Publications

Export results:
Author [ Title(Desc)] Type Year
Filters: First Letter Of Last Name is O  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
A
J. A. Onieva, J. Zhou, J. Lopez, and M. Carbonell, "Agent-mediated non-repudiation protocols",
Electronic Commerce Research and Applications, vol. 3, no. 2, Elsevier, pp. 152-162, 2004. More..

Abstract

Non-repudiation is a security service that provides cryptographic evidence to support the settlement of disputes in electronic commerce. In commercial transactions, an intermediary (or agent) might be involved to help transacting parties to conduct their business. Nevertheless, such an intermediary may not be fully trusted. In this paper, we propose agent-mediated non-repudiation protocols and analyze their security requirements. We first present a simple scenario with only one recipient, followed by a more complicated framework where multiple recipients are involved and collusion between them is possible. We also identify applications that could take advantage of these agent-mediated non-repudiation protocols.

PDF icon Onieva2004a.pdf (196.82 KB)
J. Lopez, R. Oppliger, and G. Pernul, "Authentication and Authorization Infrastructures (AAIs): A Comparative Survey",
Computers & Security, vol. 23, no. 7, Elsevier, pp. 578-590, 2004. (I.F.: 0.412)More..

Abstract

In this article, we argue that traditional approaches for authorization and access control in computer systems (i.e., discretionary, mandatory, and role-based access controls) are not appropriate to address the requirements of networked or distributed systems, and that proper authorization and access control requires infrastructural support in one way or another. This support can be provided, for example, by an authentication and authorization infrastructure (AAI). Against this background, we overview, analyze, discuss, and put into perspective some technologies that can be used to build and operate AAIs. More specifically, we address Microsoft .NET Passport and some related activities (e.g. the Liberty Alliance Project), Kerberos-based solutions, and AAIs that are based on digital certificates and public key infrastructures (PKIs). We conclude with the observation that there is no single best approach for providing an AAI, that every approach has specific advantages and disadvantages, and that a comprehensive AAI must combine various technologies and approaches.

Impact Factor: 0.412
Journal Citation Reports® Science Edition (Thomson Reuters, 2004)

PDF icon JavierLopez2004.pdf (2.22 MB)
C
J. L. Ferrer-Gomilla, J. A. Onieva, M. Payeras, and J. Lopez, "Certified electronic mail: Properties revisited",
Computers & Security, vol. 29, no. 2, pp. 167 - 179, 2010. DOI (I.F.: 0.889)More..

Abstract

Certified electronic mail is an added value to traditional electronic mail. In the definition of this service some differences arise: a message in exchange for a reception proof, a message and a non repudiation of origin token in exchange for a reception proof, etc. It greatly depends on whether we want to emulate the courier service or improve the service in the electronic world. If the definition of the service seems conflictive, the definition of the properties and requirements of a good certified electronic mail protocol is even more difficult. The more consensuated features are the need of a fair exchange and the existence of a trusted third party (TTP). Each author chooses the properties that considers the most important, and many times the list is conditioned by the proposal. Which kind of TTP must be used? Must it be verifiable, transparent and/or stateless? Which features must the communication channel fulfil? Which temporal requirements must be established? What kind of fairness is desired? What efficiency level is required? Are confidentiality or transferability of the proofs compulsory properties? In this paper we collect the definitions, properties and requirements related with certified electronic mail. The aim of the paper is to create a clearer situation and analyze how some properties cannot be achieved simultaneously. Each protocol designer will have to decide which properties are the most important in the environment in where the service is to be deployed.

Impact Factor: 0.889
Journal Citation Reports® Science Edition (Thomson Reuters, 2010)

PDF icon FerrerGomilla2009.pdf (301.65 KB)
R. Rios, J. A. Onieva, and J. Lopez, "Covert Communications through Network Configuration Messages",
Computers & Security, vol. 39, Part A, Elsevier, pp. 34 - 46, Nov 2013. DOI (I.F.: 1.172)More..

Abstract

Covert channels are a form of hidden communication that may violate the integrity of systems. Since their birth in Multi-Level Security systems in the early 70’s they have evolved considerably, such that new solutions have appeared for computer networks mainly due to vague protocols specifications. In this paper we concentrate on short-range covert channels and analyze the opportunities of concealing data in various extensively used protocols today. From this analysis we observe several features that can be effectively exploited for subliminal data transmission in the Dynamic Host Configuration Protocol (DHCP). The result is a proof-of-concept implementation, HIDE\_DHCP, which integrates three different covert channels each of which accommodate to different stealthiness and capacity requirements. Finally, we provide a theoretical and experimental analysis of this tool in terms of its reliability, capacity, and detectability.

Impact Factor: 1.172
Journal Citation Reports® Science Edition (Thomson Reuters, 2013)

PDF icon rios2013a.pdf (565.05 KB)
E
J. A. Onieva, R. Rios, R. Roman, and J. Lopez, "Edge-Assisted Vehicular Networks Security",
IEEE Internet of Things Journal, vol. 6, issue 5, IEEE Computer Society, pp. 8038-8045, 10/2019. DOI (I.F.: 9.936)More..

Abstract

Edge Computing paradigms are expected to solve some major problems affecting current application scenarios that rely on Cloud computing resources to operate. These novel paradigms will bring computational resources closer to the users and by doing so they will not only reduce network latency and bandwidth utilization but will also introduce some attractive context-awareness features to these systems. In this paper we show how the enticing features introduced by Edge Computing paradigms can be exploited to improve security and privacy in the critical scenario of vehicular networks (VN), especially existing authentication and revocation issues. In particular, we analyze the security challenges in VN and describe three deployment models for vehicular edge computing, which refrain from using vehicular- to-vehicular communications. The result is that the burden imposed to vehicles is considerably reduced without sacrificing the security or functional features expected in vehicular scenarios.

Impact Factor: 9.936
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon onieva2019vec.pdf (416.43 KB)
F
A. Mana, J. Lopez, J. J. Ortega, E. Pimentel, and J. M. Troya, "A Framework for Secure Execution of Software",
International Journal of Information Security (IJIS), vol. 3, no. 2, Springer, pp. 99-112, 2004. More..

Abstract

    The protection of software applications is one of the most important problems to solve in information security because it has a crucial effect on other security issues.We can find in the literature many research initiatives that have tried to solve this problem, many of them based on the use of tamperproof hardware tokens. This type of solutions depends on two basic premises: (i) to increase the physical security by using tamperproof devices, and (ii) to increase the complexity of the analysis of the software. The first premise is reasonable. The second one is certainly related to the first one. In fact, its main goal is that the pirate user can not modify the software to bypass an operation that is crucial: checking the presence of the token. However, the experience shows that the second premise is not realistic because the analysis of the executable code is always possible. Moreover, the techniques used to obstruct the analysis process are not enough to discourage an attacker with average resources. In this paper, we review the most relevant works related to software protection, present a taxonomy of those works and, most important, we introduce a new and robust software protection scheme. This solution, called SmartProt, is based on the use of smart cards and cryptographic techniques, and its security relies only on the first of previous premises; that is, Smartprot has been designed to avoid attacks based on code analysis and software modification. The entire system is described following a lifecycle approach, explaining in detail the card setup, production, authorization, and execution phases. We also present some interesting applications of Smart- Prot as well as the protocols developed to manage licenses. Finally, we provide an analysis of its implementation details.

PDF icon AntonioMana2004.pdf (496.63 KB)
I
R. Roman, R. Rios, J. A. Onieva, and J. Lopez, "Immune System for the Internet of Things using Edge Technologies",
IEEE Internet of Things Journal, vol. 6, issue 3, IEEE Computer Society, pp. 4774-4781, 06/2019. DOI (I.F.: 9.936)More..

Abstract

The Internet of Things (IoT) and Edge Computing are starting to go hand in hand. By providing cloud services close to end-users, edge paradigms enhance the functionality of IoT deployments, and facilitate the creation of novel services such as augmented systems. Furthermore, the very nature of these paradigms also enables the creation of a proactive defense architecture, an immune system, which allows authorized immune cells (e.g., virtual machines) to traverse edge nodes and analyze the security and consistency of the underlying IoT infrastructure. In this article, we analyze the requirements for the development of an immune system for the IoT, and propose a security architecture that satisfies these requirements. We also describe how such a system can be instantiated in Edge Computing infrastructures using existing technologies. Finally, we explore the potential application of immune systems to other scenarios and purposes.

Impact Factor: 9.936
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon roman2018VIS.pdf (149.3 KB)
J. Lopez, A. Mana, J. J. Ortega, J. M. Troya, and M. I. Yague, "Integrating PMI Services in CORBA Applications",
Computer Standards & Interfaces, vol. 25, no. 4, pp. 391-409, 2003. (I.F.: 0.523)More..

Abstract

Application-level access control is an important requirement in many distributed environments. For instance, in new scenarios such as e-commerce, access to resources by previously unknown users is an essential problem to be solved. The integration of Privilege Management Infrastructure (PMI) services in the access control system represents a scalable way to solve this problem. Within the CORBA standards, the Resource Access Decision (RAD) facility is a mechanism used by security-aware applications to obtain authorization decisions and to manage access decision policies. This paper presents PMI-RAD, an approach to integrate the services of an external PMI into CORBA applications using the RAD facility. In particular, the integration of the external PMI in the access control system is based on the semantic description of the PMI services. Our RAD implementation requests and verifies attribute certificates from the PMI in a transparent way for CORBA objects.

Impact Factor: 0.523
Journal Citation Reports® Science Edition (Thomson Reuters, 2003)

PDF icon JavierLopez2003c.pdf (93.71 KB)
J. A. Onieva, J. Lopez, R. Roman, J. Zhou, and S. Gritzalis, "Integration of non-repudiation services in mobile DRM scenarios",
Telecommunications Systems, vol. 35, pp. 161-176, September, 2007. More..

Abstract

In any kind of electronic transaction, it is extremely important to assure that any of the parties involved can not deny their participation in the information exchange. This security property, which is called non-repudiation, becomes more important in Digital Rights Management (DRM) scenarios, where a consumer can freely access to certain contents but needs to obtain the proper Right Object (RO) from a vendor in order to process it. Any breach in this process could result on financial loss for any peer, thus it is necessary to provide a service that allows the creation of trusted evidence. Unfortunately, non-repudiation services has not been included so far in DRM specifications due to practical issues and the type of content distributed. In this paper we analyze how to allow the integration of non-repudiation services to a DRM framework, providing a set of protocols that allows the right objects acquisition to be undeniable, alongside with a proof-of-concept implementation and a validation process.

PDF icon JoseA.Onieva2007a.pdf (292.68 KB)
M
J. A. Onieva, J. Zhou, and J. Lopez, "Multi-Party Nonrepudiation: A survey",
ACM Comput. Surveys, vol. 41, no. 1, pp. 5, December, 2008. (I.F.: 9.92)More..

Abstract

Nonrepudiation is a security service that plays an important role in many Internet applications. Traditional two-party nonrepudiation has been studied intensively in the literature. This survey focuses on multiparty scenarios and provides a comprehensive overview. It starts with a brief introduction of fundamental issues on nonrepudiation, including the types of nonrepudiation service and cryptographic evidence, the roles of trusted third-party, nonrepudiation phases and requirements, and the status of standardization. Then it describes the general multiparty nonrepudiation problem, and analyzes state-of-the-art mechanisms. After this, it presents in more detail the 1-N multiparty nonrepudiation solutions for distribution of different messages to multiple recipients. Finally, it discusses advanced solutions for two typical multiparty nonrepudiation applications, namely, multiparty certified email and multiparty contract signing.

Impact Factor: 9.92
Journal Citation Reports® Science Edition (Thomson Reuters, 2008)

PDF icon JoseA.Onieva2008a.pdf (478.03 KB)
N
J. A. Onieva, J. Zhou, and J. Lopez, "Non-repudiation Protocols for Multiple Entities",
Computer Communications, vol. 27, no. 16, pp. 1608-1616, 2004. (I.F.: 0.574)More..

Abstract

Non-repudiation is a security service that provides cryptographic evidence to support the settlement of disputes. In this paper, we introduce the state-of-the-art of non-repudiation protocols for multiple entities. We extend an existing multi-party non-repudiation (MPNR) protocol to allow an originator to send different messages to many recipients in a single transaction. We further propose an optimistic multi-party non-repudiation protocol for exchange of different messages. The performance of our protocols with enhanced functionalities is still promising in comparison with existing MPNR protocols.

Impact Factor: 0.574
Journal Citation Reports® Science Edition (Thomson Reuters, 2004)

PDF icon Onieva2004c.pdf (217.87 KB)
O
J. Zhou, J. A. Onieva, and J. Lopez, "Optimised Multi-Party Certified Email Protocols",
Information Management & Computer Security Journal, vol. 13, no. 5, pp. 350-366, 2005. More..

Abstract

As a value-added service to deliver important data over the Internet with guaranteed receipt for each successful delivery, certified email has been discussed for years and a number of research papers appeared in the literature. But most of them deal with the two-party scenarios, i.e., there are only one sender and one recipient. In some applications, however, the same certified message may need to be sent to a set of recipients. In this paper, we presents two optimized multi-party certified email protocols. They have three major features. (1) A sender could notify multiple recipients of the same information while only those recipients who acknowledged are able to get the information. (2) Both the sender and the recipients can end a protocol run at any time without breach of fairness. (3) The exchange protocols are optimized, each of which have only three steps.

PDF icon Zhou2005.pdf (232.69 KB)
P
R. Rios, J. A. Onieva, R. Roman, and J. Lopez, "Personal IoT Privacy Control at the Edge",
IEEE Security & Privacy , vol. 20, issue 1, IEEE, In Press. DOI (I.F.: 3.573)More..

Abstract

This article introduces a privacy manager for IoT data based on Edge Computing. This poses the advantage that privacy is enforced before data leaves the control of the user, who is provided with a tool to express data sharing preferences based on a novel context-aware privacy language.

Impact Factor: 3.573
Journal Citation Reports® Science Edition (Thomson Reuters, 2020)

J. Lopez, A. Mana, J. A. Montenegro, and J. J. Ortega, "PKI Design Based on the Use of On-line Certification Authorities",
International Journal of Information Security (IJIS), vol. 2, no. 2, Springer, pp. 91-102, 2004. More..

Abstract

Public-Key Infrastructures (PKIs) are considered the basis of the protocols and tools needed to guarantee the security demanded for new Internet applications like electronic commerce, government-citizen relationships and digital distribution. This paper introduces a new infrastructure design, Cert’eM, a key management and certification system that is based on the structure of the electronic mail service and on the principle of near-certification. Cert’eM provides secure means to identify users and distribute their public-key certificates, enhances the efficiency of revocation procedures, and avoids scalability and synchronization problems. Because we have considered the revocation problem as priority in the design process, and with a big influence in the rest of the PKI components, we have developed an alternative solution to the use of Certificate Revocation Lists (CRLs), which has become one of the strongest points in this new scheme.

PDF icon JavierLopez2004b.pdf (283.07 KB)
S
J. Lopez, J. J. Ortega, and J. M. Troya, "Security Protocols Analysis: A SDL-based Approach",
Computer Standards & Interfaces, vol. 27, no. 3, Elsevier, pp. 489-499, 2005. (I.F.: 0.62)More..

Abstract

Organizations need to develop formally analyzed systems in order to achieve well-known formal method benefits. In order to study the security of communication systems, we have developed a methodology for the application of the formal analysis techniques, commonly used in communication protocols, to the analysis of cryptographic protocols. In particular, we have extended the design and analysis phases with security properties. Our proposal uses a specification notation based on one of the most used standard requirement languages HMSC/MSC, which can be automatically translated into a generic SDL specification. The SDL system obtained can then be used for the analysis of the addressed security properties, by using an observer process schema. Besides our main goal to provide a notation for describing the formal specification of security systems, our proposal also brings additional benefits, such as the study of the possible attacks to the system, and the possibility of re-using the specifications produced to describe and analyse more complex systems.

Impact Factor: 0.62
Journal Citation Reports® Science Edition (Thomson Reuters, 2005)

PDF icon JavierLopez2005b.pdf (181.92 KB)
J. Lopez, J. A. Montenegro, J. L. Vivas, E. Okamoto, and E. Dawson, "Specification and Design of Advanced Authentication and Authorization Services",
Computer Standards & Interfaces, vol. 27, no. 5, Elsevier, pp. 467-478, Jun 2005. DOI (I.F.: 0.62)More..

Abstract

A challenging task in security engineering concerns the specification and integration of security with other requirements at the top level of requirements engineering. Empirical studies show that it is common at the business process level that customers and end users are able to express their security needs. Among the security needs of Internet applications, authentication and authorization services are outstanding and, sometimes, privacy becomes a parallel requirement. In this paper, we introduce a methodology for the specification of security requirements and use a case study to apply our solution. We further detail the resulting system after extending it with an Authentication and Authorization Infrastructure.

Impact Factor: 0.62
Journal Citation Reports® Science Edition (Thomson Reuters, 2005)

PDF icon javierlopez2005c.pdf (210.49 KB)
U
J. Lopez, A. Mana, J. J. Ortega, and L. Pino, "Una Solución Integral para la Autenticación de Usuarios y la Administración de Claves en Internet",
Novática, vol. 134, pp. 20-26, 1998. More..

Abstract

La seguridad es uno de los aspectos más conflictivos del uso de Internet. La falta de una política de seguridad global está frenando el desarrollo de Internet en áreas tan interesantes y prometedoras como el comercio electrónico o la interacción con las administraciones públicas. Las técnicas criptográficas actuales proporcionan un alto grado de confidencialidad; no obstante, es difícil garantizar la identificación segura de los usuarios y, además, la gestión de las claves de los mismos es poco eficiente y presenta graves problemas de escalabilidad y seguridad. En este trabajo se describe una solución a ambos problemas basada en una Infraestructura de Clave Pública que proporciona una administración simple y eficiente de las claves de los usuarios y posibilita la autenticación segura de los mismos. El sistema se ha probado con éxito de forma local y, en breve, será instalado para su prueba por parte de la comunidad de usuarios de RedIris.

PDF icon JavierLopez1998.pdf (174.34 KB)
V
S. Rusell, E. Dawson, E. Okamoto, and J. Lopez, "Virtual Certificates and Synthetic Certificates: New Paradigms for Improving Public Key Validation",
Computer Communications, vol. 26, no. 16, Elsevier, pp. 1826-1838, 2003. (I.F.: 0.508)More..

Abstract

The certificate paradigm is applied recursively to obtain the public keys of a number of Certification Authorities and, accordingly, to obtain the public keys of a number of final entities. Thus, validation of the authorized public key of a party in a network transaction is commonly based on processing the certificate chain descended from a trusted root issuer, involving non-negligible time and cost. Those chains become long in communications between large organizations, which is the typical case of e-commerce and e-government applications. The process of validation of extensive chains introduces performance problems in two aspects: signature verification and revocation checking. That is, the repeated processing of long chains of certificates creates severe efficiency problems. This fact causes that most of the advantages provided by Public Key Infrastructures (PKIs) are not conveniently exploited. In this paper we analyze the scenarios in which large volumes of digitally signed transactions between commercial entities exist. These cases require of interoperation among PKIs. We show that solutions available in those scenarios still involve processing of too long chains of certificates, either at the receiving computer or by an outsourced entity. For this reason, we propose new concepts of virtual certificate and synthetic certificate for faster and less costly processing of certificate chains. In this way, communications in a certificate-based intercommunity can be highly improved. We also show how these types of certificates can be applied in practice.

Impact Factor: 0.508
Journal Citation Reports® Science Edition (Thomson Reuters, 2003)

PDF icon SelwynRusell2003.pdf (227.92 KB)
W
J. Lopez, R. Oppliger, and G. Pernul, "Why Public Key Infrastructures have failed so far?",
Internet Research, vol. 15, no. 5, Emerald, pp. 544-556, 2005. (I.F.: 0.688)More..

Abstract

Since public key cryptography is a fundamental technology for electronic commerce, people have often argued that public key infrastructures and corresponding certification services are the gold-mines of the information age. Contrary to these relatively high expectations, public key infrastructures have not really taken off and many certification service providers have even gone out of business. In this paper, we overview and discuss the technical, economical, legal, and social reasons why public key infrastructures have failed so far, summarize the lessons learnt, and give our expectations about the future development of the field.

Impact Factor: 0.688
Journal Citation Reports® Science Edition (Thomson Reuters, 2005)

PDF icon JavierLopez2005.pdf (101.63 KB)