with and without using the middleware, it is possible to verify that system A, with 10.000 citizens value, has an average time of 15,80ms , a median of 15ms and that generated a total of 18.026 citizens. On the other hand, using IDeM, the average times increased to 19,77ms, the median times increased to 19ms and the total citizens created were 18.494. That means that the average time was increased by 3,97ms (25,12%) and the median was increased by 4ms (26,66%).

While examining the values, even though 26% or 25% appears as a great increase in times, it must be noticed that the raw value was increased in less than 5ms. Also, that value has not changed based on the number of citizens used, 1.000 or 10.000 citizen’s presents the same increase in times with and without the proposed approach.

Finally, it is important to highlight that performance was not the focus of this work and because of that, more tests with different amounts of citizens were not conducted and neither do techniques to find bottlenecks were applied to try to improve the overall value. 96

5.3 Experiment B: Identity Management in Healthcare Systems

The second experiment is conducted using a healthcare system. Information systems are of key importance for efficient healthcare services. They improve patient care and administration, providing valuable support for medical diagnosis. To provide such services, healthcare information systems collect and store an extensive volume of patient data in digital format, referred as electronic health record. This section explores the impact of the proposed middleware in the anonymization of patient data.

Silvino et al. (SILVINO NETO, MÁRCIA VALÉRIA, PLÍNIO MANOEL, 2015) has proposed and developed a disease surveillance middleware platform used to extract statistical information from electronic medical. This platform is called PREVENT (Platform for Real-Time Verification of Epidemic Notification) and is used in this experiment in order to validate IDeM‘s applicability in a specific context, in this case, the context of healthcare.

5.3.1. About the experiment

Previous studies brought into attention the need to make further improvements related to information security on healthcare information systems (FERRAZ et al., 2015b; SINGH; BACON; EYERS, 2014; SINGH et al., 2008; TARIQ; KOLDEHOFE; ROTHERMEL, 2014). Based on this need, this section describes the use of a Healthcare Security Layer (HSL) developed on top of the PREVENT, which is a disease surveillance middleware platform used to process statistics extracted from electronic medical records in order to anticipate and report outbreak occurrences (SILVINO NETO, MÁRCIA VALÉRIA, PLÍNIO MANOEL, 2015).

A. PREVENT: Middleware Architecture

PREVENT is a Message-oriented Middleware (MOM) platform, built to collect and process a large volume of information, in a highly scalable fashion. It provides a set of RESTful interfaces to be used by healthcare information systems to exchange aggregate data reports held in electronic medical records. Also, it handles a significant amount of sensitive patient information. However, current support for data security mechanisms is 97 limited to the use of the TLS/SSL data transport protocol. Therefore, numerous security breaches have been observed in this platform, most of them related to privacy concerns. In order to address this situation, this case study examines the use of a Healthcare Security Layer based on middleware to be integrated into PREVENT architecture, from this point on the mentioned layer is referenced as HSL.

The HSL aims to assure patient anonymity, protecting the privacy and confidentiality of individuals, by overriding sensitive information included in electronic medical records with new identifiers, generated from the combination of the patient personally identifiable information (e.g. Name, Social Security, and Credit Card Numbers, etc.) and the healthcare provider identification.

Figure 20: PREVENT architecture overview

Source: (SILVINO NETO, MÁRCIA VALÉRIA, PLÍNIO MANOEL, 2015). In this experiment, PREVENT architecture has been slightly updated to accommodate a new Security Layer, as exhibited in Figure 20. This diagram presents an overview of PREVENT multilayered architecture, including its most significant software components. PREVENT is composed by 5 different layers, each one of them with a distinct set of responsibilities, described as follows: 98

Presentation Layer: Hosts the RESTful Servlet endpoints used to receive messages and subscription requests dispatched by healthcare information systems.

Service Layer: Extracts and processes the data contained in the electronic medical records received from healthcare information systems, and coordinates communication with other layers in order to complete data analysis operations.

Persistence Layer: Stores and retrieves information persisted in a NoSQL database.

Communication Layer: Handles communication between PREVENT and the Google Cloud Publish/Subscribe Services API.

Security Layer: Encapsulates the access to PREVENT Communication Layer and provides a mechanism to ensure the privacy and confidentiality of patient data, using an the approach proposed in this thesis.

In spite of the fact that the information exchanged between PREVENT and other healthcare systems is transmitted over a secure channel, when the data have reached the other end, they may be exposed and violated by a third party. In other terms, once the data is out of the scope of this platform, privacy and security concerns cannot be enforced, compromising the anonymity of patients.

In order to address this issue, in the next section we discuss the use of an IdM approach (FERRAZ et al., 2015b) integrated into the PREVENT platform.

B. Healthcare Security Layer (HSL)

The HSL is based on the middleware approach of this thesis, it is responsible for overriding patient sensitive information contained in messages received from healthcare providers, prior to their delivery to subscribed healthcare information systems. Since PREVENT is already a middleware, in order to adopt the approach proposed in this thesis, there were no need to implement a new and independent middleware, rather than that HSL is composed of PREVENT capabilities together with the dynamics proposed in this thesis. In other words, a new version of PREVENT was created implementing identifiers generation and management.

In order to generate a new patient identifier, PREVENT concatenates the original identifier value with the healthcare provider ID, the resulting string value is then encoded 99 using a 256-bits cryptographic hash function (SHA-2). This procedure is an example of an ID form as depicted in chapter 4, it could be replaced by other algorithm as long as the ID created is unique within the context.

Finally, the obtained hash byte array is encoded back to string format using Base64 binary-to-text representation. The new identifiers are then used to replace the original values in the messages received in FHIR/JSON format. Also, a new entry is persisted in the platform NoSQL database, in order to correlate the original patient identifier, the healthcare provider ID, and the newly generated identifier. In order to illustrate the HSL data flow, a collaboration diagram is exhibited in Figure 21.

Figure 21: Case Study Healthcare Security Layer Basic Flow

Source: (NETO; FERRAZ, 2016). The diagram in Figure 21 presents a scenario where Hospital A wants to share electronic medical records with PREVENT middleware platform for aggregate data reporting. The patient records received are processed and delegated to PREVENT Communication Layer, which checks whether the received patient identifiers and the healthcare provider ID are related to previously generated hashes. According to the outcome of this test, hash IDs may be created or retrieved, in order to override patient information. At last, the updated messages are dispatched to Hospital B.

100

C. Electronic Health Records

As previously discussed in this chapter, electronic health records are composed by a set of sensitive personal information. Recently, the numbers of incidents related to patient data leakage and theft have increased. This situation exposes the need for more robust and sophisticated information security.

PREVENT’s HSL aims to improve information privacy. In this section, we demonstrate how it affects the contents of an electronic healthcare record, and what type of data should typically be anonymized.

A regular electronic patient record typically contains a significant amount of personal information, such as: full name, home address, phone number, social security number, and sometimes even a credit card number may be present. If data is exploited for malicious purposes, it may lead to a number of damages and consequences for the patient.

Figure 22: Case Study Record sample

Source: The author. A shortened version of a health record is presented in Figure 22. As it may be observed, it contains the patient full name, home address and social security number in plain text. Using a secure channel for message transmission ensures that the data within a patient record will not be compromised. However, when data are delivered to another 101 healthcare information system, they may be an easy target for violation or theft, as previously commented in this thesis.

5.3.2. Health experiment without middleware

In this approach, electronic health records are exchanged between this platform and the subscribed healthcare information systems, without any type of modification. Therefore, any personal information held in the patient record, is sent along with aggregate clinical data reports.

Towards establishing a reference parameter for functional and performance-related results, in this section we analyze PREVENT functional behavior, and collect a few metrics in order to assess the performance of this middleware platform. The results gathered will set the boundaries for comparison between the secure and non-secure approaches.

This assessment is performed at the Google Cloud Platform, which is a modular cloud hosting service. The machine type used for this test is a standard Google Virtual Machine Instance, with a single virtual CPU that is equivalent to a 2.6GHz Intel Xeon E5 and 3.75GB of memory. The PREVENT middleware application is deployed at the Google App Engine, which is an application server for hosting cloud-based web applications. Despite the fact that in experiment A, the cloud platform used was AWS, in this experiment, the environment chosen was google because a previous version of PREVENT was already deployed there.

The test case used for this assessment is comprised of a single scenario, where a total of 500 messages are sent to the middleware application using the Apache JMeter, which is a Java-based performance testing tool. Each message holds information related to a unique patient. The platform is configured to deliver messages to 50 registered HTTPS endpoints, each one of them acting as healthcare information systems. Each registered HTTPS endpoint is either a Java Servlet class deployed at the Google App Engine or a PHP file hosted at the Digital Ocean NGINX server that simply logs the current timestamps and the contents of each FHIR message received. 102

Figure 23, exhibits records directly from the database using Google’s GQL, which is a SQL-like language for retrieving entities or keys from NoSQL databases, presenting the results in a table-like structure.

Figure 23: Patient Records Persisted in Google Cloud Datastore

Source: The author. According to the data structure of a FHIR message (Figure 23) sensitive patient information such as: home address, identifier value (social security number), and full name are stored in plain text in PREVENT NoSQL database.

5.3.3. Health experiment using middleware

This approach relies on the use of cryptography and encryption, in order to anonymize electronic health records exchanged between this platform and the registered healthcare information systems. Hence, all personal information included in the patient medical records must be ciphered and encoded prior to its storage and delivery.

In the previous section, we have established reference parameters for functional and non-functional requirements, based on the results collected during the assessment of the non-secure approach. In the scope of this assessment, the same set of metrics is to be collected, for later comparison against the metrics previously obtained. The differences observed over the collected results are an accurate indicator of how significant is the impact for performance and functionality. 103

The present assessment is to be conducted using precisely the same testing environment, as the one utilized for the non-secure approach. This current simulation is also performed at the Google Cloud Platform. The machine type used is an identical standard Google Virtual Machine Instance, with a single 2.6GHz Intel Xeon E5 CPU and 3.75GB of memory. Furthermore, an updated version of the PREVENT middleware application has been deployed at the Google App Engine, including the security features provided by the HSL.

As previously discussed, FHIR health records are received by this platform over a secure channel. However, sensitive patient information held on these records is usually received in plain text format. The HSL aims to address this limitation by using an Identity Management middleware that overrides sensitive patient information with ciphered values for outgoing messages. The HSL allows system administrators to define a set of attributes contained in a patient medical record that are set to be encrypted for protection. Also, a new NoSQL entity type named GeneratedHashValues was created in order to store the generated hash IDs, indexed by the combination of the patient attribute value and the healthcare provider ID. To demonstrate the HSL capabilities for this assessment, we have enabled the protection of two health records attributes: patient identifier (social security number) and full name. It is important to observe that this assessment will likely reproduce the worst-case scenario, given that an empty dataset for generated hash IDs will be used. Put simply, for every message received, both identifiers (social security number and full name) will be encrypted and stored, resulting in additional processing overhead.

To illustrate the scenario aforementioned, Figure 24 presents the values stored by the GeneratedHashValues entity type, as result of the HSL processing. In opposition to the non-secure approach, the attributes of patient records that are set for encryption must be replaced by their correlated hash values prior to message delivery.

Figure 24: Generated IDs for Protected Patient Record in Case Study

Source: The author. 104

Figure 25 shows a FHIR health record snippet, obtained prior to data anonymization and protection. Several attributes were suppressed for the sake of simplicity and due to the size limitations of this work.

Figure 25: FHIR Health Record Snippet BEFORE HSL approach

Source: (NETO; FERRAZ, 2016). After the encryption of sensitive patient information, a secure and privacy-assured patient record is obtained, as the one exhibited in Figure 26.

Figure 26: FHIR Health Record Snippet AFTER HSL approach

Source: (NETO; FERRAZ, 2016). As occurred for the non-secure approach, the middleware sustained a stable functional behavior during the whole experiment. No lost messages or functional errors have been observed.

105

5.3.4. Evaluation

This present experiment has analyzed privacy and security concerns for data exchange between healthcare information systems, aiming to compare the use of both secure and non-secure strategies. During this research, we have carried out the following simulation studies to validate the approach.

These experiments all used the PREVENT middleware platform for processing electronic health records received for outbreak detection and anticipation. PREVENT was running over the Google Cloud Platform, with fifty randomly chosen subscribers for message delivery simulation.

Throughout both experiments, secure and non-secure approaches did not differ at all, in terms of functional behavior. All messages were successfully delivered after the completion of both experiments. This is a compelling evidence of the HSL transparent functional operation. Similarly, minor performance differences have been observed, and are not present because the focus for this experiment is to explore security gains.

In spite of the fact that our secure approach performs an additional cryptographic operation for patient information, the performance impact observed is a very insignificant decline, especially when measuring the benefits of using a security-based approach for patient data. After analyzing the measured numbers, we can conclude that our secure approach for healthcare data exchange was on average 2.42% slower than the common insecure approach.

As security impacts we can point out the following:

Privacy: Now patient data are no longer associated with the patient real identity. Therefore, it is not possible to link a certain disease or condition to one specific individual. Anonymity: In accordance with the previous bullet statement, the separation between patient identity and its data promotes a transparent and immediate mechanism for data anonymization, by simply removing information from the security layer. Patient tracking: In previous works (FERRAZ; FERRAZ, 2014a, 2014b) it has been stated by the authors that citizen tracking can be harmful, given the risks associated with 106 sensitive data exposure. Applying that same principle to patient tracking, through the adoption of the proposed solution, patient tracking is no longer viable. It should be remembered that this assessment was performed in simulation of the worst-case scenario for the secure approach, given that we used an empty dataset for generated hash IDs. Therefore all protected identifiers, contained in every message received, had to be encrypted and stored prior to message delivery.

5.4 Experiment C: Multi interoperable

This section details an experiment conducted using an implementation of middleware. The purpose of this validation is to check if either an identity or identifier management is feasible and will increase security in a smart city environment. To do so a testbed (SILVA; FERRAZ; FERRAZ, 2015) was used.

The experiment starts by using the testbed with defined configuration values. The result of the first round is compared with a second execution, this time with a middleware implementation between data generation and services.

For a clearer presentation, only one set of generated data will be presented. The entire range of data can be found in Appendix A.

5.4.1. About the experiment

The testbed used for the experiment is composed by a set of services; each subset of services represents a system commonly found on a city environment. Three of the available six systems were used for this study: Education, Natural Resources, and Government (Taxes). The following list explains the main objective of each of these systems. More details about the systems and the testbed can be found in the original work (SILVA; FERRAZ; FERRAZ, 2015).

Education: This system is composed of services responsible for managing classes, grades, schools, and available courses in those schools. Every citizen that belongs to a school is enrolled in a course. At some point, the student is given a grade for that course. 107

These services can help citizens and other interested parties to deploy or pay more attention to specific areas of expertise related to education such as determining how effective is a certain school when compared with others, or which area of expertise has the best students. Government: In this system, it is possible to create different solutions based on taxes collected and how those taxes are distributed. The idea behind governmental systems is to create a set of services related to specific taxes that a citizen is obligated to pay. Resources: This system provides a way to enable control of expenses for city resources such as water, natural gas, and energy, and how much those resources cost. Natural resource services are different from governmental systems given that they are related to specific companies or departments that are responsible for controlling those types of resources. Table 12 presents a summary of the systems mentioned, along with different areas and testbed services. Table 12: Summary of available services

System Type Area/Focus Testbed Services Register grades Unified Grades Schools and student services Education Grades per course Register courses Courses View courses Define types of taxes Government Taxes Apply taxes Register consumption Resources Consumption Consumption per individual Source: The author. From the available services used in this study case, services related to Grades, School, Courses, Students, Taxes, and Natural Resource Consumption are used. The adopted testbed uses a flexible configuration set to create random values that, using a data generator, populate the services used. The values are randomized based on the following: City spot: latitude and longitude that represent the center of the city. City size: values 1, 2, and 3 define, respectively, small, medium, and large cities. This parameter is used with the city spot to determine the radius, which helps determine if a certain spot is part of the city. Number of inhabitants: a parameter to determine how many inhabitants the city possesses. 108

Number of accesses per inhabitant of urban systems: a number that defines the number of times that citizens of the city access each system. System rank index: the systems (Resources, Security, Education, Healthcare, etc.) receive values from 1 to 5 that rank them from most to least accessed. Table 13 lists the values adopted for the study case. Table 13: testbed random values

Latitude and Longitude 39.99, -75.15 near Glenwood, Philadelphia, PA, USA City size 3 Inhabitants 50 Number of accesses 50 Resources 3 Security 3 Education, 3 Healthcare 3 Transportation 3 Government 3 Source: The author. The creation of a data generator to create realistic data was not the focus of the testbed development. Because of this, it is likely to have a scenario where a student enrolls in two classes (courses) that occur at the same time. Likewise, it is possible to report crimes in the middle of the ocean or that a student is enrolled in the same course at different schools.

A. Defining scenarios

The concept of smart cities involves the relationship between entities and services in an interoperable environment. Thus, different systems collaborate with each other with the goal of improving citizens’ lives.

When defining the proposed reference architecture, the main components of modern smart-city solutions are outlined. This can benefit from improving the security of entities and data privacy by considering that is necessary to manage the tuple of Identities, Identifiers, and Entities in the following relevant scenarios:

Base scenario: a set of systems that offers basic functionalities related to the solutions of the cities. This basic set is composed of services for School and Student Grades, 109

which act as an educational system; a resource manager to act as a controller for natural resources and consumed values; and a tax system that acts as a government system responsible for collecting taxes from citizens.

The Base Scenario represents a simple solution for populating city systems; the following scenarios represent more complex applications. Each application connects with more than one system, or requests a different type of service.

Scenario 1: A ranking that presents natural resources that are consumed more frequently across the city. With regard to security measures, this scenario must ensure that it is not possible for another entity to have information on the expenses of a specific citizen. Scenario 2: Also based on resource systems, this scenario considers how much citizens spent on resources in order to offer an inverse proportion of the discount on government taxes. A citizen gains a higher discount if he/she spent less on natural resources. This scenario explores different aspects of the proposed middleware using entity identifiers to gather information from a system. Based on these identifiers, the information for a different identity of the same entity in a second system is updated, without revealing that both identifiers belong to the same entity. It is important to ensure that, even though an app has access to a set of information, it will not be possible to link that identity to another set of information coming from another service. Scenario 3: This scenario is similar to Scenario 2 and depicts a solution where a student’s taxes may be reduced based on the student’s school performance. This scenario also explores the strength of using identifiers in different scopes, with the difference that this scenario reveals the student rankings.

B. AWS Environment

In order to conduct the study case, an infrastructure was created using AWS. This structure is composed of three sets of virtual machines. The first set has the instances responsible for data generation, the second group is the middleware implementation, and the last group represents city systems. Figure 27 shows a general view of the infrastructure.

110

Figure 27: AWS infrastructure for experiment C

IDeM

Source: The author.

The instance type used in this process is t2.medium, which has two vCPUs and 4 GB of memory RAM.

The relational database service (RDS) chosen for middleware is db.t2.medium with two vCPUs and 4 GB of memory RAM. For the set of machines responsible for the systems, we selected a db.t2.small with one vCPU and 2 GB of RAM.

Regarding the responsibilities of each set of machines, please note the following:

City systems: responsible for simulating urban services, based on the testbed previously depicted. This is composed of three systems: Natural Resources, Educational, and Government.

Each system uses one EC2 instance (t2.medium) and one RDS instance (db.t2.small).

IDeM: represents the implementation responsible for service management and ID changes. 111

The service manager is deployed in one EC2 (t2.medium) and one RDS (db.t2.small). The ID manager is deployed in one EC2 (t2.medium) and in one RDS (db.t2.medium).

Note that the RDS instance used for middleware has more resources because every request passes through middleware for ID changing, so it needs more computational resources to guarantee the correct execution.

Data generator: responsible for generating random data used by the systems. This uses three virtual machine (VM) instances, where each instance generates random data for one system exclusively.

The generated data is sent in the form of a JSON request composed of an entity ID that represents the ID to be changed in IDeM, a service ID that represents the service to be requested, and a nested JSON packet that contains data related to the service to be requested. In addition, the generator is responsible for creating a different and random amount of data for each system used by the applications. This means that, for example, the educational system can have a random number of Schools, each School can have a random number of Courses, and each Course can have a random number of Students, this number of Schools, Courses and Students, are based on the system rank index, for this example all values were equally defined, so the maximum number in every case would be the same.

The same logic applies to the resources system that has a random amount of Resources consumed by a random number of Citizens and, finally, to the government system that has a random amount of Taxes applied to a random number of Citizens. It is important to highlight that the testbed contribution is related with a mass of data generation, to be used for simulation, logics and semantics associated with such data are not under the project scope. More details on the environment used to simulate the city can be found in a previous published paper that depicts a smart-city testbed (SILVA; FERRAZ; FERRAZ, 2015).

Table 14 lists the machines used in the experiment.

112

Table 14: Infrastructure

AWS Used Infrastructure

Responsibility Type Number City Systems t2.medium / db.t2.small 3/3

Service Manager t2.medium / db.t2.small 1/1

middleware t2.medium / db.t2.medium 1/1

Data Generation t2.medium 3

Source: The author.

In total, 13 VMs, 8 EC2 instances, and 5 RDS instances were used. To best simulate a heterogeneous scenario, like an environment of a city with different systems hosted and/or operated by different entities, each EC2 machine is deployed in a separate environment with its own virtual network, range of IPs, and web server. Before each round of testing, the EC2 machines are always deployed and the database is dropped and recreated.

5.4.2. Testbed execution without the middleware

As presented in Table 14, a subset of services was used in this experiment. To populate the mentioned services, values listed in Table 8 were used.

In this first round, the data were generated without the presence of middleware.

A field named personID identifies every citizen presented in the following study. A personID stands for a personal identifier of each citizen, such as a Social Security number, a passport number, or a driver’s license. The identifier is a unique value and is not susceptible to duplication.

Each part of the services will be presented separately for easier understanding, in addition, a small subset of data will be presented in each case. For a complete set of data, please refer to Appendix A. 113

Figure 28: Educational values

+----+------+------+ +----+------+ | id | name | personID | | id | name | +----+------+------+ +----+------+ | 1 | Angiatyth Doboes | 1570 | | 1 | Networks | | 2 | Yatenevar Bacio | 1871 | | 2 | Calculus | | 3 | Maralas Eucio | 3872 | | 3 | Biology | | 4 | Fiemardul Ducio | 373 | | 4 | Philosophy | | 5 | Fisthidarmah Anaudacus | 074 | | 5 | French | | 6 | Firemar Belus | 3375 | | 6 | Mandarin | | 7 | Ahtherriathi Dofridanus | 1876 | | 7 | Spanish | +----+------+------+ | 8 | Micro Biology| +------+------+------+ | 9 | Photos | | grade | course_id | student_id | | 10 | Chemistry | +------+------+------+ +----+------+ | 7 | 3 | 2 |

| 4 | 1 | 5 | Tables: | 7 | 2 | 1 | | 9 | 7 | 3 | Student | 9 | 6 | 6 | Course | 0 | 4 | 4 | | 0 | 5 | 5 | Student Grade +------+------+------+

Source: the author. The information presented in Figure 28 corresponds to the table of contents of an educational system. The first table on the top left represents Students, the table on the top right represents available Courses, and the bottom table represents Grades obtained by each student in a course. For example, Yatenevar Bacio, personID 1871, in course Biology, has a grade of 7, while Fiemardul Ducio, personID 373, has a 0 grade in Philosophy.

Figure 29: Government Tax System

+------+------+------+ +----+------+ | personID | value | taxType_id | | id | name | +------+------+------+ +----+------+ | 33729 | 987.75 | 8 | | 1 | Capital gains tax | | 44721 | 144.85 | 8 | | 2 | Consumption tax | | 378 | 471.96 | 5 | | 3 | Direct tax | | 15715 | 961 | 8 | | 4 | Duty | | 4977 | 688.46 | 10 | | 5 | FairTax | | ... | ... | ... | | 6 | Impt | | 1871 | 340.64 | 8 | | 7 | Income Tax | | 6744 | 468.12 | 9 | | 8 | Indirect tax | | ... | ... | ... | | 9 | Inflation tax | | 33729 | 162.43 | 4 | | 10 | Sales tax | | 379 | 22.02 | 6 | +----+------+ | 1871 | 162.26 | 6 | | 20713 | 378.64 | 3 | | 48733 | 65.47 | 4 | Tables: | ... | ... | ... | | 42724 | 509.47 | 2 | Tax Applied | ... | ... | ... | Tax Type | 1871 | 637.97 | 2 | | 5720 | 240.84 | 4 | | ... | ... | ... | | 32716 | 513.89 | 5 | | 25747 | 627.57 | 9 | | 3872 | 682.79 | 9 | +------+------+------+

Source: the author. 114

Figure 32 shows taxes applied to each citizen living in a simulated city. The first table on the left presents taxes applied to a citizen, and the table on the right represents the description of each type of tax.

For example, a citizen using the personID 1871 has taxes related to Indirect Tax, Impost, and Consumption Tax, totaling $1,140.87.

Comparing it with educational data, it is possible to link the expenses attributed to Yatenevar Bacio.

Figure 30: Resource system +-----+------+------+ +-----+------+------+ | id |name | personID | | id | cost |resource_id | +-----+------+------+ +-----+------+------+ | ... |... | ... | | ... | ... | ... | | 112 |Ditus Natural Gas | 4977 | | 147 | 246.21 | 114 | | 113 |Ditus Petrol | 074 | | 148 | 755.89 | 115 | | 114 |Dinus Gas | 4977 | | 149 | 575.57 | 116 | | 115 |Eucus Water | 1871 | | ... | ... | ... | | ... |... | ... | | 216 | 374.58 | 168 | | 116 |Eucus Natural Gas | 378 | | 217 | 162.03 | 168 | | 167 |Bator Water | 3738 | +-----+------+------+ | 168 |Bator Petrol | 1871 | Tables: | 169 |Bator Energy | 46741 | Natural Resources +-----+------+------+ Costs

Source: the author. Figure 30 presents data related to natural resource systems. The table on the left presents different types of resources associated with a citizen, and the table on the right lists the expenses related to each system. In this context, citizen 1871 has spent a total of $1,292.50 on Water and Petrol.

In summary, through the data analysis of the mentioned systems, Yatenevar Bacio, personID 1871, payed $1,140.87 on taxes and spent $1,292.50 on natural resources.

5.4.3. Testbed execution with middleware

The following data were generated using the same configuration as in the previous section and can be found in Table 8. This time the services will not be directly accessed. Instead, the middleware will be accessed before the request reaches the systems/services. It is important to remember that the generated data are randomly created, so names, ids, values, and other data are to be different from those previously exhibited. 115

As depicted in Chapter 4, to access a service using middleware, a request must be made to middleware, informing it which service is to be accessed. A packet is then sent to the service. In the case study, a JSON is used as the communication protocol.

Figure 31 shows the main table content from the middleware services. The content is composed by a primary key (ID), a hash generated from the combination of the entity’s ID and ID service, the original entity ID, and the service ID.

Figure 31: middleware main table content

+-----+------+------+------+ | id | hash | idEntity | idService | +-----+------+------+------+ | 1 | 485dd06ff7b42e3ea189ed5565bc0660b5bb6f... | 3770 | 1 | | 2 | 0df59fd6c41cadd2220fd09fcd4d5979b7f64c... | 371 | 1 | | ... | ... | ... | ...| | 70 | 370f4236e5bdd7635918b7d0e5a2fbb141e6f5... | 3770 | 30 | | ... | ... | ... | ...| | 76 | 77e33f89bac6787067ac23ecb2f680d5a1568f... | 4673 | 30 | | 78 | e85c884f79ab4f75abc9f50cf2bf5a2728a699... | 3770 | 10 | | ... | ... | ... | ...| | 126 | 5d43ea279d39eecfd4cb80a72f0e02a9a8bb99... | 371 | 14 | | 129 | 11a8e16ae48ec7e76aa64370f083ed0d43752e... | 3770 | 14 | | ... | ... | ... | ...|

Source: The author. In the middleware table, the entityID 3770 is highlighted to serve as an example to be followed across to the next tables. In this case, 3770 has entries that reference services 1, 30, 10, and 14. The complete set of data can be found in Appendix A.

Figure 32: Student table after middleware

+----+------+------+ | id | name | personID | +----+------+------+ | 1 | Maideth Anfries | 485dd06ff7b42e3ea189ed5565bc0660b5bb6f0... | | 2 | Firailthusnes Altin | 0df59fd6c41cadd2220fd09fcd4d5979b7f64c5... | | 3 | Caelhal Eubigunus | 5f39ccf6432c1f0c5bcc990d7adda5bd83d4263... | | 4 | Sumevar Alius | 8207e18cfb09e33d7994f5ef45ff331c8c71cfc... | | 5 | Dhones Dacus | 6279619ed2d511a4359a7c1bfe02be72871b67s... | +----+------+------+

Source: The author. Figure 32 represents the student table from the educational system and using the middleware services. Cross-referencing values from previous tables, the citizen Maideth Anfries in this system has a personID starting with 485dd06ff… and primary key 1.

116

Figure 33: Grades and courses

+----+------+------+------+ +----+------+ | id | grade | course_id | student_id | | id | name | +----+------+------+------+ +----+------+ | 12 | 7 | 11 | 7 | | 12 | Micro Biology | | 13 | 9 | 13 | 1 | | 13 | Literature | | 14 | 0 | 14 | 2 | | 14 | Greek History | |... | ... | ... | ... | |... | ... | | 25 | 1 | 22 | 7 | | 26 | Literature | | 26 | 1 | 27 | 1 | | 27 | Distributed System| | 27 | 3 | 26 | 1 | |... | ... | +----+------+------+------+ +----+------+

Source: The author. Figure 33, presents that People ID 485dd06ff… is enrolled in Literature classes and Distributed Systems. This person has grades of 9 in Literature and 1 in Distributed Systems.

Figure 34 represents the taxes spent by citizens.

Figure 34: Taxes spent using middleware

+-----+------+------+------+ | id | personID | value | taxType_id | +-----+------+------+------+ | ... | ... | ... | ... | | 6 | 11a8e16ae48ec7e76aa64370f083ed0d43...| 922.42 | 5 | | 7 | 7259321094b093e13f29135e026bc4d5a4...| 575.52 | 9 | | ... | ... | ... | ... | | 67 | 11a8e16ae48ec7e76aa64370f083ed0d43...| 757.78 | 5 | | 68 | 26a1be28a744e21ce575d9e73c32fd79a8...| 403.52 | 1 | | ... | ... | ... | ... | | 122 | 11a8e16ae48ec7e76aa64370f083ed0d43...| 939.75 | 1 | | 123 | 1582b93fc7108edc40ec2f0f6a92e90048...| 586.96 | 6 | | ... | ... | ... | ... | | 194 | 11a8e16ae48ec7e76aa64370f083ed0d43...| 59.96 | 9 | | ... | ... | ... | ... | | 200 | 639839f26ba849fe39824e1bdbe23da827...| 629.09 | 5 | | 201 | 11a8e16ae48ec7e76aa64370f083ed0d43...| 574.29 | 9 | | ... | ... | ... | ... | | 212 | 11a8e16ae48ec7e76aa64370f083ed0d43...| 247.87 | 1 | +-----+------+------+------+

Source: The author. If someone tries to find how much 485dd06ff… spent in Figure 34, he or she will only find different ids. 485dd06ff… which is assigned to Maideth Anfries in this scenario, has an ID that begins with 11a8e16ae… and has spent $3,502.07 in taxes.

117

Figure 35 presents the natural resources used by citizens. Figure 35: Citizens’ use of natural resources

+-----+------+------+------| id | name | personID | resourceType_id | +-----+------+------+------+ | ... |... | ... | ... | | 2 |Autus Natural Ga | e85c884f79ab4f75abc9f50cf2bf5a27... | 1 | | ... |... | ... | ... | | 178 |Dobecio Natural | cc7e406b1340cfa8019ffffbb210803c... | 1 | | 179 |Dobecio Gas | e85c884f79ab4f75abc9f50cf2bf5a27... | 5 | +-----+------+------+------+ +-----+------+------+ | id | cost | resource_id | +-----+------+------+ | ... | ... | ... | | 2 | 52.95 | 2 | | ... | ... | ... | | 378 | 405.26 | 178 | | 379 | 178.29 | 179 | | 380 | 49.68 | 179 | | 381 | 716.06 | 179 | +-----+------+------+

Source: The author. As in the tax scenarios, Maideth Anfries has a different ID from that in the education or tax systems. In this case, the personID is e85c884f7… and the citizen has spent $996.98.

In summary, student Maideth Anfries, whose personID starts with 485dd06ff… , has grades of 9 in Literature and 1 in Distributed Systems, paid $3,502.07 in taxes under personID 11a8e16ae..., and spent $996.98 on natural resources under personID e85c884f7….

The first scenario described the use of different services by focusing on Yatenevar Bacio (personID 1871). The same identifier is used across different services and systems.

If the system experiences a security breach, it automatically combines and discovers different information about a specific citizen just by analyzing the retrieved data.

On the other hand, when middleware is applied, the behavior of the systems is maintained without impact; and if the systems are breached, information regarding, for example, Maideth Anfries, are not automatically combined and discovered. In the three mentioned systems, Maideth Anfries has three different identifiers: one for each identity (education, taxes, and natural resources) that are different from the original identifier 3770. 118

A. Exploring results

The previous section discussed the behavior of basic systems related to support information about education, resources, and government taxes, with and without the middleware. We can conclude that the systems maintained their behavior regardless of whether the proposed solution was adopted.

The following section explores the results of three different scenarios that were previously depicted: Resource Ranking (RR), Taxes based on Resources (TbR), and Taxes based on Education (TbE).

That data used to build the scenarios can be found in Appendix A. Each specific sample used in the following discussion can also be found in previous tables.

Table 15: Resource ranking with and without IDeM

Without Using IDeM Resource Type IDeM Value Value $23,200.67 Natural Gas $32,372.80 $25,566.64 Petrol $47,926.74 $31,468.08 Energy $36,494.32 $18,375.25 Water $30,778.08 $22,055.04 Gas $36,694.54

Source: The author.

To build Table 15, the application must consume data related to at least two services from the same system (resources spent and resources).

Resources services have information regarding who spent in which system. By cross- referencing this information with resources consumed, it is possible to understand how much was spent across all types of resources. It is also important to highlight that, the values presented in Table 15 are different because the data generation in the used testbed be are random data, so every time those data are generated they will most likely be complete different form the previous execution.

By examining the first column, without the middleware, and comparing it with student services, it is possible to obtain information regarding a specific student because 119 each ID retrieved is the same ID used in education and resources. On the other hand, with middleware, even if the name of a student is known, since his/her name is revealed by the student service and the identifier is also present, it is not possible to link a student to a resource consumer because the identifier is kept secret and only the new and unique identifier is presented.

For TbR (Taxes based on Resource), a citizen may be given a percentage discount (5%) if she/he has spent less than $2,000.00, and a discount of 2% if he/she has spent less than $10,000.00.

Analyzing two particular citizens, we have the following results listed in Table 16.

Table 16: Taxes based on resources analysis

Resource Taxes Discount Final Value Identifier Value Identifier Value

e85c884f79… $1,946.22 11a8e16ae4… $5,263.67 5% $5,000.48

a1a818ea3d... $6,908.02 0dc0d2a2b0... $3,378.04 2% $3,310.47

Source: The author.

To build such table, the TbR application needs to consume information related to resources and from governmental taxes. While directly consuming those systems’ services, the retrieved identifiers are e85c884f79… and a1a818ea3d... for resources, and 11a8e16ae4… and 0dc0d2a2b0... for taxes.

This scenario presents a certain privacy level for the citizens because even though all information from those two services is revealed, it is not possible to match a Resource Identity with its similar Taxes Identity. Moreover, since the two mentioned systems have no information about the citizen’s name (or other data such as address or salary), it is also not possible to track information from the educational service, since the IDs in those systems are also different and there is no name to use as a match.

However, for a service or application with the right permission, it is possible to calculate and/or apply the discount just by passing the ID (for example, e85c884f79…) to the middleware, which will discover the real ID (in this case, 3770). The next step will retrieve the identifier from the destination service (in this case, 11a8e16ae4…) and will 120 pass the discount to be applied. Additionally, in this case, the 3770 identifier, which is related to student Maideth Anfries, is kept private from the resource service and the government taxes service.

For TbE (Taxes based on Education), a citizen may have a percentage discount of 15% if she/he achieves a median that is equal to or higher than 5.00, and a discount of 5% if she/he has achieved a median higher than 3.00.

Table 17: Taxes based on Education

Education Taxes Discount Final Value Identifier Grade Identifier Value

485dd06ff7… 4,75 11a8e16ae4… $5,263.67 5% $5.000.48

2ab44eab6d... 5.00 097c7bd166... $939.31 15% $798.41

Source: The author.

To build such table, the TbE application needs to consume information related to educational and from the governmental taxes systems. While directly consuming those systems’ services, the retrieved identifiers are 485dd06ff7… and 2ab44eab6d... for the educational system, and 11a8e16ae4… and 097c7bd166... for taxes.

This last scenario presents a level of privacy that is different from previous scenarios. TbE presents two pieces of sensitive information (Identifier and Name). The identifier was changed into a secure and anonymous value. Name has not been changed but is not 100% valid information because even if the name is available in both systems, in a scenario with a million citizens it would be impossible to be 100% sure about a specific citizen.

Nevertheless, for a service or application with the right assets, permission is possible for calculating and/or applying a discount based on the calculated median informing the ID 485dd06ff7 … to middleware. In turn, middleware, will internally discover the real ID (in this case, 3770), retrieve (also internally) the correspondent ID on the second service (in this case, 11a8e16ae4 …), and will pass the discount to be applied. 121

The scenarios revealed that, by using IDeM, the behavior of the requested systems and services is maintained. In addition, security improved because middleware keeps an identity apart from its associated data.

The next section discusses security gains that result from adopting the proposed middleware.

5.4.4. Evaluation

This section presents the evaluation of the experiment presented, the main focus of this analysis is to contribute to security, under the scope of an IdM solutions

ID changed and functionalities preserved. The first test used the proposed system, and built applications to create and consume the information. Afterward, IDeM was included as a step after the applications and prior to the system to verify whether the applications continued to work as designed.

The changes needed to implement IDeM required each application to adopt the consumed/requested services by changing them to call the IDeM service using the Service_ID instead of directly calling a desired service.

In addition to these changes, no more updates were required, and the applications worked without modifications.

IDs within systems were independently maintained. Systems may be composed of different services in order to create a unique solution. For example, the education system uses services related to Grades, Schools, and Classes. Thus, a system can opt to use a unique ID for every service (e.g., the same Student_Number to identify student grades and classes), or it could use different IDs for each service (e.g., Student_Number for grades and Student_Number_Year for the classes taken by a particular student in a given year).

The option selected for TbE was to use different IDs per service. In this case, the result is that several IDs were created for different scopes of the same system. To validate the strengths of the proposal, IDs were revealed through applications; and in the services, an attempt was made to recover more information using the breached IDs. It was not 122 possible to recover information from that entity in the services and system. This indicates that the IDs are indeed different from one service to another.

ID captured in an application did not compromise the system. This topic discusses how solutions that use different systems behave if the IDs from one system are revealed.

Solution TbE uses information from the taxes and education systems. The education system uses different IDs for each service, and the taxes system uses the same ID for different services. Furthermore, the applications use the same Service_ID for each service.

Nevertheless, even if all IDs are breached from all education services, no corruption or recovery could be found within a different scope (in this case, the taxes system).

Entities separated from their data. The middleware proposes the creation of a unique and different ID for each relationship between an Entity and a Service. By doing this, the middleware achieves a separation from an Entity to its Identity. Assuming that each Identity is composed of an Identifier and its contextual Data, the middleware achieves a separation of an Entity from its Data.

This property presents a significant advance in security mechanisms for interoperable environments. It offers the possibility that an entity can be kept apart from several of the mentioned issues. Even if data integrity was compromised, it will be kept in a single system and will not generate systematic chaos in other related systems. This minimizes the impacts of the breached part of an environment.

This property could be noticed within TbR and TbE, in which different pieces of information were consumed; and only through the IDeM would it be possible to connect those separated data. That said, if one part were compromised, the other would be saved because there is no physical or virtual connection between them.

Compartmentalization and security in depth. Compartmentalization is a concept explored by Schumacher et al. in (SCHUMACHER et al., 2006). For this concept, the authors explored the gains related to defining separate compartments per functionality.

In the case study, it was possible to verify that an ID created/used in the applications (RR, TbR, and TbE) is different from the IDs stored and managed in IDeM, and is also 123 different from the IDs on the services/system side. This creates a virtual compartmentalization of IDs.

The first topic, ID changed and functionalities preserved, explored data corruption with a unique system by exposing the ID of a service that is part of an environment with a set of services. In this case, because of the basic capability of changing IDs, the services and system in their entirety were unharmed.

The second topic, IDs within systems were independently maintained, explored the ID of a system that has been breached without compromising a second system that has a relation to the first. In the third topic, ID captured in an application did not compromise the system, when corruption began in an application (or on the client side), the systems using those IDs are still safe.

These three behaviors (service-to-service, system-to-system, and application-to- system/service) indicated that, although we are considering a unique application that consumes services, the three main components (applications, middleware, and services) were isolated from ID discovery.

Through the mentioned characteristics and gains, it can be shown that the identity is safer into an interoperable environment; moreover, entity privacy is demonstrated to have been increased.

5.5 Final analysis

Analyzing the results presented in each quasi-experiment, it is possible to validate that hypothesis H1 is not confirmed since there were increases in security in each experiment, also the negative hypothesis is not confirmed, because there were no increases in security. Hypotheses H2 and H3, are confirmed, and there were positive impacts in security with minimum impacts and changes in the application.

Experiment A presented that the middleware offers means to promote identification changes, anonymity and privacy, with impacts in performance less than 5ms in scenarios with different sizes. Experiment B, presented that it is possible to adapt and adopt the proposed solution to a healthcare system providing it with security increasing, anonymity 124 and maintaining the patient untrackable. Finally, experiment C presented results that were explored using the middleware in a testbed proposed to simulate smart cities.

125

Chapter 6 Conclusion

Today, urbanization has reached an unprecedented level, large cities now house most of the world’s population (DIRKS; GURDGIEV; KEELING, 2010). In the early 90s, the United Nations (UN), the proportion of people living in cities will increase to 70% of the world’s people in less than 50 years (UNIES, 1995).

In 2007, for the first time in history, the global urban population has exceeded the global rural population, and that distribution has remained that way for the last 10 to 15 years. There is an urgent need for cities to be smarter in the management of their infrastructure and interactions (NAPHADE et al., 2011). Cities must start taking into account social interactions, systems interconnection and a faster and new deployment of information and services in order to deal with the critical changes generated by such movement in cities composition. Embracing a smart city solution, in order to present entities with interoperable systems, capable of inter-communicate systems and other entities is becoming increasingly inevitable (DA SILVA et al., 2013; FERRAZ; SAMPAIO; FERRAZ, 2013; WASHBURN; SINDHU; BALAOURAS, 2009).

Alongside with such demand, potential threats against the proposed systems will increase, creating the need for a more permissive and specific information security approach, that will address different and a new set of security issues (BARTOLI, 2011; BURANGE; MISALKAR, 2015; FERRAZ; FERRAZ, 2014b). Even though smart cities are not a reality in terms presented in literature and discussed in this thesis, it is necessary to drive efforts towards the mentioned concern in a short term in order to be prepared to an irreversible situation, in which 70% of population will live in cities in less than 50 years.

Yet more, if it is assumed that proportion of population growth in the next few years, it is necessary to drive those efforts with no further delay so it would be possible to reach millions of people creating billions of connections. To postpone this to a second, or third, moment is to sign up for an eminent information security crisis.

In that context, this research is neither the first one to address identity and security concerns and issues in the theoretical level, also, it is not the first solution and architectural proposal, nor the first experiment conducted to validate it, nor the first to 126 suggest a model for security of interoperable systems. However, to the best of our knowledge, it is the first research work to put all these elements together, it is the first research to relate smart cities under the concept of interoperable environments, with their specific security issues, and addressing those through an identity and identifier management, bringing into light the importance of IdM to the area.

In this thesis, an identity and identifier management approach and a security middleware was proposed, based, initially, on security needs of interoperable smart city systems, and adapted to increase information security, privacy and anonymity in future interconnected urban environments.

6.1 Contribution

The main contribution of this thesis is the design and development of an identity- drive middleware that offers the separation of entity's data from its identifiers and consequently from its identity, adding anonymity and id changing to interoperable and heterogeneous system like in the paradigm of smart cities, increasing citizens privacy and, consequently, and trustworthiness.

Furthermore, after defining characteristics of identity-based solutions and analyze projects and solution in this area, this thesis brought into attention the needs for the development of new means to treat security under the aspect of smart cities. This work has also presented a set of security architectural issues related to urban environment that, under different aspects, can affect privacy, integrity and availability of cities and, in some scenarios, can be harmful to citizens. Even more, this work presented a more specific set of security issues, related to identity, those identity issues were also depicted under the scenario of a smart city.

Not only such issues have been depicted, a middleware, called IDeM, have been proposed and validated through three different experiments, and a portion of the aforementioned issues were addressed, the proposed approach has, also, presented with means to preserve privacy and anonymity into an interoperable environment. Finally, this thesis contributions are summarized and related with each respective research question as follows: 127

Among the classical characteristics of IdM solutions, which are suitable and needed for an IdM-based system for smart cities?

Starting by analyzing IdM characteristics, the proposed middleware offered anonymity, privacy, security, interoperability and user-centric, other characteristic such as mobility are not addressed by the proposed middleware.

IDeM also draw light on the matter of needing to take into consideration new approaches for identity and security in interoperable and heterogeneous environment, especially in smart cities.

In the context of smart city security issues, how does the management of identity and identifier increase an entity’s privacy and security?

This thesis presented contribution over the state of the art, describing security issues related to smart cities, with two different focus architectural issues and, after that, a more specific set of issues related to identity.

Furthermore the adoption of IDeM presented suitable means to avoid and improve information security and privacy under different aspects, including some of the proposed issue, by managing identifiers and identity

How can a solution be proposed to improve information security without changing the city system in a deep way?

As for minimum changes, this thesis presented, defined, implemented and validated an identity-driven middleware that acts by separating an identity from its data in a multi identifier and identity environment.

This separation enables anonymity, privacy and security, the approach used for that, based on a middleware, creates a component that is used as a component built a part from entities and systems, the entities involved in the communication continues to communicate with services and systems through IDeM and the services continues to received request, having only the IDs changed, but for the systems the received IDs are the real ID.

128

6.2 Limitations and Future works

This thesis presents the following limitation to its scope:

a) Not all issues presented in chapter 2 are addressed by the proposed middleware, for instance all the issues related with client side problems; b) The three experiments were conducted under a simulated scenarios, so it is not possible to predict how the system will behave under a scenario of a real city; c) The proposed middleware does not contemplate a distributed solution, even though the performance and eventual bottle necks are not under this thesis scope, the fact that the middleware creates a single point of access, in which every systems is connected, it may create a single point of access for attackers to focus on.

From the proposed solution in this thesis, it is possible to raise some points for future work that are:

a) Create an anonymity guaranteed service so developers can consume to anonymize their users using the proposed approach; b) Propose client-side techniques based on the proposed middleware to mitigate security issues impacts related to client-side. c) Conduct new test in different areas and different systems, validating how the solution behaves in scenarios different than the explored; d) Conduct performance tests under a real city-like scenario with millions of citizens and even more identifiers and identities; e) Conduct tests in a scenario that already has IDs created in order to validate how the adoption of the proposed middleware will impact on a system that is already in a production environment;

129

References

ADDO, I. D. et al. A Reference Architecture for Improving Security and Privacy in Internet of Things Applications. 2014 IEEE International Conference on Mobile Services, p. 108–115, jun. 2014.

ALPÁR, G.; HOEPMAN, J.; SILJEE, J. The identity crisis. security, privacy and usability issues in identity management. arXiv preprint arXiv:1101.0427, p. 1–15, 2011.

AMÉLIA, M.; FERRAZ, S. Analisando cenários de smart cities : Aplicando critérios de comparação baseado em componentes arquiteturais. p. 24–31, 2014.

ATTWOOD, A. et al. SCCIR: Smart Cities Critical Infrastructure Response Framework. 2011 Developments in E-systems Engineering, p. 460–464, dez. 2011.

BARTOLI, A. Security and privacy in your smart city. Proceedings of the …, p. 1–6, 2011.

BATTY, M. et al. Smart cities of the future. The European Physical Journal Special Topics, v. 214, n. 1, p. 481–518, 5 dez. 2012.

BEN AYED, G.; GHERNAOUTI-HÉLIE, S. Disassembling digital identity-related privacy into a set of services: Soaml-based services design. Lecture Notes in Business Information Processing, v. 103 LNBIP, p. 44–57, 2012.

BLACKSTOCK, M. et al. MAGIC Broker 2: An open and extensible platform for the Internet of Things. 2010 Internet of Things (IOT), p. 1–8, nov. 2010.

BOSWORTH, K. et al. Entities, identities, identifiers and credentials — what does it all mean? BT Technology Journal, v. 23, n. 4, p. 25–36, out. 2005.

BURANGE, A. W.; MISALKAR, H. D. Review of Internet of Things in development of smart cities with data management & privacy. 2015 International Conference on Advances in Computer Engineering and Applications. Anais...IEEE, mar. 2015Disponível em: . Acesso em: 24 set. 2015

CARAGLIU, A.; DEL BO, C.; NIJKAMP, P. Smart Cities in Europe. Journal of Urban Technology, v. 18, n. 2, p. 65–82, abr. 2011.

CHOURABI, H. et al. Understanding Smart Cities: An Integrative Framework. 2012 45th Hawaii International Conference on System Sciences. Anais...IEEE, jan. 2012Disponível em: 130

. Acesso em: 26 fev. 2014

DA SILVA, W. M. et al. Smart cities software architectures. Proceedings of the 28th Annual ACM Symposium on Applied Computing - SAC ’13. Anais...New York, New York, USA: ACM Press, 2013Disponível em: . Acesso em: 4 mar. 2014

DHAMIJA, R.; DUSSEAULT, L. The Seven Flaws of Identity Management: Usability and Security Challenges. IEEE Security & Privacy Magazine, v. 6, n. 2, p. 24–29, mar. 2008.

DIRKS, S.; GURDGIEV, C.; KEELING, M. Smarter cities for smarter growth. IBM Global Business Services, p. 24, 2010.

DIRKS, S.; KEELING, M. A vision of smarter cities: How cities can lead the way into a prosperous and sustainable future. IBM Institute for Business Value. June, 2009.

DURAVKIN, E. Using SOA for development of information system “ Smart city ”. v. 2, n. 11, p. 2010, 2010.

EASTERBROOK, S. et al. Selecting Empirical Methods for Software Engineering Research. In: Guide to Advanced Empirical Software Engineering. London: Springer London, 2008. p. 285– 311.

FERRAZ, F. S. et al. Information Security in Smart Cities Using OpenID , SAML and OAuth to increase security in urban environment. SOFTENG 2015 : The First International Conference on Advances and Trends in Software Engineering Information. Anais...2015a

FERRAZ, F. S. et al. Towards A Smart-City Security Architecture Proposal and Analysis of Impact of Major Smart-City Security Issues. SOFTENG 2015 : The First International Conference on Advances and Trends in Software Engineering Information. Anais...2015b

FERRAZ, F. S.; FERRAZ, C. A. Smart Cities Security Issues : an impeding identity crisis. ICSEA 2016, 2016.

FERRAZ, F. S.; FERRAZ, C. A. G. More Than Meets the Eye In Smart City Information Security: Exploring security issues far beyond privacy concerns. IEEE computer science, UFirst-UIC 2014. Anais...Bali, Idonesia: IEEE Computer Society,unpublished, 2014aDisponível em:

FERRAZ, F. S.; FERRAZ, C. A. G. Smart City Security Issues: Depicting Information Security 131

Issues in the Role of an Urban Environment. 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing. Anais...London, UK: IEEE, dez. 2014bDisponível em: . Acesso em: 25 mar. 2015

FERRAZ, F.; SAMPAIO, C.; FERRAZ, C. Towards a Smart City Security Model Exploring Smart Cities Elements Based on Nowadays Solutions. ICSEA 2013, The …, n. c, p. 546–550, 2013.

FERSI, G. Middleware for Internet of Things : a study. 2015.

GONÇALVES, J. M. Privacy and Information Security in Brazil? Yes, We Have It and We Do It! 2010 Seventh International Conference on Information Technology: New Generations, p. 702–707, 2010.

HANSEN, M.; SCHWARTZ, A.; COOPER, A. Privacy and Identity Management. IEEE Security & Privacy Magazine, v. 6, n. 2, p. 38–45, mar. 2008.

HARRISON, C. et al. Foundations for Smarter Cities. IBM Journal of Research and Development, v. 54, n. 4, p. 1–16, jul. 2010.

JIN, Z. P. et al. An attribute-oriented model for identity management. IC4E 2010 - 2010 International Conference on e-Education, e-Business, e-Management and e-Learning, p. 440– 444, 2010.

JOHNSTON, R. J.; GREGORY, D. The Dictionary of Human Geography. [s.l.] Blackwell Reference, 1981.

KHAN, Z.; KIANI, S. L. A Cloud-Based Architecture for Citizen Services in Smart Cities. 2012 IEEE Fifth International Conference on Utility and Cloud Computing, p. 315–320, nov. 2012.

KIM, S.-H. K. S.-H.; JIN, S.-H. J. S.-H.; LIM, H.-J. L. H.-J. A concept of interoperable authentication framework for dynamic relationship in Identity Management. Advanced Communication Technology (ICACT), 2010 The 12th International Conference on, v. 2, p. 1635–1639, 2010.

KIRCHER, M. Remoting Patterns. n. December, p. 60–68, 2004.

LIU, P.; PENG, Z. Smart Cities in China 2 . From Digital City to Smart City 3 . Chinese Smart Cities. 2013.

LUGARIC, L.; KRAJCAR, S.; SIMIC, Z. Smart city - Platform for emergent phenomena power system testbed simulator. IEEE PES Innovative Smart Grid Technologies Conference Europe, ISGT Europe. Anais...2010 132

MARTINEZ-BALLESTE, A.; PEREZ-MARTINEZ, P.; SOLANAS, A. The pursuit of citizens’ privacy: a privacy-aware smart city is possible. IEEE Communications Magazine, v. 51, n. 6, p. 136–141, jun. 2013.

MARTINEZ-JULIA, P.; SKARMETA, A. F. Beyond the separation of identifier and locator: Building an identity-based overlay network architecture for the Future Internet. Computer Networks, v. 57, n. 10, p. 2280–2300, 2013.

MORVAJ, B.; LUGARIC, L.; KRAJCAR, S. Demonstrating smart buildings and smart grid features in a smart energy city. Proceedings of the 2011 3rd International Youth Conference on Energetics (IYCE), p. 1–8, 2011.

MPOFU, N.; VAN STADEN, W. J. A survey of trust issues constraining the growth of Identity Management-as-a-Service(IdMaaS). 2014 Information Security for South Africa. Anais...IEEE, ago. 2014Disponível em: . Acesso em: 24 set. 2015

NAPHADE, M. et al. Smarter Cities and Their Innovation Challenges. Computer, v. 44, n. 6, p. 32–39, jun. 2011.

NETO, S.; FERRAZ, F. S. Towards Identity Management in Healthcare Systems. The 17th International Conference on Internet Computing and Internet of Things. Anais...2016

OWASP. OWASP Top 10 - 2013 : The the most critical web application security risks. [s.l: s.n.].

RAMOS, J. L. H.; BERNABE, J. B.; SKARMETA, A. F. Towards Privacy-Preserving Data Sharing in Smart Environments. 2014 Eighth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing. Anais...IEEE, jul. 2014Disponível em: . Acesso em: 24 set. 2015

SCHAFFERS, H. et al. Smart cities and the future internet: Towards cooperation frameworks for open innovation. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 6656, p. 431–446, 2011.

SCHUMACHER, M. et al. Security Patterns : Integrating Security and Systems Engineering (Wiley Software Patterns Series). [s.l.] John Wiley & Sons, 2006.

SEN, M. et al. Issues of Privacy and Security in the Role of Software in Smart Cities. 2013 International Conference on Communication Systems and Network Technologies. Anais...IEEE, 133

abr. 2013Disponível em: . Acesso em: 8 fev. 2014

SILVA, D.; FERRAZ, F.; FERRAZ, C. Smart City Applications TestBed Towards a service based TestBed for smart cities applications. SOFTENG 2015 : The First International Conference on Advances and Trends in Software Engineering Information. Anais...2015

SILVINO NETO, MÁRCIA VALÉRIA, PLÍNIO MANOEL, F. F. Publish/Subscribe Cloud Middleware for Real-Time Disease Surveillance. ICSEA 2015 : The Tenth International Conference on Software Engineering Advances (2015). Anais...2015

SINGH, A.; CHATTERJEE, K. Identity Management in Cloud Computing through Claim-Based Solution. 2015 Fifth International Conference on Advanced Computing & Communication Technologies. Anais...IEEE, fev. 2015Disponível em: . Acesso em: 24 set. 2015

SINGH, J. et al. Policy-based information sharing in publish/subscribe middleware. Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008. Anais...2008

SINGH, J.; BACON, J.; EYERS, D. Policy Enforcement Within Emerging Distributed, Event-based Systems. Proceedings of the 8th ACM International Conference on Distributed Event-Based Systems - DEBS ’14, p. 246–255, 2014.

SKIBA, D. J. The Internet of Things (IoT). Nursing education perspectives, v. 34, n. 1, p. 63–4, 2011.

SUCIU, G. et al. Smart Cities Built on Resilient Cloud Computing and Secure Internet of Things. 2013 19th International Conference on Control Systems and Computer Science, p. 513–518, maio 2013.

TARIQ, M. A.; KOLDEHOFE, B.; ROTHERMEL, K. Securing Broker-Less Publish/Subscribe Systems Using Identity-Based Encryption. IEEE Transactions on Parallel and Distributed Systems, v. 25, n. 2, p. 518–528, fev. 2014.

TORRES, J.; NOGUEIRA, M.; PUJOLLE, G. A Survey on Identity Management for the Future Network. IEEE Communications Surveys & Tutorials, v. 15, n. 2, p. 787–802, jan. 2013.

UNIES, N. World urbanization prospects. The 1994 revision, 1995. 134

WANG, Y.; ZHOU, Y. Cloud architecture based on Near Field Communication in the smart city. 2012 7th International Conference on Computer Science & Education (ICCSE). Anais...IEEE, jul. 2012Disponível em: . Acesso em: 4 mar. 2014

WASHBURN, D.; SINDHU, U.; BALAOURAS, S. Helping CIOs Understand “Smart City” Initiatives. Growth, 2009.

135

APPENDIX A

This appendix contains the full content of tables presented in experiment C.

In chapter 5, small parts, only direct related tables were presented. Since the Testbed generates a long amount of data and relation between those data, most part are omitted in order to make easier the study understanding.

TABLES CONTENT WITHOUT IDeM

mysql> select * from Student; +----+------+------+------+ | id | email | name | personID | +----+------+------+------+ | 1 | [email protected] | Angiatyth Doboes | 1570 | | 2 | [email protected] | Yatenevar Bacio | 1871 | | 3 | [email protected] | Maralas Eucio | 3872 | | 4 | [email protected] | Fiemardul Ducio | 373 | | 5 | [email protected] | Fisthidarmah Anaudacus | 074 | | 6 | [email protected] | Firemar Belus | 3375 | | 7 | [email protected] | Ahtherriathi Dofridanus | 1876 | +----+------+------+------+ 7 rows in set (0.00 sec)

| 28 | Car Driving | Car Driving | | 29 | Philosophy | Philosophy | | 30 | Oratory | Oratory | | 31 | Personal defense | Personal defense | | 32 | Oratory | Oratory | | 33 | Algotihms | Algotihms | | 34 | Logic | Logic | | 35 | French | French | | 36 | Painting | Painting | | 37 | Networks | Networks | | 38 | First Aid | First Aid | | 39 | Literature | Literature | | 40 | Biology | Biology | | 41 | Potions | Potions | | 42 | French | French | | 43 | Logic | Logic | | 44 | Advanced reading | Advanced reading | | 45 | Cocking | Cocking | | 46 | Literature | Literature | | 47 | Advanced reading | Advanced reading | | 48 | Potions | Potions | | 49 | Chemistry | Chemistry | | 50 | Law | Law | | 51 | House Economy | House Economy | | 52 | International Relations | International Relations | | 53 | French | French | | 54 | House Economy | House Economy | | 55 | Basic reading | Basic reading | | 56 | Basic reading | Basic reading | | 57 | International Relations | International Relations | | 58 | Networks | Networks | | 59 | Photos | Photos | | 60 | Micro Biology | Micro Biology | | 61 | International Relations | International Relations | | 62 | Economy | Economy | | 63 | French | French | | 64 | French | French | | 65 | Law | Law | | 66 | Car Driving | Car Driving | | 67 | Calculus | Calculus | | 68 | Macro Economy | Macro Economy | | 69 | History | History | | 70 | First Aid | First Aid | | 71 | Literature | Literature | | 72 | Oratory | Oratory | | 73 | Economy | Economy | | 74 | Calculus | Calculus | | 75 | Social Stuff | Social Stuff | | 76 | Algotihms | Algotihms | +----+------+------+ 76 rows in set (0.00 sec) mysql> select * from StudentGrade; +----+------+------+------+ | id | grade | course_id | student_id | +----+------+------+------+ | 1 | 7 | 3 | 2 | | 2 | 4 | 1 | 5 | | 3 | 7 | 2 | 1 | | 4 | 9 | 7 | 3 | | 5 | 9 | 6 | 6 | | 6 | 0 | 4 | 4 | | 7 | 0 | 5 | 5 | | 8 | 8 | 11 | 4 | | 9 | 5 | 8 | 3 | | 10 | 5 | 9 | 3 | | 11 | 9 | 10 | 6 | | 12 | 7 | 12 | 5 | | 13 | 8 | 13 | 6 | | 14 | 8 | 16 | 3 | | 15 | 1 | 14 | 7 | 137

| 16 | 3 | 15 | 7 | | 17 | 5 | 17 | 2 | | 18 | 8 | 18 | 2 | | 19 | 9 | 20 | 3 | | 20 | 4 | 19 | 7 | | 21 | 9 | 21 | 3 | | 22 | 3 | 24 | 5 | | 23 | 7 | 23 | 3 | | 24 | 8 | 22 | 1 | | 25 | 3 | 27 | 7 | | 26 | 7 | 26 | 3 | | 27 | 3 | 25 | 4 | | 28 | 3 | 28 | 7 | | 29 | 3 | 30 | 1 | | 30 | 3 | 29 | 7 | | 31 | 6 | 31 | 4 | | 32 | 7 | 34 | 7 | | 33 | 3 | 33 | 4 | | 34 | 3 | 32 | 1 | | 35 | 7 | 36 | 5 | | 36 | 1 | 35 | 3 | | 37 | 6 | 38 | 6 | | 38 | 5 | 37 | 2 | | 39 | 8 | 39 | 1 | | 40 | 9 | 40 | 5 | | 41 | 0 | 42 | 6 | | 42 | 7 | 41 | 6 | | 43 | 2 | 43 | 4 | | 44 | 4 | 44 | 3 | | 45 | 1 | 47 | 6 | | 46 | 2 | 46 | 2 | | 47 | 7 | 45 | 7 | | 48 | 7 | 48 | 3 | | 49 | 2 | 51 | 6 | | 50 | 8 | 49 | 7 | | 51 | 2 | 50 | 5 | | 52 | 3 | 52 | 3 | | 53 | 1 | 53 | 2 | | 54 | 4 | 54 | 4 | | 55 | 8 | 55 | 5 | | 56 | 2 | 58 | 3 | | 57 | 5 | 56 | 4 | | 58 | 7 | 57 | 2 | | 59 | 1 | 59 | 7 | | 60 | 8 | 60 | 6 | | 61 | 2 | 61 | 1 | | 62 | 5 | 62 | 5 | | 63 | 7 | 63 | 1 | | 64 | 5 | 64 | 2 | | 65 | 2 | 65 | 7 | | 66 | 3 | 69 | 7 | | 67 | 7 | 66 | 5 | | 68 | 0 | 68 | 5 | | 69 | 5 | 67 | 3 | | 70 | 6 | 70 | 5 | | 71 | 4 | 71 | 3 | | 72 | 9 | 72 | 1 | | 73 | 4 | 74 | 6 | | 74 | 5 | 73 | 4 | | 75 | 5 | 76 | 6 | | 76 | 9 | 75 | 4 | +----+------+------+------+ 76 rows in set (0.00 sec)

mysql> select * from Tax; | 2 | 44721 | 144.85 | 1 | 8 | +-----+------+------+------+------+ | 3 | 378 | 471.96 | 2 | 5 | | id | personID | value | place_id | taxType_id | | 4 | 15715 | 961 | 3 | 8 | +-----+------+------+------+------+ | 5 | 4977 | 688.46 | 4 | 10 | | 1 | 33729 | 987.75 | 1 | 8 | | 6 | 44721 | 572.3 | 5 | 2 | 138

| 7 | 36728 | 65.26 | 6 | 5 | | 78 | 4745 | 227.67 | 64 | 6 | | 8 | 32739 | 110.07 | 7 | 1 | | 79 | 46741 | 4.35 | 65 | 3 | | 9 | 48733 | 755.85 | 7 | 5 | | 80 | 36717 | 86.25 | 66 | 3 | | 10 | 1871 | 340.64 | 8 | 8 | | 81 | 36717 | 955.36 | 67 | 4 | | 11 | 6744 | 468.12 | 9 | 9 | | 82 | 46741 | 350.14 | 68 | 8 | | 12 | 36711 | 824.95 | 10 | 10 | | 83 | 39749 | 654.86 | 69 | 9 | | 13 | 25747 | 716.09 | 11 | 2 | | 84 | 36728 | 230.89 | 70 | 8 | | 14 | 1876 | 43.96 | 12 | 7 | | 85 | 18727 | 95.37 | 71 | 2 | | 15 | 47714 | 401.67 | 13 | 2 | | 86 | 36717 | 194.52 | 71 | 1 | | 16 | 379 | 926.51 | 13 | 6 | | 87 | 39749 | 674.95 | 72 | 5 | | 17 | 28730 | 18.43 | 14 | 1 | | 88 | 5737 | 130.27 | 73 | 2 | | 18 | 43712 | 530.06 | 15 | 10 | | 89 | 3738 | 960.75 | 74 | 3 | | 19 | 33729 | 162.43 | 16 | 4 | | 90 | 25747 | 623.05 | 75 | 2 | | 20 | 379 | 22.02 | 16 | 6 | | 91 | 42724 | 465.67 | 75 | 9 | | 21 | 1871 | 162.26 | 17 | 6 | | 92 | 3872 | 59.67 | 76 | 9 | | 22 | 20713 | 378.64 | 17 | 3 | | 93 | 3740 | 359.72 | 77 | 9 | | 23 | 48733 | 65.47 | 18 | 4 | | 94 | 43712 | 140.45 | 78 | 9 | | 24 | 27718 | 135.91 | 19 | 8 | | 95 | 378 | 563.84 | 79 | 3 | | 25 | 20734 | 549.27 | 20 | 1 | | 96 | 373 | 695.68 | 80 | 5 | | 26 | 15731 | 582.2 | 21 | 3 | | 97 | 3375 | 264.31 | 81 | 9 | | 27 | 18727 | 195.17 | 22 | 1 | | 98 | 49735 | 345.49 | 82 | 9 | | 28 | 4745 | 19.78 | 23 | 6 | | 99 | 27718 | 250.01 | 83 | 8 | | 29 | 36717 | 549.57 | 24 | 10 | | 100 | 373 | 276.63 | 83 | 1 | | 30 | 17743 | 807.02 | 25 | 9 | | 101 | 074 | 313.31 | 84 | 1 | | 31 | 13710 | 797.06 | 26 | 1 | | 102 | 27718 | 126.09 | 85 | 7 | | 32 | 46741 | 422.07 | 27 | 8 | | 103 | 20713 | 249.13 | 85 | 5 | | 33 | 3375 | 28.74 | 27 | 2 | | 104 | 44748 | 336.89 | 86 | 7 | | 34 | 47714 | 339.07 | 28 | 5 | | 105 | 6744 | 610.02 | 86 | 10 | | 35 | 32739 | 769.14 | 29 | 6 | | 106 | 379 | 9.62 | 87 | 4 | | 36 | 47714 | 812.23 | 29 | 10 | | 107 | 47714 | 60.71 | 87 | 2 | | 37 | 25747 | 439.3 | 30 | 8 | | 108 | 11722 | 795.16 | 88 | 6 | | 38 | 39749 | 760.32 | 31 | 8 | | 109 | 27718 | 48.42 | 89 | 1 | | 39 | 36717 | 476.07 | 32 | 7 | | 110 | 43712 | 646.74 | 89 | 4 | | 40 | 41725 | 408.97 | 32 | 10 | | 111 | 25747 | 724.57 | 90 | 2 | | 41 | 44748 | 957.87 | 33 | 6 | | 112 | 378 | 892.68 | 91 | 1 | | 42 | 3872 | 712.16 | 34 | 10 | | 113 | 42746 | 737.11 | 92 | 3 | | 43 | 23732 | 456.11 | 35 | 7 | | 114 | 13710 | 7.08 | 93 | 2 | | 44 | 6744 | 667.48 | 36 | 9 | | 115 | 44742 | 272.02 | 94 | 9 | | 45 | 379 | 411.72 | 37 | 6 | | 116 | 49735 | 515.29 | 95 | 5 | | 46 | 49735 | 650.12 | 37 | 6 | | 117 | 378 | 881.81 | 96 | 1 | | 47 | 15731 | 22.71 | 38 | 9 | | 118 | 28730 | 223.41 | 97 | 9 | | 48 | 42724 | 902.92 | 39 | 8 | | 119 | 15731 | 620.55 | 98 | 2 | | 49 | 44742 | 677.56 | 40 | 4 | | 120 | 46741 | 283.42 | 98 | 9 | | 50 | 15731 | 443.5 | 40 | 7 | | 121 | 48726 | 476.95 | 99 | 2 | | 51 | 48719 | 997.62 | 41 | 8 | | 122 | 4745 | 358.8 | 100 | 9 | | 52 | 18727 | 324.64 | 42 | 8 | | 123 | 36711 | 680.32 | 101 | 7 | | 53 | 378 | 949.05 | 43 | 8 | | 124 | 36711 | 353.42 | 101 | 9 | | 54 | 15731 | 575.63 | 44 | 4 | | 125 | 42724 | 509.47 | 102 | 2 | | 55 | 1876 | 662.86 | 44 | 10 | | 126 | 33729 | 431.06 | 103 | 7 | | 56 | 48726 | 635.9 | 45 | 5 | | 127 | 1871 | 224.55 | 103 | 7 | | 57 | 44742 | 153.86 | 46 | 4 | | 128 | 1871 | 637.97 | 104 | 2 | | 58 | 32716 | 7.93 | 47 | 7 | | 129 | 5720 | 240.84 | 104 | 4 | | 59 | 25747 | 246.43 | 47 | 5 | | 130 | 43712 | 291.73 | 105 | 3 | | 60 | 1876 | 904.89 | 48 | 3 | | 131 | 15715 | 188.38 | 106 | 9 | | 61 | 33729 | 475.42 | 49 | 4 | | 132 | 44721 | 526.07 | 107 | 4 | | 62 | 36717 | 726.66 | 50 | 7 | | 133 | 3872 | 559.79 | 108 | 2 | | 63 | 3872 | 580.05 | 51 | 8 | | 134 | 36717 | 865.43 | 109 | 9 | | 64 | 44748 | 889.01 | 52 | 10 | | 135 | 3740 | 806.77 | 110 | 9 | | 65 | 6744 | 843.17 | 53 | 9 | | 136 | 18727 | 150.29 | 111 | 4 | | 66 | 32723 | 503.38 | 54 | 8 | | 137 | 36728 | 261.75 | 112 | 6 | | 67 | 20734 | 516.31 | 55 | 7 | | 138 | 25747 | 833.35 | 113 | 10 | | 68 | 48719 | 728.88 | 56 | 8 | | 139 | 27718 | 350.69 | 114 | 4 | | 69 | 44742 | 709.23 | 57 | 8 | | 140 | 4745 | 170.25 | 114 | 3 | | 70 | 4977 | 791.86 | 58 | 7 | | 141 | 3740 | 234.13 | 115 | 6 | | 71 | 48719 | 445.65 | 59 | 10 | | 142 | 378 | 455.23 | 115 | 9 | | 72 | 20734 | 742.37 | 60 | 1 | | 143 | 42724 | 442.68 | 116 | 1 | | 73 | 1876 | 329.02 | 60 | 6 | | 144 | 20734 | 615.66 | 117 | 6 | | 74 | 39749 | 59.21 | 61 | 10 | | 145 | 39749 | 553.37 | 118 | 4 | | 75 | 17743 | 753.55 | 62 | 5 | | 146 | 15715 | 441.24 | 119 | 4 | | 76 | 4977 | 186.4 | 62 | 10 | | 147 | 48719 | 845.15 | 120 | 5 | | 77 | 3872 | 958 | 63 | 4 | | 148 | 20734 | 814.22 | 121 | 7 | 139

| 149 | 48719 | 249.93 | 122 | 6 | | 150 | 074 | 716.65 | 122 | 3 | | 151 | 33736 | 967.96 | 123 | 3 | | 152 | 074 | 41.96 | 124 | 7 | | 153 | 4977 | 208.44 | 124 | 7 | | 154 | 27718 | 81.43 | 125 | 7 | | 155 | 4745 | 970.19 | 125 | 1 | | 156 | 41725 | 817.25 | 126 | 1 | | 157 | 6744 | 268.32 | 127 | 4 | | 158 | 23732 | 425.83 | 128 | 4 | | 159 | 074 | 515.54 | 129 | 9 | | 160 | 3740 | 26.52 | 129 | 3 | | 161 | 48719 | 629.21 | 130 | 8 | | 162 | 33729 | 296.34 | 131 | 5 | | 163 | 3375 | 320.59 | 132 | 7 | | 164 | 373 | 375.82 | 133 | 4 | | 165 | 32723 | 260.99 | 134 | 6 | | 166 | 20713 | 75.44 | 135 | 8 | | 167 | 48726 | 700.46 | 136 | 10 | | 168 | 36711 | 869.93 | 137 | 7 | | 169 | 48719 | 954.57 | 138 | 3 | | 170 | 39749 | 18.25 | 139 | 4 | | 171 | 33736 | 145.56 | 140 | 3 | | 172 | 13710 | 803.67 | 141 | 5 | | 173 | 32723 | 586.94 | 142 | 8 | | 174 | 32716 | 208.23 | 143 | 7 | | 175 | 44742 | 492.05 | 144 | 1 | | 176 | 6744 | 795.58 | 144 | 4 | | 177 | 36717 | 472.24 | 145 | 8 | | 178 | 33736 | 524.43 | 146 | 1 | | 179 | 44748 | 896.46 | 147 | 5 | | 180 | 32716 | 513.89 | 148 | 5 | | 181 | 25747 | 627.57 | 149 | 9 | | 182 | 3872 | 682.79 | 150 | 9 | +-----+------+------+------+------+ 182 rows in set (0.01 sec)

+-----+------+------+------+------+ | id | description | name | personID | resourceType_id | +-----+------+------+------+------+ | 1 | Dies Water | Dies Water | 33729 | 4 | | 2 | Dies Energy | Dies Energy | 373 | 3 | | 3 | Aubotin Natural Gas| Aubotin Natural Gas | 3740 | 1 | | 4 | Aubotin Natural Gas| Aubotin Natural Gas | 48726 | 1 | | 5 | Anlus Gas | Anlus Gas | 23732 | 5 | | 6 | Anlus Petrol | Anlus Petrol | 379 | 2 | | 7 | Bebutor Energy | Bebutor Energy | 25747 | 3 | | 8 | Bebutor Natural Gas| Bebutor Natural Gas | 43712 | 1 | | 9 | Alus Petrol | Alus Petrol | 1570 | 2 | | 10 | Alus Petrol | Alus Petrol | 33736 | 2 | | 11 | Alus Petrol | Alus Petrol | 17743 | 2 | | 12 | Becus Petrol | Becus Petrol | 41725 | 2 | | 13 | Becus Gas | Becus Gas | 39749 | 5 | | 14 | Bres Energy | Bres Energy | 4745 | 3 | | 15 | Bres Water | Bres Water | 13710 | 4 | | 16 | Bres Energy | Bres Energy | 32723 | 3 | | 17 | Aubucio Gas | Aubucio Gas | 5720 | 5 | | 18 | Dulus Gas | Dulus Gas | 373 | 5 | | 19 | Dulus Natural Gas | Dulus Natural Gas | 44721 | 1 | | 20 | Dabutus Petrol | Dabutus Petrol | 379 | 2 | | 21 | Dabutus Gas | Dabutus Gas | 44748 | 5 | | 22 | Dabutus Gas | Dabutus Gas | 20713 | 5 | | 23 | Dabutus Water | Dabutus Water | 36711 | 4 | | 24 | Alcio Gas | Alcio Gas | 3872 | 5 | | 25 | Alcio Natural Gas | Alcio Natural Gas | 25747 | 1 | | 26 | Alcio Petrol | Alcio Petrol | 36711 | 2 | | 27 | Augutor Water | Augutor Water | 36717 | 4 | | 28 | Augutor Water | Augutor Water | 6744 | 4 | | 29 | Agutin Gas | Agutin Gas | 49735 | 5 | | 30 | Agutin Natural Gas | Agutin Natural Gas | 36711 | 1 | | 31 | Agutin Energy | Agutin Energy | 48719 | 3 | | 32 | Agutin Water | Agutin Water | 4745 | 4 | | 33 | Bibicus Gas | Bibicus Gas | 44742 | 5 | | 34 | Bibicus Petrol | Bibicus Petrol | 33729 | 2 | | 35 | Bibicus Gas | Bibicus Gas | 379 | 5 | | 36 | Dubonus Natural Gas| Dubonus Natural Gas | 42724 | 1 | | 37 | Dubonus Gas | Dubonus Gas | 25747 | 5 | | 38 | Dubonus Gas | Dubonus Gas | 3375 | 5 | | 39 | Becus Natural Gas | Becus Natural Gas | 27718 | 1 | | 40 | Becus Natural Gas | Becus Natural Gas | 48726 | 1 | | 41 | Becus Gas | Becus Gas | 17743 | 5 | | 42 | Becus Petrol | Becus Petrol | 48733 | 2 | | 43 | Alguscio Natural Ga| Alguscio Natural Gas | 5720 | 1 | | 44 | Antus Petrol | Antus Petrol | 379 | 2 | | 45 | Antus Gas | Antus Gas | 379 | 5 | | 46 | Dator Petrol | Dator Petrol | 43712 | 2 | | 47 | Dator Gas | Dator Gas | 36711 | 5 | | 48 | Dator Petrol | Dator Petrol | 3375 | 2 | | 49 | Dabulius Petrol | Dabulius Petrol | 44748 | 2 | | 50 | Dabulius Gas | Dabulius Gas | 32716 | 5 | | 51 | Dabulius Natural Ga| Dabulius Natural Gas | 44748 | 1 | | 52 | Bidalus Energy | Bidalus Energy | 32739 | 3 | | 53 | Etin Water | Etin Water | 44748 | 4 | | 54 | Etin Energy | Etin Energy | 23732 | 3 | | 55 | Etin Water | Etin Water | 42724 | 4 | | 56 | Bres Water | Bres Water | 47714 | 4 | | 57 | Dotus Water | Dotus Water | 074 | 4 | | 58 | Dotus Natural Gas | Dotus Natural Gas | 48719 | 1 | | 59 | Dotus Petrol | Dotus Petrol | 43712 | 2 | | 60 | Antus Petrol | Antus Petrol | 3375 | 2 | | 61 | Dobicus Energy | Dobicus Energy | 43712 | 3 | | 62 | Dobicus Natural Gas| Dobicus Natural Gas | 42724 | 1 | | 63 | Dues Water | Dues Water | 4745 | 4 | | 64 | Becus Energy | Becus Energy | 46741 | 3 | | 65 | Becus Energy | Becus Energy | 1570 | 3 | | 66 | Difritor Gas | Difritor Gas | 20734 | 5 | | 67 | Difritor Energy | Difritor Energy | 43712 | 3 | | 68 | Difritor Energy | Difritor Energy | 20713 | 3 | 141

| 69 | Difritor Petrol | Difritor Petrol | 4977 | 2 | | 70 | Benulius Petrol | Benulius Petrol | 39749 | 2 | | 71 | Benulius Petrol | Benulius Petrol | 6744 | 2 | | 72 | Difrinus Energy | Difrinus Energy | 15715 | 3 | | 73 | Benus Energy | Benus Energy | 3872 | 3 | | 74 | Betin Petrol | Betin Petrol | 5737 | 2 | | 75 | Betin Energy | Betin Energy | 373 | 3 | | 76 | Dutin Gas | Dutin Gas | 15715 | 5 | | 77 | Abetus Energy | Abetus Energy | 17743 | 3 | | 78 | Abetus Petrol | Abetus Petrol | 6744 | 2 | | 79 | Abetus Natural Gas | Abetus Natural Gas | 18727 | 1 | | 80 | Eutor Water | Eutor Water | 32716 | 4 | | 81 | Eutor Natural Gas | Eutor Natural Gas | 44742 | 1 | | 82 | Eutor Gas | Eutor Gas | 18727 | 5 | | 83 | Eutor Energy | Eutor Energy | 32716 | 3 | | 84 | Egutor Energy | Egutor Energy | 44748 | 3 | | 85 | Autor Petrol | Autor Petrol | 18727 | 2 | | 86 | Eutus Natural Gas | Eutus Natural Gas | 5737 | 1 | | 87 | Eutus Natural Gas | Eutus Natural Gas | 074 | 1 | | 88 | Eutus Water | Eutus Water | 17743 | 4 | | 89 | Eunus Energy | Eunus Energy | 3740 | 3 | | 90 | Eunus Gas | Eunus Gas | 373 | 5 | | 91 | Donus Gas | Donus Gas | 36728 | 5 | | 92 | Anbicus Petrol | Anbicus Petrol | 18727 | 2 | | 93 | Anbicus Energy | Anbicus Energy | 49735 | 3 | | 94 | Anbicus Water | Anbicus Water | 44748 | 4 | | 95 | Anbicus Gas | Anbicus Gas | 48719 | 5 | | 96 | Dutin Water | Dutin Water | 074 | 4 | | 97 | Dutin Energy | Dutin Energy | 44748 | 3 | | 98 | Ditin Natural Gas | Ditin Natural Gas | 28730 | 1 | | 99 | Ditin Energy | Ditin Energy | 5737 | 3 | | 100 | Does Natural Gas | Does Natural Gas | 13710 | 1 | | 101 | Does Petrol | Does Petrol | 44742 | 2 | | 102 | Dadalius Natural Ga| Dadalius Natural Gas | 373 | 1 | | 103 | Abonus Water | Abonus Water | 44721 | 4 | | 104 | Abonus Gas | Abonus Gas | 11722 | 5 | | 105 | Abonus Petrol | Abonus Petrol | 48719 | 2 | | 106 | Abonus Natural Gas | Abonus Natural Gas | 36728 | 1 | | 107 | Bagutor Energy | Bagutor Energy | 378 | 3 | | 108 | Bagutor Petrol | Bagutor Petrol | 15715 | 2 | | 109 | Bagutor Water | Bagutor Water | 1876 | 4 | | 110 | Bagutor Energy | Bagutor Energy | 25747 | 3 | | 111 | Ditus Energy | Ditus Energy | 20713 | 3 | | 112 | Ditus Natural Gas | Ditus Natural Gas | 4977 | 1 | | 113 | Ditus Petrol | Ditus Petrol | 074 | 2 | | 114 | Dinus Gas | Dinus Gas | 4977 | 5 | | 115 | Eucus Water | Eucus Water | 1871 | 4 | | 116 | Eucus Natural Gas | Eucus Natural Gas | 378 | 1 | | 117 | Eucus Energy | Eucus Energy | 1876 | 3 | | 118 | Eucus Gas | Eucus Gas | 48719 | 5 | | 119 | Fadacio Natural Gas| Fadacio Natural Gas | 15731 | 1 | | 120 | Fadacio Natural Gas| Fadacio Natural Gas | 3738 | 1 | | 121 | Dafritus Petrol | Dafritus Petrol | 46741 | 2 | | 122 | Elus Gas | Elus Gas | 378 | 5 | | 123 | Anes Water | Anes Water | 28730 | 4 | | 124 | Bres Natural Gas | Bres Natural Gas | 23732 | 1 | | 125 | Dutor Water | Dutor Water | 43712 | 4 | | 126 | Dutor Natural Gas | Dutor Natural Gas | 47714 | 1 | | 127 | Dutor Gas | Dutor Gas | 074 | 5 | | 128 | Dutor Natural Gas | Dutor Natural Gas | 46741 | 1 | | 129 | Difrilus Energy | Difrilus Energy | 48726 | 3 | | 130 | Eutin Energy | Eutin Energy | 32739 | 3 | | 131 | Eutin Energy | Eutin Energy | 373 | 3 | | 132 | Dubinus Gas | Dubinus Gas | 42724 | 5 | | 133 | Dubinus Petrol | Dubinus Petrol | 39749 | 2 | | 134 | Dubinus Petrol | Dubinus Petrol | 4977 | 2 | | 135 | Danulius Natural Ga| Danulius Natural Gas | 379 | 1 | | 136 | Danulius Natural Ga| Danulius Natural Gas | 3738 | 1 | | 137 | Danulius Water | Danulius Water | 15731 | 4 | | 138 | Danulius Petrol | Danulius Petrol | 39749 | 2 | | 139 | Alguscio Energy | Alguscio Energy | 32723 | 3 | 142

| 140 | Dicus Petrol | Dicus Petrol | 4977 | 2 | | 141 | Braucus Natural Gas| Braucus Natural Gas | 3740 | 1 | | 142 | Braucus Water | Braucus Water | 373 | 4 | | 143 | Braucus Energy | Braucus Energy | 25747 | 3 | | 144 | Braucus Water | Braucus Water | 36728 | 4 | | 145 | Fanus Petrol | Fanus Petrol | 44742 | 2 | | 146 | Fanus Water | Fanus Water | 379 | 4 | | 147 | Fanus Petrol | Fanus Petrol | 33736 | 2 | | 148 | Eubetus Natural Gas| Eubetus Natural Gas | 48719 | 1 | | 149 | Eubetus Gas | Eubetus Gas | 074 | 5 | | 150 | Eubetus Energy | Eubetus Energy | 17743 | 3 | | 151 | Eubetus Natural Gas| Eubetus Natural Gas | 6744 | 1 | | 152 | Ditin Energy | Ditin Energy | 47714 | 3 | | 153 | Ditin Energy | Ditin Energy | 17743 | 3 | | 154 | Ditin Energy | Ditin Energy | 36711 | 3 | | 155 | Ditin Natural Gas | Ditin Natural Gas | 44721 | 1 | | 156 | Dulus Water | Dulus Water | 47714 | 4 | | 157 | Dulus Energy | Dulus Energy | 17743 | 3 | | 158 | Dulus Natural Gas | Dulus Natural Gas | 44748 | 1 | | 159 | Dulus Energy | Dulus Energy | 5737 | 3 | | 160 | Allius Petrol | Allius Petrol | 32716 | 2 | | 161 | Befritin Energy | Befritin Energy | 27718 | 3 | | 162 | Befritin Energy | Befritin Energy | 4745 | 3 | | 163 | Befritin Petrol | Befritin Petrol | 33729 | 2 | | 164 | Bibocus Petrol | Bibocus Petrol | 49735 | 2 | | 165 | Bibocus Petrol | Bibocus Petrol | 33729 | 2 | | 166 | Bres Water | Bres Water | 42724 | 4 | | 167 | Bator Water | Bator Water | 3738 | 4 | | 168 | Bator Petrol | Bator Petrol | 1871 | 2 | | 169 | Bator Energy | Bator Energy | 46741 | 3 | | 170 | Anbetin Energy | Anbetin Energy | 36728 | 3 | | 171 | Anbetin Energy | Anbetin Energy | 28730 | 3 | | 172 | Anbetin Water | Anbetin Water | 373 | 4 | | 173 | Aubitor Petrol | Aubitor Petrol | 3740 | 2 | | 174 | Aubitor Gas | Aubitor Gas | 49735 | 5 | | 175 | Aubitor Energy | Aubitor Energy | 4977 | 3 | | 176 | Aubitor Petrol | Aubitor Petrol | 39749 | 2 | +-----+------+------+------+------+ 176 rows in set (0.01 sec) mysql> select * from ResourceType; +----+------+------+ | id | description | name | +----+------+------+ | 1 | All resources related to Natural gas | Natural Gas | | 2 | All resources related to petrol, fossil resources only | Petrol | | 3 | All resources related to energy, non-fossil resources only | Energy | | 4 | All resources related to mineral water | Water | | 5 | All resources related to Natural gas | Gas | +----+------+------+ 5 rows in set (0.00 sec)

143

mysql> select * from | 32 | 728.17 | 27 | | 68 | 745.54 | 54 | ResourceSpent; | 33 | 136.89 | 28 | | 69 | 908.62 | 55 | +-----+------+------+ | 34 | 277.43 | 29 | | 70 | 60.91 | 55 | | id | cost | resource_id | | 35 | 747.51 | 30 | | 71 | 579.26 | 56 | +-----+------+------+ | 36 | 349.15 | 31 | | 72 | 232.52 | 56 | | 1 | 125.18 | 1 | | 37 | 925.94 | 31 | | 73 | 729.42 | 57 | | 2 | 627.89 | 2 | | 38 | 458.53 | 32 | | 74 | 987.54 | 57 | | 3 | 165.44 | 3 | | 39 | 109.55 | 33 | | 75 | 782.81 | 58 | | 4 | 674.88 | 4 | | 40 | 748.39 | 34 | | 76 | 874.84 | 59 | | 5 | 293.8 | 5 | | 41 | 857.32 | 35 | | 77 | 270.7 | 60 | | 6 | 175.97 | 5 | | 42 | 296.34 | 36 | | 78 | 669.32 | 61 | | 7 | 23.15 | 6 | | 43 | 304.85 | 36 | | 79 | 114.89 | 61 | | 8 | 206.44 | 7 | | 44 | 598.56 | 37 | | 80 | 528.88 | 62 | | 9 | 676.05 | 8 | | 45 | 493.62 | 38 | | 81 | 235.69 | 63 | | 10 | 330.93 | 9 | | 46 | 876.61 | 38 | | 82 | 943.66 | 64 | | 11 | 583.07 | 10 | | 47 | 465.98 | 39 | | 83 | 4.9 | 65 | | 12 | 695.82 | 11 | | 48 | 591.89 | 40 | | 84 | 503.1 | 65 | | 13 | 674.95 | 12 | | 49 | 665.19 | 41 | | 85 | 263.36 | 66 | | 14 | 783.78 | 13 | | 50 | 457.72 | 41 | | 86 | 570.45 | 67 | | 15 | 428.04 | 14 | | 51 | 274.23 | 42 | | 87 | 829.6 | 68 | | 16 | 231.91 | 15 | | 52 | 575.65 | 42 | | 88 | 958.72 | 69 | | 17 | 933.5 | 16 | | 53 | 496.09 | 43 | | 89 | 100.29 | 70 | | 18 | 29.98 | 16 | | 54 | 920.06 | 44 | | 90 | 953.88 | 70 | | 19 | 541.98 | 17 | | 55 | 567.82 | 45 | | 91 | 270.67 | 71 | | 20 | 914.54 | 17 | | 56 | 831.88 | 46 | | 92 | 19.48 | 71 | | 21 | 896.58 | 18 | | 57 | 530.37 | 46 | | 93 | 226.68 | 72 | | 22 | 769.07 | 19 | | 58 | 115.62 | 47 | | 94 | 631.26 | 73 | | 23 | 390.43 | 20 | | 59 | 814.34 | 47 | | 95 | 831.73 | 74 | | 24 | 343.4 | 21 | | 60 | 738.26 | 48 | | 96 | 798.04 | 75 | | 25 | 832.69 | 22 | | 61 | 440.19 | 49 | | 97 | 535.17 | 76 | | 26 | 320.5 | 23 | | 62 | 864.3 | 50 | | 98 | 353.67 | 76 | | 27 | 825.94 | 24 | | 63 | 906.22 | 51 | | 99 | 198.67 | 77 | | 28 | 24.79 | 24 | | 64 | 963.25 | 52 | | 100 | 724.3 | 78 | | 29 | 29.52 | 25 | | 65 | 681.05 | 52 | | 101 | 852.65 | 79 | | 30 | 746.7 | 26 | | 66 | 702.19 | 53 | | 102 | 912.84 | 80 | | 31 | 599.99 | 27 | | 67 | 986.04 | 54 | | 103 | 34.56 | 80 | 144

| 104 | 98.59 | 81 | | 127 | 399.9 | 99 | | 150 | 945.12 | 117 | | 105 | 876.48 | 82 | | 128 | 161.08 | 100 | | 151 | 675.61 | 118 | | 106 | 19.23 | 83 | | 129 | 325.7 | 100 | | 152 | 163.04 | 118 | | 107 | 810.64 | 83 | | 130 | 85.98 | 101 | | 153 | 501.87 | 119 | | 108 | 911.89 | 84 | | 131 | 157.41 | 102 | | 154 | 645.77 | 120 | | 109 | 495.98 | 84 | | 132 | 617.74 | 102 | | 155 | 675.26 | 120 | | 110 | 840.23 | 85 | | 133 | 870.81 | 103 | | 156 | 473.77 | 121 | | 111 | 925.5 | 86 | | 134 | 587.98 | 104 | | 157 | 517.9 | 122 | | 112 | 663.97 | 87 | | 135 | 470.44 | 105 | | 158 | 348.76 | 122 | | 113 | 494.67 | 87 | | 136 | 522.67 | 106 | | 159 | 278.75 | 123 | | 114 | 457.21 | 88 | | 137 | 289.47 | 107 | | 160 | 905.9 | 124 | | 115 | 766.78 | 88 | | 138 | 314.66 | 107 | | 161 | 750.76 | 124 | | 116 | 861.08 | 89 | | 139 | 483.39 | 108 | | 162 | 631.2 | 125 | | 117 | 486.02 | 90 | | 140 | 871.35 | 109 | | 163 | 453.9 | 125 | | 118 | 542.93 | 91 | | 141 | 695.53 | 110 | | 164 | 390.62 | 126 | | 119 | 918.1 | 92 | | 142 | 582.73 | 110 | | 165 | 790.57 | 127 | | 120 | 46.27 | 93 | | 143 | 632.05 | 111 | | 166 | 896.54 | 128 | | 121 | 735.19 | 94 | | 144 | 17.9 | 111 | | 167 | 899.6 | 129 | | 122 | 692.1 | 95 | | 145 | 74.83 | 112 | | 168 | 896.94 | 130 | | 123 | 235.73 | 96 | | 146 | 705.29 | 113 | | 169 | 111.69 | 131 | | 124 | 781.9 | 96 | | 147 | 246.21 | 114 | | 170 | 916.9 | 132 | | 125 | 647.77 | 97 | | 148 | 755.89 | 115 | | 171 | 571.09 | 132 | | 126 | 510.27 | 98 | | 149 | 575.57 | 116 | | 172 | 871.5 | 133 | | 173 | 121.5 | 133 | | 174 | 60.93 | 134 | | 175 | 184.46 | 134 | | 176 | 691.57 | 135 | | 177 | 431.02 | 136 | | 178 | 89.48 | 137 | | 179 | 924.85 | 138 | | 180 | 440.15 | 139 | | 181 | 291.51 | 140 | | 182 | 201.27 | 141 | | 183 | 70.39 | 142 | | 184 | 131.68 | 142 | | 185 | 890.06 | 143 | | 186 | 358.1 | 144 | | 187 | 918.8 | 145 | | 188 | 741.29 | 146 | | 189 | 525.88 | 146 | | 190 | 39.32 | 147 | | 191 | 364.79 | 147 | | 192 | 618.64 | 148 | | 193 | 922.84 | 149 | | 194 | 749.65 | 150 | | 195 | 355.2 | 151 | | 196 | 986.33 | 152 | | 197 | 261.16 | 153 | | 198 | 751.18 | 154 | | 199 | 989.41 | 155 | | 200 | 661.09 | 155 | | 201 | 334.13 | 156 | | 202 | 251.09 | 156 | | 203 | 409.98 | 157 | | 204 | 718.8 | 158 | | 205 | 350.77 | 158 | | 206 | 987.65 | 159 | | 207 | 789.33 | 160 | | 208 | 258.38 | 161 | | 209 | 309.05 | 162 | | 210 | 488.19 | 163 | | 211 | 25.43 | 163 | | 212 | 138.17 | 164 | | 213 | 600.55 | 165 | | 214 | 108.78 | 166 | | 215 | 1.47 | 167 | | 216 | 374.58 | 168 | | 217 | 162.03 | 168 | | 218 | 404.03 | 169 | | 219 | 888.58 | 170 | | 220 | 886.51 | 171 | 145

| 221 | 136.28 | 172 | | 222 | 803.25 | 172 | | 223 | 584.16 | 173 | | 224 | 519.49 | 173 | | 225 | 232.85 | 174 | | 226 | 940.23 | 175 | | 227 | 359.3 | 175 | | 228 | 936.63 | 176 | | 229 | 684.53 | 176 | +-----+------+------+ 229 rows in set (0.00 sec)

TABLES AFTER IDEM APPLIED

mysql> select * from CSLEntity; +-----+------+------+------+ | id | hash | idEntity | idService | +-----+------+------+------+ | 1 | 485dd06ff7b42e3ea189ed5565bc0660b5bb6f013b4310048e49161081a52ecb | 3770 | 1 | | 2 | 0df59fd6c41cadd2220fd09fcd4d5979b7f64c572d9625a29489f2a6fdd34ecb | 371 | 1 | | 3 | 5f39ccf6432c1f0c5bcc990d7adda5bd83d4263364ea1cdbd66ab0aa1aec9b5f | 3172 | 1 | | 4 | 8207e18cfb09e33d7994f5ef45ff331c8c71cfc28b9e85becf23aeff4bb504fc | 4673 | 1 | | 5 | 6279619ed2d511a4359a7c1bfe02be72871b674791d480bb911312fda092982f | 3574 | 1 | | 6 | 2ab44eab6d15044b7197a37591f906b65eead7ed837aac0c63d0ef00fa442d34 | 4175 | 1 | | 7 | 6aac7d7314234bf3731abb178018a456412265ab8177f670ceb5570638ce268d | 2776 | 1 | | 8 | 74a927b01f831951948e50704dd249d357c1c365096b477712582f375aaa5388 | School Mercury | 3 | | 9 | 34057a7f636b77ad203c06089a40c38b3ccbf12bf002be8e48a39166a3f1da98 | School Mars | 3 | | 10 | 8d7c4af2b0d2a63e4d14d2757d6600f631006af434a3f5358707b3afcd6ab1ed | School Jupiter | 3 | | 11 | f38402faacab349b8e022b49afb2aa9119fa583ff2dcafbcbc545963063f7f92 | School Saturn | 3 | | 12 | 562c6df0b59810401f268ac6c28965006484c8370c1b5b970550d45433b8bbac | School Venus | 3 | | 13 | 0274aec5d538a2db3f2616fb14029feb57df37219f6ba647bc0b6c1621cb0ddf | School Neptune | 3 | | 14 | 98dc8fa29e6369831565a2ed769f3e83ba2e8a02de7d820196214d5b843b272f | Chronos School | 3 | | 15 | ba224bafb14b14bc164630aba9ce283f73a17cda403e201c8c1fd06b4789f4c1 | Vulcan School for | 3 | | 16 | d894e475e76d65be46b6250f497cc56fd3aa1be8d5e90326c1fdbb5fac3b71d5 | Romulus Academy | 3 | | 17 | 115f62a6da84b88f0d86ac21e73abc85451ec89aab0d3dbbaf68ba41b52a17fe | School Khalimar | 3 | | 18 | 496f014a30c5551e7d9a7705a76a86bde3c3d0ef1abec7e33e33586ac78dd956 | School Alderaan f | 3 | | 19 | dcf95bca3aed71db0da737f0ec70817b9b7d317e32c0b6d402796a2811c4158f | Kripton Academy | 3 | | 20 | b2e8e2d656cc251131cf7321594cf90863c379c5bf4c480d4c91c0bc3c8a5164 | Kashyyyk School | 3 | | 21 | d8e1b4284695d264067723630ec38bbfa057a7a3c1e157595858fbf97dbdffc7 | Hoth Winter Schoo | 3 | | 22 | ce14fdd5f1cdaab662a03bb0e14c8cb913a08f4597f6fc711df4a58b564f73fb | Tatooine Summer S | 3 | | 23 | c9785000eeebdf239c4a6748fc0ac0aeb5a1404144794ef2ffc65d204bb93a6d | Kamino Science Sc | 3 | | 24 | 23cf55fa42a6aba261ca23cf7177c2795254119cc4f54504f03896588ecc242e | School Mercury II | 3 | | 25 | 200a8c17867fd4f0e9c0d7b43d362301d333c20cc9f0c297868c71bf1396c35e | School Mars II | 3 | | 26 | 638db2924386f925f48afd379b795a81ca5e86fb6569c2a328d52c3ff2fc3cb4 | School Jupiter II | 3 | | 27 | 6a11efd4a8c030f84007e0a8217dd06d659d97589a94973d5fc6062377118a7a | School Saturn II | 3 | | 28 | 8e3598dc17bbb7ad37892763a8deb4c734047c63f7abba4ec0cb53467d4340d4 | School Venus II | 3 | | 29 | 6ace20c9fa160f4b9df61b4083d7c334f71d65b7d1f586d1382ce45248709417 | Chronos School II | 3 | | 30 | 14046718a8354bdc5a81103a85a6ef675d2ab9c622128a849edb4b10223da1d2 | Vulcan School for | 3 | | 31 | 4b466056ff254bdf61afaccd8fa4015cb5046875333168cb010c42cf06681fbc | Romulus Academy I | 3 | | 32 | d06ca22035b645a5a8b9b4950123483ac6f15b078ec5cad4d141b881ba0da982 | School Alderaan f | 3 | | 33 | 9f00f36fbb208e6ed42ceaf169c14668411e4e3a1304cacf26b72dc45338f4f5 | Kripton Academy I | 3 | | 34 | cf3876a30a17b4299b36a2f9d208f2fc1edf4be16566cd1b84357e1465b07758 | Kashyyyk School I | 3 | | 35 | 8ba4ab29051ce4c7bd4b119d7f14c913fbfa8d0a0da2b83d95c3238228b72540 | Tatooine Summer S | 3 | | 36 | e8825a4536b7811a5e984996f9f5407f5f7d3ca8b29f0ad4a0a3e120ff47c7f1 | Kamino Science Sc | 3 | | 37 | cb43616b04295569b53459d423fccd1783b94047b41b1a780ace5062242bbc66 | LV-223 | 3 | | 38 | 5cbcac357e9168b01575a4a25d60d55121659ccc6aaed9e98c81728ede48fad1 | House Economy | 5 | | 39 | a42dff91c4d042197b03c21fab306630c5c8a02cbf9d083df8205c0ceb5f39ec | Advanced reading | 5 | | 40 | b5c94616211805b6ea6827d845b7eeb848548a2b7ae1794af12f8b508d28eeb2 | Potions | 5 | | 41 | 9deefdcdf808aff9d80b737c36aa2414997a2caa6eead720dd2f537fdad6c5b1 | Micro Biology | 5 | 146

| 42 | e0a752f764ba3c00d520662ffdc29c63477bb6780d9774beb2e3b009568abe8e | Mechanics | 5 | | 43 | 6d8b60caf221bbb38510e2db442e96cfebe6772802dc365fe871ec8c2baccf66 | Religion | 5 | | 44 | 2d61cdb8ed255fd64781fadabb4d5782054b853437e6bae9cc98564bc1704807 | Computer | 5 | | 45 | e6b7895762b81539e0327c4e8f0162e5fcaf1c7aeba93abc181658fd70abcce2 | Physics | 5 | | 46 | 1b1b09095fa2d9bbc5a76c3ff76f52b0e30724d8362051b4e4fcd873e94f66ce | Spanish | 5 | | 47 | faa196789b36068a2393b4c90be76e49e56270da366046974f705b717c69c7d5 | Literature | 5 | | 48 | f6734d933c8294bb8e63e697127a38f916b46ea727f62513ce97c36a21460678 | Greek History | 5 | | 49 | 9482fccb2a06309d0efe08a387db09c408b2a7c9a935a2c445b84187f1688616 | Social Stuff | 5 | | 50 | 8e2eec02fbf02d6406fe01786ebb8e9aed98b8c0e03fb673f3932b7b686d3507 | Portuguese | 5 | | 51 | 8a630ae89397293d11ccad752bee48b9443544410bb95cee10dd2a4c7bfbb706 | Photos | 5 | | 52 | 66fdb15f62b0a519d19908ae50b5b2567b28fbff2251249f552ac78f7e730ab7 | Global Trades | 5 | | 53 | a79285052bb7e4ade7f8b52e9eca3329b792d2c881e5873e29d2c4f1d48aded6 | Cocking | 5 | | 54 | 07c19550ca9e5bce91e03514a0ea419bd66dca3a302b8fe5555d2310ae2f139f | Personal defense | 5 | | 55 | 3c4280ae892188151495b98321126ac2c9262f225eeb538c81b819d6d3083c33 | Distributed Syste | 5 | | 56 | 5cc7403b2a5ecbd0b729e446a5ab688979058dae8ef464b5d97c0dc0cab888b9 | Chemistry | 5 | | 57 | c0cd34588b30bc5ec0ad8fa7a0ae7d6939bc784f38ac5cfdcaa4172bd4cd1049 | Occlumency | 5 | | 58 | 3c3f75b994fa448b1821bc7e261cdfb1212cfbc71022b20b2d9bb5ca3fd2b58d | Car Driving | 5 | | 59 | d4f297ce350ccbb84804b717b11becf3bfca9856fd28dc0c6efb4ebebc7f3444 | Philosophy | 5 | | 60 | 99dd9fb8290cad298544334b1248e6cf06a2529cc38c9f60f2c9ddc42d2c76ec | Biology | 5 | | 61 | 675b3a997ab8f368899618928ebe7ab2445d443db5b410afd316078dafcd64f0 | French | 5 | | 62 | 21ab91bc3fa2e045ad9588330ca3fad8045ebdb2553665f95d0d8c83e1c399d7 | Algotihms | 5 | | 63 | 306a22c8e2521c29fe3ef43599a1abb3eaa2baa1b5cb25a84342ba15a2b5e648 | Networks | 5 | | 64 | 9a4dbe50505ac5423a2d419f08e69e50fa261d04913d0fbf3d45442387a4f905 | International Rel | 5 | | 65 | 151b4d220c7833eae860b36db12735bfa2d074b351f7b436d8ff290bba3215f4 | Basic reading | 5 | | 66 | a9b33082b90f106ef991a3e3855517f8ab3f5884104cd2aba1c009a3edd66d58 | Sports | 5 | | 67 | 652999bde38c153f044df91bc3906f39636cc6769fb65017680bc69e077090ae | Oratory | 5 | | 68 | b1e38d110128e589f805fe6980f2010d847ac99a3ce6858198a9bcc0d34db10c | Painting | 5 | | 69 | e078d472038bd67255853b44b684b984cc05e5d271e3fabc21d3dbdd96c33615 | Calculus | 5 | | 70 | 370f4236e5bdd7635918b7d0e5a2fbb141e6f5613f98fe35db1b6a04ba79cff8 | 3770 | 30 | | 71 | 76ad89964b6704480a8ad23337acd0b8acf032807921139757cdd0f9e0184971 | 3574 | 30 | | 72 | 5ea6392f1246e602261353dff2674c0cc1e3d5acc4792fab3a73c5e5a3bd9f17 | 371 | 30 | | 73 | ced6b8dde9cc2e878ba78bee4ed5f6167b01489e7f1d09adb9846624990f59d8 | 3172 | 30 | | 74 | ec5cbd97ba0499bc7a2911b8054ee87df24296de1497afc07d80821f09087bbc | 2776 | 30 | | 75 | f20e7195656584d40ccf54732b0bc73db53857879dcd3460cb88192414a3d334 | 4175 | 30 | | 76 | 77e33f89bac6787067ac23ecb2f680d5a1568f4b71d2a3bf06b0a453c9e34708 | 4673 | 30 | | 77 | eb21f68734d43024466c9b761e7e88d43797ce6c6555cac35b375a70d429ac85 | 27738 | 10 | | 78 | e85c884f79ab4f75abc9f50cf2bf5a2728a69961ad96553a59ebda11bffb5d59 | 3770 | 10 | | 79 | 564921b060d57e41e12876c27b84df956cfcd33f46734f180a6410d97cfb400a | 19749 | 10 | | 80 | ab9a31e31e7db54aa0b7b58aff29360f67ce27311532fb1b64b67aa371dda926 | 4729 | 10 | | 81 | a1a818ea3dee2ad9ae9f184590ec0f71d44c042c0ff816f30367b2547f01f2c3 | 4673 | 10 | | 82 | 22ef12c977d3fc9cef7eff77d9d02858a5fc3a315c75a8dc9abe15e6f7765127 | 18721 | 10 | | 83 | 874db669e510eb2f5847ee54a12411a5997eb66d91e9fc59ac80a9d836939a13 | 19731 | 10 | | 84 | 414dc701c398081ea6b17c8b6d270e9918b04756afe9da37f4c0dd2999aa72da | 42740 | 10 | | 85 | 12eda155e1531a9ebbb558f64094fc8ceeb0ffb0ba97cfaec3da123fcf8bfaa0 | 4175 | 10 | | 86 | e07cc441a9b8bfd8de019570b9257dacf1d7a00a840738b2751a02975c22025d | 28710 | 10 | | 87 | e93ea450a70380aead07a2c2545137b5a6035c7f1713b844b1873874c2369a5a | 2711 | 10 | | 88 | 5b512eb427269b9eb558d67e1f7b3e4b43363b00a3723322ba4479b0319510be | 12728 | 10 | | 89 | 61ccda9b34d376e857c7b275726cdb87b43e77f4b59b27c60610fccb641e3597 | 30715 | 10 | | 90 | ebb87dfd579339918ecd997c5c1cbd5d1b802301ddef664b1ff414af711c295e | 9732 | 10 | | 91 | 38ea17bca11daf0b5ad49143d9f9e6ad520ad52ce1deec891452cf5645a16807 | 5741 | 10 | | 92 | 0490aa13242cf6f3eb22b36e0cfa8e89a4646f70639d083b64b50edc3c17bcd4 | 19725 | 10 | | 93 | 4365f9f10ff3a454e797bf128af6bca3adf2f70714c1297c0f690a6ec817eccf | 4579 | 10 | | 94 | a2ac6417f7295f0c8b067faa264d78dd8a9c4d79497506bd26067d2d9400527e | 2776 | 10 | | 95 | b0d12490ba26bbaae308eea72e0b1499dcce611a8951487029e6c9b919b809a3 | 4477 | 10 | | 96 | c6a839261263d2c53f6871a6ff6e8dc469d6b0402d49fbbf7cbb4a5101837a9a | 078 | 10 | | 97 | cc41a549b6a1cdf7660e144c4ed8ddc087d0d991ce7c2a501568558f57f6af72 | 29737 | 10 | | 98 | b888db00dfedc0f53388f1c30683651c34a0053ab12c7f84094f0a011ebdff25 | 3574 | 10 | | 99 | 87eba7354b2f0b1164e24aac251b590133d81856234a79bcf040442442d745c5 | 371 | 10 | | 100 | 8c94fcc36e5aa78bc69259ba8a0f1a5dbc13bbfe945e8902344c5d18ca77c64e | 47742 | 10 | | 101 | 4ad8be084e43a69268c1f379f56e3361befb4adf3c2bfa687242f9986c60584a | 33724 | 10 | | 102 | ea35cc06f817e358b8db332d9b70f607cb966eef9d8c4ee85ebd6b3d4608bfc8 | 8735 | 10 | | 103 | 6580e00c4251189caa78eecd420e8c516d050000b511059c4571ef35ce9a1bf7 | 15739 | 10 | | 104 | 6d6517552a56fe168da97e0c7471b05cca871c499c2b6df6bf826d361f24730d | 44723 | 10 | | 105 | e0066903f3bcf1a5bf794051eb0f24d2cf07bceee1aa46651d92a2b77c62b5bb | 45719 | 10 | | 106 | fe72923c421d8aa61a007d57e0ecb566720c29558346cfa9cd0a285a18b76fd3 | 34746 | 10 | | 107 | 95ad6a3164adecac82e78c774674058258f6fc60ea0117031276797660eeaccc | 6744 | 10 | | 108 | 3aa0e214e4e04de5cf800ee7ce6c1b2323fa95f88fcd2918a64158fdf121f8f5 | 48712 | 10 | | 109 | 931c323501d2aa19d278dc6f0d5ff20b12248cfe557e8db0d2aba9a54689cd1f | 40714 | 10 | | 110 | 72a29c8b9ec325c13cdc73a6a5506c06e30e798f9cb9cf62bd1568c17820cf4e | 27717 | 10 | | 111 | 354b52a842e25af020d827a756ce23ecd35011c6e31bc3b229544059621bd5fe | 8713 | 10 | | 112 | fabfa0d09975a5e7d71327d0b75375d0ccea3cae9299903db694764cbab7a1d9 | 3172 | 10 | 147

| 113 | 253fad76808904b963ce1fdc968bba1d726d35e220ebcfb2a334d4ce8a8c65d8 | 34747 | 10 | | 114 | 902179415fa231b4b39ef04a348e5175452e3742669bbd8f5fa185d79d9a3980 | 27733 | 10 | | 115 | 4f5d48911341283a4348f97c70341462dc1de319c75b057d3e776a0ede2d08c3 | 47726 | 10 | | 116 | 0f8bc23a407c0bea75ee0527aeca4a94e1739817ecf71aa576bf37da2f1fa56a | 36727 | 10 | | 117 | e15f42d258aad4c99c7f62c9023d0cc0c04db0a2121d82334e47ec3b911db339 | 27720 | 10 | | 118 | c04ab2d3bd0d85a38e234730752dbea2fff7d4cb3e3cb8574c2f85b4d19f9b89 | 17716 | 10 | | 119 | 5ee97edf12c571c0dd3fb1288b54bb521fd6c1314a30253f157dc50f6781246b | 35743 | 10 | | 120 | ef74715b0091b5ed28a03ad8771d5a8a080538f3c5d845508dec19d2160ae271 | 20718 | 10 | | 121 | 637b7abc7708cd4cf5263e758969e04295b20388e2808e6c2e23bf6d4c271a43 | 40730 | 10 | | 122 | bd4f94bee6e2d7970447dc9ae0a41b43ae1c77d4db7c40284fa5f5aba0f2ae6b | 48748 | 10 | | 123 | cc7e406b1340cfa8019ffffbb210803c0d72b0ba711cb8d56e1489b922bf89a2 | 1734 | 10 | | 124 | 08a3e2c1deace76b3c18a911b5a9143f444e1c8c4e0857aadd2cfda99233ade6 | 40730 | 14 | | 125 | bc7e4c3345480ba425e722eccbe1a1e1b6a469212e59ab03e679d2c627242a15 | 3574 | 14 | | 126 | 5d43ea279d39eecfd4cb80a72f0e02a9a8bb99f3e5b0ade2f1d6a37016e0424c | 371 | 14 | | 127 | bde833c0ec558f587cf94b6b164c531b8e5fb46f2fae3288f3c5be39ebedf636 | 47726 | 14 | | 128 | b2cd6fd87fd02f6299afd403061864fc34bbd8b7764743577b08746a27845779 | 27733 | 14 | | 129 | 11a8e16ae48ec7e76aa64370f083ed0d43752e63add8e359889c9ab23bbea7f9 | 3770 | 14 | | 130 | 7259321094b093e13f29135e026bc4d5a402866d79197ccc8936efef76d5852f | 1734 | 14 | | 131 | 947b51a2a9b58c4f8a99a68a2be7264c0d3b83e29cc9c76c45b9be3cc65779ec | 4729 | 14 | | 132 | 0dc0d2a2b04c60bf7c7b1b734ca2d7c5cf6d819052b4b0f6ccb819b1c78e9bfc | 4673 | 14 | | 133 | de1795612b34efb5fa8f95a02dfe3bdd24a7ebf680ba636b4b93eaf78cf8e61d | 18722 | 14 | | 134 | 639839f26ba849fe39824e1bdbe23da827e06b3af88aef40adac643d11f92ab1 | 2711 | 14 | | 135 | 9f989cc4ff7c35f9601eebba55a380b8ae74b38910ab6382e05eab942ed011ec | 19725 | 14 | | 136 | eefacd7bcb60cde3aa00827a7a9aad91ca4b4abf9ed784274dd60e63dc170fa1 | 44723 | 14 | | 137 | 89318631165c05956cd00825958518326d70b1ec269c57806342170b12705394 | 19749 | 14 | | 138 | b237dd70809be7a8f202f29b80462d92a489956f4230f17027bff4c55bd6fef6 | 2776 | 14 | | 139 | 38987df5382c114ef7f862e179eb1062ee87dabd39cab61d62c9209ba2e72065 | 47742 | 14 | | 140 | 3d7411ae29c18df866c8339e797770598395c769e558dae68544ffe0cc774fe7 | 4579 | 14 | | 141 | 278ca4edae6640451e2d585f5888fe6c6920e99be5cdf34d0c8af0e0aa7ef699 | 36727 | 14 | | 142 | f485de3ca443dbc37aac73f5a29053a1c0e14d2b1bc430392ebdbc27a221cff3 | 19731 | 14 | | 143 | fc8f6ab87ccd63d7f33a34eb4163dd290dab7a60bf258d75c94b0f1ec6cac9fe | 18721 | 14 | | 144 | 506ca4fa953eef63a13f7abdd80911455f8d134e6ae483c727aa04e4624e77cd | 34747 | 14 | | 145 | 50b2d2f47fc7e299d836556d06fbbe76ba47902b560206e5821b6d722c4d0b6c | 3172 | 14 | | 146 | 179dd88dc4baebe2bb92aa9371cd261547c80d25b0675a36b46bb9bb0b5163ef | 29737 | 14 | | 147 | 92f186d335f827f14e2a43358a87a1853c854f74f27f46e125c2ef05f700cb21 | 30715 | 14 | | 148 | cbb3a4899a201702a9f02ea9d4e908d1fded32c1354600b3b86d6bde69e45c8a | 27717 | 14 | | 149 | 26a1be28a744e21ce575d9e73c32fd79a848ab20fbec0e46b8dc66b01f3810b1 | 17716 | 14 | | 150 | fe9dba9c832b970f6a822f9e850a6e5c396d55cc5cafdfb0dce772d84d30f648 | 48748 | 14 | | 151 | 25ecd2eadd3fff85b8789daaa2ad16bf304fa8176f65aab991b946c981285dc4 | 5741 | 14 | | 152 | 7b16d92656d1837356fcf83076bf2ce441fa70811eaa92c4608cbbfc1b61748f | 33724 | 14 | | 153 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 40714 | 14 | | 154 | 0d2c9010160149c34594e1d079aab83ee6755ae4f466f38eabc0379ea25ee444 | 15739 | 14 | | 155 | d11c2b62c0eb2ccf2debf8afdcb935c2e203da83126eece672e0de72930cc675 | 45719 | 14 | | 156 | 72ddae143fc2deb74ddd466310ffea37f03a6e134a831a6f33cf1814f9795766 | 24736 | 14 | | 157 | 24590aa754ce6da51e01dc4a3228f4582c451eb77de2c419b36282c8f107e5e2 | 20718 | 14 | | 158 | c3dd71135d3fb4efe9eedfeee2abd6394b846f584e08ce05074e75f2d14b8b27 | 27738 | 14 | | 159 | 091dfc5a6e2fbab544314ca4c6b7fee5bd0eb57595dda07fd52509c0185c069a | 48712 | 14 | | 160 | 20478d7f0943ef27e5654c035a477fd819a8aa4533d873db3673e7b1826e6425 | 28710 | 14 | | 161 | fe3ede63f6e92ddc63e0874b127b050069ea4007c9946a82341aa5519d8bc5ca | 17745 | 14 | | 162 | 749d3cbe78d943661fb0f5f7de8cafaaa6768144b6e63d7118d4dc781d184a77 | 27720 | 14 | | 163 | 6e72b05385b65df43673ad1edb2ee4c88802c84d8769c7f6a2a37f99ed7c5bbb | 8713 | 14 | | 164 | d722330c1d081f5f2478b4d12eea995ed3f0b0492dbd7a158d2729fe9ea5771c | 8735 | 14 | | 165 | 1582b93fc7108edc40ec2f0f6a92e90048294461cab5b5523b3349ef155f3636 | 12728 | 14 | | 166 | b8eb4634791f09dd44c2fadcf4bef4b19956e5df8e6d4ef9b5e7820cefcc1d9e | 35743 | 14 | | 167 | bf135e91bbe11546bd2f3659c143d33e72697ce34ef07b2115dfef8e730c573f | 42740 | 14 | | 168 | 3f13e7c162c81e4d8cbc4c89ecd9849ed084353d1b89ab4f346bb779bf72b819 | 34746 | 14 | | 169 | 097c7bd16654fabb7589c575912428f1d9944140f2a42e079fe0fe81f080909a | 4175 | 14 | | 170 | e68a79b7def6aa4ceb36c493f83165a4f612385a895eebff232896775ec58495 | 078 | 14 | | 171 | de8fb2b5c6b876b4a1e8df58e367dfd21f5b8d44acaa32f541ae8aec8636bc32 | 9732 | 14 | | 172 | 4ea4b529cca11ce0bc70a1cff4bd8d5c89264271016d8e37f66277b3cec119c5 | 4477 | 14 | | 173 | a637922ed992082be319579a661c7e9858927368aa054a092211cb610c51a0b0 | 6744 | 14 | +-----+------+------+------+ 173 rows in set (0.00 sec) mysql> select * from Student; +----+------+------+------+ | id | email | name | personID | +----+------+------+------+ | 1 | [email protected] | Maideth Anfries | 485dd06ff7b42e3ea189ed5565bc0660b5bb6f013b4310048e49161081a52ecb | | 2 | [email protected] | Firailthusnes Altin | 0df59fd6c41cadd2220fd09fcd4d5979b7f64c572d9625a29489f2a6fdd34ecb | | 3 | [email protected] | Caelhal Eubigunus | 5f39ccf6432c1f0c5bcc990d7adda5bd83d4263364ea1cdbd66ab0aa1aec9b5f | 148

mysql> select * from StudentGrade; +----+------+------+------+ | id | grade | course_id | student_id | +----+------+------+------+ | 1 | 3 | 2 | 1 | | 2 | 0 | 3 | 5 | | 3 | 8 | 1 | 2 | | 4 | 0 | 6 | 2 | | 5 | 7 | 5 | 5 | | 6 | 3 | 4 | 5 | | 7 | 6 | 8 | 5 | | 8 | 9 | 9 | 3 | | 9 | 2 | 7 | 5 | | 10 | 5 | 10 | 1 | | 11 | 1 | 12 | 5 | | 12 | 7 | 11 | 7 | | 13 | 9 | 13 | 1 | | 14 | 0 | 14 | 2 | | 15 | 9 | 18 | 3 | | 16 | 1 | 16 | 3 | | 17 | 6 | 17 | 3 | | 18 | 8 | 15 | 1 | | 19 | 9 | 19 | 2 | | 20 | 9 | 21 | 7 | | 21 | 5 | 20 | 3 | | 22 | 3 | 24 | 3 | | 23 | 2 | 25 | 7 | | 24 | 3 | 23 | 2 | | 25 | 1 | 22 | 7 | | 26 | 1 | 27 | 1 | | 27 | 3 | 26 | 1 | 149

| 28 | 4 | 29 | 6 | | 29 | 6 | 28 | 1 | | 30 | 4 | 32 | 1 | | 31 | 2 | 30 | 7 | | 32 | 7 | 31 | 4 | | 33 | 6 | 33 | 1 | | 34 | 6 | 34 | 6 | | 35 | 2 | 36 | 2 | | 36 | 7 | 35 | 6 | | 37 | 2 | 38 | 7 | | 38 | 7 | 39 | 4 | | 39 | 1 | 40 | 4 | | 40 | 0 | 37 | 6 | | 41 | 8 | 41 | 2 | | 42 | 8 | 42 | 1 | | 43 | 7 | 44 | 6 | | 44 | 7 | 43 | 7 | | 45 | 7 | 46 | 6 | | 46 | 5 | 45 | 5 | | 47 | 4 | 47 | 5 | | 48 | 8 | 48 | 1 | | 49 | 4 | 49 | 5 | | 50 | 0 | 51 | 4 | | 51 | 4 | 50 | 2 | | 52 | 0 | 52 | 4 | | 53 | 1 | 54 | 1 | | 54 | 3 | 53 | 5 | | 55 | 5 | 56 | 6 | | 56 | 4 | 55 | 3 | | 57 | 4 | 57 | 6 | | 58 | 0 | 58 | 3 | | 59 | 3 | 59 | 7 | | 60 | 6 | 60 | 7 | | 61 | 3 | 61 | 4 | | 62 | 7 | 64 | 3 | | 63 | 9 | 62 | 3 | | 64 | 3 | 63 | 1 | | 65 | 6 | 65 | 4 | | 66 | 4 | 66 | 7 | | 67 | 2 | 67 | 5 | | 68 | 9 | 68 | 4 | | 69 | 8 | 69 | 2 | +----+------+------+------+ 69 rows in set (0.00 sec)

+-----+------+------+------+ | id | personID | value | taxType_id | +-----+------+------+------+ | 1 | 08a3e2c1deace76b3c18a911b5a9143f444e1c8c4e0857aadd2cfda99233ade6 | 859.92 | 3 | | 2 | bc7e4c3345480ba425e722eccbe1a1e1b6a469212e59ab03e679d2c627242a15 | 14.52 | 7 | | 3 | 5d43ea279d39eecfd4cb80a72f0e02a9a8bb99f3e5b0ade2f1d6a37016e0424c | 134.09 | 9 | | 4 | bde833c0ec558f587cf94b6b164c531b8e5fb46f2fae3288f3c5be39ebedf636 | 813.14 | 10 | | 5 | b2cd6fd87fd02f6299afd403061864fc34bbd8b7764743577b08746a27845779 | 899.02 | 5 | 151

| 6 | 11a8e16ae48ec7e76aa64370f083ed0d43752e63add8e359889c9ab23bbea7f9 | 922.42 | 5 | | 7 | 7259321094b093e13f29135e026bc4d5a402866d79197ccc8936efef76d5852f | 575.52 | 9 | | 8 | 947b51a2a9b58c4f8a99a68a2be7264c0d3b83e29cc9c76c45b9be3cc65779ec | 133.68 | 2 | | 9 | 0dc0d2a2b04c60bf7c7b1b734ca2d7c5cf6d819052b4b0f6ccb819b1c78e9bfc | 399.2 | 6 | | 10 | de1795612b34efb5fa8f95a02dfe3bdd24a7ebf680ba636b4b93eaf78cf8e61d | 353.43 | 8 | | 11 | 639839f26ba849fe39824e1bdbe23da827e06b3af88aef40adac643d11f92ab1 | 267.03 | 6 | | 12 | 9f989cc4ff7c35f9601eebba55a380b8ae74b38910ab6382e05eab942ed011ec | 76.8 | 2 | | 13 | 639839f26ba849fe39824e1bdbe23da827e06b3af88aef40adac643d11f92ab1 | 7.41 | 5 | | 14 | eefacd7bcb60cde3aa00827a7a9aad91ca4b4abf9ed784274dd60e63dc170fa1 | 182.16 | 2 | | 15 | 89318631165c05956cd00825958518326d70b1ec269c57806342170b12705394 | 716.45 | 1 | | 16 | 639839f26ba849fe39824e1bdbe23da827e06b3af88aef40adac643d11f92ab1 | 618.11 | 3 | | 17 | b237dd70809be7a8f202f29b80462d92a489956f4230f17027bff4c55bd6fef6 | 288.12 | 7 | | 18 | 38987df5382c114ef7f862e179eb1062ee87dabd39cab61d62c9209ba2e72065 | 146.11 | 8 | | 19 | 3d7411ae29c18df866c8339e797770598395c769e558dae68544ffe0cc774fe7 | 238.07 | 6 | | 20 | 278ca4edae6640451e2d585f5888fe6c6920e99be5cdf34d0c8af0e0aa7ef699 | 523.4 | 7 | | 21 | f485de3ca443dbc37aac73f5a29053a1c0e14d2b1bc430392ebdbc27a221cff3 | 959.83 | 8 | | 22 | 0dc0d2a2b04c60bf7c7b1b734ca2d7c5cf6d819052b4b0f6ccb819b1c78e9bfc | 459.65 | 4 | | 23 | fc8f6ab87ccd63d7f33a34eb4163dd290dab7a60bf258d75c94b0f1ec6cac9fe | 732.38 | 2 | | 24 | 506ca4fa953eef63a13f7abdd80911455f8d134e6ae483c727aa04e4624e77cd | 201 | 2 | | 25 | 50b2d2f47fc7e299d836556d06fbbe76ba47902b560206e5821b6d722c4d0b6c | 194.42 | 3 | | 26 | 179dd88dc4baebe2bb92aa9371cd261547c80d25b0675a36b46bb9bb0b5163ef | 6.05 | 4 | | 27 | fc8f6ab87ccd63d7f33a34eb4163dd290dab7a60bf258d75c94b0f1ec6cac9fe | 38.66 | 8 | | 28 | bde833c0ec558f587cf94b6b164c531b8e5fb46f2fae3288f3c5be39ebedf636 | 240.85 | 2 | | 29 | 92f186d335f827f14e2a43358a87a1853c854f74f27f46e125c2ef05f700cb21 | 161.11 | 5 | | 30 | cbb3a4899a201702a9f02ea9d4e908d1fded32c1354600b3b86d6bde69e45c8a | 772.13 | 2 | | 31 | 26a1be28a744e21ce575d9e73c32fd79a848ab20fbec0e46b8dc66b01f3810b1 | 311.7 | 10 | | 32 | fe9dba9c832b970f6a822f9e850a6e5c396d55cc5cafdfb0dce772d84d30f648 | 205.67 | 3 | | 33 | 278ca4edae6640451e2d585f5888fe6c6920e99be5cdf34d0c8af0e0aa7ef699 | 671.52 | 8 | | 34 | 25ecd2eadd3fff85b8789daaa2ad16bf304fa8176f65aab991b946c981285dc4 | 74.32 | 8 | | 35 | 89318631165c05956cd00825958518326d70b1ec269c57806342170b12705394 | 338.77 | 3 | | 36 | f485de3ca443dbc37aac73f5a29053a1c0e14d2b1bc430392ebdbc27a221cff3 | 252.97 | 4 | | 37 | b2cd6fd87fd02f6299afd403061864fc34bbd8b7764743577b08746a27845779 | 531.27 | 1 | | 38 | cbb3a4899a201702a9f02ea9d4e908d1fded32c1354600b3b86d6bde69e45c8a | 698.82 | 4 | | 39 | 7b16d92656d1837356fcf83076bf2ce441fa70811eaa92c4608cbbfc1b61748f | 465.56 | 4 | | 40 | fc8f6ab87ccd63d7f33a34eb4163dd290dab7a60bf258d75c94b0f1ec6cac9fe | 893.04 | 6 | | 41 | cbb3a4899a201702a9f02ea9d4e908d1fded32c1354600b3b86d6bde69e45c8a | 628.45 | 1 | | 42 | 08a3e2c1deace76b3c18a911b5a9143f444e1c8c4e0857aadd2cfda99233ade6 | 947.26 | 8 | | 43 | b2cd6fd87fd02f6299afd403061864fc34bbd8b7764743577b08746a27845779 | 190.08 | 1 | | 44 | 947b51a2a9b58c4f8a99a68a2be7264c0d3b83e29cc9c76c45b9be3cc65779ec | 796.54 | 6 | | 45 | 3d7411ae29c18df866c8339e797770598395c769e558dae68544ffe0cc774fe7 | 674.11 | 7 | | 46 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 229.31 | 1 | | 47 | 0d2c9010160149c34594e1d079aab83ee6755ae4f466f38eabc0379ea25ee444 | 213.15 | 2 | | 48 | d11c2b62c0eb2ccf2debf8afdcb935c2e203da83126eece672e0de72930cc675 | 834.12 | 3 | | 49 | 92f186d335f827f14e2a43358a87a1853c854f74f27f46e125c2ef05f700cb21 | 979.67 | 4 | | 50 | 639839f26ba849fe39824e1bdbe23da827e06b3af88aef40adac643d11f92ab1 | 713.45 | 9 | | 51 | 5d43ea279d39eecfd4cb80a72f0e02a9a8bb99f3e5b0ade2f1d6a37016e0424c | 700.29 | 10 | | 52 | 0dc0d2a2b04c60bf7c7b1b734ca2d7c5cf6d819052b4b0f6ccb819b1c78e9bfc | 186.85 | 6 | | 53 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 393.85 | 3 | | 54 | f485de3ca443dbc37aac73f5a29053a1c0e14d2b1bc430392ebdbc27a221cff3 | 563.97 | 10 | | 55 | 72ddae143fc2deb74ddd466310ffea37f03a6e134a831a6f33cf1814f9795766 | 766.19 | 2 | | 56 | 24590aa754ce6da51e01dc4a3228f4582c451eb77de2c419b36282c8f107e5e2 | 207.25 | 8 | | 57 | eefacd7bcb60cde3aa00827a7a9aad91ca4b4abf9ed784274dd60e63dc170fa1 | 6.51 | 10 | | 58 | c3dd71135d3fb4efe9eedfeee2abd6394b846f584e08ce05074e75f2d14b8b27 | 349.02 | 8 | | 59 | 5d43ea279d39eecfd4cb80a72f0e02a9a8bb99f3e5b0ade2f1d6a37016e0424c | 600.32 | 9 | | 60 | 091dfc5a6e2fbab544314ca4c6b7fee5bd0eb57595dda07fd52509c0185c069a | 367.69 | 4 | | 61 | fe9dba9c832b970f6a822f9e850a6e5c396d55cc5cafdfb0dce772d84d30f648 | 780.56 | 8 | | 62 | 506ca4fa953eef63a13f7abdd80911455f8d134e6ae483c727aa04e4624e77cd | 951.81 | 9 | | 63 | b2cd6fd87fd02f6299afd403061864fc34bbd8b7764743577b08746a27845779 | 893.51 | 6 | | 64 | 20478d7f0943ef27e5654c035a477fd819a8aa4533d873db3673e7b1826e6425 | 477.34 | 3 | | 65 | 7b16d92656d1837356fcf83076bf2ce441fa70811eaa92c4608cbbfc1b61748f | 300.65 | 1 | | 66 | 72ddae143fc2deb74ddd466310ffea37f03a6e134a831a6f33cf1814f9795766 | 70.81 | 10 | | 67 | 11a8e16ae48ec7e76aa64370f083ed0d43752e63add8e359889c9ab23bbea7f9 | 757.78 | 5 | | 68 | 26a1be28a744e21ce575d9e73c32fd79a848ab20fbec0e46b8dc66b01f3810b1 | 403.52 | 1 | | 69 | fe3ede63f6e92ddc63e0874b127b050069ea4007c9946a82341aa5519d8bc5ca | 821.11 | 4 | | 70 | f485de3ca443dbc37aac73f5a29053a1c0e14d2b1bc430392ebdbc27a221cff3 | 397.43 | 9 | | 71 | b2cd6fd87fd02f6299afd403061864fc34bbd8b7764743577b08746a27845779 | 434.81 | 9 | | 72 | 749d3cbe78d943661fb0f5f7de8cafaaa6768144b6e63d7118d4dc781d184a77 | 813.26 | 10 | | 73 | 26a1be28a744e21ce575d9e73c32fd79a848ab20fbec0e46b8dc66b01f3810b1 | 817.1 | 2 | | 74 | 38987df5382c114ef7f862e179eb1062ee87dabd39cab61d62c9209ba2e72065 | 4.19 | 9 | | 75 | fc8f6ab87ccd63d7f33a34eb4163dd290dab7a60bf258d75c94b0f1ec6cac9fe | 209.3 | 2 | | 76 | 091dfc5a6e2fbab544314ca4c6b7fee5bd0eb57595dda07fd52509c0185c069a | 332.78 | 3 | 152

| 77 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 636.74 | 2 | | 78 | 947b51a2a9b58c4f8a99a68a2be7264c0d3b83e29cc9c76c45b9be3cc65779ec | 372.46 | 5 | | 79 | fc8f6ab87ccd63d7f33a34eb4163dd290dab7a60bf258d75c94b0f1ec6cac9fe | 27.9 | 4 | | 80 | f485de3ca443dbc37aac73f5a29053a1c0e14d2b1bc430392ebdbc27a221cff3 | 947.3 | 8 | | 81 | 25ecd2eadd3fff85b8789daaa2ad16bf304fa8176f65aab991b946c981285dc4 | 526.89 | 5 | | 82 | 50b2d2f47fc7e299d836556d06fbbe76ba47902b560206e5821b6d722c4d0b6c | 805.08 | 8 | | 83 | bde833c0ec558f587cf94b6b164c531b8e5fb46f2fae3288f3c5be39ebedf636 | 418.91 | 4 | | 84 | 091dfc5a6e2fbab544314ca4c6b7fee5bd0eb57595dda07fd52509c0185c069a | 414.7 | 7 | | 85 | 6e72b05385b65df43673ad1edb2ee4c88802c84d8769c7f6a2a37f99ed7c5bbb | 378 | 7 | | 86 | d722330c1d081f5f2478b4d12eea995ed3f0b0492dbd7a158d2729fe9ea5771c | 568.92 | 6 | | 87 | 9f989cc4ff7c35f9601eebba55a380b8ae74b38910ab6382e05eab942ed011ec | 828.87 | 9 | | 88 | 639839f26ba849fe39824e1bdbe23da827e06b3af88aef40adac643d11f92ab1 | 142.43 | 7 | | 89 | b2cd6fd87fd02f6299afd403061864fc34bbd8b7764743577b08746a27845779 | 57.82 | 7 | | 90 | 25ecd2eadd3fff85b8789daaa2ad16bf304fa8176f65aab991b946c981285dc4 | 353.69 | 2 | | 91 | bc7e4c3345480ba425e722eccbe1a1e1b6a469212e59ab03e679d2c627242a15 | 380.36 | 5 | | 92 | b237dd70809be7a8f202f29b80462d92a489956f4230f17027bff4c55bd6fef6 | 868.96 | 2 | | 93 | de1795612b34efb5fa8f95a02dfe3bdd24a7ebf680ba636b4b93eaf78cf8e61d | 821.1 | 3 | | 94 | bde833c0ec558f587cf94b6b164c531b8e5fb46f2fae3288f3c5be39ebedf636 | 774.24 | 8 | | 95 | 08a3e2c1deace76b3c18a911b5a9143f444e1c8c4e0857aadd2cfda99233ade6 | 788.33 | 3 | | 96 | 1582b93fc7108edc40ec2f0f6a92e90048294461cab5b5523b3349ef155f3636 | 419.99 | 2 | | 97 | 08a3e2c1deace76b3c18a911b5a9143f444e1c8c4e0857aadd2cfda99233ade6 | 142.86 | 10 | | 98 | 1582b93fc7108edc40ec2f0f6a92e90048294461cab5b5523b3349ef155f3636 | 764.09 | 2 | | 99 | b8eb4634791f09dd44c2fadcf4bef4b19956e5df8e6d4ef9b5e7820cefcc1d9e | 69.64 | 6 | | 100 | 0dc0d2a2b04c60bf7c7b1b734ca2d7c5cf6d819052b4b0f6ccb819b1c78e9bfc | 184.16 | 7 | | 101 | 25ecd2eadd3fff85b8789daaa2ad16bf304fa8176f65aab991b946c981285dc4 | 422.22 | 3 | | 102 | d722330c1d081f5f2478b4d12eea995ed3f0b0492dbd7a158d2729fe9ea5771c | 280.04 | 8 | | 103 | 278ca4edae6640451e2d585f5888fe6c6920e99be5cdf34d0c8af0e0aa7ef699 | 991.92 | 8 | | 104 | 26a1be28a744e21ce575d9e73c32fd79a848ab20fbec0e46b8dc66b01f3810b1 | 248.18 | 1 | | 105 | 0d2c9010160149c34594e1d079aab83ee6755ae4f466f38eabc0379ea25ee444 | 651.01 | 7 | | 106 | 6e72b05385b65df43673ad1edb2ee4c88802c84d8769c7f6a2a37f99ed7c5bbb | 164.64 | 9 | | 107 | 7259321094b093e13f29135e026bc4d5a402866d79197ccc8936efef76d5852f | 73.7 | 6 | | 108 | 6e72b05385b65df43673ad1edb2ee4c88802c84d8769c7f6a2a37f99ed7c5bbb | 789.03 | 6 | | 109 | bde833c0ec558f587cf94b6b164c531b8e5fb46f2fae3288f3c5be39ebedf636 | 135.88 | 5 | | 110 | 639839f26ba849fe39824e1bdbe23da827e06b3af88aef40adac643d11f92ab1 | 460.48 | 10 | | 111 | cbb3a4899a201702a9f02ea9d4e908d1fded32c1354600b3b86d6bde69e45c8a | 771.28 | 7 | | 112 | 7b16d92656d1837356fcf83076bf2ce441fa70811eaa92c4608cbbfc1b61748f | 780.63 | 2 | | 113 | bf135e91bbe11546bd2f3659c143d33e72697ce34ef07b2115dfef8e730c573f | 290.73 | 9 | | 114 | b2cd6fd87fd02f6299afd403061864fc34bbd8b7764743577b08746a27845779 | 727.82 | 6 | | 115 | 506ca4fa953eef63a13f7abdd80911455f8d134e6ae483c727aa04e4624e77cd | 69.27 | 7 | | 116 | 72ddae143fc2deb74ddd466310ffea37f03a6e134a831a6f33cf1814f9795766 | 7.98 | 5 | | 117 | 24590aa754ce6da51e01dc4a3228f4582c451eb77de2c419b36282c8f107e5e2 | 321.29 | 7 | | 118 | 506ca4fa953eef63a13f7abdd80911455f8d134e6ae483c727aa04e4624e77cd | 679.54 | 2 | | 119 | bf135e91bbe11546bd2f3659c143d33e72697ce34ef07b2115dfef8e730c573f | 866.39 | 2 | | 120 | 278ca4edae6640451e2d585f5888fe6c6920e99be5cdf34d0c8af0e0aa7ef699 | 413.07 | 5 | | 121 | 749d3cbe78d943661fb0f5f7de8cafaaa6768144b6e63d7118d4dc781d184a77 | 434.03 | 6 | | 122 | 11a8e16ae48ec7e76aa64370f083ed0d43752e63add8e359889c9ab23bbea7f9 | 939.75 | 1 | | 123 | 1582b93fc7108edc40ec2f0f6a92e90048294461cab5b5523b3349ef155f3636 | 586.96 | 6 | | 124 | fe9dba9c832b970f6a822f9e850a6e5c396d55cc5cafdfb0dce772d84d30f648 | 872.28 | 5 | | 125 | 3f13e7c162c81e4d8cbc4c89ecd9849ed084353d1b89ab4f346bb779bf72b819 | 140.32 | 1 | | 126 | 92f186d335f827f14e2a43358a87a1853c854f74f27f46e125c2ef05f700cb21 | 71.44 | 10 | | 127 | 92f186d335f827f14e2a43358a87a1853c854f74f27f46e125c2ef05f700cb21 | 865.15 | 1 | | 128 | bf135e91bbe11546bd2f3659c143d33e72697ce34ef07b2115dfef8e730c573f | 492.06 | 7 | | 129 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 397.99 | 8 | | 130 | 097c7bd16654fabb7589c575912428f1d9944140f2a42e079fe0fe81f080909a | 37.76 | 9 | | 131 | bde833c0ec558f587cf94b6b164c531b8e5fb46f2fae3288f3c5be39ebedf636 | 628.15 | 6 | | 132 | 9f989cc4ff7c35f9601eebba55a380b8ae74b38910ab6382e05eab942ed011ec | 478.05 | 8 | | 133 | 749d3cbe78d943661fb0f5f7de8cafaaa6768144b6e63d7118d4dc781d184a77 | 757.54 | 2 | | 134 | e68a79b7def6aa4ceb36c493f83165a4f612385a895eebff232896775ec58495 | 100.27 | 2 | | 135 | 3f13e7c162c81e4d8cbc4c89ecd9849ed084353d1b89ab4f346bb779bf72b819 | 407.91 | 3 | | 136 | eefacd7bcb60cde3aa00827a7a9aad91ca4b4abf9ed784274dd60e63dc170fa1 | 751.09 | 7 | | 137 | fc8f6ab87ccd63d7f33a34eb4163dd290dab7a60bf258d75c94b0f1ec6cac9fe | 211.12 | 5 | | 138 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 813.49 | 10 | | 139 | 1582b93fc7108edc40ec2f0f6a92e90048294461cab5b5523b3349ef155f3636 | 161.82 | 8 | | 140 | de8fb2b5c6b876b4a1e8df58e367dfd21f5b8d44acaa32f541ae8aec8636bc32 | 632.89 | 5 | | 141 | de8fb2b5c6b876b4a1e8df58e367dfd21f5b8d44acaa32f541ae8aec8636bc32 | 71.21 | 1 | | 142 | b8eb4634791f09dd44c2fadcf4bef4b19956e5df8e6d4ef9b5e7820cefcc1d9e | 670.94 | 5 | | 143 | eefacd7bcb60cde3aa00827a7a9aad91ca4b4abf9ed784274dd60e63dc170fa1 | 987.41 | 6 | | 144 | de1795612b34efb5fa8f95a02dfe3bdd24a7ebf680ba636b4b93eaf78cf8e61d | 912.18 | 5 | | 145 | b8eb4634791f09dd44c2fadcf4bef4b19956e5df8e6d4ef9b5e7820cefcc1d9e | 977.89 | 7 | | 146 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 743.81 | 8 | | 147 | d11c2b62c0eb2ccf2debf8afdcb935c2e203da83126eece672e0de72930cc675 | 570.44 | 2 | 153

| 148 | 947b51a2a9b58c4f8a99a68a2be7264c0d3b83e29cc9c76c45b9be3cc65779ec | 733.53 | 9 | | 149 | 0d2c9010160149c34594e1d079aab83ee6755ae4f466f38eabc0379ea25ee444 | 108.23 | 1 | | 150 | 7259321094b093e13f29135e026bc4d5a402866d79197ccc8936efef76d5852f | 176.11 | 1 | | 151 | c3dd71135d3fb4efe9eedfeee2abd6394b846f584e08ce05074e75f2d14b8b27 | 116.39 | 7 | | 152 | 9f989cc4ff7c35f9601eebba55a380b8ae74b38910ab6382e05eab942ed011ec | 741.86 | 2 | | 153 | 4ea4b529cca11ce0bc70a1cff4bd8d5c89264271016d8e37f66277b3cec119c5 | 633.76 | 8 | | 154 | 92f186d335f827f14e2a43358a87a1853c854f74f27f46e125c2ef05f700cb21 | 193.78 | 10 | | 155 | 92f186d335f827f14e2a43358a87a1853c854f74f27f46e125c2ef05f700cb21 | 903.18 | 2 | | 156 | 278ca4edae6640451e2d585f5888fe6c6920e99be5cdf34d0c8af0e0aa7ef699 | 852.36 | 7 | | 157 | 20478d7f0943ef27e5654c035a477fd819a8aa4533d873db3673e7b1826e6425 | 433.01 | 4 | | 158 | 0dc0d2a2b04c60bf7c7b1b734ca2d7c5cf6d819052b4b0f6ccb819b1c78e9bfc | 937.45 | 9 | | 159 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 469.69 | 4 | | 160 | fe9dba9c832b970f6a822f9e850a6e5c396d55cc5cafdfb0dce772d84d30f648 | 795.04 | 5 | | 161 | 72ddae143fc2deb74ddd466310ffea37f03a6e134a831a6f33cf1814f9795766 | 393.16 | 1 | | 162 | 3d7411ae29c18df866c8339e797770598395c769e558dae68544ffe0cc774fe7 | 845.79 | 10 | | 163 | 091dfc5a6e2fbab544314ca4c6b7fee5bd0eb57595dda07fd52509c0185c069a | 616.29 | 4 | | 164 | de8fb2b5c6b876b4a1e8df58e367dfd21f5b8d44acaa32f541ae8aec8636bc32 | 445.34 | 7 | | 165 | 7b16d92656d1837356fcf83076bf2ce441fa70811eaa92c4608cbbfc1b61748f | 770.74 | 3 | | 166 | b8eb4634791f09dd44c2fadcf4bef4b19956e5df8e6d4ef9b5e7820cefcc1d9e | 389.99 | 3 | | 167 | 92f186d335f827f14e2a43358a87a1853c854f74f27f46e125c2ef05f700cb21 | 152.88 | 4 | | 168 | 179dd88dc4baebe2bb92aa9371cd261547c80d25b0675a36b46bb9bb0b5163ef | 504.55 | 2 | | 169 | 20478d7f0943ef27e5654c035a477fd819a8aa4533d873db3673e7b1826e6425 | 843.71 | 6 | | 170 | bc7e4c3345480ba425e722eccbe1a1e1b6a469212e59ab03e679d2c627242a15 | 442.94 | 7 | | 171 | 89318631165c05956cd00825958518326d70b1ec269c57806342170b12705394 | 555.29 | 4 | | 172 | d722330c1d081f5f2478b4d12eea995ed3f0b0492dbd7a158d2729fe9ea5771c | 161.46 | 10 | | 173 | d11c2b62c0eb2ccf2debf8afdcb935c2e203da83126eece672e0de72930cc675 | 598.67 | 3 | | 174 | 506ca4fa953eef63a13f7abdd80911455f8d134e6ae483c727aa04e4624e77cd | 558.11 | 9 | | 175 | d722330c1d081f5f2478b4d12eea995ed3f0b0492dbd7a158d2729fe9ea5771c | 164.95 | 5 | | 176 | 5d43ea279d39eecfd4cb80a72f0e02a9a8bb99f3e5b0ade2f1d6a37016e0424c | 279.8 | 9 | | 177 | c3dd71135d3fb4efe9eedfeee2abd6394b846f584e08ce05074e75f2d14b8b27 | 576.46 | 5 | | 178 | e68a79b7def6aa4ceb36c493f83165a4f612385a895eebff232896775ec58495 | 645.04 | 7 | | 179 | 179dd88dc4baebe2bb92aa9371cd261547c80d25b0675a36b46bb9bb0b5163ef | 516.52 | 4 | | 180 | 4ea4b529cca11ce0bc70a1cff4bd8d5c89264271016d8e37f66277b3cec119c5 | 866.18 | 9 | | 181 | 091dfc5a6e2fbab544314ca4c6b7fee5bd0eb57595dda07fd52509c0185c069a | 299.15 | 5 | | 182 | 091dfc5a6e2fbab544314ca4c6b7fee5bd0eb57595dda07fd52509c0185c069a | 965.37 | 5 | | 183 | 89318631165c05956cd00825958518326d70b1ec269c57806342170b12705394 | 797.67 | 8 | | 184 | 7259321094b093e13f29135e026bc4d5a402866d79197ccc8936efef76d5852f | 458.31 | 4 | | 185 | bde833c0ec558f587cf94b6b164c531b8e5fb46f2fae3288f3c5be39ebedf636 | 622.05 | 4 | | 186 | de8fb2b5c6b876b4a1e8df58e367dfd21f5b8d44acaa32f541ae8aec8636bc32 | 545.88 | 6 | | 187 | 639839f26ba849fe39824e1bdbe23da827e06b3af88aef40adac643d11f92ab1 | 918.64 | 10 | | 188 | 0d2c9010160149c34594e1d079aab83ee6755ae4f466f38eabc0379ea25ee444 | 540.11 | 5 | | 189 | 4ea4b529cca11ce0bc70a1cff4bd8d5c89264271016d8e37f66277b3cec119c5 | 650.11 | 1 | | 190 | 92f186d335f827f14e2a43358a87a1853c854f74f27f46e125c2ef05f700cb21 | 250.62 | 7 | | 191 | 278ca4edae6640451e2d585f5888fe6c6920e99be5cdf34d0c8af0e0aa7ef699 | 446.22 | 2 | | 192 | b237dd70809be7a8f202f29b80462d92a489956f4230f17027bff4c55bd6fef6 | 710.6 | 10 | | 193 | 947b51a2a9b58c4f8a99a68a2be7264c0d3b83e29cc9c76c45b9be3cc65779ec | 33.32 | 1 | | 194 | 11a8e16ae48ec7e76aa64370f083ed0d43752e63add8e359889c9ab23bbea7f9 | 59.96 | 9 | | 195 | fe9dba9c832b970f6a822f9e850a6e5c396d55cc5cafdfb0dce772d84d30f648 | 572.8 | 1 | | 196 | 38987df5382c114ef7f862e179eb1062ee87dabd39cab61d62c9209ba2e72065 | 913.03 | 1 | | 197 | eefacd7bcb60cde3aa00827a7a9aad91ca4b4abf9ed784274dd60e63dc170fa1 | 111.33 | 6 | | 198 | b8eb4634791f09dd44c2fadcf4bef4b19956e5df8e6d4ef9b5e7820cefcc1d9e | 262.55 | 8 | | 199 | 0dc0d2a2b04c60bf7c7b1b734ca2d7c5cf6d819052b4b0f6ccb819b1c78e9bfc | 490.26 | 9 | | 200 | 639839f26ba849fe39824e1bdbe23da827e06b3af88aef40adac643d11f92ab1 | 629.09 | 5 | | 201 | 11a8e16ae48ec7e76aa64370f083ed0d43752e63add8e359889c9ab23bbea7f9 | 574.29 | 9 | | 202 | 3d7411ae29c18df866c8339e797770598395c769e558dae68544ffe0cc774fe7 | 926.69 | 5 | | 203 | 26a1be28a744e21ce575d9e73c32fd79a848ab20fbec0e46b8dc66b01f3810b1 | 959.24 | 4 | | 204 | eefacd7bcb60cde3aa00827a7a9aad91ca4b4abf9ed784274dd60e63dc170fa1 | 701.53 | 4 | | 205 | de1795612b34efb5fa8f95a02dfe3bdd24a7ebf680ba636b4b93eaf78cf8e61d | 475.54 | 8 | | 206 | d722330c1d081f5f2478b4d12eea995ed3f0b0492dbd7a158d2729fe9ea5771c | 819.27 | 1 | | 207 | 0dc0d2a2b04c60bf7c7b1b734ca2d7c5cf6d819052b4b0f6ccb819b1c78e9bfc | 440.45 | 6 | | 208 | 947b51a2a9b58c4f8a99a68a2be7264c0d3b83e29cc9c76c45b9be3cc65779ec | 957.46 | 1 | | 209 | 26a1be28a744e21ce575d9e73c32fd79a848ab20fbec0e46b8dc66b01f3810b1 | 93.63 | 5 | | 210 | 091dfc5a6e2fbab544314ca4c6b7fee5bd0eb57595dda07fd52509c0185c069a | 203.65 | 5 | | 211 | 4ea4b529cca11ce0bc70a1cff4bd8d5c89264271016d8e37f66277b3cec119c5 | 47.38 | 8 | | 212 | 11a8e16ae48ec7e76aa64370f083ed0d43752e63add8e359889c9ab23bbea7f9 | 247.87 | 1 | | 213 | 5d43ea279d39eecfd4cb80a72f0e02a9a8bb99f3e5b0ade2f1d6a37016e0424c | 454.43 | 8 | | 214 | b237dd70809be7a8f202f29b80462d92a489956f4230f17027bff4c55bd6fef6 | 965.7 | 6 | | 215 | 24590aa754ce6da51e01dc4a3228f4582c451eb77de2c419b36282c8f107e5e2 | 857.42 | 8 | | 216 | 3f13e7c162c81e4d8cbc4c89ecd9849ed084353d1b89ab4f346bb779bf72b819 | 300.29 | 10 | | 217 | 08a3e2c1deace76b3c18a911b5a9143f444e1c8c4e0857aadd2cfda99233ade6 | 459.59 | 2 | | 218 | 6e72b05385b65df43673ad1edb2ee4c88802c84d8769c7f6a2a37f99ed7c5bbb | 734.27 | 5 | 154

| 219 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 60.55 | 7 | | 220 | 72ddae143fc2deb74ddd466310ffea37f03a6e134a831a6f33cf1814f9795766 | 927.5 | 8 | | 221 | 38987df5382c114ef7f862e179eb1062ee87dabd39cab61d62c9209ba2e72065 | 363.22 | 7 | | 222 | 506ca4fa953eef63a13f7abdd80911455f8d134e6ae483c727aa04e4624e77cd | 762.53 | 10 | | 223 | 20478d7f0943ef27e5654c035a477fd819a8aa4533d873db3673e7b1826e6425 | 532.2 | 4 | | 224 | 278ca4edae6640451e2d585f5888fe6c6920e99be5cdf34d0c8af0e0aa7ef699 | 856.04 | 5 | | 225 | f485de3ca443dbc37aac73f5a29053a1c0e14d2b1bc430392ebdbc27a221cff3 | 797.69 | 6 | | 226 | 097c7bd16654fabb7589c575912428f1d9944140f2a42e079fe0fe81f080909a | 901.55 | 4 | | 227 | 26a1be28a744e21ce575d9e73c32fd79a848ab20fbec0e46b8dc66b01f3810b1 | 130.39 | 8 | | 228 | 20478d7f0943ef27e5654c035a477fd819a8aa4533d873db3673e7b1826e6425 | 776.13 | 7 | | 229 | fe9dba9c832b970f6a822f9e850a6e5c396d55cc5cafdfb0dce772d84d30f648 | 370.9 | 8 | | 230 | 11a8e16ae48ec7e76aa64370f083ed0d43752e63add8e359889c9ab23bbea7f9 | 902.81 | 3 | | 231 | a637922ed992082be319579a661c7e9858927368aa054a092211cb610c51a0b0 | 819.2 | 8 | | 232 | e68a79b7def6aa4ceb36c493f83165a4f612385a895eebff232896775ec58495 | 500.92 | 1 | | 233 | bc7e4c3345480ba425e722eccbe1a1e1b6a469212e59ab03e679d2c627242a15 | 877.61 | 3 | | 234 | fe9dba9c832b970f6a822f9e850a6e5c396d55cc5cafdfb0dce772d84d30f648 | 704.84 | 3 | | 235 | 091dfc5a6e2fbab544314ca4c6b7fee5bd0eb57595dda07fd52509c0185c069a | 183.66 | 7 | | 236 | 24590aa754ce6da51e01dc4a3228f4582c451eb77de2c419b36282c8f107e5e2 | 163.14 | 7 | | 237 | 506ca4fa953eef63a13f7abdd80911455f8d134e6ae483c727aa04e4624e77cd | 977.5 | 2 | | 238 | 947b51a2a9b58c4f8a99a68a2be7264c0d3b83e29cc9c76c45b9be3cc65779ec | 369.97 | 5 | | 239 | 947b51a2a9b58c4f8a99a68a2be7264c0d3b83e29cc9c76c45b9be3cc65779ec | 681.49 | 10 | | 240 | 0dc0d2a2b04c60bf7c7b1b734ca2d7c5cf6d819052b4b0f6ccb819b1c78e9bfc | 277.02 | 2 | | 241 | 38987df5382c114ef7f862e179eb1062ee87dabd39cab61d62c9209ba2e72065 | 877.72 | 8 | | 242 | 5d43ea279d39eecfd4cb80a72f0e02a9a8bb99f3e5b0ade2f1d6a37016e0424c | 604.05 | 3 | | 243 | bf135e91bbe11546bd2f3659c143d33e72697ce34ef07b2115dfef8e730c573f | 122.13 | 8 | | 244 | d722330c1d081f5f2478b4d12eea995ed3f0b0492dbd7a158d2729fe9ea5771c | 71.58 | 5 | | 245 | 24590aa754ce6da51e01dc4a3228f4582c451eb77de2c419b36282c8f107e5e2 | 336.13 | 4 | | 246 | b237dd70809be7a8f202f29b80462d92a489956f4230f17027bff4c55bd6fef6 | 514.25 | 6 | | 247 | e68a79b7def6aa4ceb36c493f83165a4f612385a895eebff232896775ec58495 | 509.45 | 1 | | 248 | 179dd88dc4baebe2bb92aa9371cd261547c80d25b0675a36b46bb9bb0b5163ef | 781.26 | 7 | | 249 | 506ca4fa953eef63a13f7abdd80911455f8d134e6ae483c727aa04e4624e77cd | 75.05 | 3 | | 250 | d11c2b62c0eb2ccf2debf8afdcb935c2e203da83126eece672e0de72930cc675 | 596.92 | 1 | | 251 | fc8f6ab87ccd63d7f33a34eb4163dd290dab7a60bf258d75c94b0f1ec6cac9fe | 44.38 | 3 | | 252 | 4ea4b529cca11ce0bc70a1cff4bd8d5c89264271016d8e37f66277b3cec119c5 | 709.58 | 9 | | 253 | bf135e91bbe11546bd2f3659c143d33e72697ce34ef07b2115dfef8e730c573f | 189.75 | 4 | | 254 | 639839f26ba849fe39824e1bdbe23da827e06b3af88aef40adac643d11f92ab1 | 826.25 | 9 | | 255 | 7b16d92656d1837356fcf83076bf2ce441fa70811eaa92c4608cbbfc1b61748f | 799.52 | 7 | | 256 | 6e72b05385b65df43673ad1edb2ee4c88802c84d8769c7f6a2a37f99ed7c5bbb | 549.02 | 10 | | 257 | eefacd7bcb60cde3aa00827a7a9aad91ca4b4abf9ed784274dd60e63dc170fa1 | 187.48 | 7 | | 258 | bde833c0ec558f587cf94b6b164c531b8e5fb46f2fae3288f3c5be39ebedf636 | 801.26 | 2 | | 259 | 0d2c9010160149c34594e1d079aab83ee6755ae4f466f38eabc0379ea25ee444 | 500.22 | 2 | | 260 | de1795612b34efb5fa8f95a02dfe3bdd24a7ebf680ba636b4b93eaf78cf8e61d | 287.81 | 7 | | 261 | 11a8e16ae48ec7e76aa64370f083ed0d43752e63add8e359889c9ab23bbea7f9 | 960.55 | 8 | | 262 | cbb3a4899a201702a9f02ea9d4e908d1fded32c1354600b3b86d6bde69e45c8a | 740.47 | 3 | | 263 | bde833c0ec558f587cf94b6b164c531b8e5fb46f2fae3288f3c5be39ebedf636 | 441.28 | 4 | | 264 | 7259321094b093e13f29135e026bc4d5a402866d79197ccc8936efef76d5852f | 482.18 | 1 | | 265 | d722330c1d081f5f2478b4d12eea995ed3f0b0492dbd7a158d2729fe9ea5771c | 479.62 | 10 | | 266 | a637922ed992082be319579a661c7e9858927368aa054a092211cb610c51a0b0 | 651.13 | 7 | | 267 | 89318631165c05956cd00825958518326d70b1ec269c57806342170b12705394 | 842.32 | 6 | | 268 | 091dfc5a6e2fbab544314ca4c6b7fee5bd0eb57595dda07fd52509c0185c069a | 575.94 | 3 | | 269 | c3dd71135d3fb4efe9eedfeee2abd6394b846f584e08ce05074e75f2d14b8b27 | 355.83 | 10 | | 270 | 947b51a2a9b58c4f8a99a68a2be7264c0d3b83e29cc9c76c45b9be3cc65779ec | 833.11 | 1 | | 271 | c3dd71135d3fb4efe9eedfeee2abd6394b846f584e08ce05074e75f2d14b8b27 | 765.27 | 3 | | 272 | 5d43ea279d39eecfd4cb80a72f0e02a9a8bb99f3e5b0ade2f1d6a37016e0424c | 712.5 | 5 | | 273 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 462.87 | 2 | | 274 | 50b2d2f47fc7e299d836556d06fbbe76ba47902b560206e5821b6d722c4d0b6c | 708.68 | 3 | | 275 | d722330c1d081f5f2478b4d12eea995ed3f0b0492dbd7a158d2729fe9ea5771c | 541.27 | 1 | | 276 | 92f186d335f827f14e2a43358a87a1853c854f74f27f46e125c2ef05f700cb21 | 78.36 | 7 | | 277 | 278ca4edae6640451e2d585f5888fe6c6920e99be5cdf34d0c8af0e0aa7ef699 | 431.51 | 1 | | 278 | 11a8e16ae48ec7e76aa64370f083ed0d43752e63add8e359889c9ab23bbea7f9 | 585.21 | 9 | | 279 | de8fb2b5c6b876b4a1e8df58e367dfd21f5b8d44acaa32f541ae8aec8636bc32 | 992.5 | 10 | | 280 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 939.22 | 10 | | 281 | 89318631165c05956cd00825958518326d70b1ec269c57806342170b12705394 | 707.81 | 4 | | 282 | 72ddae143fc2deb74ddd466310ffea37f03a6e134a831a6f33cf1814f9795766 | 3.41 | 10 | | 283 | 89318631165c05956cd00825958518326d70b1ec269c57806342170b12705394 | 784.74 | 10 | | 284 | 72ddae143fc2deb74ddd466310ffea37f03a6e134a831a6f33cf1814f9795766 | 552.35 | 6 | | 285 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 25.16 | 5 | | 286 | 20478d7f0943ef27e5654c035a477fd819a8aa4533d873db3673e7b1826e6425 | 349.6 | 5 | | 287 | a637922ed992082be319579a661c7e9858927368aa054a092211cb610c51a0b0 | 500.27 | 5 | | 288 | b70ecef31ad49ff969c99e0167fc8d7eb525ad7eef98d44278b5e306a5c811b3 | 654.04 | 1 | | 289 | b2cd6fd87fd02f6299afd403061864fc34bbd8b7764743577b08746a27845779 | 997.2 | 5 | 155

| 290 | 6e72b05385b65df43673ad1edb2ee4c88802c84d8769c7f6a2a37f99ed7c5bbb | 23.08 | 9 | | 291 | 89318631165c05956cd00825958518326d70b1ec269c57806342170b12705394 | 884.85 | 8 | | 292 | 4ea4b529cca11ce0bc70a1cff4bd8d5c89264271016d8e37f66277b3cec119c5 | 146.38 | 10 | | 293 | b237dd70809be7a8f202f29b80462d92a489956f4230f17027bff4c55bd6fef6 | 902.92 | 7 | | 294 | fe9dba9c832b970f6a822f9e850a6e5c396d55cc5cafdfb0dce772d84d30f648 | 896.57 | 6 | | 295 | 0d2c9010160149c34594e1d079aab83ee6755ae4f466f38eabc0379ea25ee444 | 392.6 | 8 | | 296 | 749d3cbe78d943661fb0f5f7de8cafaaa6768144b6e63d7118d4dc781d184a77 | 431.86 | 9 | | 297 | 1582b93fc7108edc40ec2f0f6a92e90048294461cab5b5523b3349ef155f3636 | 642.28 | 3 | | 298 | 25ecd2eadd3fff85b8789daaa2ad16bf304fa8176f65aab991b946c981285dc4 | 254.98 | 5 | | 299 | 25ecd2eadd3fff85b8789daaa2ad16bf304fa8176f65aab991b946c981285dc4 | 596.13 | 9 | | 300 | f485de3ca443dbc37aac73f5a29053a1c0e14d2b1bc430392ebdbc27a221cff3 | 470.98 | 3 | | 301 | c3dd71135d3fb4efe9eedfeee2abd6394b846f584e08ce05074e75f2d14b8b27 | 269.54 | 2 | | 302 | d11c2b62c0eb2ccf2debf8afdcb935c2e203da83126eece672e0de72930cc675 | 645.05 | 6 | | 303 | 89318631165c05956cd00825958518326d70b1ec269c57806342170b12705394 | 5.37 | 1 | | 304 | 7259321094b093e13f29135e026bc4d5a402866d79197ccc8936efef76d5852f | 283.33 | 3 | | 305 | 7259321094b093e13f29135e026bc4d5a402866d79197ccc8936efef76d5852f | 54.76 | 1 | | 306 | fe9dba9c832b970f6a822f9e850a6e5c396d55cc5cafdfb0dce772d84d30f648 | 694.14 | 6 | | 307 | b2cd6fd87fd02f6299afd403061864fc34bbd8b7764743577b08746a27845779 | 616.66 | 9 | | 308 | 5d43ea279d39eecfd4cb80a72f0e02a9a8bb99f3e5b0ade2f1d6a37016e0424c | 762.9 | 8 | | 309 | fe9dba9c832b970f6a822f9e850a6e5c396d55cc5cafdfb0dce772d84d30f648 | 59.43 | 1 | | 310 | 20478d7f0943ef27e5654c035a477fd819a8aa4533d873db3673e7b1826e6425 | 135.71 | 3 | | 311 | c3dd71135d3fb4efe9eedfeee2abd6394b846f584e08ce05074e75f2d14b8b27 | 899.03 | 7 | | 312 | 091dfc5a6e2fbab544314ca4c6b7fee5bd0eb57595dda07fd52509c0185c069a | 947.25 | 4 | | 313 | 3d7411ae29c18df866c8339e797770598395c769e558dae68544ffe0cc774fe7 | 496.53 | 10 | | 314 | de8fb2b5c6b876b4a1e8df58e367dfd21f5b8d44acaa32f541ae8aec8636bc32 | 653.29 | 9 | | 315 | bc7e4c3345480ba425e722eccbe1a1e1b6a469212e59ab03e679d2c627242a15 | 127.74 | 8 | | 316 | 92f186d335f827f14e2a43358a87a1853c854f74f27f46e125c2ef05f700cb21 | 274.96 | 10 | | 317 | b237dd70809be7a8f202f29b80462d92a489956f4230f17027bff4c55bd6fef6 | 854.98 | 8 | | 318 | 179dd88dc4baebe2bb92aa9371cd261547c80d25b0675a36b46bb9bb0b5163ef | 664.5 | 9 | +-----+------+------+------+ 318 rows in set (0.00 sec)

mysql> select * from Resource; +-----+------+------+------+ | id | name | personID | resourceType_id | +-----+------+------+------+ | 1 |Autus Water | eb21f68734d43024466c9b761e7e88d43797ce6c6555cac35b375a70d429ac85 | 4 | | 2 |Autus Natural Gas | e85c884f79ab4f75abc9f50cf2bf5a2728a69961ad96553a59ebda11bffb5d59 | 1 | | 3 |Altor Energy | 564921b060d57e41e12876c27b84df956cfcd33f46734f180a6410d97cfb400a | 3 | | 4 |Altor Petrol | ab9a31e31e7db54aa0b7b58aff29360f67ce27311532fb1b64b67aa371dda926 | 2 | | 5 |Altor Water | a1a818ea3dee2ad9ae9f184590ec0f71d44c042c0ff816f30367b2547f01f2c3 | 4 | | 6 |Eubicio Gas | 22ef12c977d3fc9cef7eff77d9d02858a5fc3a315c75a8dc9abe15e6f7765127 | 5 | | 7 |Eubicio Gas | 874db669e510eb2f5847ee54a12411a5997eb66d91e9fc59ac80a9d836939a13 | 5 | | 8 |Eubicio Gas | 564921b060d57e41e12876c27b84df956cfcd33f46734f180a6410d97cfb400a | 5 | | 9 |Eubicio Natural Gas | 414dc701c398081ea6b17c8b6d270e9918b04756afe9da37f4c0dd2999aa72da | 1 | | 10 |Fator Energy | 12eda155e1531a9ebbb558f64094fc8ceeb0ffb0ba97cfaec3da123fcf8bfaa0 | 3 | | 11 |Fator Petrol | e07cc441a9b8bfd8de019570b9257dacf1d7a00a840738b2751a02975c22025d | 2 | | 12 |Fator Water | e93ea450a70380aead07a2c2545137b5a6035c7f1713b844b1873874c2369a5a | 4 | | 13 |Fator Petrol | 414dc701c398081ea6b17c8b6d270e9918b04756afe9da37f4c0dd2999aa72da | 2 | | 14 |Batus Petrol | 5b512eb427269b9eb558d67e1f7b3e4b43363b00a3723322ba4479b0319510be | 2 | | 15 |Antor Gas | 61ccda9b34d376e857c7b275726cdb87b43e77f4b59b27c60610fccb641e3597 | 5 | 156

| 16 |Aulus Water | eb21f68734d43024466c9b761e7e88d43797ce6c6555cac35b375a70d429ac85 | 4 | | 17 |Aulus Energy | 5b512eb427269b9eb558d67e1f7b3e4b43363b00a3723322ba4479b0319510be | 3 | | 18 |Aulus Natural Gas | ebb87dfd579339918ecd997c5c1cbd5d1b802301ddef664b1ff414af711c295e | 1 | | 19 |Aulus Natural Gas | 38ea17bca11daf0b5ad49143d9f9e6ad520ad52ce1deec891452cf5645a16807 | 1 | | 20 |Bacio Water | 564921b060d57e41e12876c27b84df956cfcd33f46734f180a6410d97cfb400a | 4 | | 21 |Aunus Petrol | e07cc441a9b8bfd8de019570b9257dacf1d7a00a840738b2751a02975c22025d | 2 | | 22 |Aunus Gas | 0490aa13242cf6f3eb22b36e0cfa8e89a4646f70639d083b64b50edc3c17bcd4 | 5 | | 23 |Aunus Gas | 4365f9f10ff3a454e797bf128af6bca3adf2f70714c1297c0f690a6ec817eccf | 5 | | 24 |Brius Energy | a2ac6417f7295f0c8b067faa264d78dd8a9c4d79497506bd26067d2d9400527e | 3 | | 25 |Brius Water | b0d12490ba26bbaae308eea72e0b1499dcce611a8951487029e6c9b919b809a3 | 4 | | 26 |Brius Petrol | ebb87dfd579339918ecd997c5c1cbd5d1b802301ddef664b1ff414af711c295e | 2 | | 27 |Brius Water | c6a839261263d2c53f6871a6ff6e8dc469d6b0402d49fbbf7cbb4a5101837a9a | 4 | | 28 |Algunus Natural Gas | 22ef12c977d3fc9cef7eff77d9d02858a5fc3a315c75a8dc9abe15e6f7765127 | 1 | | 29 |Algunus Water | c6a839261263d2c53f6871a6ff6e8dc469d6b0402d49fbbf7cbb4a5101837a9a | 4 | | 30 |Difrilus Energy | 61ccda9b34d376e857c7b275726cdb87b43e77f4b59b27c60610fccb641e3597 | 3 | | 31 |Ales Natural Gas | ebb87dfd579339918ecd997c5c1cbd5d1b802301ddef664b1ff414af711c295e | 1 | | 32 |Ales Petrol | cc41a549b6a1cdf7660e144c4ed8ddc087d0d991ce7c2a501568558f57f6af72 | 2 | | 33 |Braucio Petrol | 22ef12c977d3fc9cef7eff77d9d02858a5fc3a315c75a8dc9abe15e6f7765127 | 2 | | 34 |Braucio Energy | b0d12490ba26bbaae308eea72e0b1499dcce611a8951487029e6c9b919b809a3 | 3 | | 35 |Braucio Energy | 61ccda9b34d376e857c7b275726cdb87b43e77f4b59b27c60610fccb641e3597 | 3 | | 36 |Braucio Natural Gas | e93ea450a70380aead07a2c2545137b5a6035c7f1713b844b1873874c2369a5a | 1 | | 37 |Donus Natural Gas | b888db00dfedc0f53388f1c30683651c34a0053ab12c7f84094f0a011ebdff25 | 1 | | 38 |Donus Natural Gas | 87eba7354b2f0b1164e24aac251b590133d81856234a79bcf040442442d745c5 | 1 | | 39 |Donus Natural Gas | 8c94fcc36e5aa78bc69259ba8a0f1a5dbc13bbfe945e8902344c5d18ca77c64e | 1 | | 40 |Anbocus Natural Gas | 4ad8be084e43a69268c1f379f56e3361befb4adf3c2bfa687242f9986c60584a | 1 | | 41 |Anbocus Water | ea35cc06f817e358b8db332d9b70f607cb966eef9d8c4ee85ebd6b3d4608bfc8 | 4 | | 42 |Anbocus Gas | ebb87dfd579339918ecd997c5c1cbd5d1b802301ddef664b1ff414af711c295e | 5 | | 43 |Autus Energy | 8c94fcc36e5aa78bc69259ba8a0f1a5dbc13bbfe945e8902344c5d18ca77c64e | 3 | | 44 |Fatus Natural Gas | 22ef12c977d3fc9cef7eff77d9d02858a5fc3a315c75a8dc9abe15e6f7765127 | 1 | | 45 |Bies Water | eb21f68734d43024466c9b761e7e88d43797ce6c6555cac35b375a70d429ac85 | 4 | | 46 |Bies Water | cc41a549b6a1cdf7660e144c4ed8ddc087d0d991ce7c2a501568558f57f6af72 | 4 | | 47 |Bibutus Water | 6580e00c4251189caa78eecd420e8c516d050000b511059c4571ef35ce9a1bf7 | 4 | | 48 |Altus Gas | 6d6517552a56fe168da97e0c7471b05cca871c499c2b6df6bf826d361f24730d | 5 | | 49 |Altus Petrol | e0066903f3bcf1a5bf794051eb0f24d2cf07bceee1aa46651d92a2b77c62b5bb | 2 | | 50 |Braulus Natural Gas | eb21f68734d43024466c9b761e7e88d43797ce6c6555cac35b375a70d429ac85 | 1 | | 51 |Braulus Natural Gas | e93ea450a70380aead07a2c2545137b5a6035c7f1713b844b1873874c2369a5a | 1 | | 52 |Braulus Water | fe72923c421d8aa61a007d57e0ecb566720c29558346cfa9cd0a285a18b76fd3 | 4 | | 53 |Braulus Gas | 95ad6a3164adecac82e78c774674058258f6fc60ea0117031276797660eeaccc | 5 | | 54 |Difrilus Petrol | ea35cc06f817e358b8db332d9b70f607cb966eef9d8c4ee85ebd6b3d4608bfc8 | 2 | | 55 |Difrilus Gas | 564921b060d57e41e12876c27b84df956cfcd33f46734f180a6410d97cfb400a | 5 | | 56 |Eubinus Gas | 61ccda9b34d376e857c7b275726cdb87b43e77f4b59b27c60610fccb641e3597 | 5 | | 57 |Eubinus Gas | 3aa0e214e4e04de5cf800ee7ce6c1b2323fa95f88fcd2918a64158fdf121f8f5 | 5 | | 58 |Eubinus Energy | 931c323501d2aa19d278dc6f0d5ff20b12248cfe557e8db0d2aba9a54689cd1f | 3 | | 59 |Aucio Energy | 8c94fcc36e5aa78bc69259ba8a0f1a5dbc13bbfe945e8902344c5d18ca77c64e | 3 | | 60 |Aufricus Energy | a2ac6417f7295f0c8b067faa264d78dd8a9c4d79497506bd26067d2d9400527e | 3 | | 61 |Aunus Petrol | 95ad6a3164adecac82e78c774674058258f6fc60ea0117031276797660eeaccc | 2 | | 62 |Aunus Natural Gas | c6a839261263d2c53f6871a6ff6e8dc469d6b0402d49fbbf7cbb4a5101837a9a | 1 | | 63 |Aunus Natural Gas | 414dc701c398081ea6b17c8b6d270e9918b04756afe9da37f4c0dd2999aa72da | 1 | | 64 |Bigustus Water | 931c323501d2aa19d278dc6f0d5ff20b12248cfe557e8db0d2aba9a54689cd1f | 4 | | 65 |Bedator Petrol | eb21f68734d43024466c9b761e7e88d43797ce6c6555cac35b375a70d429ac85 | 2 | | 66 |Bedator Water | 72a29c8b9ec325c13cdc73a6a5506c06e30e798f9cb9cf62bd1568c17820cf4e | 4 | | 67 |Aubitus Energy | 6580e00c4251189caa78eecd420e8c516d050000b511059c4571ef35ce9a1bf7 | 3 | | 68 |Aubitus Water | fe72923c421d8aa61a007d57e0ecb566720c29558346cfa9cd0a285a18b76fd3 | 4 | | 69 |Bres Gas | 4ad8be084e43a69268c1f379f56e3361befb4adf3c2bfa687242f9986c60584a | 5 | | 70 |Bres Petrol | 354b52a842e25af020d827a756ce23ecd35011c6e31bc3b229544059621bd5fe | 2 | | 71 |Bres Gas | ebb87dfd579339918ecd997c5c1cbd5d1b802301ddef664b1ff414af711c295e | 5 | | 72 |Bres Petrol | ebb87dfd579339918ecd997c5c1cbd5d1b802301ddef664b1ff414af711c295e | 2 | | 73 |Dabies Gas | ea35cc06f817e358b8db332d9b70f607cb966eef9d8c4ee85ebd6b3d4608bfc8 | 5 | | 74 |Dabies Natural Gas | fabfa0d09975a5e7d71327d0b75375d0ccea3cae9299903db694764cbab7a1d9 | 1 | | 75 |Dabies Energy | 414dc701c398081ea6b17c8b6d270e9918b04756afe9da37f4c0dd2999aa72da | 3 | | 76 |Bebies Petrol | 253fad76808904b963ce1fdc968bba1d726d35e220ebcfb2a334d4ce8a8c65d8 | 2 | | 77 |Bilius Water | 12eda155e1531a9ebbb558f64094fc8ceeb0ffb0ba97cfaec3da123fcf8bfaa0 | 4 | | 78 |Bilius Gas | eb21f68734d43024466c9b761e7e88d43797ce6c6555cac35b375a70d429ac85 | 5 | | 79 |Bilius Water | 12eda155e1531a9ebbb558f64094fc8ceeb0ffb0ba97cfaec3da123fcf8bfaa0 | 4 | | 80 |Bilius Energy | e07cc441a9b8bfd8de019570b9257dacf1d7a00a840738b2751a02975c22025d | 3 | | 81 |Bedacus Petrol | 902179415fa231b4b39ef04a348e5175452e3742669bbd8f5fa185d79d9a3980 | 2 | | 82 |Dinulius Water | ea35cc06f817e358b8db332d9b70f607cb966eef9d8c4ee85ebd6b3d4608bfc8 | 4 | | 83 |Dinulius Energy | e93ea450a70380aead07a2c2545137b5a6035c7f1713b844b1873874c2369a5a | 3 | | 84 |Dinulius Energy | 8c94fcc36e5aa78bc69259ba8a0f1a5dbc13bbfe945e8902344c5d18ca77c64e | 3 | | 85 |Faguslus Petrol | a1a818ea3dee2ad9ae9f184590ec0f71d44c042c0ff816f30367b2547f01f2c3 | 2 | | 86 |Faguslus Water | 6580e00c4251189caa78eecd420e8c516d050000b511059c4571ef35ce9a1bf7 | 4 | 157

| 87 |Faguslus Energy | 253fad76808904b963ce1fdc968bba1d726d35e220ebcfb2a334d4ce8a8c65d8 | 3 | | 88 |Faguslus Energy | 87eba7354b2f0b1164e24aac251b590133d81856234a79bcf040442442d745c5 | 3 | | 89 |Aguslius Energy | 4f5d48911341283a4348f97c70341462dc1de319c75b057d3e776a0ede2d08c3 | 3 | | 90 |Autor Petrol | 38ea17bca11daf0b5ad49143d9f9e6ad520ad52ce1deec891452cf5645a16807 | 2 | | 91 |Autor Petrol | 5b512eb427269b9eb558d67e1f7b3e4b43363b00a3723322ba4479b0319510be | 2 | | 92 |Autor Petrol | 564921b060d57e41e12876c27b84df956cfcd33f46734f180a6410d97cfb400a | 2 | | 93 |Dilius Petrol | 61ccda9b34d376e857c7b275726cdb87b43e77f4b59b27c60610fccb641e3597 | 2 | | 94 |Dabutus Gas | fe72923c421d8aa61a007d57e0ecb566720c29558346cfa9cd0a285a18b76fd3 | 5 | | 95 |Dabutus Petrol | 0f8bc23a407c0bea75ee0527aeca4a94e1739817ecf71aa576bf37da2f1fa56a | 2 | | 96 |Dabutus Water | 902179415fa231b4b39ef04a348e5175452e3742669bbd8f5fa185d79d9a3980 | 4 | | 97 |Dabutus Water | e15f42d258aad4c99c7f62c9023d0cc0c04db0a2121d82334e47ec3b911db339 | 4 | | 98 |Braulius Gas | eb21f68734d43024466c9b761e7e88d43797ce6c6555cac35b375a70d429ac85 | 5 | | 99 |Eucio Petrol | 6d6517552a56fe168da97e0c7471b05cca871c499c2b6df6bf826d361f24730d | 2 | | 100 |Eucio Gas | 72a29c8b9ec325c13cdc73a6a5506c06e30e798f9cb9cf62bd1568c17820cf4e | 5 | | 101 |Eucio Gas | ea35cc06f817e358b8db332d9b70f607cb966eef9d8c4ee85ebd6b3d4608bfc8 | 5 | | 102 |Allus Petrol | cc41a549b6a1cdf7660e144c4ed8ddc087d0d991ce7c2a501568558f57f6af72 | 2 | | 103 |Allus Petrol | 38ea17bca11daf0b5ad49143d9f9e6ad520ad52ce1deec891452cf5645a16807 | 2 | | 104 |Allus Energy | 0f8bc23a407c0bea75ee0527aeca4a94e1739817ecf71aa576bf37da2f1fa56a | 3 | | 105 |Allus Petrol | 22ef12c977d3fc9cef7eff77d9d02858a5fc3a315c75a8dc9abe15e6f7765127 | 2 | | 106 |Aes Natural Gas | 3aa0e214e4e04de5cf800ee7ce6c1b2323fa95f88fcd2918a64158fdf121f8f5 | 1 | | 107 |Aes Energy | 4365f9f10ff3a454e797bf128af6bca3adf2f70714c1297c0f690a6ec817eccf | 3 | | 108 |Aes Petrol | e93ea450a70380aead07a2c2545137b5a6035c7f1713b844b1873874c2369a5a | 2 | | 109 |Aes Natural Gas | 874db669e510eb2f5847ee54a12411a5997eb66d91e9fc59ac80a9d836939a13 | 1 | | 110 |Augutin Energy | 4ad8be084e43a69268c1f379f56e3361befb4adf3c2bfa687242f9986c60584a | 3 | | 111 |Aucus Petrol | 874db669e510eb2f5847ee54a12411a5997eb66d91e9fc59ac80a9d836939a13 | 2 | | 112 |Aucus Gas | 38ea17bca11daf0b5ad49143d9f9e6ad520ad52ce1deec891452cf5645a16807 | 5 | | 113 |Aucus Petrol | e15f42d258aad4c99c7f62c9023d0cc0c04db0a2121d82334e47ec3b911db339 | 2 | | 114 |Etor Petrol | a1a818ea3dee2ad9ae9f184590ec0f71d44c042c0ff816f30367b2547f01f2c3 | 2 | | 115 |Etor Energy | 95ad6a3164adecac82e78c774674058258f6fc60ea0117031276797660eeaccc | 3 | | 116 |Etor Petrol | c04ab2d3bd0d85a38e234730752dbea2fff7d4cb3e3cb8574c2f85b4d19f9b89 | 2 | | 117 |Etor Petrol | e07cc441a9b8bfd8de019570b9257dacf1d7a00a840738b2751a02975c22025d | 2 | | 118 |Dudatus Natural Gas | eb21f68734d43024466c9b761e7e88d43797ce6c6555cac35b375a70d429ac85 | 1 | | 119 |Altor Natural Gas | fabfa0d09975a5e7d71327d0b75375d0ccea3cae9299903db694764cbab7a1d9 | 1 | | 120 |Altor Energy | 3aa0e214e4e04de5cf800ee7ce6c1b2323fa95f88fcd2918a64158fdf121f8f5 | 3 | | 121 |Dubetus Petrol | a1a818ea3dee2ad9ae9f184590ec0f71d44c042c0ff816f30367b2547f01f2c3 | 2 | | 122 |Dubetus Gas | 6d6517552a56fe168da97e0c7471b05cca871c499c2b6df6bf826d361f24730d | 5 | | 123 |Bator Natural Gas | 354b52a842e25af020d827a756ce23ecd35011c6e31bc3b229544059621bd5fe | 1 | | 124 |Bifricus Water | ab9a31e31e7db54aa0b7b58aff29360f67ce27311532fb1b64b67aa371dda926 | 4 | | 125 |Bifricus Natural Gas | 5b512eb427269b9eb558d67e1f7b3e4b43363b00a3723322ba4479b0319510be | 1 | | 126 |Braucio Petrol | 5ee97edf12c571c0dd3fb1288b54bb521fd6c1314a30253f157dc50f6781246b | 2 | | 127 |Braucio Gas | e07cc441a9b8bfd8de019570b9257dacf1d7a00a840738b2751a02975c22025d | 5 | | 128 |Braucio Water | ab9a31e31e7db54aa0b7b58aff29360f67ce27311532fb1b64b67aa371dda926 | 4 | | 129 |Braucio Natural Gas | ef74715b0091b5ed28a03ad8771d5a8a080538f3c5d845508dec19d2160ae271 | 1 | | 130 |Faes Energy | 0f8bc23a407c0bea75ee0527aeca4a94e1739817ecf71aa576bf37da2f1fa56a | 3 | | 131 |Faes Energy | 564921b060d57e41e12876c27b84df956cfcd33f46734f180a6410d97cfb400a | 3 | | 132 |Faes Petrol | 22ef12c977d3fc9cef7eff77d9d02858a5fc3a315c75a8dc9abe15e6f7765127 | 2 | | 133 |Faes Petrol | eb21f68734d43024466c9b761e7e88d43797ce6c6555cac35b375a70d429ac85 | 2 | | 134 |Aes Water | a1a818ea3dee2ad9ae9f184590ec0f71d44c042c0ff816f30367b2547f01f2c3 | 4 | | 135 |Aes Energy | cc41a549b6a1cdf7660e144c4ed8ddc087d0d991ce7c2a501568558f57f6af72 | 3 | | 136 |Aes Petrol | e07cc441a9b8bfd8de019570b9257dacf1d7a00a840738b2751a02975c22025d | 2 | | 137 |Acus Gas | 5b512eb427269b9eb558d67e1f7b3e4b43363b00a3723322ba4479b0319510be | 5 | | 138 |Acus Energy | 902179415fa231b4b39ef04a348e5175452e3742669bbd8f5fa185d79d9a3980 | 3 | | 139 |Acus Energy | e07cc441a9b8bfd8de019570b9257dacf1d7a00a840738b2751a02975c22025d | 3 | | 140 |Acus Gas | c04ab2d3bd0d85a38e234730752dbea2fff7d4cb3e3cb8574c2f85b4d19f9b89 | 5 | | 141 |Faes Gas | 253fad76808904b963ce1fdc968bba1d726d35e220ebcfb2a334d4ce8a8c65d8 | 5 | | 142 |Faes Water | e93ea450a70380aead07a2c2545137b5a6035c7f1713b844b1873874c2369a5a | 4 | | 143 |Ecio Petrol | c6a839261263d2c53f6871a6ff6e8dc469d6b0402d49fbbf7cbb4a5101837a9a | 2 | | 144 |Ecio Gas | 637b7abc7708cd4cf5263e758969e04295b20388e2808e6c2e23bf6d4c271a43 | 5 | | 145 |Edalius Gas | 874db669e510eb2f5847ee54a12411a5997eb66d91e9fc59ac80a9d836939a13 | 5 | | 146 |Elus Gas | 72a29c8b9ec325c13cdc73a6a5506c06e30e798f9cb9cf62bd1568c17820cf4e | 5 | | 147 |Anbecio Petrol | 0490aa13242cf6f3eb22b36e0cfa8e89a4646f70639d083b64b50edc3c17bcd4 | 2 | | 148 |Anbecio Gas | a1a818ea3dee2ad9ae9f184590ec0f71d44c042c0ff816f30367b2547f01f2c3 | 5 | | 149 |Aldalus Water | 6580e00c4251189caa78eecd420e8c516d050000b511059c4571ef35ce9a1bf7 | 4 | | 150 |Aldalus Gas | 902179415fa231b4b39ef04a348e5175452e3742669bbd8f5fa185d79d9a3980 | 5 | | 151 |Aldalus Gas | 5ee97edf12c571c0dd3fb1288b54bb521fd6c1314a30253f157dc50f6781246b | 5 | | 152 |Aldalus Gas | ef74715b0091b5ed28a03ad8771d5a8a080538f3c5d845508dec19d2160ae271 | 5 | | 153 |Bedacus Water | 38ea17bca11daf0b5ad49143d9f9e6ad520ad52ce1deec891452cf5645a16807 | 4 | | 154 |Bedacus Energy | ef74715b0091b5ed28a03ad8771d5a8a080538f3c5d845508dec19d2160ae271 | 3 | | 155 |Banus Water | 12eda155e1531a9ebbb558f64094fc8ceeb0ffb0ba97cfaec3da123fcf8bfaa0 | 4 | | 156 |Banus Energy | 902179415fa231b4b39ef04a348e5175452e3742669bbd8f5fa185d79d9a3980 | 3 | | 157 |Brautin Gas | bd4f94bee6e2d7970447dc9ae0a41b43ae1c77d4db7c40284fa5f5aba0f2ae6b | 5 | 158

| 158 |Danus Petrol | a2ac6417f7295f0c8b067faa264d78dd8a9c4d79497506bd26067d2d9400527e | 2 | | 159 |Danus Energy | 38ea17bca11daf0b5ad49143d9f9e6ad520ad52ce1deec891452cf5645a16807 | 3 | | 160 |Danus Petrol | 38ea17bca11daf0b5ad49143d9f9e6ad520ad52ce1deec891452cf5645a16807 | 2 | | 161 |Falus Water | 5ee97edf12c571c0dd3fb1288b54bb521fd6c1314a30253f157dc50f6781246b | 4 | | 162 |Falus Energy | ab9a31e31e7db54aa0b7b58aff29360f67ce27311532fb1b64b67aa371dda926 | 3 | | 163 |Dulius Water | eb21f68734d43024466c9b761e7e88d43797ce6c6555cac35b375a70d429ac85 | 4 | | 164 |Aunus Energy | 87eba7354b2f0b1164e24aac251b590133d81856234a79bcf040442442d745c5 | 3 | | 165 |Aunus Natural Gas | 414dc701c398081ea6b17c8b6d270e9918b04756afe9da37f4c0dd2999aa72da | 1 | | 166 |Aunus Energy | e15f42d258aad4c99c7f62c9023d0cc0c04db0a2121d82334e47ec3b911db339 | 3 | | 167 |Altin Natural Gas | 12eda155e1531a9ebbb558f64094fc8ceeb0ffb0ba97cfaec3da123fcf8bfaa0 | 1 | | 168 |Altin Natural Gas | 12eda155e1531a9ebbb558f64094fc8ceeb0ffb0ba97cfaec3da123fcf8bfaa0 | 1 | | 169 |Altin Gas | 931c323501d2aa19d278dc6f0d5ff20b12248cfe557e8db0d2aba9a54689cd1f | 5 | | 170 |Altin Natural Gas | eb21f68734d43024466c9b761e7e88d43797ce6c6555cac35b375a70d429ac85 | 1 | | 171 |Bebetus Natural Gas | 4ad8be084e43a69268c1f379f56e3361befb4adf3c2bfa687242f9986c60584a | 1 | | 172 |Bebetus Water | e07cc441a9b8bfd8de019570b9257dacf1d7a00a840738b2751a02975c22025d | 4 | | 173 |Bebetus Water | 61ccda9b34d376e857c7b275726cdb87b43e77f4b59b27c60610fccb641e3597 | 4 | | 174 |Bebetus Petrol | ea35cc06f817e358b8db332d9b70f607cb966eef9d8c4ee85ebd6b3d4608bfc8 | 2 | | 175 |Dinus Water | b0d12490ba26bbaae308eea72e0b1499dcce611a8951487029e6c9b919b809a3 | 4 | | 176 |Dinus Gas | 38ea17bca11daf0b5ad49143d9f9e6ad520ad52ce1deec891452cf5645a16807 | 5 | | 177 |Aunus Petrol | 354b52a842e25af020d827a756ce23ecd35011c6e31bc3b229544059621bd5fe | 2 | | 178 |Dobecio Natural Gas | cc7e406b1340cfa8019ffffbb210803c0d72b0ba711cb8d56e1489b922bf89a2 | 1 | | 179 |Dobecio Gas | e85c884f79ab4f75abc9f50cf2bf5a2728a69961ad96553a59ebda11bffb5d59 | 5 | +-----+------+------+------+ 179 rows in set (0.01 sec) mysql> select * from ResourceType; +----+------+------+ | id | description | name | +----+------+------+ | 1 | All resources related to Natural gas | Natural Gas | | 2 | All resources related to petrol, fossil resources only | Petrol | | 3 | All resources related to energy, non-fossil resources only | Energy | | 4 | All resources related to mineral water | Water | | 5 | All resources related to Natural gas | Gas | +----+------+------+ 5 rows in set (0.00 sec)

mysql> select * from ResourceSpent;

159

+-----+------+------+ | id | cost | resource_id | +-----+------+------+ | 1 | 200.03 | 1 | | 2 | 52.95 | 2 | | 3 | 949.29 | 2 | | 4 | 69.59 | 3 | | 5 | 526.01 | 3 | | 6 | 771.23 | 3 | | 7 | 522.92 | 4 | | 8 | 544.97 | 4 | | 9 | 590.55 | 4 | | 10 | 897.78 | 5 | | 11 | 490.88 | 5 | | 12 | 124.61 | 6 | | 13 | 30.74 | 6 | | 14 | 78.89 | 7 | | 15 | 62.51 | 7 | | 16 | 820.37 | 7 | | 17 | 243.78 | 8 | | 18 | 872.13 | 9 | | 19 | 703.63 | 10 | | 20 | 286.32 | 10 | | 21 | 573.08 | 10 | | 22 | 705.39 | 11 | | 23 | 202.47 | 11 | | 24 | 816.07 | 11 | | 25 | 540.26 | 12 | | 26 | 271.41 | 12 | | 27 | 853.98 | 12 | | 28 | 147.46 | 13 | | 29 | 35.37 | 13 | | 30 | 404.74 | 13 | | 31 | 637.31 | 13 | | 32 | 273.42 | 14 | | 33 | 28.12 | 14 | | 34 | 888.02 | 14 | | 35 | 473.62 | 15 | | 36 | 986.67 | 16 | | 37 | 477.34 | 16 | | 38 | 174.24 | 17 | | 39 | 550.18 | 17 | | 40 | 706.63 | 18 | | 41 | 295.22 | 18 | | 42 | 324.54 | 18 | | 43 | 805.3 | 19 | | 44 | 301.06 | 20 | | 45 | 980.24 | 20 | | 46 | 726.08 | 21 | | 47 | 279.21 | 21 | | 48 | 303.19 | 21 | | 49 | 551.39 | 22 | | 50 | 886.82 | 22 | | 51 | 222.99 | 23 | | 52 | 600.91 | 24 | | 53 | 164.65 | 24 | | 54 | 629.69 | 25 | | 55 | 141.3 | 25 | | 56 | 140.46 | 26 | | 57 | 896.01 | 26 | | 58 | 401.19 | 26 | | 59 | 670.18 | 27 | | 60 | 327.81 | 28 | | 61 | 817.89 | 29 | | 62 | 457.54 | 29 | | 63 | 615.06 | 30 | | 64 | 294.16 | 30 | | 65 | 104.19 | 30 | | 66 | 109.28 | 31 | | 67 | 219.03 | 31 | | 68 | 722.1 | 32 | 160

| 69 | 896.53 | 32 | | 70 | 834.08 | 32 | | 71 | 26.39 | 33 | | 72 | 354.21 | 33 | | 73 | 636.77 | 33 | | 74 | 62.96 | 33 | | 75 | 367.52 | 34 | | 76 | 789.23 | 34 | | 77 | 227.18 | 34 | | 78 | 379.41 | 34 | | 79 | 256.35 | 35 | | 80 | 238.62 | 36 | | 81 | 678.62 | 36 | | 82 | 792.53 | 36 | | 83 | 826.54 | 36 | | 84 | 198.83 | 37 | | 85 | 15.49 | 37 | | 86 | 11.78 | 37 | | 87 | 369.48 | 37 | | 88 | 557.1 | 38 | | 89 | 72.72 | 38 | | 90 | 8.57 | 38 | | 91 | 412.05 | 38 | | 92 | 71.74 | 39 | | 93 | 513.51 | 39 | | 94 | 210.39 | 39 | | 95 | 381.79 | 39 | | 96 | 660.17 | 40 | | 97 | 856.49 | 40 | | 98 | 346.3 | 41 | | 99 | 980.24 | 42 | | 100 | 374.33 | 42 | | 101 | 75.19 | 42 | | 102 | 749.58 | 42 | | 103 | 969.82 | 43 | | 104 | 708.88 | 43 | | 105 | 805.87 | 43 | | 106 | 713.31 | 44 | | 107 | 184.75 | 45 | | 108 | 692.96 | 45 | | 109 | 50.52 | 45 | | 110 | 512.33 | 46 | | 111 | 613.98 | 47 | | 112 | 207.39 | 48 | | 113 | 144.12 | 48 | | 114 | 303.95 | 49 | | 115 | 92.22 | 49 | | 116 | 37.93 | 49 | | 117 | 633.88 | 50 | | 118 | 859.64 | 51 | | 119 | 769.24 | 51 | | 120 | 976.26 | 51 | | 121 | 672.33 | 51 | | 122 | 602.37 | 52 | | 123 | 182.87 | 52 | | 124 | 22.05 | 53 | | 125 | 867.41 | 54 | | 126 | 720.6 | 54 | | 127 | 155.1 | 55 | | 128 | 915.02 | 55 | | 129 | 256.45 | 55 | | 130 | 566.78 | 55 | | 131 | 843.66 | 56 | | 132 | 195.56 | 57 | | 133 | 501.98 | 57 | | 134 | 928.05 | 57 | | 135 | 142.49 | 58 | | 136 | 661.25 | 59 | | 137 | 129.76 | 60 | | 138 | 795.96 | 61 | | 139 | 999.98 | 61 | 161

| 140 | 371.22 | 61 | | 141 | 874.3 | 62 | | 142 | 201.81 | 63 | | 143 | 73.06 | 63 | | 144 | 292.19 | 63 | | 145 | 952.68 | 64 | | 146 | 45.33 | 64 | | 147 | 309.88 | 65 | | 148 | 181.96 | 66 | | 149 | 954.45 | 66 | | 150 | 845.13 | 67 | | 151 | 269.5 | 67 | | 152 | 479.95 | 68 | | 153 | 451.21 | 69 | | 154 | 693.35 | 69 | | 155 | 92.17 | 69 | | 156 | 640.64 | 69 | | 157 | 747.98 | 70 | | 158 | 753.42 | 70 | | 159 | 357.75 | 70 | | 160 | 685.19 | 71 | | 161 | 66.62 | 72 | | 162 | 741.26 | 72 | | 163 | 797.08 | 73 | | 164 | 730.76 | 74 | | 165 | 863.19 | 74 | | 166 | 656.42 | 74 | | 167 | 115.68 | 74 | | 168 | 499.9 | 75 | | 169 | 967.34 | 75 | | 170 | 64.32 | 76 | | 171 | 9.93 | 76 | | 172 | 963.64 | 76 | | 173 | 92.89 | 77 | | 174 | 683.36 | 78 | | 175 | 217.55 | 79 | | 176 | 998.36 | 80 | | 177 | 979.57 | 80 | | 178 | 794.12 | 81 | | 179 | 588.99 | 82 | | 180 | 728.96 | 83 | | 181 | 392.34 | 83 | | 182 | 832.14 | 83 | | 183 | 443.47 | 84 | | 184 | 49.51 | 85 | | 185 | 269.92 | 85 | | 186 | 339.9 | 85 | | 187 | 79.41 | 85 | | 188 | 133.71 | 86 | | 189 | 520.81 | 86 | | 190 | 69.36 | 86 | | 191 | 869.85 | 86 | | 192 | 709.49 | 87 | | 193 | 102.88 | 87 | | 194 | 845.65 | 87 | | 195 | 55.95 | 87 | | 196 | 268.54 | 88 | | 197 | 280.09 | 89 | | 198 | 968.98 | 89 | | 199 | 469.56 | 90 | | 200 | 809.78 | 91 | | 201 | 706.87 | 92 | | 202 | 144.54 | 92 | | 203 | 107.01 | 92 | | 204 | 67.97 | 93 | | 205 | 248.11 | 94 | | 206 | 190.87 | 94 | | 207 | 170.88 | 95 | | 208 | 951.65 | 95 | | 209 | 454.51 | 95 | | 210 | 731.34 | 96 | 162

| 211 | 578.71 | 96 | | 212 | 195.49 | 96 | | 213 | 203.72 | 97 | | 214 | 422.81 | 98 | | 215 | 387.52 | 99 | | 216 | 18.52 | 99 | | 217 | 553.73 | 100 | | 218 | 183.73 | 101 | | 219 | 365.45 | 101 | | 220 | 839.77 | 101 | | 221 | 468.12 | 102 | | 222 | 449.19 | 103 | | 223 | 256.31 | 104 | | 224 | 277.87 | 104 | | 225 | 842.46 | 104 | | 226 | 8.19 | 104 | | 227 | 471.92 | 105 | | 228 | 400.75 | 106 | | 229 | 196.47 | 107 | | 230 | 389.52 | 108 | | 231 | 556.66 | 108 | | 232 | 562.09 | 108 | | 233 | 645.15 | 109 | | 234 | 846.16 | 109 | | 235 | 338.48 | 109 | | 236 | 506.05 | 109 | | 237 | 160.77 | 110 | | 238 | 94.4 | 110 | | 239 | 836.9 | 110 | | 240 | 623.89 | 111 | | 241 | 402.74 | 111 | | 242 | 329.12 | 111 | | 243 | 449.64 | 111 | | 244 | 296.92 | 112 | | 245 | 940.64 | 112 | | 246 | 157.57 | 113 | | 247 | 278.06 | 114 | | 248 | 569.71 | 114 | | 249 | 803.47 | 114 | | 250 | 79.13 | 115 | | 251 | 889.14 | 115 | | 252 | 645.7 | 115 | | 253 | 976.38 | 115 | | 254 | 917.87 | 116 | | 255 | 808.16 | 116 | | 256 | 101.35 | 117 | | 257 | 54.88 | 117 | | 258 | 168.46 | 117 | | 259 | 284.6 | 118 | | 260 | 571.42 | 119 | | 261 | 110.21 | 119 | | 262 | 812.94 | 120 | | 263 | 940.56 | 121 | | 264 | 182.61 | 121 | | 265 | 894.7 | 121 | | 266 | 406.33 | 122 | | 267 | 696.29 | 122 | | 268 | 511.79 | 122 | | 269 | 421.07 | 123 | | 270 | 853.12 | 124 | | 271 | 267.23 | 124 | | 272 | 647.33 | 125 | | 273 | 45.84 | 126 | | 274 | 577.32 | 126 | | 275 | 973.4 | 127 | | 276 | 416.28 | 127 | | 277 | 870.3 | 127 | | 278 | 723.52 | 128 | | 279 | 741.58 | 129 | | 280 | 272.39 | 130 | | 281 | 578.99 | 131 | 163

| 282 | 401.45 | 132 | | 283 | 115.9 | 133 | | 284 | 892.23 | 134 | | 285 | 251 | 134 | | 286 | 810.11 | 135 | | 287 | 234 | 136 | | 288 | 66.51 | 136 | | 289 | 918.36 | 136 | | 290 | 772.38 | 136 | | 291 | 316.79 | 137 | | 292 | 377.68 | 138 | | 293 | 635.89 | 138 | | 294 | 568.92 | 138 | | 295 | 43.19 | 139 | | 296 | 893.54 | 139 | | 297 | 751.27 | 140 | | 298 | 600.73 | 141 | | 299 | 89.81 | 142 | | 300 | 221.08 | 143 | | 301 | 400.92 | 143 | | 302 | 873.41 | 143 | | 303 | 205.39 | 143 | | 304 | 804.65 | 144 | | 305 | 280.08 | 144 | | 306 | 532.53 | 144 | | 307 | 865.16 | 145 | | 308 | 960.37 | 145 | | 309 | 204.24 | 145 | | 310 | 296.8 | 146 | | 311 | 487.61 | 146 | | 312 | 576.49 | 146 | | 313 | 885.83 | 147 | | 314 | 868.48 | 148 | | 315 | 998.91 | 149 | | 316 | 970.54 | 149 | | 317 | 193.43 | 150 | | 318 | 710.46 | 150 | | 319 | 83.42 | 151 | | 320 | 645.17 | 151 | | 321 | 863.87 | 151 | | 322 | 381.74 | 152 | | 323 | 247.73 | 153 | | 324 | 59.84 | 153 | | 325 | 660.64 | 153 | | 326 | 136.45 | 154 | | 327 | 678.06 | 154 | | 328 | 293.38 | 154 | | 329 | 625.85 | 155 | | 330 | 581.2 | 155 | | 331 | 57.99 | 155 | | 332 | 678.72 | 156 | | 333 | 893.33 | 157 | | 334 | 240.26 | 158 | | 335 | 261.03 | 158 | | 336 | 409.96 | 158 | | 337 | 739.96 | 159 | | 338 | 487.46 | 160 | | 339 | 836.17 | 161 | | 340 | 878.57 | 161 | | 341 | 23.72 | 161 | | 342 | 22.46 | 161 | | 343 | 861.62 | 162 | | 344 | 81.75 | 163 | | 345 | 464.11 | 163 | | 346 | 187.38 | 163 | | 347 | 59.73 | 163 | | 348 | 336.29 | 164 | | 349 | 135.15 | 165 | | 350 | 208.89 | 165 | | 351 | 888.79 | 166 | | 352 | 564.38 | 166 | 164

| 353 | 859 | 167 | | 354 | 269.31 | 167 | | 355 | 333.49 | 167 | | 356 | 399.63 | 168 | | 357 | 340.41 | 168 | | 358 | 995.78 | 168 | | 359 | 185 | 168 | | 360 | 228.6 | 169 | | 361 | 981.07 | 169 | | 362 | 297.96 | 170 | | 363 | 65.97 | 171 | | 364 | 38.07 | 171 | | 365 | 770.93 | 171 | | 366 | 946.98 | 171 | | 367 | 919.92 | 172 | | 368 | 229.03 | 173 | | 369 | 610.11 | 174 | | 370 | 984.05 | 174 | | 371 | 565.39 | 175 | | 372 | 511.12 | 175 | | 373 | 853.58 | 176 | | 374 | 990.22 | 177 | | 375 | 778.19 | 177 | | 376 | 765.05 | 177 | | 377 | 637.5 | 178 | | 378 | 405.26 | 178 | | 379 | 178.29 | 179 | | 380 | 49.68 | 179 | | 381 | 716.06 | 179 | +-----+------+------+ 381 rows in set (0.00 sec)