@article {rios2022pmec, title = {Personal IoT Privacy Control at the Edge}, journal = {IEEE Security \& Privacy }, volume = {20}, year = {2022}, month = {01/2022}, pages = {23 - 32}, publisher = {IEEE}, abstract = {
This article introduces a privacy manager for IoT data based on Edge Computing. This poses the advantage that privacy is enforced before data leaves the control of the user, who is provided with a tool to express data sharing preferences based on a novel context-aware privacy language.
}, issn = {1540-7993}, doi = {10.1109/MSEC.2021.3101865}, author = {Ruben Rios and Jose A. Onieva and Rodrigo Roman and Javier Lopez} } @inproceedings {AntonioMunoz2005a, title = {Perfiles Seguros para Comercio Movil}, booktitle = {III Simposio Espa{\~n}ol de Comercio Electronico (SCE{\textquoteright}05)}, year = {2005}, pages = {235-244}, publisher = {Universitat de les Illes Balears}, organization = {Universitat de les Illes Balears}, abstract = {Los escenarios de comercio m{\'o}vil existentes en la actualidad presentan muchas deficiencias. La mayor{\'\i}a de estos escenarios, como no podr{\'\i}a ser de otra forma, tienen en cuenta aspectos relativos a la seguridad, prestando especial atenci{\'o}n a las propiedades de Autenticaci{\'o}n y Autorizaci{\'o}n. De entre los elementos esenciales que se utilizan para proporcionar estos servicios de seguridad, los perfiles son un elemento com{\'u}n que permiten la personalizaci{\'o}n de los servicios del usuario m{\'o}vil. Sin embargo, los perfiles tambi{\'e}n precisan de una administraci{\'o}n segura. En este trabajo presentamos unas consideraciones iniciales respecto a los distintos tipos de perfiles, sus niveles de seguridad para cada tipo, as{\'\i} como indicaciones para el almacenamiento de manera segura. Por lo tanto, analizaremos las distintas alternativas como medio de almacenamiento, discuti{\'e}ndolas y prestando especial atenci{\'o}n a las tarjetas inteligentes.
}, author = {Mu{\~n}oz, Antonio and Jose A. Onieva and Javier Lopez} } @inproceedings {Zhou2004, title = {Protecting Free Roaming Agents against Result-Truncation Attack}, booktitle = {60th IEEE Vehicular Technology Conference (VTC{\textquoteright}04)}, year = {2004}, pages = {3271-3274}, publisher = {IEEE Vehicular Technology Society Press}, organization = {IEEE Vehicular Technology Society Press}, abstract = {Mobile agents are especially useful in electronic commerce, for both wired and wireless environments. Nevertheless, there are still many security issues on mobile agents to be addressed, for example, data confidentiality, non-repudiability, forward privacy, publicly verifiable forward integrity, insertion defense, truncation defense, etc. One of the hardest security problems for free roaming agents is truncation defense where two visited hosts (or one revisited host) can collude to discard the partial results collected between their respective visits. We present a new scheme satisfying those security requirements, especially protecting free roaming agents against result-truncation attack.
}, keywords = {cryptographic protocol, mobile agent, Secure electronic commerce}, author = {Jianying Zhou and Jose A. Onieva and Javier Lopez} } @inproceedings {Onieva2003a, title = {Practical Service Charge for P2P Content Distribution}, booktitle = {Fifth International Conference on Information and Communications Security}, series = {LNCS}, volume = {2836}, year = {2003}, month = {October}, pages = {112 - 123}, publisher = {Springer}, organization = {Springer}, abstract = {With emerging decentralized technologies, peer-to-peer (P2P) content distribution arises as a new model for storage and transmission of data. In this scenario, one peer can be playing different roles, either as a distributor or as a receiver of digital contents. In order to incentivize the legal distribution of these contents and prevent the network from free riders, we propose a charging model where distributors become merchants and receivers become customers. To help in the advertisement of digital contents and collection of payment details, an intermediary agent is introduced. An underlying P2P payment protocol presented in [1] is applied to this scenario without total trust on the intermediary agent.
}, author = {Jose A. Onieva and Jianying Zhou and Javier Lopez} }