Publications

Export results:
[ Author(Asc)] Title Type Year
Filters: First Letter Of Last Name is F  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
F
L. Fuentes, and J. Lopez, "Arquitectura Composicional de Seguridad para Servicios Telemáticos",
II Jornadas de Ingeniería Telemática (JITEL´99), pp. 141-148, Sep 1999.
D. Ferraris, C. Fernandez-Gago, J. Daniel, and J. Lopez, "A Segregated Architecture for a Trust-based Network of Internet of Things",
IEEE Consumer Communications & Networking Conference 2019, IEEE, 03/2019. DOI More..

Abstract

With the ever-increasing number of smart home devices, the issues related to these environments are also growing. With an ever-growing attack surface, there is no standard way to protect homes and their inhabitants from new threats. The inhabitants are rarely aware of the increased security threats that they are exposed to and how to manage them. To tackle this problem, we propose a solution based on segmented architectures similar to the ones used in industrial systems. In this approach, the smart home is segmented into various levels, which can broadly be categorised into an inner level and external level. The external level is protected by a firewall that checks the communication from/to the Internet to/from the external devices. The internal level is protected by an additional firewall that filters the information and the communications between the external and the internal devices. This segmentation guarantees a trusted environment between the entities belonging to the internal network. In this paper, we propose an adaptive trust model that checks the behaviour of the entities and, through this model, in case the entities violate trust rules they can be put in quarantine or banned from the network.

PDF icon 1780.pdf (227.72 KB)
D. Ferraris, C. Fernandez-Gago, and J. Lopez, "A Trust-by-Design Framework for the Internet of Things",
2018 9th IFIP International Conference on New Technologies Mobility and Security (NTMS), IEEE, 04/2018. DOI More..

Abstract

The Internet of Things (IoT) is an environment of interconnected entities, that are identifiable, usable and controllable via the Internet. Trust is necessary in a system such as IoT as the entities involved should know the effect of interacting with other entities. Moreover, the entities must also be able to trust a system to reliably use it. An IoT system is composed of different entities from different vendors, each of them with a different purpose and a different lifecycle. So considering trust in the whole IoT system lifecycle is useful and necessary to guarantee a good service for the whole system. The heterogeneity and dynamicity of this field make it difficult to ensure trust in IoT. We propose a trust by design framework for including trust in the development of an IoT entity considering all the phases of the life-cycle. It is composed of the K-Model and transversal activities.

PDF icon 1684.pdf (165.19 KB)
D. Ferraris, D. Bastos, C. Fernandez-Gago, F. El-Moussa, and J. Lopez, "An Analysis of Trust in Smart Home Devices",
The 20th World Conference on Information Security Applications: WISA-Workshop 2019, Springer, In Press. More..

Abstract

In recent times, smart home devices like Amazon Echo and Google Home have reached mainstream popularity. These devices are intrinsically intrusive, being able to access user’s personal information. There are growing concerns about indiscriminate data collection and invasion of user privacy in smart home devices. Improper trust assumptions and security controls can lead to unauthorized access of the devices, which can have severe consequences (i.e. safety risks). In this paper, we analysed the behaviour of smart home devices with respect to trust relationships. We set up a smart home environment to evaluate how trust is built and managed. Then, we performed a number of interaction tests with different types of users (i.e. owner, guests). As a result, we were able to assess the effectiveness of the provided security controls and identify some relevant security issues. To address them, we defined a trust model and proposed a solution based on it for securing smart home devices.

PDF icon 1814.pdf (247.14 KB)
C. Fernandez-Gago, R. Roman, and J. Lopez, "A Survey on the Applicability of Trust Management Systems for Wireless Sensor Networks",
3rd International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU’07), IEEE Computer Society, pp. 25-30, 2007. DOI More..

Abstract

Trust plays an important role in human life environments and virtual organizations. In the context of a network, trust may help its elements to decide whether another member of the same network is being uncooperative or malicious. Trust becomes quite important in self-configurable and autonomous systems, such as wireless sensor networks (WSN). However, very little effort has been done in the field of trust management in WSN. On the other hand, some efforts have been made in quite related fields such as Ad-hoc and P2P networks. In this paper we give an overview of existing trust management solutions, mainly those developed for Ad-Hoc and P2P networks and, more importantly, investigate their suitability to WSN. We also provide some guidelines to aid the development of trust management systems for WSN according to the nature of these networks.

PDF icon FernandezGago2007.pdf (137.36 KB)
C. Fernandez-Gago, et al., "Tools for Cloud Accountability: A4Cloud Tutorial",
9th IFIP Summer School on Privacy and Identity Management for the Future Internet in the Age of Globalisation, vol. 457, Springer IFIP AICT, pp. 219-236, 2015. DOI More..

Abstract

Cloud computing is becoming a key IT infrastructure technology being adopted progressively by companies and users. Still, there are issues and uncertainties surrounding its adoption, such as security and how users data is dealt with that require attention from developers, researchers, providers and users. The A4Cloud project tries to help solving the problem of accountability in the cloud by providing tools that support the process of achieving accountability. This paper presents the contents of the first A4Cloud tutorial. These contents include basic concepts and tools developed within the project. In particular, we will review how metrics can aid the accountability process and some of the tools that the A4Cloud project will produce such as the Data Track Tool (DTT) and the Cloud Offering Advisory Tool (COAT).

PDF icon 1516.pdf (1.48 MB)
C. Fernandez-Gago, M. Fisher, and C. Dixon, "An Algorithm for Guiding Clausal Temporal Resolution",
4th International Workshop on Strategies in Automated Deduction (STRATEGIES’01), June, 2001. More..

Abstract

The clausal resolution method developed for discrete temporal log- ics involves translation to a normal form, classical resolution on formulae within states (termed step resolution) and temporal resolution between states. Step res- olution may generate an unnecessarily large set of clauses. In addition, the most expensive part of the method is the application of the temporal resolution oper- ation. In this paper we develop an algorithm to guide the search for the set of clauses needed for the application of temporal resolution. The algorithm is based on the outputs of a refined temporal resolution rule which allows us to generate temporal resolvents earlier within the process. In particular, this can also help us to avoid unnecessary step resolution and focus search for the most relevant clauses.

PDF icon Fernandez01.pdf (847.21 KB)
C. Fernandez-Gago, M. Fisher, and C. Dixon, "Algorithms for Guiding Clausal Temporal Resolution",
25th Conference on Artificial Intelligence (KI’02), LNAI 2479, Springer, pp. 235-249, September, 2002. More..

Abstract

Clausal temporal resolution is characterised by a translation of the formulae whose satisfiability is to be established to a normal form, step resolution (similar to classical resolution) on formulae occurring at the same states and temporal resolution between formulae describing properties over a longer period. The most complex part of the method occurs in searching for candidates for the temporal resolution operation, something that may need to be carried out several times. In this paper we consider a new technique for finding the candidates for the temporal resolution operation. Although related to the previously developed external search procedure, this new approach not only allows the temporal resolution operation to be carried out at any moment, but also simplifies any subsequent search required for similar temporal formulae. Finally, in contrast with previous approaches, this search can be seen as an inherent part of the resolution process, rather than an external procedure that is only called in certain situations.} year = {2002

PDF icon Fernandez02.pdf (228.08 KB)
C. Fernandez-Gago, et al., "A4Cloud Workshop: Accountability in the Cloud",
IFIP Sumer School 2015 on Privacy and Identity Management. Time for a Revolution?, vol. 476, AICT Series, Springer, pp. 61-78, 07/2016.
G. Fernandez, A. Nieto, and J. Lopez, "Modeling Malware-driven Honeypots",
14th International Conference On Trust, Privacy & Security In Digital Business (TrustBus 2017), vol. 10442, Springer International Publishing, pp. 130-144, 08/2017. DOI More..

Abstract

In this paper we propose the Hogney architecture for the deployment of malware-driven honeypots. This new concept refers to honeypots that have been dynamically configured according to the environment expected by malware. The adaptation mechanism designed here is built on services that offer up-to-date and relevant intelligence information on current threats. Thus, the Hogney architecture takes advantage of recent Indicators Of Compromise (IOC) and information about suspicious activity currently being studied by analysts. The information gathered from these services is then used to adapt honeypots to fulfill malware requirements, inviting them to unleash their full strength.

PDF icon 1656.pdf (406.21 KB)
G. Fernandez, and A. Nieto, "Configuración de honeypots adaptativos para análisis de malware",
III Jornadas Nacionales de Investigación en Ciberseguridad (JNIC 2017), Servicio de Publicaciones de la URJC, pp. 91-98, 06/2017. More..

Abstract

Este trabajo propone una arquitectura de despliegue de honeypots adaptativos, configurados dinámicamente a partir de los requisitos del malware que intenta infectar los servicios trampa. A diferencia de otros trabajos sobre honeypots adaptativos, los mecanismos de adaptabilidad aquí diseñados tomarán como base información de inteligencia sobre amenazas actuales, indicadores de compromiso (IOCs) conocidos, así como información de actividades sospechosas actualmente en estudio por los analistas. Este conocimiento será empleado para configurar honeypots de manera dinámica, permitiendo satisfacer los requisitos necesarios para que el malware pueda desplegar toda su operativa. 

PDF icon 1650.pdf (314.82 KB)
A. Farao, et al., "SealedGRID: A Secure Interconnection of Technologies for Smart Grid Applications",
14th International Conference on Critical Information Infrastructures Security (CRITIS 2019), vol. 11777, Springer, Cham, pp. 169-175, 12/2019. DOI More..

Abstract

In recent years, the Smart Grid has increasingly integrated cutting-edge technologies that generate several benefits for all the stakeholders involved, such as a more accurate billing system and enhanced Demand Response procedures. However, this modernization also brings with it diverse cyber security and privacy issues, which sets the necessity for developing a security platform specifically tailored to this scenario. In this paper, we present SealedGRID, which proposes a flexible architecture that provides security services at all levels by implementing Trusted Execution Environments on their devices, together with advanced authentication and authorization mechanisms, as well as privacy preserving techniques. These technologies are presented in depth and a final security analysis is conducted, which highlights the contributions of this project.