@inproceedings {nunez2017sistema, title = {Sistema de Acceso Delegado a Informaci{\'o}n Cifrada para Apache Hadoop}, booktitle = {III Jornadas Nacionales de Investigaci{\'o}n en Ciberseguridad}, year = {2017}, month = {06/2017}, pages = {174-175}, publisher = {URJC}, organization = {URJC}, address = {Madrid}, abstract = {

En este art{\'\i}culo presentamos un sistema que permite delegaci{\'o}n de acceso a informaci{\'o}n cifrada para Apache Hadoop, de forma segura y transparente al usuario. Para ello usamos t{\'e}cnicas criptogr{\'a}ficas avanzadas basadas en el recifrado delegado.\ Con este sistema, es posible almacenar en Hadoop los datos de forma cifrada y delegar de forma segura el acceso a los nodos de computaci{\'o}n.\ El funcionamiento es transparente ya que se integra con la capa del sistema de ficheros nativa HDFS.\ Adem{\'a}s, el recifrado delegado permite hacer rotaci{\'o}n de claves de cifrado de forma segura y r{\'a}pida.

}, keywords = {Big Data, Cryptography, Hadoop, proxy re-encryption}, isbn = {978-84-608-4659-8}, url = {http://hdl.handle.net/10115/14540}, author = {David Nu{\~n}ez and Isaac Agudo and Michael Egorov and MacLane Wilkison} } @inproceedings {neumann2012strong, title = {Strong Authentication of Humans and Machines in Policy Controlled Cloud Computing Environment Using Automatic Cyber Identity}, booktitle = {Information Security Solutions Europe 2012}, year = {2012}, month = {2012}, pages = {195-206}, publisher = {Springer Vieweg}, organization = {Springer Vieweg}, address = {Brussels, Belgium}, abstract = {

The paper describes the experience with integration of automatic cyber identity technology with policy controlled virtualisation environment. One identity technology has been used to enable strong authentication of users (human beings) as well as machines (host systems) to the virtualization management system. The real experimental evaluation has been done in PASSIVE project (Policy-Assessed system-level Security of Sensitive Information processing in Virtualised Environments - SEVENTH FRAMEWORK PROGRAMME THEME ICT-2009.1.4 INFORMATION AND COMMUNICATION TECHNOLOGIES - Small or medium-scale focused research project - Grant agreement no.: 257644).

}, isbn = {978-3-658-00332-6}, doi = {10.1007/978-3-658-00333-3_19}, author = {Neumann Libor and Tomas Halman and Rotek Pavel and Alexander Boettcher and Julian Stecklina and Michal Sojka and David Nu{\~n}ez and Isaac Agudo}, editor = {Norbert Pohlmann and Helmut Reimer and Wolfgang Schneider} } @article {Agudo2010b, title = {A Scale Based Trust Model for Multi-Context Environments}, journal = {Computers and Mathematics with Applications}, volume = {60}, year = {2010}, month = {July}, pages = {209-216}, publisher = {Elsevier}, abstract = {

When interactions among users of a system have to take place, for example, over the internet, establishing trust relationships among these users becomes crucial. However, the way this trust is established depends to a certain extent on the context where the interactions take place. Most of the time, trust is encoded as a numerical value that might not be very meaningful for a not very experienced user. In this paper we propose a model that takes into account the semantic and the computational sides of trust. This avoids users having to deal directly with the computational side; they instead deal with meaningful labels such as Bad or Good in a given context.

}, issn = {0898-1221}, doi = {10.1016/j.camwa.2010.02.009}, author = {Isaac Agudo and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {vivas09, title = {Security Assurance During the Software Development Process}, booktitle = {International Conference on Computer Systems and Technologies (CompSysTech09)}, year = {2009}, pages = {11.7.1-11.7.6}, publisher = {ACM}, organization = {ACM}, address = {Ruse (Bulgary)}, abstract = {

Assurance has been a major topic for critical systems. Assurance is usually associated with safety conditions but has also an important role for checking security requirements. Security is best assured if it is addressed holistically, systematically, and from the very beginning in the software{\textquoteright}s development process. We propose to integrate assurance and system development by letting the different stages of the system development life-cycle be mapped to the structure of the assurance case.

}, isbn = {978-1-60558-986-2}, doi = {10.1145/1731740.1731763}, author = {Jose L. Vivas and Isaac Agudo and Javier Lopez} } @inproceedings {Marquez2008, title = {Secure Real-Time Integration of Services in a OSGi Distributed Environment}, booktitle = {Fourth International Conference on Networked Computing and Advanced Information Management (NCM{\textquoteright}08)}, volume = {1}, year = {2008}, month = {September}, pages = {631-635}, publisher = {IEEE}, organization = {IEEE}, address = {Gyeongju, South Korea}, abstract = {This paper presents a service oriented architecture for real-time integration of services, how to distribute them in a local domain and how to define a secure way of accessing resources using users{\textquoteright} and services{\textquoteright} authorization and authentication. This work take advantage of previous European R amp;D projects focused on del.ivering applications and utilities in embedded real-time environments and the convergence of different worlds like Internet and digital TV.}, keywords = {authentication, authorisation, authorization, digital TV, embedded real-time environments, embedded systems, Internet, message authentication, open systems, OSGi distributed environment, secure real-time integration, service oriented architecture, software architecture}, isbn = {978-0-7695-3322-3}, doi = {10.1109/NCM.2008.173}, author = {Jose Manuel Marquez and Javier Jimenez and Isaac Agudo} } @inproceedings {Agudo2004, title = {Specification and formal verification of security requirements}, booktitle = {5th international conference on Computer systems and technologies (CompSysTech {\textquoteright}04)}, year = {2004}, pages = {1-6}, publisher = {ACM}, organization = {ACM}, address = {Rousse, Bulgaria}, abstract = {With the grown of internet and distributed applications, security requirements are going inherent to the software development process. Each time one communicates with some other one there are relevant security risk that must be taken in account. This is what is happening in the new soft-ware applications using client/server architecture. We propose including security requirements at the top level of development process, together with functional requirements because they are much related. With this information we are able to extract all communication protocols that are involved in our application and their associated security goals. This is the input to a verification phase in which we look for security flaws. The last step, and the more useful (and the not yet finished) is to use this information to modify our initial specification at the top level of the development process}, isbn = {954-9641-38-4}, doi = {10.1145/1050330.1050440}, author = {Isaac Agudo and Javier Lopez} }