De-identification[1]-[5], [30]-[71] is the process that organizations can use to remove personal information from data that they collect, use, archive, and share with other organizations. It is recognized as an important tool for organizations to balance requirements between the use of data and privacy protection of personal information. Its objective is to remove the association between a set of identifying attributes and the data principal where identifying attribute is attribute in a dataset that is able to contribute to uniquely identifying a data principal within a specific operational context and data principal is entity to which data relates. This paper provides an overview of de-identification techniques including the data release models. It also describes the current standardization activities by the standardization development organizations in terms of de-identification. It suggests future standardization directions including potential future work items.

The Extensible Authentication Protocol (EAP) is an authentication framework that supports multiple authentication mechanisms [38] between a peer and an authentication server in a data communication network. EAP is used as a useful tool for enabling user authentication and distribution of session keys. There are numerous EAP methods that have been developed by global SDOs such as IETF, IEEE, ITU-T, and 3GPP. In this paper, we analyze the most widely deployed EAP methods ranging from the EAP-TLS [27] to the EAP-PSK [25]. In addition, we derive the security requirements of EAP methods meet, evaluate the typical EAP methods in terms of the security requirements, and discuss the features of the existing widely-deployed EAP methods. In addition, we identify two typical use cases for the EAP methods. Finally, recent global standardization activities in this area are reviewed.

The Internet of Things (IoT) is defined as a global infrastructure for the Information Society, enabling advanced services by interconnecting (physical and virtual) things based on, existing and evolving, interoperable information and communication technologies by ITU-T. Data may be communicated in low-power and lossy environments, which causes complicated security issues. Furthermore, concerns are raised over access of personally identifiable information pertaining to IoT devices, network and platforms. Security and privacy concerns have been main barriers to implement IoT, which needs to be resolved appropriate security and privacy measures. This paper describes security threats and privacy concerns of IoT, surveys current studies related to IoT and identifies the various requirements and solutions to address these security threats and privacy concerns. In addition, this paper also focuses on major global standardization activities for security and privacy of Internet of Things. Furthermore, future directions and strategies of international standardization for theInternet of Thing's security and privacy issues will be given. This paper provides guidelines to assist in suggesting the development and standardization strategies forward to allow a massive deployment of IoT systems in real world.