Publications

Export results:
Author Title Type [ Year(Asc)]
Filters: First Letter Of Title is S  [Clear All Filters]
A. Farao, et al., "SealedGRID: A Secure Interconnection of Technologies for Smart Grid Applications",
14th International Conference on Critical Information Infrastructures Security (CRITIS 2019), vol. 11777, Springer, Cham, pp. 169-175, 12/2019. DOI More..

Abstract

In recent years, the Smart Grid has increasingly integrated cutting-edge technologies that generate several benefits for all the stakeholders involved, such as a more accurate billing system and enhanced Demand Response procedures. However, this modernization also brings with it diverse cyber security and privacy issues, which sets the necessity for developing a security platform specifically tailored to this scenario. In this paper, we present SealedGRID, which proposes a flexible architecture that provides security services at all levels by implementing Trusted Execution Environments on their devices, together with advanced authentication and authorization mechanisms, as well as privacy preserving techniques. These technologies are presented in depth and a final security analysis is conducted, which highlights the contributions of this project.

D. Ferraris, C. Fernandez-Gago, J. Daniel, and J. Lopez, "A Segregated Architecture for a Trust-based Network of Internet of Things",
IEEE Consumer Communications & Networking Conference 2019, IEEE, 03/2019. DOI More..

Abstract

With the ever-increasing number of smart home devices, the issues related to these environments are also growing. With an ever-growing attack surface, there is no standard way to protect homes and their inhabitants from new threats. The inhabitants are rarely aware of the increased security threats that they are exposed to and how to manage them. To tackle this problem, we propose a solution based on segmented architectures similar to the ones used in industrial systems. In this approach, the smart home is segmented into various levels, which can broadly be categorised into an inner level and external level. The external level is protected by a firewall that checks the communication from/to the Internet to/from the external devices. The internal level is protected by an additional firewall that filters the information and the communications between the external and the internal devices. This segmentation guarantees a trusted environment between the entities belonging to the internal network. In this paper, we propose an adaptive trust model that checks the behaviour of the entities and, through this model, in case the entities violate trust rules they can be put in quarantine or banned from the network.

PDF icon 1780.pdf (227.72 KB)
J. E. Rubio, C. Alcaraz, and J. Lopez, "Selecting Privacy Solutions to Prioritise Control in Smart Metering Systems",
The 11th International Conference on Critical Information Infrastructures Security, vol. 10242, pp. 176-188, 2017. More..

Abstract

The introduction of the Smart Grid brings with it several benefits to society, because its bi-directional communication allows both users and utilities to have better control over energy usage. However, it also has some privacy issues with respect to the privacy of the customers when analysing their consumption data. In this paper we review the main privacy-preserving techniques that have been proposed and compare their efficiency, to accurately select the most appropriate ones for undertaking control operations. Both privacy and performance are essential for the rapid adoption of Smart Grid technologies.

PDF icon 1600.pdf (275.75 KB)
D. Nuñez, I. Agudo, M. Egorov, and ML. Wilkison, "Sistema de Acceso Delegado a Información Cifrada para Apache Hadoop",
III Jornadas Nacionales de Investigación en Ciberseguridad, URJC, pp. 174-175, 06/2017. More..

Abstract

En este artículo presentamos un sistema que permite delegación de acceso a información cifrada para Apache Hadoop, de forma segura y transparente al usuario. Para ello usamos técnicas criptográficas avanzadas basadas en el recifrado delegado. Con este sistema, es posible almacenar en Hadoop los datos de forma cifrada y delegar de forma segura el acceso a los nodos de computación. El funcionamiento es transparente ya que se integra con la capa del sistema de ficheros nativa HDFS. Además, el recifrado delegado permite hacer rotación de claves de cifrado de forma segura y rápida.

C. Alcaraz, and J. Lopez, "Safeguarding Structural Controllability in Cyber-Physical Control Systems",
The 21st European Symposium on Research in Computer Security (ESORICS 2016), vol. 9879, Springer, pp. 471-489, 2016. More..

Abstract

Automatic restoration of control wireless networks based on dynamic cyber-physical systems has become a hot topic in recent years, since most of their elements tend to have serious vulnerabilities that may be exploited by attackers. In fact, any exploitation may rapidly extend to the entire control network due to its problem of non-locality, where control properties of a system and its structural controllability can disintegrate over time. Unfortunately, automated self-healing processes may become costly procedures in which the reliability of the strategies and the time-critical of any recovery of the control can become key factors to re-establish the control properties in due time. This operational need is precisely the aim of this paper, in which four reachability-based recovery strategies from a thereotical point of view are proposed so as to find the best option/s in terms of optimization, robustness and complexity. To do this, new definitions related to structural controllability in relation to the type of distribution of the network and its control load capacity are given in this paper, resulting in an interesting practical study.

PDF icon 1598.pdf (606.93 KB)
A. Nieto, and J. Lopez, "Security and QoS Tradeoff Recommendation System (SQT-RS) for Dynamic Assessing CPRM-based Systems",
10th ACM International Symposium on QoS and Security for Wireless and Mobile Networks (Q2SWinet'14), ACM, pp. 25-32, 09/2014. DOI More..

Abstract

Context-based Parametric Relationship Models (CPRM) define complex dependencies between different types of parameters. In particular, Security and QoS relationships, that may occur at different levels of abstraction, are easily identified using CPRM. However, the growing number of parameters and relationships, typically due to the heterogeneous scenarios of future networks, increase the complexity of the final diagrams used in the analysis, and makes the current solution for assessing Security and QoS tradeoff (SQT) impractical for untrained users. In this paper, we define a recommendation system based on contextual parametric relationships in accordance with the definition of CPRM. The inputs for the system are generated dynamically based on the context provided by CPRM-based systems.

 

PDF icon 932.pdf (626.17 KB)
C. Alcaraz, E. Etcheves Miciolino, and S. Wolthusen, "Structural Controllability of Networks for Non-Interactive Adversarial Vertex Removal",
8th International Conference on Critical Information Infrastructures Security, vol. 8328, Springer, pp. 120-132, 2013. DOI More..

Abstract

The problem of controllability of networks arises in a number of different domains, including in critical infrastructure systems where control must be maintained continuously. Recent work by Liu et al. has renewed interest in the seminal work by Lin on structural controllability, providing a graph-theoretical interpretation. This allows the identification of driver nodes capable of forcing the system into a desired state, which implies an obvious target for attackers wishing to disrupt the network control. Several methods for identifying driver nodes exist, but require undesirable computational complexity. In this paper, we therefore investigate the ability to regain or maintain controllability in the presence of adversaries able to remove vertices and implicit edges of the controllability graph. For this we rely on the POWER DOMINATING SET (PDS) formulation for identifying the control structure and study different attack strategies for multiple network models. As the construction of a PDS for a given graph is not unique, we further investigate different strategies for PDS construction, and provide a simulative evaluation.

PDF icon 1810.pdf (625.81 KB)
P. Najera, R. Roman, and J. Lopez, "Secure architecure for the integration of RFID and sensors in personal networks",
7th International Workshop on Security and Trust Management (STM’11), LNCS 7170, Springer, pp. 207-222, 2012. DOI More..

Abstract

The secure integration of RFID technology into the personal network paradigm, as a context-aware technology which complements body sensor networks, would provide notable benefits to applications and potential services of the PN. RFID security as an independent technology is reaching an adequate maturity level thanks to research in recent years; however, its integration into the PN model, interaction with other network resources, remote users and service providers requires a specific security analysis and a PN architecture prepared to support these resource-constrained pervasive technologies. This paper provides such PN architecture and analysis. Aspects such as the management of personal tags as members of the PN, the authentication and secure communication of PN nodes and remote users with the context-aware technologies, and the enforcement of security and privacy policies are discussed in the architecture.

PDF icon Najera_STM11.pdf (551.02 KB)
A. Nieto, and J. Lopez, "Security and QoS relationships in Mobile Platforms",
The 4th FTRA International Conference on Computer Science and its Applications (CSA 2012), Lecture Notes in Electrical Engineering 203, Springer Netherlands, pp. 13-21, 2012. DOI More..

Abstract

Mobile platforms are becoming a fundamental part of the user’s daily life. The human-device relationship converts the devices in a repository of personal data that may be stolen or modified by malicious users. Moreover, wireless capabilities open the door to several malicious devices, and mobility represents an added difficulty in the detection of malicious behavior and in the prevention of the same. Furthermore, smartphones are subject to quality of service (QoS) restrictions, due to the user needs for multimedia applications and, in general, the need to be always-on. However, Security and QoS requirements are largely confronted and the mobility and heterogeneous paradigm on the Future Internet makes its coexistence even more difficult, posing new challenges to overcome. We analyze the principal challenges related with Security and QoS tradeoffs in mobile platforms. As a result of our analysis we provide parametric relationships between security and QoS parameters focused on mobile platforms.

PDF icon Nieto2012c.pdf (1.4 MB)
A. Nieto, and J. Lopez, "Security and QoS tradeoffs: towards a FI perspective",
Advanced Information Networking and Applications Workshops (WAINA), 2012 26th International Conference on, IEEE, pp. 745-750, 03/2012. DOI More..

Abstract

 Motivated by the growing convergence of diverse types of networks and the raise of new concepts such as Future Internet (FI), in this paper we present an analysis of current research on the development of security mechanisms in a tradeoff with Quality of Service (QoS) mechanisms. More precisely, we pay attention to the Security and QoS problems in resource-constrained networks that are candidates to be an important part of the FI due to their proximity to the user or because of their contribution to the information society. We analyse the current state of the research on security and QoS in the integration of sensors, MANET and cellular networks, with the aim of providing a critical point of view, allowing us to assess whether it is possible that such integration of networks is both secure and efficient.

PDF icon Nieto2012b.pdf (1.32 MB)
F. Moyano, C. Fernandez-Gago, and J. Lopez, "Service-Oriented Trust and Reputation Architecture",
Proceedings of the Doctoral Symposium of the International Symposium on Engineering Secure Software and Systems (ESSoS-DS 2012), J. Cuellar, and N. Koch Eds., CEUR-WS 834, CEUR-WS, pp. 41-46, 2012. More..

Abstract

As the Future Internet arrives, more complex, service-based applications are spreading. These applications pose several challenges, including the huge amount of entities that must interact and their het- erogeneity. The success of these applications depends on the collaboration and communication of these entities, that might belong to different or- ganizations and administrative domains. Therefore, trust and reputation become two crucial issues. We propose the specification and design of a service-based security architecture that stresses the delivery of trust and reputation services to any application that might require them.

PDF icon moyano2012essosds.pdf (188.61 KB)
A. Nieto, and G. Fernandez, "Sistema Colaborativo de Detección y Reacción ante Intrusiones basado en Intel vPro",
XII Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2012), pp. 45-50, Sep 2012. More..

Abstract

En este trabajo proponemos una plataforma para el desarrollo de un sistema colaborativo para la detección y reacción ante intrusiones, empleando como base las tecnologías presentes en Intel vPro. La solución presentada está dirigida a solventar la necesidad de implantación de nuevas tecnologías que posibiliten la reacción ante ataques, independientemente del sistema operativo usado. Con este fin, en este trabajo abordamos tres puntos fundamentales: la detección de intrusiones colaborativa, la respuesta automática de los nodos ante la detección de una intrusión y el uso de herramientas que posibiliten asegurar la confianza en un nodo. En un sistema colaborativo como el que se propone aquí, un aspecto clave para la seguridad es la protección de las comunicaciones entre los mecanismos de detección y reacción frente a intrusiones. La modificación o el simple acceso a los datos intercambiados por tales sistemas supone un grave riesgo para la seguridad del entorno. Como resultado hemos desarrollado un prototipo preliminar para probar la solución propuesta en un escenario de ataque real.

PDF icon NF_RECSI12.pdf (534.44 KB)
F.. Siddiqui, S.. Zeadally, C. Alcaraz, and S.. Galvao, "Smart Grid Privacy: Issues and Solutions",
21st International Conference on Computer Communications and Networks (ICCCN), IEEE Computer Society, pp. 1-5, Jul 2012. DOI More..

Abstract

Migration to an electronically controlled electrical grid to transmit, distribute, and deliver power to consumers has helped enhance the reliability and efficiency of conventional electricity systems. At the same time, this digitally enabled technology called the Smart Grid has brought new challenges to businesses and consumers alike. A key component of such a grid is the smart-metering technology, which is used to collect energy consumption data from homes and transmitting it back to power distributors. A crucial concern is the privacy related to the collection and use of energy consumption data. We present an analysis of Smart Grid privacy issues and discuss recently proposed solutions that can protect the privacy of Smart Grid users.

N. Libor, et al., "Strong Authentication of Humans and Machines in Policy Controlled Cloud Computing Environment Using Automatic Cyber Identity",
Information Security Solutions Europe 2012, N. Pohlmann, H. Reimer, and W. Schneider Eds., Springer Vieweg, pp. 195-206, 2012. DOI More..

Abstract

The paper describes the experience with integration of automatic cyber identity technology with policy controlled virtualisation environment. One identity technology has been used to enable strong authentication of users (human beings) as well as machines (host systems) to the virtualization management system. The real experimental evaluation has been done in PASSIVE project (Policy-Assessed system-level Security of Sensitive Information processing in Virtualised Environments - SEVENTH FRAMEWORK PROGRAMME THEME ICT-2009.1.4 INFORMATION AND COMMUNICATION TECHNOLOGIES - Small or medium-scale focused research project - Grant agreement no.: 257644).

R. Roman, J. Lopez, C. Alcaraz, and H. Hwa Chen, "SenseKey - Simplifying the Selection of Key Management Schemes for Sensor Networks",
5th International Symposium on Security and Multimodality in Pervasive Environments (SMPE’11), IEEE, March, 2011. DOI More..

Abstract

Key Management Schemes (KMS) are a very important security mechanism for Wireless Sensor Networks (WSN), as they are used to manage the credentials (i.e. secret keys) that are needed by the security primitives. There is a large number of available KMS protocols in the literature, but it is not clear what should network designers do to choose the most suitable protocol for the needs of their applications. In this paper, we consider that given a certain set of application requirements, the network designer can check which properties comply with those requirements and select the KMS protocols that contains those particular properties. Therefore, we study the relationship between requirements and properties, and we provide a web tool, the SenseKey tool, that can be used to automatically obtain an optimal set of KMS protocols.

PDF icon Roman11SK.pdf (143.01 KB)
R. Rios, and J. Lopez, "Source Location Privacy Considerations in Wireless Sensor Networks",
4th International Symposium of Ubiquitous Computing and Ambient Intelligence (UCAmI’10), L. Fuentes, N. Gámez, and J. Bravo Eds., IBERGARCETA PUBLICACIONES, S.L., pp. 29 - 38, Sept., 2010. More..

Abstract

Wireless Sensor Networks are considered to be one of the cornerstones of Ambient Intelligence since they can be used in countless applications, where sensors are unobtrusively embedded into the environment to perform operations like monitoring, tracking and reporting. In such scenarios, privacy issues must be carefully considered since the mere observation of the network operation might reveal great amounts of private information to unauthorised parties. One of the problems that is gaining more attention in the realm of privacy, is the location privacy problem, which aims to prevent an attacker from obtaining the location of specific nodes of interest to him. In this paper we provide a general overview of the proposed solutions to counter this threat. Finally, we will also discuss some open challenges and future directions of research for a convenient management of privacy issues in smart environments.

PDF icon Rios2010.pdf (352.58 KB)
D. G. Rosado, E. Fernandez-Medina, and J. Lopez, "A Study of Security Approaches for the Development of Mobile Grid Systems",
5th International Conference on Software and Data Technologies (ICSOFT’10), vol. 1, Springer, pp. 133-138, july, 2010. More..

Abstract

Mobile Grid systems allow us to build highly complex information systems with various and remarkable features (interoperability between multiple security domains, cross-domain authentication and authorization, dynamic, heterogeneous and limited mobile devices, etc), which demand secure development methodologies to build quality software, offering methods, techniques and tools that facilitate the work of the entire team involved in software development. These methodologies should be supported by Grid security architectures that define the main security aspects to be considered, and by solutions to the problem of how to integrate mobile devices within Grid systems. Some approaches regarding secure development methodologies of Grid security architectures and of the integration of mobile devices in the Grid have been found in literature, and these are analyzed and studied in this paper, offering a comparison framework of all the approaches related to security in Mobile Grid environments.

J. L. Vivas, I. Agudo, and J. Lopez, "Security Assurance During the Software Development Process",
International Conference on Computer Systems and Technologies (CompSysTech09), ACM, pp. 11.7.1-11.7.6, 2009. DOI More..

Abstract

Assurance has been a major topic for critical systems. Assurance is usually associated with safety conditions but has also an important role for checking security requirements. Security is best assured if it is addressed holistically, systematically, and from the very beginning in the software’s development process. We propose to integrate assurance and system development by letting the different stages of the system development life-cycle be mapped to the structure of the assurance case.

 

PDF icon vivas09.pdf (31.06 KB)
R. J. Caro, et al., "SMEPP: A Secure Middleware for Embedded P2P",
ICT Mobile and Wireless Communications Summit (ICT-MobileSummit’09), June, 2009. More..

Abstract

The increasing presence of embedded devices with internet access capabilities constitutes a new challenge in software development. These devices are now cooperating in a distributed manner towards what has been called as "Internet of Things". In this new scenario the client-server model is sometimes not adequate and dynamic ad-hoc networks are more common than before. However, security poses as a hard issue as these systems are extremely vulnerable. In this paper, we introduce SMEPP project, which aims at developing a middleware designed for P2P systems with a special focus on embedded devices and security. SMEPP is designed to be deployed in a wide range of devices. It tries to ease the development of applications hiding platforms details and other aspects such as scalability, adaptability and interoperability. A full implementation of this middleware is already available that incorporates security features specially designed for low-resource devices. Moreover, we describe two business applications being developed using this middleware in the context of "Digital Home" and "Environmental Monitoring in Industrial Environments".

PDF icon Benito2009.pdf (331.96 KB)
P. Najera, F. Moyano, and J. Lopez, "Secure Integration of RFID Technology in Personal Documentation for Seamless Identity Validation",
3rd Symposium of Ubiquitous Computing and Ambient Intelligence 2008, Advances in Soft Computing 51/2009, Springer, pp. 134-138, October, 2008. DOI More..

Abstract

Seamless human identification and authentication in the information system is a fundamental step towards the transparent interaction between the user and its context proposed in ambient intelligence. In this context, the IDENTICA project is aimed to the design and implementation of a distributed authentication platform based on biometrics (i.e. voice and facial image) and personal documentation. In this paper, we present our work in this project focused on the secure integration of RFID technology in personal documentation in order to provide seamless identity validation. Our actual work status, first results and future directions are described in detail.

PDF icon PNajera2009.pdf (37.61 KB)
J. Manuel Marquez, J. Jimenez, and I. Agudo, "Secure Real-Time Integration of Services in a OSGi Distributed Environment",
Fourth International Conference on Networked Computing and Advanced Information Management (NCM’08), vol. 1, IEEE, pp. 631-635, September, 2008. DOI More..

Abstract

This paper presents a service oriented architecture for real-time integration of services, how to distribute them in a local domain and how to define a secure way of accessing resources using users’ and services’ authorization and authentication. This work take advantage of previous European R amp;D projects focused on del.ivering applications and utilities in embedded real-time environments and the convergence of different worlds like Internet and digital TV.

C. Fernandez-Gago, R. Roman, and J. Lopez, "A Survey on the Applicability of Trust Management Systems for Wireless Sensor Networks",
3rd International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU’07), IEEE Computer Society, pp. 25-30, 2007. DOI More..

Abstract

Trust plays an important role in human life environments and virtual organizations. In the context of a network, trust may help its elements to decide whether another member of the same network is being uncooperative or malicious. Trust becomes quite important in self-configurable and autonomous systems, such as wireless sensor networks (WSN). However, very little effort has been done in the field of trust management in WSN. On the other hand, some efforts have been made in quite related fields such as Ad-hoc and P2P networks. In this paper we give an overview of existing trust management solutions, mainly those developed for Ad-Hoc and P2P networks and, more importantly, investigate their suitability to WSN. We also provide some guidelines to aid the development of trust management systems for WSN according to the nature of these networks.

PDF icon FernandezGago2007.pdf (137.36 KB)
J. Lopez, A. Mana, and A. Munoz, "A Secure and Auto-configurable Environment for Mobile Agents in Ubiquitous Computing Scenarios",
Third International Conference on Ubiquitous Intelligence and Computing, LNCS 4159, no. 4159, Springer, pp. 977-987, August, 2006. More..

Abstract

The increased heterogeneity and dynamism of new computing paradigms and especially of ubiquitous computing models is boosting the need for auto-configurable systems. In these new scenarios, heterogeneity and dynamism are inherent properties and applications are built by aggregating distributed information and services that are not under the control of a single entity. Furthermore, the current trend towards distributed computing poses important problems related to the need to transmit large amounts of data between the distributed nodes of the computing system; the control over the information; and the flexibility to adapt to heterogeneous client requirements. These characteristics are difficult to manage by traditional computing models. For these reasons, the mobile agent paradigm is gaining momentum and the interest of researchers and industry in this paradigm is increasing. In this paper we present a solution to provide a secure and auto-configurable environment for mobile agents in ubiquitous computing scenarios. Our approach is based on two main building blocks: trusted platforms and profiles.

PDF icon JavierLopez2006.pdf (61.69 KB)
J. Lopez, J. A. Montenegro, and R. Roman, "Service-Oriented Security Architecture for CII based on Sensor Networks",
2nd International Workshop on Security Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU’06), IEEE Press, pp. 1-6, June, 2006. More..

Abstract

The extraordinary growth of the Information Society is originating a high dependency on ICT. This provokes that those strongly interrelated technological infrastructures, as well as the information systems that underpin them, become highly critical, since their disruption would lead to high economical, material and, sometimes, human loss. As a consequence, the protection of these Critical Information Infrastructures is becoming a major objective for governments and companies. In this paper, we give an overview of the main challenges and open research issues on Critical Information Infrastructure security, and introduce an on-going research project that, using wireless sensor networks as an underlying technology, is dealing with those problems. Our research project focuses on the development of protection, control, evaluation, maintenance and verification mechanisms, integrated into a secure service-oriented architecture.

PDF icon JavierLopez2006a.pdf (66.6 KB)
F. Sanchez-Cid, A. Munoz, D. Serrano, and C. Fernandez-Gago, "Software Engineering Techniqes Applied to AmI: Security Patterns",
First International Conference on Ambient Intelligence Developments (AmID’06), Springer, pp. 108-123, September, 2006. DOI More..

Abstract

The realization of the Ambient Intelligence concept entails many important challenges, but the most important barriers to this realization is the lack of adequate support for security. In this paper we present a conceptual model of our solution for building secure systems for AmI environments, taking as basis the concept of Security and Dependability (S&D) Pattern as a precise representation of validated S&D solutions and mechanisms. The main elements embedded in our solution framework (S&D library, monitoring interface and S&D Manager) are presented both conceptually, and also using a simple example scenario based on an hospital AmI environment.

PDF icon Cid2006.pdf (210.37 KB)
J. Zhou, J. A. Onieva, and J. Lopez, "A Synchronous Multi-Party Contract Signing Protocol Improving Lower Bound of Steps",
21st International Information Security Conference (IFIP SEC’06), no. 201, Springer, pp. 221-232, May, 2006. More..

Abstract

Contract signing is a fundamental service in doing business. The Internet has facilitated the electronic commerce, and it is necessary to find appropriate mechanisms for contract signing in the digital world. A number of two-party contract signing protocols have been proposed with various features. Nevertheless, in some applications, a contract may need to be signed by multiple parties. Less research has been done on multi-party contract signing. In this paper, we propose a new synchronous multi-party contract signing protocol that, with n parties, it reaches a lower bound of 3(n − 1) steps in the all-honest case and 4n − 2 steps in the worst case (i.e., all parties contact the trusted third party). This is so far the most efficient synchronous multi-party contract signing protocol in terms of the number of messages required. We further consider the additional features like timeliness and abuse-freeness in the improved version.

PDF icon JianyingZhou2006.pdf (165.89 KB)
A. Munoz, J. A. Onieva, and J. Lopez, "On Secure Profiling",
1st International Workshop on Secure Ubiquitous Networks (SUN’05), IEEE Press, pp. 214-218, August, 2005. More..

Abstract

Ubiquitous environments have several drawbacks to be solved. Most of them are focused on security, and relevant ones are authorization and authentication. Amongst the essential elements to adequately provide solutions, we can find profiles. A profile can be defined as a repository to store structured data from users, networks, devices, applications, etc. As profiles are needed in ubiquitous environments, and these need of secure management as well, in this paper, we provide some initial guidance on the security storage of profiles and on security levels needed for each type of profile. Additionally, we review different alternatives to bear profiles, concluding that smartcards are the most suitable devices.

PDF icon AntonioMunoz2005.pdf (182.15 KB)
R. Roman, J. Zhou, and J. Lopez, "On the Security of Wireless Sensor Networks",
Computational Science and Its Applications (ICCSA’05), LNCS 3482, Springer, pp. 681-690, May, 2005. DOI More..

Abstract

Wireless Sensor Networks are extremely vulnerable against any kind of internal or external attacks, due to several factors such as resource-constrained nodes and lack of tamper-resistant packages. As a result, security must be an important factor to have in mind when designing the infrastructure and protocols of sensor networks. In this paper we survey the state-of-the-art security issues in sensor networks and highlight the open areas of research.security issues in sensor networks and highlight the open areas of research.

PDF icon Roman2005e.pdf (111.92 KB)
I. Agudo, and J. Lopez, "Specification and formal verification of security requirements",
5th international conference on Computer systems and technologies (CompSysTech ’04), ACM, pp. 1-6, 2004. DOI More..

Abstract

With the grown of internet and distributed applications, security requirements are going inherent to the software development process. Each time one communicates with some other one there are relevant security risk that must be taken in account. This is what is happening in the new soft-ware applications using client/server architecture. We propose including security requirements at the top level of development process, together with functional requirements because they are much related. With this information we are able to extract all communication protocols that are involved in our application and their associated security goals. This is the input to a verification phase in which we look for security flaws. The last step, and the more useful (and the not yet finished) is to use this information to modify our initial specification at the top level of the development process

S. Gurgens, and J. Lopez, "Suitability of a Classical Analysis Method for E-Commerce Protocols",
IV International Information Security Conference (ISC’01), LNCS 2200, Springer-Verlag, pp. 46-62, October, 2001. More..

Abstract

We present the adaptation of our model for the validation ofkey distribution and authentication protocols to address speci c needsof protocols for electronic commerce. The two models defer in both thethreat scenario and in the formalization. We demonstrate the suitabilityof our adaptation by analyzing a speci c version of the Internet BillingServer protocol introduced by Carnegie Mellon University. Our analysisshows that, while the security properties a key distribution or authenticationprotocol shall provide are well understood, it is often not clearwhat properties an electronic commerce protocol can or shall provide.Our methods rely on automatic theorem proving tools. Speci cally, weused Øtter", an automatic theorem proving software developed at ArgonneNational Laboratories.

PDF icon SigridGuergens2001.pdf (256.9 KB)
A. Mana, F. Villalba, and J. Lopez, "Secure Examinations Through The Internet",
IFIP World Computer Congress, pp. 695-708, August, 1998. More..

Abstract

The objective of the present work is to present a solution to the problem of simultaneously examining groups of students in different computer laboratories while each student uses a computer with Internet access. The system presented focus on security and ease of use, being, at the same time, transparent to the users (students) and providing added services to the main objective of simultaneous examinations in several rooms with just one teacher.

L. Pino, A. Mana, J. J. Ortega, and J. Lopez, "Sistema Jerárquico de Administración de Claves Públicas para el Correo Electrónico",
I Jornadas de Ingeniería Telemática (JITEL’97), pp. 295-302, Sep 1997.
J. Lopez, F. Ona, L. Pino, and C. Maraval, "Seguridad de Directorios en Criptosistemas de Clave Pública mediante Redes Neuronales en Sistemas de Comunicaciones",
X Symposium Nacional de la Unión Científica Internacional de Radio (URSI’95), pp. 147-150, Septiembre, 1995.
J. Lopez, and C. Maraval, "Sistema de Cifrado de Correo Electrónico en Red de Area Local",
III Reunión Española de Criptología (III REC), pp. 133-138, Noviembre, 1994.
Modify or remove your filters and try again.