@inproceedings {rios2013b, title = {Ocultaci{\'o}n de la estaci{\'o}n base en redes inal{\'a}mbricas de sensores}, booktitle = {XI Jornadas de Ingenier{\'\i}a Telem{\'a}tica (JITEL 2013)}, year = {2013}, month = {Oct 2013}, pages = {481-486}, publisher = {Asociaci{\'o}n de Telem{\'a}tica}, organization = {Asociaci{\'o}n de Telem{\'a}tica}, address = {Granada}, abstract = {

La estaci{\'o}n base es el elemento m{\'a}s importante en un red de sensores y, por tanto, es necesario evitar que un atacante pueda hacerse con el control de este valioso dispositivo. Para ello, el atacante puede valerse tanto de t{\'e}cnicas de an{\'a}lisis de tr{\'a}fico como de la captura de nodos. En este trabajo presentamos un esquema que consta de dos fases, la primera est{\'a} dedicada a homogeneizar los patrones de tr{\'a}fico y la segunda encargada de perturbar las tablas de rutas de los nodos. Ambas fases permiten mantener a la estaci{\'o}n base fuera del alcance del atacante con un coste computacional insignificante y un consumo energ{\'e}tico moderado. La validez de nuestro esquema ha sido validada anal{\'\i}ticamente y a trav{\'e}s de numerosas simulaciones.

}, isbn = {978-84-616-5597-7}, author = {Ruben Rios and Jorge Cuellar and Javier Lopez}, editor = {Jes{\'u}s E. D{\'\i}az Verdejo and Jorge Navarro Ortiz and Juan J. Ramos Mu{\~n}oz} } @inproceedings {vivas09, title = {Security Assurance During the Software Development Process}, booktitle = {International Conference on Computer Systems and Technologies (CompSysTech09)}, year = {2009}, pages = {11.7.1-11.7.6}, publisher = {ACM}, organization = {ACM}, address = {Ruse (Bulgary)}, abstract = {

Assurance has been a major topic for critical systems. Assurance is usually associated with safety conditions but has also an important role for checking security requirements. Security is best assured if it is addressed holistically, systematically, and from the very beginning in the software{\textquoteright}s development process. We propose to integrate assurance and system development by letting the different stages of the system development life-cycle be mapped to the structure of the assurance case.

}, isbn = {978-1-60558-986-2}, doi = {10.1145/1731740.1731763}, author = {Jose L. Vivas and Isaac Agudo and Javier Lopez} } @inproceedings {Dix04, title = {Using Temporal Logics of Knowledge in the Formal Verification of Security Protocols}, booktitle = {11th International Symposium on Temporal Representation and Reasoning (TIME{\textquoteright}04)}, year = {2004}, pages = {148-151}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Tatihou, Normandie, France}, abstract = {

Temporal logics of knowledge are useful for reasoning about situations where the knowledge of an agent or component is important, and where change in this knowledge may occur over time. Here we use temporal logics of knowledge to reason about security protocols. We show how to specify part of the Needham-Schroeder protocol using temporal logics of knowledge and prove various properties using a clausal resolution calculus for this logic.

}, keywords = {security protocols, temporal resolution, verification}, issn = {1530-1311}, doi = {http://doi.ieeecomputersociety.org/10.1109/TIME.2004.1314432}, author = {Clare Dixon and Carmen Fernandez-Gago and Michale Fisher and Wiebe van der Hoek} } @inproceedings {javierlopez2003, title = {High-level Specification of Security Systems}, booktitle = {IEEE Globecom 2003 - Communications Security Track}, year = {2003}, month = {December}, pages = {1506-1510}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {San Francisco}, abstract = {

In order to study the security systems, we have developed a methodology for the application to the analysis of cryptographic protocols of the formal analysis techniques commonly used in communication protocols. In particular, we have extended the design and analysis phases with security properties. Our proposal uses a specification notation based on HMSC/MSC, which can be automatically translated into a generic SDL specification.

}, isbn = {0-7803-7974-8}, author = {Javier Lopez and Juan J. Ortega and Jose M. Troya and Jose L. Vivas} } @inproceedings {javierlopez2003a, title = {How to Specify Security Services: A Practical Approach}, booktitle = {7th IFIP Conference on Multimedia and Communications Security (CMS{\textquoteright}03)}, series = {LNCS}, volume = {2828}, year = {2003}, month = {October}, pages = {158-171}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Torino, Italy}, abstract = {

Security services are essential for ensuring secure communications. Typically no consideration is given to security requirements during the initial stages of system development. Security is only added latter as an afterthought in function of other factors such as the environment into which the system is to be inserted, legal requirements, and other kinds of constraints. In this work we introduce a methodology for the specification of security requirements intended to assist developers in the design, analysis, and implementation phases of protocol development. The methodology consists of an extension of the ITU-T standard requirements language MSC and HMSC, called SRSL, defined as a high level language for the specification of security protocols. In order to illustrate it and evaluate its power, we apply the new methodology to a real world example, the integration of an electronic notary system into a web-based multi-users service platform.

}, isbn = {3-540-20185-8}, author = {Javier Lopez and Juan J. Ortega and Jose M. Troya and Jose L. Vivas} } @inproceedings {josevivas2003, title = {Towards Business Process-Driven Framework for Security Engineering with the UML}, booktitle = {6th International Conference on Information Security (ISC{\textquoteright}03)}, series = {LNCS}, volume = {2851}, year = {2003}, month = {October}, pages = {381-395}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Bristol, U.K.}, abstract = {

A challenging task in security engineering concerns the specification and integration of security with other requirements at the top level of requirements engineering. Empirical studies show that it is commonly at the business process level that customers and end users are able to express their security needs. In addition, systems are often developed by automating existing manual business processes. Since many security notions belongs conceptually to the world of business processes, it is natural to try to capture and express them in the context of business models in which moreover customers and end users feel most comfortable. In this paper, based on experience drawn from an ongoing work within the CASENET project \cite{CASENET}, we propose a UML-based business process-driven framework for the development of security-critical systems.

}, isbn = {1-4020-7449-2}, author = {Jose L. Vivas and Jose A. Montenegro and Javier Lopez} } @inproceedings {1722, title = {Internet Secure Communications Between Citizens and Public Administrations}, booktitle = {IFIP Conference on Advances in Electronic Government}, year = {2000}, pages = {109-120}, author = {Jorge Davila and Lidia Fuentes and Javier Lopez and Jose maria troya and Antonio Vallecillo} } @inproceedings {AntonioMana1998, title = {Secure Examinations Through The Internet}, booktitle = {IFIP World Computer Congress}, year = {1998}, month = {August}, pages = {695-708}, abstract = {

The objective of the present work is to present a solution to the problem of simultaneously examining groups of students in different computer laboratories while each student uses a computer with Internet access. The system presented focus on security and ease of use, being, at the same time, transparent to the users (students) and providing added services to the main objective of simultaneous examinations in several rooms with just one teacher.

}, author = {Antonio Mana and Francisco Villalba and Javier Lopez} } @inproceedings {FranciscoLopez1997a, title = {Determination of Objects Orientation in Assembly Lines using Neural Networks}, booktitle = {5th Intern. Conf. on Computer Aided Systems Theory and Technology (EUROCAST{\textquoteright}97)}, year = {1997}, month = {February}, pages = {183-189}, address = {Las Palmas, Spain}, abstract = {

This paper is a first approach to the use of artificial neural networks as a tool to estimate the orientation of an object, and is mainly directed towards industrial applications. The capability of neural networks to generalise is a key element in the calculation of an object\’s orientation. In this sense, a neural network can identify the angle of a part never seen before. To evaluate the efficiency of this method we have performed a series of tests with the different parts used in a car assembly line.

}, author = {Francisco Lopez and Javier Lopez and Alvaro Vergara and Lucia Pino} }