X Symposium Nacional de la Unión Científica Internacional de Radio (URSI’95), pp. 147-150, Septiembre, 1995.
International Journal of Information Security (IJIS), vol. 2, no. 2, Springer, pp. 91-102, 2004.
Public-Key Infrastructures (PKIs) are considered the basis of the protocols and tools needed to guarantee the security demanded for new Internet applications like electronic commerce, government-citizen relationships and digital distribution. This paper introduces a new infrastructure design, Cert’eM, a key management and certification system that is based on the structure of the electronic mail service and on the principle of near-certification. Cert’eM provides secure means to identify users and distribute their public-key certificates, enhances the efficiency of revocation procedures, and avoids scalability and synchronization problems. Because we have considered the revocation problem as priority in the design process, and with a big influence in the rest of the PKI components, we have developed an alternative solution to the use of Certificate Revocation Lists (CRLs), which has become one of the strongest points in this new scheme.
Computers & Security, vol. 38, Elsevier, pp. 14-27, OCT 2013. DOI (I.F.: 1.172)
Any deliberate or unsuitable operational action in control tasks of critical infrastructures, such as energy generation, transmission and distribution systems that comprise sub-domains of a Smart Grid, could have a significant impact on the digital economy: without energy, the digital economy cannot live. In addition, the vast majority of these types of critical systems are configured in isolated locations where their control depends on the ability of a few, supposedly trustworthy, human operators. However, this assumption of reliabilty is not always true. Malicious human operators (criminal insiders) might take advantage of these situations to intentionally manipulate the critical nature of the underlying infrastructure. These criminal actions could be not attending to emergency events, inadequately responding to incidents or trying to alter the normal behaviour of the system with malicious actions. For this reason, in this paper we propose a smart response mechanism that controls human operators’ operational threats at all times. Moreover, the design of this mechanism allows the system to be able to not only evaluate by itself, the situation of a particular scenario but also to take control when areas are totally unprotected and/or isolated. The response mechanism, which is based on Industrial Wireless Sensor Networks (IWSNs) for the constant monitoring of observed critical infrastructures, on reputation for controlling human operators’ actions, and on the ISA100.11a standard for alarm management, has been implemented and simulated to evaluate its feasibility for critical contexts.
First International Conference on Electronic Government (EGOV’02), LNCS 2456, Springer, pp. 211-214, September, 2002.
Interaction of citizens and private organizations with Public Administrations can produce meaningful benefits in the accessibility, efficiency and availability of documents, regardless of time, location and quantity. Although there are some experiences in the field of e-government there are still some technological and legal difficulties that avoid a higher rate of communications with Public Administrations through Internet, not only from citizens, but also from private companies. We have studied two of the technological problems, the need to work in a trustful environment and the creation of tools to manage electronic versions of the paper-based forms.
ERCIM News, vol. 49, pp. 38-40, 2002.
The transition from traditional commerce to electronic and mobile commerce is fostered by aspects like convenience, speed and ease of use. However, security issues remain unsolved. Smart cards open new possibilities for the development of security schemes and protocols that can provide security in applications such as electronic payments or software protection where traditional cryptographic tools are not useful. The GISUM group is involved in several research projects that make use of smart cards. Current applications include a secure electronic forms framework for government-citizen relations, electronic ticketing systems for GMS phones and Internet, a PDA-based digital signature environment, public transport, access control systems, software protection and banking applications. This report focuses on two recent projects: the eTicket electronic ticketing project (1FD97 1269 C02 02 (TAP)), a coordinated project with the Carlos III University of Madrid; and the Alcance project, consisting of the development of a secure electronic forms framework for secure Internet-based communication between citizens and the public administration (1FD97 0850 (TIC)).
|"Critical Information Infrastructures Security, Second International Workshop, CRITIS 2007, Málaga, Spain, October 3-5, 2007. Revised Papers",
CRITIS, vol. 5141, Springer, 2007. DOI
International Conference on Imaging Science, Systems, and Technology (CISST’98), pp. 418-424, July, 1998.
We present in this paper a first approach to the use of artificial neural as a tool to determine the orientation of objects moving on a conveyor belt in a car assembly line. The capability of neural networks to generalise is a key element in the calculation of an object’s orientation. In this sense, a neural network with Competitive Hebbian Learning can identify the angle of a part never used in its training process. The equilibrium between exactitude and processing time is also studied.
Computer Standards & Interfaces, vol. 27, no. 3, Elsevier, pp. 489-499, 2005. (I.F.: 0.62)
Organizations need to develop formally analyzed systems in order to achieve well-known formal method benefits. In order to study the security of communication systems, we have developed a methodology for the application of the formal analysis techniques, commonly used in communication protocols, to the analysis of cryptographic protocols. In particular, we have extended the design and analysis phases with security properties. Our proposal uses a specification notation based on one of the most used standard requirement languages HMSC/MSC, which can be automatically translated into a generic SDL specification. The SDL system obtained can then be used for the analysis of the addressed security properties, by using an observer process schema. Besides our main goal to provide a notation for describing the formal specification of security systems, our proposal also brings additional benefits, such as the study of the possible attacks to the system, and the possibility of re-using the specifications produced to describe and analyse more complex systems.
Future Generation Computer Systems, vol. 75, Elsevier, pp. 46–57, 10/2017. DOI (I.F.: 4.639)
The Internet of Things (IoT) envisions a world covered with billions of smart, interacting things capable of offering all sorts of services to near and remote entities. The benefits and comfort that the IoT will bring about are undeniable, however, these may come at the cost of an unprecedented loss of privacy. In this paper we look at the privacy problems of one of the key enablers of the IoT, namely wireless sensor networks, and analyse how these problems may evolve with the development of this complex paradigm. We also identify further challenges which are not directly associated with already existing privacy risks but will certainly have a major impact in our lives if not taken into serious consideration.
IEEE International Workshop on Web Semantics (WebS’03), IEEE Press, pp. 622-626, 2003.
Revista SIC, vol. 88, Ediciones CODA, pp. 66-73, Feb 2010.
El paradigma de la Internet de los Objetos, donde todos aquellos objetos físicos que nos rodean tendrán la capacidad de generar y consumir información en el ámbito de un mundo virtual, se encuentra cada vez más cerca. Es ahora un buen momento para llamar la atención sobre sus principales desafíos de seguridad, tanto desde un punto de vista global como asociados a sus elementos más importantes (la tecnología RFID y las redes de sensores). Así, este paradigma puede ser plenamente comprendido y protegido, evolucionando hacia uno de los nuevos pilares del futuro.
3rd ACIS Int. Conf. on Software Engineering, Artificial Intelligence Networking and Parallel/Distributed Computing (SNPD’02), pp. 157-163, Junio, 2002.
Interaction of organizations and their clients by using the Internet can produce meaningful benefits in the accessibility, efficiency and availability of documents, regardless of time and location. However, some types of problems hinder a higher degree of communication. This paper presents some of the results of a Research Project that focuses on the influence of typical open networks risks in electronic interactions and on the need of creating software tools to manage electronic versions of the paper-based forms, as this is the traditional way of interaction through the Web.
I Congreso Nacional Turismo y Tecnología de la Información y las Comunicaciones (TURITEC’99), pp. 99-110, Septiembre, 1999.
Uno de los servicios que cada día cobra más importancia y que promete un cambio radical para las empresas es el comercio electrónico en Internet, pero tradicionalmente las empresas relacionadas con el turismo sólo han empleado la red para darse a conocer y ofertar sus productos. La razón esencial es la desconfianza que existe sobre la seguridad de las transacciones llevadas a cabo en la red. La criptografía de clave pública proporciona servicios adecuados para garantizar la seguridad de esas transacciones. Pero en la actualidad, algunos de esos servicios están menos desarrollados que otros; un ejemplo de ellos es el servicio de No-Repudio. En este artículo se estudian distintas formas de ofrecer servicios de no-repudio y se analizan sus ventajas y desventajas en función de las necesidades del entorno en que se utilicen.
Third International Conference on Ubiquitous Intelligence and Computing, LNCS 4159, no. 4159, Springer, pp. 977-987, August, 2006.
The increased heterogeneity and dynamism of new computing paradigms and especially of ubiquitous computing models is boosting the need for auto-configurable systems. In these new scenarios, heterogeneity and dynamism are inherent properties and applications are built by aggregating distributed information and services that are not under the control of a single entity. Furthermore, the current trend towards distributed computing poses important problems related to the need to transmit large amounts of data between the distributed nodes of the computing system; the control over the information; and the flexibility to adapt to heterogeneous client requirements. These characteristics are difficult to manage by traditional computing models. For these reasons, the mobile agent paradigm is gaining momentum and the interest of researchers and industry in this paradigm is increasing. In this paper we present a solution to provide a secure and auto-configurable environment for mobile agents in ubiquitous computing scenarios. Our approach is based on two main building blocks: trusted platforms and profiles.
II Jornadas de Informática y Automática, pp. 305-314, Julio, 1996.
In this paper we first compare Parikh’s condition to various pumping conditions - Bar-Hillel’s pumping lemma, Ogden’s condition and Bader-Moura’s condition; secondly, to interchange condition; and finally, to Sokolowski’s and Grant’s conditions. In order to carry out these comparisons we present some properties of Parikh’s languages. The main result is the orthogonality of the previously mentioned conditions and Parikh’s condition.
|"Information and Communications Security, 6th International Conference, ICICS 2004, Malaga, Spain, October 27-29, 2004, Proceedings",
ICICS, vol. 3269, Springer, 2004.
VII Reunión Española sobre Criptología y Seguridad de la Información (VII RECSI), pp. 485-497, Septiembre, 2002.
Revista SIC: Seguridad en Informática y Comunicaciones, vol. 49, pp. 1-2, 2002.
Information Security Technical Report, vol. 12, no. 3, Elsevier, pp. 139-147, Jun 2007. DOI
This paper explains the evolution of the concept of delegation since its first references in the context of distributed authorization to the actual use as a fundamental part of a privilege management architecture. The work reviews some of the earliest contributions that pointed out the relevance of delegation when dealing with distributed authorization, in particular we comment on PolicyMaker and Keynote, and also on SDSI/SPKI. Then, we elaborate on Federation as a particular case of delegation, and remark the importance given to federation by the industry. Finally, the paper discusses about privilege management infrastructures, introducing a new mechanism to extend their functionality using advanced delegation services.
International Conference on Imaging Science, Systems, and Technology (CISST’98), July, 1998.
Computer Standards & Interfaces, vol. 27, no. 5, Elsevier, pp. 467-478, Jun 2005. DOI (I.F.: 0.62)
A challenging task in security engineering concerns the specification and integration of security with other requirements at the top level of requirements engineering. Empirical studies show that it is common at the business process level that customers and end users are able to express their security needs. Among the security needs of Internet applications, authentication and authorization services are outstanding and, sometimes, privacy becomes a parallel requirement. In this paper, we introduce a methodology for the specification of security requirements and use a case study to apply our solution. We further detail the resulting system after extending it with an Authentication and Authorization Infrastructure.
European CIIP Newsletter, vol. 11, issue 26, no. 1, European CIIP Newsletter, pp. 27-29, 03/2017.
IEEE Globecom 2003 - Communications Security Track, IEEE Press, pp. 1506-1510, December, 2003.
In order to study the security systems, we have developed a methodology for the application to the analysis of cryptographic protocols of the formal analysis techniques commonly used in communication protocols. In particular, we have extended the design and analysis phases with security properties. Our proposal uses a specification notation based on HMSC/MSC, which can be automatically translated into a generic SDL specification.
|9th International Conference on Applied Cryptography and Network Security (ACNS 2011)
, vol. 6715, Springer, Aug 2011.
International Conference on Infrastructure Security (InfraSec’02), LNCS 2437, Springer-Verlag, pp. 246-259, October, 2002.
Every communication system requiring security properties is certainly critical. In order to study the security of communication systems, we have developed a methodology for the application of the formal analysis techniques of communication protocols to the analysis of cryptographic ones. We have extended the design and analysis phases with security properties. Our methodology uses a specification technique based on the HMSC/MSC requirement languages, and translates it into a generic schema for the SDL specification language, which is used for the analysis. Thus, the technique allows the specification of security protocols using a standard formal language and uses Object-Orientation for reusability purposes. The final goal is not only the formal specification of a security system, but to examine the possible attacks, and later use the specification in more complex systems.
11th International Conference on Database and Expert Systems Applications (DEXA’00), LNCS 1873, Springer, pp. 929-938, September, 2000.
Public-key cryptography is fast becoming the foundation for those applications that require security and authentication in open networks. But the widespread use of a global public-key cryptosystem requires that public-key certificates are always available and up-to-date. Problems associated to digital certificates management, like storage, retrieval, maintenance, and, specially, revocation, require special procedures that ensure reliable features because of the critical significance of inaccuracies. Most of the existing systems use a Certificate Revocation List, a repository of certificates that have been revoked before their expiration date. The need to access CRLs in order to check certificate revocations becomes a performance handicap. Furthermore, they introduce a source of vulnerability in the whole security infrastructure, as it is impossible to produce a new CRL each time a revocation takes place. This paper introduces an alternative for the storage of digital certificates that avoids the use of CRLs. The system is designed to provide a distributed management of digital certificates by using Certification Authorities that, while being part of a whole Public-Key Infrastructure, operate over local certificates databases. Communication protocols between local databases have been designed to minimize network traffic without a lack of security and efficiency.
2nd International Workshop on Security Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU’06), IEEE Press, pp. 1-6, June, 2006.
The extraordinary growth of the Information Society is originating a high dependency on ICT. This provokes that those strongly interrelated technological infrastructures, as well as the information systems that underpin them, become highly critical, since their disruption would lead to high economical, material and, sometimes, human loss. As a consequence, the protection of these Critical Information Infrastructures is becoming a major objective for governments and companies. In this paper, we give an overview of the main challenges and open research issues on Critical Information Infrastructure security, and introduce an on-going research project that, using wireless sensor networks as an underlying technology, is dealing with those problems. Our research project focuses on the development of protection, control, evaluation, maintenance and verification mechanisms, integrated into a secure service-oriented architecture.
IV Reunión Española de Criptología (IV REC), pp. 27-33, Septiembre, 1996.
Nowadays cryptography is present in nearly every aspect of our everyday life, in particular public-key cryptosystems. Some of them have a mathematical foundation of number theory working with big integer numbers. Factoring these numbers is more complex and time-consuming than generating and testing prime numbers; this is the main reason for the strenght of some public key cryptosystems. This paper presents three different probabilistic methods for testing big prime numbers in a reasonable amount of time. A comparison of their efficiency to test prime numbers is also introduced.
Computers & Security, vol. 23, no. 7, Elsevier, pp. 578-590, 2004. (I.F.: 0.412)
In this article, we argue that traditional approaches for authorization and access control in computer systems (i.e., discretionary, mandatory, and role-based access controls) are not appropriate to address the requirements of networked or distributed systems, and that proper authorization and access control requires infrastructural support in one way or another. This support can be provided, for example, by an authentication and authorization infrastructure (AAI). Against this background, we overview, analyze, discuss, and put into perspective some technologies that can be used to build and operate AAIs. More specifically, we address Microsoft .NET Passport and some related activities (e.g. the Liberty Alliance Project), Kerberos-based solutions, and AAIs that are based on digital certificates and public key infrastructures (PKIs). We conclude with the observation that there is no single best approach for providing an AAI, that every approach has specific advantages and disadvantages, and that a comprehensive AAI must combine various technologies and approaches.
VII Reunión Española sobre Criptología y Seguridad de la Información (VII RECSI), pp. 471-483, Septiembre, 2002.
La aplicación de los métodos formales para el diseño y análisis de sistemas críticos está ampliamente aceptada en el desarrollo de estos sistemas. Los protocolos de seguridad abordan el objetivo de garantizar servicios y derechos como el de la confidencialidad de los datos personales o el de garantizar la identidad de acceso a un sistema. Por lo tanto, ya que un protocolo de seguridad es un sistema crítico, es necesario utilizar métodosformales para su diseño y análisis. Debido a las características especiales que presentan este tipo de protocolos, se deben utilizar métodos que no son los tradicionales utilizados para los protocolos de comunicaciones, sino que deben utilizarse otros específicos. En este artículo vamos a hacer un estudio de las principales propiedades de seguridad que poseen los protocolos criptográficos y de la manera de aplicar los métodos formales en su diseño y análisis.
I Congreso Internacional Sociedad de la Información, pp. 423-428, 2002.
The important role of Public Key Infrastructures (PKIs) inside the general scope of Internet communication, and more precisely, inside electronic commerce, has driven us to the revision of actual procedures followed in the development of software of these elements that provide security and trust to the digital certification environment. In this work we introduce the actual results of a joint research project of the Security Group of the University of Malaga and the Department of Technology Innovation of Banesto regarding a PKI implementation. The originality of this work is that we have paid attention not only to functional aspects of the infrastructure, but also to the programming techniques used. Basically, we have developed a solution in which implementation has been guided by the increase in the study of software architectures and those paradigms that have emerged in parallel, as component orientation, software frameworks, and design patterns. The correct use of these techniques provide a different point of view that allows the development of every PKI building block in a modular and independent way.
|"Wireless Sensor Networks Security",
Cryptology and Information Security Series, vol. 1, IOS Press, 2008.
Secure Networking (CQRE’99), LNCS 1740, Springer, pp. 109-118, December, 1999.
Public-Key Infrastructures are considered the basis of the protocols and tools needed to guarantee the security demanded for new Internet applications like electronic commerce, government-citizen relationships and digital distribution. This paper introduces a new infrastructure design, Cert’eM, a key management and certification system that is based on the structure of the electronic mail service and on the principle of near-certification. Cert’eM provides secure means to identify users and distribute their public-key certificates, enhances the efficiency of revocation procedures, and avoids scalability and synchronization problems. The system, developed and tested at the University of Malaga, was recently selected by RedIRIS, the National Research and Academic Network in Spain, to provide the public key service for its secure electronic mail.
2nd European PKI Workshop: Research and Applications (EuroPKI’05), LNCS 3545, Springer, pp. 135-143, June, 2005.
In spite of the fact that there are several companies that (try to) sell public key certificates, there is still no unified or standardized classification scheme that can be used to compare and put into perspective the various offerings. In this paper, we try to start filling this gap and propose a four-dimensional scheme that can be used to uniformly describe and classify public key certificates. The scheme distinguishes between (i) who owns a certificate, (ii) how the certificate owner is registered, (iii) on what medium the certificate (or the private key, respectively) is stored, and (iv) what type of functionality the certificate is intended to be used for. We think that using these or similar criteria to define and come up with unified or even standardized classes of public key certificate is useful and urgently needed in practice.
Information Security Practice and Experience (ISPEC 2014), vol. 8434, Springer, pp. 15-27, 05/2014. DOI
Wireless sensor networks (WSNs) are exposed to many different types of attacks. Among these, the most devastating attack is to compromise or destroy the base station since all communications are addressed exclusively to it. Moreover, this feature can be exploited by a passive adversary to determine the location of this critical device. This receiver-location privacy problem can be reduced by hindering traffic analysis but the adversary may still obtain location information by capturing a subset of sensor nodes in the field. This paper addresses, for the first time, these two problems together in a single solution
11th International SDL Forum (SDL’03), LNCS 2708, Springer-Verlag, pp. 300-317, July, 2003.
Nowadays, it is widely accepted that critical systems have to be formally analysed in order to achieve well-known formal method benefits. In order to study the security of communication systems, we have developed a methodology for the application of the formal analysis techniques commonly used in communication protocols to the analysis of cryptographic ones. In particular, we have extended the design and analysis phases with security properties. Our proposal uses a specification notation based on MSC, which can be automatically translated into a generic SDL specification. This SDL system can then be used for the analysis of the desired security properties, by using an observer process schema. Apart from our main goal of providing a notation for describing the formal specification of security systems, our proposal also brings additional benefits, such as the study of the possible attacks to the system, and the possibility of re-using the specifications produced to describe and analyse more complex systems.
|"Advances in Critical Infrastructure Protection: Information Infrastructure Models, Analysis, and Defense",
LNCS, vol. 6715, Springer, 2012.
International Conference on Infrastructure Security (InfraSec’02), LNCS 2437, Springer-Verlag, pp. 325-337, October, 2002.
The main aims of Virtual Private Network (VPN) are to isolate a distributed network from outsiders, as well as to protect the confidentiality and integrity of sensitive information traversing a non-trusted network such as the Internet. However, some problems arise when security is considered as the unique problem because VPN users suffer from restrictions in their access to the network. They are not free to use traditional Internet services such as electronic mail exchange with non-VPN users, and to access Web and FTP servers external to the organization. This paper presents a new solution that allows the open use of traditional network services running over TCP and UDP layers, while maintaining strong security features. The new scheme works at the TCP/IP transport layer and does not require the addition of new hardware because it is a totally software solution. As a consequence, the application is totally portable. Moreover, and because of its implementation at the transport layer, there is no need to modify any traditional communication applications previously installed in the network system.
Simposio Español de Informática Distribuida (SEID’00), pp. 313-320, Septiembre, 2000.
La seguridad es uno de los aspectos más conflictivos del uso de Internet. La falta de una política de seguridad global está frenando el desarrollo de Internet en áreas tan interesantes y prometedoras como el comercio electrónico o la interacción con las administraciones públicas. Las técnicas criptográficas actuales proporcionan un alto grado de confidencialidad; no obstante, es difícil garantizar la identificación segura de los usuarios y, además, la gestión de las claves de los mismos es poco eficiente y presenta graves problemas de escalabilidad. Este trabajo describe las características de implementación de una solución a ambos problemas basada en una Infraestructura de Clave Pública (PKI) que proporciona una administración simple y eficiente de las claves de los usuarios y posibilita la autenticación segura de los mismos.
|"Public Key Infrastructure, 4th European PKI Workshop: Theory and Practice, EuroPKI 2007, Palma de Mallorca, Spain, June 28-30, 2007, Proceedings",
EuroPKI, vol. 4582, Springer, 2007.
Novática, vol. 134, pp. 20-26, 1998.
La seguridad es uno de los aspectos más conflictivos del uso de Internet. La falta de una política de seguridad global está frenando el desarrollo de Internet en áreas tan interesantes y prometedoras como el comercio electrónico o la interacción con las administraciones públicas. Las técnicas criptográficas actuales proporcionan un alto grado de confidencialidad; no obstante, es difícil garantizar la identificación segura de los usuarios y, además, la gestión de las claves de los mismos es poco eficiente y presenta graves problemas de escalabilidad y seguridad. En este trabajo se describe una solución a ambos problemas basada en una Infraestructura de Clave Pública que proporciona una administración simple y eficiente de las claves de los usuarios y posibilita la autenticación segura de los mismos. El sistema se ha probado con éxito de forma local y, en breve, será instalado para su prueba por parte de la comunidad de usuarios de RedIris.
TERENA Networking Conference, June, 2004.
In this work we elaborate on a taxonomy of systems that provide either joint solutions for both authentication and authorization problems, or solutions for only one of the problems. Basically, we do not focus our work on theoretical systems that have been proposed only in the literature. On the other hand, we focus on: (i) systems that are already developed; (ii) systems that are under development or deployment; and (iii) systems that are still in the initial stages of design but are supported by international working groups or bodies. More precisely, we elaborate on a taxonomy of systems that are (or will be soon) available to final users.
IEEE Transactions on Industrial Informatics, IEEE, In Press. (I.F.: 5.430)
Online Information Review Journal, vol. 27, no. 3, Emerald, pp. 147-159, 2003. (I.F.: 0.417)
Foundations of Security Analysis and Design 2009, LNCS 5705, Springer Berlin/Heidelberg, pp. 289-338, August, 2009. DOI
As sensor networks are more and more being implemented in real world settings, it is necessary to analyze how the different requirements of these real-world applications can influence the security mechanisms. This paper offers both an overview and an analysis of the relationship between the different security threats, requirements, applications, and security technologies. Besides, it also overviews some of the existing sensor network standards, analyzing their security mechanisms.
First International Workshop on Security in Information Systems (SIS’02), pp. 61-71, April, 2002.
Authentication between protocol agents is widely studied in the cryptographic protocol analysis area. It is essential in a virtual environment to rely on protocol parties’ identity. In the academic literature there are many protocols that provide the authentication property. We present in this paper a new mechanism to verify authentication using SDL, general purpose specification language. We have defined a generic schema in SDL that allow us to specify a security system and check system behavior when a malicious agent ( the intruder ) is present. We have used the EKE authentication protocol to illustrate how the mechanism works.
IFIP Working Conference on User Identification and Privacy Protection, pp. 209-227, June, 1999.
While there is wide agreement on the immense potential of Internet, its growth and performance are adversely affected by security issues. Despite its impressive size, scope and reach, the Internet has not yet become a common vehicle for many of these new possibilities. Progress in fields as electronic commerce and government-citizen relationships have been limited by the open design of the network itself. Today, Public-Key Infrastructures are the basis of the protocols and tools needed to guarantee the security demanded in those fields. Trust management and user identification are also important issues that remain unresolved. This paper introduces a key management and user identification system, named Cert’eM, that is based on the electronic mail service. Cert’eM provides important advantages over existing Public-Key Infrastructures and user identification proposals.
Journal of Computer Security, vol. 14, no. 5, IOS Press, pp. 469-482, 2006.
III Reunión Española de Criptología (III REC), pp. 133-138, Noviembre, 1994.
7th IFIP Conference on Multimedia and Communications Security (CMS’03), LNCS 2828, Springer-Verlag, pp. 158-171, October, 2003.
Security services are essential for ensuring secure communications. Typically no consideration is given to security requirements during the initial stages of system development. Security is only added latter as an afterthought in function of other factors such as the environment into which the system is to be inserted, legal requirements, and other kinds of constraints. In this work we introduce a methodology for the specification of security requirements intended to assist developers in the design, analysis, and implementation phases of protocol development. The methodology consists of an extension of the ITU-T standard requirements language MSC and HMSC, called SRSL, defined as a high level language for the specification of security protocols. In order to illustrate it and evaluate its power, we apply the new methodology to a real world example, the integration of an electronic notary system into a web-based multi-users service platform.
|Proceedings of the 7th International Conference on Network and System Security (NSS 2013)
, vol. LNCS, no. 7873, Springer, Jun 2013.
Third International Conference on E-Commerce and Web Technologies (ECWeb’02), LNCS 2455, Springer, pp. 203-213, September, 2002.
The use of attribute certificates and the concept of mobile policies have been proposed to overcome some of the limitations of the role based access control (RBAC) paradigm and to implement security requirements such as the ‘‘originator controlled’’ (ORCON) policy. Mobile policies are attached to the data that they control and enforced by their execution in trusted servers. In this paper we extend this idea to allow the execution of the policies in untrusted systems. Our extension allows that policies are bound to the data but not attached to it. By this modification security administrators are able to change policies dynamically and transparently. Additionally, we introduce X-ACS, an XML-based language designed to express policies in a simple and unambiguous way overcoming the limitations of other approaches. Important features of X-ACS are that it can be used by processors with limited capabilities such as smart cards while allowing the automated validation of policies.
Revista SIC: Seguridad en Informática y Comunicaciones, vol. 38, pp. 1-5, 2001.
On Foundations of Security Analysis and Design IV, FOSAD 2006/2007, Springer, LNCS 4677, pp. 160-182, 2007. DOI
Critical Infrastructures are complex and highly interconnected systems that are crucial for the well-being of the society. Any type of failure can cause significant damage, affecting one or more sectors due to their inherent interdependency. Not only the infrastructures are critical, but also the information infrastructures that manage, control and supervise them. Due to the seriousness of the consequences, the protection of these critical (information) infrastructures must have the highest priority. It is the purpose of this book chapter to review and discuss about these infrastructures, to explain their elements, and to highlight their research and development issues. This chapter will also discuss the role of Wireless Sensor Network (WSN) technology in the protection of these infrastructures.
Internet Research, vol. 15, no. 5, Emerald, pp. 544-556, 2005. (I.F.: 0.688)
Since public key cryptography is a fundamental technology for electronic commerce, people have often argued that public key infrastructures and corresponding certification services are the gold-mines of the information age. Contrary to these relatively high expectations, public key infrastructures have not really taken off and many certification service providers have even gone out of business. In this paper, we overview and discuss the technical, economical, legal, and social reasons why public key infrastructures have failed so far, summarize the lessons learnt, and give our expectations about the future development of the field.
Computer Networks, vol. 134, Elsevier, pp. 46 - 54, 2018. DOI (I.F.: 2.522)
Computer Standards & Interfaces, vol. 25, no. 4, pp. 391-409, 2003. (I.F.: 0.523)
Application-level access control is an important requirement in many distributed environments. For instance, in new scenarios such as e-commerce, access to resources by previously unknown users is an essential problem to be solved. The integration of Privilege Management Infrastructure (PMI) services in the access control system represents a scalable way to solve this problem. Within the CORBA standards, the Resource Access Decision (RAD) facility is a mechanism used by security-aware applications to obtain authorization decisions and to manage access decision policies. This paper presents PMI-RAD, an approach to integrate the services of an external PMI into CORBA applications using the RAD facility. In particular, the integration of the external PMI in the access control system is based on the semantic description of the PMI services. Our RAD implementation requests and verifies attribute certificates from the PMI in a transparent way for CORBA objects.
Computer Communications, vol. 33, no. 9, Elsevier, pp. 0140-3664, 2010. DOI (I.F.: 0.816)
Wireless sensor networks (WSNs) have been proven a useful technology for perceiving information about the physical world and as a consequence has been used in many applications such as measurement of temperature, radiation, flow of liquids, etc. The nature of this kind of technology, and also their vulnerabilities to attacks make the security tools required for them to be considered in a special way. The decision making in a WSN is essential for carrying out certain tasks as it aids sensors establish collaborations. In order to assist this process, trust management systems could play a relevant role. In this paper, we list the best practices that we consider are essential for developing a good trust management system for WSN and make an analysis of the state of the art related to these practices.
International Conference on Information and Communications Security (ICICS’02), LNCS 2513, Springer-Verlag, pp. 399-410, December, 2002.
Distributed systems usually contain objects with heterogeneous security requirements that pose important challenges on the underlying security mechanisms and especially in access control systems. Access control in distributed systems often relies on centralized security administration. Existing solutions for distributed access control do not provide the flexibility and manageability required. This paper presents the XML-based Secure Content Distribution (XSCD) infrastructure is based on the production of self-protected software objects that convey contents (software or data) and can be distributed without further security measures because they embed the access control enforcement mechanism. It also provides means for integrating Privilege Management Infrastructures (PMIs). Semantic information is used in the dynamic instantiation and semantic validation of policies. XSCD is scalable, facilitates the administration of the access control system, guarantees the secure distribution of the contents, enables semantic integration and interoperability of heterogeneous sources, solves the “originator retained control” issue and allows activities (such as payment) to be bound to the access to objects.
IEEE International Carnahan Conference on Security Technology, IEEE Press, pp. 354-362, October, 1999.
An Extranet is used to connect businesses with their suppliers, customers or other businesses that share common goals in a way that automates their administrative interactions using Internet technology. The security of the communications over Internet is considered an essential feature. To guarantee secure operation the aid of some user authentication infrastructure is needed. This paper introduces a Public Key Infrastructure (PKI) and user identification scheme to be used in extranet applications. The flexibility of the system allows it to fit the usual hierarchical organization structure.
|"Critical Information Infrastructures Security, First International Workshop, CRITIS 2006, Samos, Greece, August 31 - September 1, 2006, Revised Papers",
CRITIS, vol. 4347, Springer, 2006.