@inproceedings {Garcia2023, title = {MAS para la convergencia de opiniones y detecci{\'o}n de anomal{\'\i}as en sistemas ciberf{\'\i}sicos distribuidos}, booktitle = {VIII Jornadas Nacionales de Investigaci{\'o}n en Ciberseguridad (JNIC)}, year = {In Press}, month = {06/2023}, address = {Vigo}, keywords = {Detecci{\'o}n avanzada, din{\'a}micas de opiniones, machine-learning, sistemas ciberf{\'\i}sicos, Sistemas multi-agente}, author = {Alberto Garcia and Cristina Alcaraz and Javier Lopez} } @inproceedings {morales2023metacom, title = {Integration of MPC into Besu through an extended private transaction model}, booktitle = {IEEE International Conference on Metaverse Computing, Networking and Applications}, year = {2023}, month = {06/2023}, address = {Kyoto, Japan}, abstract = {In the last few years we have seen many different approaches to incorporate privacy features to blockchains. In the area of cryptocurrencies that would normally mean protecting the identity of the owner of some funds, but there are other applications where privacy is even more important, especially in permissioned blockchains. Permissioned blockchain platforms, such as Hyperledger Besu or Hyperledger Fabric, already include the concept of private transactions, which essentially defines a sub-group of the blockchain where their participants share some private data. We want to go one step ahead and propose an extended model for private transactions where the different participants can have a separated view of the same transaction, allowing the integration of Multi-party Computation protocols in the blockchain. Our work extends Hyperledger Besu{\textquoteright}s design for private transactions, offering better security properties and a finer grain customization. We cover two specific MPC examples, Private Set Intersection and Byzantine Fault-Tolerant Random Number Generation, and propose a mechanism to run them using smart contract interfaces. }, keywords = {blockchain, hyperledger besu, privacy, secure multi-party computation}, author = {Daniel Morales and Isaac Agudo and Javier Lopez} } @inproceedings {Alcaraz2022c, title = {Collaborative anomaly detection system for charging stations}, booktitle = {The 27th European Symposium on Research in Computer Security (ESORICS 2022)}, volume = {13555}, year = {2022}, month = {09/2022}, pages = {716{\textendash}736}, publisher = {Springer, Cham}, organization = {Springer, Cham}, abstract = {

In recent years, the deployment of charging infrastructures has been increasing exponentially due to the high energy demand of electric vehicles, forming complex charging networks. These networks pave the way for the emergence of new unknown threats in both the energy and transportation sectors. Economic damages and energy theft are the most frequent risks in these environments. Thus, this paper aims to present a solution capable of accurately detecting unforeseen events and possible fraud threats that arise during charging sessions at charging stations through the current capabilities of the Machine Learning (ML) algorithms. However, these algorithms have the drawback of not fitting well in large networks and generating a high number of false positives and negatives, mainly due to the mismatch with the distribution of data over time. For that reason, a Collaborative Anomaly Detection System for Charging Stations (here referred to as CADS4CS) is proposed as an optimization measure. CADS4CS has a central analysis unit that coordinates a group of independent anomaly detection systems to provide greater accuracy using a voting algorithm. In addition, CADS4CS has the feature of continuously retraining ML models in a collaborative manner to ensure that they are adjusted to the distribution of the data. To validate the approach, different use cases and practical studies are addressed to demonstrate the effectiveness and efficiency of the solution.

}, keywords = {Charging station, Collaborative anomaly detection, Machine Learning, Voting system}, doi = {https://doi.org/10.1007/978-3-031-17146-8_35}, author = {Jesus Cumplido and Cristina Alcaraz and Javier Lopez} } @inproceedings {1989, title = {Implicaciones de seguridad en MAS Desplegados en Infraestructuras de Carga basadas en OCPP}, booktitle = {VII Jornadas Nacionales en Investigaci{\'o}n en Ciberseguridad (JNIC 2022)}, year = {2022}, month = {06/2022}, pages = {172-179}, abstract = {

El inter{\'e}s actual por desplegar infraestructuras de carga de veh{\'\i}culos el{\'e}ctricos para el ahorro energ{\'e}tico y la sostenibilidad es cada vez m{\'a}s palpable, lo que llama la atenci{\'o}n a muchas comunidades, especialmente a la cient{\'\i}fica, para explorar, entre otras cosas, la influencia de las nuevas tecnolog{\'\i}as de informaci{\'o}n en los procesos operacionales. Teniendo en cuenta este escenario, este art{\'\i}culo, por tanto, analiza c{\'o}mo el uso de los sistemas de multi-agente pueden beneficiar las tareas de monitorizaci{\'o}n, mantenimiento y de seguridad, y propone una arquitectura espec{\'\i}fica en base a los actores especificados en el protocolo OCPP (Open Charge Point Protocol). Esta arquitectura constituye la base para analizar los diversos tipos de amenazas que agentes software pueden sufrir, clasific{\'a}ndolas de acuerdo a las caracter{\'\i}sticas funcionales e interacciones con los diversos elementos de la infraestructura. Esta agrupaci{\'o}n y el conjunto de ataques abordados est{\'a}n basados en el SP-800-19 definido por el National Institute of Standards and Technology, y formalizados siguiendo la metodolog{\'\i}a de {\'a}rboles de ataque. El estudio revela la importancia que tiene analizar los riesgos que esta tecnolog{\'\i}a puede traer a este escenario, proporcionando, adem{\'a}s, un conjunto de recomendaciones que sirvan de gu{\'\i}a para aplicaciones futuras.

}, isbn = {978-84-88734-13-6}, author = {Cristina Alcaraz and Alberto Garcia and Javier Lopez} } @inproceedings {1980, title = {Novel Approaches for the Development of Trusted IoT Entities}, booktitle = {37th International Conference on ICT Systems Security and Privacy Protection {\textendash} IFIP SEC 2022}, year = {2022}, month = {06/2022}, pages = {215-230}, publisher = {Springer}, organization = {Springer}, address = {Copenhagen}, keywords = {Internet of Things (IoT), SysML, System Development Life Cycle (SDLC)., Trust, UML}, issn = {1868-4238 }, doi = {https://doi.org/10.1007/978-3-031-06975-8}, url = {https://link.springer.com/content/pdf/10.1007\%2F978-3-031-06975-8_13}, author = {Davide Ferraris and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {1979, title = {Privacidad Contextual en entornos Edge}, booktitle = {VII Jornadas Nacionales de Investigaci{\'o}n en Ciberseguridad (JNIC 2022)}, year = {2022}, month = {06/2022}, pages = {122-129}, address = {Bilbao, Spain}, abstract = {

La privacidad contextual se refiere a la protecci{\'o}n de toda aquella informaci{\'o}n que puede desprenderse de la interacci{\'o}n entre usuarios y/o servicios, exceptuando los datos que el propio usuario elige transmitir. La localizaci{\'o}n, el tiempo, los patrones de uso y los diferentes par{\'a}metros necesarios para realizar la comunicaci{\'o}n son algunos ejemplos. Este tipo de privacidad es extremadamente importante en la computaci{\'o}n edge debido al acercamiento de los recursos de la infraestructura a los usuarios. Por ello, el objetivo de este trabajo es ofrecer un an{\'a}lisis y clasificaci{\'o}n de las diferentes soluciones propuestas en la literatura respecto a la privacidad contextual en entornos edge, mostrando tanto las capacidades de los mecanismos actuales como los desaf{\'\i}os en este campo.

}, keywords = {Computaci{\'o}n edge, Privacidad, Privacidad contextual}, isbn = {978-84-88734-13-6 }, author = {Manuel Ruiz and Ruben Rios and Rodrigo Roman and Javier Lopez} } @inproceedings {morales2022cc, title = {Real-time Crowd Counting based on Wearable Ephemeral IDs}, booktitle = {19th International Conference on Security and Cryptography (SECRYPT 2022)}, year = {2022}, month = {07/2022}, pages = {249-260}, publisher = {Scitepress}, organization = {Scitepress}, address = {Lisbon}, abstract = {Crowd Counting is a very interesting problem aiming at counting people typically based on density averages and/or aerial images. This is very useful to prevent crowd crushes, especially on urban environments with high crowd density, or to count people in public demonstrations. In addition, in the last years, it has become of paramount importance for pandemic management. For those reasons, giving users automatic mechanisms to anticipate high risk situations is essential. In this work, we analyze ID-based Crowd Counting, and propose a real-time Crowd Counting system based on the Ephemeral ID broadcast by contact tracing applications on wearable devices. We also performed some simulations that show the accuracy of our system in different situations. }, keywords = {Crowd Counting, IDS, Pandemics, privacy, Secure Multiparty computation}, isbn = {978-989-758-590-6}, issn = {2184-7711}, doi = {10.5220/0011327200003283}, author = {Daniel Morales and Isaac Agudo and Javier Lopez} } @inproceedings {1981, title = {Verification and Validation Methods for a Trust-by-Design Framework for the IoT}, booktitle = {36th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec{\textquoteright}22)}, volume = {13383}, year = {2022}, month = {07/2022}, pages = {183-194}, publisher = {Springer}, organization = {Springer}, address = {Newark, NJ, USA}, keywords = {Internet of Things (IoT), SysML, System Development Life Cycle (SDLC), Trust, UML}, isbn = {978-3-031-10683-5}, doi = {https://doi.org/10.1007/978-3-031-10684-2_11}, url = {https://link.springer.com/chapter/10.1007/978-3-031-10684-2_11}, author = {Davide Ferraris and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {1846, title = {Distributed Detection of APTs: Consensus vs. Clustering}, booktitle = {25th European Symposium on Research in Computer Security (ESORICS 2020)}, volume = {12308}, year = {2020}, month = {09/2020}, pages = {174-192}, keywords = {Advanced Persistent Threat, clustering, consensus, distributed detection, Opinion Dynamics, Traceability}, isbn = {978-3-030-58951-6}, doi = {https://doi.org/10.1007/978-3-030-58951-6_9}, author = {Juan E. Rubio and Cristina Alcaraz and Ruben Rios and Rodrigo Roman and Javier Lopez} } @inproceedings {1840, title = {Game Theory-Based Approach for Defense against APTs}, booktitle = {18th International Conference on Applied Cryptography and Network Security (ACNS{\textquoteright}20)}, volume = {12147}, year = {2020}, month = {10/2020}, pages = {297-320}, publisher = {Springer}, organization = {Springer}, isbn = {978-3-030-57878-7}, doi = {https://doi.org/10.1007/978-3-030-57878-7_15}, author = {Juan E. Rubio and Cristina Alcaraz and Javier Lopez} } @inproceedings {1852, title = {A Model Specification Implementation for Trust Negotiation}, booktitle = {The 14th International Conference on Network and System Security (NSS 2020)}, volume = {12570}, year = {2020}, month = {11/2020}, pages = {327-341}, publisher = {Springer}, organization = {Springer}, address = {Melbourne, Australia}, abstract = {

Trust negotiation represents a suitable approach for building trust in online environments, where the interacting entities are anonymous. It covers important criteria on security and privacy. In this work, we propose a method for implementing our model specification that handles trust negotiation. We define the structure of the trust negotiation module that is a standalone unit capable of negotiating on its own. It may be included to any software by its defined interfaces. We realise our method with a ride-sharing scenario and four trust negotiation strategies that we apply in order to validate our design and implementation. We propose a solution that is fully customisable based on different requirements. The proposal provides guidelines for developers in the process of including trust negotiation into their software.

}, keywords = {Software Development Life Cycle, Trust, Trust Negotiation}, author = {Martin Kolar and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {1814, title = {An Analysis of Trust in Smart Home Devices}, booktitle = {The 20th World Conference on Information Security Applications: WISA-Workshop 2019}, year = {2019}, publisher = {Springer}, organization = {Springer}, address = {Jeju Island, Korea}, abstract = {

In recent times, smart home devices like Amazon Echo and Google Home have reached mainstream popularity. These devices are intrinsically intrusive, being able to access user{\textquoteright}s personal information. There are growing concerns about indiscriminate data collection and invasion of user privacy in smart home devices. Improper trust assumptions and security controls can lead to unauthorized access of the devices, which can have severe consequences (i.e. safety risks). In this paper, we analysed the behaviour of smart home devices with respect to trust relationships. We set up a smart home environment to evaluate how trust is built and managed. Then, we performed a number of interaction tests with different types of users (i.e. owner, guests). As a result, we were able to assess the effectiveness of the provided security controls and identify some relevant security issues. To address them, we defined a trust model and proposed a solution based on it for securing smart home devices.

}, keywords = {Internet of Things (IoT), security, Smart Home., Trust}, author = {Davide Ferraris and Daniel Bastos and Carmen Fernandez-Gago and Fadi El-Moussa and Javier Lopez} } @inproceedings {RubioESORICS2019, title = {Enhancing Security and Dependability of Industrial Networks with Opinion Dynamics}, booktitle = {European Symposium on Research in Computer Security (ESORICS2019)}, volume = {11736}, year = {2019}, month = {09/2019}, pages = {263-280}, doi = {https://doi.org/10.1007/978-3-030-29962-0_13}, author = {Juan E. Rubio and Mark Manulis and Cristina Alcaraz and Javier Lopez} } @inproceedings {1815, title = {SealedGRID: A Secure Interconnection of Technologies for Smart Grid Applications}, booktitle = {14th International Conference on Critical Information Infrastructures Security (CRITIS 2019)}, volume = {11777}, year = {2019}, month = {12/2019}, pages = {169-175}, publisher = {Springer, Cham}, organization = {Springer, Cham}, abstract = {

In recent years, the Smart Grid has increasingly integrated cutting-edge technologies that generate several benefits for all the stakeholders involved, such as a more accurate billing system and enhanced Demand Response procedures. However, this modernization also brings with it diverse cyber security and privacy issues, which sets the necessity for developing a security platform specifically tailored to this scenario. In this paper, we present SealedGRID, which proposes a flexible architecture that provides security services at all levels by implementing Trusted Execution Environments on their devices, together with advanced authentication and authorization mechanisms, as well as privacy preserving techniques. These technologies are presented in depth and a final security analysis is conducted, which highlights the contributions of this project.

}, isbn = {978-3-030-37669-7}, doi = {https://doi.org/10.1007/978-3-030-37670-3_14}, author = {Aristeidis Farao and Juan E. Rubio and Cristina Alcaraz and Christoforos Ntantogian and Christos Xenakis and Javier Lopez} } @inproceedings {1780, title = {A Segregated Architecture for a Trust-based Network of Internet of Things}, booktitle = {IEEE Consumer Communications \& Networking Conference 2019}, year = {2019}, month = {03/2019}, publisher = {IEEE}, organization = {IEEE}, address = {Las Vegas (USA)}, abstract = {

With the ever-increasing number of smart home devices, the issues related to these environments are also growing. With an ever-growing attack surface, there is no standard way to protect homes and their inhabitants from new threats. The inhabitants are rarely aware of the increased security threats that they are exposed to and how to manage them. To tackle this problem, we propose a solution based on segmented architectures similar to the ones used in industrial systems. In this approach, the smart home is segmented into various levels, which can broadly be categorised into an inner level and external level. The external level is protected by a firewall that checks the communication from/to the Internet to/from the external devices. The internal level is protected by an additional firewall that filters the information and the communications between the external and the internal devices. This segmentation guarantees a trusted environment between the entities belonging to the internal network. In this paper, we propose an adaptive trust model that checks the behaviour of the entities and, through this model, in case the entities violate trust rules they can be put in quarantine or banned from the network.

}, keywords = {Security; Trust; Privacy; Internet of Things (IoT); Smart Home}, doi = {10.1109/CCNC.2019.8651703}, url = {https://ieeexplore.ieee.org/document/8651703}, author = {Davide Ferraris and Carmen Fernandez-Gago and Joshua Daniel and Javier Lopez} } @inproceedings {1692, title = {Addressing Security in OCPP: Protection Against Man-in-the-Middle Attacks}, booktitle = {9th IFIP International Conference on New Technologies, Mobility \& Security}, year = {2018}, author = {Juan E. Rubio and Cristina Alcaraz and Javier Lopez} } @inproceedings {1666, title = {Analysis of cybersecurity threats in Industry 4.0: the case of intrusion detection}, booktitle = {The 12th International Conference on Critical Information Infrastructures Security}, volume = {Lecture Notes in Computer Science, vol 10707}, year = {2018}, month = {08/2018}, pages = {119-130}, publisher = {Springer}, organization = {Springer}, author = {Juan E. Rubio and Rodrigo Roman and Javier Lopez} } @inproceedings {1709, title = {Analyzing cross-platform attacks: towards a three-actor approach}, booktitle = {The 16th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2018)}, year = {2018}, month = {08/2018}, pages = {536-543}, abstract = {


In the current telecommunications landscape, different devices, systems and platforms are constantly communicating with each other. This heterogeneous environment creates the perfect situation for attacks to pass from one platform to another. This is a particularly worrying scenario, because of the new technologies being used (such as network slicing in 5G), the increasing importance of connected devices in our lives (IoT), and the unpredictable consequences that an attack of this type could have. The current approaches in attack analysis do not take into account these sitations, and the attacker/victim paradigm usually followed may fall short when dealing with these attacks. Thus, in this paper, an architecture for the analysis of cross-platform attacks will be presented, aiming to help understand better this kind of threats and offering solutions to mitigate and track them.

}, isbn = {978-1-5386-7518-2}, doi = {10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00102}, author = {Antonio Acien and Ana Nieto and Javier Lopez} } @inproceedings {CRAT2018, title = {Capture the RAT: Proximity-based Attacks in 5G using the Routine Activity Theory}, booktitle = {The 16th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2018)}, year = {2018}, month = {08/2018}, pages = {520-527}, publisher = {IEEE}, organization = {IEEE}, address = {Athens, Greece}, abstract = {

The fifth generation of cellular networks (5G) will enable different use cases where security will be more critical than ever before (e.g. autonomous vehicles and critical IoT devices). Unfortunately, the new networks are being built on the certainty that security problems can not be solved in the short term. Far from reinventing the wheel, one of our goals is to allow security software developers to implement and test their reactive solutions for the capillary network of 5G devices. Therefore, in this paper a solution for analysing proximity-based attacks in 5G environments is modelled and tested using OMNET++. The solution, named CRAT, is able to decouple the security analysis from the hardware of the device with the aim to extend the analysis of proximity-based attacks to different use-cases in 5G. We follow a high-level approach, in which the devices can take the role of victim, offender and guardian following the principles of the routine activity theory.\ 

}, isbn = {978-1-5386-7518-2}, doi = {10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00100}, url = {https://ieeexplore.ieee.org/document/8511943}, author = {Ana Nieto and Antonio Acien and Javier Lopez} } @inproceedings {1701, title = {A comprehensive methodology for deploying IoT honeypots}, booktitle = {15th International Conference on Trust, Privacy and Security in Digital Business (TrustBus 2018)}, volume = {LNCS 11033}, year = {2018}, month = {09/2018}, pages = {229{\textendash}243}, publisher = {Springer Nature Switzerland AG}, organization = {Springer Nature Switzerland AG}, address = {Regensburg (Germany)}, abstract = {

Recent news have raised concern regarding the security on the IoT field. Vulnerabilities in devices are arising and honeypots are an excellent way to cope with this problem. In this work, current solutions for honeypots in the IoT context, and other solutions adaptable to it are analyzed in order to set the basis for a methodology that allows deployment of IoT honeypot.

}, keywords = {Honeypot, IoT, methodology, security}, doi = {https://doi.org/10.1007/978-3-319-98385-1_16}, author = {Antonio Acien and Ana Nieto and Gerardo Fernandez and Javier Lopez} } @inproceedings {1706, title = {Definici{\'o}n de procedimientos para fabricar honeypots IoT basados en criterios de b{\'u}squeda}, booktitle = {XV Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n}, year = {2018}, month = {10/2018}, address = {Granada (Espa{\~n}a)}, abstract = {

Con la revoluci{\'o}n tecnol{\'o}gica que ha supuesto la Internet de las Cosas (Internet of Things, IoT) se han presentado escenarios donde la preocupaci{\'o}n por la seguridad en dicho entorno es cada vez m{\'a}s relevante. Est{\'a}n comenzando a surgir vulnerabilidades en varios dispositivos, y los sistemas trampa son una excelente manera de lidiar con este problema. En este trabajo se analizan soluciones para honeypots en el entorno IoT (y en otros que se puedan adaptar) para sentar las bases de una metodolog{\'\i}a que permita el despliegue de honeypots IoT.

}, isbn = {978-84-09-02463-6}, author = {Antonio Acien and Ana Nieto and Gerardo Fernandez and Javier Lopez} } @inproceedings {1699, title = {Modelo para la clasificaci{\'o}n y an{\'a}lisis de ataques Cross-Platform}, booktitle = {IV Jornadas Nacionales de Investigaci{\'o}n en Ciberseguridad (JNIC 2018)}, year = {2018}, month = {06/2018}, publisher = {Servicio Editorial de Mondragon Unibertsitatea}, organization = {Servicio Editorial de Mondragon Unibertsitatea}, address = {Donostia-San Sebasti{\'a}n (Espa{\~n}a)}, abstract = {

Los ataques cross-platform suponen un serio desaf{\'\i}o para los mecanismos de seguridad cuando los portadores de un ataque dirigido no son conscientes de su participacion en el mismo. Es por ello que, con dispositivos y tecnolog{\'\i}as cada vez mas entrelazadas, en constante comunicaci{\'o}n, numerosos ataques pasan desapercibidos hasta que alcanzan su objetivo final. Estos nuevos escenarios hacen posible una v{\'\i}a de transmision a tener en cuenta, y que se debe abordar cuanto antes, ya que sus consecuencias, especialmente en el panorama de telecomunicaciones actual, podr{\'\i}an ser desoladoras. La rapida transmisi{\'o}n de estos ataques, y la dificultad que supone su prevencion, detecci{\'o}n y mitigaci{\'o}n antes de que se hagan efectivos, hacen que el problema sea particularmente preocupante. En este art{\'\i}culo se presentar{\'a} una arquitectura para el analisis de los ataques cross-platform silenciosos, cuyo objetivo es ayudar a comprender mejor este tipo de amenazas y ofrecer soluciones que permitan mitigarlas y rastrearlas.

}, keywords = {architecture, attack, Cross-platform, security}, isbn = {978-84-09-02697-5}, url = {http://2018.jnic.es/assets/Actas_JNIC2018.pdf}, author = {Antonio Acien and Ana Nieto and Javier Lopez} } @inproceedings {kolar2018, title = {Policy Languages and Their Suitability for Trust Negotiation}, booktitle = {32nd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy XXXII, 2018}, volume = {10980}, year = {2018}, month = {07/2018}, pages = {69-84}, publisher = {Springer, Cham}, organization = {Springer, Cham}, address = {Bergamo, Italy}, abstract = {

Entities, such as people, companies, institutions, authorities and web sites live and exist in a conjoined world. In order to live and enjoy social benefits, entities need to share knowledge, resources and to cooperate together. The cooperation brings with it many new challenges and problems, among which one is the problem of trust. This area is also important for the Computer Science. When unfamiliar entities wish to cooperate, they do not know what to expect nor whether they can trust each other. Trust negotiation solves this problem by sequential exchanging credentials between entities, which have decided to establish a trust relationship in order to reach a common goal. Entities specify their own policies that handle a disclosure of confidential information to maintain their security and privacy. Policies are defined by means of a policy language. This paper aims to identify the most suitable policy language for trust negotiation. To do so, policy languages are analysed against a set of criteria for trust negotiation that are first established.

}, isbn = {978-3-319-95728-9}, doi = {10.1007/978-3-319-95729-6_5}, url = {https://link.springer.com/chapter/10.1007/978-3-319-95729-6_5}, author = {Martin Kolar and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {1684, title = {A Trust-by-Design Framework for the Internet of Things}, booktitle = {2018 9th IFIP International Conference on New Technologies Mobility and Security (NTMS)}, year = {2018}, month = {04/2018}, publisher = {IEEE}, organization = {IEEE}, address = {Paris}, abstract = {

The Internet of Things (IoT) is an environment of interconnected entities, that are identifiable, usable and controllable via the Internet. Trust is necessary in a system such as IoT as the entities involved should know the effect of interacting with other entities. Moreover, the entities must also be able to trust a system to reliably use it. An IoT system is composed of different entities from different vendors, each of them with a different purpose and a different lifecycle. So considering trust in the whole IoT system lifecycle is useful and necessary to guarantee a good service for the whole system. The heterogeneity and dynamicity of this field make it difficult to ensure trust in IoT. We propose a trust by design framework for including trust in the development of an IoT entity considering all the phases of the life-cycle. It is composed of the K-Model and transversal activities.

}, issn = {2157-4960 }, doi = {10.1109/NTMS.2018.8328674}, url = {http://ieeexplore.ieee.org/document/8328674/}, author = {Davide Ferraris and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {1662, title = {Analysis of Intrusion Detection Systems in Industrial Ecosystems}, booktitle = {14th International Conference on Security and Cryptography (SECRYPT 2017)}, volume = {6}, year = {2017}, pages = {116-128}, publisher = {SciTePress}, organization = {SciTePress}, isbn = {978-989-758-259-2}, doi = {10.5220/0006426301160128}, author = {Juan E. Rubio and Cristina Alcaraz and Rodrigo Roman and Javier Lopez} } @inproceedings {1654, title = {Digital Witness and Privacy in IoT: Anonymous Witnessing Approach}, booktitle = {16th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom 2017)}, year = {2017}, month = {08/2017}, pages = {642-649}, publisher = {IEEE}, organization = {IEEE}, address = {Sydney (Australia)}, abstract = {

The digital witness approach defines the collaboration between IoT devices - from wearables to vehicles - to provide digital evidence through a Digital Chain of Custody to an authorised entity. As one of the cores of the digital witness, binding credentials unequivocally identify the user behind the digital witness. The objective of this article is to perform a critical analysis of the digital witness approach from the perspective of privacy, and to propose solutions that help include some notions of privacy in the scheme (for those cases where it is possible). In addition, digital anonymous witnessing as a tradeoff mechanism between the original approach and privacy requirements is proposed. This is a clear challenge in this context given the restriction that the identities of the links in the digital chain of custody should be known.\ 

}, keywords = {Forensics, IEC Standards, ISO Standards, privacy}, isbn = {978-1-5090-4906-6}, issn = {2324-9013}, doi = {10.1109/Trustcom/BigDataSE/ICESS.2017.295}, author = {Ana Nieto and Ruben Rios and Javier Lopez} } @inproceedings {nunez2017fallout, title = {The fallout of key compromise in a proxy-mediated key agreement protocol}, booktitle = {31st Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec{\textquoteright}17)}, volume = {LNCS 10359}, year = {2017}, month = {07/2017}, pages = {453-472}, publisher = {Springer}, organization = {Springer}, address = {Philadelphia, USA}, abstract = {

In this paper, we analyze how key compromise affects the protocol by Nguyen et al. presented at ESORICS 2016, an authenticated key agreement protocol mediated by a proxy entity, restricted to only symmetric encryption primitives and intended for IoT environments. This protocol uses long-term encryption tokens as intermediate values during encryption and decryption procedures, which implies that these can be used to encrypt and decrypt messages without knowing the cor- responding secret keys. In our work, we show how key compromise (or even compromise of encryption tokens) allows to break forward secu- rity and leads to key compromise impersonation attacks. Moreover, we demonstrate that these problems cannot be solved even if the affected user revokes his compromised secret key and updates it to a new one. The conclusion is that this protocol cannot be used in IoT environments, where key compromise is a realistic risk.\ 

}, isbn = {978-3-319-61176-1}, doi = {10.1007/978-3-319-61176-1_25}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {Ruben2017smog, title = {From Smog to Fog: A Security Perspective}, booktitle = {2nd IEEE International Conference on Fog and Edge Mobile Computing (FMEC 2017)}, year = {2017}, month = {06/2017}, pages = {56-61}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Valencia, Spain. 8-11 May 2017}, abstract = {

Cloud computing has some major limitations that hinder its application to some specific scenarios (e.g., Industrial IoT, and remote surgery) where there are particularly stringent requirements, such as extremely low latency. Fog computing is a specialization of the Cloud that promises to overcome the aforementioned limitations by bringing the Cloud closer to end-users. Despite its potential benefits, Fog Computing is still a developing paradigm which demands further research, especially on security and privacy aspects. This is precisely the focus of this paper: to make evident the urgent need for security mechanisms in Fog computing, as well as to present a research strategy with the necessary steps and processes that are being undertaken within the scope of the SMOG project, in order to enable a trustworthy and resilient Fog ecosystem.

}, isbn = {978-1-5386-2859-1}, doi = {10.1109/FMEC.2017.7946408}, author = {Ruben Rios and Rodrigo Roman and Jose A. Onieva and Javier Lopez} } @inproceedings {1652, title = {A Methodology for Privacy-Aware IoT-Forensics}, booktitle = {16th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom 2017)}, year = {2017}, month = {08/2017}, pages = {626-633}, publisher = {IEEE}, organization = {IEEE}, address = {Sydney (Australia)}, abstract = {

The Internet of Things (IoT) brings new challenges to digital forensics. Given the number and heterogeneity of devices in such scenarios, it bring extremely difficult to carry out investigations without the cooperation of individuals. Even if they are not directly involved in the offense, their devices can yield digital evidence that might provide useful clarification in an investigation. However, when providing such evidence they may leak sensitive personal information. This paper proposes PRoFIT; a new model for IoT-forensics that takes privacy into consideration by incorporating the requirements of ISO/IEC 29100:2011 throughout the investigation life cycle. PRoFIT is intended to lay the groundwork for the voluntary cooperation of individuals in cyber crime investigations.

}, keywords = {Adaptation models, Forensics, IEC Standards, Information management, ISO Standards, privacy, Software}, isbn = {978-1-5090-4906-6}, issn = {2324-9013}, doi = {10.1109/Trustcom/BigDataSE/ICESS.2017.293}, author = {Ana Nieto and Ruben Rios and Javier Lopez} } @inproceedings {1656, title = {Modeling Malware-driven Honeypots}, booktitle = {14th International Conference On Trust, Privacy \& Security In Digital Business (TrustBus 2017)}, volume = {10442}, year = {2017}, month = {08/2017}, pages = {130-144}, publisher = {Springer International Publishing}, organization = {Springer International Publishing}, address = {Lyon (France)}, abstract = {

In this paper we propose the Hogney architecture for the deployment of malware-driven honeypots. This new concept refers to honeypots that have been dynamically configured according to the environment expected by malware. The adaptation mechanism designed here is built on services that offer up-to-date and relevant intelligence information\ on current threats. Thus, the Hogney architecture takes advantage of recent Indicators Of Compromise\ (IOC) and information about suspicious activity currently being studied by analysts. The information gathered from these services is then used to adapt honeypots to fulfill malware requirements, inviting them to unleash their full strength.

}, keywords = {adaptive, dynamic, Honeypot, intelligence, IOC, malware}, isbn = {978-3-319-64482-0}, doi = {https://doi.org/10.1007/978-3-319-64483-7_9}, url = {https://link.springer.com/chapter/10.1007/978-3-319-64483-7_9}, author = {Gerardo Fernandez and Ana Nieto and Javier Lopez} } @inproceedings {RubioAlcarazLopez2017ESORICS, title = {Preventing Advanced Persistent Threats in Complex Control Networks}, booktitle = {European Symposium on Research in Computer Security}, volume = {10493}, year = {2017}, month = {09/2017}, pages = {402-418}, publisher = {22nd European Symposium on Research in Computer Security (ESORICS 2017)}, organization = {22nd European Symposium on Research in Computer Security (ESORICS 2017)}, author = {Juan E. Rubio and Cristina Alcaraz and Javier Lopez} } @inproceedings {1655, title = {PRoFIT: modelo forense-IoT con integraci{\'o}n de requisitos de privacidad}, booktitle = {XIII Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL 2017)}, volume = {Libro de actas}, year = {2017}, month = {01/2018}, pages = {302-309}, publisher = {Editorial Universitat Polit{\`e}cnica de Val{\`e}ncia}, organization = {Editorial Universitat Polit{\`e}cnica de Val{\`e}ncia}, address = {Valencia}, isbn = {978-84-9048-595-8}, doi = {http://dx.doi.org/10.4995/JITEL2017.2017.7061}, url = {http://jlloret.webs.upv.es/jitel2017/files/ACTASJITEL2017.pdf}, author = {Ana Nieto and Ruben Rios and Javier Lopez} } @inproceedings {Rios2017query, title = {Query Privacy in Sensing-as-a-Service Platforms}, booktitle = {32nd International Conference on ICT Systems Security and Privacy Protection (IFIP SEC 2017)}, series = {IFIP Advances in Information and Communication Technology (AICT)}, volume = {502}, year = {2017}, month = {05/2017}, pages = {141{\textendash}154}, publisher = {Springer}, organization = {Springer}, address = {Roma, Italy}, abstract = {

The Internet of Things (IoT) promises to revolutionize the way we interact with the physical world. Even though this paradigm is still far from being completely realized, there already exist Sensing-as-a-Service (S2aaS) platforms that allow users to query for IoT data. While this model offers tremendous benefits, it also entails increasingly challenging privacy issues. In this paper, we concentrate on the protection of user privacy when querying sensing devices through a semi-trusted S2aaS platform. In particular, we build on techniques inspired by proxy re-encryption and k-anonymity to tackle two intertwined problems, namely query privacy and query confidentiality. The feasibility of our solution is validated both analytically and empirically.\ 

}, doi = {10.1007/978-3-319-58469-0_10}, author = {Ruben Rios and David Nu{\~n}ez and Javier Lopez}, editor = {Sabrina De Capitani di Vimercati and Fabio Martinelli} } @inproceedings {1600, title = {Selecting Privacy Solutions to Prioritise Control in Smart Metering Systems}, booktitle = {The 11th International Conference on Critical Information Infrastructures Security}, volume = {10242}, year = {2017}, pages = {176-188}, abstract = {

The introduction of the Smart Grid brings with it several benefits to society, because its bi-directional communication allows both users and utilities to have better control over energy usage. However, it also has some privacy issues with respect to the privacy of the customers when analysing their consumption data. In this paper we review the main privacy-preserving techniques that have been proposed and compare their efficiency, to accurately select the most appropriate ones for undertaking control operations. Both privacy and performance are essential for the rapid adoption of Smart Grid technologies.

}, keywords = {and Metering, Control, Data privacy, Smart Grid}, author = {Juan E. Rubio and Cristina Alcaraz and Javier Lopez} } @inproceedings {1582, title = {Arquitectura funcional para la cadena de custodia digital en objetos de la IoT}, booktitle = {XIV Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n}, year = {2016}, month = {10/2016}, pages = {168-173}, abstract = {
En la Internet de los Objetos (IoT, por sus siglas en ingl{\'e}s), los ataques pueden ser perpetrados desde dispositivos que enmascaran su rastro ayud{\'a}ndose de la densidad de objetos y usuarios. Actualmente la idea de que los dispositivos de usuario almacenan evidencias que pueden ser muy valiosas para frenar ataques es bien conocida. Sin embargo, la colaboraci{\'o}n de {\'e}stos para denunciar posibles abusos telem{\'a}ticos a{\'u}n est{\'a} por definir. Los testigos digitales son dispositivos concebidos para definir la participaci{\'o}n de dispositivos de usuario en una cadena de custodia digital. La idea es que las evidencias se generan, almacenan y transfieren siguiendo los requisitos marcados por las normas actuales (p.ej. UNE 71505), pero respetando las restricciones en recursos de los dispositivos. En este art{\'\i}culo proponemos una arquitectura funcional para la implementaci{\'o}n del concepto de testigo digital en dispositivos heterog{\'e}neos de la IoT.
}, keywords = {Cadena de custodia digital, Identidad de las cosas, Testigo digital}, isbn = {978-84-608-9470-4}, author = {Ana Nieto and Rodrigo Roman and Javier Lopez} } @inproceedings {1585, title = {Dynamic Restoration in Interconnected RBAC-based Cyber-Physical Control Systems}, booktitle = {Proceedings of the 13th International Joint Conference on e-Business and Telecommunications (SECRYPT 2016)}, year = {2016}, month = { 2016}, pages = {19-27}, address = {Lisboa}, abstract = {

Increasingly, automatic restoration is an indispensable security measure in control systems (e.g. those used in\ critical infrastructure sectors) due to the importance of ensuring the functionality of monitoring infrastructures.\ Modernizing the interconnection of control systems to provide interoperability between different networks, at\ a low cost, is also a critical requirement in control systems. However, automated recovery mechanisms are\ currently costly, and ensuring interoperability particularly at a low cost remains a topic of scientific challenge.\ This is the gap we seek to address in this paper. More specifically, we propose a restoration model for interconnected\ contexts, taking into account the theory of supernode and structural controllability, as well as the\ recommendations given by the IEC-62351-8 standard (which are mainly based on the implementation of a\ role-based access control system).

}, isbn = {978-989-758-196-0}, doi = {10.5220/0005942000190027}, author = {Cristina Alcaraz and Javier Lopez and Kim-Kwang Raymond Choo} } @inproceedings {Rios2016a, title = {Evoluci{\'o}n y nuevos desafios de privacidad en la Internet de las Cosas}, booktitle = {XIV Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n}, year = {2016}, month = {10/2016}, pages = {209-213}, address = {Mah{\'o}n, Menorca, Islas Baleares}, abstract = {

La Internet de las Cosas (en ingl{\'e}s, Internet of Things\ (IoT)) es una evoluci{\'o}n de la Internet tal y como lo conocemos. Esta nueva versi{\'o}n de Internet incorpora objetos de la vida cotidiana, rompiendo as{\'\i} barrera de los digital y extendi{\'e}ndose al mundo f{\'\i}sico. Estos objetos interactuar{\'a}n entre s{\'\i} y con otras entidades tanto de manera local como remota, y estar{\'a}n dotados de cierta capacidad computacional y sensores para que sean conscientes de lo que ocurre en su entorno. Esto traer{\'a} consigo un sinf{\'\i}n de posibilidades y nuevos servicios, pero tambi{\'e}n dar{\'a} lugar a nuevos y mayores riesgos de privacidad para los ciudadanos. En este art{\'\i}culo, estudiamos los problemas de privacidad actuales de una de las tecnolog{\'\i}as claves para el desarrollo de este prometedor paradigma, las redes de sensores, y analizamos como pueden evolucionar y surgir nuevos riesgos de privacidad al ser completamente integradas en la Internet.

}, keywords = {Challenges, Internet of Things, privacy, Sensors}, author = {Ruben Rios and Javier Lopez} } @inproceedings {nunez2016nuevas, title = {Nuevas nociones de seguridad y transformaciones gen{\'e}ricas para criptosistemas de recifrado delegado}, booktitle = {XIV Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n}, year = {2016}, month = {10/2016}, pages = {174-179}, address = {Mah{\'o}n, Menorca, Islas Baleares}, abstract = {

El recifrado delegado (proxy re-encryption) es un tipo de cifrado de clave p{\'u}blica que permite delegar la capacidad de transformar textos cifrados de una clave p{\'u}blica a otra, sin que se pueda obtener ninguna informaci{\'o}n sobre el mensaje subyacente. Por este motivo, representa un candidato natural para construir mecanismos criptogr{\'a}ficos de control de acceso. En este art{\'\i}culo estudiamos algunos de los problemas de seguridad de este tipo de criptosistemas. En primer lugar, examinamos las nociones de seguridad e identificamos una nueva familia param{\'e}trica de modelos de ataque, que considera la disponibilidad tanto del or{\'a}culo de descifrado como de recifrado. En segundo lugar, estudiamos la aplicabilidad de transformaciones gen{\'e}ricas para mejorar la seguridad, centr{\'a}ndonos en la transformaci{\'o}n Fujisaki-Okamoto, y formulamos las condiciones que nos permiten aplicarla.

}, keywords = {proxy re-encryption}, isbn = { 978-84-608-9470-4}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {rios2016b, title = {Privacy-Aware Trust Negotiation}, booktitle = {12th International Workshop on Security and Trust Management (STM)}, volume = {LNCS 9871}, year = {2016}, month = {09/2016}, pages = {98-105}, publisher = {Springer}, organization = {Springer}, address = {Heraklion, Crete, Greece}, abstract = {

Software engineering and information security have traditionally followed divergent paths but lately some efforts have been made to consider security from the early phases of the Software Development Life Cycle (SDLC). This paper follows this line and concentrates on the incorporation of trust negotiations during the requirements engineering phase. More precisely, we provide an extension to the SI* modelling language, which is further formalised using answer set programming specifications to support the automatic verification of the model and the detection of privacy conflicts caused by trust negotiations.

}, keywords = {Goal-Oriented Modelling, privacy, Requirements Engineering, Secure Software Engineering, Trust}, isbn = {978-3-319-46597-5}, issn = {0302-9743}, doi = {10.1007/978-3-319-46598-2 7}, url = {http://link.springer.com/chapter/10.1007/978-3-319-46598-2_7}, author = {Ruben Rios and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {1598, title = {Safeguarding Structural Controllability in Cyber-Physical Control Systems}, booktitle = {The 21st European Symposium on Research in Computer Security (ESORICS 2016)}, volume = {9879}, year = {2016}, pages = {471-489}, publisher = {Springer}, organization = {Springer}, address = {Crete, Greece}, abstract = {

Automatic restoration of control wireless networks based on dynamic\ cyber-physical systems has become a hot topic in recent years, since most of their\ elements tend to have serious vulnerabilities that may be exploited by attackers.\ In fact, any exploitation may rapidly extend to the entire control network due to\ its problem of non-locality, where control properties of a system and its structural\ controllability can disintegrate over time. Unfortunately, automated self-healing\ processes may become costly procedures in which the reliability of the strategies\ and the time-critical of any recovery of the control can become key factors to\ re-establish the control properties in due time. This operational need is precisely\ the aim of this paper, in which four reachability-based recovery strategies from\ a thereotical point of view are proposed so as to find the best option/s in terms\ of optimization, robustness and complexity. To do this, new definitions related to\ structural controllability in relation to the type of distribution of the network and\ its control load capacity are given in this paper, resulting in an interesting practical\ study.

}, keywords = {Control systems, cyber-physical systems, restoration, self-healing, structural controllability}, isbn = {978-3-319-45741-3}, author = {Cristina Alcaraz and Javier Lopez} } @inproceedings {1578, title = {Testigo digital: delegaci{\'o}n vinculante de evidencias electr{\'o}nicas para escenarios IoT}, booktitle = {II Jornadas Nacionales de Investigaci{\'o}n en Ciberseguridad (JNIC 2016)}, year = {2016}, month = {06/2016}, pages = {109-116}, abstract = {

En un mundo en el que los usuarios dependen cada vez m{\'a}s de sus dispositivos, {\'e}stos almacenan gran cantidad de datos y son una fuente muy valiosa de informaci{\'o}n sobre su entorno. Sin embargo, la heterogeneidad y la densidad de los objetos conectados, caracter{\'\i}sticas propias de la Internet de las Cosas (IoT), sirven de velo para ocultar conductas maliciosas que afectan a estos dispositivos, sin que quede rastro de tales acciones. En este art{\'\i}culo definimos el concepto de testigo digital: funcionalidad que permitir{\'a} a los dispositivos personales y otros objetos colaborar para implementar una cadena de custodia digital en la IoT. El fin perseguido es ofrecer soluciones que mitiguen los efectos de la ciberdelincuencia, ampar{\'a}ndose en la colaboraci{\'o}n de los dispositivos con arquitecturas de seguridad embebidas para alertar de conductas maliciosas, y dejar constancia de {\'e}stas.

}, keywords = {computaci{\'o}n forense, elemento seguro, Evidencia electr{\'o}nica, IoT, no-repudio}, isbn = {978-84-608-8070-7}, url = {http://ucys.ugr.es/jnic2016/docs/ActasJNIC2016.pdf}, author = {Ana Nieto and Rodrigo Roman and Javier Lopez} } @inproceedings {nunez2015ntrureencrypt, title = {NTRUReEncrypt: An Efficient Proxy Re-Encryption Scheme Based on NTRU}, booktitle = {10th ACM Symposium on Information, Computer and Communications Security (AsiaCCS)}, year = {2015}, month = {04/2015}, pages = {179-189}, abstract = {

The use of alternative foundations for constructing more secure and efficient cryptographic schemes is a topic worth exploring. In the case of proxy re-encryption, the vast majority of schemes are based on number theoretic problems such as the discrete logarithm. In this paper we present NTRUReEncrypt, a new bidirectional and multihop proxy re-encryption scheme based on NTRU, a widely known lattice-based cryptosystem. We provide two versions of our scheme: the first one is based on the conventional NTRU encryption scheme and, although it lacks a security proof, remains as efficient as its predecessor; the second one is based on a variant of NTRU proposed by Stehl{\'e} and Steinfeld, which is proven CPA-secure under the hardness of the Ring-LWE problem. To the best of our knowledge, our proposals are the first proxy re-encryption schemes to be based on the NTRU primitive. In addition, we provide experimental results to show the efficiency of our proposal, as well as a comparison with previous proxy re-encryption schemes, which confirms that our first scheme outperforms the rest by an order of magnitude.

}, isbn = {978-1-4503-3245-3}, doi = {10.1145/2714576.2714585}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {nunez2015parametric, title = {A Parametric Family of Attack Models for Proxy Re-Encryption}, booktitle = {28th IEEE Computer Security Foundations Symposium}, series = {CSF{\textquoteright}15}, year = {2015}, month = {07/2015}, pages = {290-301}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Verona, Italy}, abstract = {

Proxy Re-Encryption (PRE) is a type of Public-Key Encryption (PKE) which provides an additional re-encryption functionality. Although PRE is inherently more complex than PKE, attack models for PRE have not been developed further than those inherited from PKE. In this paper we address this gap and define a parametric family of attack models for PRE, based on the availability of both the decryption and re-encryption oracles during the security game. This family enables the definition of a set of intermediate security notions for PRE that ranges from {\textquoteleft}{\textquoteleft}plain{\textquoteright}{\textquoteright} IND-CPA to {\textquoteleft}{\textquoteleft}full{\textquoteright}{\textquoteright} IND-CCA. We analyze some relations among these notions of security, and in particular, the separations that arise when the re-encryption oracle leaks re-encryption keys. In addition, we discuss which of these security notions represent meaningful adversarial models for PRE. Finally, we provide an example of a recent {\textquoteleft}{\textquoteleft}CCA1- secure{\textquoteright}{\textquoteright} scheme from PKC 2014 whose security model does not capture chosen-ciphertext attacks through re-encryption and for which we describe an attack under a more realistic security notion. This attack emphasizes the fact that PRE schemes that leak re-encryption keys cannot achieve strong security notions.

}, isbn = { 978-1-4673-7538-2}, issn = {1063-6900}, doi = {10.1109/CSF.2015.27}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {431, title = {A Context-based Parametric Relationship Model (CPRM) to Measure the Security and QoS tradeoff in Configurable Environments}, booktitle = {IEEE International Conference on Communications (ICC{\textquoteright}14)}, year = {2014}, month = {06/2014}, pages = {755-760}, publisher = {IEEE Communications Society}, organization = {IEEE Communications Society}, address = {Sydney (Australia)}, abstract = {

Heterogeneity of future networks requires the use of extensible models to understand the Security and QoS tradeoff. We believe that a good starting point is to analyze the Security and QoS tradeoff from a parametric point of view and, for this reason, in a previous paper, we defined the Parametric Rela- tionship Model (PRM) to define relationships between Security and QoS parameters. In this paper, we extend that approach in order to change the behaviour of the model so that different contexts in the same system are considered; that is, to provide a Context-based Parametric Relationship Model (CPRM). The final aim is to provide useful tools for system administrators in order to help them deal with Security and QoS tradeoff issues in the configuration of the environment.\ 

}, isbn = {978-1-4799-2003-7}, doi = {10.1109/ICC.2014.6883410}, author = {Ana Nieto and Javier Lopez} } @inproceedings {nunez2014delegated, title = {Delegated Access for Hadoop Clusters in the Cloud}, booktitle = {IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2014)}, year = {2014}, month = {12/2014}, pages = {374-379}, publisher = {IEEE}, organization = {IEEE}, address = {Singapore}, abstract = {

Among Big Data technologies, Hadoop stands out for its capacity to store and process large-scale datasets. However, although Hadoop was not designed with security in mind, it is widely used by plenty of organizations, some of which have strong data protection requirements. Traditional access control solutions are not enough, and cryptographic solutions must be put in place to protect sensitive information. In this paper, we describe a cryptographically-enforced access control system for Hadoop, based on proxy re-encryption. Our proposed solution fits in well with the outsourcing of Big Data processing to the cloud, since information can be stored in encrypted form in external servers in the cloud and processed only if access has been delegated. Experimental results show that the overhead produced by our solution is manageable, which makes it suitable for some applications.

}, isbn = {978-1-4799-4093-6}, doi = {10.1109/CloudCom.2014.50}, url = {http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\&arnumber=7037691}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {909, title = {Herramienta para la Compensaci{\'o}n de Par{\'a}metros de QoS y Seguridad}, booktitle = {XIII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (RECSI 2014)}, year = {2014}, month = {09/2014}, pages = {303-308}, address = {Alicante (Espa{\~n}a).}, abstract = {

El an{\'a}lisis conjunto de mecanismos de seguridad y QoS es esencial para las redes heterog{\'e}neas donde diversos\ dispositivos pueden coexistir en entornos din{\'a}micos. En concreto, los dispositivos no siempre pueden ser\ conocidos, por lo que diferentes requisitos y mecanismos pueden surgir para el an{\'a}lisis. En este art{\'\i}culo,\ proponemos una herramienta para facilitar la configuraci{\'o}n de entornos basada en el an{\'a}lisis param{\'e}trico de\ dependencias, tomando como base de conocimiento un conjunto de par{\'a}metros de seguridad y QoS. Esta forma de\ an{\'a}lisis de par{\'a}metros a alto nivel permite considerar las dependencias y la compensaci{\'o}n entre mecanismos con\ independencia del sistema de informaci{\'o}n subyacente. Posibilita por tanto evaluar el impacto que tales\ mecanismos, y otros definidos acorde al modelo, tienen sobre un sistema previo a su despliegue.\ 

}, isbn = {978-84-9717-323-0}, author = {Ana Nieto and Javier Lopez} } @inproceedings {1637, title = {An Intelligent and Adaptive Live Simulator: A new Concept for Cybersecurity Training}, booktitle = {9th Future Security Conference}, year = {2014}, address = {Berlin}, abstract = {

The rapid rate of change in technology and the increasing sophistication of cyber attacks require any organization to have a continuous preparation. However, the resource and time intensive nature of cybersecurity education and training renders traditional approaches highly inefficient. Simulators have attracted the attention in the last years as a potential solution for cybersecurity training. However, in spite of the advances achieved, there is still an urgent need to address some open challenges. In this paper we present a novel simulator that solves some these challenges. First, we analyse the main properties that any cybersecurity training solution should comprise, and evaluate to what extent training simulators can meet them. Next, we introduce the functional architecture and innovative features of the simulator, of which a functional prototype has already been released. Finally, we demonstrate how these capabilities are put into practice in training courses already available in the simulator.

}, keywords = {Cyberdefence, Cybersecurity, Education, Simulation, Training}, author = {Jorge L. Hern{\'a}ndez-Ardieta and David Santos and Pascual Parra and Juan E. Tapiador and Pedro Peris-L{\'o}pez and Javier Lopez and Gerardo Fernandez} } @inproceedings {Lopez2014prl, title = {Preserving Receiver-Location Privacy in Wireless Sensor Networks}, booktitle = {Information Security Practice and Experience (ISPEC 2014)}, volume = {8434}, year = {2014}, month = {05/2014}, pages = {15-27}, publisher = {Springer}, organization = {Springer}, address = {Fuzhou, China}, abstract = {

Wireless sensor networks (WSNs) are exposed to many different types of attacks. Among these, the most devastating attack is to compromise or destroy the base station since all communications are addressed exclusively to it. Moreover, this feature can be exploited by a passive adversary to determine the location of this critical device. This receiver-location privacy problem can be reduced by hindering traffic analysis but the adversary may still obtain location information by capturing a subset of sensor nodes in the field. This paper addresses, for the first time, these two problems together in a single solution

}, keywords = {Location Privacy, node capture, traffic analysis, wireless sensor networks}, isbn = {978-3-319-06319-5}, issn = {0302-9743}, doi = {10.1007/978-3-319-06320-1_3}, url = {http://link.springer.com/chapter/10.1007/978-3-319-06320-1_3$\#$}, author = {Javier Lopez and Ruben Rios and Jorge Cuellar} } @inproceedings {932, title = {Security and QoS Tradeoff Recommendation System (SQT-RS) for Dynamic Assessing CPRM-based Systems}, booktitle = {10th ACM International Symposium on QoS and Security for Wireless and Mobile Networks (Q2SWinet{\textquoteright}14)}, year = {2014}, month = {09/2014}, pages = {25-32}, publisher = {ACM}, organization = {ACM}, address = {Montr{\'e}al (Canada)}, abstract = {
Context-based Parametric Relationship Models (CPRM) define complex dependencies between different types of parameters. In particular, Security and QoS relationships, that may occur at different levels of abstraction, are easily identified using CPRM. However, the growing number of parameters and relationships, typically due to the heterogeneous scenarios of future networks, increase the complexity of the final diagrams used in the analysis, and makes the current solution for assessing Security and QoS tradeoff (SQT) impractical for untrained users. In this paper, we define a recommendation system based on contextual parametric relationships in accordance with the definition of CPRM. The inputs for the system are generated dynamically based on the context provided by CPRM-based systems.

}, isbn = {978-1-4503-3027-5}, doi = {10.1145/2642687.2642689}, author = {Ana Nieto and Javier Lopez} } @inproceedings {moyano2012stm, title = {Building Trust and Reputation In: A Development Framework for Trust Models Implementation}, booktitle = {8th International Workshop on Security and Trust Management (STM 2012)}, series = {LNCS}, volume = {7783}, year = {2013}, pages = {113-128}, publisher = {Springer}, organization = {Springer}, address = {Pisa}, abstract = {

During the last years, many trust and reputation models have been proposed, each one targeting different contexts and purposes, and with their own particularities. While most contributions focus on defining ever-increasing complex models, little attention has been paid to the process of building these models inside applications during their implementation. The result is that models have traditionally considered as ad-hoc and after-the-fact solutions that do not always fit with the design of the application. To overcome this, we propose an object-oriented development framework onto which it is possible to build applications that require functionalities provided by trust and reputation models. The framework is extensible and flexible enough to allow implementing an important variety of trust models. This paper presents the framework, describes its main components, and gives examples on how to use it in order to implement three different trust models.

}, isbn = {978-3-642-38004-4}, issn = {0302-9743}, doi = {10.1007/978-3-642-38004-4}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez}, editor = {Audung J{\o}sang and Pierangela Samarati and Marinella Petrocchi} } @inproceedings {nunez2013leveraging, title = {Leveraging Privacy in Identity Management as a Service through Proxy Re-Encryption}, booktitle = {Ph.D Symposium of the European Conference on Service-Oriented and Cloud Computing (ESOCC) 2013}, year = {2013}, month = {September 2013}, address = {M{\'a}laga, Spain}, abstract = {

The advent of cloud computing has provided the opportunity to externalize the identity management processes, shaping what has been called Identity Management as a Service (IDaaS). However, as in the case of other cloud-based services, IDaaS brings with it great concerns regarding security and privacy, such as the loss of control over the outsourced data. As part of this PhD thesis, we analyze these concerns and propose BlindIdM, a model for privacy-preserving IDaaS with a focus on data privacy protection through the use of proxy re-encryption.

}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {rios2013b, title = {Ocultaci{\'o}n de la estaci{\'o}n base en redes inal{\'a}mbricas de sensores}, booktitle = {XI Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL 2013)}, year = {2013}, month = {Oct 2013}, pages = {481-486}, publisher = {Asociaci{\'o}n de Telem{\'a}tica}, organization = {Asociaci{\'o}n de Telem{\'a}tica}, address = {Granada}, abstract = {

La estaci{\'o}n base es el elemento m{\'a}s importante en un red de sensores y, por tanto, es necesario evitar que un atacante pueda hacerse con el control de este valioso dispositivo. Para ello, el atacante puede valerse tanto de t{\'e}cnicas de an{\'a}lisis de tr{\'a}fico como de la captura de nodos. En este trabajo presentamos un esquema que consta de dos fases, la primera est{\'a} dedicada a homogeneizar los patrones de tr{\'a}fico y la segunda encargada de perturbar las tablas de rutas de los nodos. Ambas fases permiten mantener a la estaci{\'o}n base fuera del alcance del atacante con un coste computacional insignificante y un consumo energ{\'e}tico moderado. La validez de nuestro esquema ha sido validada anal{\'\i}ticamente y a trav{\'e}s de numerosas simulaciones.

}, isbn = {978-84-616-5597-7}, author = {Ruben Rios and Jorge Cuellar and Javier Lopez}, editor = {Jes{\'u}s E. D{\'\i}az Verdejo and Jorge Navarro Ortiz and Juan J. Ramos Mu{\~n}oz} } @inproceedings {1805, title = {Towards Automatic Critical Infrastructure Protection through Machine Learning}, booktitle = {8th International Conference on Critical Information Infrastructures Security}, volume = {8328}, year = {2013}, pages = {197-203}, publisher = {Springer}, organization = {Springer}, address = {Amsterdam, The Netherlands}, abstract = {

Critical Infrastructure Protection (CIP) faces increasing challenges in number and in sophistication, which makes vital to provide new forms of protection to face every day{\textquoteright}s threats. In order to make such protection holistic, covering all the needs of the systems from the point of view of security, prevention aspects and situational awareness should be considered. Researchers and Institutions stress the need of providing intelligent and automatic solutions for\ protection, calling our attention to the need of providing Intrusion Detection Systems (IDS) with intelligent active reaction capabilities. In this paper, we support the need of automating the processes implicated in the IDS solutions of the critical infrastructures and theorize that the introduction of Machine Learning (ML) techniques in IDS will be helpful for implementing automatic adaptable solutions\ capable of adjusting to new situations and timely reacting in the face of threats and anomalies. To this end, we study the different levels of automation that the IDS can implement, and outline a methodology to endow critical scenarios with preventive automation. Finally, we analyze current solutions presented in the literature and contrast them against the proposed methodology

}, issn = {0302-9743}, doi = {http://link.springer.com/chapter/10.1007\%2F978-3-319-03964-0_18}, author = {Lorena Cazorla and Cristina Alcaraz and Javier Lopez} } @inproceedings {moyano13wisse, title = {Towards Engineering Trust-aware Future Internet Systems}, booktitle = {3rd International Workshop on Information Systems Security Engineering (WISSE 2013)}, series = {LNBIP}, volume = {148}, year = {2013}, month = {Jun 2013}, pages = {490-501}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Valencia}, abstract = {

Security must be a primary concern when engineering Future Internet (FI) systems and applications. In order to achieve secure solutions, we need to capture security requirements early in the Software Development Life Cycle (SDLC). Whereas the security community has traditionally focused on providing tools and mechanisms to capture and express hard security requirements (e.g. confidentiality), little attention has been paid to other important requirements such as trust and reputation. We argue that these soft security requirements can leverage security in open, distributed, heterogeneous systems and applications and that they must be included in an early phase as part of the development process. In this paper we propose a UML extension for specifying trust and reputation requirements, and we apply it to an eHealth case study.

}, keywords = {Reputation, Requirements Engineering, Secure Design, Trust}, isbn = {978-3-642-38489-9}, issn = {1865-1348}, doi = {10.1007/978-3-642-38490-5}, url = {http://link.springer.com/book/10.1007/978-3-642-38490-5/page/3}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez}, editor = {Xavier Franch and Pnina Soffer} } @inproceedings {moyano2013ifiptm, title = {Towards Trust-Aware and Self-Adaptive Systems}, booktitle = {7th IFIP WG 11.11 International Conference on Trust Management (IFIPTM 2013)}, series = {AICT}, volume = {401}, year = {2013}, month = {Jun 2013}, pages = {255-262}, publisher = {Springer}, organization = {Springer}, address = {Malaga}, abstract = {

The Future Internet (FI) comprises scenarios where many heterogeneous and dynamic entities must interact to provide services (e.g., sensors, mobile devices and information systems in smart city scenarios). The dynamic conditions under which FI applications must execute call for self-adaptive software to cope with unforeseeable changes in the application environment. Software engineering currently provides frameworks to develop reasoning engines that automatically take reconfiguration decisions and that support the runtime adaptation of distributed, heterogeneous applications. However, these frameworks have very limited support to address security concerns of these application, hindering their usage for FI scenarios. We address this challenge by enhancing self-adaptive systems with the concepts of trust and reputation. Trust will improve decision-making processes under risk and uncertainty, in turn improving security of self-adaptive FI applications. This paper presents an approach that includes a trust and reputation framework into a platform for adaptive, distributed component-based systems, thus providing software components with new abilities to include trust in their reasoning process.

}, isbn = {978-3-642-38323-6}, issn = {1868-4238}, doi = {10.1007/978-3-642-38323-6}, author = {Francisco Moyano and Benoit Baudry and Javier Lopez}, editor = {Carmen Fernandez-Gago and Isaac Agudo and Fabio Martinelli and Siani Pearson} } @inproceedings {moyano2013essosds, title = {A Trust and Reputation Framework}, booktitle = {Doctoral Symposium of the International Symposium on Engineering Secure Software and Systems (ESSoS-DS 2013)}, series = {CEUR-WS}, volume = {965}, year = {2013}, pages = {7-12}, publisher = {CEUR-WS}, organization = {CEUR-WS}, address = {Par{\'\i}s}, abstract = {

The Future Internet is posing new security challenges as their scenarios are bringing together a huge amount of stakeholders and devices that must interact under unforeseeable conditions. In addition, in these scenarios we cannot expect entities to know each other beforehand, and therefore, they must be involved in risky and uncertain collaborations. In order to minimize threats and security breaches, it is required that a well-informed decision-making process is in place, and it is here where trust and reputation can play a crucial role. Unfortunately, services and applications developers are often unarmed to address trust and reputation requirements in these scenarios. To overcome this limitation, we propose a trust and reputation framework that allows developers to create trust- and reputation-aware applications.

}, issn = {1613-0073}, url = {http://ceur-ws.org/Vol-965/}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez}, editor = {Maritta Heisel and Eda Marchetti} } @inproceedings {1729, title = {Addressing Situational Awareness in Critical Domains of a Smart Grid}, booktitle = {6th International Conference on Network and System Security (NSS 2012)}, series = {LNCS 7645}, volume = {7645}, year = {2012}, month = {November 2012}, pages = {58-71}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Wu Yi Shan, Fujian, China}, abstract = {

Control and situational awareness are two very important aspects within critical control systems, since potential faults or anomalous behaviors could lead to serious consequences by hiding the real status of supervised critical infrastructures. Examples of these infrastructures are energy generation, transmission or distribution systems that belong to Smart Grid systems. Given the importance of these systems for social welfare and its economy, a situational awareness-based model, composed of a set of current technologies, is proposed in this paper. The model focuses on addressing and offering a set of minimum services for protection, such as prevention, detection, response, self-evaluation and maintenance, thereby providing a desirable protection in unplanned situations.

}, issn = {978-3-642-34600-2}, doi = {http://dx.doi.org/10.1007/978-3-642-34601-9_5}, author = {Cristina Alcaraz and Javier Lopez} } @inproceedings {Rios2012b, title = {Adecuaci{\'o}n de soluciones de anonimato al problema de la privacidad de localizaci{\'o}n en WSN}, booktitle = {XII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (RECSI 2012)}, year = {2012}, month = {Sep 2012}, pages = {309-314}, address = {Donostia-San Sebasti{\'a}n}, abstract = {

Los patrones de tr{\'a}fico caracter{\'\i}sticos de las redes inal{\'a}mbricas de sensores (WSNs) dan lugar al problema de la privacidad de localizaci{\'o}n. De manera similar, el tr{\'a}fico de los usuarios en Internet revela informaci{\'o}n sensible que puede ser protegida mediante sistemas de comunicaci{\'o}n an{\'o}nima (ACS). Por ello, este trabajo analiza la posibilidad de adaptar las soluciones de anonimato tradicionales al problema particular de las redes de sensores. Hasta el momento estas soluciones hab{\'\i}an sido rechazadas sin un an{\'a}lisis riguroso, argumentando simplemente que eran demasiado exigentes computacionalmente para los nodos sensores. Nuestros resultados demuestran que, en general, algunos ACS no cumplen los requisitos de privacidad necesarios en WSNs mientras que otros, que si los cumplen, se valen de una cantidad de recursos que superan la capacidad de los sensores.

}, isbn = {978-84-615-9933-2}, author = {Ruben Rios and Javier Lopez}, editor = {U. Zurutuza and R. Uribeetxeberria and I. Arenaza-Nu{\~n}o} } @inproceedings {onieva2012, title = {Como proteger la privacidad de los usuarios en Internet. Verificaci{\'o}n an{\'o}nima de la mayor{\'\i}a de edad}, booktitle = {XII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n - RECSI 2012}, year = {2012}, month = {Sep 2012}, pages = {297-302}, publisher = {Mondragon}, organization = {Mondragon}, address = {San Sebastian (Spain)}, isbn = {978-84-615-9933-2}, author = {Jose A. Onieva and Isaac Agudo and Javier Lopez and G. Drapper-Gil and M.F. Hinarejos} } @inproceedings {moyano2012trustbus, title = {A Conceptual Framework for Trust Models}, booktitle = {9th International Conference on Trust, Privacy \& Security in Digital Business (TrustBus 2012)}, series = {LNCS}, volume = {7449}, year = {2012}, month = {Sep 2012}, pages = {93-104}, publisher = {Springer Verlag}, organization = {Springer Verlag}, address = {Vienna}, abstract = {

During the last twenty years, a huge amount of trust and reputation models have been proposed, each of them with their own particularities and targeting different domains. While much effort has been made in defining ever-increasing complex models, little attention has been paid to abstract away the particularities of these models into a common set of easily understandable concepts. We propose a conceptual framework for computational trust models that will be used for analyzing their features and for comparing heterogeneous and relevant trust models.

}, isbn = {978-3-642-32286-0}, issn = {0302-9743}, doi = {10.1007/978-3-642-32287-7}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez}, editor = {Fischer-H{\"u}bner, Simone and Katsikas, Sokratis and Quirchmayr, Gerald} } @inproceedings {Rios2012, title = {HIDE_DHCP: Covert Communications Through Network Configuration Messages}, booktitle = {Proceedings of the 27th IFIP TC 11 International Information Security and Privacy Conference (SEC 2012)}, series = {IFIP AICT}, volume = {376}, year = {2012}, month = {June 2012}, pages = {162-173}, publisher = {Springer Boston}, organization = {Springer Boston}, address = {Heraklion, Crete, Greece}, abstract = {

Covert channels are a form of hidden communication that may violate the integrity of systems. Since their birth in multilevel security systems in the early 70{\textquoteright}s they have evolved considerably, such that new solutions have appeared for computer networks mainly due to vague protocols specifications. We analyze a protocol extensively used today, the Dynamic Host Configuration Protocol (DHCP), in search of new forms of covert communication. From this analysis we observe several features that can be effectively exploited for subliminal data transmission. This results in the implementation of HIDE_DHCP, which integrates three covert channels that accommodate to different stealthiness and bandwidth requirements

}, keywords = {Covert channels, Network Security, System Information Security}, isbn = {978-3-642-30435-4}, issn = {1868-4238}, doi = {http://dx.doi.org/10.1007/978-3-642-30436-1_14}, author = {Ruben Rios and Jose A. Onieva and Javier Lopez}, editor = {Dimitris Gritzalis and Steve Furnell and Marianthi Theoharidou} } @inproceedings {moyano12qasa, title = {Implementing Trust and Reputation Systems: A Framework for Developers{\textquoteright} Usage}, booktitle = {International Workshop on Quantitative Aspects in Security Assurance}, year = {2012}, address = {Pisa}, abstract = {

During the last decades, a huge amount of trust and reputation models have been proposed, each of them with their own particularities and targeting different domains. While much effort has been made in defining ever-increasing complex models, little attention has been paid to abstract away the particularities of these models into a common set of easily understandable concepts. We propose a conceptual framework for computational trust models that is used for developing a component-oriented development framework that aims to assist developers during the implementation phase.

}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {Cuellar2012, title = {Indistinguishable Regions in Geographic Privacy}, booktitle = {Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC 2012)}, year = {2012}, month = {26-30 March 2012}, pages = {1463-1469}, publisher = {ACM}, organization = {ACM}, address = {Riva del Garda (Trento), Italy}, abstract = {

The ubiquity of positioning devices poses a natural security challenge: users want to take advantage of location-related services as well as social sharing of their position but at the same time have security concerns about how much information should be shared about their exact position. This paper discusses different location-privacy problems, their formalization and the novel notion of indistinguishability regions that allows one to proof that a given obfuscation function provides a good trade-off between location sharing and privacy.

}, keywords = {indistinguishability, Location Privacy, obfuscation}, isbn = {978-1-4503-0857-1}, doi = {10.1145/2245276.2232010}, author = {Jorge Cuellar and Martin Ochoa and Ruben Rios}, editor = {Sascha Ossowski and Paola Lecca} } @inproceedings {nunez2012integrating, title = {Integrating OpenID with Proxy Re-Encryption to enhance privacy in cloud-based identity services}, booktitle = {IEEE CloudCom 2012}, year = {2012}, month = {Dec 2012}, pages = {241 - 248}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Taipei, Taiwan}, abstract = {

The inclusion of identity management in the cloud computing landscape represents a new business opportunity for providing what has been called Identity Management as a Service (IDaaS). Nevertheless, IDaaS introduces the same kind of problems regarding privacy and data confidentiality as other cloud services; on top of that, the nature of the outsourced information (users{\textquoteright} identity) is critical. Traditionally, cloud services (including IDaaS) rely only on SLAs and security policies to protect the data, but these measures have proven insufficient in some cases; recent research has employed advanced cryptographic mechanisms as an additional safeguard. Apart from this, there are several identity management schemes that could be used for realizing IDaaS systems in the cloud; among them, OpenID has gained crescent popularity because of its open and decentralized nature, which makes it a prime candidate for this task. In this paper we demonstrate how a privacy-preserving IDaaS system can be implemented using OpenID Attribute Exchange and a proxy re-encryption scheme. Our prototype enables an identity provider to serve attributes to other parties without being able to read their values. This proposal constitutes a novel contribution to both privacy and identity management fields. Finally, we discuss the performance and economical viability of our proposal.

}, keywords = {Cloud Computing, Cryptography, identity management, OpenID, privacy, proxy re-encryption}, isbn = {978-1-4673-4511-8}, issn = {978-1-4673-4509-5}, doi = {10.1109/CloudCom.2012.6427551}, author = {David Nu{\~n}ez and Isaac Agudo and Javier Lopez} } @inproceedings {Rios2012d, title = {Robust Probabilistic Fake Packet Injection for Receiver-Location Privacy in WSN}, booktitle = {17th European Symposium on Research in Computer Security (ESORICS 2012)}, series = {LNCS}, volume = {7459}, year = {2012}, month = {Sep 2012}, pages = {163-180}, publisher = {Springer}, organization = {Springer}, address = {Pisa, Italy}, abstract = {

The singular communication model in wireless sensor networks (WSNs) originate pronounced traffic patterns that allow a local observer to deduce the location of the base station, which must be kept secret for both strategical and security reasons. In this work we present a new receiver-location privacy solution called HISP (Homogenous Injection for Sink Privacy). Our scheme is based on the idea of hiding the flow of real traffic by carefully injecting fake traffic to homogenize the transmissions from a node to its neighbors. This process is guided by a lightweight probabilistic approach ensuring that the adversary cannot decide with sufficient precision in which direction to move while maintaining a moderate amount of fake traffic. Our system is both validated analytically and experimentally through simulations.

}, isbn = {978-3-642-33167-1}, issn = {0302-9743}, doi = {10.1007/978-3-642-33167-1_10}, author = {Ruben Rios and Jorge Cuellar and Javier Lopez}, editor = {Sara Foresti and Moti Yung and Fabio Martinelli} } @inproceedings {Najera_STM11, title = {Secure architecure for the integration of RFID and sensors in personal networks}, booktitle = {7th International Workshop on Security and Trust Management (STM{\textquoteright}11)}, series = {LNCS}, volume = {7170}, year = {2012}, pages = {207-222}, publisher = {Springer}, organization = {Springer}, address = {Copenhagen, Denmark}, abstract = {

The secure integration of RFID technology into the personal network paradigm, as a context-aware technology which complements body sensor networks, would provide notable benefits to applications and potential services of the PN. RFID security as an independent technology is reaching an adequate maturity level thanks to research in recent years; however, its integration into the PN model, interaction with other network resources, remote users and service providers requires a specific security analysis and a PN architecture prepared to support these resource-constrained pervasive technologies. This paper provides such PN architecture and analysis. Aspects such as the management of personal tags as members of the PN, the authentication and secure communication of PN nodes and remote users with the context-aware technologies, and the enforcement of security and privacy policies are discussed in the architecture.

}, isbn = {978-3-642-29962-9}, doi = {10.1007/978-3-642-29963-6_15}, author = {Pablo Najera and Rodrigo Roman and Javier Lopez} } @inproceedings {Nieto2012c, title = {Security and QoS relationships in Mobile Platforms}, booktitle = {The 4th FTRA International Conference on Computer Science and its Applications (CSA 2012)}, series = {Lecture Notes in Electrical Engineering}, volume = {203}, year = {2012}, month = {2012}, pages = {13-21}, publisher = {Springer Netherlands}, organization = {Springer Netherlands}, address = {Jeju (Korea)}, abstract = {

Mobile platforms are becoming a fundamental part of the user{\textquoteright}s daily life. The human-device relationship converts the devices in a repository of personal data that may be stolen or modified by malicious users. Moreover, wireless capabilities open the door to several malicious devices, and mobility represents an added difficulty in the detection of malicious behavior and in the prevention of the same. Furthermore, smartphones are subject to quality of service (QoS) restrictions, due to the user needs for multimedia applications and, in general, the need to be always-on. However, Security and QoS requirements are largely confronted and the mobility and heterogeneous paradigm on the Future Internet makes its coexistence even more difficult, posing new challenges to overcome. We analyze the principal challenges related with Security and QoS tradeoffs in mobile platforms. As a result of our analysis we provide parametric relationships between security and QoS parameters focused on mobile platforms.

}, keywords = {Mobile Platforms, QoS, security, Tradeoffs}, isbn = {978-94-007-5699-1}, doi = {10.1007/978-94-007-5699-1_2}, url = {http://dx.doi.org/10.1007/978-94-007-5699-1_2}, author = {Ana Nieto and Javier Lopez} } @inproceedings {Nieto2012b, title = {Security and QoS tradeoffs: towards a FI perspective}, booktitle = {Advanced Information Networking and Applications Workshops (WAINA), 2012 26th International Conference on}, year = {2012}, month = {03/2012}, pages = {745-750}, publisher = {IEEE}, organization = {IEEE}, address = {Fukuoka (Japan)}, abstract = {

\ Motivated by the growing convergence of diverse types of networks and the raise of new concepts such as Future Internet (FI), in this paper we present an analysis of current research on the development of security mechanisms in a tradeoff with Quality of Service (QoS) mechanisms. More precisely, we pay attention to the Security and QoS problems in resource-constrained networks that are candidates to be an important part of the FI due to their proximity to the user or because of their contribution to the information society. We analyse the current state of the research on security and QoS in the integration of sensors, MANET and cellular networks, with the aim of providing a critical point of view, allowing us to assess whether it is possible that such integration of networks is both secure and efficient.

}, keywords = {Future Internet, QoS, security}, isbn = {978-0-7695-4652-0/12}, doi = {10.1109/WAINA.2012.204}, author = {Ana Nieto and Javier Lopez} } @inproceedings {moyano2012essosds, title = {Service-Oriented Trust and Reputation Architecture}, booktitle = {Proceedings of the Doctoral Symposium of the International Symposium on Engineering Secure Software and Systems (ESSoS-DS 2012)}, series = {CEUR-WS}, volume = {834}, year = {2012}, note = {

Partner:UMA, Project:NESSoS

}, pages = {41-46}, publisher = {CEUR-WS}, organization = {CEUR-WS}, address = {Eindhoven}, abstract = {

As the Future Internet arrives, more complex, service-based applications are spreading. These applications pose several challenges, including the huge amount of entities that must interact and their het- erogeneity. The success of these applications depends on the collaboration and communication of these entities, that might belong to different or- ganizations and administrative domains. Therefore, trust and reputation become two crucial issues. We propose the specification and design of a service-based security architecture that stresses the delivery of trust and reputation services to any application that might require them.

}, issn = {1613-0073}, url = {http://ceur-ws.org/Vol-834/paper7_essosds2012.pdf}, author = {Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez}, editor = {Jorge Cuellar and Nora Koch} } @inproceedings {neumann2012strong, title = {Strong Authentication of Humans and Machines in Policy Controlled Cloud Computing Environment Using Automatic Cyber Identity}, booktitle = {Information Security Solutions Europe 2012}, year = {2012}, month = {2012}, pages = {195-206}, publisher = {Springer Vieweg}, organization = {Springer Vieweg}, address = {Brussels, Belgium}, abstract = {

The paper describes the experience with integration of automatic cyber identity technology with policy controlled virtualisation environment. One identity technology has been used to enable strong authentication of users (human beings) as well as machines (host systems) to the virtualization management system. The real experimental evaluation has been done in PASSIVE project (Policy-Assessed system-level Security of Sensitive Information processing in Virtualised Environments - SEVENTH FRAMEWORK PROGRAMME THEME ICT-2009.1.4 INFORMATION AND COMMUNICATION TECHNOLOGIES - Small or medium-scale focused research project - Grant agreement no.: 257644).

}, isbn = {978-3-658-00332-6}, doi = {10.1007/978-3-658-00333-3_19}, author = {Neumann Libor and Tomas Halman and Rotek Pavel and Alexander Boettcher and Julian Stecklina and Michal Sojka and David Nu{\~n}ez and Isaac Agudo}, editor = {Norbert Pohlmann and Helmut Reimer and Wolfgang Schneider} } @inproceedings {Moyano_ESSoS12, title = {A Task Ordering Approach for Automatic Trust Establishment}, booktitle = {Proceedings of the 2012 International Symposium on Engineering Secure Software and Systems (ESSoS 2012)}, series = {LNCS}, volume = {7159}, year = {2012}, month = {Feb 2012}, pages = {76{\textendash}89}, publisher = {Springer}, organization = {Springer}, address = {Eindhoven, The Netherlands}, abstract = {

Trust has become essential in computer science as a way of assisting the process of decision-making, such as access control. In any system, several tasks may be performed, and each of these tasks might pose different associated trust values between the entities of the system. For instance, in a file system, reading and overwriting a file are two tasks that pose different trust values between the users who can carry out these tasks. In this paper, we propose a simple model for automatically establishing trust relationships between entities considering an established order among tasks.

}, keywords = {task ordering, trust evaluation, trust graph}, doi = {10.1007/978-3-642-28166-2_8}, author = {Francisco Moyano and Carmen Fernandez-Gago and Isaac Agudo and Javier Lopez}, editor = {Gilles Barthe and Ben Livshits and Riccardo Scandariato} } @inproceedings {Nieto2012a, title = {Traffic Classifier for Heterogeneous and Cooperative Routing through Wireless Sensor Networks}, booktitle = {Advanced Information Networking and Applications Workshops (WAINA), 2012 26th International Conference on}, year = {2012}, month = {03/2012}, pages = {607-612}, publisher = {IEEE}, organization = {IEEE}, address = {Fukuoka (Japan)}, abstract = {

Wireless Sensor Networks (WSN) are networks composed of autonomous devices manufactured to solve a specific problem, with limited computational capabilities and resource-constrained (e.g. limited battery). WSN are used to monitor physical or environmental conditions within an area (e.g. temperature, humidity). The popularity of the WSN is growing, precisely due to the wide range of sensors available. As a result, these networks are being deployed as part of several infrastructures. However, sensors are designed to collaborate only with sensors of the same type. In this sense, taking advantage of the heterogeneity of WSN in order to provide common services, like it is the case of routing, has not been sufficiently considered. For this reason, in this paper we propose a routing protocol based on traffic classification and role-assignment to enable heterogeneous WSN for cooperation. Our approach considers both QoS requirements and lifetime maximization to allow the coexistence of different applications in the heterogeneous network infrastructure.

}, keywords = {heterogeneous, routing, WSN}, isbn = {978-0-7695-4652-0/12}, doi = {10.1109/WAINA.2012.202}, author = {Ana Nieto and Javier Lopez} } @inproceedings {Clarke:2012, title = {Trust \& Security RTD in the Internet of Things: Opportunities for International Cooperation}, booktitle = {Proceedings of the First International Conference on Security of Internet of Things}, series = {SecurIT {\textquoteright}12}, year = {2012}, pages = {172{\textendash}178}, publisher = {ACM}, organization = {ACM}, address = {New York, NY, USA}, abstract = {

While there has been considerable progress in the research and technological development (RTD) of the Internet of Things (IoT), there is still considerable RTD required by international communities for the trust, privacy and security research challenges arising from the constitution of the IoT architectures, infrastructures, communications, devices, objects, applications and services. In this paper, we present an thorough analysis of the ongoing and future RTD work, specifically in Europe, regarding trust, privacy and security of the Internet of Things with a view towards enabling international cooperation efforts around the globe to solve these major research challenges.

}, keywords = {international cooperation (INCO), Internet of Things, privacy, research and technological development (RTD), security, Trust}, isbn = {978-1-4503-1822-8}, doi = {10.1145/2490428.2490452}, url = {http://doi.acm.org/10.1145/2490428.2490452}, author = {Clarke, James and Roman, Rodrigo and Sharma, Abhishek and Lopez, Javier and Suri, Neeraj} } @inproceedings {422, title = {Un protocolo para la firma de contratos en escenarios multi-two-party con atomicidad}, booktitle = {XII Reuni{\'o}n Espa{\~n}ola de Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n}, year = {2012}, month = {09/2012}, pages = {357-362}, abstract = {

Los avances tecnol{\'o}gicos que est{\'a} experimentando el mundo digital (Internet, comunicaciones, etc.) est{\'a}n acercando a consumidores y proveedores. Los proveedores pueden ofrecer sus productos directamente a los consumidores finales, y {\'e}stos son capaces de acceder a los proveedores desde cualquier lugar y en cualquier momento. A la hora de adquirir productos o
servicios, esta facilidad de acceso permite a los consumidores consultar distintas ofertas de diferentes proveedores. Pero en el caso de que el consumidor quiera m{\'u}ltiples productos, como los paquetes tur{\'\i}sticos, formados por vuelos, hoteles, excursiones, etc, los consumidores carecen de herramientas que les permitan realizar la contrataci{\'o}n multi-two-party de manera at{\'o}mica. En
este art{\'\i}culo presentamos un protocolo de firma de contratos multi-two-party con atomicidad que garantiza la equitatividad de todas las partes.

}, author = {Gerard Draper-Gil and Josep L. Ferrer-Gomilla and M.F. Hinarejos and Jose A. Onieva and Javier Lopez} } @inproceedings {Najera_JITEL11, title = {Acceso seguro a nodos RFID en una arquitectura de red personal}, booktitle = {X Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL 2011)}, year = {2011}, month = {09/2011}, pages = {104 - 111}, publisher = {Universidad de Cantabria}, organization = {Universidad de Cantabria}, address = {Santander, Spain}, abstract = {

El paradigma de red personal (PN) permitir\á la interacci\ón y colaboraci\ón del creciente abanico de dispositivos personales. Con tal fin la PN ha de integrar en su seno m\últiples tecnolog\ías heterog\éneas con diversas capacidades computacionales y de comunicaci\ón de forma segura. En particular, la incorporaci\ón de la tecnolog\ía RFID en objetos personales conlleva m\últiples riesgos de seguridad y privacidad que han suscitado un elevado inter\és de la comunidad investigadora en los \últimos a\ños. M\ás all\á de su seguridad de forma aislada, su integraci\ón en la PN y la interacci\ón de \ésta con redes de \área extensa como Internet of Things requieren una arquitectura de red personal adecuada para tal contexto. Este art\ículo proporciona los fundamentos de tal arquitectura segura incluyendo el an\álisis de aspectos como la incorporaci\ón e inicializaci\ón de las restringidas etiquetas RFID en la red personal, la autenticaci\ón tanto de miembros de la PN como de usuarios y servicios remotos en su acceso a las tecnolog\ías de contexto, el control de las pol\íticas de privacidad y el establecimiento de canales seguros de comunicaci\ón supervisados.

}, keywords = {arquitectura software, red personal, Seguridad RFID}, isbn = {978-84-694-5948-5}, author = {Pablo Najera and Rodrigo Roman and Javier Lopez}, editor = {Klaus Hackbarth and Ram{\'o}n Ag{\"u}ero and Roberto Sanz} } @inproceedings {1642, title = {Analysis of Secure Mobile Grid Systems: A systematic approach}, booktitle = {XVI Jornadas de Ingenier{\'\i}a del Software y Bases de Datos (JISBD 2011)}, year = {2011}, month = {2011}, pages = {487-491}, publisher = {Servizo de publicaci{\'o}ns da Universidade da Coru{\~n}a}, organization = {Servizo de publicaci{\'o}ns da Universidade da Coru{\~n}a}, address = {A Coru{\~n}a, Spain}, abstract = {

Developing software through systematic processes is becoming more and more important due to the growing complexity of software development. It is important that the development process used integrates security aspects from the first stages at the same level as other functional and non-functional requirements. The identification of security aspects in the first stages ensures a more robust development and permits the security requirements to be perfectly coupled with the design and the rest of the system\’s requirements. Systems which are based on Grid Computing are a kind of systems that have clear differentiating features in which security is a highly important aspect. Generic development processes are sometimes used to develop Grid specific systems without taking into consideration either the subjacent technological environment or the special features and particularities of these specific systems. In fact, the majority of existing Grid applications have been built without a systematic development process and are based on ad hoc developments.

}, isbn = {978-84-9749-486-1}, author = {David G. Rosado and E. Fernandez-Medina and M. Pattini and Javier Lopez} } @inproceedings {agudo2011cryptography, title = {Cryptography Goes to the Cloud}, booktitle = {1st International Workshop on Security and Trust for Applications in Virtualised Environments (STAVE 2011)}, series = {Communications in Computer and Information Science}, volume = {187}, year = {2011}, month = {June}, pages = {190-197}, publisher = {Springer}, organization = {Springer}, abstract = {

In this paper we identify some areas where cryptography can help a rapid adoption of cloud computing. Although secure storage has already captured the attention of many cloud providers, offering a higher level of protection for their customer{\textquoteright}s data, we think that more advanced techniques such as searchable encryption and secure outsourced computation will become popular in the near future, opening the doors of the Cloud to customers with higher security requirements.

}, isbn = {978-3-642-22364-8}, doi = {10.1007/978-3-642-22365-5_23}, author = {Isaac Agudo and David Nu{\~n}ez and Gabriele Giammatteo and Panagiotis Rizomiliotis and Costas Lambrinoudakis}, editor = {Changhoon Lee and Jean-Marc Seigneur and James J. Park and Roland R. Wagner} } @inproceedings {1622, title = {Engineering Secure Future Internet Services}, booktitle = {Future Internet Assembly 2011: Achievements and Technological Promises (FIA 2011)}, series = {LNCS}, volume = {6656}, year = {2011}, pages = {177-191}, publisher = {Springer Berlin Heidelberg}, organization = {Springer Berlin Heidelberg}, address = {Budapest}, abstract = {

In this paper we analyze the need and the opportunity forestablishing a discipline for engineering secure Future Internet Services,typically based on research in the areas of software engineering, of serviceengineering and security engineering. Generic solutions that ignore thecharacteristics of Future Internet services will fail, yet it seems obviousto build on best practices and results that have emerged from variousresearch communities.The paper sketches various lines of research and strands within each lineto illustrate the needs and to sketch a community wide research plan. Itwill be essential to integrate various activities that need to be addressedin the scope of secure service engineering into comprehensive softwareand service life cycle support. Such a life cycle support must deliverassurance to the stakeholders and enable risk and cost management forthe business stakeholders in particular. The paper should be considereda call for contribution to any researcher in the related sub domains inorder to jointly enable the security and trustworthiness of Future Internetservices.

}, isbn = {978-3-642-20897-3}, issn = {0302-9743}, author = {W. Joosen and Javier Lopez and F. Martinelli and F. Massacci} } @inproceedings {1643, title = {Managing Incidents in Smart Grids {\`a} la Cloud}, booktitle = {IEEE CloudCom 2011}, year = {2011}, month = {Nov-Dec 2011}, pages = {527-531}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Athens, Greece}, abstract = {

During the last decade, the Cloud Computing paradigm has emerged as a panacea for many problems in traditional IT infrastructures. Much has been said about the potential of Cloud Computing in the Smart Grid context, but unfortunately it is still relegated to a second layer when it comes to critical systems. Although the advantages of outsourcing those kind of applications to the cloud is clear, data confidentiality and operational privacy stand as mayor drawbacks. In this paper, we try to give some hints on which security mechanisms and more specific, which cryptographic schemes, will help a better integration of Smart Grids and Clouds. We propose the use of Virtual SCADA in the Cloud (VS-Cloud) as a mean to improve reliability and efficiency whilst maintaining the same protection level as in traditional SCADA architectures.

}, keywords = {Cloud Computing, Cryptography, Incident Management, SCADA Systems, Searchable Encryption, Smart Grid}, isbn = {978-0-7695-4622-3}, doi = {10.1109/CloudCom.2011.79}, author = {Cristina Alcaraz and Isaac Agudo and David Nu{\~n}ez and Javier Lopez} } @inproceedings {6059235, title = {OSAMI Commons: An open dynamic services platform for ambient intelligence}, booktitle = {IEEE 16th Conference on Emerging Technologies Factory Automation (ETFA 2011)}, year = {2011}, month = {Sep 2011}, pages = {1-10}, publisher = {IEEE}, organization = {IEEE}, address = {Toulouse, France}, abstract = {

Today we live in an environment surrounded with networked converging devices. Human computer interactions are becoming personalized and a new concept of a global and cross-domain platform is emerging to exploit the full potential of the network in all business areas. In this convergence process, the software platform should be able to personalize itself dynamically in devices according to the context. OSAmI-Commons, an ITEA2 project for developing an open-source common approach to such a dynamic service-based platform, allows any type of device to connect and exchange information and services. OSAMI consortium is contributing to defining the foundations of a cross-platform open-services ecosystem. The sustainability of this platform is an objective beyond the project duration.

}, isbn = {978-1-4577-0016-3}, issn = {1946-0740}, doi = {10.1109/ETFA.2011.6059235}, author = {Naci Dai and Jesus Bermejo and Felix Cuadrado Latasa and Alejandra Ruiz L{\'o}pez and Isaac Agudo and Elmar Zeeb and Jan Krueger and Oliver Dohndorf and Wolfgang Thronicke and Christoph Fiehe and Anna Litvina} } @inproceedings {Roman11SK, title = {SenseKey - Simplifying the Selection of Key Management Schemes for Sensor Networks}, booktitle = {5th International Symposium on Security and Multimodality in Pervasive Environments (SMPE{\textquoteright}11)}, year = {2011}, month = {March}, publisher = {IEEE}, organization = {IEEE}, address = {Singapore}, abstract = {

Key Management Schemes (KMS) are a very important security mechanism for Wireless Sensor Networks (WSN), as they are used to manage the credentials (i.e. secret keys) that are needed by the security primitives. There is a large number of available KMS protocols in the literature, but it is not clear what should network designers do to choose the most suitable protocol for the needs of their applications. In this paper, we consider that given a certain set of application requirements, the network designer can check which properties comply with those requirements and select the KMS protocols that contains those particular properties. Therefore, we study the relationship between requirements and properties, and we provide a web tool, the SenseKey tool, that can be used to automatically obtain an optimal set of KMS protocols.

}, doi = {10.1109/WAINA.2011.78}, url = {http://www.ftrai.org/smpe2011/}, author = {Rodrigo Roman and Javier Lopez and Cristina Alcaraz and Hsiao Hwa Chen} } @inproceedings {Leon11, title = {Towards a Cooperative Intrusion Detection System for Cognitive Radio Networks}, booktitle = {Workshop on Wireless Cooperative Network Security (WCNS{\textquoteright}11)}, series = {LNCS}, year = {2011}, month = {May}, publisher = {Springer}, organization = {Springer}, abstract = {

Cognitive Radio Networks (CRNs) arise as a promising solution to the scarcity of spectrum. By means of cooperation and smart decisions influenced by previous knowledge, CRNs are able to detect and profit from the best spectrum opportunities without interfering primary licensed users. However, besides the well-known attacks to wireless networks, new attacks threat this type of networks. In this paper we analyze these threats and propose a set of intrusion detection modules targeted to detect them. Provided method will allow a CRN to identify attack sources and types of attacks, and to properly react against them.

}, doi = {10.1007/978-3-642-23041-7_22}, url = {http://www.networking2011.org/workshops/WCNS.html}, author = {Olga Leon and Rodrigo Roman and Juan Hernandez Serrano} } @inproceedings {Alcaraz2010, title = {Acceso seguro a redes de sensores en SCADA a trav{\'e}s de Internet}, booktitle = {XI Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (RECSI 2010)}, year = {2010}, month = {September}, pages = {337-342}, address = {Tarragona (Spain)}, abstract = {

Las Infraestructuras Cr\íticas (ICs) son monitorizadas por sistemas altamente complejos, conocidos como sistemas SCADA (Sistemas de Control y Adquisici\ón de Datos), cuyo principal soporte se encuentra en las subestaciones, las cuales miden de primera instancia el estado real de tales ICs. Para mejorar este control, la industria est\á actualmente demandando la integraci\ón en el modelo tradicional de dos avances tecnol\ógicos: Internet y las redes de sensores inal\ámbricas. Sin embargo, su incorporaci\ón requiere analizar los requisitos de seguridad que surgen en dicho contexto, as\í como diversos aspectos correlacionados (ej. mantenimiento, rendimiento, seguridad y optimizaci\ón) y, en base a estos, la estrategia de integraci\ón m\ás adecuada para satisfacer dichos requisitos. Este art\ículo proporciona dicho an\álisis en profundidad con el fin de ofrecer un modelo de integraci\ón seguro adecuado para entornos cr\íticos.

}, keywords = {el Internet, Internet of Things, Redes Mesh Inal{\'a}mbrica de Sensores, Sistemas Cr{\'\i}ticos de Control, Sistemas SCADA}, isbn = {978-84-693-3304-4}, url = {http://crises-deim.urv.cat/recsi2010/}, author = {Cristina Alcaraz and Rodrigo Roman and Pablo Najera and Javier Lopez} } @inproceedings {JoseA.Montenegro2010, title = {Computacion Segura Multiparte Aplicada a Subastas Electr{\'o}nicas}, booktitle = {IX Jornadas de Ingenier{\'\i}a Telemenatica (JITEL 2010)}, year = {2010}, month = {Octubre}, abstract = {

La confidencialidad ha pasado de ser un requisito de seguridad a ser considerado como requisito funcional y de obligado cumplimiento e inclusi\ón en todos los sistemas de comunicaciones. Un inconveniente que presenta las t\écnicas criptogr\áficas, utilizadas para obtener la confidencialidad de la informaci\ón, surge cuando varias entidades se ven forzadas a compartir informaci\ón secreta para realizar tareas puntuales de colaboraci\ón, ya que las primitivas tradicionales utilizadas para conseguir la confidencialidad resultan poco flexibles. La situaci\ón ideal permitir\ía hacer posible dicha colaboraci\ón sin que ninguna de las partes revele la informaci\ón aportada. En este escenario entra en juego la tecnolog\ía de Computaci\ón Segura Multiparte (CSM) que posibilita realizar operaciones con la informaci\ón compartida sin tener que hacerla p\ública. Este trabajo muestra una soluci\ón CSM aplicada a una subasta electr\ónica que permite la realizaci\ón de la subasta sin que las apuestas sean reveladas a ning\ún participante, incluyendo el subastador, por lo que no necesita el estableciendo de ninguna autoridad confiable. Aunque la literatura ofrece una amplia variedad de propuestas te\óricas de CSM desde su creaci\ón en la d\écada de los ochenta, no es com\ún su aplicacion pr\áctica en situaciones reales.

}, author = {Jose A. Montenegro and Javier Lopez and Rene Peralta} } @inproceedings {Alcaraz2010b, title = {Early Warning System for Cascading Effect Control in Energy Control Systems}, booktitle = {5th International conference on Critical Information Infrastructures Security (CRITIS{\textquoteright}10)}, series = {LNCS}, volume = {6712}, year = {2010}, month = {September}, pages = {55-67}, publisher = {Springer}, organization = {Springer}, address = {Athens, Greece}, abstract = {

A way of controlling a cascading effect caused by a failure or a threat in a critical system is using intelligent mechanisms capable of predicting anomalous behaviours and also capable of reacting against them in advance. These mechanisms are known as Early Warning Systems (EWS) and this will be precisely the main topic of this paper. Specially, we present an EWS design based on a Wireless Sensor Network (using the ISA100.11a standard) that constantly supervise the application context. This EWS is also based on forensic techniques to provide dynamic learning capacities. As a result, this new approach will aid to provide a reliable control of incidences by offering a dynamic alarm management, identification of the most suitable field operator to attend an alarm, reporting of causes and responsible operators, and learning from new anomalous situations.

}, keywords = {Cascading Effect, Early Warning System, Energy Control Systems, Forensic Techniques, SCADA Systems, Wireless Sensor Network}, isbn = {978-3-642-21693-0}, issn = {0302-9743}, url = {http://critis.net/2010/}, author = {Cristina Alcaraz and Angel Balastegui and Javier Lopez} } @inproceedings {Rios2010, title = {Source Location Privacy Considerations in Wireless Sensor Networks}, booktitle = {4th International Symposium of Ubiquitous Computing and Ambient Intelligence (UCAmI{\textquoteright}10)}, year = {2010}, month = {Sept.}, pages = {29 - 38}, publisher = {IBERGARCETA PUBLICACIONES, S.L.}, organization = {IBERGARCETA PUBLICACIONES, S.L.}, address = {Valencia (Spain)}, abstract = {

Wireless Sensor Networks are considered to be one of the cornerstones of Ambient Intelligence since they can be used in countless applications, where sensors are unobtrusively embedded into the environment to perform operations like monitoring, tracking and reporting. In such scenarios, privacy issues must be carefully considered since the mere observation of the network operation might reveal great amounts of private information to unauthorised parties. One of the problems that is gaining more attention in the realm of privacy, is the location privacy problem, which aims to prevent an attacker from obtaining the location of specific nodes of interest to him. In this paper we provide a general overview of the proposed solutions to counter this threat. Finally, we will also discuss some open challenges and future directions of research for a convenient management of privacy issues in smart environments.

}, isbn = {978-84-92812-61-5}, author = {Ruben Rios and Javier Lopez}, editor = {Lidia Fuentes and Nadia G{\'a}mez and Jos{\'e} Bravo} } @inproceedings {rosado2010c, title = {A Study of Security Approaches for the Development of Mobile Grid Systems}, booktitle = {5th International Conference on Software and Data Technologies (ICSOFT{\textquoteright}10)}, volume = {1}, year = {2010}, month = {july}, pages = {133-138}, publisher = {Springer}, organization = {Springer}, address = {Athens, Greece}, abstract = {

Mobile Grid systems allow us to build highly complex information systems with various and remarkable features (interoperability between multiple security domains, cross-domain authentication and authorization, dynamic, heterogeneous and limited mobile devices, etc), which demand secure development methodologies to build quality software, offering methods, techniques and tools that facilitate the work of the entire team involved in software development. These methodologies should be supported by Grid security architectures that define the main security aspects to be considered, and by solutions to the problem of how to integrate mobile devices within Grid systems. Some approaches regarding secure development methodologies of Grid security architectures and of the integration of mobile devices in the Grid have been found in literature, and these are analyzed and studied in this paper, offering a comparison framework of all the approaches related to security in Mobile Grid environments.

}, isbn = {978-989-8425-22-5}, author = {David G. Rosado and Eduardo Fernandez-Medina and Javier Lopez} } @inproceedings {calcaraz10, title = {Wireless Sensor Networks and the Internet of Things: Do We Need a Complete Integration?}, booktitle = {1st International Workshop on the Security of the Internet of Things (SecIoT{\textquoteright}10)}, year = {2010}, month = {December}, pages = {xxxx}, publisher = {IEEE}, organization = {IEEE}, address = {Tokyo (Japan)}, abstract = {

Wireless sensor networks (WSN) behave as a digital skin, providing a virtual layer where the information about the physical world can be accessed by any computational system. As a result, they are an invaluable resource for realizing the vision of the Internet of Things (IoT). However, it is necessary to consider whether the devices of a WSN should be completely integrated into the Internet or not. In this paper, we tackle this question from the perspective of security. While we will mention the different security challenges that may arise in such integration process, we will focus on the issues that take place at the network level.

}, issn = {xxxx}, author = {Cristina Alcaraz and Pablo Najera and Javier Lopez and Rodrigo Roman} } @inproceedings {Alcaraz2009, title = {Adaptive Dispatching of Incidences Based on Reputation for SCADA Systems}, booktitle = {6th International Conference on Trust, Privacy and Security in Digital Business (TrustBus{\textquoteright}09)}, series = {LNCS}, year = {2009}, month = {September}, pages = {86-94}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Linz, Austria}, abstract = {

SCADA systems represent a challenging scenario where the management of critical alarms is crucial. Their response to these alarms should be efficient and fast in order to mitigate or contain undesired effects. This work presents a mechanism, the Adaptive Assignment Manager (AAM) that will aid to react to incidences in a more efficient way by dynamically assigning alarms to the most suitable human operator. The mechanism uses various inputs for identifying the operators such as their availability, workload and reputation. In fact, we also define a reputation component that stores the reputation of the human operators and uses feedback from past experiences.

}, keywords = {Critical Control Systems, Reputation, Supervisory Control and Data Acquisition Systems}, isbn = {978-3-642-03747-4}, doi = {10.1007/978-3-642-03748-1_9}, author = {Cristina Alcaraz and Isaac Agudo and Carmen Fernandez-Gago and Rodrigo Roman and Gerardo Fernandez and Javier Lopez} } @inproceedings {Lopez2009, title = {Analysis of Security Threats, Requirements, Technologies and Standards in Wireless Sensor Networks}, booktitle = {Foundations of Security Analysis and Design 2009}, series = {LNCS}, volume = {5705}, year = {2009}, month = {August}, pages = {289-338}, publisher = {Springer Berlin/Heidelberg}, organization = {Springer Berlin/Heidelberg}, address = {Bertinoro (Italy)}, abstract = {

As sensor networks are more and more being implemented in real world settings, it is necessary to analyze how the different requirements of these real-world applications can influence the security mechanisms. This paper offers both an overview and an analysis of the relationship between the different security threats, requirements, applications, and security technologies. Besides, it also overviews some of the existing sensor network standards, analyzing their security mechanisms.

}, isbn = {978-3-642-03828-0}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/978-3-642-03829-7_10}, url = {http://www.springerlink.com/content/u8h4882831k474n6/}, author = {Javier Lopez and Rodrigo Roman and Cristina Alcaraz} } @inproceedings {rosado2009f, title = {Applying a UML Extension to build Use Cases diagrams in a secure mobile Grid application}, booktitle = {5th International Workshop on Foundations and Practices of UML}, series = {LNCS}, volume = {5833}, year = {2009}, pages = {126-136}, publisher = {Springer Berlin Heidelberg}, organization = {Springer Berlin Heidelberg}, address = {Gramado, Brasil}, abstract = {

Systems based on Grid computing have not traditionally beendeveloped through suitable methodologies and have not taken into accountsecurity requirements throughout their development, offering technical securitysolutions only during the implementation stages. We are creating a developmentmethodology for the construction of information systems based on GridComputing, which is highly dependent on mobile devices, in which securityplays a highly important role. One of the activities in this methodology is therequirements analysis which is use-case driven. In this paper, we build use casediagrams for a real mobile Grid application by using a UML-extension, calledGridUCSec-Profile, through which it is possible to represent specific mobileGrid features and security aspects for use case diagrams, thus obtainingdiagrams for secure mobile Grid environments.

}, isbn = {978-3-642-04946-0}, author = {David G. Rosado and Eduardo Fernandez-Medina and Javier Lopez} } @inproceedings {roman2009, title = {Do Wireless Sensor Networks Need to be Completely Integrated into the Internet?}, booktitle = {3rd CompanionAble Workshop - Future Internet of People, Things and Services (IoPTS) eco-Systems}, year = {2009}, month = {December}, pages = {xxxx}, publisher = {xxxx}, organization = {xxxx}, address = {Brussels (Belgium)}, abstract = {

Wireless sensor networks are considered as an integral part of the Internet of Things paradigm. Not only they provide a virtual presence to elements of the real world, but also allow any computationalsystem to know about the physical state of those elements thanks to the use of embedded sensors. In order to belong to the Internet of Things, the elements of a sensor network can implement Internet protocols and services such as the TCP/IP stack and web services. Still, a question that must be raised at this point of time is whether all sensor network applications should be completely integrated into the Internet or not. The purpose of this paper is to analyze this question, reviewing the challenges and security requirements of Internet-enabled sensor networks.

}, issn = {xxxx}, author = {Rodrigo Roman and Javier Lopez and Cristina Alcaraz} } @inproceedings {rosado2009e, title = {Extensi{\'o}n UML para Casos de Uso Reutilizables en entornos Grid M{\'o}viles Seguros}, booktitle = {XIV Jornadas de Ingenier{\'\i}a del Software y Bases de Datos (JISBD 2009)}, year = {2009}, month = {September}, pages = {331-342}, publisher = {Antonio Vallecillo and Goiuria Sagardui (Eds.)}, organization = {Antonio Vallecillo and Goiuria Sagardui (Eds.)}, address = {San Sebasti{\'a}n, Espa{\~n}a}, abstract = {

Los sistemas Grid nos permiten construir sistemas complejos concaracter{\'\i}sticas diferenciadoras (interoperabilidad entre m{\'u}ltiples dominios deseguridad, autenticaci{\'o}n y autorizaci{\'o}n a trav{\'e}s de dominios, sistema din{\'a}micoy heterog{\'e}neo, etc.). Con el desarrollo de la tecnolog{\'\i}a wireless y losdispositivos m{\'o}viles, el Grid llega a ser el candidato perfecto para que losusuarios m{\'o}viles puedan realizar trabajos complejos, a la vez que a{\~n}aden nuevacapacidad computacional al Grid. Estamos construyendo un proceso completode desarrollo para sistemas Grid m{\'o}viles seguros, y una de las actividades es elan{\'a}lisis de requisitos, que est{\'a} basado en casos de uso reutilizables. En esteart{\'\i}culo, presentaremos una extensi{\'o}n UML para casos de uso de seguridad yGrid, los cuales capturan el comportamiento de este tipo de sistemas. Estaextensi{\'o}n UML est{\'a} siendo aplicado a un caso real para construir diagramas decasos de uso de la aplicaci{\'o}n, incorporando los aspectos de seguridadnecesarios.

}, isbn = {978-84-692-4211-7}, author = {David G. Rosado and Eduardo Fernandez-Medina and Javier Lopez} } @inproceedings {rosado2009d, title = {Hacia una Arquitectura de Servicios de Seguridad para entornos Grid m{\'o}viles}, booktitle = {V Congreso Iberoamericano de Seguridad Inform{\'a}tica (CIBSI{\textquoteright}09)}, year = {2009}, pages = {409-423}, publisher = {Universidad de la Rep{\'u}blica, Uruguay}, organization = {Universidad de la Rep{\'u}blica, Uruguay}, address = {Montevideo, Uruguay}, abstract = {

Grid m{\'o}vil incluye las caracter{\'\i}sticas de los sistemas Grid junto conlas peculiaridades de la computaci{\'o}n m{\'o}vil, a{\~n}adiendo la propiedad de soportarusuarios y recursos m{\'o}viles de forma homog{\'e}nea, transparente, segura yeficiente. La seguridad de estos sistemas, debido a su naturaleza abierta ydistribuida, es un tema de gran inter{\'e}s. Una arquitectura de seguridad basada enSOA proporciona una arquitectura distribuida dise{\~n}ada para interoperabilidadde servicios, f{\'a}cil integraci{\'o}n, y acceso seguro, simple y extensible. Por tanto,una arquitectura orientada a servicios de seguridad es construida para entornosGrid m{\'o}viles, ofreciendo servicios de seguridad a usuarios m{\'o}viles quienesusan servicios Grid y recursos para ejecutar sus trabajos y tareas. Estaarquitectura es integrada con otras arquitecturas existentes proporcionandomayor seguridad y permitiendo que los usuarios m{\'o}viles puedan acceder aservicios Grid existentes ofreciendo nuevos y necesarios servicios de seguridadpara Grid m{\'o}viles. Hemos definido un conjunto de servicios de seguridad, quejunto a protocolos, pol{\'\i}ticas y est{\'a}ndares de seguridad forman una arquitecturade seguridad orientada a servicios para entornos Grid m{\'o}viles. Esta arquitecturaes abierta, escalable, din{\'a}mica, interoperable y flexible.

}, isbn = {978-9974-0-0593-8}, author = {David G. Rosado and Eduardo Fernandez-Medina and Javier Lopez} } @inproceedings {Agudo2009a, title = {A Multidimensional Reputation Scheme for Identity Federations}, booktitle = {Sixth European Workshop on Public Key Services, Applications and Infrastructures (EuroPKI{\textquoteright}09)}, series = {LNCS}, volume = {6391}, year = {2009}, pages = {225-238}, publisher = {Springer}, organization = {Springer}, abstract = {

Deciding who to trust in the internet of services paradigm is an important and open question. How to do it in an optimal way is not always easy to determine. Trust is usually referred to a particular context whereas a single user may interact in more than one given context. We are interested in investigating how a Federated Reputation System can help exporting trust perceptions from one context to another. We propose a model for deriving trust in online services. In this context, trust is defined as the level of confidence that the service provider holds on the subject interacting with it to behave in a proper way while using the service. Thus, we derive trust by using the reputation values that those users have gained for interacting with these services.

}, isbn = {978-3-642-16440-8}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/978-3-642-16441-5_15}, author = {Isaac Agudo and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {rosado2009b, title = {Reusable Security Use Cases for Mobile Grid environments}, booktitle = {Workshop on Software Engineering for Secure Systems}, year = {2009}, pages = {1-8}, publisher = {IEEE}, organization = {IEEE}, address = {Vancouver, Canada}, abstract = {

Due to the growing complexity of softwaredevelopment, developing software through systematicprocesses is becoming more and more important.Likewise, it is important that the development processused integrates security aspects from the first stages atthe same level as other functional and non-functionalrequirements. In the last years, GRID technology hasshown to be the most important one and it allows us tobuild very complex information systems with differentand remarkable features (interoperability betweenmultiple security domains, cross-domainauthentication and authorization, dynamic,heterogeneous and limited mobile devices, etc).Traditionally, systems based on GRID Computing havenot been developed through adequate methodologiesand have not taken into account security requirementsthroughout their development, only offering securitytechnical solutions at the implementation stages. Thispaper shows part of a development methodology thatwe are elaborating for the construction of informationsystems based on Grid Computing highly dependent onmobile devices where security plays a very importantrole. Specifically, in this paper, we will present theanalysis phase, managed by reusable use casesthrough which we can define the requirements andneeds of these systems obtaining an analysis modelthat can be used as input to the following phase of themethodology, the design phase of mobile Grid systems.

}, isbn = {978-1-4244-3725-2}, author = {David G. Rosado and Eduardo Fernandez-Medina and Javier Lopez} } @inproceedings {rosado2009a, title = {Reutilizaci{\'o}n de Casos de Uso en el Desarrollo de Sistemas Grid seguros}, booktitle = {XII Conferencia Iberoamericana de Ingenier{\'\i}a de Requisitos y Ambientes de Software (IDEAS{\textquoteright}09)}, year = {2009}, pages = {388-393}, publisher = {University of Colombia}, organization = {University of Colombia}, address = {Medell{\'\i}n, Colombia}, abstract = {

El desarrollo software debe estar basado en un proceso sistem{\'a}tico y estructurado donde se definan los m{\'e}todos y t{\'e}cnicas a utilizar en todo su ciclo de vida, ayudando as{\'\i} a obtener un producto de calidad. Es igualmente importante que el proceso sistem{\'a}tico considere aspectos de seguridad desde las primeras etapas, integr{\'a}ndola como un elemento m{\'a}s en el ciclo de desarrollo. En este art{\'\i}culo mostramos la metodolog{\'\i}a de desarrollo sistem{\'a}tico que sirve de gu{\'\i}a para el desarrollo de cualquier sistema Grid con dispositivos m{\'o}viles, considerando la seguridad durante todas las fases de desarrollo, lo que nos permitir{\'a} obtener como resultado sistemas Grid seguros, robustos y escalables. Este art{\'\i}culo presenta la fase de an{\'a}lisis, dirigida por casos de uso reutilizables, mediante los cuales se definen los requisitos y necesidades de estos sistemas, y es aplicada a un caso de estudio real de un Grid para el acceso de contenidos multimedia en un contexto period{\'\i}stico.

}, isbn = {978-958-44-5028-9}, author = {David G. Rosado and Eduardo Fernandez-Medina and Javier Lopez} } @inproceedings {vivas09, title = {Security Assurance During the Software Development Process}, booktitle = {International Conference on Computer Systems and Technologies (CompSysTech09)}, year = {2009}, pages = {11.7.1-11.7.6}, publisher = {ACM}, organization = {ACM}, address = {Ruse (Bulgary)}, abstract = {

Assurance has been a major topic for critical systems. Assurance is usually associated with safety conditions but has also an important role for checking security requirements. Security is best assured if it is addressed holistically, systematically, and from the very beginning in the software{\textquoteright}s development process. We propose to integrate assurance and system development by letting the different stages of the system development life-cycle be mapped to the structure of the assurance case.

}, isbn = {978-1-60558-986-2}, doi = {10.1145/1731740.1731763}, author = {Jose L. Vivas and Isaac Agudo and Javier Lopez} } @inproceedings {Alcaraz2008, title = {An{\'a}lisis de la Aplicabilidad de las Redes de Sensores para la Protecci{\'o}n de Infraestructuras de Informaci{\'o}n Cr{\'\i}ticas}, booktitle = {VI Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL{\textquoteright}08)}, year = {2008}, month = {September}, pages = {437}, address = {Alcal{\'a} de Henares (Spain)}, abstract = {

Las infraestructuras cr\íticas, como el sector energ\ético, la banca, el transporte, y muchas otras, son un pilar esencial para en bienestar de la sociedad y la econom\ía de un pa\ís. Estas infraestructuras dependen a su vez de ciertas infraestructuras de informaci\ón, las cuales permiten su correcto funcionamiento. La tarea de proteger esas infraestructuras (de informaci\ón) cr\íticas es compleja y multidimensional, con una gran cantidad de desaf\íos por resolver. Precisamente, las redes de sensores pueden ser de gran ayuda para esta tarea, debido a suscapacidades de control distribuidas y a su habilidad de funcionar en situaciones extremas. Este art\ículo analiza la utilidad de las redes de sensores en este contexto, describiendo tanto sus capacidades como sus posibles roles y mecanismos de integraci\ón para la protecci\ón de infraestructuras (de informaci\ón) cr\íticas.

}, isbn = {978-84-612-5474-3}, url = {http://www.telematica.ws/jitel/2008/default.htm}, author = {Cristina Alcaraz and Rodrigo Roman and Javier Lopez} } @inproceedings {1702, title = {An Asynchronous Node Replication Attack in Wireless Sensor Networks}, booktitle = {23rd International Information Security Conference (SEC 2008)}, volume = {278}, year = {2008}, pages = {125-139}, isbn = {978-0-387-09699-5}, author = {J. Zhou and T. Kanti Das and Javier Lopez} } @inproceedings {Agudo2008, title = {Delegating Privileges over Finite Resources: A Quota Based Delegation Approach}, booktitle = {5th International Workshop on Formal Aspects in Security and Trust (FAST{\textquoteright}08)}, series = {LNCS}, volume = {5491}, year = {2008}, pages = {302-315}, publisher = {Springer}, organization = {Springer}, address = {Malaga (Spain)}, abstract = {

When delegation in real world scenarios is considered, the delegator (the entity that posses the privileges) usually passes the privileges on to the delegatee (the entity that receives the privileges) in such a way that the former looses these privileges while the delegation is effective. If we think of a physical key that opens a door, the privilege being delegated by the owner of the key is opening the door. Once the owner of the key delegates this privilege to another entity, by handing over the key, he is not able to open the door any longer. This is due to the fact that the key is not copied and handed over but handed over to the delegatee. When delegation takes place in the electronic world, the delegator usually retains also the privileges. Thus, both users have them simultaneously. This situation, which in most cases is not a problem, may be undesirable when dealing with certain kind of resources. In particular, if we think of finite resources, those in which the number of users accessing simultaneously is finite, we can not allow that a user delegating his access privilege is also granted access when the delegation if effective. In this paper we propose an approach where each user is delegated an access quota for a resource. If further delegating of the delegated quota occurs, this is subtracted from his quota. That is, when delegating, part of the quota remains with the delegator and another part goes to the delegatee. This allows a more fairly access to the resource. Moreover, we show that this approach can also be applied to any kind of resources by defining appropriate authorization policies.

}, isbn = {978-3-642-01464-2}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/978-3-642-01465-9}, author = {Isaac Agudo and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {rosado2008a, title = {Engineering Process Based On Grid Use Cases For Mobile Grid Systems}, booktitle = {Third International Conference on Software and Data Technologies (ICSOFT{\textquoteright}08)}, year = {2008}, pages = {146-151}, publisher = {Springer}, organization = {Springer}, address = {Porto, Portugal}, abstract = {

The interest to incorporate mobile devices into Grid systems has arisen with two main purposes. The firstone is to enrich users of these devices while the other is that of enriching the own Grid infrastructure.Security of these systems, due to their distributed and open nature, is considered a topic of great interest. Aformal approach to security in the software life cycle is essential to protect corporate resources. However,little attention has been paid to this aspect of software development. Due to its criticality, security should beintegrated as a formal approach into the software life cycle. We are developing a methodology ofdevelopment for secure mobile Grid computing based systems that helps to design and build secure Gridsystems with support for mobile devices directed by use cases and security use cases and focused onservice-oriented security architecture. In this paper, we will present one of the first steps of ourmethodology consisting of analyzing security requirements of mobile grid systems. This analysis will allowus to obtain a set of security requirements that our methodology must cover and implement.

}, isbn = {978-3-642-05200-2}, issn = {1865-0929}, author = {David G. Rosado and Eduardo Fernandez-Medina and Javier Lopez and Mario Piattini} } @inproceedings {Galindo2008a, title = {An Evaluation of the Energy Cost of Authenticated Key Agreement in Wireless Sensor Networks}, booktitle = {X Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (RECSI{\textquoteright}08)}, year = {2008}, month = {September}, pages = {231-236}, address = {Salamanca (Spain)}, abstract = {

Wireless sensors are battery-powered devices which are highly constrained in terms of computational capabilities, memory, and communication bandwidth. While battery life is their main limitation, they require considerable energy to communicate data. Due to this, the energy saving of computationally inexpensive security primitives (like those using symmetric key cryptography) can be nullified by the bigger amount of data they require to be sent. In this work we study the energy cost of key agreement protocols between peers in a network using public key cryptography techniques. Our concern is to reduce the amount of data to be exchanged. Our main news is that a computationally very demanding security primitive, such as identity-based authenticated key exchange, can present energy-wise a better performance than traditional public key based key exchange in realistic scenarios such as Underwater Wireless Sensor Networks. Such a result is not to be expected in wired networks.

}, author = {David Galindo and Rodrigo Roman and Javier Lopez} } @inproceedings {Agudo2008b, title = {An Evolutionary Trust and Distrust Model}, booktitle = {4th Workshop on Security and Trust Management (STM{\textquoteright}08)}, series = {ENTCS}, volume = {224}, year = {2008}, pages = {3-12}, publisher = {Elsevier}, organization = {Elsevier}, address = {Trondheim, Norway}, abstract = {

In this paper we propose a trust model, where besides considering trust and distrust, we also consider another parameter that measures the reliability on the stability of trust or distrust. The inclusion of this new parameter will allow us to use trust in a more accurate way. We consider trust is not static but dynamic and trust values can change along time. Thus, we will also take time into account, using it as a parameter of our model. There is very little work done about the inclusion of time as an influence on trust. We will show the applicability of our model in the scenario of the process of reviewing papers for a conference. Sometimes for these kind of processes the Chair of the conference should first find the suitable reviewers. He can make this selection by using our model. Once the reviewers are selected they send out their reviews to the Chair who can also use our model in order to make the final decision about acceptance of papers.

}, issn = {1571-0661}, doi = {10.1016/j.entcs.2009.07.034}, author = {Isaac Agudo and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {VicenteBenjumea2008ab, title = {Fair Traceable Multi-Group Signatures}, booktitle = {Financial Cryptography and Data Security (FC{\textquoteright}08)}, series = {LNCS}, volume = {5143}, year = {2008}, month = {January}, pages = {265-281}, publisher = {Springer}, organization = {Springer}, address = {Cozumel, Mexico}, abstract = {

This paper presents fair traceable multi-group signatures (FTMGS) which have enhanced capabilities compared to group and traceable signatures that are important in real world scenarios combining accountability and anonymity. The main goal of the primitive is to allow multi groups that are managed separately (managers are not even aware of the other ones), yet allowing users (in the spirit of the Identity 2.0 initiative) to manage what they reveal about their identity with respect to these groups by themselves. This new primitive incorporates the following additional features: (a) While considering multiple groups it discourages users from sharing their private membership keys through two orthogonal and complementary approaches. In fact, it merges functionality similar to credential systems with anonymous type of signing with revocation. (b) The group manager now mainly manages joining procedures, and new entities (called fairness authorities and consisting of various representatives, possibly) are involved in opening and revealing procedures. In many systems scenario assuring fairness in anonymity revocation is required.We specify the notion and implement it with a security proof of its properties (in the ROM).

}, author = {Vicente Benjumea and Seung G. Choi and Javier Lopez and Moti Yung} } @inproceedings {Roman2008b, title = {KeyLED - Transmitting Sensitive Data over out-of-band Channels in Wireless Sensor Networks}, booktitle = {5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems (MASS{\textquoteright}08)}, year = {2008}, month = {September}, pages = {796-801}, publisher = {IEEE}, organization = {IEEE}, address = {Atlanta (USA)}, abstract = {

An out-of-band (OoB) channel can be defined as an extra channel, different from the main wireless channel, that has additional security properties. They are specially suitable for protecting spontaneous interactions and exchanging sensitive data between previously unknown devices. Due to the vulnerable nature of wireless sensor networks (WSN), these kind of channels might be useful for protecting certain sensor network operations. In this paper we analyze the applicability of out-of-band channels to wireless sensor networks, and specify why an optical channel should be a good candidate for implementing an extra channel in sensor nodes. Also, we analyze how the existing security threats may affect this type of channel. Finally, the suitability and usability of optical channels for sensor networks is demonstrated by means of a prototype.

}, keywords = {Out-of-Band Channel, security, wireless sensor networks}, isbn = {978-1-4244-2574-7}, doi = {10.1109/MAHSS.2008.4660128}, author = {Rodrigo Roman and Javier Lopez} } @inproceedings {Galindo2008aa, title = {A Killer Application for Pairings: Authenticated Key Establishment in Underwater Wireless Sensor Networks}, booktitle = {Proceedings of the 7th International Conference on Cryptology and Network Security (CANS{\textquoteright}08)}, series = {LNCS}, volume = {5339}, year = {2008}, month = {December}, pages = {120-132}, publisher = {Springer}, organization = {Springer}, address = {Hong Kong (China)}, abstract = {

Wireless sensors are low power devices which are highly constrained in terms of computational capabilities, memory, and communication bandwidth. While battery life is their main limitation, they require considerable energy to communicate data. The latter is specially dramatic in underwater wireless sensor networks (UWSN), where the acoustic transmission mechanisms are less reliable and more energy-demanding. Saving in communication is thus the primary concern in underwater wireless sensors. With this constraint in mind, we argue that non-interactive identity-based key agreement built on pairings provides the best solution for key distribution in large UWSN when compared to the state of the art. At first glance this claim is surprising, since pairing computation is very demanding. Still, pairing-based non-interactive key establishment requires minimal communication and at the same time enjoys excellent properties when used for key distribution.

}, keywords = {identity-based key agreement, key distribution, pairings, underwater wireless sensor networks}, isbn = {978-3-540-89640-1}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/978-3-540-89641-8_9}, url = {http://www.springerlink.com/content/g26h0115ngt12331/}, author = {David Galindo and Rodrigo Roman and Javier Lopez} } @inproceedings {Agudo2008a, title = {A Model for Trust Metrics Analysis}, booktitle = {5th International Conference on Trust, Privacy and Security in Digital Business (TrustBus{\textquoteright}08)}, series = {LNCS}, volume = {5185}, year = {2008}, pages = {28-37}, publisher = {Springer}, organization = {Springer}, abstract = {

Trust is an important factor in any kind of network essential, for example, in the decision-making process. As important as the definition of trust is the way to compute it. In this paper we propose a model for defining trust based on graph theory and show examples of some simple operators and functions that will allow us to compute trust.

}, isbn = {978-3-540-85734-1}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/978-3-540-85735-8_4}, author = {Isaac Agudo and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {rosado2008, title = {PSecGCM: Process for the development of Secure Grid Computing based Systems with Mobile devices}, booktitle = {International Conference on Availability, Reliability and Security (ARES{\textquoteright}08)}, year = {2008}, pages = {136-143}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {A Grid computing system is defined as a platform that supports distributed system applications which require fast access to a large quantity of distributed resources in a coordinated manner. With the development of wireless technology and mobile devices,}, abstract = {

A Grid computing system is defined as a platformthat supports distributed system applications which require fastaccess to a large quantity of distributed resources in acoordinated manner. With the development of wirelesstechnology and mobile devices, the Grid becomes the perfectcandidate so that mobile users can make complex works that addnew computational capacity to the Grid. Security of thesesystems, due to their distributed and open nature, receives greatinterest. The growing size and profile of the grid requirecomprehensive security solutions as they are critical to thesuccess of the endeavour. A formal approach to security in thesoftware life cycle is essential to protect corporate resources.However, little thought has been given to this aspect of softwaredevelopment. Due to its criticality, security should be integratedas a formal approach in the software life cycle. A methodology ofdevelopment for secure mobile Grid computing based systems isdefined, that is to say, an engineering process that defines thesteps to follow so that starting from the necessities to solve, wecan design and construct a secure Grid system with support formobile devices that is able to solve and cover these necessities.

}, issn = {978-0-7695-3102-1}, author = {David G. Rosado and Eduardo Fernandez-Medina and Javier Lopez and Mario Piattini} } @inproceedings {PNajera2009, title = {Secure Integration of RFID Technology in Personal Documentation for Seamless Identity Validation}, booktitle = {3rd Symposium of Ubiquitous Computing and Ambient Intelligence 2008}, series = {Advances in Soft Computing}, volume = {51/2009}, year = {2008}, month = {October}, pages = {134-138}, publisher = {Springer}, organization = {Springer}, address = {Salamanca (Spain)}, abstract = {

Seamless human identification and authentication in the information system is a fundamental step towards the transparent interaction between the user and its context proposed in ambient intelligence. In this context, the IDENTICA project is aimed to the design and implementation of a distributed authentication platform based on biometrics (i.e. voice and facial image) and personal documentation. In this paper, we present our work in this project focused on the secure integration of RFID technology in personal documentation in order to provide seamless identity validation. Our actual work status, first results and future directions are described in detail.

}, keywords = {Biometry, identity verification, privacy, RFID, security}, isbn = {978-3-540-85866-9}, doi = {http://dx.doi.org/10.1007/978-3-540-85867-6_16}, url = {http://www.springerlink.com/content/bx8t243130k07585/}, author = {Pablo Najera and Francisco Moyano and Javier Lopez} } @inproceedings {Alcaraz2007, title = {An{\'a}lisis de primitivas criptogr{\'a}ficas para redes de sensores}, booktitle = {VI Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL{\textquoteright}07)}, year = {2007}, month = {September}, pages = {401-408}, address = {M{\'a}laga (Spain)}, abstract = {

Security in wireless sensor networks is very limited due to highly-constrained hardware of sensor nodes. To protect services is necessary to use secure foundations, known as security primitives, like part of a protocol. Theses primitives must assure at least confidentiality in the communication channel, authentication of the peers involved in an information exchange, and integrity of the messages. There are many primitives such as symmetric encryption, hash functions and public key cryptography, but not all of them can be supported by sensor nodes since require high resource levels, for example memory. This paper contains a deep analysis of available and suitable security primitives for sensor nodes, as well as an analysis of hardware and software implementations. Besides, it has been developed an experiment with two implementations, and it has been created a new and improved version using the optimizations of each.

}, isbn = {978-84-690-6670-6}, url = {http://www.telematica.ws/jitel/2007/}, author = {Cristina Alcaraz and Rodrigo Roman and Javier Lopez} } @inproceedings {VicenteBenjumea2007ba, title = {Anonymity 2.0: X.509 Extensions Supporting Privacy-friendly Authentication}, booktitle = {Sixth International Workshop on Cryptology and Network Security (CANS{\textquoteright}07)}, series = {LNCS}, volume = {4856}, year = {2007}, month = {December}, pages = {265-281}, publisher = {Springer}, organization = {Springer}, address = {Singapore}, abstract = {

We present a semantic extension to X.509 certificates that allows incorporating new anonymity signature schemes into the X.509 framework. This fact entails advantages to both components. On the one hand, anonymous signature schemes benefit from all the protocols and infrastructure that the X.509 framework provides. On the other hand, the X.509 framework incorporates anonymity as a very interesting new feature. This semantic extension is part of a system that provides user\’s controlled anonymous authorization under the X.509 framework. Additionally, the proposal directly fits themuch active Identity 2.0 effort,where anonymity is a major supplementary feature that increases the self-control of one\’s identity and privacy which is at the center of the activity.

}, author = {Vicente Benjumea and Seung G. Choi and Javier Lopez and Moti Yung} } @inproceedings {Agudo2007a, title = {Attribute delegation in ubiquitous environments}, booktitle = {3rd international conference on Mobile multimedia communications (MobiMedia {\textquoteright}07)}, year = {2007}, pages = {43:1{\textendash}43:6}, publisher = {ICST}, organization = {ICST}, address = {Nafpaktos, Greece}, abstract = {

When delegation is implemented using the attribute certificates in a Privilege Management Infrastructure (PMI), this one reaches a considerable level of distributed functionality. However, the approach is not flexible enough for the requirements of ubiquitous environments. Additionally, the PMI can become a too complex solution for devices such as smartphones and PDAs, where resources are limited. In this work, we solve the previous limitations by defining a second class of attributes, called domain attributes, which are managed directly by users and are not right under the scope of the PMI, thus providing a light solution for constrained devices. The two classes of attributes are related by defining a simple ontology. We also introduce in the paper the concept of Attribute Federation which is responsible for supporting domain attributes and the corresponding ontology.

}, isbn = {978-963-06-2670-5}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro} } @inproceedings {MildreyCarbonell2007a, title = {Estimation of TTP Features in Non-repudiation Service}, booktitle = {7th International Conference on Computational Science and Its Applications (ICCSA{\textquoteright}07)}, series = {LNCS}, volume = {4706}, year = {2007}, pages = {549-558}, publisher = {Springer}, organization = {Springer}, abstract = {In order to achieve a high performance in a real implementation of the non-repudiation service it is necessary to estimate timeouts, TTP features, publication key time, number of originators and recipients, and other relevant parameters. An initial work of the authors focused on a basic event-oriented simulation model for the estimation of timeouts. In the actual work, we present a set of extensions to that basic model for the estimation of the TTP features (storage capacity and ftp connection capacity). We present and analyze the new and valuable results obtained.}, author = {Mildrey Carbonell and Jose Maria Sierra and Jose A. Onieva and Javier Lopez and Jianying Zhou} } @inproceedings {Roman2007c, title = {Featuring Trust and Reputation Management Systems for Constrained Hardware Devices}, booktitle = {1st International Conference on Autonomic Computing and Communication Systems (Autonomics{\textquoteright}07)}, year = {2007}, month = {October}, publisher = {ICST}, organization = {ICST}, address = {Rome (Italy)}, abstract = {

Research on trust management systems for wireless sensor networks is still at a very early stage and few works have done so far. It seems that for those works which deal with the topic general features of how these systems should be are not clearly identified. In this paper we try to identify the main features that a trust management system should have and justify their importance for future developments.

}, keywords = {Sensor Networks, Trust Management}, isbn = {978-963-9799-09-7}, author = {Rodrigo Roman and Carmen Fernandez-Gago and Javier Lopez} } @inproceedings {Rosado2007, title = {Hacia un Proceso sistem{\'a}tico para el desarrollo de sistemas Grid Seguros con Dispositivos M{\'o}viles}, booktitle = {IV Congreso Iberoamericano de Seguridad Inform{\'a}tica (CIBSI{\textquoteright}07)}, year = {2007}, pages = {111-124}, publisher = {Sebasti{\'a}n Ca{\~n}{\'o}n, M.A.}, organization = {Sebasti{\'a}n Ca{\~n}{\'o}n, M.A.}, address = {Mar del Plata, Argentina}, isbn = {978-950-623-043-2}, author = {David G. Rosado and Eduardo Fernandez-Medina and Javier Lopez and Mario Piattini} } @inproceedings {Agudo2007, title = {Implementation aspects of a delegation system}, booktitle = {3rd international conference on Mobile multimedia communications (MobiMedia {\textquoteright}07)}, year = {2007}, pages = {50:1{\textendash}50:6}, publisher = {ICST}, organization = {ICST}, address = {Nafpaktos, Greece}, abstract = {

In this paper we simulate an authorization and delegation system using knowledge based technology. This proposal is part of a visual tool that is intended to be an implementation of the theoretical model weighted trust graph (WTG). A brief description of WTG Model and its associated tool is included in the text. In essence, the model is based on the inclusion of real numbers between zero and one in certificates to represent the trust level between the entities involved in them. This trust level is used to control delegation. Moreover, attributes from di_erent domains may be interrelated, so attribute delegation is also taken into account. The proposed Simulation Engine supports one directional and bidirectional search algorithms.

}, isbn = {978-963-06-2670-5}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro} } @inproceedings {FernandezGago2007, title = {A Survey on the Applicability of Trust Management Systems for Wireless Sensor Networks}, booktitle = {3rd International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU{\textquoteright}07)}, year = {2007}, pages = {25-30}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Istanbul (Turkey)}, abstract = {

Trust plays an important role in human life environments and virtual organizations. In the context of a network, trust may help its elements to decide whether another member of the same network is being uncooperative or malicious. Trust becomes quite important in self-configurable and autonomous systems, such as wireless sensor networks (WSN). However, very little effort has been done in the field of trust management in WSN. On the other hand, some efforts have been made in quite related fields such as Ad-hoc and P2P networks. In this paper we give an overview of existing trust management solutions, mainly those developed for Ad-Hoc and P2P networks and, more importantly, investigate their suitability to WSN. We also provide some guidelines to aid the development of trust management systems for WSN according to the nature of these networks.

}, doi = {10.1109/SECPERU.2007.3}, author = {Carmen Fernandez-Gago and Rodrigo Roman and Javier Lopez} } @inproceedings {Najera2006, title = {Aplicaci{\'o}n de la Tecnolog{\'\i}a RFID a Entornos Sanitarios}, booktitle = {2nd International Workshop of Ubiquitous Computing \& Ambient Intelligence (wUCAmI{\textquoteright}06)}, year = {2006}, month = {November}, pages = {83-95}, publisher = {University of Castilla La Mancha}, organization = {University of Castilla La Mancha}, address = {Puertollano, Ciudad Real (Spain)}, abstract = {

La tecnolog\ía RFID, que permite la identificaci\ón \única de cualquier ser u objeto sin necesidad de contacto ni l\ínea de visi\ón directa, se est\á adoptando ampliamente en todo tipo de campos al producir un salto cualitativo en la integraci\ón de la inform\ática con el entorno. En este art\ículo se muestra su estado del arte y se afrontan dos soluciones orientadas a paliar las necesidades en entornos sanitarios. Por un lado, un sistema de seguimiento de dispositivos en el interior de un centro m\édico que permite su localizaci\ón inmediata y la prevenci\ón de hurtos usando RFID pasivo UHF con un testeo de fiabilidad, y por otro, una soluci\ón de control y atenci\ón de pacientes ingresados en planta usando RFID pasivo HF obteni\éndose un demostrador plenamente funcional

}, isbn = {84-6901744-6}, author = {Pablo Najera and Javier Lopez} } @inproceedings {Roman2006, title = {Applying Intrusion Detection Systems to Wireless Sensor Networks}, booktitle = {IEEE Consumer Communications \& Networking Conference (CCNC 2006)}, year = {2006}, month = {January}, pages = {640-644}, publisher = {IEEE}, organization = {IEEE}, address = {Las Vegas (USA)}, abstract = {

The research of Intrusion Detection Systems (IDS) is a mature area in wired networks, and has also attracted many attentions in wireless ad hoc networks recently. Nevertheless, there is no previous work reported in the literature about IDS architectures in wireless sensor networks. In this paper, we discuss the general guidelines for applying IDS to static sensor networks, and introduce a novel technique to optimally watch over the communications of the sensors{\textquoteright} neighborhood on certain scenarios.

}, isbn = {1-4244-0085-6}, doi = {10.1109/CCNC.2006.1593102}, author = {Rodrigo Roman and Jianying Zhou and Javier Lopez} } @inproceedings {IsaacAgudo2006, title = {Attributes Delegation Based on Ontologies and Context Information}, booktitle = {10th IFIP TC-6 TC-11 International Conference on Communications and Multimedia on Security (CMS{\textquoteright}06)}, series = {LNCS}, volume = {4237}, year = {2006}, month = {October}, pages = {54-66}, publisher = {Springer}, organization = {Springer}, address = {Heraklion, Crete}, abstract = {

This paper presents a model for delegation based on partial orders, proposing the subclass relation in OWL as a way to represent the partial orders. Delegation and authorization decisions are made based on the context. In order to interact with the context, we define the Type of a credential as a way to introduce extra information regarding context constraints. When reasoning about delegation and authorization relationships, our model benefits from partial orders, defining them over entities, attributes and the credential type. Using these partial orders, the number of credentials required is reduced. It also classifies the possible criteria for making authorization decisions based on the context, in relation to the necessary information.

}, isbn = {978-3-540-47820-1}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/11909033_6}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro} } @inproceedings {JoseA.Onieva2006a, title = {Extension de una plataforma DRM basada en OMA con servicios de No Repudio}, booktitle = {IX Reunion Espa{\~n}ola sobre Criptologia y Seguridad de la Informacion (RECSI{\textquoteright}06)}, year = {2006}, pages = {129-141}, publisher = {UOC S.L.}, organization = {UOC S.L.}, abstract = {

Digital Rights Management (DRM) es un t\érmino general para cualesquiera de las soluciones que permite a un vendedor de contenido en forma electr\ónica controlar el material y restringir su uso de distintas maneras. Estas soluciones son posibles, por un lado gracias a t\écnicas de la Seguridad de la Informaci\ón, principalmente cifrado de datos, y por otro a la distribuci\ón, de manera independiente, de contenido y derechos digitales. Esto permite que los consumidores puedan acceder libremente al contenido, pero s\ólo aquellos que adquieran el derecho digital apropiado (RO) podr\án procesarlo. Como servicio de seguridad considerado en diversas capas del marco de seguridad definido por la recomendaci\ón ITU X.805, casi todas las aplicaciones necesitan considerar la propiedad de no repudio en las etapas iniciales de su dise\ño. Desafortunadamente, esto no ha sido as\í en general, y m\ás concretamente en especificaciones DRM; debido a consideraciones en la pr\áctica y al tipo de contenido a distribuir. Analizamos este servicio para un marco de DRM y proporcionamos una soluci\ón que permita que la adquisici\ón de derechos digitales sea un operaci\ón que no pueda repudiarse.

}, keywords = {aplicaciones moviles, comercio electronico seguro, digital rights management, no repudio}, author = {Jose A. Onieva and Javier Lopez and Rodrigo Roman and Jianying Zhou} } @inproceedings {Agudo2006a, title = {Graphical Representation of Authorization Policies for Weighted Credentials}, booktitle = {11th Australasian Conference on Information Security and Privacy (ACISP{\textquoteright}06)}, series = {LNCS}, volume = {4058}, year = {2006}, pages = {383-394}, publisher = {Springer}, organization = {Springer}, address = {Melbourne, Australia}, abstract = {

This paper elaborates on a solution to represent authorization and delegation in a graphical way, allowing users to better interpret delegation relationships. We make use of Weighted Trust Graph (WTG) as an instrument to represent delegation and authorization, extending it to cope with more complicated concepts, and providing a graphical representation of the level of confidence that exists between two entities regarding a resource or attribute. We represent the level of confidence for each pair of entities as a point in an axis diagram, as a set of points, or as a set of triangular regions depending on the accuracy we need. Then, we use the same diagram to represent the set of acceptable confidence level, that we call authorization policy set. In this way, a single diagram can be used to decide about authorization, thus providing a powerful tool for systems in which interaction of users is needed.

}, isbn = {978-3-540-35458-1}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/11780656_32}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro} } @inproceedings {1734, title = {Modelo de pago con intermediario. Su aplicaci{\'o}n a un escenario real}, booktitle = {IX Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la informaci{\'o}n (IX RECSI)}, year = {2006}, month = {Sep 2006}, pages = {35-46}, address = {Barcelona (Spain)}, isbn = {ISBN.978-84-9788-502-3}, author = {Mildrey Carbonell and Jose Maria Sierra and Javier Lopez} } @inproceedings {IsaacAgudo2006a, title = {Pol{\'\i}ticas de delegaci{\'o}n para credenciales ponderadas y su representaci{\'o}n gr{\'a}fica}, booktitle = {IX Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la informaci{\'o}n (RECSI{\textquoteright}06)}, year = {2006}, month = {Septiembre}, pages = {311-322}, address = {Barcelona, Spain}, isbn = {84-9788-502-3}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro} } @inproceedings {JavierLopez2006, title = {A Secure and Auto-configurable Environment for Mobile Agents in Ubiquitous Computing Scenarios}, booktitle = {Third International Conference on Ubiquitous Intelligence and Computing}, series = {LNCS}, volume = {4159}, number = {4159}, year = {2006}, month = {August}, pages = {977-987}, publisher = {Springer}, organization = {Springer}, address = {Wuhan, China}, abstract = {
The increased heterogeneity and dynamism of new computing paradigms and especially of ubiquitous computing models is boosting the need for auto-configurable systems. In these new scenarios, heterogeneity and dynamism are inherent properties and applications are built by aggregating distributed information and services that are not under the control of a single entity. Furthermore, the current trend towards distributed computing poses important problems related to the need to transmit large amounts of data between the distributed nodes of the computing system; the control over the information; and the flexibility to adapt to heterogeneous client requirements. These characteristics are difficult to manage by traditional computing models. For these reasons, the mobile agent paradigm is gaining momentum and the interest of researchers and industry in this paradigm is increasing. In this paper we present a solution to provide a secure and auto-configurable environment for mobile agents in ubiquitous computing scenarios. Our approach is based on two main building blocks: trusted platforms and profiles.
}, author = {Javier Lopez and Antonio Mana and Mu{\~n}oz, Antonio} } @inproceedings {JavierLopez2006a, title = {Service-Oriented Security Architecture for CII based on Sensor Networks}, booktitle = {2nd International Workshop on Security Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU{\textquoteright}06)}, year = {2006}, month = {June}, pages = {1-6}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Lyon, France}, abstract = {

The extraordinary growth of the Information Society is originating a high dependency on ICT. This provokes that those strongly interrelated technological infrastructures, as well as the information systems that underpin them, become highly critical, since their disruption would lead to high economical, material and, sometimes, human loss. As a consequence, the protection of these Critical Information Infrastructures is becoming a major objective for governments and companies. In this paper, we give an overview of the main challenges and open research issues on Critical Information Infrastructure security, and introduce an on-going research project that, using wireless sensor networks as an underlying technology, is dealing with those problems. Our research project focuses on the development of protection, control, evaluation, maintenance and verification mechanisms, integrated into a secure service-oriented architecture.

}, author = {Javier Lopez and Jose A. Montenegro and Rodrigo Roman} } @inproceedings {JianyingZhou2006, title = {A Synchronous Multi-Party Contract Signing Protocol Improving Lower Bound of Steps}, booktitle = {21st International Information Security Conference (IFIP SEC{\textquoteright}06)}, series = {LNCS}, number = {201}, year = {2006}, month = {May}, pages = {221-232}, publisher = {Springer}, organization = {Springer}, abstract = {

Contract signing is a fundamental service in doing business. The Internet has facilitated the electronic commerce, and it is necessary to find appropriate mechanisms for contract signing in the digital world. A number of two-party contract signing protocols have been proposed with various features. Nevertheless, in some applications, a contract may need to be signed by multiple parties. Less research has been done on multi-party contract signing. In this paper, we propose a new synchronous multi-party contract signing protocol that, with n parties, it reaches a lower bound of 3(n \− 1) steps in the all-honest case and 4n \− 2 steps in the worst case (i.e., all parties contact the trusted third party). This is so far the most efficient synchronous multi-party contract signing protocol in terms of the number of messages required. We further consider the additional features like timeliness and abuse-freeness in the improved version.

}, author = {Jianying Zhou and Jose A. Onieva and Javier Lopez} } @inproceedings {R.Roman2005, title = {An{\'a}lisis de Seguridad en Redes Inal{\'a}mbricas de Sensores}, booktitle = {V Jornadas de Ingener{\'\i}a Telem{\'a}tica (JITEL{\textquoteright}05)}, year = {2005}, month = {Septiembre}, pages = {335-343}, address = {Vigo (Spain)}, abstract = {

The design and development of security infrastructures and protocols for Wireless Sensor Networks is a difficult task, due to several factors like the constraints of the sensor nodes and the public nature of the communication channels. The intrinsic features of these networks create numerous security problems. In this paper, we analyze and put into perspective those problems.

}, author = {Rodrigo Roman and Javier Lopez and Jianying Zhou} } @inproceedings {Roman2005b, title = {Aplicaci{\'o}n de Sistemas de Detecci{\'o}n de Intrusiones en Redes de Sensores}, booktitle = {Simposio sobre Computaci{\'o}n Ubicua e Inteligencia Ambiental (UCAmI{\textquoteright}05)}, year = {2005}, month = {September}, pages = {113-120}, address = {Granada (Spain)}, abstract = {

Los sistemas de detecci{\'o}n de intrusiones (IDS) son una herramienta imprescindible de seguridad a la hora de proteger una red. Recientemente se han investigado y desarrollado arquitecturas de IDS para redes inal{\'a}mbricas, en concreto para redes "Ad Hoc". No obstante, no existe un trabajo previo que desarrolle una arquitectura de IDS para una red de sensores. En este art{\'\i}culo, analizamos porque los sistemas IDS de redes "Ad Hoc" no pueden aplicarse a redes de sensores, e introducimos una arquitectura de IDS para redes de sensores que incorpora una nueva t{\'e}cnica para vigilar las comunicaciones de la red en ciertos escenarios.

}, author = {Rodrigo Roman and Javier Lopez and Jianying Zhou} } @inproceedings {Onieva2005a, title = {Attacking an asynchronous multi-party contract signing protocol}, booktitle = {Proceedings of 6th International Conference on Cryptology in India}, series = {LNCS}, volume = {3797}, year = {2005}, month = {Decemeber}, pages = {311{\textendash}321}, publisher = {Springer}, organization = {Springer}, abstract = {

Contract signing is a fundamental service in doing business. The Internet has facilitated the electronic commerce, and it is necessary to find appropriate mechanisms for contract signing in the digital world. From a designing point of view, digital contract signing is a particular form of electronic fair exchange. Protocols for generic exchange of digital signatures exist. There are also specific protocols for two-party contract signing. Nevertheless, in some applications, a contract may need to be signed by multiple parties. Less research has been done on multi-party contract signing. In this paper, we analyze an optimistic N-party contract signing protocol, and point out its security problem, thus demonstrating further work needs to be done on the design and analysis of secure and optimistic multi-party contract signing protocols.

}, keywords = {multi-party contract signing, Secure electronic commerce, security protocol analysis}, author = {Jose A. Onieva and Jianying Zhou and Javier Lopez} } @inproceedings {JavierLopez2005a, title = {Classifying Public Key Certificates}, booktitle = {2nd European PKI Workshop: Research and Applications (EuroPKI{\textquoteright}05)}, series = {LNCS}, volume = {3545}, year = {2005}, month = {June}, pages = {135-143}, publisher = {Springer}, organization = {Springer}, address = {Canterbury, U.K.}, abstract = {

In spite of the fact that there are several companies that (try to) sell public key certificates, there is still no unified or standardized classification scheme that can be used to compare and put into perspective the various offerings. In this paper, we try to start filling this gap and propose a four-dimensional scheme that can be used to uniformly describe and classify public key certificates. The scheme distinguishes between (i) who owns a certificate, (ii) how the certificate owner is registered, (iii) on what medium the certificate (or the private key, respectively) is stored, and (iv) what type of functionality the certificate is intended to be used for. We think that using these or similar criteria to define and come up with unified or even standardized classes of public key certificate is useful and urgently needed in practice.

}, author = {Javier Lopez and Rolf Oppliger and Guenther Pernul} } @inproceedings {IsaacAgudo2005a, title = {Delegation Perspective of Practical Authorization Schemes}, booktitle = {Fifth International Network Conference (INC{\textquoteright}05)}, year = {2005}, pages = {157-164}, address = {Samos Island, Greece}, isbn = {960-7475-32-1}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro and Eiji Okamoto and Ed Dawson} } @inproceedings {Roman2005c, title = {Especificaci{\'o}n de Sistemas Electr{\'o}nicos de Microdonaciones}, booktitle = {III Simposio Espa{\~n}ol de Comercio Electr{\'o}nico}, year = {2005}, month = {June}, pages = {95-104}, address = {Palma (Spain)}, abstract = {

Los sistemas electr{\'o}nicos de pago permiten que un comprador adquiera a un vendedor una serie de productos y servicios de forma virtual. Sin embargo, estos sistemas no tienen en cuenta el escenario en el que un comprador se convierte en donante, accediendo al servicio de forma gratuita. En este art{\'\i}culo se presenta el concepto y caracter{\'\i}sticas de las microdonaciones, o la donaci{\'o}n de cantidades tan peque{\~n}as como un c{\'e}ntimo de euro en el contexto del comercio electr{\'o}nico. Tambi{\'e}n se muestra como la microdonaci{\'o}n es algo necesario en el contexto actual de Internet, y como es posible su implementaci{\'o}n bas{\'a}ndose en sistemas de micropago.

}, author = {Rodrigo Roman and Javier Lopez} } @inproceedings {Onieva2005, title = {Extending an OMA-based DRM Framework with Non-Repudiation Services}, booktitle = {5th Symposium on Signal Processing and Information Technology (ISSPIT{\textquoteright}05)}, year = {2005}, pages = {472-477}, publisher = {IEEE}, organization = {IEEE}, abstract = {

Digital Rights Management (DRM) is an umbrella term for any of several arrangements which allows a vendor of content in electronic form to control the material and restrict its usage in various ways that can be specified by the vendor. These arrangements are provided through security techniques, mainly encryption, and the distribution, in a detached manner, of content and rights. This allows free access to the content by the consumers, but only those carrying the proper Right Object (RO) will be able to process such content. As a security service considered in different layers of the security framework defined by ITU X.805, almost all applications need to consider non-repudiation in the very beginning of their design. Unfortunately this has not been done so far in DRM specifications due to practical issues and the type of content distributed. We analyze this service for the a DRM framework and provide a solution which allows the right objects acquisition to be undeniable.

}, keywords = {digital rights management, Mobile applications, Non-repudiation, Secure electronic commerce}, author = {Jose A. Onieva and Jianying Zhou and Javier Lopez and Rodrigo Roman} } @inproceedings {MildreyCarbonell2005, title = {Modelo de Simulacion para la Estimacion de Parametros en los protocolos de no Repudio}, booktitle = {III Simposio Espa{\~n}ol de Comercio Electronico (SCE{\textquoteright}05)}, year = {2005}, pages = {151-164}, publisher = {Universitat de les Illes Balears}, organization = {Universitat de les Illes Balears}, abstract = {

El no repudio es un requisito de seguridad cuya importancia se ha hecho evidente con el crecimiento del comercio electr\ónico. Muchos protocolos se han desarrollado como soluci\ón a este requisito. La gran mayor\ía incluye en su especificaci\ón par\ámetros cuyos valores no son f\áciles de especificar pues dependen de las condiciones reales de implementaci\ón del mismo como los tiempos l\ímites, las caracter\ísticas de la TTP, tiempo de publicaci\ón de las claves, etc. En este trabajo proponemos un modelo que nos ayudar\á en la estimaci\ón de esos par\ámetros basado en la simulaci\ón del escenario real. Para la explicaci\ón y prueba del modelo mostramos un conjunto de experimentos.

}, author = {Mildrey Carbonell and Jose A. Onieva and Javier Lopez and Jianying Zhou} } @inproceedings {1716, title = {A Novel Method To Maintain Privacy in Mobile Agent Applications}, booktitle = {Fourth International Conference on Cryptology and Network Security (CANS{\textasciiacute}05)}, series = {LNCS}, volume = {3810}, year = {2005}, pages = {247-260}, publisher = {Springer}, organization = {Springer}, isbn = {978-3-540-30849-2}, author = {K. Peng and Ed Dawson and J Gonzalez-Nieto and Eiji Okamoto and J. Lopez} } @inproceedings {AntonioMunoz2005a, title = {Perfiles Seguros para Comercio Movil}, booktitle = {III Simposio Espa{\~n}ol de Comercio Electronico (SCE{\textquoteright}05)}, year = {2005}, pages = {235-244}, publisher = {Universitat de les Illes Balears}, organization = {Universitat de les Illes Balears}, abstract = {

Los escenarios de comercio m{\'o}vil existentes en la actualidad presentan muchas deficiencias. La mayor{\'\i}a de estos escenarios, como no podr{\'\i}a ser de otra forma, tienen en cuenta aspectos relativos a la seguridad, prestando especial atenci{\'o}n a las propiedades de Autenticaci{\'o}n y Autorizaci{\'o}n. De entre los elementos esenciales que se utilizan para proporcionar estos servicios de seguridad, los perfiles son un elemento com{\'u}n que permiten la personalizaci{\'o}n de los servicios del usuario m{\'o}vil. Sin embargo, los perfiles tambi{\'e}n precisan de una administraci{\'o}n segura. En este trabajo presentamos unas consideraciones iniciales respecto a los distintos tipos de perfiles, sus niveles de seguridad para cada tipo, as{\'\i} como indicaciones para el almacenamiento de manera segura. Por lo tanto, analizaremos las distintas alternativas como medio de almacenamiento, discuti{\'e}ndolas y prestando especial atenci{\'o}n a las tarjetas inteligentes.

}, author = {Mu{\~n}oz, Antonio and Jose A. Onieva and Javier Lopez} } @inproceedings {Roman2005a, title = {Protecci{\'o}n contra el Spam Utilizando Desaf{\'\i}os a Priori}, booktitle = {V Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL{\textquoteright}05)}, year = {2005}, month = {September}, pages = {375-382}, address = {Vigo (Spain)}, abstract = {

Spam is considered to be one of the biggest problems in messaging systems. In the area of email Spam, A high number of anti-spam schemes have been proposed and deployed, but the problem has yet been well addressed. In this paper, we introduce a new scheme, called pre-challenge scheme, which avoids problems that exists in other schemes such as delay of service and denial of service. Some new mechanisms are employed to reach a good balance between security against Spam and convenience to email users. In addition, our scheme can be used for protecting other types of messaging systems, such as Instant Messaging (IM) and Blogs, against Spam.

}, author = {Rodrigo Roman and Javier Lopez and Jianying Zhou} } @inproceedings {Roman2005d, title = {Protection Against Spam using Pre-Challenges}, booktitle = {20th IFIP International Information Security Conference (IFIP-SEC{\textquoteright}05)}, year = {2005}, month = {May}, pages = {281-294}, publisher = {Springer}, organization = {Springer}, address = {Chiba (Japan)}, abstract = {

Spam turns out to be an increasingly serious problem to email users. A number of anti-spam schemes have been proposed and deployed, but the problem has yet been well addressed. One of those schemes is challenge-response, in which a challenge is imposed on an email sender. However, such a scheme introduces new problems for the users, e.g., delay of service and denial of service attacks. In this paper, we introduce a pre-challenge scheme that avoids those problems. It assumes each user has a challenge that is defined by the user himself/herself and associated with his/her email address, in such a way that an email sender can simultaneously retrieve a new receiver{\textquoteright}s email address and challenge before sending an email in the first contact. Some new mechanisms are employed to reach a good balance between security against spam and convenience to email users.

}, isbn = {0-387-25658-X}, author = {Rodrigo Roman and Jianying Zhou and Javier Lopez}, editor = {Ry{\^o}ichi Sasaki and Sihan Qing and Eiji Okamoto and Hiroshi Yoshiura} } @inproceedings {IsaacAgudo2005b, title = {A Representation Model of Trust Relationships with Delegation Extensions}, booktitle = {3th International Conference on Trust Management (iTRUST{\textquoteright}05)}, series = {LNCS}, volume = {3477}, year = {2005}, month = {May}, pages = {9-22}, publisher = {Springer}, organization = {Springer}, address = {Versailles, France}, abstract = {

Logic languages establish a formal framework to solve authorization and delegation conflicts. However, we consider that a visual representation is necessary since graphs are more expressive and understandable than logic languages. In this paper, and after overviewing previous works using logic languages, we present a proposal for graph representation of authorization and delegation statements. Our proposal is based on Varadharajan et al. solution, though improve several elements of that work. We also discuss about the possible implementation of our proposal using attribute certificates.

}, isbn = {978-3-540-26042-4}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/11429760_9}, author = {Isaac Agudo and Javier Lopez and Jose A. Montenegro} } @inproceedings {AntonioMunoz2005, title = {On Secure Profiling}, booktitle = {1st International Workshop on Secure Ubiquitous Networks (SUN{\textquoteright}05)}, year = {2005}, month = {August}, pages = {214-218}, publisher = {IEEE Press}, organization = {IEEE Press}, abstract = {

Ubiquitous environments have several drawbacks to be solved. Most of them are focused on security, and relevant ones are authorization and authentication. Amongst the essential elements to adequately provide solutions, we can find profiles. A profile can be defined as a repository to store structured data from users, networks, devices, applications, etc. As profiles are needed in ubiquitous environments, and these need of secure management as well, in this paper, we provide some initial guidance on the security storage of profiles and on security levels needed for each type of profile. Additionally, we review different alternatives to bear profiles, concluding that smartcards are the most suitable devices.

}, author = {Mu{\~n}oz, Antonio and Jose A. Onieva and Javier Lopez} } @inproceedings {Roman2005e, title = {On the Security of Wireless Sensor Networks}, booktitle = {Computational Science and Its Applications (ICCSA{\textquoteright}05)}, series = {LNCS}, volume = {3482}, year = {2005}, month = {May}, pages = {681-690}, publisher = {Springer}, organization = {Springer}, address = {Singapore}, abstract = {

Wireless Sensor Networks are extremely vulnerable against any kind of internal or external attacks, due to several factors such as resource-constrained nodes and lack of tamper-resistant packages. As a result, security must be an important factor to have in mind when designing the infrastructure and protocols of sensor networks. In this paper we survey the state-of-the-art security issues in sensor networks and highlight the open areas of research.security issues in sensor networks and highlight the open areas of research.

}, isbn = {978-3-540-25862-9}, issn = {0302-9743 (Print) 1611-3349 (Online)}, doi = {10.1007/11424857_75}, url = {http://www.springerlink.com/content/pvnd4eu8b7acgtpe/}, author = {Rodrigo Roman and Jianying Zhou and Javier Lopez} } @inproceedings {SokratisKatsikas2005, title = {Trust, Privacy and Security in E-business: Requirements and Solutions}, booktitle = {10th Panhellenic Conference in Informatics (PCI{\textquoteright}05)}, series = {LNCS}, volume = {3746}, year = {2005}, month = {November}, pages = {548-558}, publisher = {Springer}, organization = {Springer}, address = {Volos, Greece}, abstract = {

An important aspect of e-business is the area of e-commerce. One of the most severe restraining factors for the proliferation of e-commerce, is the lack of trust between customers and sellers, consumer privacy concerns and the lack of security measures required to assure both businesses and customers that their business relationship and transactions will be carried out in privacy, correctly, and timely. This paper considers trust privacy and security issues in e-commerce applications and discusses methods and technologies that can be used to fulfil the pertinent requirements.

}, author = {Sokratis K. Katsikas and Javier Lopez and Guenther Pernul} } @inproceedings {JianyingZhou2004, title = {Analysis of a Free Roaming Agent Result-Truncation Defense Scheme}, booktitle = {6th Conference on E-Commerce (CEC{\textquoteright}04)}, year = {2004}, month = {June}, pages = {221-226}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, abstract = {

Mobile agents play an important role in electronic commerce. Security in free-roaming agents is especially hard to achieve when the mobile code is executed in hosts that may behave maliciously. Some schemes have been proposed to protect agent data (or computation results). However, a known vulnerability of these techniques is the truncation attack where two visited hosts (or one revisited host) can collude to discard the partial results collected between their respective visits. Cheng and Wei proposed a scheme in ICICS{\textquoteright}02 to defense against the truncation of computation results of free-roaming agents. Cheng-Wei scheme is effective against such an attack in most cases. However, we demonstrate that it still suffers from the truncation attack when a special loop is established on the path of a free-roaming agent. We further propose two amendments to Cheng-Wei scheme to avoid such an attack.

}, author = {Jianying Zhou and Jose A. Onieva and Javier Lopez} } @inproceedings {JoseA.Montenegro2004, title = {Dise{\~n}o e Implementaci{\'o}n del Marco de Trabajo de Certificado de Atributos X509 para la Delegaci{\'o}n de Privilegios}, booktitle = {VIII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la informaci{\'o}n (VIII RECSI),Madrid}, year = {2004}, month = {Septiembre}, pages = {571-581}, abstract = {

Este trabajo muestra los detalles de una implementacion prototipo del marco de trabajo de Certificados de Atributos X.509 (Xac), propuesto por la recomendacion ITU-T. La implementacion utiliza como base de la plataforma la librer

}, author = {Jose A. Montenegro and Javier Lopez and Fernando Moya} } @inproceedings {Onieva2004b, title = {Enhancing Certified Email Service for Timeliness and Multicast}, booktitle = {Fourth International Network Conference}, year = {2004}, pages = {327-335}, publisher = {University of Plymouth}, organization = {University of Plymouth}, abstract = {

Certified email is a value-added service of ordinary email, in which a sender wants to obtain a receipt from a recipient. Fair exchange protocols are a key component for certified email service to ensure fairness, i.e., the items held by two parties are exchanged without one party obtaining an advantage. We can find in the literature simple and fast optimistic protocols for fair electronic exchange and, more specifically, for certified electronic mail (CEM) and electronic contract signing (ECS). We have observed that some aspects of those protocols could be substantially improved. This paper presents two major contributions. Firstly, we provide a solution that allows both parties to end the protocol timely in an asynchronous way. Then, we extend the certified email service to the multicast scenario.

}, keywords = {Asynchronous timeliness, Certified Email, fair exchange, Multiparty protocol}, author = {Jose A. Onieva and Jianying Zhou and Javier Lopez} } @inproceedings {1735, title = {Especificaci{\'o}n formal y verificaci{\'o}n de requisitos de Seguridad}, booktitle = {VIII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (VIII RECSI)}, year = {2004}, month = {Sep 2004}, pages = {225-235}, address = {Madrid (Spain)}, isbn = {84-7978-650-7}, author = {Isaac Agudo and Javier Lopez and Juan J. Ortega} } @inproceedings {VicenteBenjumea2004, title = {A First Approach to Provide Anonymity in Attribute Certificates}, booktitle = {2004 International Workshop on Practice and Theory in Public Key Cryptography (PKC{\textquoteright}04)}, series = {LNCS}, volume = {2947}, year = {2004}, month = {March}, pages = {402-415}, publisher = {Springer}, organization = {Springer}, abstract = {

This paper focus on two security services for internet applications:authorization and anonymity. Traditional authorization solutionsare not very helpful for many of the Internet applications; however,attribute certificates proposed by ITU-T seems to be well suited andprovide adequate solution. On the other hand, special attention is paidto the fact that many of the operations and transactions that are part ofInternet applications can be easily recorded and collected. Consequently,anonymity has become a desirable feature to be added in many cases. Inthis work we propose a solution to enhance the X.509 attribute certificatein such a way that it becomes a conditionally anonymous attributecertificate. Moreover, we present a protocol to obtain such certificatesin a way that respects users\’ anonymity by using a fair blind signaturescheme. We also show how to use such certificates and describe a fewcases where problems could arise, identifying some open problems.

}, author = {Vicente Benjumea and Javier Lopez and Jose A. Montenegro and Jose M. Troya} } @inproceedings {JoseA.Onieva2004d, title = {Mejorando Servicios de Correo Electronico Certificado con Prontitud Temporal y Multicasting}, booktitle = {VIII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la informaci{\'o}n (RECSI{\textquoteright}04). Avances en Criptologia y Seguridad de la Informacion}, year = {2004}, pages = {537-546}, publisher = {Diaz de Santos}, organization = {Diaz de Santos}, abstract = {

El correo electr\ónico certificado es un servicio a\ñadido al correo electr\ónico est\ándar, en el cual el remitente desea obtener un recibo procedente del destinatario. Para este servicio, encontramos que los protocolos de intercambio (justo) son un componente principal para asegurar la correcci\ón en la ejecuci\ón de los servicios de correo electr\ónico certificado, ya que los \ítems que ambas partes presentan (en este caso espec\ífico, el mensaje de correo y el recibo del mismo) deben ser intercambiados sin que ninguna de las partes obtenga una ventaja durante el proceso sobre la otra. Podemos encontrar en esta l\ínea de investigaci\ón protocolos optimistas eficientes para el intercambio electr\ónico, y mas concretamente para Correo Electr\ónico Certificado (CEC) y Firma Electr\ónica de Contratos (FEC). Realizando un estudio adecuado hemos observado que algunos aspectos de dichos protocolos podr\ían ser mejorados. En este art\ículo proponemos una soluci\ón que permite a ambas entidades terminar el protocolo de forma as\íncrona. Tambi\én extendemos el protocolo a m\últiples usuarios.

}, author = {Jose A. Onieva and Javier Lopez and Jianying Zhou} } @inproceedings {Zhou2004, title = {Protecting Free Roaming Agents against Result-Truncation Attack}, booktitle = {60th IEEE Vehicular Technology Conference (VTC{\textquoteright}04)}, year = {2004}, pages = {3271-3274}, publisher = {IEEE Vehicular Technology Society Press}, organization = {IEEE Vehicular Technology Society Press}, abstract = {

Mobile agents are especially useful in electronic commerce, for both wired and wireless environments. Nevertheless, there are still many security issues on mobile agents to be addressed, for example, data confidentiality, non-repudiability, forward privacy, publicly verifiable forward integrity, insertion defense, truncation defense, etc. One of the hardest security problems for free roaming agents is truncation defense where two visited hosts (or one revisited host) can collude to discard the partial results collected between their respective visits. We present a new scheme satisfying those security requirements, especially protecting free roaming agents against result-truncation attack.

}, keywords = {cryptographic protocol, mobile agent, Secure electronic commerce}, author = {Jianying Zhou and Jose A. Onieva and Javier Lopez} } @inproceedings {Agudo2004, title = {Specification and formal verification of security requirements}, booktitle = {5th international conference on Computer systems and technologies (CompSysTech {\textquoteright}04)}, year = {2004}, pages = {1-6}, publisher = {ACM}, organization = {ACM}, address = {Rousse, Bulgaria}, abstract = {With the grown of internet and distributed applications, security requirements are going inherent to the software development process. Each time one communicates with some other one there are relevant security risk that must be taken in account. This is what is happening in the new soft-ware applications using client/server architecture. We propose including security requirements at the top level of development process, together with functional requirements because they are much related. With this information we are able to extract all communication protocols that are involved in our application and their associated security goals. This is the input to a verification phase in which we look for security flaws. The last step, and the more useful (and the not yet finished) is to use this information to modify our initial specification at the top level of the development process}, isbn = {954-9641-38-4}, doi = {10.1145/1050330.1050440}, author = {Isaac Agudo and Javier Lopez} } @inproceedings {JavierLopez2004a, title = {On a Taxonomy of Systems for Authentication and/or Authorization Services}, booktitle = {TERENA Networking Conference}, year = {2004}, month = {June}, address = {Rhodes, Greece}, abstract = {

In this work we elaborate on a taxonomy of systems that provide either joint solutions for both authentication and authorization problems, or solutions for only one of the problems. Basically, we do not focus our work on theoretical systems that have been proposed only in the literature. On the other hand, we focus on: (i) systems that are already developed; (ii) systems that are under development or deployment; and (iii) systems that are still in the initial stages of design but are supported by international working groups or bodies. More precisely, we elaborate on a taxonomy of systems that are (or will be soon) available to final users.

}, author = {Javier Lopez and Jose A. Montenegro and Rolf Oppliger and Guenther Pernul} } @inproceedings {MildreyCarbonell2004, title = {Timeout Estimation using a Simulation Model for Non-repudiation Protocols}, booktitle = {2nd Workshop on Internet Communications Security (WICS{\textquoteright}04), (within Computational Science and its Applications International Conference)}, series = {LNCS}, volume = {3043}, year = {2004}, month = {May}, pages = {903-914}, publisher = {Springer}, organization = {Springer}, abstract = {

An essential issue for the best operation of non-repudiation protocols is to figure out their timeouts. In this paper, we propose a simulation model for this purpose since timeouts depend on specific scenario features such as network speed, TTP characteristics, number of originators and recipients, etc. Based on a one-to-many Markowicth{\textquoteright}s protocol simulation model as a specific example, we have worked out various simulation experiments.

}, author = {Mildrey Carbonell and Jose A. Onieva and Javier Lopez and Deborah Galpert and Jianying Zhou} } @inproceedings {JavierLopez2003b, title = {Applying SDL to Formal Analysis of Security Systems}, booktitle = {11th International SDL Forum (SDL{\textquoteright}03)}, series = {LNCS}, volume = {2708}, year = {2003}, month = {July}, pages = {300-317}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Stuttgart, Germany}, abstract = {

Nowadays, it is widely accepted that critical systems have to be formally analysed in order to achieve well-known formal method benefits. In order to study the security of communication systems, we have developed a methodology for the application of the formal analysis techniques commonly used in communication protocols to the analysis of cryptographic ones. In particular, we have extended the design and analysis phases with security properties. Our proposal uses a specification notation based on MSC, which can be automatically translated into a generic SDL specification. This SDL system can then be used for the analysis of the desired security properties, by using an observer process schema. Apart from our main goal of providing a notation for describing the formal specification of security systems, our proposal also brings additional benefits, such as the study of the possible attacks to the system, and the possibility of re-using the specifications produced to describe and analyse more complex systems.

}, author = {Javier Lopez and Juan J. Ortega and Jose M. Troya} } @inproceedings {1719, title = {Applying the Semantic Web Layers to Access Control}, booktitle = {IEEE International Workshop on Web Semantics (WebS{\textquoteright}03)}, year = {2003}, pages = {622-626}, publisher = {IEEE Press}, organization = {IEEE Press}, isbn = {0-7695-1993-8}, author = {Javier Lopez and Antonio Mana and Jose maria troya and Marienma Yague} } @inproceedings {EdDawson2003, title = {BAAI: Biometric Authentication and Authorization Infrastructure}, booktitle = {IEEE International Conference on Information Technology (ITRE{\textquoteright}03)}, year = {2003}, pages = {274-278}, publisher = {IEEE}, organization = {IEEE}, abstract = {The combined use of authorization and authentication infrastructures has led to AAIs (authorization and authentication infrastructures). These new infrastructures supply identification and authorization services to a distributed environment There are many possibilities of linkages to get AAIs; one of them is to include the PMI (privilege management infrastructure) as authorization infrastructure and an authentication infrastructure that can be a PKI (public key infrastructure) or kerberos. This symbiosis gives service to applications and servers. However, in physical environments where the physical presence of an individual is required, it is necessary to use biometric systems. This paper describes the development of a solution that combines the relationship between the biometric based systems and the PMIs to finally obtain the biometric AAI.}, isbn = {0780377249}, doi = {10.1109/ITRE.2003.1270620} month={august}, author = {Ed Dawson and Javier Lopez and Jose A. Montenegro and Eiji Okamoto} } @inproceedings {EijiOkamoto2003, title = {Certificate Retrieval and Validation in Online Systems}, booktitle = {Symposium on Cryptography and Information Security (SCIS{\textquoteright}03)}, year = {2003}, month = {January}, pages = {25-30}, address = {Hamamatsu, Japan}, abstract = {

In order to more effectively deal with certificate management issues in PKIs, there is growing interest in supplementing offline X.509 PKI models with online services. An analysis of the security requirements of online models will be presented. Proposed online and delegated processing models will be evaluated in relation to these requirements.

}, author = {Eiji Okamoto and Javier Lopez and Ed Dawson and Juan M. Gonzalez-Nieto and Selwyn Russell and Jason Smith} } @inproceedings {javierlopez2003, title = {High-level Specification of Security Systems}, booktitle = {IEEE Globecom 2003 - Communications Security Track}, year = {2003}, month = {December}, pages = {1506-1510}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {San Francisco}, abstract = {

In order to study the security systems, we have developed a methodology for the application to the analysis of cryptographic protocols of the formal analysis techniques commonly used in communication protocols. In particular, we have extended the design and analysis phases with security properties. Our proposal uses a specification notation based on HMSC/MSC, which can be automatically translated into a generic SDL specification.

}, isbn = {0-7803-7974-8}, author = {Javier Lopez and Juan J. Ortega and Jose M. Troya and Jose L. Vivas} } @inproceedings {javierlopez2003a, title = {How to Specify Security Services: A Practical Approach}, booktitle = {7th IFIP Conference on Multimedia and Communications Security (CMS{\textquoteright}03)}, series = {LNCS}, volume = {2828}, year = {2003}, month = {October}, pages = {158-171}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Torino, Italy}, abstract = {

Security services are essential for ensuring secure communications. Typically no consideration is given to security requirements during the initial stages of system development. Security is only added latter as an afterthought in function of other factors such as the environment into which the system is to be inserted, legal requirements, and other kinds of constraints. In this work we introduce a methodology for the specification of security requirements intended to assist developers in the design, analysis, and implementation phases of protocol development. The methodology consists of an extension of the ITU-T standard requirements language MSC and HMSC, called SRSL, defined as a high level language for the specification of security protocols. In order to illustrate it and evaluate its power, we apply the new methodology to a real world example, the integration of an electronic notary system into a web-based multi-users service platform.

}, isbn = {3-540-20185-8}, author = {Javier Lopez and Juan J. Ortega and Jose M. Troya and Jose L. Vivas} } @inproceedings {Onieva2003b, title = {Intermediary Non-Repudiation Protocols}, booktitle = {5th Conference on Electronic Commerce}, year = {2003}, month = {June}, pages = {207-214}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, abstract = {

n commercial transactions, an intermediary might be involved to help transacting parties to conduct their business. Nevertheless, the intermediary may not be fully trusted. In this paper, we introduce the concept of intermediary (or agent) in a non-repudiation protocol, define the aims of intermediary non-repudiation protocols, and analyze their security requirements. We present a simple scenario with only one recipient, followed by a more complicated framework where multiple recipients are involved and collusion between them is possible.

}, author = {Jose A. Onieva and Jianying Zhou and Mildrey Carbonell and Javier Lopez} } @inproceedings {Onieva2003, title = {A Multi-Party Non-Repudiation Protocol for Exchange of Different Messages}, booktitle = {18th IFIP International Information Security Conference. Security and Privacy in the Age of Uncertainty (IFIP SEC{\textquoteright}03)}, year = {2003}, month = {May}, pages = {37-48}, publisher = {IFIP}, organization = {IFIP}, abstract = {

Non-repudiation is a security service that provides cryptographic evidence to support the settlement of disputes. In this paper, we introduce the state-of-the-art of multi-party non-repudiation protocols, and analyze the previous work where one originator is able to send the same message to many recipients. We propose a new multi-party non-repudiation protocol for sending different messages to many recipients. We also discuss the improvements achieved with respect to the multiple instances of a two-party non-repudiation protocol, and present some applications that would benefit from them.

}, keywords = {fair exchange, group communications, Non-repudiation}, author = {Jose A. Onieva and Jianying Zhou and Mildrey Carbonell and Javier Lopez} } @inproceedings {Onieva2003a, title = {Practical Service Charge for P2P Content Distribution}, booktitle = {Fifth International Conference on Information and Communications Security}, series = {LNCS}, volume = {2836}, year = {2003}, month = {October}, pages = {112 - 123}, publisher = {Springer}, organization = {Springer}, abstract = {

With emerging decentralized technologies, peer-to-peer (P2P) content distribution arises as a new model for storage and transmission of data. In this scenario, one peer can be playing different roles, either as a distributor or as a receiver of digital contents. In order to incentivize the legal distribution of these contents and prevent the network from free riders, we propose a charging model where distributors become merchants and receivers become customers. To help in the advertisement of digital contents and collection of payment details, an intermediary agent is introduced. An underlying P2P payment protocol presented in [1] is applied to this scenario without total trust on the intermediary agent.

}, author = {Jose A. Onieva and Jianying Zhou and Javier Lopez} } @inproceedings {JoseA.Montenegro2003, title = {Taxonom{\'\i}a de las Infraestructuras de Autorizaci{\'o}n y Autentificaci{\'o}n}, booktitle = {XIII Jornadas TELECOM I+D 2003}, year = {2003}, month = {Noviembre}, author = {Jose A. Montenegro and Javier Lopez} } @inproceedings {josevivas2003, title = {Towards Business Process-Driven Framework for Security Engineering with the UML}, booktitle = {6th International Conference on Information Security (ISC{\textquoteright}03)}, series = {LNCS}, volume = {2851}, year = {2003}, month = {October}, pages = {381-395}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Bristol, U.K.}, abstract = {

A challenging task in security engineering concerns the specification and integration of security with other requirements at the top level of requirements engineering. Empirical studies show that it is commonly at the business process level that customers and end users are able to express their security needs. In addition, systems are often developed by automating existing manual business processes. Since many security notions belongs conceptually to the world of business processes, it is natural to try to capture and express them in the context of business models in which moreover customers and end users feel most comfortable. In this paper, based on experience drawn from an ongoing work within the CASENET project \cite{CASENET}, we propose a UML-based business process-driven framework for the development of security-critical systems.

}, isbn = {1-4020-7449-2}, author = {Jose L. Vivas and Jose A. Montenegro and Javier Lopez} } @inproceedings {JavierLopez2002j, title = {Access Control Infrastructure for Digital Objects}, booktitle = {International Conference on Information and Communications Security (ICICS{\textquoteright}02)}, series = {LNCS}, volume = {2513}, year = {2002}, month = {December}, pages = {399-410}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Singapore}, abstract = {

Distributed systems usually contain objects with heterogeneous security requirements that pose important challenges on the underlying security mechanisms and especially in access control systems. Access control in distributed systems often relies on centralized security administration. Existing solutions for distributed access control do not provide the flexibility and manageability required. This paper presents the XML-based Secure Content Distribution (XSCD) infrastructure is based on the production of self-protected software objects that convey contents (software or data) and can be distributed without further security measures because they embed the access control enforcement mechanism. It also provides means for integrating Privilege Management Infrastructures (PMIs). Semantic information is used in the dynamic instantiation and semantic validation of policies. XSCD is scalable, facilitates the administration of the access control system, guarantees the secure distribution of the contents, enables semantic integration and interoperability of heterogeneous sources, solves the \“originator retained control\” issue and allows activities (such as payment) to be bound to the access to objects.

}, author = {Javier Lopez and Antonio Mana and Ernesto Pimentel and Jose M. Troya and Mariemma I. Yague} } @inproceedings {JavierLopez2002c, title = {Design of a VPN Software Solution Integrating TCP and UDP Services}, booktitle = {International Conference on Infrastructure Security (InfraSec{\textquoteright}02)}, series = {LNCS}, volume = {2437}, year = {2002}, month = {October}, pages = {325-337}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Bristol, U.K.}, abstract = {

The main aims of Virtual Private Network (VPN) are to isolate a distributed network from outsiders, as well as to protect the confidentiality and integrity of sensitive information traversing a non-trusted network such as the Internet. However, some problems arise when security is considered as the unique problem because VPN users suffer from restrictions in their access to the network. They are not free to use traditional Internet services such as electronic mail exchange with non-VPN users, and to access Web and FTP servers external to the organization. This paper presents a new solution that allows the open use of traditional network services running over TCP and UDP layers, while maintaining strong security features. The new scheme works at the TCP/IP transport layer and does not require the addition of new hardware because it is a totally software solution. As a consequence, the application is totally portable. Moreover, and because of its implementation at the transport layer, there is no need to modify any traditional communication applications previously installed in the network system.

}, author = {Javier Lopez and Jose A. Montenegro and Rodrigo Roman and Jorge Davila} } @inproceedings {JavierLopez2002f, title = {Designing Software Tools for the Use of Secure Electronic Forms}, booktitle = {3rd ACIS Int. Conf. on Software Engineering, Artificial Intelligence Networking and Parallel/Distributed Computing (SNPD{\textquoteright}02)}, year = {2002}, month = {Junio}, pages = {157-163}, address = {Madrid, Spain)}, abstract = {

Interaction of organizations and their clients by using the Internet can produce meaningful benefits in the accessibility, efficiency and availability of documents, regardless of time and location. However, some types of problems hinder a higher degree of communication. This paper presents some of the results of a Research Project that focuses on the influence of typical open networks risks in electronic interactions and on the need of creating software tools to manage electronic versions of the paper-based forms, as this is the traditional way of interaction through the Web.

}, author = {Javier Lopez and Antonio Mana and Jose A. Montenegro and Juan J. Ortega and Jose M. Troya} } @inproceedings {SelwynRussell2002, title = {Improving Performance in Global PKI using Virtual Certificates and Synthetic Certificates}, booktitle = {Symposium on Cryptography and Information Security (SCIS{\textquoteright}02)}, year = {2002}, month = {January}, pages = {1149-1154}, abstract = {

A digital certificate may be used to inform the world of the public key of its owner. To guard against impersonations and fraud, the receiver needs to perform a series of checks. When a hierarchy of certificates is involved, and when there are large volumes of messages between two parties, as is frequent in commerce, the repeated validation of the same chain of certificates consume significant resources. This paper presents new concepts of virtual certificate and synthetic certificate which can be used to speed up repetitive processing of a chain with improved efficiency.

}, author = {Selwyn Russell and Eiji Okamoto and Ed Dawson and Javier Lopez} } @inproceedings {EdDawson2002, title = {A New Design of Privilege Management Infrastructure (PMIs) for Organizations Using Outsourced PKI}, booktitle = {5th International Conference on Information Security (ISC{\textquoteright}02)}, series = {LNCS}, volume = {2433}, year = {2002}, month = {September}, pages = {136-149}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, abstract = {Authentication services provided by Public Key Infrastructures (PKI) do not satisfy the needs of many e-commerce applications. These applications require additional use of authorization services in order for users to prove what they are allowed to do. Attribute certificates have changed the way in which the authorization problem has been considered until now, and Privilege Management Infrastructures (PMI) provide the necessary support for a wide use of those certificates. Although both types of infrastructures, PKIs and PMIs, keep some kind of relation, they can operate autonomously. This fact is specially interesting for companies who have taken or will take the decision to outsource PKI services. However, outsourcing PMI services is not a good option for many companies because sometimes information contained in attribute certificates is confidential. Therefore attribute certificates must be managed very carefully and, preferably, only inside the company. In this paper we present a new design of PMI that is specially suited for those companies that outsource PKI services but still need to manage the PMI internally. The scheme provides additional advantages that satisfy the needs of intra-company attribute certification, and eliminates some of the problems associated with the revocation procedures.}, isbn = {3540442707}, doi = {10.1007/3-540-45811-5_10}, author = {Ed Dawson and Javier Lopez and Jose A. Montenegro and Eiji Okamoto} } @inproceedings {JavierLopez2002h, title = {Observaciones sobre las t{\'e}cnicas de an{\'a}lisis formal de protocolos de seguridad}, booktitle = {VII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (VII RECSI)}, year = {2002}, month = {Septiembre}, pages = {471-483}, address = {Oviedo, Espa}, abstract = {

La aplicaci\ón de los m\étodos formales para el dise\ño y an\álisis de sistemas cr\íticos est\á ampliamente aceptada en el desarrollo de estos sistemas. Los protocolos de seguridad abordan el objetivo de garantizar servicios y derechos como el de la confidencialidad de los datos personales o el de garantizar la identidad de acceso a un sistema. Por lo tanto, ya que un protocolo de seguridad es un sistema cr\ítico, es necesario utilizar m\étodosformales para su dise\ño y an\álisis. Debido a las caracter\ísticas especiales que presentan este tipo de protocolos, se deben utilizar m\étodos que no son los tradicionales utilizados para los protocolos de comunicaciones, sino que deben utilizarse otros espec\íficos. En este art\ículo vamos a hacer un estudio de las principales propiedades de seguridad que poseen los protocolos criptogr\áficos y de la manera de aplicar los m\étodos formales en su dise\ño y an\álisis.

}, author = {Javier Lopez and Sonia Matamoros and Juan J. Ortega and Jose M. Troya} } @inproceedings {1736, title = {Online Public Key Infrastructure}, booktitle = {VII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (VII RECSI)}, year = {2002}, month = {Sep 2002}, pages = {123-135}, address = {Oviedo (Spain)}, isbn = {84-699-8930-8}, author = {W. Caelli and K. Chen and E. Dawson and M. Henricksen and Javier Lopez and E. Okamoto and S. Russell and J. Smith} } @inproceedings {JavierLopez2002i, title = {Perspectiva Composicional para el Dise{\~n}o y la Implementaci{\'o}n de una PKI}, booktitle = {I Congreso Internacional Sociedad de la Informaci{\'o}n}, year = {2002}, pages = {423-428}, address = {Las Palmas, Espa}, abstract = {
The important role of Public Key Infrastructures (PKIs) inside the general scope of Internet communication, and more precisely, inside electronic commerce, has driven us to the revision of actual procedures followed in the development of software of these elements that provide security and trust to the digital certification environment. In this work we introduce the actual results of a joint research project of the Security Group of the University of Malaga and the Department of Technology Innovation of Banesto regarding a PKI implementation. The originality of this work is that we have paid attention not only to functional aspects of the infrastructure, but also to the programming techniques used. Basically, we have developed a solution in which implementation has been guided by the increase in the study of software architectures and those paradigms that have emerged in parallel, as component orientation, software frameworks, and design patterns. The correct use of these techniques provide a different point of view that allows the development of every PKI building block in a modular and independent way.
}, author = {Javier Lopez and Jose A. Montenegro and Jose M. Troya} } @inproceedings {JavierLopez2002, title = {Protecci{\'o}n de Software basada en Tarjetas Inteligentes}, booktitle = {VII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (VII RECSI)}, year = {2002}, month = {Septiembre}, pages = {485-497}, address = {Oviedo, Espa}, author = {Javier Lopez and Antonio Mana and Juan J. Ortega and Ernesto Pimentel} } @inproceedings {JavierLopez2002b, title = {Protocol Engineering Applied to Formal Analysis of Security Systems}, booktitle = {International Conference on Infrastructure Security (InfraSec{\textquoteright}02)}, series = {LNCS}, volume = {2437}, year = {2002}, month = {October}, pages = {246-259}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Bristol, U.K.}, abstract = {

Every communication system requiring security properties is certainly critical. In order to study the security of communication systems, we have developed a methodology for the application of the formal analysis techniques of communication protocols to the analysis of cryptographic ones. We have extended the design and analysis phases with security properties. Our methodology uses a specification technique based on the HMSC/MSC requirement languages, and translates it into a generic schema for the SDL specification language, which is used for the analysis. Thus, the technique allows the specification of security protocols using a standard formal language and uses Object-Orientation for reusability purposes. The final goal is not only the formal specification of a security system, but to examine the possible attacks, and later use the specification in more complex systems.

}, author = {Javier Lopez and Juan J. Ortega and Jose M. Troya} } @inproceedings {JavierLopez2002g, title = {Towards a Trustful and Flexible Environment for Secure Communications with Public Administrations}, booktitle = {First International Conference on Electronic Government (EGOV{\textquoteright}02)}, series = {LNCS}, volume = {2456}, year = {2002}, month = {September}, pages = {211-214}, publisher = {Springer}, organization = {Springer}, address = {Aix-en-Provence, France)}, abstract = {

Interaction of citizens and private organizations with Public Administrations can produce meaningful benefits in the accessibility, efficiency and availability of documents, regardless of time, location and quantity. Although there are some experiences in the field of e-government there are still some technological and legal difficulties that avoid a higher rate of communications with Public Administrations through Internet, not only from citizens, but also from private companies. We have studied two of the technological problems, the need to work in a trustful environment and the creation of tools to manage electronic versions of the paper-based forms.

}, author = {Javier Lopez and Antonio Mana and Jose A. Montenegro and Juan J. Ortega and Jose M. Troya} } @inproceedings {JavierLopez2002a, title = {Verification of Authentication Protocols using SDL-method}, booktitle = {First International Workshop on Security in Information Systems (SIS{\textquoteright}02)}, year = {2002}, month = {April}, pages = {61-71}, address = {Ciudad Real, Spain}, abstract = {

Authentication between protocol agents is widely studied in the cryptographic protocol analysis area. It is essential in a virtual environment to rely on protocol parties{\textquoteright} identity. In the academic literature there are many protocols that provide the authentication property. We present in this paper a new mechanism to verify authentication using SDL, general purpose specification language. We have defined a generic schema in SDL that allow us to specify a security system and check system behavior when a malicious agent ( the intruder ) is present. We have used the EKE authentication protocol to illustrate how the mechanism works.

}, author = {Javier Lopez and Juan J. Ortega and Jose M. Troya} } @inproceedings {JavierLopez2002e, title = {XML-Based Distributed Access Control System}, booktitle = {Third International Conference on E-Commerce and Web Technologies (ECWeb{\textquoteright}02)}, series = {LNCS}, volume = {2455}, year = {2002}, month = {September}, pages = {203-213}, publisher = {Springer}, organization = {Springer}, abstract = {

The use of attribute certificates and the concept of mobile policies have been proposed to overcome some of the limitations of the role based access control (RBAC) paradigm and to implement security requirements such as the {\textquoteleft}{\textquoteleft}originator controlled{\textquoteright}{\textquoteright} (ORCON) policy. Mobile policies are attached to the data that they control and enforced by their execution in trusted servers. In this paper we extend this idea to allow the execution of the policies in untrusted systems. Our extension allows that policies are bound to the data but not attached to it. By this modification security administrators are able to change policies dynamically and transparently. Additionally, we introduce X-ACS, an XML-based language designed to express policies in a simple and unambiguous way overcoming the limitations of other approaches. Important features of X-ACS are that it can be used by processors with limited capabilities such as smart cards while allowing the automated validation of policies.

}, author = {Javier Lopez and Antonio Mana and Mariemma I. Yague} } @inproceedings {JavierAreitio2001, title = {An{\'a}lisis, Dise{\~n}o e Implementaci{\'o}n de un Entorno Escalable de Comercio-e con Seguridad Telem{\'a}tica Adaptable Basada en PKI}, booktitle = {I Simposio Espa{\~n}ol de Comercio Electr{\'o}nico (SEC{\textquoteright}01)}, year = {2001}, month = {Octubre}, pages = {145-160}, address = {M{\'a}laga, Espa}, abstract = {

La presente ponencia aborda el desarrollo de un entorno seguro escalable para el Comercio Electr\ónico. Se ha tratado la cuesti\ón en dos fases: primero, idear un prototipo generalizado distribuido seguro formado por diferentes entidades gen\éricas con el objetivo de permitir que los clientes realicen sus compras y transacciones bancarias con un nivel de seguridad escalable; y en segundo lugar, implantar en la pr\áctica un prototipo de grado de escalabilidad reducido como modelo emp\írico.

}, author = {Javier Areitio and Lorenzo Mart{\'\i}nez and Javier Lopez and Jose A. Montenegro} } @inproceedings {1720, title = {A First Approach to Latin Electronic Notary Public Services}, booktitle = {IFIP Conference on Security \& Control of IT in Security}, year = {2001}, pages = {49-60}, author = {Jorge Davila and Javier Lopez and Rene Peralta and Jose maria troya} } @inproceedings {JorgeDavila2001, title = {Introducci{\'o}n de Aplicaciones UDP en Redes Privadas Virtuales}, booktitle = {III Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL{\textquoteright}01)}, year = {2001}, month = {Septiembre}, pages = {397-404}, address = {Barcelona (Spain)}, abstract = {

Virtual Private Network (VPN) solutions mainly focus on security aspects. However, when security is considered the unique problem, some collateral ones arise. VPN users suffer from restrictions in their access to the network. They are not free to use traditional Internet services such as electronic mail exchange and audio/video conference with non-VPN users, and to access Web and Ftp servers external to the organization. In this paper we present a new solution, located at the TCP/IP transport layer and oriented to UDP applications that, while maintaining strong security features, allows the open use of traditional network services. The solution does not require the addition of new hardware because it is an exclusively software solution. As a consequence, the application is totally portable.

}, author = {Jorge Davila and Javier Lopez and Rodrigo Roman} } @inproceedings {SigridGuergens2001, title = {Suitability of a Classical Analysis Method for E-Commerce Protocols}, booktitle = {IV International Information Security Conference (ISC{\textquoteright}01)}, series = {LNCS}, volume = {2200}, year = {2001}, month = {October}, pages = {46-62}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Malaga, Spain}, abstract = {

We present the adaptation of our model for the validation ofkey distribution and authentication protocols to address speci c needsof protocols for electronic commerce. The two models defer in both thethreat scenario and in the formalization. We demonstrate the suitabilityof our adaptation by analyzing a speci c version of the Internet BillingServer protocol introduced by Carnegie Mellon University. Our analysisshows that, while the security properties a key distribution or authenticationprotocol shall provide are well understood, it is often not clearwhat properties an electronic commerce protocol can or shall provide.Our methods rely on automatic theorem proving tools. Speci cally, weused {\O}tter\", an automatic theorem proving software developed at ArgonneNational Laboratories.

}, author = {Sigrid Gurgens and Javier Lopez} } @inproceedings {AntonioMana2001, title = {Ticketing Gen{\'e}rico y Seguro Sobre GSM}, booktitle = {Simposio en Inform{\'a}tica y Telecomunicaciones 2001 (SIT{\textquoteright}01)}, year = {2001}, month = {Septiembre}, pages = {297-305}, address = {La Coru{\~n}a, Espa}, abstract = {
La confianza en el comercio electr\ónico se ha reforzado, sin duda, gracias a la difusi\ón de las tarjetas inteligentes. Estos elementos clave, que mejoran en gran medida la seguridad de los sistemas inform\áticos, tienen usos que van desde la simple identificaci\ón del usuario hasta complejos mecanismos de pago. Dentro del comercio electr\ónico, uno de los servicios de valor a\ñadido m\ás interesantes para cualquier usuario es el de ticketing. La seguridad de este sistema puede beneficiarse del uso de las tarjetas inteligentes en los procesos de venta, almacenamiento y uso de los tickets electr\ónicos. Uno de los puntos cr\íticos para conseguir una amplia aceptaci\ón de este servicio ser\á su capacidad de llegar a la gran mayor\ía de usuarios. En esta l\ínea, parece apropiado pensar en los tel\éfonos m\óviles como la mejor plataforma sobre la que implantar el sistema. Este trabajo presenta los resultados del proyecto GSM-ticket, en el que se introducen, por una parte, un esquema de tickets electr\ónicos seguros, eficientes y f\áciles de usar, y por otra el conjunto de servicios adicionales de venta, pago y distribuci\ón junto con sus protocolos correspondientes.
}, author = {Antonio Mana and Javier Lopez and Jesus Martinez and Sonia Matamoros} } @inproceedings {JavierLopez2000, title = {Aspectos de Implementaci{\'o}n de una Infraestructura de Clave P{\'u}blica Distribuida}, booktitle = {Simposio Espa{\~n}ol de Inform{\'a}tica Distribuida (SEID{\textquoteright}00)}, year = {2000}, month = {Septiembre}, pages = {313-320}, address = {Orense, Espa}, abstract = {

La seguridad es uno de los aspectos m\ás conflictivos del uso de Internet. La falta de una pol\ítica de seguridad global est\á frenando el desarrollo de Internet en \áreas tan interesantes y prometedoras como el comercio electr\ónico o la interacci\ón con las administraciones p\úblicas. Las t\écnicas criptogr\áficas actuales proporcionan un alto grado de confidencialidad; no obstante, es dif\ícil garantizar la identificaci\ón segura de los usuarios y, adem\ás, la gesti\ón de las claves de los mismos es poco eficiente y presenta graves problemas de escalabilidad. Este trabajo describe las caracter\ísticas de implementaci\ón de una soluci\ón a ambos problemas basada en una Infraestructura de Clave P\ública (PKI) que proporciona una administraci\ón simple y eficiente de las claves de los usuarios y posibilita la autenticaci\ón segura de los mismos.

}, author = {Javier Lopez and Antonio Mana and Jose A. Montenegro and Juan J. Ortega and Jose M. Troya} } @inproceedings {1721, title = {Development of Secure Internet Applications for Governmental Environments}, booktitle = {IEEE International Workshop on Electronic Government (in DEXA{\textquoteright}00)}, year = {2000}, pages = {362-365}, publisher = {IEEE Press}, organization = {IEEE Press}, isbn = {0-7695-0680-1}, author = {Jorge Davila and Javier Lopez and Antonio Mana and Juan J. Ortega and Jose maria troya} } @inproceedings {JavierLopez2000a, title = {Distributed Storage and Revocation in Digital Certificate Databases}, booktitle = {11th International Conference on Database and Expert Systems Applications (DEXA{\textquoteright}00)}, series = {LNCS}, volume = {1873}, year = {2000}, month = {September}, pages = {929-938}, publisher = {Springer}, organization = {Springer}, address = {London, U.K.}, abstract = {

Public-key cryptography is fast becoming the foundation for those applications that require security and authentication in open networks. But the widespread use of a global public-key cryptosystem requires that public-key certificates are always available and up-to-date. Problems associated to digital certificates management, like storage, retrieval, maintenance, and, specially, revocation, require special procedures that ensure reliable features because of the critical significance of inaccuracies. Most of the existing systems use a Certificate Revocation List, a repository of certificates that have been revoked before their expiration date. The need to access CRLs in order to check certificate revocations becomes a performance handicap. Furthermore, they introduce a source of vulnerability in the whole security infrastructure, as it is impossible to produce a new CRL each time a revocation takes place. This paper introduces an alternative for the storage of digital certificates that avoids the use of CRLs. The system is designed to provide a distributed management of digital certificates by using Certification Authorities that, while being part of a whole Public-Key Infrastructure, operate over local certificates databases. Communication protocols between local databases have been designed to minimize network traffic without a lack of security and efficiency.

}, author = {Javier Lopez and Antonio Mana and Juan J. Ortega and Jose M. Troya} } @inproceedings {1722, title = {Internet Secure Communications Between Citizens and Public Administrations}, booktitle = {IFIP Conference on Advances in Electronic Government}, year = {2000}, pages = {109-120}, author = {Jorge Davila and Lidia Fuentes and Javier Lopez and Jose maria troya and Antonio Vallecillo} } @inproceedings {JavierAreitio2000a, title = {Mecanismo de Seguridad de Bajo Costo para Micropagos}, booktitle = {VI Reunion Espa{\~n}ola de Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (VI RECSI)}, year = {2000}, month = {Septiembre}, pages = {193-200}, address = {La Laguna, Espa}, abstract = {
La presente comunicaci\ón presenta un mecanismo de micropagos flexible, de bajo costo que puede utilizarse para realizar pagos en l\ínea entre el cliente y el vendedor y fuera de l\ínea con el agente de negocios. Este mecanismo evita grandes almacenamientos de datos y c\álculos largos. Se puede implantar en software para el cliente y en hardware/software para el vendedor.\ \ 
}, author = {Javier Areitio and Javier Lopez} } @inproceedings {1737, title = {Una Soluci{\'o}n Flexible para Redes Privadas Virtuales}, booktitle = {VI Reuni{\'o}n Espa{\~n}ola de Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (VI RECSI)}, year = {2000}, month = {Sep 2000}, pages = {329-340}, address = {La Laguna}, isbn = {978-84789743-1-3}, author = {J. Davila and Javier Lopez and R. Peralta} } @inproceedings {1739, title = {Arquitectura Composicional de Seguridad para Servicios Telem{\'a}ticos}, booktitle = {II Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL{\textasciiacute}99)}, year = {1999}, month = {Sep 1999}, pages = {141-148}, isbn = {84-89315-14-0}, author = {Lidia Fuentes and Javier Lopez} } @inproceedings {JavierLopez1999c, title = {Cert{\textquoteright}eM: Certification System Based on Electronic Mail Service Structure}, booktitle = {Secure Networking (CQRE{\textquoteright}99)}, series = {LNCS}, volume = {1740}, year = {1999}, month = {December}, pages = {109-118}, publisher = {Springer}, organization = {Springer}, abstract = {

Public-Key Infrastructures are considered the basis of the protocols and tools needed to guarantee the security demanded for new Internet applications like electronic commerce, government-citizen relationships and digital distribution. This paper introduces a new infrastructure design, Cert{\textquoteright}eM, a key management and certification system that is based on the structure of the electronic mail service and on the principle of near-certification. Cert{\textquoteright}eM provides secure means to identify users and distribute their public-key certificates, enhances the efficiency of revocation procedures, and avoids scalability and synchronization problems. The system, developed and tested at the University of Malaga, was recently selected by RedIRIS, the National Research and Academic Network in Spain, to provide the public key service for its secure electronic mail.

}, author = {Javier Lopez and Antonio Mana and Juan J. Ortega} } @inproceedings {AlfonsoLarrosa1999, title = {Competitive Neural Networks Applied to Image Compression Techniques}, booktitle = {International Conference on Imaging Science, Systems and Technology (CISST{\textquoteright}99)}, year = {1999}, month = {June}, pages = {547-550}, author = {Alfonso Larrosa and Francisco Lopez and Javier Lopez} } @inproceedings {SigridGuergens1999, title = {Efficient Detection of Failure Modes in Electronic Commerce Protocols}, booktitle = {IEEE International Workshop on Electronic Commerce and Security}, year = {1999}, month = {September}, pages = {850-857}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Florence, Italy}, abstract = {The design of key distribution and authentication protocols has been shown to be error-prone. These protocols constitute the part of more complex protocols used for electronic commerce transactions. Consequently, these new protocols are likely to contain flaws that are even more difficult to find. In this paper, we present a search method for detecting potential security flaws in such protocols. Our method relies on automatic theorem proving tools. Among others we present our analysis of a protocol recently standardized by the German standardization organization DIN to be used in digital signature applications for smartcards. Our analysis resulted in the standard being supplemented with comments that explain the possible use of cryptographic keys.}, author = {Sigrid Gurgens and Javier Lopez and Rene Peralta} } @inproceedings {JavierLopez1999d, title = {Problem{\'a}tica de Seguridad para el Comercio Electr{\'o}nico en el Sector Tur{\'\i}stico}, booktitle = {I Congreso Nacional Turismo y Tecnolog{\'\i}a de la Informaci{\'o}n y las Comunicaciones (TURITEC{\textquoteright}99)}, year = {1999}, month = {Septiembre}, pages = {99-110}, abstract = {

Uno de los servicios que cada d\ía cobra m\ás importancia y que promete un cambio radical para las empresas es el comercio electr\ónico en Internet, pero tradicionalmente las empresas relacionadas con el turismo s\ólo han empleado la red para darse a conocer y ofertar sus productos. La raz\ón esencial es la desconfianza que existe sobre la seguridad de las transacciones llevadas a cabo en la red. La criptograf\ía de clave p\ública proporciona servicios adecuados para garantizar la seguridad de esas transacciones. Pero en la actualidad, algunos de esos servicios est\án menos desarrollados que otros; un ejemplo de ellos es el servicio de No-Repudio. En este art\ículo se estudian distintas formas de ofrecer servicios de no-repudio y se analizan sus ventajas y desventajas en funci\ón de las necesidades del entorno en que se utilicen.

}, author = {Javier Lopez and Javier Areitio and Felipe Rosello} } @inproceedings {JavierLopez1999a, title = {A Public Key Infrastructure for User Identification}, booktitle = {IFIP Working Conference on User Identification and Privacy Protection}, year = {1999}, month = {June}, pages = {209-227}, address = {Stockholm, Sweden}, abstract = {

While there is wide agreement on the immense potential of Internet, its growth and performance are adversely affected by security issues. Despite its impressive size, scope and reach, the Internet has not yet become a common vehicle for many of these new possibilities. Progress in fields as electronic commerce and government-citizen relationships have been limited by the open design of the network itself. Today, Public-Key Infrastructures are the basis of the protocols and tools needed to guarantee the security demanded in those fields. Trust management and user identification are also important issues that remain unresolved. This paper introduces a key management and user identification system, named Cert\’eM, that is based on the electronic mail service. Cert{\textquoteright}eM provides important advantages over existing Public-Key Infrastructures and user identification proposals.

}, author = {Javier Lopez and Antonio Mana and Juan J. Ortega} } @inproceedings {JavierLopez1999b, title = {An User Authentication Infrastructure for Extranet Applications}, booktitle = {IEEE International Carnahan Conference on Security Technology}, year = {1999}, month = {October}, pages = {354-362}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Madrid, Spain}, abstract = {

An Extranet is used to connect businesses with their suppliers, customers or other businesses that share common goals in a way that automates their administrative interactions using Internet technology. The security of the communications over Internet is considered an essential feature. To guarantee secure operation the aid of some user authentication infrastructure is needed. This paper introduces a Public Key Infrastructure (PKI) and user identification scheme to be used in extranet applications. The flexibility of the system allows it to fit the usual hierarchical organization structure.

}, author = {Javier Lopez and Antonio Mana and Juan J. Ortega} } @inproceedings {JavierLopez1998a, title = {Automatic Conversion of Scanned Maps to a Vector Based 3D Representation}, booktitle = {International Conference on Imaging Science, Systems, and Technology (CISST{\textquoteright}98)}, year = {1998}, month = {July}, address = {Las Vegas, USA}, author = {Javier Lopez and Javier Lopez and Juan A. Manceras and Antonio Mana} } @inproceedings {JavierLopez1999, title = {Neural Networks Applied to the Estimation of Object Orientation}, booktitle = {International Conference on Imaging Science, Systems, and Technology (CISST{\textquoteright}98)}, year = {1998}, month = {July}, pages = {418-424}, address = {Las Vegas, USA}, abstract = {
We present in this paper a first approach to the use of artificial neural as a tool to determine the orientation of\ objects moving on a conveyor belt in a car assembly line.\ The capability of neural networks to generalise is a key element in the calculation of an object\’s orientation. In this sense, a neural network with Competitive Hebbian Learning can identify the angle of a part never used in its training process. The equilibrium between exactitude and processing time is also studied.
}, author = {Javier Lopez and Javier Lopez and Juan A. Manceras and Antonio Mana} } @inproceedings {AntonioMana1998, title = {Secure Examinations Through The Internet}, booktitle = {IFIP World Computer Congress}, year = {1998}, month = {August}, pages = {695-708}, abstract = {

The objective of the present work is to present a solution to the problem of simultaneously examining groups of students in different computer laboratories while each student uses a computer with Internet access. The system presented focus on security and ease of use, being, at the same time, transparent to the users (students) and providing added services to the main objective of simultaneous examinations in several rooms with just one teacher.

}, author = {Antonio Mana and Francisco Villalba and Javier Lopez} } @inproceedings {1740, title = {Aproximacion de Funciones mediante Redes Neuronales}, year = {1997}, month = {Sep 1997}, pages = {209-215}, isbn = {84-89654-03-4}, author = {Lucia Pino and Javier Lopez and Francisco Lopez and Carlos Maraval} } @inproceedings {FranciscoLopez1997a, title = {Determination of Objects Orientation in Assembly Lines using Neural Networks}, booktitle = {5th Intern. Conf. on Computer Aided Systems Theory and Technology (EUROCAST{\textquoteright}97)}, year = {1997}, month = {February}, pages = {183-189}, address = {Las Palmas, Spain}, abstract = {

This paper is a first approach to the use of artificial neural networks as a tool to estimate the orientation of an object, and is mainly directed towards industrial applications. The capability of neural networks to generalise is a key element in the calculation of an object\’s orientation. In this sense, a neural network can identify the angle of a part never seen before. To evaluate the efficiency of this method we have performed a series of tests with the different parts used in a car assembly line.

}, author = {Francisco Lopez and Javier Lopez and Alvaro Vergara and Lucia Pino} } @inproceedings {AntonioMana1997, title = {Incremento de la Seguridad del Estandar de Cifrado de Datos basado en la Combinaci{\'o}n de Datos y Clave}, booktitle = {III Jornadas de Inform{\'a}tica y Autom{\'a}tica}, year = {1997}, month = {Julio}, pages = {423-432}, address = {El Puerto de Santa Mar{\'\i}a, Espa}, abstract = {

A pesar del gran esfuerzo investigador llevado a cabo, el ataque al DES ha sido infructuoso desde que a mediados de los setenta fue adoptado como est\ándar por el U. S. National Bureau of Standards. El criptoan\álisis diferencial constituye la base de las primeras t\écnicas capaces de acabar con tal invulnerabilidad. Las t\écnicas de criptoan\álisis basadas en modelos de fallos y su adaptaci\ón a DES, el criptoan\álisis de fallos diferencial, son dos de esas t\écnicas que han conseguido recientemente romper sistemas DES (aunque el ataque est\á limitado a ciertos casos especiales, en particular implementaciones hardware). En este art\ículo se presenta un punto d\ébil de DES sobre el cual puede aumentarse la seguridad y se propone una modificaci\ón de la estructura interna de DES con objeto de mejorar su resistencia ante el criptoan\álisis diferencial y por ende de los ataques derivados de este. La modificaci\ón introducida no supone un coste adicional elevado

}, author = {Antonio Mana and Javier Lopez and Lucia Pino and Juan J. Ortega and Carlos Maraval} } @inproceedings {FranciscoLopez1997, title = {Neural Networks for Systems Security}, booktitle = {5th European Congress of Intelligent Techniques and Soft Computing (EUFIT{\textquoteright}97)}, year = {1997}, month = {August}, pages = {410-413}, address = {Germany}, abstract = {
This paper is a first approach in the use of Neural Networks for security. We apply it for electronic mail private systems in Local Area Networks. Some of these systems use public keys directories which must be protected suitably. This task is very complicated because all users in the systems must be able to change their public keys in those directories. We see the advantage of using Neural Networks versus other classical methods to resolve this problem.
}, author = {Francisco Lopez and Javier Lopez and Lucia Pino and Carlos Maraval} } @inproceedings {1741, title = {Sistema Jer{\'a}rquico de Administraci{\'o}n de Claves P{\'u}blicas para el Correo Electr{\'o}nico}, booktitle = {I Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL{\textquoteright}97)}, year = {1997}, month = {Sep 1997}, pages = {295-302}, address = {Bilbao (Spain)}, isbn = {84-89654-04-2}, author = {Lucia Pino and Antonio Mana and Juan J. Ortega and Javier Lopez} } @inproceedings {1723, title = {A Tool for Functions Approximation by Neural Networks}, booktitle = {5th European Congress of Intelligent Techniques and Soft Computing (EUFIT {\textquoteright}97)}, year = {1997}, pages = {557-564}, address = {Aachen (Germany)}, author = {L Pino and Javier Lopez and Francisco Lopez and Carlos Maraval} } @inproceedings {JavierLopez1996a, title = {Comparaci{\'o}n de la Condici{\'o}n de Parikh con algunas Condiciones de los Lenguajes de Contexto Libre}, booktitle = {II Jornadas de Inform{\'a}tica y Autom{\'a}tica}, year = {1996}, month = {Julio}, pages = {305-314}, address = {Almu{\~n}ecar, Espa}, abstract = {

In this paper we first compare Parikh\’s condition to various pumping conditions - Bar-Hillel\’s pumping lemma, Ogden\’s condition and Bader-Moura\’s condition; secondly, to interchange condition; and finally, to Sokolowski\’s and Grant\’s conditions. In order to carry out these comparisons we present some properties of Parikh\’s languages. The main result is the orthogonality of the previously mentioned conditions and Parikh\’s condition.

}, author = {Javier Lopez and Gonzalo Ramos and Rafael Morales} } @inproceedings {JavierLopez1996, title = {Generaci{\'o}n de N{\'u}meros Primos mediante Tests de Primalidad Probabil{\'\i}stas}, booktitle = {IV Reuni{\'o}n Espa{\~n}ola de Criptolog{\'\i}a (IV REC)}, year = {1996}, month = {Septiembre}, pages = {27-33}, address = {Valladolid, Espa}, abstract = {
Nowadays cryptography is present in nearly every aspect of our everyday life, in particular public-key cryptosystems. Some of them have a mathematical foundation of number theory working with big integer numbers. Factoring these numbers is more complex and time-consuming than generating and testing prime numbers; this is the main reason for the strenght of some public key cryptosystems. This paper presents three different probabilistic methods for testing big prime numbers in a reasonable amount of time. A comparison of their efficiency to test prime numbers is also introduced.
}, author = {Javier Lopez and Francisco Ona and Lucia Pino and Carlos Maraval} } @inproceedings {GonzaloRamos1996, title = {ID3f+A. Algoritmo de Aprendizaje Inductivo Borroso con Divisi{\'o}n Intervalar Autom{\'a}tica de los Atributos}, booktitle = {VI Congreso Espa{\~n}ol Sobre Tecnolog{\'\i}as y L{\'o}gica Fuzzy (ESTYLF{\textquoteright}96)}, year = {1996}, month = {Septiembre}, pages = {225-230}, abstract = {

Uno de los campos m\ás prometedores dentro del estudio de la ambig\üedad es el del aprendizaje, tanto por su importancia consusntacial como por su relaci\ón con la Inteligencia Artificial. Esta relaci\ón se hace evidente cuando intentamos resolver, desde una perspectiva borrosa, el problema de la adquisici\ón autom\ática del conocimiento en sistemas expertos. El algoritmo ID3, el m\ás relevante de los utilizados para la inducci\ón de \árboles de decisi\ón, no es utilizable tal cual con un concepto borroso del concepto de pertenencia. Adem\ás se muestra ineficiente cuando no existe un experto humano que defina correctamente los subrangos de actuaci\ón para los atributos que junto a las clases expresan las relaciones entre situaciones que este algoritmo de aprendizaje intenta descubrir. Proponemos como soluci\ón un nuevo algoritmo, el ID3f+A, que posee la capacidad de tratamiento borroso del concepto de pertenencia, gracias a una modificaci\ón del concepto de entrop\ía, y adem\ás realiza la divisi\ón intervalar autom\ática de los atributos, merced al control del proceso inductivo por medio de la utilizaci\ón de experiencias de control.

}, author = {Gonzalo Ramos and Javier Lopez} } @inproceedings {FranciscoLopez1995, title = {Image Compression Based on Competitive Hebbian Learning Neural Networks}, booktitle = {Brain Processes, Theories and Models International Conference}, year = {1995}, month = {October}, pages = {478-482}, address = {Las Palmas, Spain}, author = {Francisco Lopez and Javier Lopez and Carlos Maraval} } @inproceedings {JavierLopez1995, title = {Seguridad de Directorios en Criptosistemas de Clave P{\'u}blica mediante Redes Neuronales en Sistemas de Comunicaciones}, booktitle = {X Symposium Nacional de la Uni{\'o}n Cient{\'\i}fica Internacional de Radio (URSI{\textquoteright}95)}, year = {1995}, month = {Septiembre}, pages = {147-150}, address = {Valladolid, Espa}, author = {Javier Lopez and Francisco Ona and Lucia Pino and Carlos Maraval} } @inproceedings {JavierLopez1994, title = {Sistema de Cifrado de Correo Electr{\'o}nico en Red de Area Local}, booktitle = {III Reuni{\'o}n Espa{\~n}ola de Criptolog{\'\i}a (III REC)}, year = {1994}, month = {Noviembre}, pages = {133-138}, address = {Barcelona, Espa}, author = {Javier Lopez and Carlos Maraval} }