@article {1633, title = {Securing the Internet of Things}, journal = {IEEE Computer}, volume = {44}, number = {9}, year = {2011}, month = {Sept 2011}, pages = {51 -58}, publisher = {IEEE}, abstract = {

This paper presents security of Internet of things. In the Internet of Things vision, every physical object has a virtual component that can produce and consume services Such extreme interconnection will bring unprecedented convenience and economy, but it will also require novel approaches to ensure its safe and ethical use. The Internet and its users are already under continual attack, and a growing economy-replete with business models that undermine the Internet{\textquoteright}s ethical use-is fully focused on exploiting the current version{\textquoteright}s foundational weaknesses.

}, keywords = {business models, computer network security, Internet, Internet of Things, Internet security, IoT, virtual component}, issn = {0018-9162}, doi = {10.1109/MC.2011.291}, url = {http://dx.doi.org/10.1109/MC.2011.291}, author = {Rodrigo Roman and Pablo Najera and Javier Lopez} } @article {Roman2006a, title = {An Anti-spam Scheme Using Pre-challenges}, journal = {Computer Communications}, volume = {29}, number = {15}, year = {2006}, pages = {2739-2749}, publisher = {Elsevier}, abstract = {

Unsolicited Commercial Email, or Spam, is nowadays an increasingly serious problem to email users. A number of anti-spam schemes have been proposed in the literature and some of them have been deployed in email systems, but the problem has yet been well addressed. One of those schemes is challenge-response, in which a challenge, ranging from a simple mathematical problem to a hard-AI problem, is imposed on an email sender in order to forbid machine-based spam reaching receivers{\textquoteright} mailboxes. However, such a scheme introduces new problems for the users, e.g., delay of service and denial of service. In this paper, we introduce the pre-challenge scheme, which is based on the challenge-response mechanism and takes advantage of some features of email systems. It assumes each user has a challenge that is defined by the user himself/herself and associated with his/her email address, in such a way that an email sender can simultaneously retrieve a new receiver{\textquoteright}s email address and challenge before sending an email in the first contact. Some new mechanisms are employed in our scheme to reach a good balance between security against spam and convenience to normal email users. Our scheme can be also used for protecting other messaging systems, like Instant Messaging and Blog comments.

}, keywords = {Anti-spam, Electronic mail, Internet security}, issn = {0140-3664}, doi = {10.1016/j.comcom.2005.10.037}, url = {http://www.sciencedirect.com/science/article/B6TYP-4HYM1T7-1/2/53871c3a06d8e1c9439deda17a05ed2d}, author = {Rodrigo Roman and Jianying Zhou and Javier Lopez} }