Biblio

Export results:
Author Title Type [ Year(Asc)]
Filters: First Letter Of Title is A and Author is Rodrigo Roman  [Clear All Filters]
J. E. Rubio, R. Roman, and J. Lopez, "Analysis of cybersecurity threats in Industry 4.0: the case of intrusion detection",
The 12th International Conference on Critical Information Infrastructures Security, vol. Lecture Notes in Computer Science, vol 10707, Springer, pp. 119-130, 08/2018. More..
PDF icon 1666.pdf (236.18 KB)
J. E. Rubio, C. Alcaraz, R. Roman, and J. Lopez, "Analysis of Intrusion Detection Systems in Industrial Ecosystems",
14th International Conference on Security and Cryptography (SECRYPT 2017), vol. 6, SciTePress, pp. 116-128, 2017. DOI More..
PDF icon 1662.pdf (312.9 KB)
A. Nieto, R. Roman, and J. Lopez, "Arquitectura funcional para la cadena de custodia digital en objetos de la IoT",
XIV Reunión Española sobre Criptología y Seguridad de la Información, pp. 168-173, 10/2016. More..

Abstract

En la Internet de los Objetos (IoT, por sus siglas en inglés), los ataques pueden ser perpetrados desde dispositivos que enmascaran su rastro ayudándose de la densidad de objetos y usuarios. Actualmente la idea de que los dispositivos de usuario almacenan evidencias que pueden ser muy valiosas para frenar ataques es bien conocida. Sin embargo, la colaboración de éstos para denunciar posibles abusos telemáticos aún está por definir. Los testigos digitales son dispositivos concebidos para definir la participación de dispositivos de usuario en una cadena de custodia digital. La idea es que las evidencias se generan, almacenan y transfieren siguiendo los requisitos marcados por las normas actuales (p.ej. UNE 71505), pero respetando las restricciones en recursos de los dispositivos. En este artículo proponemos una arquitectura funcional para la implementación del concepto de testigo digital en dispositivos heterogéneos de la IoT.

PDF icon 1582.pdf (921.02 KB)
R. Roman, et al., "Advanced Secure Multimedia Services for Digital Homes",
Information Systems Frontiers, vol. 14, Springer, pp. 527-540, July 2012. DOI (I.F.: 0.851)More..

Abstract

Our society is becoming increasingly more IT-oriented, and the images and sounds that reflect our daily life are being stored mainly in a digital form. This digital personal life can be part of the home multimedia contents, and users demand access and possibly share these contents (such as photographs, videos, and music) in an ubiquitous way: from any location and with any device. The purpose of this article is twofold. First, we introduce the Feel@Home system, whose main objective is to enable the previously mentioned vision of an ubiquitous digital personal life. Second, we describe the security architecture of Feel@Home, analyzing the security and privacy requirements that identify which threats and vulnerabilities must be considered, and deriving the security building blocks that can be used to protect both IMS-based and VPN-based solutions.

Impact Factor: 0.851
Journal Citation Reports® Science Edition (Thomson Reuters, 2012)

PDF icon Roman2010a.pdf (1.36 MB)
P. Najera, R. Roman, and J. Lopez, "Acceso seguro a nodos RFID en una arquitectura de red personal",
X Jornadas de Ingeniería Telemática (JITEL 2011), K. Hackbarth, R. Agüero, and R. Sanz Eds., Universidad de Cantabria, pp. 104 - 111, 09/2011. More..

Abstract

El paradigma de red personal (PN) permitirá la interacción y colaboración del creciente abanico de dispositivos personales. Con tal fin la PN ha de integrar en su seno múltiples tecnologías heterogéneas con diversas capacidades computacionales y de comunicación de forma segura. En particular, la incorporación de la tecnología RFID en objetos personales conlleva múltiples riesgos de seguridad y privacidad que han suscitado un elevado interés de la comunidad investigadora en los últimos años. Más allá de su seguridad de forma aislada, su integración en la PN y la interacción de ésta con redes de área extensa como Internet of Things requieren una arquitectura de red personal adecuada para tal contexto. Este artículo proporciona los fundamentos de tal arquitectura segura incluyendo el análisis de aspectos como la incorporación e inicialización de las restringidas etiquetas RFID en la red personal, la autenticación tanto de miembros de la PN como de usuarios y servicios remotos en su acceso a las tecnologías de contexto, el control de las políticas de privacidad y el establecimiento de canales seguros de comunicación supervisados.

C. Alcaraz, R. Roman, P. Najera, and J. Lopez, "Acceso seguro a redes de sensores en SCADA a través de Internet",
XI Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2010), pp. 337-342, September, 2010. More..

Abstract

Las Infraestructuras Críticas (ICs) son monitorizadas por sistemas altamente complejos, conocidos como sistemas SCADA (Sistemas de Control y Adquisición de Datos), cuyo principal soporte se encuentra en las subestaciones, las cuales miden de primera instancia el estado real de tales ICs. Para mejorar este control, la industria está actualmente demandando la integración en el modelo tradicional de dos avances tecnológicos: Internet y las redes de sensores inalámbricas. Sin embargo, su incorporación requiere analizar los requisitos de seguridad que surgen en dicho contexto, así como diversos aspectos correlacionados (ej. mantenimiento, rendimiento, seguridad y optimización) y, en base a estos, la estrategia de integración más adecuada para satisfacer dichos requisitos. Este artículo proporciona dicho análisis en profundidad con el fin de ofrecer un modelo de integración seguro adecuado para entornos críticos.

PDF icon Alcaraz2010.pdf (496.18 KB)
C. Alcaraz, et al., "Adaptive Dispatching of Incidences Based on Reputation for SCADA Systems",
6th International Conference on Trust, Privacy and Security in Digital Business (TrustBus’09), Springer-Verlag, pp. 86-94, September, 2009. DOI More..

Abstract

SCADA systems represent a challenging scenario where the management of critical alarms is crucial. Their response to these alarms should be efficient and fast in order to mitigate or contain undesired effects. This work presents a mechanism, the Adaptive Assignment Manager (AAM) that will aid to react to incidences in a more efficient way by dynamically assigning alarms to the most suitable human operator. The mechanism uses various inputs for identifying the operators such as their availability, workload and reputation. In fact, we also define a reputation component that stores the reputation of the human operators and uses feedback from past experiences.

PDF icon Alcaraz2009.pdf (289.68 KB)
J. Lopez, R. Roman, and C. Alcaraz, "Analysis of Security Threats, Requirements, Technologies and Standards in Wireless Sensor Networks",
Foundations of Security Analysis and Design 2009, LNCS 5705, Springer Berlin/Heidelberg, pp. 289-338, August, 2009. DOI More..

Abstract

As sensor networks are more and more being implemented in real world settings, it is necessary to analyze how the different requirements of these real-world applications can influence the security mechanisms. This paper offers both an overview and an analysis of the relationship between the different security threats, requirements, applications, and security technologies. Besides, it also overviews some of the existing sensor network standards, analyzing their security mechanisms.

PDF icon Lopez2009.pdf (380.21 KB)
C. Alcaraz, R. Roman, and J. Lopez, "Análisis de la Aplicabilidad de las Redes de Sensores para la Protección de Infraestructuras de Información Críticas",
VI Jornadas de Ingeniería Telemática (JITEL’08), pp. 437, September, 2008. More..

Abstract

Las infraestructuras críticas, como el sector energético, la banca, el transporte, y muchas otras, son un pilar esencial para en bienestar de la sociedad y la economía de un país. Estas infraestructuras dependen a su vez de ciertas infraestructuras de información, las cuales permiten su correcto funcionamiento. La tarea de proteger esas infraestructuras (de información) críticas es compleja y multidimensional, con una gran cantidad de desafíos por resolver. Precisamente, las redes de sensores pueden ser de gran ayuda para esta tarea, debido a suscapacidades de control distribuidas y a su habilidad de funcionar en situaciones extremas. Este artículo analiza la utilidad de las redes de sensores en este contexto, describiendo tanto sus capacidades como sus posibles roles y mecanismos de integración para la protección de infraestructuras (de información) críticas.

PDF icon Alcaraz2008.pdf (87.41 KB)
C. Alcaraz, R. Roman, and J. Lopez, "Análisis de primitivas criptográficas para redes de sensores",
VI Jornadas de Ingeniería Telemática (JITEL’07), pp. 401-408, September, 2007. More..

Abstract

Security in wireless sensor networks is very limited due to highly-constrained hardware of sensor nodes. To protect services is necessary to use secure foundations, known as security primitives, like part of a protocol. Theses primitives must assure at least confidentiality in the communication channel, authentication of the peers involved in an information exchange, and integrity of the messages. There are many primitives such as symmetric encryption, hash functions and public key cryptography, but not all of them can be supported by sensor nodes since require high resource levels, for example memory. This paper contains a deep analysis of available and suitable security primitives for sensor nodes, as well as an analysis of hardware and software implementations. Besides, it has been developed an experiment with two implementations, and it has been created a new and improved version using the optimizations of each.

PDF icon Alcaraz2007.pdf (205.14 KB)
R. Roman, and C. Alcaraz, "Applicability of Public Key Infrastructures in Wireless Sensor Networks",
European PKI Workshop: Theory and Practice (EuroPKI’07), LNCS 4582, Springer, pp. 313-320, June, 2007. DOI More..

Abstract

Wireless Sensor Networks (WSN) are becoming a key technology in the support of pervasive and ubiquitous services. The previous notion of PKC is too expensive for WSN has changed partially due to the existence of new hardware and software prototypes based on Elliptic Curve Cryptography and other PKC primitives. Then, it is necessary to analyze whether it is both feasible and convenient to have a Public Key Infrastructure for sensor networks that would allow the creation of PKC-based services like Digital Signatures.

PDF icon Roman2007b.pdf (142.01 KB)
R. Roman, J. Zhou, and J. Lopez, "An Anti-spam Scheme Using Pre-challenges",
Computer Communications, vol. 29, no. 15, Elsevier, pp. 2739-2749, 2006. DOI (I.F.: 0.444)More..

Abstract

Unsolicited Commercial Email, or Spam, is nowadays an increasingly serious problem to email users. A number of anti-spam schemes have been proposed in the literature and some of them have been deployed in email systems, but the problem has yet been well addressed. One of those schemes is challenge-response, in which a challenge, ranging from a simple mathematical problem to a hard-AI problem, is imposed on an email sender in order to forbid machine-based spam reaching receivers’ mailboxes. However, such a scheme introduces new problems for the users, e.g., delay of service and denial of service. In this paper, we introduce the pre-challenge scheme, which is based on the challenge-response mechanism and takes advantage of some features of email systems. It assumes each user has a challenge that is defined by the user himself/herself and associated with his/her email address, in such a way that an email sender can simultaneously retrieve a new receiver’s email address and challenge before sending an email in the first contact. Some new mechanisms are employed in our scheme to reach a good balance between security against spam and convenience to normal email users. Our scheme can be also used for protecting other messaging systems, like Instant Messaging and Blog comments.

Impact Factor: 0.444
Journal Citation Reports® Science Edition (Thomson Reuters, 2006)

PDF icon Roman2006a.pdf (355.8 KB)
R. Roman, J. Zhou, and J. Lopez, "Applying Intrusion Detection Systems to Wireless Sensor Networks",
IEEE Consumer Communications & Networking Conference (CCNC 2006), IEEE, pp. 640-644, January, 2006. DOI More..

Abstract

The research of Intrusion Detection Systems (IDS) is a mature area in wired networks, and has also attracted many attentions in wireless ad hoc networks recently. Nevertheless, there is no previous work reported in the literature about IDS architectures in wireless sensor networks. In this paper, we discuss the general guidelines for applying IDS to static sensor networks, and introduce a novel technique to optimally watch over the communications of the sensors’ neighborhood on certain scenarios.

PDF icon Roman2006.pdf (144.74 KB)
C. Alcaraz, and R. Roman, "Applying Key Infrastructures for Sensor Networks in CIP/CIIP Scenarios",
1st International Workshop on Critical Information Infrastructures Security (CRITIS’06), LNCS 4347, Springer Berlin / Heidelberg, pp. 166-178, 2006. DOI More..

Abstract

It is commonly agreed that Wireless Sensor Networks (WSN) is one of the technologies that better fulfills features like the ones required by Critical (Information) Infrastructures. However, a sensor network is highly vulnerable against any external or internal attacks, thus network designers must know which are the tools that they can use in order to avoid such problems. In this paper we describe in detail a procedure (the KMS Guidelines), developed under our CRISIS project, that allows network designers to choose a certain Key Management System, or at least to know which protocol need to improve in order to satisfy the network requirements.

PDF icon Alcaraz2006.pdf (150.66 KB)
R. Roman, J. Lopez, and J. Zhou, "Análisis de Seguridad en Redes Inalámbricas de Sensores",
V Jornadas de Ingenería Telemática (JITEL’05), pp. 335-343, Septiembre, 2005. More..

Abstract

The design and development of security infrastructures and protocols for Wireless Sensor Networks is a difficult task, due to several factors like the constraints of the sensor nodes and the public nature of the communication channels. The intrinsic features of these networks create numerous security problems. In this paper, we analyze and put into perspective those problems.

PDF icon R.Roman2005.pdf (233.58 KB)
R. Roman, J. Lopez, and J. Zhou, "Aplicación de Sistemas de Detección de Intrusiones en Redes de Sensores",
Simposio sobre Computación Ubicua e Inteligencia Ambiental (UCAmI’05), pp. 113-120, September, 2005. More..

Abstract

Los sistemas de detección de intrusiones (IDS) son una herramienta imprescindible de seguridad a la hora de proteger una red. Recientemente se han investigado y desarrollado arquitecturas de IDS para redes inalámbricas, en concreto para redes "Ad Hoc". No obstante, no existe un trabajo previo que desarrolle una arquitectura de IDS para una red de sensores. En este artículo, analizamos porque los sistemas IDS de redes "Ad Hoc" no pueden aplicarse a redes de sensores, e introducimos una arquitectura de IDS para redes de sensores que incorpora una nueva técnica para vigilar las comunicaciones de la red en ciertos escenarios.

PDF icon Roman2005b.pdf (467.35 KB)
Modify or remove your filters and try again.