@inproceedings {Garcia2023, title = {MAS para la convergencia de opiniones y detecci{\'o}n de anomal{\'\i}as en sistemas ciberf{\'\i}sicos distribuidos}, booktitle = {VIII Jornadas Nacionales de Investigaci{\'o}n en Ciberseguridad (JNIC)}, year = {In Press}, month = {06/2023}, address = {Vigo}, keywords = {Detecci{\'o}n avanzada, din{\'a}micas de opiniones, machine-learning, sistemas ciberf{\'\i}sicos, Sistemas multi-agente}, author = {Alberto Garcia and Cristina Alcaraz and Javier Lopez} } @inproceedings {morales2023metacom, title = {Integration of MPC into Besu through an extended private transaction model}, booktitle = {IEEE International Conference on Metaverse Computing, Networking and Applications}, year = {2023}, month = {06/2023}, address = {Kyoto, Japan}, abstract = {In the last few years we have seen many different approaches to incorporate privacy features to blockchains. In the area of cryptocurrencies that would normally mean protecting the identity of the owner of some funds, but there are other applications where privacy is even more important, especially in permissioned blockchains. Permissioned blockchain platforms, such as Hyperledger Besu or Hyperledger Fabric, already include the concept of private transactions, which essentially defines a sub-group of the blockchain where their participants share some private data. We want to go one step ahead and propose an extended model for private transactions where the different participants can have a separated view of the same transaction, allowing the integration of Multi-party Computation protocols in the blockchain. Our work extends Hyperledger Besu{\textquoteright}s design for private transactions, offering better security properties and a finer grain customization. We cover two specific MPC examples, Private Set Intersection and Byzantine Fault-Tolerant Random Number Generation, and propose a mechanism to run them using smart contract interfaces. }, keywords = {blockchain, hyperledger besu, privacy, secure multi-party computation}, author = {Daniel Morales and Isaac Agudo and Javier Lopez} } @inproceedings {Alcaraz2022c, title = {Collaborative anomaly detection system for charging stations}, booktitle = {The 27th European Symposium on Research in Computer Security (ESORICS 2022)}, volume = {13555}, year = {2022}, month = {09/2022}, pages = {716{\textendash}736}, publisher = {Springer, Cham}, organization = {Springer, Cham}, abstract = {

In recent years, the deployment of charging infrastructures has been increasing exponentially due to the high energy demand of electric vehicles, forming complex charging networks. These networks pave the way for the emergence of new unknown threats in both the energy and transportation sectors. Economic damages and energy theft are the most frequent risks in these environments. Thus, this paper aims to present a solution capable of accurately detecting unforeseen events and possible fraud threats that arise during charging sessions at charging stations through the current capabilities of the Machine Learning (ML) algorithms. However, these algorithms have the drawback of not fitting well in large networks and generating a high number of false positives and negatives, mainly due to the mismatch with the distribution of data over time. For that reason, a Collaborative Anomaly Detection System for Charging Stations (here referred to as CADS4CS) is proposed as an optimization measure. CADS4CS has a central analysis unit that coordinates a group of independent anomaly detection systems to provide greater accuracy using a voting algorithm. In addition, CADS4CS has the feature of continuously retraining ML models in a collaborative manner to ensure that they are adjusted to the distribution of the data. To validate the approach, different use cases and practical studies are addressed to demonstrate the effectiveness and efficiency of the solution.

}, keywords = {Charging station, Collaborative anomaly detection, Machine Learning, Voting system}, doi = {https://doi.org/10.1007/978-3-031-17146-8_35}, author = {Jesus Cumplido and Cristina Alcaraz and Javier Lopez} } @inproceedings {1990, title = {Configuration vulnerability in SNORT for Windows operating systems}, booktitle = {2022 IEEE International Conference on Cyber Security and Resilience (IEEE CSR)}, year = {2022}, month = {08/2022}, pages = {82-89}, publisher = {IEEE}, organization = {IEEE}, address = {https://www.ieee-csr.org}, abstract = {

Cyber-attacks against Industrial Control Systems (ICS) can lead to catastrophic events which can be prevented by the use of security measures such as the Intrusion Prevention Systems (IPS). In this work we experimentally demonstrate how to exploit the configuration vulnerabilities of SNORT one of the most adopted IPSs to significantly degrade the effectiveness of the IPS and consequently allowing successful cyber-attacks. We illustrate how to design a batch script able to retrieve and modify the configuration files of SNORT in order to disable its ability to detect and block Denial of Service (DoS) and ARP poisoning-based Man-In-The-Middle (MITM) attacks against a Programmable Logic Controller (PLC) in an ICS network. Experimental tests performed on a water distribution testbed show that, despite the presence of IPS, the DoS and ARP spoofed packets reach the destination causing respectively the disconnection of the PLC from the ICS network and the modification of packets payload.

}, isbn = {978-1-6654-9952-1}, doi = {https://doi.org/10.1109/CSR54599.2022.9850309}, url = {https://ieeexplore.ieee.org/document/9850309}, author = {Luca Faramondi and Marta Grassi and Simone Guarino and Roberto Setola and Cristina Alcaraz} } @inproceedings {1989, title = {Implicaciones de seguridad en MAS Desplegados en Infraestructuras de Carga basadas en OCPP}, booktitle = {VII Jornadas Nacionales en Investigaci{\'o}n en Ciberseguridad (JNIC 2022)}, year = {2022}, month = {06/2022}, pages = {172-179}, abstract = {

El inter{\'e}s actual por desplegar infraestructuras de carga de veh{\'\i}culos el{\'e}ctricos para el ahorro energ{\'e}tico y la sostenibilidad es cada vez m{\'a}s palpable, lo que llama la atenci{\'o}n a muchas comunidades, especialmente a la cient{\'\i}fica, para explorar, entre otras cosas, la influencia de las nuevas tecnolog{\'\i}as de informaci{\'o}n en los procesos operacionales. Teniendo en cuenta este escenario, este art{\'\i}culo, por tanto, analiza c{\'o}mo el uso de los sistemas de multi-agente pueden beneficiar las tareas de monitorizaci{\'o}n, mantenimiento y de seguridad, y propone una arquitectura espec{\'\i}fica en base a los actores especificados en el protocolo OCPP (Open Charge Point Protocol). Esta arquitectura constituye la base para analizar los diversos tipos de amenazas que agentes software pueden sufrir, clasific{\'a}ndolas de acuerdo a las caracter{\'\i}sticas funcionales e interacciones con los diversos elementos de la infraestructura. Esta agrupaci{\'o}n y el conjunto de ataques abordados est{\'a}n basados en el SP-800-19 definido por el National Institute of Standards and Technology, y formalizados siguiendo la metodolog{\'\i}a de {\'a}rboles de ataque. El estudio revela la importancia que tiene analizar los riesgos que esta tecnolog{\'\i}a puede traer a este escenario, proporcionando, adem{\'a}s, un conjunto de recomendaciones que sirvan de gu{\'\i}a para aplicaciones futuras.

}, isbn = {978-84-88734-13-6}, author = {Cristina Alcaraz and Alberto Garcia and Javier Lopez} } @inproceedings {morales2022cc, title = {Real-time Crowd Counting based on Wearable Ephemeral IDs}, booktitle = {19th International Conference on Security and Cryptography (SECRYPT 2022)}, year = {2022}, month = {07/2022}, pages = {249-260}, publisher = {Scitepress}, organization = {Scitepress}, address = {Lisbon}, abstract = {Crowd Counting is a very interesting problem aiming at counting people typically based on density averages and/or aerial images. This is very useful to prevent crowd crushes, especially on urban environments with high crowd density, or to count people in public demonstrations. In addition, in the last years, it has become of paramount importance for pandemic management. For those reasons, giving users automatic mechanisms to anticipate high risk situations is essential. In this work, we analyze ID-based Crowd Counting, and propose a real-time Crowd Counting system based on the Ephemeral ID broadcast by contact tracing applications on wearable devices. We also performed some simulations that show the accuracy of our system in different situations. }, keywords = {Crowd Counting, IDS, Pandemics, privacy, Secure Multiparty computation}, isbn = {978-989-758-590-6}, issn = {2184-7711}, doi = {10.5220/0011327200003283}, author = {Daniel Morales and Isaac Agudo and Javier Lopez} } @inproceedings {1846, title = {Distributed Detection of APTs: Consensus vs. Clustering}, booktitle = {25th European Symposium on Research in Computer Security (ESORICS 2020)}, volume = {12308}, year = {2020}, month = {09/2020}, pages = {174-192}, keywords = {Advanced Persistent Threat, clustering, consensus, distributed detection, Opinion Dynamics, Traceability}, isbn = {978-3-030-58951-6}, doi = {https://doi.org/10.1007/978-3-030-58951-6_9}, author = {Juan E. Rubio and Cristina Alcaraz and Ruben Rios and Rodrigo Roman and Javier Lopez} } @inproceedings {1840, title = {Game Theory-Based Approach for Defense against APTs}, booktitle = {18th International Conference on Applied Cryptography and Network Security (ACNS{\textquoteright}20)}, volume = {12147}, year = {2020}, month = {10/2020}, pages = {297-320}, publisher = {Springer}, organization = {Springer}, isbn = {978-3-030-57878-7}, doi = {https://doi.org/10.1007/978-3-030-57878-7_15}, author = {Juan E. Rubio and Cristina Alcaraz and Javier Lopez} } @inproceedings {1978, title = {Comunicaciones VoIP cifradas usando Intel SGX}, booktitle = {V Jornadas Nacionales de Investigaci{\'o}n en Ciberseguridad (JNIC)}, year = {2019}, month = {06/2019}, abstract = {

Cada d{\'\i}a es m{\'a}s frecuente encontrar servicios en internet gestionados desde plataformas online y con la expansi{\'o}n de la tecnolog{\'\i}a IoT, los smartphones, las smartTV\ y otros tantos dispositivos: la autenticaci{\'o}n, la distribuci{\'o}n y al fin y al cabo, la comunicaci{\'o}n entre extremos puede verse seriamente comprometida si dicha plataforma es atacada. La inclusi{\'o}n de nuevas medidas de seguridad en este tipo de ecosistemas requiere de un cambios sustancial de la arquitectura subyacente en muchos casos, por lo que su avance es lento.\ 
En este trabajo se trata de forma concreta el desarrollo de una alternativa OpenSource\ a uno de estos servicios, la telefon{\'\i}a IP (VoIP), que esta expandi{\'e}ndose cada d{\'\i}a m{\'a}s, empezando por redes locales y privadas y llegando a grandes centralitas de conmutaci{\'o}n de tele operadoras, consiguiendo as{\'\i} una transmisi{\'o}n de voz segura extremo a extremo transparente para los servidores VoIP, que no requiera modificar la infraestructura subyacente.

}, author = {Ra{\'u}l Oca{\~n}a and Isaac Agudo} } @inproceedings {1985, title = {Desarrollo de un sem{\'a}foro inteligente basado en comunicaciones seguras}, booktitle = {XIV Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL 2019)}, year = {2019}, month = {10/2019}, abstract = {

En los nuevos paradigmas de movilidad surgidos durante los {\'u}ltimos a{\~n}os y en aquellos a{\'u}n por llegar ha quedado patente la necesidad de modernizar la infraestructura viaria y los elementos de se{\~n}alizaci{\'o}n y gesti{\'o}n del tr{\'a}fico. En el presente trabajo se presenta una propuesta para esta nueva generaci{\'o}n de dispositivos de gesti{\'o}n del tr{\'a}fico: un prototipo de sem{\'a}foro inteligente conectado que implementa diversas medidas de seguridad. Adem{\'a}s de las tradicionales se{\~n}ales luminosas, los usuarios de la v{\'\i}a pueden conocer a trav{\'e}s de sus dispositivos el estado del sem{\'a}foro, adem{\'a}s de otra informaci{\'o}n complementaria a trav{\'e}s de la difusi{\'o}n de mensajes BLE firmados con criptograf{\'\i}a de curva el{\'\i}ptica. A su vez, el sem{\'a}foro puede ser gestionado remotamente a trav{\'e}s de la tecnolog{\'\i}a LTE Cat M1 protegida por TLS. Esto abre la puerta, entre otros, a facilitar el tr{\'a}nsito de los veh{\'\i}culos de emergencia cuando estos se acercan a un cruce o modificar el tiempo de los estados del ciclo en funci{\'o}n de las necesidades del tr{\'a}fico.

}, author = {Isaac Agudo and Manuel Montenegro-G{\'o}mez} } @inproceedings {RubioESORICS2019, title = {Enhancing Security and Dependability of Industrial Networks with Opinion Dynamics}, booktitle = {European Symposium on Research in Computer Security (ESORICS2019)}, volume = {11736}, year = {2019}, month = {09/2019}, pages = {263-280}, doi = {https://doi.org/10.1007/978-3-030-29962-0_13}, author = {Juan E. Rubio and Mark Manulis and Cristina Alcaraz and Javier Lopez} } @inproceedings {1835, title = {Personalized Computer Security Tasks with Automatic Evaluation and Feedback}, booktitle = {International Conference on Information Systems Education and Research (AIS SIGED 2019)}, year = {2019}, month = {12/2019}, keywords = {autonomy, evaluation, feedback, learn by doing, Moodle, self-learning}, isbn = {978-1-7343123-0-0}, author = {Isaac Agudo and Ruben Rios and Ana Nieto} } @inproceedings {morales2019, title = {Prueba de concepto de Autoridad de Certificaci{\'o}n usando Computaci{\'o}n Segura Multiparte}, booktitle = {XIV Jornadas de Ingenier{\'\i}a Telem{\'a}tica}, year = {2019}, month = {10/2019}, pages = {50-53}, address = {Zaragoza}, abstract = {Este trabajo pretende analizar el paradigma de la Computaci{\'o}n Segura Multiparte y sus posibles aplicaciones en el campo de la criptograf{\'\i}a. Se plantea como modelo alternativo, mas escalable y seguro al uso de m{\'o}dulos hardware de seguridad para aplicaciones que requieran de Terceras Partes Confiables. Concretamente, se ha integrado un protocolo de criptograf{\'\i}a RSA multiparte con la librer{\'\i}a certbuilder, para la creaci{\'o}n de certificados X.509. De esta forma se asegura que la creaci{\'o}n de los certificados ra{\'\i}z de la Infraestructura de Clave Publica se realiza de forma que la generaci{\'o}n de claves y firma de este se ejecute {\'\i}ntegramente sobre el sistema multiparte, con un modelo de tres partes que trabaja con circuitos aritm{\'e}ticos, sin que ninguna de ellas, de forma aislada, tenga posibilidad de comprometer la clave privada correspondiente. Para comprobar la viabilidad del sistema se han realizado pruebas de generaci{\'o}n de certificados con diferentes longitudes de clave, siendo el proceso determinante la creaci{\'o}n de las claves. Los elevados tiempos hacen que una aplicaci{\'o}n como esta no sea asumible en otros escenarios, pero creemos que para el caso de la creaci{\'o}n de los certificados ra{\'\i}z de una infraestructura de clave p{\'u}blica las garant{\'\i}as avanzadas de seguridad compensan el tiempo extra. }, keywords = {privacy, Secure Multiparty computation}, isbn = {978-84-09-21112-8}, doi = {10.26754/uz.978-84-09-21112-8}, author = {Daniel Morales and Isaac Agudo} } @inproceedings {1815, title = {SealedGRID: A Secure Interconnection of Technologies for Smart Grid Applications}, booktitle = {14th International Conference on Critical Information Infrastructures Security (CRITIS 2019)}, volume = {11777}, year = {2019}, month = {12/2019}, pages = {169-175}, publisher = {Springer, Cham}, organization = {Springer, Cham}, abstract = {

In recent years, the Smart Grid has increasingly integrated cutting-edge technologies that generate several benefits for all the stakeholders involved, such as a more accurate billing system and enhanced Demand Response procedures. However, this modernization also brings with it diverse cyber security and privacy issues, which sets the necessity for developing a security platform specifically tailored to this scenario. In this paper, we present SealedGRID, which proposes a flexible architecture that provides security services at all levels by implementing Trusted Execution Environments on their devices, together with advanced authentication and authorization mechanisms, as well as privacy preserving techniques. These technologies are presented in depth and a final security analysis is conducted, which highlights the contributions of this project.

}, isbn = {978-3-030-37669-7}, doi = {https://doi.org/10.1007/978-3-030-37670-3_14}, author = {Aristeidis Farao and Juan E. Rubio and Cristina Alcaraz and Christoforos Ntantogian and Christos Xenakis and Javier Lopez} } @inproceedings {1692, title = {Addressing Security in OCPP: Protection Against Man-in-the-Middle Attacks}, booktitle = {9th IFIP International Conference on New Technologies, Mobility \& Security}, year = {2018}, author = {Juan E. Rubio and Cristina Alcaraz and Javier Lopez} } @inproceedings {1709, title = {Analyzing cross-platform attacks: towards a three-actor approach}, booktitle = {The 16th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2018)}, year = {2018}, month = {08/2018}, pages = {536-543}, abstract = {


In the current telecommunications landscape, different devices, systems and platforms are constantly communicating with each other. This heterogeneous environment creates the perfect situation for attacks to pass from one platform to another. This is a particularly worrying scenario, because of the new technologies being used (such as network slicing in 5G), the increasing importance of connected devices in our lives (IoT), and the unpredictable consequences that an attack of this type could have. The current approaches in attack analysis do not take into account these sitations, and the attacker/victim paradigm usually followed may fall short when dealing with these attacks. Thus, in this paper, an architecture for the analysis of cross-platform attacks will be presented, aiming to help understand better this kind of threats and offering solutions to mitigate and track them.

}, isbn = {978-1-5386-7518-2}, doi = {10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00102}, author = {Antonio Acien and Ana Nieto and Javier Lopez} } @inproceedings {CRAT2018, title = {Capture the RAT: Proximity-based Attacks in 5G using the Routine Activity Theory}, booktitle = {The 16th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2018)}, year = {2018}, month = {08/2018}, pages = {520-527}, publisher = {IEEE}, organization = {IEEE}, address = {Athens, Greece}, abstract = {

The fifth generation of cellular networks (5G) will enable different use cases where security will be more critical than ever before (e.g. autonomous vehicles and critical IoT devices). Unfortunately, the new networks are being built on the certainty that security problems can not be solved in the short term. Far from reinventing the wheel, one of our goals is to allow security software developers to implement and test their reactive solutions for the capillary network of 5G devices. Therefore, in this paper a solution for analysing proximity-based attacks in 5G environments is modelled and tested using OMNET++. The solution, named CRAT, is able to decouple the security analysis from the hardware of the device with the aim to extend the analysis of proximity-based attacks to different use-cases in 5G. We follow a high-level approach, in which the devices can take the role of victim, offender and guardian following the principles of the routine activity theory.\ 

}, isbn = {978-1-5386-7518-2}, doi = {10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00100}, url = {https://ieeexplore.ieee.org/document/8511943}, author = {Ana Nieto and Antonio Acien and Javier Lopez} } @inproceedings {1701, title = {A comprehensive methodology for deploying IoT honeypots}, booktitle = {15th International Conference on Trust, Privacy and Security in Digital Business (TrustBus 2018)}, volume = {LNCS 11033}, year = {2018}, month = {09/2018}, pages = {229{\textendash}243}, publisher = {Springer Nature Switzerland AG}, organization = {Springer Nature Switzerland AG}, address = {Regensburg (Germany)}, abstract = {

Recent news have raised concern regarding the security on the IoT field. Vulnerabilities in devices are arising and honeypots are an excellent way to cope with this problem. In this work, current solutions for honeypots in the IoT context, and other solutions adaptable to it are analyzed in order to set the basis for a methodology that allows deployment of IoT honeypot.

}, keywords = {Honeypot, IoT, methodology, security}, doi = {https://doi.org/10.1007/978-3-319-98385-1_16}, author = {Antonio Acien and Ana Nieto and Gerardo Fernandez and Javier Lopez} } @inproceedings {1706, title = {Definici{\'o}n de procedimientos para fabricar honeypots IoT basados en criterios de b{\'u}squeda}, booktitle = {XV Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n}, year = {2018}, month = {10/2018}, address = {Granada (Espa{\~n}a)}, abstract = {

Con la revoluci{\'o}n tecnol{\'o}gica que ha supuesto la Internet de las Cosas (Internet of Things, IoT) se han presentado escenarios donde la preocupaci{\'o}n por la seguridad en dicho entorno es cada vez m{\'a}s relevante. Est{\'a}n comenzando a surgir vulnerabilidades en varios dispositivos, y los sistemas trampa son una excelente manera de lidiar con este problema. En este trabajo se analizan soluciones para honeypots en el entorno IoT (y en otros que se puedan adaptar) para sentar las bases de una metodolog{\'\i}a que permita el despliegue de honeypots IoT.

}, isbn = {978-84-09-02463-6}, author = {Antonio Acien and Ana Nieto and Gerardo Fernandez and Javier Lopez} } @inproceedings {1699, title = {Modelo para la clasificaci{\'o}n y an{\'a}lisis de ataques Cross-Platform}, booktitle = {IV Jornadas Nacionales de Investigaci{\'o}n en Ciberseguridad (JNIC 2018)}, year = {2018}, month = {06/2018}, publisher = {Servicio Editorial de Mondragon Unibertsitatea}, organization = {Servicio Editorial de Mondragon Unibertsitatea}, address = {Donostia-San Sebasti{\'a}n (Espa{\~n}a)}, abstract = {

Los ataques cross-platform suponen un serio desaf{\'\i}o para los mecanismos de seguridad cuando los portadores de un ataque dirigido no son conscientes de su participacion en el mismo. Es por ello que, con dispositivos y tecnolog{\'\i}as cada vez mas entrelazadas, en constante comunicaci{\'o}n, numerosos ataques pasan desapercibidos hasta que alcanzan su objetivo final. Estos nuevos escenarios hacen posible una v{\'\i}a de transmision a tener en cuenta, y que se debe abordar cuanto antes, ya que sus consecuencias, especialmente en el panorama de telecomunicaciones actual, podr{\'\i}an ser desoladoras. La rapida transmisi{\'o}n de estos ataques, y la dificultad que supone su prevencion, detecci{\'o}n y mitigaci{\'o}n antes de que se hagan efectivos, hacen que el problema sea particularmente preocupante. En este art{\'\i}culo se presentar{\'a} una arquitectura para el analisis de los ataques cross-platform silenciosos, cuyo objetivo es ayudar a comprender mejor este tipo de amenazas y ofrecer soluciones que permitan mitigarlas y rastrearlas.

}, keywords = {architecture, attack, Cross-platform, security}, isbn = {978-84-09-02697-5}, url = {http://2018.jnic.es/assets/Actas_JNIC2018.pdf}, author = {Antonio Acien and Ana Nieto and Javier Lopez} } @inproceedings {RubioRomanAlcarazZhang2018, title = {Tracking Advanced Persistent Threats in Critical Infrastructures through Opinion Dynamics}, booktitle = {European Symposium on Research in Computer Security (ESORICS 2018)}, volume = {11098}, year = {2018}, month = {08/2018}, pages = {555-574}, publisher = {Springer}, organization = {Springer}, address = {Barcelona, Spain}, abstract = {

Advanced persistent threats pose a serious issue for modern industrial environments, due to their targeted and complex attack vectors that are difficult to detect. This is especially severe in critical infrastructures that are accelerating the integration of IT technologies. It is then essential to further develop effective monitoring and response systems that ensure the continuity of business to face the arising set of cyber-security threats. In this paper, we study the practical applicability of a novel technique based on opinion dynamics, that permits to trace the attack throughout all its stages along the network by correlating different anomalies measured over time, thereby taking the persistence of threats and the criticality of resources into consideration. The resulting information is of essential importance to monitor the overall health of the control system and correspondingly deploy accurate response procedures.

}, keywords = {Advanced Persistent Threat, Detection, Opinion Dynamics, Traceability}, doi = {10.1007/978-3-319-99073-6_27}, url = {https://link.springer.com/chapter/10.1007/978-3-319-99073-6_27}, author = {Juan E. Rubio and Rodrigo Roman and Cristina Alcaraz and Yan Zhang} } @inproceedings {1662, title = {Analysis of Intrusion Detection Systems in Industrial Ecosystems}, booktitle = {14th International Conference on Security and Cryptography (SECRYPT 2017)}, volume = {6}, year = {2017}, pages = {116-128}, publisher = {SciTePress}, organization = {SciTePress}, isbn = {978-989-758-259-2}, doi = {10.5220/0006426301160128}, author = {Juan E. Rubio and Cristina Alcaraz and Rodrigo Roman and Javier Lopez} } @inproceedings {1653, title = {Estado y Evoluci{\'o}n de la Detecci{\'o}n de Intrusiones en los Sistemas Industriales}, booktitle = {III Jornadas Nacionales de Investigaci{\'o}n en Ciberseguridad (JNIC 2017)}, year = {2017}, abstract = {

Debido a la necesidad de proteger los sistemas\ industriales ante amenazas, se hace necesario comprender cual\ es el verdadero alcance de los mecanismos capaces de detectar\ potenciales anomal{\'\i}as e intrusiones. Es por tanto el objetivo de\ este art{\'\i}culo analizar el estado y la evoluci{\'o}n, tanto acad{\'e}mica\ como industrial, de los mecanismos de detecci{\'o}n de intrusiones\ en este campo, as{\'\i}\ como estudiar su aplicabilidad actual y futura.

}, author = {Cristina Alcaraz and Jes{\'u}s Rodriguez and Roman, Rodrigo and Juan E. Rubio} } @inproceedings {nunez2017fallout, title = {The fallout of key compromise in a proxy-mediated key agreement protocol}, booktitle = {31st Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec{\textquoteright}17)}, volume = {LNCS 10359}, year = {2017}, month = {07/2017}, pages = {453-472}, publisher = {Springer}, organization = {Springer}, address = {Philadelphia, USA}, abstract = {

In this paper, we analyze how key compromise affects the protocol by Nguyen et al. presented at ESORICS 2016, an authenticated key agreement protocol mediated by a proxy entity, restricted to only symmetric encryption primitives and intended for IoT environments. This protocol uses long-term encryption tokens as intermediate values during encryption and decryption procedures, which implies that these can be used to encrypt and decrypt messages without knowing the cor- responding secret keys. In our work, we show how key compromise (or even compromise of encryption tokens) allows to break forward secu- rity and leads to key compromise impersonation attacks. Moreover, we demonstrate that these problems cannot be solved even if the affected user revokes his compromised secret key and updates it to a new one. The conclusion is that this protocol cannot be used in IoT environments, where key compromise is a realistic risk.\ 

}, isbn = {978-3-319-61176-1}, doi = {10.1007/978-3-319-61176-1_25}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {RubioAlcarazLopez2017ESORICS, title = {Preventing Advanced Persistent Threats in Complex Control Networks}, booktitle = {European Symposium on Research in Computer Security}, volume = {10493}, year = {2017}, month = {09/2017}, pages = {402-418}, publisher = {22nd European Symposium on Research in Computer Security (ESORICS 2017)}, organization = {22nd European Symposium on Research in Computer Security (ESORICS 2017)}, author = {Juan E. Rubio and Cristina Alcaraz and Javier Lopez} } @inproceedings {1600, title = {Selecting Privacy Solutions to Prioritise Control in Smart Metering Systems}, booktitle = {The 11th International Conference on Critical Information Infrastructures Security}, volume = {10242}, year = {2017}, pages = {176-188}, abstract = {

The introduction of the Smart Grid brings with it several benefits to society, because its bi-directional communication allows both users and utilities to have better control over energy usage. However, it also has some privacy issues with respect to the privacy of the customers when analysing their consumption data. In this paper we review the main privacy-preserving techniques that have been proposed and compare their efficiency, to accurately select the most appropriate ones for undertaking control operations. Both privacy and performance are essential for the rapid adoption of Smart Grid technologies.

}, keywords = {and Metering, Control, Data privacy, Smart Grid}, author = {Juan E. Rubio and Cristina Alcaraz and Javier Lopez} } @inproceedings {nunez2017sistema, title = {Sistema de Acceso Delegado a Informaci{\'o}n Cifrada para Apache Hadoop}, booktitle = {III Jornadas Nacionales de Investigaci{\'o}n en Ciberseguridad}, year = {2017}, month = {06/2017}, pages = {174-175}, publisher = {URJC}, organization = {URJC}, address = {Madrid}, abstract = {

En este art{\'\i}culo presentamos un sistema que permite delegaci{\'o}n de acceso a informaci{\'o}n cifrada para Apache Hadoop, de forma segura y transparente al usuario. Para ello usamos t{\'e}cnicas criptogr{\'a}ficas avanzadas basadas en el recifrado delegado.\ Con este sistema, es posible almacenar en Hadoop los datos de forma cifrada y delegar de forma segura el acceso a los nodos de computaci{\'o}n.\ El funcionamiento es transparente ya que se integra con la capa del sistema de ficheros nativa HDFS.\ Adem{\'a}s, el recifrado delegado permite hacer rotaci{\'o}n de claves de cifrado de forma segura y r{\'a}pida.

}, keywords = {Big Data, Cryptography, Hadoop, proxy re-encryption}, isbn = {978-84-608-4659-8}, url = {http://hdl.handle.net/10115/14540}, author = {David Nu{\~n}ez and Isaac Agudo and Michael Egorov and MacLane Wilkison} } @inproceedings {Ifip15, title = {A4Cloud Workshop: Accountability in the Cloud}, booktitle = {IFIP Sumer School 2015 on Privacy and Identity Management. Time for a Revolution?}, volume = {476}, year = {2016}, month = {07/2016}, pages = {61-78}, publisher = {AICT Series, Springer}, organization = {AICT Series, Springer}, address = {Edinburgh (United Kingdon)}, author = {Carmen Fernandez-Gago and Siani Pearson and Michela D{\textquoteright}Errico and Rehab Alnemr and Tobias Pulls and Anderson Santana de Oliveira} } @inproceedings {1585, title = {Dynamic Restoration in Interconnected RBAC-based Cyber-Physical Control Systems}, booktitle = {Proceedings of the 13th International Joint Conference on e-Business and Telecommunications (SECRYPT 2016)}, year = {2016}, month = { 2016}, pages = {19-27}, address = {Lisboa}, abstract = {

Increasingly, automatic restoration is an indispensable security measure in control systems (e.g. those used in\ critical infrastructure sectors) due to the importance of ensuring the functionality of monitoring infrastructures.\ Modernizing the interconnection of control systems to provide interoperability between different networks, at\ a low cost, is also a critical requirement in control systems. However, automated recovery mechanisms are\ currently costly, and ensuring interoperability particularly at a low cost remains a topic of scientific challenge.\ This is the gap we seek to address in this paper. More specifically, we propose a restoration model for interconnected\ contexts, taking into account the theory of supernode and structural controllability, as well as the\ recommendations given by the IEC-62351-8 standard (which are mainly based on the implementation of a\ role-based access control system).

}, isbn = {978-989-758-196-0}, doi = {10.5220/0005942000190027}, author = {Cristina Alcaraz and Javier Lopez and Kim-Kwang Raymond Choo} } @inproceedings {nunez2016nuevas, title = {Nuevas nociones de seguridad y transformaciones gen{\'e}ricas para criptosistemas de recifrado delegado}, booktitle = {XIV Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n}, year = {2016}, month = {10/2016}, pages = {174-179}, address = {Mah{\'o}n, Menorca, Islas Baleares}, abstract = {

El recifrado delegado (proxy re-encryption) es un tipo de cifrado de clave p{\'u}blica que permite delegar la capacidad de transformar textos cifrados de una clave p{\'u}blica a otra, sin que se pueda obtener ninguna informaci{\'o}n sobre el mensaje subyacente. Por este motivo, representa un candidato natural para construir mecanismos criptogr{\'a}ficos de control de acceso. En este art{\'\i}culo estudiamos algunos de los problemas de seguridad de este tipo de criptosistemas. En primer lugar, examinamos las nociones de seguridad e identificamos una nueva familia param{\'e}trica de modelos de ataque, que considera la disponibilidad tanto del or{\'a}culo de descifrado como de recifrado. En segundo lugar, estudiamos la aplicabilidad de transformaciones gen{\'e}ricas para mejorar la seguridad, centr{\'a}ndonos en la transformaci{\'o}n Fujisaki-Okamoto, y formulamos las condiciones que nos permiten aplicarla.

}, keywords = {proxy re-encryption}, isbn = { 978-84-608-9470-4}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {1598, title = {Safeguarding Structural Controllability in Cyber-Physical Control Systems}, booktitle = {The 21st European Symposium on Research in Computer Security (ESORICS 2016)}, volume = {9879}, year = {2016}, pages = {471-489}, publisher = {Springer}, organization = {Springer}, address = {Crete, Greece}, abstract = {

Automatic restoration of control wireless networks based on dynamic\ cyber-physical systems has become a hot topic in recent years, since most of their\ elements tend to have serious vulnerabilities that may be exploited by attackers.\ In fact, any exploitation may rapidly extend to the entire control network due to\ its problem of non-locality, where control properties of a system and its structural\ controllability can disintegrate over time. Unfortunately, automated self-healing\ processes may become costly procedures in which the reliability of the strategies\ and the time-critical of any recovery of the control can become key factors to\ re-establish the control properties in due time. This operational need is precisely\ the aim of this paper, in which four reachability-based recovery strategies from\ a thereotical point of view are proposed so as to find the best option/s in terms\ of optimization, robustness and complexity. To do this, new definitions related to\ structural controllability in relation to the type of distribution of the network and\ its control load capacity are given in this paper, resulting in an interesting practical\ study.

}, keywords = {Control systems, cyber-physical systems, restoration, self-healing, structural controllability}, isbn = {978-3-319-45741-3}, author = {Cristina Alcaraz and Javier Lopez} } @inproceedings {agudo2016technique, title = {A Technique for Enhanced Provision of Appropriate Access to Evidence across Service Provision Chains}, booktitle = {10th International IFIP Summer School on Privacy and Identity Management}, year = {2016}, pages = {187-204}, abstract = {

Transparency and verifiability are necessary aspects of accountability, but care needs to be taken that auditing is done in a privacy friendly way. There are situations where it would be useful for certain actors to be able to make restricted views within service provision chains on accountability evidence, including logs, available to other actors with specific governance roles. For example, a data subject or a Data Protection Authority (DPA) might want to authorize an accountability agent to act on their behalf, and be given access to certain logs in a way that does not compromise the privacy of other actors or the security of involved data processors. In this paper two cryptographic-based techniques that may address this issue are proposed and assessed.

}, isbn = {978-3-319-41762-2}, doi = {10.1007/978-3-319-41763-9_13}, author = {Isaac Agudo and Ali El Kaafarani and David Nu{\~n}ez and Siani Pearson} } @inproceedings {931, title = {Context-Awareness using Anomaly-based Detectors for Smart Grid Domains}, booktitle = {9th International Conference on Risks and Security of Internet and Systems }, volume = {8924}, year = {2015}, month = {04/2015}, pages = {17-34}, publisher = {Springer International Publishing}, organization = {Springer International Publishing}, address = {Trento}, abstract = {

Anomaly-based detection applied in strongly interdependent systems, like Smart Grids, has become one of the most challenging research areas in recent years. Early detection of anomalies so as to detect and prevent unexpected faults or stealthy threats is attracting a great deal of attention from the scientific community because it offers potential solutions for context-awareness. These solutions can also help explain the conditions leading up\ to a given situation and help determine the degree of its severity. However, not all the existing approaches within the literature are equally effective in covering the needs of a particular scenario. It is necessary to explore the control requirements of the domains that comprise a Smart Grid, identify, and even select, those approaches according to these requirements and the intrinsic conditions related to the application context, such as technological heterogeneity and complexity. Therefore, this paper analyses the functional features of existing anomaly-based approaches so as to adapt them, according to the aforementioned conditions. The result of this investigation is a guideline for the construction of preventive solutions that will help improve the context-awareness in the control of Smart Grid domains in the near future.

}, keywords = {Context-Awareness, Control systems, Prevention, Smart Grid}, isbn = {978-3-319-17126-5}, doi = {10.1007/978-3-319-17127-2_2}, url = {http://link.springer.com/chapter/10.1007\%2F978-3-319-17127-2_2$\#$}, author = {Cristina Alcaraz and Lorena Cazorla and Gerardo Fernandez} } @inproceedings {alcaraz2013controla, title = {Multi-Round Attacks on Structural Controllability Properties for Non-Complete Random Graphs}, booktitle = {The 16th Information Security Conference (ISC)}, volume = {7807}, year = {2015}, month = {09/2015}, pages = {140{\textendash}151}, publisher = {Springer}, organization = {Springer}, address = {Springer International Publishing Switzerland}, abstract = {

\ The notion of controllability, informally the ability to force a system\ into a desired state in a finite time or number of steps, is most closely associated with control systems such as those used to maintain power networks and other critical infrastructures, but has wider relevance in distributed systems. It is clearly highly desirable to understand under which conditions attackers may be able to disrupt legitimate control, or to force overriding controllability themselves. Following recent results by Liu et al., there has been considerable interest also in graph-theoretical interpretation of Kalman controllability originally introduced by Lin, structural controllability. This permits the identification of sets of driver nodes with the desired state-forcing property, but determining such nodes\ is aW[2]-hard problem. To extract these nodes and represent the control relation, here we apply the POWER DOMINATING SET problem and investigate the effects of targeted iterative multiple-vertex removal. We report the impact that different attack strategies with multiple edge and vertex removal will have, based on underlying non-complete graphs, with an emphasis on power-law random graphs with different degree sequences.

}, doi = {10.1007/978-3-319-27659-5 10}, author = {Cristina Alcaraz and Estefania Etcheves Miciolino and Stephen Wolthusen} } @inproceedings {nunez2015ntrureencrypt, title = {NTRUReEncrypt: An Efficient Proxy Re-Encryption Scheme Based on NTRU}, booktitle = {10th ACM Symposium on Information, Computer and Communications Security (AsiaCCS)}, year = {2015}, month = {04/2015}, pages = {179-189}, abstract = {

The use of alternative foundations for constructing more secure and efficient cryptographic schemes is a topic worth exploring. In the case of proxy re-encryption, the vast majority of schemes are based on number theoretic problems such as the discrete logarithm. In this paper we present NTRUReEncrypt, a new bidirectional and multihop proxy re-encryption scheme based on NTRU, a widely known lattice-based cryptosystem. We provide two versions of our scheme: the first one is based on the conventional NTRU encryption scheme and, although it lacks a security proof, remains as efficient as its predecessor; the second one is based on a variant of NTRU proposed by Stehl{\'e} and Steinfeld, which is proven CPA-secure under the hardness of the Ring-LWE problem. To the best of our knowledge, our proposals are the first proxy re-encryption schemes to be based on the NTRU primitive. In addition, we provide experimental results to show the efficiency of our proposal, as well as a comparison with previous proxy re-encryption schemes, which confirms that our first scheme outperforms the rest by an order of magnitude.

}, isbn = {978-1-4503-3245-3}, doi = {10.1145/2714576.2714585}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {nunez2015parametric, title = {A Parametric Family of Attack Models for Proxy Re-Encryption}, booktitle = {28th IEEE Computer Security Foundations Symposium}, series = {CSF{\textquoteright}15}, year = {2015}, month = {07/2015}, pages = {290-301}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Verona, Italy}, abstract = {

Proxy Re-Encryption (PRE) is a type of Public-Key Encryption (PKE) which provides an additional re-encryption functionality. Although PRE is inherently more complex than PKE, attack models for PRE have not been developed further than those inherited from PKE. In this paper we address this gap and define a parametric family of attack models for PRE, based on the availability of both the decryption and re-encryption oracles during the security game. This family enables the definition of a set of intermediate security notions for PRE that ranges from {\textquoteleft}{\textquoteleft}plain{\textquoteright}{\textquoteright} IND-CPA to {\textquoteleft}{\textquoteleft}full{\textquoteright}{\textquoteright} IND-CCA. We analyze some relations among these notions of security, and in particular, the separations that arise when the re-encryption oracle leaks re-encryption keys. In addition, we discuss which of these security notions represent meaningful adversarial models for PRE. Finally, we provide an example of a recent {\textquoteleft}{\textquoteleft}CCA1- secure{\textquoteright}{\textquoteright} scheme from PKC 2014 whose security model does not capture chosen-ciphertext attacks through re-encryption and for which we describe an attack under a more realistic security notion. This attack emphasizes the fact that PRE schemes that leak re-encryption keys cannot achieve strong security notions.

}, isbn = { 978-1-4673-7538-2}, issn = {1063-6900}, doi = {10.1109/CSF.2015.27}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {1516, title = {Tools for Cloud Accountability: A4Cloud Tutorial}, booktitle = {9th IFIP Summer School on Privacy and Identity Management for the Future Internet in the Age of Globalisation}, volume = {457}, year = {2015}, pages = {219-236}, publisher = {Springer IFIP AICT}, organization = {Springer IFIP AICT}, address = {Patras (Greece)}, abstract = {

Cloud computing is becoming a key IT infrastructure technology being adopted progressively by companies and users. Still, there are issues and uncertainties surrounding its adoption, such as security and how users data is dealt with that require attention from developers, researchers, providers and users. The A4Cloud project tries to help solving the problem of accountability in the cloud by providing tools that support the process of achieving accountability. This paper presents the contents of the first A4Cloud tutorial. These contents include basic concepts and tools developed within the project. In particular, we will review how metrics can aid the accountability process and some of the tools that the A4Cloud project will produce such as the Data Track Tool (DTT) and the Cloud Offering Advisory Tool (COAT).

}, isbn = {978-3-319-18620-7}, issn = {978-3-319-18621-4}, doi = {10.1007/978-3-319-18621-4_15}, author = {Carmen Fernandez-Gago and Vasilis Tountopoulos and Simone Fischer-H{\"u}bner and Rehab Alnemr and David Nu{\~n}ez and Julio Angulo and Tobias Pulls and Theo Koulouris} } @inproceedings {nunez2014delegated, title = {Delegated Access for Hadoop Clusters in the Cloud}, booktitle = {IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2014)}, year = {2014}, month = {12/2014}, pages = {374-379}, publisher = {IEEE}, organization = {IEEE}, address = {Singapore}, abstract = {

Among Big Data technologies, Hadoop stands out for its capacity to store and process large-scale datasets. However, although Hadoop was not designed with security in mind, it is widely used by plenty of organizations, some of which have strong data protection requirements. Traditional access control solutions are not enough, and cryptographic solutions must be put in place to protect sensitive information. In this paper, we describe a cryptographically-enforced access control system for Hadoop, based on proxy re-encryption. Our proposed solution fits in well with the outsourcing of Big Data processing to the cloud, since information can be stored in encrypted form in external servers in the cloud and processed only if access has been delegated. Experimental results show that the overhead produced by our solution is manageable, which makes it suitable for some applications.

}, isbn = {978-1-4799-4093-6}, doi = {10.1109/CloudCom.2014.50}, url = {http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\&arnumber=7037691}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {430, title = {Recovery of Structural Controllability for Control Systems}, booktitle = {Eighth IFIP WG 11.10 International Conference on Critical Infrastructure Protection, SRI International, Arlington, Virginia, USA }, volume = {441}, year = {2014}, pages = {47-63}, publisher = {Springer}, organization = {Springer}, address = {Arlington, Virginia, USA}, abstract = {

Fundamental problems in control systems theory are controllability and observability, and designing control systems so that these properties are satisfied or approximated sufficiently. However, it is prudent to as- sume that an attacker will not only be able to subvert measurements but also control the system. Moreover, an advanced adversary with an understanding of the control system may seek to take over control of the entire system or parts thereof, or deny the legitimate operator this capability. The effectiveness of such attacks has been demonstrated in previous work. Indeed, these attacks cannot be ruled out given the likely existence of unknown vulnerabilities, increasing connectivity of nominally air-gapped systems and supply chain issues. The ability to rapidly recover control after an attack has been initiated and to detect an adversary{\textquoteright}s presence is, therefore, critical. This paper focuses on the problem of structural controllability, which has recently attracted substantial attention through the equivalent problem of the power dom- inating set introduced in the context of electrical power network control. However, these problems are known to be NP-hard with poor approx- imability. Given their relevance to many networks, especially power networks, this paper studies strategies for the efficient restoration of controllability following attacks and attacker-defender interactions in power-law networks.\ 

}, keywords = {Control systems, power domination, resilience, structural controllability}, isbn = {978-3-662-45354-4}, issn = {1868-4238}, doi = {http://dx.doi.org/10.1007/978-3-662-45355-1_4}, author = {Cristina Alcaraz and Stephen Wolthusen} } @inproceedings {nunez2013leveraging, title = {Leveraging Privacy in Identity Management as a Service through Proxy Re-Encryption}, booktitle = {Ph.D Symposium of the European Conference on Service-Oriented and Cloud Computing (ESOCC) 2013}, year = {2013}, month = {September 2013}, address = {M{\'a}laga, Spain}, abstract = {

The advent of cloud computing has provided the opportunity to externalize the identity management processes, shaping what has been called Identity Management as a Service (IDaaS). However, as in the case of other cloud-based services, IDaaS brings with it great concerns regarding security and privacy, such as the loss of control over the outsourced data. As part of this PhD thesis, we analyze these concerns and propose BlindIdM, a model for privacy-preserving IDaaS with a focus on data privacy protection through the use of proxy re-encryption.

}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {alcaraz2011critis, title = {PDR: A Prevention, Detection and Response Mechanism for Anomalies in Energy Control Systems}, booktitle = {7th International Conference on Critical Information Infrastructures Security (CRITIS 2012)}, volume = {7722}, year = {2013}, pages = {22{\textendash}33}, address = {Lillehammer, Norway}, abstract = {

\ Prevention, detection and response are nowadays considered to be three priority topics for protecting critical infrastructures, such as energy control systems. Despite attempts to address these current issues, there is still a particular lack of investigation in these areas, and in particular in dynamic and automatic proactive solutions. In this paper we propose a mechanism, which is called PDR, with the capability of anticipating anomalies, detecting anomalous behaviours and responding to them in a timely manner. PDR is based on a conglomeration of technologies and on a set of essential components with the purpose of offering situational awareness irrespective of where the system is located. In addition, the mechanism can also compute its functional capacities by evaluating its efficacy and precision in the prediction and detection of disturbances. With this, the entire system is able to know the real reliability of its services and its activity in remote substations at all times.

}, author = {Cristina Alcaraz and Meltem Sonmez} } @inproceedings {1810, title = {Structural Controllability of Networks for Non-Interactive Adversarial Vertex Removal}, booktitle = {8th International Conference on Critical Information Infrastructures Security}, volume = {8328}, year = {2013}, pages = {120-132}, publisher = {Springer}, organization = {Springer}, address = {Amsterdam, The Netherlands}, abstract = {

The problem of controllability of networks arises in a number of different\ domains, including in critical infrastructure systems where control must be\ maintained continuously. Recent work by Liu et al. has renewed interest in the\ seminal work by Lin on structural controllability, providing a graph-theoretical\ interpretation. This allows the identification of driver nodes capable of forcing the\ system into a desired state, which implies an obvious target for attackers wishing\ to disrupt the network control. Several methods for identifying driver nodes\ exist, but require undesirable computational complexity. In this paper, we therefore\ investigate the ability to regain or maintain controllability in the presence\ of adversaries able to remove vertices and implicit edges of the controllability\ graph. For this we rely on the POWER DOMINATING SET (PDS) formulation for\ identifying the control structure and study different attack strategies for multiple\ network models. As the construction of a PDS for a given graph is not unique,\ we further investigate different strategies for PDS construction, and provide a\ simulative evaluation.

}, issn = {0302-9743}, doi = {http://link.springer.com/chapter/10.1007\%2F978-3-319-03964-0_11}, author = {Cristina Alcaraz and Estefania Etcheves Miciolino and Stephen Wolthusen} } @inproceedings {1805, title = {Towards Automatic Critical Infrastructure Protection through Machine Learning}, booktitle = {8th International Conference on Critical Information Infrastructures Security}, volume = {8328}, year = {2013}, pages = {197-203}, publisher = {Springer}, organization = {Springer}, address = {Amsterdam, The Netherlands}, abstract = {

Critical Infrastructure Protection (CIP) faces increasing challenges in number and in sophistication, which makes vital to provide new forms of protection to face every day{\textquoteright}s threats. In order to make such protection holistic, covering all the needs of the systems from the point of view of security, prevention aspects and situational awareness should be considered. Researchers and Institutions stress the need of providing intelligent and automatic solutions for\ protection, calling our attention to the need of providing Intrusion Detection Systems (IDS) with intelligent active reaction capabilities. In this paper, we support the need of automating the processes implicated in the IDS solutions of the critical infrastructures and theorize that the introduction of Machine Learning (ML) techniques in IDS will be helpful for implementing automatic adaptable solutions\ capable of adjusting to new situations and timely reacting in the face of threats and anomalies. To this end, we study the different levels of automation that the IDS can implement, and outline a methodology to endow critical scenarios with preventive automation. Finally, we analyze current solutions presented in the literature and contrast them against the proposed methodology

}, issn = {0302-9743}, doi = {http://link.springer.com/chapter/10.1007\%2F978-3-319-03964-0_18}, author = {Lorena Cazorla and Cristina Alcaraz and Javier Lopez} } @inproceedings {moyano2013ifiptm, title = {Towards Trust-Aware and Self-Adaptive Systems}, booktitle = {7th IFIP WG 11.11 International Conference on Trust Management (IFIPTM 2013)}, series = {AICT}, volume = {401}, year = {2013}, month = {Jun 2013}, pages = {255-262}, publisher = {Springer}, organization = {Springer}, address = {Malaga}, abstract = {

The Future Internet (FI) comprises scenarios where many heterogeneous and dynamic entities must interact to provide services (e.g., sensors, mobile devices and information systems in smart city scenarios). The dynamic conditions under which FI applications must execute call for self-adaptive software to cope with unforeseeable changes in the application environment. Software engineering currently provides frameworks to develop reasoning engines that automatically take reconfiguration decisions and that support the runtime adaptation of distributed, heterogeneous applications. However, these frameworks have very limited support to address security concerns of these application, hindering their usage for FI scenarios. We address this challenge by enhancing self-adaptive systems with the concepts of trust and reputation. Trust will improve decision-making processes under risk and uncertainty, in turn improving security of self-adaptive FI applications. This paper presents an approach that includes a trust and reputation framework into a platform for adaptive, distributed component-based systems, thus providing software components with new abilities to include trust in their reasoning process.

}, isbn = {978-3-642-38323-6}, issn = {1868-4238}, doi = {10.1007/978-3-642-38323-6}, author = {Francisco Moyano and Benoit Baudry and Javier Lopez}, editor = {Carmen Fernandez-Gago and Isaac Agudo and Fabio Martinelli and Siani Pearson} } @inproceedings {1729, title = {Addressing Situational Awareness in Critical Domains of a Smart Grid}, booktitle = {6th International Conference on Network and System Security (NSS 2012)}, series = {LNCS 7645}, volume = {7645}, year = {2012}, month = {November 2012}, pages = {58-71}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Wu Yi Shan, Fujian, China}, abstract = {

Control and situational awareness are two very important aspects within critical control systems, since potential faults or anomalous behaviors could lead to serious consequences by hiding the real status of supervised critical infrastructures. Examples of these infrastructures are energy generation, transmission or distribution systems that belong to Smart Grid systems. Given the importance of these systems for social welfare and its economy, a situational awareness-based model, composed of a set of current technologies, is proposed in this paper. The model focuses on addressing and offering a set of minimum services for protection, such as prevention, detection, response, self-evaluation and maintenance, thereby providing a desirable protection in unplanned situations.

}, issn = {978-3-642-34600-2}, doi = {http://dx.doi.org/10.1007/978-3-642-34601-9_5}, author = {Cristina Alcaraz and Javier Lopez} } @inproceedings {Rios2012b, title = {Adecuaci{\'o}n de soluciones de anonimato al problema de la privacidad de localizaci{\'o}n en WSN}, booktitle = {XII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (RECSI 2012)}, year = {2012}, month = {Sep 2012}, pages = {309-314}, address = {Donostia-San Sebasti{\'a}n}, abstract = {

Los patrones de tr{\'a}fico caracter{\'\i}sticos de las redes inal{\'a}mbricas de sensores (WSNs) dan lugar al problema de la privacidad de localizaci{\'o}n. De manera similar, el tr{\'a}fico de los usuarios en Internet revela informaci{\'o}n sensible que puede ser protegida mediante sistemas de comunicaci{\'o}n an{\'o}nima (ACS). Por ello, este trabajo analiza la posibilidad de adaptar las soluciones de anonimato tradicionales al problema particular de las redes de sensores. Hasta el momento estas soluciones hab{\'\i}an sido rechazadas sin un an{\'a}lisis riguroso, argumentando simplemente que eran demasiado exigentes computacionalmente para los nodos sensores. Nuestros resultados demuestran que, en general, algunos ACS no cumplen los requisitos de privacidad necesarios en WSNs mientras que otros, que si los cumplen, se valen de una cantidad de recursos que superan la capacidad de los sensores.

}, isbn = {978-84-615-9933-2}, author = {Ruben Rios and Javier Lopez}, editor = {U. Zurutuza and R. Uribeetxeberria and I. Arenaza-Nu{\~n}o} } @inproceedings {onieva2012, title = {Como proteger la privacidad de los usuarios en Internet. Verificaci{\'o}n an{\'o}nima de la mayor{\'\i}a de edad}, booktitle = {XII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n - RECSI 2012}, year = {2012}, month = {Sep 2012}, pages = {297-302}, publisher = {Mondragon}, organization = {Mondragon}, address = {San Sebastian (Spain)}, isbn = {978-84-615-9933-2}, author = {Jose A. Onieva and Isaac Agudo and Javier Lopez and G. Drapper-Gil and M.F. Hinarejos} } @inproceedings {nunez2012integrating, title = {Integrating OpenID with Proxy Re-Encryption to enhance privacy in cloud-based identity services}, booktitle = {IEEE CloudCom 2012}, year = {2012}, month = {Dec 2012}, pages = {241 - 248}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Taipei, Taiwan}, abstract = {

The inclusion of identity management in the cloud computing landscape represents a new business opportunity for providing what has been called Identity Management as a Service (IDaaS). Nevertheless, IDaaS introduces the same kind of problems regarding privacy and data confidentiality as other cloud services; on top of that, the nature of the outsourced information (users{\textquoteright} identity) is critical. Traditionally, cloud services (including IDaaS) rely only on SLAs and security policies to protect the data, but these measures have proven insufficient in some cases; recent research has employed advanced cryptographic mechanisms as an additional safeguard. Apart from this, there are several identity management schemes that could be used for realizing IDaaS systems in the cloud; among them, OpenID has gained crescent popularity because of its open and decentralized nature, which makes it a prime candidate for this task. In this paper we demonstrate how a privacy-preserving IDaaS system can be implemented using OpenID Attribute Exchange and a proxy re-encryption scheme. Our prototype enables an identity provider to serve attributes to other parties without being able to read their values. This proposal constitutes a novel contribution to both privacy and identity management fields. Finally, we discuss the performance and economical viability of our proposal.

}, keywords = {Cloud Computing, Cryptography, identity management, OpenID, privacy, proxy re-encryption}, isbn = {978-1-4673-4511-8}, issn = {978-1-4673-4509-5}, doi = {10.1109/CloudCom.2012.6427551}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {alcaraz2012b, title = {Smart Grid Privacy: Issues and Solutions}, booktitle = {21st International Conference on Computer Communications and Networks (ICCCN)}, year = {2012}, month = {Jul 2012}, pages = {1-5}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Munich, Germany}, abstract = {

Migration to an electronically controlled electrical grid to transmit, distribute, and deliver power to consumers has helped enhance the reliability and efficiency of conventional electricity systems. At the same time, this digitally enabled technology called the Smart Grid has brought new challenges to businesses and consumers alike. A key component of such a grid is the smart-metering technology, which is used to collect energy consumption data from homes and transmitting it back to power distributors. A crucial concern is the privacy related to the collection and use of energy consumption data. We present an analysis of Smart Grid privacy issues and discuss recently proposed solutions that can protect the privacy of Smart Grid users.

}, keywords = {Computer architecture, Data privacy, Electricity, Home appliances, privacy, security, Smart grids}, isbn = {978-1-4673-1543-2}, doi = {10.1109/ICCCN.2012.6289304}, url = {http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=\&arnumber=6289304\&contentType=Conference+Publications\&openedRefinements\%3D*\%26pageNumber\%3D7\%26rowsPerPage\%3D100\%26queryText\%3D\%28smart+grid\%29}, author = {F. Siddiqui and S. Zeadally and Cristina Alcaraz and S. Galvao} } @inproceedings {neumann2012strong, title = {Strong Authentication of Humans and Machines in Policy Controlled Cloud Computing Environment Using Automatic Cyber Identity}, booktitle = {Information Security Solutions Europe 2012}, year = {2012}, month = {2012}, pages = {195-206}, publisher = {Springer Vieweg}, organization = {Springer Vieweg}, address = {Brussels, Belgium}, abstract = {

The paper describes the experience with integration of automatic cyber identity technology with policy controlled virtualisation environment. One identity technology has been used to enable strong authentication of users (human beings) as well as machines (host systems) to the virtualization management system. The real experimental evaluation has been done in PASSIVE project (Policy-Assessed system-level Security of Sensitive Information processing in Virtualised Environments - SEVENTH FRAMEWORK PROGRAMME THEME ICT-2009.1.4 INFORMATION AND COMMUNICATION TECHNOLOGIES - Small or medium-scale focused research project - Grant agreement no.: 257644).

}, isbn = {978-3-658-00332-6}, doi = {10.1007/978-3-658-00333-3_19}, author = {Neumann Libor and Tomas Halman and Rotek Pavel and Alexander Boettcher and Julian Stecklina and Michal Sojka and David Nu{\~n}ez and Isaac Agudo}, editor = {Norbert Pohlmann and Helmut Reimer and Wolfgang Schneider} } @inproceedings {Moyano_ESSoS12, title = {A Task Ordering Approach for Automatic Trust Establishment}, booktitle = {Proceedings of the 2012 International Symposium on Engineering Secure Software and Systems (ESSoS 2012)}, series = {LNCS}, volume = {7159}, year = {2012}, month = {Feb 2012}, pages = {76{\textendash}89}, publisher = {Springer}, organization = {Springer}, address = {Eindhoven, The Netherlands}, abstract = {

Trust has become essential in computer science as a way of assisting the process of decision-making, such as access control. In any system, several tasks may be performed, and each of these tasks might pose different associated trust values between the entities of the system. For instance, in a file system, reading and overwriting a file are two tasks that pose different trust values between the users who can carry out these tasks. In this paper, we propose a simple model for automatically establishing trust relationships between entities considering an established order among tasks.

}, keywords = {task ordering, trust evaluation, trust graph}, doi = {10.1007/978-3-642-28166-2_8}, author = {Francisco Moyano and Carmen Fernandez-Gago and Isaac Agudo and Javier Lopez}, editor = {Gilles Barthe and Ben Livshits and Riccardo Scandariato} } @inproceedings {Najera_JITEL11, title = {Acceso seguro a nodos RFID en una arquitectura de red personal}, booktitle = {X Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL 2011)}, year = {2011}, month = {09/2011}, pages = {104 - 111}, publisher = {Universidad de Cantabria}, organization = {Universidad de Cantabria}, address = {Santander, Spain}, abstract = {

El paradigma de red personal (PN) permitir\á la interacci\ón y colaboraci\ón del creciente abanico de dispositivos personales. Con tal fin la PN ha de integrar en su seno m\últiples tecnolog\ías heterog\éneas con diversas capacidades computacionales y de comunicaci\ón de forma segura. En particular, la incorporaci\ón de la tecnolog\ía RFID en objetos personales conlleva m\últiples riesgos de seguridad y privacidad que han suscitado un elevado inter\és de la comunidad investigadora en los \últimos a\ños. M\ás all\á de su seguridad de forma aislada, su integraci\ón en la PN y la interacci\ón de \ésta con redes de \área extensa como Internet of Things requieren una arquitectura de red personal adecuada para tal contexto. Este art\ículo proporciona los fundamentos de tal arquitectura segura incluyendo el an\álisis de aspectos como la incorporaci\ón e inicializaci\ón de las restringidas etiquetas RFID en la red personal, la autenticaci\ón tanto de miembros de la PN como de usuarios y servicios remotos en su acceso a las tecnolog\ías de contexto, el control de las pol\íticas de privacidad y el establecimiento de canales seguros de comunicaci\ón supervisados.

}, keywords = {arquitectura software, red personal, Seguridad RFID}, isbn = {978-84-694-5948-5}, author = {Pablo Najera and Rodrigo Roman and Javier Lopez}, editor = {Klaus Hackbarth and Ram{\'o}n Ag{\"u}ero and Roberto Sanz} } @inproceedings {agudo2011cryptography, title = {Cryptography Goes to the Cloud}, booktitle = {1st International Workshop on Security and Trust for Applications in Virtualised Environments (STAVE 2011)}, series = {Communications in Computer and Information Science}, volume = {187}, year = {2011}, month = {June}, pages = {190-197}, publisher = {Springer}, organization = {Springer}, abstract = {

In this paper we identify some areas where cryptography can help a rapid adoption of cloud computing. Although secure storage has already captured the attention of many cloud providers, offering a higher level of protection for their customer{\textquoteright}s data, we think that more advanced techniques such as searchable encryption and secure outsourced computation will become popular in the near future, opening the doors of the Cloud to customers with higher security requirements.

}, isbn = {978-3-642-22364-8}, doi = {10.1007/978-3-642-22365-5_23}, author = {Isaac Agudo and David Nu{\~n}ez and Gabriele Giammatteo and Panagiotis Rizomiliotis and Costas Lambrinoudakis}, editor = {Changhoon Lee and Jean-Marc Seigneur and James J. Park and Roland R. Wagner} } @inproceedings {DNunez11, title = {Identity Management Challenges for Intercloud Applications}, booktitle = {1st International Workshop on Security and Trust for Applications in Virtualised Environments (STAVE 2011)}, volume = {187}, year = {2011}, month = {June}, pages = {198-204}, address = {Crete (Greece)}, abstract = {

Intercloud notion is gaining a lot of attention lately from both enterprise and academia, not only because of its benefits and expected results but also due to the challenges that it introduces regarding interoperability and standardisation. Identity management services are one of the main candidates to be outsourced into the Intercloud, since they are one of the most common services needed by companies and organisations. This paper addresses emerging identity management challenges that arise in intercloud formations, such as naming, identification, interoperability, identity life cycle management and single sign-on.

}, doi = {10.1007/978-3-642-22365-5_24}, author = {David Nu{\~n}ez and Isaac Agudo and Prokopios Drogkaris and Stefanos Gritzalis} } @inproceedings {1643, title = {Managing Incidents in Smart Grids {\`a} la Cloud}, booktitle = {IEEE CloudCom 2011}, year = {2011}, month = {Nov-Dec 2011}, pages = {527-531}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Athens, Greece}, abstract = {

During the last decade, the Cloud Computing paradigm has emerged as a panacea for many problems in traditional IT infrastructures. Much has been said about the potential of Cloud Computing in the Smart Grid context, but unfortunately it is still relegated to a second layer when it comes to critical systems. Although the advantages of outsourcing those kind of applications to the cloud is clear, data confidentiality and operational privacy stand as mayor drawbacks. In this paper, we try to give some hints on which security mechanisms and more specific, which cryptographic schemes, will help a better integration of Smart Grids and Clouds. We propose the use of Virtual SCADA in the Cloud (VS-Cloud) as a mean to improve reliability and efficiency whilst maintaining the same protection level as in traditional SCADA architectures.

}, keywords = {Cloud Computing, Cryptography, Incident Management, SCADA Systems, Searchable Encryption, Smart Grid}, isbn = {978-0-7695-4622-3}, doi = {10.1109/CloudCom.2011.79}, author = {Cristina Alcaraz and Isaac Agudo and David Nu{\~n}ez and Javier Lopez} } @inproceedings {6059235, title = {OSAMI Commons: An open dynamic services platform for ambient intelligence}, booktitle = {IEEE 16th Conference on Emerging Technologies Factory Automation (ETFA 2011)}, year = {2011}, month = {Sep 2011}, pages = {1-10}, publisher = {IEEE}, organization = {IEEE}, address = {Toulouse, France}, abstract = {

Today we live in an environment surrounded with networked converging devices. Human computer interactions are becoming personalized and a new concept of a global and cross-domain platform is emerging to exploit the full potential of the network in all business areas. In this convergence process, the software platform should be able to personalize itself dynamically in devices according to the context. OSAmI-Commons, an ITEA2 project for developing an open-source common approach to such a dynamic service-based platform, allows any type of device to connect and exchange information and services. OSAMI consortium is contributing to defining the foundations of a cross-platform open-services ecosystem. The sustainability of this platform is an objective beyond the project duration.

}, isbn = {978-1-4577-0016-3}, issn = {1946-0740}, doi = {10.1109/ETFA.2011.6059235}, author = {Naci Dai and Jesus Bermejo and Felix Cuadrado Latasa and Alejandra Ruiz L{\'o}pez and Isaac Agudo and Elmar Zeeb and Jan Krueger and Oliver Dohndorf and Wolfgang Thronicke and Christoph Fiehe and Anna Litvina} } @inproceedings {Roman11SK, title = {SenseKey - Simplifying the Selection of Key Management Schemes for Sensor Networks}, booktitle = {5th International Symposium on Security and Multimodality in Pervasive Environments (SMPE{\textquoteright}11)}, year = {2011}, month = {March}, publisher = {IEEE}, organization = {IEEE}, address = {Singapore}, abstract = {

Key Management Schemes (KMS) are a very important security mechanism for Wireless Sensor Networks (WSN), as they are used to manage the credentials (i.e. secret keys) that are needed by the security primitives. There is a large number of available KMS protocols in the literature, but it is not clear what should network designers do to choose the most suitable protocol for the needs of their applications. In this paper, we consider that given a certain set of application requirements, the network designer can check which properties comply with those requirements and select the KMS protocols that contains those particular properties. Therefore, we study the relationship between requirements and properties, and we provide a web tool, the SenseKey tool, that can be used to automatically obtain an optimal set of KMS protocols.

}, doi = {10.1109/WAINA.2011.78}, url = {http://www.ftrai.org/smpe2011/}, author = {Rodrigo Roman and Javier Lopez and Cristina Alcaraz and Hsiao Hwa Chen} } @inproceedings {Alcaraz2010, title = {Acceso seguro a redes de sensores en SCADA a trav{\'e}s de Internet}, booktitle = {XI Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (RECSI 2010)}, year = {2010}, month = {September}, pages = {337-342}, address = {Tarragona (Spain)}, abstract = {

Las Infraestructuras Cr\íticas (ICs) son monitorizadas por sistemas altamente complejos, conocidos como sistemas SCADA (Sistemas de Control y Adquisici\ón de Datos), cuyo principal soporte se encuentra en las subestaciones, las cuales miden de primera instancia el estado real de tales ICs. Para mejorar este control, la industria est\á actualmente demandando la integraci\ón en el modelo tradicional de dos avances tecnol\ógicos: Internet y las redes de sensores inal\ámbricas. Sin embargo, su incorporaci\ón requiere analizar los requisitos de seguridad que surgen en dicho contexto, as\í como diversos aspectos correlacionados (ej. mantenimiento, rendimiento, seguridad y optimizaci\ón) y, en base a estos, la estrategia de integraci\ón m\ás adecuada para satisfacer dichos requisitos. Este art\ículo proporciona dicho an\álisis en profundidad con el fin de ofrecer un modelo de integraci\ón seguro adecuado para entornos cr\íticos.

}, keywords = {el Internet, Internet of Things, Redes Mesh Inal{\'a}mbrica de Sensores, Sistemas Cr{\'\i}ticos de Control, Sistemas SCADA}, isbn = {978-84-693-3304-4}, url = {http://crises-deim.urv.cat/recsi2010/}, author = {Cristina Alcaraz and Rodrigo Roman and Pablo Najera and Javier Lopez} } @inproceedings {Agudo2010, title = {Distribuci{\'o}n segura de componentes software basada en OpenID}, booktitle = {XI Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (RECSI 2010)}, year = {2010}, month = {September}, address = {Tarragona, Spain}, abstract = {

En la actualidad, cada vez son m\ás frecuentes los ataques software mediante la utilizaci\ón de malware o sustituci\ón de programas (o componentes) en los repositorios a los cuales los usuarios finales (o m\áquinas) acceden. Esta situaci\ón se ve de alguna manera acentuada con el dinamismo existente en la programaci\ón y ejecuci\ón de estos componentes, en la que distintos desarrolladores pueden participar para desplegar un determinado servicio o parte de \él. Por ello, en este art\ículo se presenta una soluci\ón para la distribuci\ón de c\ódigo de forma segura usando OpenID y firmas con certificados de clave p\ública de corta duraci\ón. De esta forma, se consigue un compromiso de seguridad que permite distribuir c\ódigo firmado sin la necesidad de que los desarrolladores dispongan a priori de un certificado espec\ífico. Presentamos adem\ás algunos detalles acerca de la implementaci\ón realizada para hacer realidad este dise\ño.

}, isbn = {978-84-693-3304-4}, author = {Isaac Agudo and Jose A. Onieva and Daniel Merida} } @inproceedings {Alcaraz2010b, title = {Early Warning System for Cascading Effect Control in Energy Control Systems}, booktitle = {5th International conference on Critical Information Infrastructures Security (CRITIS{\textquoteright}10)}, series = {LNCS}, volume = {6712}, year = {2010}, month = {September}, pages = {55-67}, publisher = {Springer}, organization = {Springer}, address = {Athens, Greece}, abstract = {

A way of controlling a cascading effect caused by a failure or a threat in a critical system is using intelligent mechanisms capable of predicting anomalous behaviours and also capable of reacting against them in advance. These mechanisms are known as Early Warning Systems (EWS) and this will be precisely the main topic of this paper. Specially, we present an EWS design based on a Wireless Sensor Network (using the ISA100.11a standard) that constantly supervise the application context. This EWS is also based on forensic techniques to provide dynamic learning capacities. As a result, this new approach will aid to provide a reliable control of incidences by offering a dynamic alarm management, identification of the most suitable field operator to attend an alarm, reporting of causes and responsible operators, and learning from new anomalous situations.

}, keywords = {Cascading Effect, Early Warning System, Energy Control Systems, Forensic Techniques, SCADA Systems, Wireless Sensor Network}, isbn = {978-3-642-21693-0}, issn = {0302-9743}, url = {http://critis.net/2010/}, author = {Cristina Alcaraz and Angel Balastegui and Javier Lopez} } @inproceedings {Rios2010a, title = {Implementaci{\'o}n de un esquema de localizaci{\'o}n privada y segura para interiores}, booktitle = {IX Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL{\textquoteright}10)}, year = {2010}, month = {Sept.}, pages = {237 - 244}, address = {Valladolid (Spain)}, abstract = {

Las aplicaciones basadas en localizaci\ón proporcionan a los usuarios servicios personalizados dependiendo de su ubicaci\ón. Las estimaciones prev\én que estos servicios se extender\án enormemente en los pr\óximos a\ños reportando grandes beneficios tanto a la industria como a los usuarios finales. Sin embargo, para que estos avances sean posibles se hace necesario analizar en profundidad las distintas implicaciones de seguridad y privacidad que la utilizaci\ón de tales servicios pueden traer consigo a los usuarios. En este trabajo proponemos un sistema de localizaci\ón que da soporte a la provisi\ón de servicios basados en localizaci\ón para entornos indoor y que se fundamenta en la tecnolog\ía de redes de sensores inal\ámbricos. En este esquema hemos tenido en cuenta diversos aspectos de seguridad y privacidad, prestando especial atenci\ón a la limitaci\ón extrema de recursos caracter\ística de las redes de sensores. Finalmente hemos desarrollado una prueba de concepto para comprobar la viabilidad de nuestro esquema dentro del \ámbito del proyecto OSAmI.

}, isbn = {978-84-693-5398-1}, author = {Ruben Rios and Isaac Agudo and Jose L. Gonzalez}, editor = {Yannis Dimitriadis and Mar{\'\i}a Jes{\'u}s Verd{\'u} P{\'e}rez} } @inproceedings {calcaraz10, title = {Wireless Sensor Networks and the Internet of Things: Do We Need a Complete Integration?}, booktitle = {1st International Workshop on the Security of the Internet of Things (SecIoT{\textquoteright}10)}, year = {2010}, month = {December}, pages = {xxxx}, publisher = {IEEE}, organization = {IEEE}, address = {Tokyo (Japan)}, abstract = {

Wireless sensor networks (WSN) behave as a digital skin, providing a virtual layer where the information about the physical world can be accessed by any computational system. As a result, they are an invaluable resource for realizing the vision of the Internet of Things (IoT). However, it is necessary to consider whether the devices of a WSN should be completely integrated into the Internet or not. In this paper, we tackle this question from the perspective of security. While we will mention the different security challenges that may arise in such integration process, we will focus on the issues that take place at the network level.

}, issn = {xxxx}, author = {Cristina Alcaraz and Pablo Najera and Javier Lopez and Rodrigo Roman} } @inproceedings {Alcaraz2009, title = {Adaptive Dispatching of Incidences Based on Reputation for SCADA Systems}, booktitle = {6th International Conference on Trust, Privacy and Security in Digital Business (TrustBus{\textquoteright}09)}, series = {LNCS}, year = {2009}, month = {September}, pages = {86-94}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Linz, Austria}, abstract = {

SCADA systems represent a challenging scenario where the management of critical alarms is crucial. Their response to these alarms should be efficient and fast in order to mitigate or contain undesired effects. This work presents a mechanism, the Adaptive Assignment Manager (AAM) that will aid to react to incidences in a more efficient way by dynamically assigning alarms to the most suitable human operator. The mechanism uses various inputs for identifying the operators such as their availability, workload and reputation. In fact, we also define a reputation component that stores the reputation of the human operators and uses feedback from past experiences.

}, keywords = {Critical Control Systems, Reputation, Supervisory Control and Data Acquisition Systems}, isbn = {978-3-642-03747-4}, doi = {10.1007/978-3-642-03748-1_9}, author = {Cristina Alcaraz and Isaac Agudo and Carmen Fernandez-Gago and Rodrigo Roman and Gerardo Fernandez and Javier Lopez} } @inproceedings {Lopez2009, title = {Analysis of Security Threats, Requirements, Technologies and Standards in Wireless Sensor Networks}, booktitle = {Foundations of Security Analysis and Design 2009}, series = {LNCS}, volume = {5705}, year = {2009}, month = {August}, pages = {289-338}, publisher = {Springer Berlin/Heidelberg}, organization = {Springer Berlin/Heidelberg}, address = {Bertinoro (Italy)}, abstract = {

As sensor networks are more and more being implemented in real world settings, it is necessary to analyze how the different requirements of these real-world applications can influence the security mechanisms. This paper offers both an overview and an analysis of the relationship between the different security threats, requirements, applications, and security technologies. Besides, it also overviews some of the existing sensor network standards, analyzing their security mechanisms.

}, isbn = {978-3-642-03828-0}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/978-3-642-03829-7_10}, url = {http://www.springerlink.com/content/u8h4882831k474n6/}, author = {Javier Lopez and Rodrigo Roman and Cristina Alcaraz} } @inproceedings {roman2009, title = {Do Wireless Sensor Networks Need to be Completely Integrated into the Internet?}, booktitle = {3rd CompanionAble Workshop - Future Internet of People, Things and Services (IoPTS) eco-Systems}, year = {2009}, month = {December}, pages = {xxxx}, publisher = {xxxx}, organization = {xxxx}, address = {Brussels (Belgium)}, abstract = {

Wireless sensor networks are considered as an integral part of the Internet of Things paradigm. Not only they provide a virtual presence to elements of the real world, but also allow any computationalsystem to know about the physical state of those elements thanks to the use of embedded sensors. In order to belong to the Internet of Things, the elements of a sensor network can implement Internet protocols and services such as the TCP/IP stack and web services. Still, a question that must be raised at this point of time is whether all sensor network applications should be completely integrated into the Internet or not. The purpose of this paper is to analyze this question, reviewing the challenges and security requirements of Internet-enabled sensor networks.

}, issn = {xxxx}, author = {Rodrigo Roman and Javier Lopez and Cristina Alcaraz} } @inproceedings {Agudo2009a, title = {A Multidimensional Reputation Scheme for Identity Federations}, booktitle = {Sixth European Workshop on Public Key Services, Applications and Infrastructures (EuroPKI{\textquoteright}09)}, series = {LNCS}, volume = {6391}, year = {2009}, pages = {225-238}, publisher = {Springer}, organization = {Springer}, abstract = {

Deciding who to trust in the internet of services paradigm is an important and open question. How to do it in an optimal way is not always easy to determine. Trust is usually referred to a particular context whereas a single user may interact in more than one given context. We are interested in investigating how a Federated Reputation System can help exporting trust perceptions from one context to another. We propose a model for deriving trust in online services. In this context, trust is defined as the level of confidence that the service provider holds on the subject interacting with it to behave in a proper way while using the service. Thus, we derive trust by using the reputation values that those users have gained for interacting with these services.

}, isbn = {978-3-642-16440-8}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/978-3-642-16441-5_15}, author = {Isaac Agudo and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {vivas09, title = {Security Assurance During the Software Development Process}, booktitle = {International Conference on Computer Systems and Technologies (CompSysTech09)}, year = {2009}, pages = {11.7.1-11.7.6}, publisher = {ACM}, organization = {ACM}, address = {Ruse (Bulgary)}, abstract = {

Assurance has been a major topic for critical systems. Assurance is usually associated with safety conditions but has also an important role for checking security requirements. Security is best assured if it is addressed holistically, systematically, and from the very beginning in the software{\textquoteright}s development process. We propose to integrate assurance and system development by letting the different stages of the system development life-cycle be mapped to the structure of the assurance case.

}, isbn = {978-1-60558-986-2}, doi = {10.1145/1731740.1731763}, author = {Jose L. Vivas and Isaac Agudo and Javier Lopez} } @inproceedings {Alcaraz2008, title = {An{\'a}lisis de la Aplicabilidad de las Redes de Sensores para la Protecci{\'o}n de Infraestructuras de Informaci{\'o}n Cr{\'\i}ticas}, booktitle = {VI Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL{\textquoteright}08)}, year = {2008}, month = {September}, pages = {437}, address = {Alcal{\'a} de Henares (Spain)}, abstract = {

Las infraestructuras cr\íticas, como el sector energ\ético, la banca, el transporte, y muchas otras, son un pilar esencial para en bienestar de la sociedad y la econom\ía de un pa\ís. Estas infraestructuras dependen a su vez de ciertas infraestructuras de informaci\ón, las cuales permiten su correcto funcionamiento. La tarea de proteger esas infraestructuras (de informaci\ón) cr\íticas es compleja y multidimensional, con una gran cantidad de desaf\íos por resolver. Precisamente, las redes de sensores pueden ser de gran ayuda para esta tarea, debido a suscapacidades de control distribuidas y a su habilidad de funcionar en situaciones extremas. Este art\ículo analiza la utilidad de las redes de sensores en este contexto, describiendo tanto sus capacidades como sus posibles roles y mecanismos de integraci\ón para la protecci\ón de infraestructuras (de informaci\ón) cr\íticas.

}, isbn = {978-84-612-5474-3}, url = {http://www.telematica.ws/jitel/2008/default.htm}, author = {Cristina Alcaraz and Rodrigo Roman and Javier Lopez} } @inproceedings {Agudo2008, title = {Delegating Privileges over Finite Resources: A Quota Based Delegation Approach}, booktitle = {5th International Workshop on Formal Aspects in Security and Trust (FAST{\textquoteright}08)}, series = {LNCS}, volume = {5491}, year = {2008}, pages = {302-315}, publisher = {Springer}, organization = {Springer}, address = {Malaga (Spain)}, abstract = {

When delegation in real world scenarios is considered, the delegator (the entity that posses the privileges) usually passes the privileges on to the delegatee (the entity that receives the privileges) in such a way that the former looses these privileges while the delegation is effective. If we think of a physical key that opens a door, the privilege being delegated by the owner of the key is opening the door. Once the owner of the key delegates this privilege to another entity, by handing over the key, he is not able to open the door any longer. This is due to the fact that the key is not copied and handed over but handed over to the delegatee. When delegation takes place in the electronic world, the delegator usually retains also the privileges. Thus, both users have them simultaneously. This situation, which in most cases is not a problem, may be undesirable when dealing with certain kind of resources. In particular, if we think of finite resources, those in which the number of users accessing simultaneously is finite, we can not allow that a user delegating his access privilege is also granted access when the delegation if effective. In this paper we propose an approach where each user is delegated an access quota for a resource. If further delegating of the delegated quota occurs, this is subtracted from his quota. That is, when delegating, part of the quota remains with the delegator and another part goes to the delegatee. This allows a more fairly access to the resource. Moreover, we show that this approach can also be applied to any kind of resources by defining appropriate authorization policies.

}, isbn = {978-3-642-01464-2}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/978-3-642-01465-9}, author = {Isaac Agudo and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {Agudo2008b, title = {An Evolutionary Trust and Distrust Model}, booktitle = {4th Workshop on Security and Trust Management (STM{\textquoteright}08)}, series = {ENTCS}, volume = {224}, year = {2008}, pages = {3-12}, publisher = {Elsevier}, organization = {Elsevier}, address = {Trondheim, Norway}, abstract = {

In this paper we propose a trust model, where besides considering trust and distrust, we also consider another parameter that measures the reliability on the stability of trust or distrust. The inclusion of this new parameter will allow us to use trust in a more accurate way. We consider trust is not static but dynamic and trust values can change along time. Thus, we will also take time into account, using it as a parameter of our model. There is very little work done about the inclusion of time as an influence on trust. We will show the applicability of our model in the scenario of the process of reviewing papers for a conference. Sometimes for these kind of processes the Chair of the conference should first find the suitable reviewers. He can make this selection by using our model. Once the reviewers are selected they send out their reviews to the Chair who can also use our model in order to make the final decision about acceptance of papers.

}, issn = {1571-0661}, doi = {10.1016/j.entcs.2009.07.034}, author = {Isaac Agudo and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {Agudo2008a, title = {A Model for Trust Metrics Analysis}, booktitle = {5th International Conference on Trust, Privacy and Security in Digital Business (TrustBus{\textquoteright}08)}, series = {LNCS}, volume = {5185}, year = {2008}, pages = {28-37}, publisher = {Springer}, organization = {Springer}, abstract = {

Trust is an important factor in any kind of network essential, for example, in the decision-making process. As important as the definition of trust is the way to compute it. In this paper we propose a model for defining trust based on graph theory and show examples of some simple operators and functions that will allow us to compute trust.

}, isbn = {978-3-540-85734-1}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/978-3-540-85735-8_4}, author = {Isaac Agudo and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {Marquez2008, title = {Secure Real-Time Integration of Services in a OSGi Distributed Environment}, booktitle = {Fourth International Conference on Networked Computing and Advanced Information Management (NCM{\textquoteright}08)}, volume = {1}, year = {2008}, month = {September}, pages = {631-635}, publisher = {IEEE}, organization = {IEEE}, address = {Gyeongju, South Korea}, abstract = {This paper presents a service oriented architecture for real-time integration of services, how to distribute them in a local domain and how to define a secure way of accessing resources using users{\textquoteright} and services{\textquoteright} authorization and authentication. This work take advantage of previous European R amp;D projects focused on del.ivering applications and utilities in embedded real-time environments and the convergence of different worlds like Internet and digital TV.}, keywords = {authentication, authorisation, authorization, digital TV, embedded real-time environments, embedded systems, Internet, message authentication, open systems, OSGi distributed environment, secure real-time integration, service oriented architecture, software architecture}, isbn = {978-0-7695-3322-3}, doi = {10.1109/NCM.2008.173}, author = {Jose Manuel Marquez and Javier Jimenez and Isaac Agudo} } @inproceedings {Alcaraz2007, title = {An{\'a}lisis de primitivas criptogr{\'a}ficas para redes de sensores}, booktitle = {VI Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL{\textquoteright}07)}, year = {2007}, month = {September}, pages = {401-408}, address = {M{\'a}laga (Spain)}, abstract = {

Security in wireless sensor networks is very limited due to highly-constrained hardware of sensor nodes. To protect services is necessary to use secure foundations, known as security primitives, like part of a protocol. Theses primitives must assure at least confidentiality in the communication channel, authentication of the peers involved in an information exchange, and integrity of the messages. There are many primitives such as symmetric encryption, hash functions and public key cryptography, but not all of them can be supported by sensor nodes since require high resource levels, for example memory. This paper contains a deep analysis of available and suitable security primitives for sensor nodes, as well as an analysis of hardware and software implementations. Besides, it has been developed an experiment with two implementations, and it has been created a new and improved version using the optimizations of each.

}, isbn = {978-84-690-6670-6}, url = {http://www.telematica.ws/jitel/2007/}, author = {Cristina Alcaraz and Rodrigo Roman and Javier Lopez} } @inproceedings {Roman2007b, title = {Applicability of Public Key Infrastructures in Wireless Sensor Networks}, booktitle = {European PKI Workshop: Theory and Practice (EuroPKI{\textquoteright}07)}, series = {LNCS}, volume = {4582}, year = {2007}, month = {June}, pages = {313-320}, publisher = {Springer}, organization = {Springer}, address = {Mallorca (Spain)}, abstract = {

Wireless Sensor Networks (WSN) are becoming a key technology in the support of pervasive and ubiquitous services. The previous notion of PKC is too expensive for WSN has changed partially due to the existence of new hardware and software prototypes based on Elliptic Curve Cryptography and other PKC primitives. Then, it is necessary to analyze whether it is both feasible and convenient to have a Public Key Infrastructure for sensor networks that would allow the creation of PKC-based services like Digital Signatures.

}, keywords = {Public Key Cryptography, Public Key Infrastructure, wireless sensor networks}, isbn = {978-3-540-73407-9}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/978-3-540-73408-6_22}, url = {http://www.springerlink.com/content/q4l10ww348010131/}, author = {Rodrigo Roman and Cristina Alcaraz} } @inproceedings {Agudo2007a, title = {Attribute delegation in ubiquitous environments}, booktitle = {3rd international conference on Mobile multimedia communications (MobiMedia {\textquoteright}07)}, year = {2007}, pages = {43:1{\textendash}43:6}, publisher = {ICST}, organization = {ICST}, address = {Nafpaktos, Greece}, abstract = {

When delegation is implemented using the attribute certificates in a Privilege Management Infrastructure (PMI), this one reaches a considerable level of distributed functionality. However, the approach is not flexible enough for the requirements of ubiquitous environments. Additionally, the PMI can become a too complex solution for devices such as smartphones and PDAs, where resources are limited. In this work, we solve the previous limitations by defining a second class of attributes, called domain attributes, which are managed directly by users and are not right under the scope of the PMI, thus providing a light solution for constrained devices. The two classes of attributes are related by defining a simple ontology. We also introduce in the paper the concept of Attribute Federation which is responsible for supporting domain attributes and the corresponding ontology.

}, isbn = {978-963-06-2670-5}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro} } @inproceedings {Agudo2007, title = {Implementation aspects of a delegation system}, booktitle = {3rd international conference on Mobile multimedia communications (MobiMedia {\textquoteright}07)}, year = {2007}, pages = {50:1{\textendash}50:6}, publisher = {ICST}, organization = {ICST}, address = {Nafpaktos, Greece}, abstract = {

In this paper we simulate an authorization and delegation system using knowledge based technology. This proposal is part of a visual tool that is intended to be an implementation of the theoretical model weighted trust graph (WTG). A brief description of WTG Model and its associated tool is included in the text. In essence, the model is based on the inclusion of real numbers between zero and one in certificates to represent the trust level between the entities involved in them. This trust level is used to control delegation. Moreover, attributes from di_erent domains may be interrelated, so attribute delegation is also taken into account. The proposed Simulation Engine supports one directional and bidirectional search algorithms.

}, isbn = {978-963-06-2670-5}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro} } @inproceedings {Alcaraz2006, title = {Applying Key Infrastructures for Sensor Networks in {CIP/CIIP} Scenarios}, booktitle = {1st International Workshop on Critical Information Infrastructures Security (CRITIS{\textquoteright}06)}, series = {LNCS}, volume = {4347}, year = {2006}, pages = {166-178}, publisher = {Springer Berlin / Heidelberg}, organization = {Springer Berlin / Heidelberg}, abstract = {

It is commonly agreed that Wireless Sensor Networks (WSN) is one of the technologies that better fulfills features like the ones required by Critical (Information) Infrastructures. However, a sensor network is highly vulnerable against any external or internal attacks, thus network designers must know which are the tools that they can use in order to avoid such problems. In this paper we describe in detail a procedure (the KMS Guidelines), developed under our CRISIS project, that allows network designers to choose a certain Key Management System, or at least to know which protocol need to improve in order to satisfy the network requirements.

}, keywords = {Critical Information Infrastructures, Key Infrastructures, Key Management, Sensor Networks}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/11962977_14}, url = {http://www.springerlink.com/content/2458827107n14870/}, author = {Cristina Alcaraz and Rodrigo Roman} } @inproceedings {IsaacAgudo2006, title = {Attributes Delegation Based on Ontologies and Context Information}, booktitle = {10th IFIP TC-6 TC-11 International Conference on Communications and Multimedia on Security (CMS{\textquoteright}06)}, series = {LNCS}, volume = {4237}, year = {2006}, month = {October}, pages = {54-66}, publisher = {Springer}, organization = {Springer}, address = {Heraklion, Crete}, abstract = {

This paper presents a model for delegation based on partial orders, proposing the subclass relation in OWL as a way to represent the partial orders. Delegation and authorization decisions are made based on the context. In order to interact with the context, we define the Type of a credential as a way to introduce extra information regarding context constraints. When reasoning about delegation and authorization relationships, our model benefits from partial orders, defining them over entities, attributes and the credential type. Using these partial orders, the number of credentials required is reduced. It also classifies the possible criteria for making authorization decisions based on the context, in relation to the necessary information.

}, isbn = {978-3-540-47820-1}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/11909033_6}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro} } @inproceedings {Agudo2006a, title = {Graphical Representation of Authorization Policies for Weighted Credentials}, booktitle = {11th Australasian Conference on Information Security and Privacy (ACISP{\textquoteright}06)}, series = {LNCS}, volume = {4058}, year = {2006}, pages = {383-394}, publisher = {Springer}, organization = {Springer}, address = {Melbourne, Australia}, abstract = {

This paper elaborates on a solution to represent authorization and delegation in a graphical way, allowing users to better interpret delegation relationships. We make use of Weighted Trust Graph (WTG) as an instrument to represent delegation and authorization, extending it to cope with more complicated concepts, and providing a graphical representation of the level of confidence that exists between two entities regarding a resource or attribute. We represent the level of confidence for each pair of entities as a point in an axis diagram, as a set of points, or as a set of triangular regions depending on the accuracy we need. Then, we use the same diagram to represent the set of acceptable confidence level, that we call authorization policy set. In this way, a single diagram can be used to decide about authorization, thus providing a powerful tool for systems in which interaction of users is needed.

}, isbn = {978-3-540-35458-1}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/11780656_32}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro} } @inproceedings {IsaacAgudo2006a, title = {Pol{\'\i}ticas de delegaci{\'o}n para credenciales ponderadas y su representaci{\'o}n gr{\'a}fica}, booktitle = {IX Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la informaci{\'o}n (RECSI{\textquoteright}06)}, year = {2006}, month = {Septiembre}, pages = {311-322}, address = {Barcelona, Spain}, isbn = {84-9788-502-3}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro} } @inproceedings {IsaacAgudo2005a, title = {Delegation Perspective of Practical Authorization Schemes}, booktitle = {Fifth International Network Conference (INC{\textquoteright}05)}, year = {2005}, pages = {157-164}, address = {Samos Island, Greece}, isbn = {960-7475-32-1}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro and Eiji Okamoto and Ed Dawson} } @inproceedings {IsaacAgudo2005b, title = {A Representation Model of Trust Relationships with Delegation Extensions}, booktitle = {3th International Conference on Trust Management (iTRUST{\textquoteright}05)}, series = {LNCS}, volume = {3477}, year = {2005}, month = {May}, pages = {9-22}, publisher = {Springer}, organization = {Springer}, address = {Versailles, France}, abstract = {

Logic languages establish a formal framework to solve authorization and delegation conflicts. However, we consider that a visual representation is necessary since graphs are more expressive and understandable than logic languages. In this paper, and after overviewing previous works using logic languages, we present a proposal for graph representation of authorization and delegation statements. Our proposal is based on Varadharajan et al. solution, though improve several elements of that work. We also discuss about the possible implementation of our proposal using attribute certificates.

}, isbn = {978-3-540-26042-4}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/11429760_9}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro} } @inproceedings {1735, title = {Especificaci{\'o}n formal y verificaci{\'o}n de requisitos de Seguridad}, booktitle = {VIII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (VIII RECSI)}, year = {2004}, month = {Sep 2004}, pages = {225-235}, address = {Madrid (Spain)}, isbn = {84-7978-650-7}, author = {Isaac Agudo and Javier Lopez and Juan J. Ortega} } @inproceedings {Agudo2004, title = {Specification and formal verification of security requirements}, booktitle = {5th international conference on Computer systems and technologies (CompSysTech {\textquoteright}04)}, year = {2004}, pages = {1-6}, publisher = {ACM}, organization = {ACM}, address = {Rousse, Bulgaria}, abstract = {With the grown of internet and distributed applications, security requirements are going inherent to the software development process. Each time one communicates with some other one there are relevant security risk that must be taken in account. This is what is happening in the new soft-ware applications using client/server architecture. We propose including security requirements at the top level of development process, together with functional requirements because they are much related. With this information we are able to extract all communication protocols that are involved in our application and their associated security goals. This is the input to a verification phase in which we look for security flaws. The last step, and the more useful (and the not yet finished) is to use this information to modify our initial specification at the top level of the development process}, isbn = {954-9641-38-4}, doi = {10.1145/1050330.1050440}, author = {Isaac Agudo and Javier Lopez} } @inproceedings {JavierAreitio2001, title = {An{\'a}lisis, Dise{\~n}o e Implementaci{\'o}n de un Entorno Escalable de Comercio-e con Seguridad Telem{\'a}tica Adaptable Basada en PKI}, booktitle = {I Simposio Espa{\~n}ol de Comercio Electr{\'o}nico (SEC{\textquoteright}01)}, year = {2001}, month = {Octubre}, pages = {145-160}, address = {M{\'a}laga, Espa}, abstract = {

La presente ponencia aborda el desarrollo de un entorno seguro escalable para el Comercio Electr\ónico. Se ha tratado la cuesti\ón en dos fases: primero, idear un prototipo generalizado distribuido seguro formado por diferentes entidades gen\éricas con el objetivo de permitir que los clientes realicen sus compras y transacciones bancarias con un nivel de seguridad escalable; y en segundo lugar, implantar en la pr\áctica un prototipo de grado de escalabilidad reducido como modelo emp\írico.

}, author = {Javier Areitio and Lorenzo Mart{\'\i}nez and Javier Lopez and Jose A. Montenegro} } @inproceedings {JavierAreitio2000a, title = {Mecanismo de Seguridad de Bajo Costo para Micropagos}, booktitle = {VI Reunion Espa{\~n}ola de Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (VI RECSI)}, year = {2000}, month = {Septiembre}, pages = {193-200}, address = {La Laguna, Espa}, abstract = {
La presente comunicaci\ón presenta un mecanismo de micropagos flexible, de bajo costo que puede utilizarse para realizar pagos en l\ínea entre el cliente y el vendedor y fuera de l\ínea con el agente de negocios. Este mecanismo evita grandes almacenamientos de datos y c\álculos largos. Se puede implantar en software para el cliente y en hardware/software para el vendedor.\ \ 
}, author = {Javier Areitio and Javier Lopez} } @inproceedings {JavierLopez1999d, title = {Problem{\'a}tica de Seguridad para el Comercio Electr{\'o}nico en el Sector Tur{\'\i}stico}, booktitle = {I Congreso Nacional Turismo y Tecnolog{\'\i}a de la Informaci{\'o}n y las Comunicaciones (TURITEC{\textquoteright}99)}, year = {1999}, month = {Septiembre}, pages = {99-110}, abstract = {

Uno de los servicios que cada d\ía cobra m\ás importancia y que promete un cambio radical para las empresas es el comercio electr\ónico en Internet, pero tradicionalmente las empresas relacionadas con el turismo s\ólo han empleado la red para darse a conocer y ofertar sus productos. La raz\ón esencial es la desconfianza que existe sobre la seguridad de las transacciones llevadas a cabo en la red. La criptograf\ía de clave p\ública proporciona servicios adecuados para garantizar la seguridad de esas transacciones. Pero en la actualidad, algunos de esos servicios est\án menos desarrollados que otros; un ejemplo de ellos es el servicio de No-Repudio. En este art\ículo se estudian distintas formas de ofrecer servicios de no-repudio y se analizan sus ventajas y desventajas en funci\ón de las necesidades del entorno en que se utilicen.

}, author = {Javier Lopez and Javier Areitio and Felipe Rosello} }