@article {Fer_IS17, title = {Modelling Trust Dynamics in the Internet of Things}, journal = {Information Sciences}, volume = {396}, year = {2017}, pages = {72-82}, publisher = {Elsevier}, abstract = {

The Internet of Things (IoT) is a paradigm based on the interconnection of\ everyday objects. It is expected that the {\textquoteleft}things{\textquoteright} involved in the IoT paradigm\ will have to interact with each other, often in uncertain conditions. It is therefore\ of paramount importance for the success of IoT that there are mechanisms in\ place that help overcome the lack of certainty. Trust can help achieve this goal.\ In this paper, we introduce a framework that assists developers in including\ trust in IoT scenarios. This framework takes into account trust, privacy and\ identity requirements as well as other functional requirements derived from IoT\ scenarios to provide the different services that allow the inclusion of trust in the\ IoT.

}, keywords = {Dynamic Framework, Internet of Things, Trust}, issn = {0020-0255}, doi = {10.1016/j.ins.2017.02.039}, author = {Carmen Fernandez-Gago and Francisco Moyano and Javier Lopez} } @article {JNCA16, title = {A Model-driven Approach for Engineering Trust and Reputation into Software Services}, journal = {Journal of Network and Computer Applications}, volume = {69}, year = {2016}, month = {04/2016}, pages = {134-151}, publisher = {Elsevier}, issn = {1084-8045}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {moyano15SAC, title = {Engineering Trust- and Reputation-based Security Controls for Future Internet Systems}, booktitle = {The 30th ACM/SIGAPP Symposium On Applied Computing (SAC 2015)}, year = {2015}, month = {08/2015}, pages = {1344-1349}, address = {Salamanca, Spain}, isbn = {978-1-4503-3196-8}, doi = {10.1145/2695664.2695713}, author = {Francisco Moyano and Carmen Fernandez-Gago and Kristian Beckers and Maritta Heisel} } @incollection {moyano14esfi, title = {Engineering Trust-Awareness and Self-adaptability in Services and Systems}, booktitle = {Engineering Secure Future Internet Services and Systems}, volume = {LNCS 8431}, number = {8431}, year = {2014}, month = {03/2014}, pages = {180-209}, publisher = {Springer}, organization = {Springer}, chapter = {8}, abstract = {
The Future Internet (FI) comprises scenarios where many heterogeneous and dynamic entities must interact to provide services (e.g., sensors, mobile devices and information systems in smart city scenarios). The dynamic conditions under which FI applications must execute call for self-adaptive software to cope with unforeseeable changes in the application environment. Models@run.time is a promising model-driven approach that supports the runtime adaptation of distributed, heterogeneous systems. Yet frameworks that accommodate this paradigm have limited support to address security concerns, hindering their usage in real scenarios. We address this challenge by enhancing models@run.time with the concepts of trust and reputation. Trust improves decision-making processes under risk and uncertainty and constitutes a distributed and flexible mechanism that does not entail heavyweight administration. This chapter introduces a trust and reputation framework that is integrated into a distributed component model that implements the models@run.time paradigm, thus allowing software components to include trust in their reasoning process. The framework is illustrated in a smart grid scenario.
}, isbn = {978-3-319-07451-1}, issn = {0302-9743}, doi = {10.1007/978-3-319-07452-8_8}, author = {Francisco Moyano and Carmen Fernandez-Gago and Benoit Baudry and Javier Lopez} } @inproceedings {moyano14smartgridsec, title = {Enhancing Problem Frames with Trust and Reputation for Analyzing Smart Grid Security Requirements}, booktitle = {Smart Grid Security - Second International Workshop}, series = {LNCS}, volume = {8448}, year = {2014}, month = {Aug}, pages = {166-180}, publisher = {Springer}, organization = {Springer}, address = {Munich}, keywords = {model-driven engineering, problem frames, Reputation, security requirements engineering, Trust, UML4PF}, isbn = {978-3-319-10328-0}, issn = {0302-9743}, doi = {10.1007/978-3-319-10329-7_11}, author = {Francisco Moyano and Carmen Fernandez-Gago and Kristian Beckers and Maritta Heisel}, editor = {Jorge Cuellar} } @inproceedings {moyano14caise, title = {Trust-Aware Decision-Making Methodology for Cloud Sourcing}, booktitle = {26th International Conference on Advanced Information Systems Engineering (CAiSE 2014)}, series = {LCNS}, volume = {8484}, year = {2014}, month = {06/2014}, pages = {136-149}, publisher = {Springer}, organization = {Springer}, address = {Thessaloniki}, abstract = {

Cloud sourcing consists of outsourcing data, services and infrastructure to cloud providers. Even when this outsourcing model brings advantages to cloud customers, new threats also arise as sensitive data and critical IT services are beyond customers{\textquoteright} control. When an organization considers moving to the cloud, IT decision makers must select a cloud provider and must decide which parts of the organization will be outsourced and to which extent. This paper proposes a methodology that allows decision makers to evaluate their trust in cloud providers. The methodology provides a systematic way to elicit knowledge about cloud providers, quantify their trust factors and aggregate them into trust values that can assist the decision-making process. The trust model that we propose is based on trust intervals, which allow capturing uncertainty during the evaluation, and we define an operator for aggregating these trust intervals. The methodology is applied to an eHealth scenario.

}, keywords = {Cloud Computing, decision making, domain knowledge elicitation, security, Trust}, isbn = {978-3-319-07880-9}, issn = {0302-9743}, doi = {10.1007/978-3-319-07881-6}, author = {Francisco Moyano and Kristian Beckers and Carmen Fernandez-Gago}, editor = {Matthias Jarke and John Mylopoulos and Christoph Quix and Colette Rolland and Yannis Manolopoulos and Haralambos Mouratidis and Jennifer Horkoff} } @inproceedings {moyano2012stm, title = {Building Trust and Reputation In: A Development Framework for Trust Models Implementation}, booktitle = {8th International Workshop on Security and Trust Management (STM 2012)}, series = {LNCS}, volume = {7783}, year = {2013}, pages = {113-128}, publisher = {Springer}, organization = {Springer}, address = {Pisa}, abstract = {

During the last years, many trust and reputation models have been proposed, each one targeting different contexts and purposes, and with their own particularities. While most contributions focus on defining ever-increasing complex models, little attention has been paid to the process of building these models inside applications during their implementation. The result is that models have traditionally considered as ad-hoc and after-the-fact solutions that do not always fit with the design of the application. To overcome this, we propose an object-oriented development framework onto which it is possible to build applications that require functionalities provided by trust and reputation models. The framework is extensible and flexible enough to allow implementing an important variety of trust models. This paper presents the framework, describes its main components, and gives examples on how to use it in order to implement three different trust models.

}, isbn = {978-3-642-38004-4}, issn = {0302-9743}, doi = {10.1007/978-3-642-38004-4}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez}, editor = {Audung J{\o}sang and Pierangela Samarati and Marinella Petrocchi} } @inproceedings {moyano2013ares, title = {Detecting Insider Threats: a Trust-Aware Framework}, booktitle = {8th International Conference on Availability, Reliability and Security}, year = {2013}, month = {Nov 2013}, pages = {121-130}, publisher = {IEEE}, organization = {IEEE}, address = {Regensburg, Germany}, abstract = {

The number of insider threats hitting organizations and big enterprises is rapidly growing. Insider threats occur when trusted employees misuse their permissions on organizational assets. Since insider threats know the organization and its processes, very often they end up undetected. Therefore, there is a pressing need for organizations to adopt preventive mechanisms to defend against insider threats. In this paper, we propose a framework for insiders identification during the early requirement analysis of organizational settings and of its IT systems. The framework supports security engineers in the detection of insider threats and in the prioritization of them based on the risk they represent to the organization. To enable the automatic detection of insider threats, we extend the SI* requirement modeling language with an asset model and a trust model. The asset model allows associating security properties and sensitivity levels to assets. The trust model allows specifying the trust level that a user places in another user with respect to a given permission on an asset. The insider threats identification leverages the trust levels associated with the permissions assigned to users, as well as the sensitivity of the assets to which access is granted. We illustrate the approach based on a patient monitoring scenario.

}, isbn = {978-0-7695-5008-4}, doi = {10.1109/ARES.2013.22}, author = {Federica Paci and Carmen Fernandez-Gago and Francisco Moyano} } @article {moyano2013re, title = {A Framework for Enabling Trust Requirements in Social Cloud Applications}, journal = {Requirements Engineering}, volume = {18}, year = {2013}, month = {Nov 2013}, pages = {321-341}, publisher = {Springer London}, abstract = {

Cloud applications entail the provision of a huge amount of heterogeneous, geographically-distributed resources managed and shared by many different stakeholders who often do not know each other beforehand. This raises numerous security concerns that, if not addressed carefully, might hinder the adoption of this promising computational model. Appropriately dealing with these threats gains special relevance in the social cloud context, where computational resources are provided by the users themselves. We argue that taking trust and reputation requirements into account can leverage security in these scenarios by incorporating the notions of trust relationships and reputation into them. For this reason, we propose a development framework onto which developers can implement trust-aware social cloud applications. Developers can also adapt the framework in order to accommodate their application-specific needs.

}, keywords = {architecture, framework, social cloud, Trust and reputation requirements}, issn = {0947-3602}, doi = {10.1007/s00766-013-0171-x}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {moyano13wisse, title = {Towards Engineering Trust-aware Future Internet Systems}, booktitle = {3rd International Workshop on Information Systems Security Engineering (WISSE 2013)}, series = {LNBIP}, volume = {148}, year = {2013}, month = {Jun 2013}, pages = {490-501}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Valencia}, abstract = {

Security must be a primary concern when engineering Future Internet (FI) systems and applications. In order to achieve secure solutions, we need to capture security requirements early in the Software Development Life Cycle (SDLC). Whereas the security community has traditionally focused on providing tools and mechanisms to capture and express hard security requirements (e.g. confidentiality), little attention has been paid to other important requirements such as trust and reputation. We argue that these soft security requirements can leverage security in open, distributed, heterogeneous systems and applications and that they must be included in an early phase as part of the development process. In this paper we propose a UML extension for specifying trust and reputation requirements, and we apply it to an eHealth case study.

}, keywords = {Reputation, Requirements Engineering, Secure Design, Trust}, isbn = {978-3-642-38489-9}, issn = {1865-1348}, doi = {10.1007/978-3-642-38490-5}, url = {http://link.springer.com/book/10.1007/978-3-642-38490-5/page/3}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez}, editor = {Xavier Franch and Pnina Soffer} } @inproceedings {moyano2013ifiptm, title = {Towards Trust-Aware and Self-Adaptive Systems}, booktitle = {7th IFIP WG 11.11 International Conference on Trust Management (IFIPTM 2013)}, series = {AICT}, volume = {401}, year = {2013}, month = {Jun 2013}, pages = {255-262}, publisher = {Springer}, organization = {Springer}, address = {Malaga}, abstract = {

The Future Internet (FI) comprises scenarios where many heterogeneous and dynamic entities must interact to provide services (e.g., sensors, mobile devices and information systems in smart city scenarios). The dynamic conditions under which FI applications must execute call for self-adaptive software to cope with unforeseeable changes in the application environment. Software engineering currently provides frameworks to develop reasoning engines that automatically take reconfiguration decisions and that support the runtime adaptation of distributed, heterogeneous applications. However, these frameworks have very limited support to address security concerns of these application, hindering their usage for FI scenarios. We address this challenge by enhancing self-adaptive systems with the concepts of trust and reputation. Trust will improve decision-making processes under risk and uncertainty, in turn improving security of self-adaptive FI applications. This paper presents an approach that includes a trust and reputation framework into a platform for adaptive, distributed component-based systems, thus providing software components with new abilities to include trust in their reasoning process.

}, isbn = {978-3-642-38323-6}, issn = {1868-4238}, doi = {10.1007/978-3-642-38323-6}, author = {Francisco Moyano and Benoit Baudry and Javier Lopez}, editor = {Carmen Fernandez-Gago and Isaac Agudo and Fabio Martinelli and Siani Pearson} } @inproceedings {moyano2013essosds, title = {A Trust and Reputation Framework}, booktitle = {Doctoral Symposium of the International Symposium on Engineering Secure Software and Systems (ESSoS-DS 2013)}, series = {CEUR-WS}, volume = {965}, year = {2013}, pages = {7-12}, publisher = {CEUR-WS}, organization = {CEUR-WS}, address = {Par{\'\i}s}, abstract = {

The Future Internet is posing new security challenges as their scenarios are bringing together a huge amount of stakeholders and devices that must interact under unforeseeable conditions. In addition, in these scenarios we cannot expect entities to know each other beforehand, and therefore, they must be involved in risky and uncertain collaborations. In order to minimize threats and security breaches, it is required that a well-informed decision-making process is in place, and it is here where trust and reputation can play a crucial role. Unfortunately, services and applications developers are often unarmed to address trust and reputation requirements in these scenarios. To overcome this limitation, we propose a trust and reputation framework that allows developers to create trust- and reputation-aware applications.

}, issn = {1613-0073}, url = {http://ceur-ws.org/Vol-965/}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez}, editor = {Maritta Heisel and Eda Marchetti} } @inproceedings {moyano2012trustbus, title = {A Conceptual Framework for Trust Models}, booktitle = {9th International Conference on Trust, Privacy \& Security in Digital Business (TrustBus 2012)}, series = {LNCS}, volume = {7449}, year = {2012}, month = {Sep 2012}, pages = {93-104}, publisher = {Springer Verlag}, organization = {Springer Verlag}, address = {Vienna}, abstract = {

During the last twenty years, a huge amount of trust and reputation models have been proposed, each of them with their own particularities and targeting different domains. While much effort has been made in defining ever-increasing complex models, little attention has been paid to abstract away the particularities of these models into a common set of easily understandable concepts. We propose a conceptual framework for computational trust models that will be used for analyzing their features and for comparing heterogeneous and relevant trust models.

}, isbn = {978-3-642-32286-0}, issn = {0302-9743}, doi = {10.1007/978-3-642-32287-7}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez}, editor = {Fischer-H{\"u}bner, Simone and Katsikas, Sokratis and Quirchmayr, Gerald} } @inproceedings {moyano12qasa, title = {Implementing Trust and Reputation Systems: A Framework for Developers{\textquoteright} Usage}, booktitle = {International Workshop on Quantitative Aspects in Security Assurance}, year = {2012}, address = {Pisa}, abstract = {

During the last decades, a huge amount of trust and reputation models have been proposed, each of them with their own particularities and targeting different domains. While much effort has been made in defining ever-increasing complex models, little attention has been paid to abstract away the particularities of these models into a common set of easily understandable concepts. We propose a conceptual framework for computational trust models that is used for developing a component-oriented development framework that aims to assist developers during the implementation phase.

}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {moyano2012essosds, title = {Service-Oriented Trust and Reputation Architecture}, booktitle = {Proceedings of the Doctoral Symposium of the International Symposium on Engineering Secure Software and Systems (ESSoS-DS 2012)}, series = {CEUR-WS}, volume = {834}, year = {2012}, note = {

Partner:UMA, Project:NESSoS

}, pages = {41-46}, publisher = {CEUR-WS}, organization = {CEUR-WS}, address = {Eindhoven}, abstract = {

As the Future Internet arrives, more complex, service-based applications are spreading. These applications pose several challenges, including the huge amount of entities that must interact and their het- erogeneity. The success of these applications depends on the collaboration and communication of these entities, that might belong to different or- ganizations and administrative domains. Therefore, trust and reputation become two crucial issues. We propose the specification and design of a service-based security architecture that stresses the delivery of trust and reputation services to any application that might require them.

}, issn = {1613-0073}, url = {http://ceur-ws.org/Vol-834/paper7_essosds2012.pdf}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez}, editor = {Jorge Cuellar and Nora Koch} } @inproceedings {Moyano_ESSoS12, title = {A Task Ordering Approach for Automatic Trust Establishment}, booktitle = {Proceedings of the 2012 International Symposium on Engineering Secure Software and Systems (ESSoS 2012)}, series = {LNCS}, volume = {7159}, year = {2012}, month = {Feb 2012}, pages = {76{\textendash}89}, publisher = {Springer}, organization = {Springer}, address = {Eindhoven, The Netherlands}, abstract = {

Trust has become essential in computer science as a way of assisting the process of decision-making, such as access control. In any system, several tasks may be performed, and each of these tasks might pose different associated trust values between the entities of the system. For instance, in a file system, reading and overwriting a file are two tasks that pose different trust values between the users who can carry out these tasks. In this paper, we propose a simple model for automatically establishing trust relationships between entities considering an established order among tasks.

}, keywords = {task ordering, trust evaluation, trust graph}, doi = {10.1007/978-3-642-28166-2_8}, author = {Francisco Moyano and Carmen Fernandez-Gago and Isaac Agudo and Javier Lopez}, editor = {Gilles Barthe and Ben Livshits and Riccardo Scandariato} } @incollection {Moyano_DHNChapter, title = {Security}, booktitle = {Digital Home Networking}, year = {2011}, pages = {139-202}, chapter = {Security}, issn = {9781848213210}, author = {Francisco Moyano and Rodrigo Roman and Anas Abou El Kalam and Marc Lacoste and Mohamed Maachaoui}, editor = {Romain Carbou and Michel Diaz and Ernesto Exposito and Rodrigo Roman} } @article {Najera2009, title = {Security Mechanisms and Access Control Infrastructure for e-Passports and General Purpose e-Documents}, journal = {Journal of Universal Computer Science}, volume = {15}, year = {2009}, pages = {970-991}, abstract = {

Traditional paper documents are not likely to disappear in the near future as they are present everywhere in daily life, however, paper-based documentation lacks the link with the digital world for agile and automated processing. At the same time it is prone to cloning, alteration and counterfeiting attacks. E-passport defined by ICAO and implemented in 45 countries is the most relevant case of hybrid documentation (i.e. paper format with electronic capabilities) to date, but, as the advantages of hybrid documentation are recognized more and more will undoubtedly appear. In this paper, we present the concept and security requirements of general-use e-documents, analyze the most comprehensive security solution (i.e. ePassport security mechanisms) and its suitability for general-purpose e-documentation. Finally, we propose alternatives for the weakest and less suitable protocol from ePassports: the BAC (Basic Access Control). In particular, an appropriate key management infrastructure for access control to document memory is discussed in conjunction with a prototype implementation.

}, issn = {0948-695X}, doi = {http://dx.doi.org/10.3217/jucs-015-05-0970}, url = {http://www.jucs.org/jucs_15_5/security_mechanisms_and_access}, author = {Pablo Najera and Francisco Moyano and Javier Lopez} } @inproceedings {PNajera2009, title = {Secure Integration of RFID Technology in Personal Documentation for Seamless Identity Validation}, booktitle = {3rd Symposium of Ubiquitous Computing and Ambient Intelligence 2008}, series = {Advances in Soft Computing}, volume = {51/2009}, year = {2008}, month = {October}, pages = {134-138}, publisher = {Springer}, organization = {Springer}, address = {Salamanca (Spain)}, abstract = {

Seamless human identification and authentication in the information system is a fundamental step towards the transparent interaction between the user and its context proposed in ambient intelligence. In this context, the IDENTICA project is aimed to the design and implementation of a distributed authentication platform based on biometrics (i.e. voice and facial image) and personal documentation. In this paper, we present our work in this project focused on the secure integration of RFID technology in personal documentation in order to provide seamless identity validation. Our actual work status, first results and future directions are described in detail.

}, keywords = {Biometry, identity verification, privacy, RFID, security}, isbn = {978-3-540-85866-9}, doi = {http://dx.doi.org/10.1007/978-3-540-85867-6_16}, url = {http://www.springerlink.com/content/bx8t243130k07585/}, author = {Pablo Najera and Francisco Moyano and Javier Lopez} }