|""Security and Trust Management"",
6th International Workshop, STM 2010, Athens, Greece, September 23-24, 2010. Proceedings, vol. 6710, 2010.
Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC 2012), S. Ossowski, and P. Lecca Eds., ACM, pp. 1463-1469, 26-30 March 2012. DOI
The ubiquity of positioning devices poses a natural security challenge: users want to take advantage of location-related services as well as social sharing of their position but at the same time have security concerns about how much information should be shared about their exact position. This paper discusses different location-privacy problems, their formalization and the novel notion of indistinguishability regions that allows one to proof that a given obfuscation function provides a good trade-off between location sharing and privacy.
|"Proceedings of the 3rd International ACMSigsoft Symposium on Architecting Critical Systems (ISARCS 2012)",
3rd International ACMSigsoft Symposium on Architecting Critical Systems (ISARCS 2012), ACM, Jun 2012.
Proceedings of the First International Conference on Security of Internet of Things, ACM, pp. 172–178, 2012. DOI
While there has been considerable progress in the research and technological development (RTD) of the Internet of Things (IoT), there is still considerable RTD required by international communities for the trust, privacy and security research challenges arising from the constitution of the IoT architectures, infrastructures, communications, devices, objects, applications and services. In this paper, we present an thorough analysis of the ongoing and future RTD work, specifically in Europe, regarding trust, privacy and security of the Internet of Things with a view towards enabling international cooperation efforts around the globe to solve these major research challenges.
8th International Conference on Critical Information Infrastructures Security, vol. 8328, Springer, pp. 197-203, 2013. DOI
Critical Infrastructure Protection (CIP) faces increasing challenges in number and in sophistication, which makes vital to provide new forms of protection to face every day’s threats. In order to make such protection holistic, covering all the needs of the systems from the point of view of security, prevention aspects and situational awareness should be considered. Researchers and Institutions stress the need of providing intelligent and automatic solutions for protection, calling our attention to the need of providing Intrusion Detection Systems (IDS) with intelligent active reaction capabilities. In this paper, we support the need of automating the processes implicated in the IDS solutions of the critical infrastructures and theorize that the introduction of Machine Learning (ML) techniques in IDS will be helpful for implementing automatic adaptable solutions capable of adjusting to new situations and timely reacting in the face of threats and anomalies. To this end, we study the different levels of automation that the IDS can implement, and outline a methodology to endow critical scenarios with preventive automation. Finally, we analyze current solutions presented in the literature and contrast them against the proposed methodology
Computers and Electrical Engineering, vol. 47, issue October, Elsevier, pp. 299-317, 2015. DOI (I.F.: 1.084)
Current Critical Infrastructures (CIs) need intelligent automatic active reaction mechanisms to protect their critical processes against cyber attacks or system anomalies, and avoid the disruptive consequences of cascading failures between interdependent and interconnected systems. In this paper we study the Intrusion Detection, Prevention and Response Systems (IDPRS) that can offer this type of protection mechanisms, their constituting elements and their applicability to critical contexts. We design a methodological framework determining the essential elements present in the IDPRS, while evaluating each of their sub-components in terms of adequacy for critical contexts. We review the different types of active and passive countermeasures available, categorizing them and assessing whether or not they are suitable for Critical Infrastructure Protection (CIP). Through our study we look at different reaction systems and learn from them how to better create IDPRS solutions for CIP.
Computers & Security, vol. 55, no. November, Elsevier, pp. 235-250, 2015. (I.F.: 1.64)
The correct operation of Critical Infrastructures (CIs) is vital for the well being of society, however these complex systems are subject to multiple faults and threats every day. International organizations around the world are alerting the scientific community to the need for protection of CIs, especially through preparedness and prevention mechanisms. One of the main tools available in this area is the use of Intrusion Detection Systems (IDSs). However, in order to deploy this type of component within a CI, especially within its Control System (CS), it is necessary to verify whether the characteristics of a given IDS solution are compatible with the special requirements and constraints of a critical environment. In this paper, we carry out an extensive study to determine the requirements imposed by the CS on the IDS solutions using the Non-Functional Requirements (NFR) Framework. The outcome of this process are the abstract properties that the IDS needs to satisfy in order to be deployed within a CS, which are refined through the identification of satisficing techniques for the NFRs. To provide quantifiable measurable evidence on the suitability of the IDS component for a CI, we broaden our study using the Goal Question Metric (GQM) approach to select a representative set of metrics. A requirements model, refined with satisficing techniques and sets of metrics which help assess, in the most quantifiable way possible, the suitability and performance of a given IDS solution for a critical scenario, constitutes the results of our analysis.
IEEE Systems Journal, vol. 12, issue 2, IEEE, pp. 1778-1792, 06/2018. DOI (I.F.: 4.463)
Current Critical Infrastructures (CIs) are complex interconnected industrial systems that, in recent years, have incorporated information and communications technologies such as connection to the Internet and commercial off-the-shelf components. This makes them easier to operate and maintain, but exposes them to the threats and attacks that inundate conventional networks and systems. This paper contains a comprehensive study on the main stealth attacks that threaten CIs, with a special focus on Critical Information Infrastructures (CIIs). This type of attack is characterized by an adversary who is able to finely tune his actions to avoid detection while pursuing his objectives. To provide a complete analysis of the scope and potential dangers of stealth attacks we determine and analyze their stages and range, and we design a taxonomy to illustrate the threats to CIs, offering an overview of the applicable countermeasures against these attacks. From our analysis we understand that these types of attacks, due to the interdependent nature of CIs, pose a grave danger to critical systems where the threats can easily cascade down to the interconnected systems.
XVIII Jornadas Telecom I+D, October, 2008.
Los sistemas distribuidos en dispositivos embebidos representan un nuevo reto en el desarrollo de software. Estos sistemas han supuesto una importante revolución en el paradigma de la computación distribuida donde se intenta fragmentar un problema grande en múltiples problemas más pequeños. El nuevo escenario tiende entonces hacia sistemas en los cuales todos los elementos de la red se consideran iguales y los mecanismos de comunicación estãn basados en redes ad-hoc que se forman dinámicamente. De esta forma cualquier usuario de la red (en realidad cualquier elemento, hasta el más simple dispositivo) adquiere valor, a mayor colaboración, mayor éxito del sistema. Sin embargo, desde el punto de vista de la seguridad, estos sistemas son extremadamente vulnerables. En este artículo se presenta SMEPP, un middleware diseñado especialmente para sistemas P2P incluyendo aspectos de seguridad. SMEPP está diseñado para poder ser ejecutado en un amplio rango de dispositivos (desde redes de sensores hasta PC), y trata de facilitar el desarrollo de aplicaciones ocultando los detalles de la plataforma y otros aspectos tales como escalabilidad, adaptabilidad e interoperabilidad. Además el artículo presenta dos aplicaciones de alto nivel que utilizando este middleware pasan a ser más personales, más sociales y más baratas, haciendo que todos los usuarios de la red cobren mayor importancia.
ICT Mobile and Wireless Communications Summit (ICT-MobileSummit’09), June, 2009.
The increasing presence of embedded devices with internet access capabilities constitutes a new challenge in software development. These devices are now cooperating in a distributed manner towards what has been called as "Internet of Things". In this new scenario the client-server model is sometimes not adequate and dynamic ad-hoc networks are more common than before. However, security poses as a hard issue as these systems are extremely vulnerable. In this paper, we introduce SMEPP project, which aims at developing a middleware designed for P2P systems with a special focus on embedded devices and security. SMEPP is designed to be deployed in a wide range of devices. It tries to ease the development of applications hiding platforms details and other aspects such as scalability, adaptability and interoperability. A full implementation of this middleware is already available that incorporates security features specially designed for low-resource devices. Moreover, we describe two business applications being developed using this middleware in the context of "Digital Home" and "Environmental Monitoring in Industrial Environments".
|Digital Home Networking
, Wiley-ISTE, 2011.
IX Reunión Española sobre Criptología y Seguridad de la información (IX RECSI), pp. 35-46, Sep 2006.
7th International Conference on Computational Science and Its Applications (ICCSA’07), LNCS 4706, Springer, pp. 549-558, 2007.
In order to achieve a high performance in a real implementation of the non-repudiation service it is necessary to estimate timeouts, TTP features, publication key time, number of originators and recipients, and other relevant parameters. An initial work of the authors focused on a basic event-oriented simulation model for the estimation of timeouts. In the actual work, we present a set of extensions to that basic model for the estimation of the TTP features (storage capacity and ftp connection capacity). We present and analyze the new and valuable results obtained.
2nd Workshop on Internet Communications Security (WICS’04), (within Computational Science and its Applications International Conference), LNCS 3043, Springer, pp. 903-914, May, 2004.
An essential issue for the best operation of non-repudiation protocols is to figure out their timeouts. In this paper, we propose a simulation model for this purpose since timeouts depend on specific scenario features such as network speed, TTP characteristics, number of originators and recipients, etc. Based on a one-to-many Markowicth’s protocol simulation model as a specific example, we have worked out various simulation experiments.
Computers and Security, vol. 28, no. 5, Elsevier, pp. 289-300, 2009. (I.F.: 1.488)
III Simposio Español de Comercio Electronico (SCE’05), Universitat de les Illes Balears, pp. 151-164, 2005.
El no repudio es un requisito de seguridad cuya importancia se ha hecho evidente con el crecimiento del comercio electrónico. Muchos protocolos se han desarrollado como solución a este requisito. La gran mayoría incluye en su especificación parámetros cuyos valores no son fáciles de especificar pues dependen de las condiciones reales de implementación del mismo como los tiempos límites, las características de la TTP, tiempo de publicación de las claves, etc. En este trabajo proponemos un modelo que nos ayudará en la estimación de esos parámetros basado en la simulación del escenario real. Para la explicación y prueba del modelo mostramos un conjunto de experimentos.
VII Reunión Española sobre Criptología y Seguridad de la Información (VII RECSI), pp. 123-135, Sep 2002.