Publications

Export results:
Author [ Title(Desc)] Type Year
Filters: First Letter Of Last Name is R  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
A
J. Lopez, and J. E. Rubio, "Access control for cyber-physical systems interconnected to the cloud",
Computer Networks, vol. 134, Elsevier, pp. 46 - 54, 2018. DOI (I.F.: 3.03)More..
Impact Factor: 3.03
Journal Citation Reports® Science Edition (Thomson Reuters, 2018)

PDF icon LOPEZ201846.pdf (311.96 KB)
R. Roman, et al., "Advanced Secure Multimedia Services for Digital Homes",
Information Systems Frontiers, vol. 14, Springer, pp. 527-540, July 2012. DOI (I.F.: 0.851)More..

Abstract

Our society is becoming increasingly more IT-oriented, and the images and sounds that reflect our daily life are being stored mainly in a digital form. This digital personal life can be part of the home multimedia contents, and users demand access and possibly share these contents (such as photographs, videos, and music) in an ubiquitous way: from any location and with any device. The purpose of this article is twofold. First, we introduce the Feel@Home system, whose main objective is to enable the previously mentioned vision of an ubiquitous digital personal life. Second, we describe the security architecture of Feel@Home, analyzing the security and privacy requirements that identify which threats and vulnerabilities must be considered, and deriving the security building blocks that can be used to protect both IMS-based and VPN-based solutions.

Impact Factor: 0.851
Journal Citation Reports® Science Edition (Thomson Reuters, 2012)

PDF icon Roman2010a.pdf (1.36 MB)
R. Rios, and J. Lopez, "Analysis of Location Privacy Solutions in Wireless Sensor Networks",
IET Communications, vol. 5, Institution of Engineering and Technology, pp. 2518 - 2532, Nov 2011. DOI (I.F.: 0.829)More..

Abstract

Extensive work has been done on the protection of Wireless Sensor Networks (WSNs) from the hardware to the application layer. However, only recently, the privacy preservation problem has drawn the attention of the research community because of its challenging nature. This problem is exacerbated in the domain of WSNs due to the extreme resource limitation of sensor nodes. In this paper we focus on the location privacy problem in WSNs, which allows an adversary to determine the location of nodes of interest to him. We provide a taxonomy of solutions based on the power of the adversary and the main techniques proposed by the various solutions. In addition, we describe and analyse the advantages and disadvantages of different approaches. Finally, we discuss some open challenges and future directions of research.

Impact Factor: 0.829
Journal Citation Reports® Science Edition (Thomson Reuters, 2011)

PDF icon Rios2011a.pdf (597.01 KB)
D. G. Rosado, E. Fernandez-Medina, J. Lopez, and M. Piattini, "Analysis of Secure Mobile Grid Systems: A Systematic Approach",
Information and Software Technology, vol. 52, Elsevier, pp. 517-536, May 2010. DOI (I.F.: 1.527)More..

Abstract

Developing software through systematic processes is becoming more and more important due to the growing complexity of software development. It is important that the development process used integrates security aspects from the first stages at the same level as other functional and non-functional requirements. Systems which are based on Grid Computing are a kind of systems that have clear differentiating features in which security is a highly important aspect. The Mobile Grid, which is relevant to both Grid and Mobile Computing, is a full inheritor of the Grid with the additional feature that it supports mobile users and resources. A development methodology for Secure Mobile Grid Systems is proposed in which the security aspects are considered from the first stages of the life-cycle and in which the mobile Grid technological environment is always present in each activity. This paper presents the analysis activity, in which the requirements (focusing on the grid, mobile and security requirements) of the system are specified and which is driven by reusable use cases through which the requirements and needs of these systems can be defined. These use cases have been defined through a UML-extension for security use cases and Grid use cases which capture the behaviour of this kind of systems. The analysis activity has been applied to a real case.

Impact Factor: 1.527
Journal Citation Reports® Science Edition (Thomson Reuters, 2010)

R. Roman, J. Zhou, and J. Lopez, "An Anti-spam Scheme Using Pre-challenges",
Computer Communications, vol. 29, no. 15, Elsevier, pp. 2739-2749, 2006. DOI (I.F.: 0.444)More..

Abstract

Unsolicited Commercial Email, or Spam, is nowadays an increasingly serious problem to email users. A number of anti-spam schemes have been proposed in the literature and some of them have been deployed in email systems, but the problem has yet been well addressed. One of those schemes is challenge-response, in which a challenge, ranging from a simple mathematical problem to a hard-AI problem, is imposed on an email sender in order to forbid machine-based spam reaching receivers’ mailboxes. However, such a scheme introduces new problems for the users, e.g., delay of service and denial of service. In this paper, we introduce the pre-challenge scheme, which is based on the challenge-response mechanism and takes advantage of some features of email systems. It assumes each user has a challenge that is defined by the user himself/herself and associated with his/her email address, in such a way that an email sender can simultaneously retrieve a new receiver’s email address and challenge before sending an email in the first contact. Some new mechanisms are employed in our scheme to reach a good balance between security against spam and convenience to normal email users. Our scheme can be also used for protecting other messaging systems, like Instant Messaging and Blog comments.

Impact Factor: 0.444
Journal Citation Reports® Science Edition (Thomson Reuters, 2006)

PDF icon Roman2006a.pdf (355.8 KB)
B
C. Alcaraz, J. E. Rubio, and J. Lopez, "Blockchain-Assisted Access for Federated Smart Grid Domains: Coupling and Features",
Journal of Parallel and Distributed Computing, vol. 144, Elsevier, pp. 124-135, 06/2020. (I.F.: 3.734)More..
Impact Factor: 3.734
Journal Citation Reports® Science Edition (Thomson Reuters, 2020)

PDF icon Alcaraz2020a.pdf (2.53 MB)
C
R. Roman, J. Zhou, and J. Lopez, "Casual Virtual Private Network",
International Journal of Computer Systems Science & Engineering, vol. 3, CRL Publishing, pp. 185-192, 2005. (I.F.: 0.119)More..

Abstract

Virtual Private Networks (VPNs) provide a cost-effective way for securing communications using public and insecure networks like the Internet. The main purpose of a VPN is to securely and transparently connect two or more remote networks to form virtually a single network, using centralized security policies for better management and protection. However, in certain scenarios, users may not require such a transparent access to the resources within their networks, but only want temporary secure access to internal services based on their own demands. We call the network architecture with such a feature as Casual VPN. In this paper, we present the notion of Casual VPN, and explain why traditional VPN architectures and protocols are unable to offer Casual VPN services. We also propose and define the operation of a particular Casual VPN architecture, C-VPN, which additionally allows the management of TCP and UDP-based protocols.

Impact Factor: 0.119
Journal Citation Reports® Science Edition (Thomson Reuters, 2005)

PDF icon Roman2005f.pdf (501.2 KB)
G. Ramos, J. Lopez, and R. Morales, "Comparisons of Parikh’s conditions to other conditions for context-free languages",
Theoretical Computer Science, vol. 202, no. 1-2, Elsevier, pp. 231-244, 1998. (I.F.: 0.349)More..

Abstract

  this paper we first compare Parikh’s condition to various pumping conditions - Bar- Hillel’s pumping lemma, Ogden’s condition and Bader-Moura’s condition; secondly, to interchange condition; and finally, to Sokolowski’s and Grant“s conditions. In order to carry out these comparisons we present some properties of Parikh’s languages. The main result is the orthogonality of the previously mentioned conditions and Parikh’s condition. In

Impact Factor: 0.349
Journal Citation Reports® Science Edition (Thomson Reuters, 1998)

PDF icon GonzaloRamos1998.pdf (792.29 KB)
R. Rios, J. A. Onieva, and J. Lopez, "Covert Communications through Network Configuration Messages",
Computers & Security, vol. 39, Part A, Elsevier, pp. 34 - 46, Nov 2013. DOI (I.F.: 1.172)More..

Abstract

Covert channels are a form of hidden communication that may violate the integrity of systems. Since their birth in Multi-Level Security systems in the early 70’s they have evolved considerably, such that new solutions have appeared for computer networks mainly due to vague protocols specifications. In this paper we concentrate on short-range covert channels and analyze the opportunities of concealing data in various extensively used protocols today. From this analysis we observe several features that can be effectively exploited for subliminal data transmission in the Dynamic Host Configuration Protocol (DHCP). The result is a proof-of-concept implementation, HIDE\_DHCP, which integrates three different covert channels each of which accommodate to different stealthiness and capacity requirements. Finally, we provide a theoretical and experimental analysis of this tool in terms of its reliability, capacity, and detectability.

Impact Factor: 1.172
Journal Citation Reports® Science Edition (Thomson Reuters, 2013)

PDF icon rios2013a.pdf (565.05 KB)
R. Roman, J. Lopez, and P. Najera, "A Cross-layer Approach for Integrating Security Mechanisms in Sensor Networks Architectures",
Wireless Communications and Mobile Computing, vol. 11, Wiley, pp. 267-276, 2011. DOI (I.F.: 0.884)More..

Abstract

The wireless sensor networks (WSN) paradigm is especially vulnerable against external and internal attacks. Therefore, it is necessary to develop security mechanisms and protocols to protect them. These mechanisms must become an integral part of the software architecture and network stack of a sensor node. A question that remains is how to achieve this integration. In this paper we check how both academic and industrial solutions tackle this issue, and we present the concept of a transversal layer, where all the different security mechanisms could be contained. This way, all the elements of the architecture can interact with the security mechanisms, and the security mechanisms can have a holistic point of view of the whole architecture. We discuss the advantages of this approach, and also present how the transversal layer concept was applied to a real middleware architecture.

Impact Factor: 0.884
Journal Citation Reports® Science Edition (Thomson Reuters, 2011)

PDF icon Roman2010.pdf (243.44 KB)
J. E. Rubio, C. Alcaraz, R. Roman, and J. Lopez, "Current Cyber-Defense Trends in Industrial Control Systems",
Computers & Security Journal, vol. 87, Elsevier, 11/2019. DOI (I.F.: 3.579)More..

Abstract

Advanced Persistent Threats (APTs) have become a serious hazard for any critical infrastructure, as a single solution to protect all industrial assets from these complex attacks does not exist. It is then essential to understand what are the defense mechanisms that can be used as a first line of defense. For this purpose, this article will firstly study the spectrum of attack vectors that APTs can use against existing and novel elements of an industrial ecosystem. Afterwards, this article will provide an analysis of the evolution and applicability of Intrusion Detection Systems (IDS) that have been proposed in both the industry and academia.

Impact Factor: 3.579
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon rub2019cose.pdf (190.71 KB)
J. E. Rubio, C. Alcaraz, R. Roman, and J. Lopez, "Current Cyber-Defense Trends in Industrial Control Systems",
Computers & Security Journal, vol. 87, Elsevier, 11/2019. DOI (I.F.: 3.579)More..

Abstract

Advanced Persistent Threats (APTs) have become a serious hazard for any critical infrastructure, as a single solution to protect all industrial assets from these complex attacks does not exist. It is then essential to understand what are the defense mechanisms that can be used as a first line of defense. For this purpose, this article will firstly study the spectrum of attack vectors that APTs can use against existing and novel elements of an industrial ecosystem. Afterwards, this article will provide an analysis of the evolution and applicability of Intrusion Detection Systems (IDS) that have been proposed in both the industry and academia.

Impact Factor: 3.579
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon rub2019cose.pdf (190.71 KB)
A. Nieto, and R. Rios, "Cybersecurity Profiles based on Human-Centric IoT Devices",
Human-centric Computing and Information Sciences, vol. 9, no. 1, Springer, pp. 1-23, 2019. DOI (I.F.: 3.7)More..
Impact Factor: 3.7
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon HFNR2019.pdf (2.92 MB)
D
D. G. Rosado, E. Fernandez-Medina, J. Lopez, and M. Piattini, "Developing a Secure Mobile Grid System through a UML Extension",
Journal of Universal Computer Science, vol. 16, no. 17, Springer, pp. 2333-2352, Sep 2010. DOI (I.F.: 0.578)More..

Abstract

The idea of developing software through systematic development processes toimprove software quality is not new. Nevertheless, there are still many information systemssuch as those of Grid Computing which are not developed through methodologies that areadapted to their most differentiating features. A systematic development process for Gridsystems that supports the participation of mobile nodes and incorporates security aspects intothe entire software lifecycle will thus play a significant role in the development of systemsbased on Grid computing. We are creating a development process for the construction ofinformation systems based on Grid Computing, which is highly dependent on mobile devices,in which security plays a highly important role. One of the activities in this process is that ofanalysis which is focused on ensuring that the system’s security and functional requirements areelicited, specified and modelled. In our approach, this activity is driven by use cases andsupported by the reusable repository. This obtains, builds, defines and refines the use cases ofthe secure Mobile Grid systems which represent the functional and non-functional requirementsof this kind of systems. In this paper, we present the proposed development process throughwhich we introduce the main aspects of the UML profile defined for building use case diagramsin the mobile Grid context through which it is possible to represent specific mobile Gridfeatures and security aspects, showing in detail how to build use case diagrams for a real mobile Grid application by using our UML profile, denominated as GridUCSec-Profile.

Impact Factor: 0.578
Journal Citation Reports® Science Edition (Thomson Reuters, 2010)

J. Lopez, J. E. Rubio, and C. Alcaraz, "Digital Twins for Intelligent Authorization in the B5G-enabled Smart Grid",
IEEE Wireless Communications, vol. 28, issue 2, IEEE, pp. 48-55, 04/2021. DOI (I.F.: 11.979)More..

Abstract

Beyond fifth generation (B5G) communication networks and computation paradigms in the edge are expected to be integrated into power grid infrastructures over the coming years. In this sense, AI technologies will play a fundamental role to efficiently manage dynamic information flows of future applications, which impacts the authorization policies applied in such a complex scenario. This article studies how digital twins can evolve their context awareness capabilities and simulation technologies to anticipate faults or to detect cyber-security issues in real time, and update access control policies accordingly. Our study analyzes the evolution of monitoring platforms and architecture decentralization, including the application of machine learning and blockchain technologies in the smart grid, toward the goal of implementing autonomous and self-learning agents in the medium and long term. We conclude this study with future challenges on applying digital twins to B5G-based smart grid deployments.

Impact Factor: 11.979
Journal Citation Reports® Science Edition (Thomson Reuters, 2020)

A. Nieto, R. Roman, and J. Lopez, "Digital Witness: Digital Evidence Management Framework for the Internet of Things",
ERCIM News, no. 106, ERCIM EEIG, pp. 9-9, 07/2016.
A. Nieto, R. Roman, and J. Lopez, "Digital Witness: Safeguarding Digital Evidence by using Secure Architectures in Personal Devices",
IEEE Network, IEEE Communications Society, pp. 12-19, 2016. DOI (I.F.: 7.230)More..

Abstract

Personal devices contain electronic evidence associated with the behaviour of their owners and other devices in their environment, which can help clarify the facts of a cyber-crime scene. These devices are usually analysed as containers of proof. However, it is possible to harness the boom of personal devices to define the concept of digital witnesses, where personal devices are able to actively acquire, store, and transmit digital evidence to an authorised entity, reliably and securely. This article introduces this novel concept, providing a preliminary analysis on the management of digital evidence and the technologies that can be used to implement it with security guarantees in IoT environments. Moreover, the basic building blocks of a digital witness are defined.

Impact Factor: 7.230
Journal Citation Reports® Science Edition (Thomson Reuters, 2016)

PDF icon ieeenet16-nrl.pdf (1002.02 KB)
J. Davila, J. Lopez, and F. Rosello, "Diseño de Protocolos de No-Repudio",
Revista SIC: Seguridad en Informática y Comunicaciones, vol. 38, pp. 1-5, 2000.
E
J. A. Onieva, R. Rios, R. Roman, and J. Lopez, "Edge-Assisted Vehicular Networks Security",
IEEE Internet of Things Journal, vol. 6, issue 5, IEEE Computer Society, pp. 8038-8045, 10/2019. DOI (I.F.: 9.936)More..

Abstract

Edge Computing paradigms are expected to solve some major problems affecting current application scenarios that rely on Cloud computing resources to operate. These novel paradigms will bring computational resources closer to the users and by doing so they will not only reduce network latency and bandwidth utilization but will also introduce some attractive context-awareness features to these systems. In this paper we show how the enticing features introduced by Edge Computing paradigms can be exploited to improve security and privacy in the critical scenario of vehicular networks (VN), especially existing authentication and revocation issues. In particular, we analyze the security challenges in VN and describe three deployment models for vehicular edge computing, which refrain from using vehicular- to-vehicular communications. The result is that the burden imposed to vehicles is considerably reduced without sacrificing the security or functional features expected in vehicular scenarios.

Impact Factor: 9.936
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon onieva2019vec.pdf (416.43 KB)
J. A. Onieva, R. Rios, R. Roman, and J. Lopez, "Edge-Assisted Vehicular Networks Security",
IEEE Internet of Things Journal, vol. 6, issue 5, IEEE Computer Society, pp. 8038-8045, 10/2019. DOI (I.F.: 9.936)More..

Abstract

Edge Computing paradigms are expected to solve some major problems affecting current application scenarios that rely on Cloud computing resources to operate. These novel paradigms will bring computational resources closer to the users and by doing so they will not only reduce network latency and bandwidth utilization but will also introduce some attractive context-awareness features to these systems. In this paper we show how the enticing features introduced by Edge Computing paradigms can be exploited to improve security and privacy in the critical scenario of vehicular networks (VN), especially existing authentication and revocation issues. In particular, we analyze the security challenges in VN and describe three deployment models for vehicular edge computing, which refrain from using vehicular- to-vehicular communications. The result is that the burden imposed to vehicles is considerably reduced without sacrificing the security or functional features expected in vehicular scenarios.

Impact Factor: 9.936
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon onieva2019vec.pdf (416.43 KB)
J. Zhou, W-Y. Chin, R. Roman, and J. Lopez, "An Effective Multi-layered Defense Framework Against Spam",
Information Security Technical Report, vol. 12, no. 3, Elsevier, pp. 179-185, 2007. DOI More..

Abstract

Spam is a big problem for email users. The battle between spamming and anti-spamming technologies has been going on for many years. Though many advanced anti-spamming technologies are progressing significantly, spam is still able to bombard many email users. The problem worsens when some anti-spamming methods unintentionally filtered legitimate emails instead! In this paper, we first review existing anti-spam technologies, then propose a layered defense framework using a combination of anti-spamming methods. Under this framework, the server-level defense is targeted for common spam while the client-level defense further filters specific spam for individual users. This layered structure improves on filtering accuracy and yet reduces the number of false positives. A sub-system using our pre-challenge method is implemented as an add-on in Microsoft Outlook 2002. In addition, we extend our client-based pre-challenge method to a domain-based solution thus further reducing the individual email users’ overheads.

PDF icon Zhou2007.pdf (549.17 KB)
D. Galindo, R. Roman, and J. Lopez, "On the Energy Cost of Authenticated Key Agreement in Wireless Sensor Networks",
Wireless Communications and Mobile Computing, vol. 12, Wiley, pp. 133-143, Jan 2012. DOI (I.F.: 0.863)More..

Abstract

Wireless sensors are battery-powered devices which are highly constrained in terms of computational capabilities, memory and communication bandwidth. While battery life is their main limitation, they require considerable energy to communicate data. Due to this, it turns out that the energy saving of computationally inexpensive primitives (like symmetric key cryptography (SKC)) can be nullified by the bigger amount of data they require to be sent. In this work, we study the energy cost of key agreement protocols between peers in a network using asymmetric key cryptography. Our main concern is to reduce the amount of data to be exchanged, which can be done by using special cryptographic paradigms like identity-based and self-certified cryptography. The main news is that an intensive computational primitive for resource-constrained devices, such as non-interactive identity-based authenticated key exchange, performs comparably or even better than traditional authenticated key exchange (AKE) in a variety of scenarios. Moreover, protocols based in this primitive can provide better security properties in real deployments than other simple protocols based on symmetric cryptography. Our findings illustrate to what extent the latest implementation advancements push the efficiency boundaries of public key cryptography (PKC) in wireless sensor networks (WSNs).

Impact Factor: 0.863
Journal Citation Reports® Science Edition (Thomson Reuters, 2012)

PDF icon Galindo2010.pdf (261.6 KB)
R. Roman, J. Lopez, and S. Gritzalis, "Evolution and Trends in the Security of the Internet of Things",
IEEE Computer, vol. 51, issue 7, IEEE Computer Society, pp. 16-25, 07/2018. DOI (I.F.: 3.564)More..
Impact Factor: 3.564
Journal Citation Reports® Science Edition (Thomson Reuters, 2018)

J. Lopez, R. Rios, F. Bao, and G. Wang, "Evolving privacy: From sensors to the Internet of Things",
Future Generation Computer Systems, vol. 75, Elsevier, pp. 46–57, 10/2017. DOI (I.F.: 4.639)More..

Abstract

The Internet of Things (IoT) envisions a world covered with billions of smart, interacting things capable of offering all sorts of services to near and remote entities. The benefits and comfort that the IoT will bring about are undeniable, however, these may come at the cost of an unprecedented loss of privacy. In this paper we look at the privacy problems of one of the key enablers of the IoT, namely wireless sensor networks, and analyse how these problems may evolve with the development of this complex paradigm. We also identify further challenges which are not directly associated with already existing privacy risks but will certainly have a major impact in our lives if not taken into serious consideration. 

Impact Factor: 4.639
Journal Citation Reports® Science Edition (Thomson Reuters, 2017)

PDF icon Lopez2017iotpriv.pdf (440.5 KB)
R. Rios, and J. Lopez, "Exploiting Context-Awareness to Enhance Source-Location Privacy in Wireless Sensor Networks",
The Computer Journal, vol. 54, Oxford University Press, pp. 1603-1615, Sept 2011. DOI (I.F.: 0.785)More..

Abstract

The source-location privacy problem in Wireless Sensor Networks has been traditionally tackled by the creation of random routes for every packet transmitted from the source nodes to the base station. These schemes provide a considerable protection level at a high cost in terms of message delivery time and energy consumption. This overhead is due to the fact that the data routing process is done in a blind way, without knowledge about the location of the attacker. In this work we propose the Context-Aware Location Privacy (CALP) approach, which takes advantage of the ability of sensor nodes to perceive the presence of a mobile adversary in their vicinity in order to transmit data packets in a more energy-efficient and privacy-preserving manner. In particular, we apply the concepts of CALP to the development of a shortest-path CALP routing algorithm. A permissive and a strict version of the protocol are studied for different adversarial models and the proposed schemes are evaluated through simulation experiments in terms of privacy protection and energy consumption. Finally, we present the conclusions of the paper as well as possible extensions of this work.

Impact Factor: 0.785
Journal Citation Reports® Science Edition (Thomson Reuters, 2011)

PDF icon Rios2011b.pdf (573.86 KB)
F
H. Tsunoda, R. Roman, J. Lopez, and G. Mansfield Keeni, "Feasibility of Societal Model for Securing Internet of Things",
KSII Transactions on Internet and Information Systems, vol. 12, no. 8, KSII, pp. 3567-3588, 08/2018. DOI (I.F.: 0.711)More..

Abstract

In the Internet of Things (IoT) concept, devices communicate autonomously with applications in the Internet. A significant aspect of IoT that makes it stand apart from present-day networked devices and applications is a) the very large number of devices, produced by diverse makers and used by an even more diverse group of users; b) the applications residing and functioning in what were very private sanctums of life e.g. the car, home, and the people themselves. Since these diverse devices require high-level security, an operational model for an IoT system is required, which has built-in security. We have proposed the societal model as a simple operational model. The basic concept of the model is borrowed from human society – there will be infants, the weak and the handicapped who need to be protected by guardians. This natural security mechanism works very well for IoT networks which seem to have inherently weak security mechanisms. In this paper, we discuss the requirements of the societal model and examine its feasibility by doing a proof-of-concept implementation.

Impact Factor: 0.711
Journal Citation Reports® Science Edition (Thomson Reuters, 2018)

R. Roman, J. Zhou, and J. Lopez, "On the features and challenges of security and privacy in distributed internet of things",
Computer Networks, vol. 57, Elsevier, pp. 2266–2279, July 2013. DOI (I.F.: 1.282)More..

Abstract

In the Internet of Things, services can be provisioned using centralized architectures, where central entities acquire, process, and provide information. Alternatively, distributed architectures, where entities at the edge of the network exchange information and collaborate with each other in a dynamic way, can also be used. In order to understand the applicability and viability of this distributed approach, it is necessary to know its advantages and disadvantages – not only in terms of features but also in terms of security and privacy challenges. The purpose of this paper is to show that the distributed approach has various challenges that need to be solved, but also various interesting properties and strengths.

Impact Factor: 1.282
Journal Citation Reports® Science Edition (Thomson Reuters, 2013)

PDF icon roman2013iot.pdf (407.59 KB)
G
C. Alcaraz, G. Fernandez, R. Roman, A. Balastegui, and J. Lopez, "Gestión segura de redes SCADA",
Nuevas tendencias en gestión de redes, Novática, no. 196, CEPIS, pp. 20-25, December, 2008. More..

Abstract

En el momento que se introduce en el mercado nuevas tecnologías basadas en entornos distribuidos comienzan a surgir en paralelo nuevos problemas de seguridad en los sistemas SCADA (Supervisory Control and Data Acquisition), los cuales monitorizan y gestionan otras infraestructuras de gran complejidad y escala. Un fallo o una interrupción en uno de sus componentes podría suponer un impacto negativo sobre la funcionalidad de otras infraestructuras, por lo que se hace necesario realizar frecuentes análisis de seguridad para así mantener actualizado el conocimiento y proveer recomendaciones y/o soluciones para mitigar o evitar futuras ocurrencias, garantizando una gestión de red fiable y siempre disponible.

PDF icon Alcaraz2008a.pdf (329.92 KB)
I
R. Roman, R. Rios, J. A. Onieva, and J. Lopez, "Immune System for the Internet of Things using Edge Technologies",
IEEE Internet of Things Journal, vol. 6, issue 3, IEEE Computer Society, pp. 4774-4781, 06/2019. DOI (I.F.: 9.936)More..

Abstract

The Internet of Things (IoT) and Edge Computing are starting to go hand in hand. By providing cloud services close to end-users, edge paradigms enhance the functionality of IoT deployments, and facilitate the creation of novel services such as augmented systems. Furthermore, the very nature of these paradigms also enables the creation of a proactive defense architecture, an immune system, which allows authorized immune cells (e.g., virtual machines) to traverse edge nodes and analyze the security and consistency of the underlying IoT infrastructure. In this article, we analyze the requirements for the development of an immune system for the IoT, and propose a security architecture that satisfies these requirements. We also describe how such a system can be instantiated in Edge Computing infrastructures using existing technologies. Finally, we explore the potential application of immune systems to other scenarios and purposes.

Impact Factor: 9.936
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon roman2018VIS.pdf (149.3 KB)
R. Roman, R. Rios, J. A. Onieva, and J. Lopez, "Immune System for the Internet of Things using Edge Technologies",
IEEE Internet of Things Journal, vol. 6, issue 3, IEEE Computer Society, pp. 4774-4781, 06/2019. DOI (I.F.: 9.936)More..

Abstract

The Internet of Things (IoT) and Edge Computing are starting to go hand in hand. By providing cloud services close to end-users, edge paradigms enhance the functionality of IoT deployments, and facilitate the creation of novel services such as augmented systems. Furthermore, the very nature of these paradigms also enables the creation of a proactive defense architecture, an immune system, which allows authorized immune cells (e.g., virtual machines) to traverse edge nodes and analyze the security and consistency of the underlying IoT infrastructure. In this article, we analyze the requirements for the development of an immune system for the IoT, and propose a security architecture that satisfies these requirements. We also describe how such a system can be instantiated in Edge Computing infrastructures using existing technologies. Finally, we explore the potential application of immune systems to other scenarios and purposes.

Impact Factor: 9.936
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon roman2018VIS.pdf (149.3 KB)
R. Roman, and J. Lopez, "Integrating Wireless Sensor Networks and the Internet: A Security Analysis",
Internet Research, vol. 19, no. 2, Emerald, pp. 246-259, Mar 2009. DOI (I.F.: 0.844)More..

Abstract

Purpose: This paper aims to analyze the security issues that arise when integrating wireless sensor networks (WSN) and the internet. Also, it seeks to review whether existing technology mechanisms are suitable and can be applied in this context.

Design/methodology/approach: The paper considers the possible approaches that can be used to connect a WSN with the internet, and analyzes the security of their interactions.

Findings: By providing the services of the network through a front-end proxy, a sensor network and the internet can interact securely. There are other challenges to be solved if the sensor nodes are integrated into the internet infrastructure, although there exists interesting advances on his matter.

Research limitations and implications: The complete integration of sensor networks and the internet still remains as an open issue.

Practical implications: With the current state of the art, it is possible to develop a secure sensor network that can provide its services to internet hosts with certain security properties.

Originality/value: The paper studies the interactions between sensor networks and the internet from the point of view of security. It identifies both solutions and research challenges.

Impact Factor: 0.844
Journal Citation Reports® Science Edition (Thomson Reuters, 2009)

PDF icon roman2009a.pdf (394.32 KB)
J. E. Rubio, R. Roman, and J. Lopez, "Integration of a Threat Traceability Solution in the Industrial Internet of Things",
IEEE Transactions on Industrial Informatics, vol. 16, issue 10, no. 6575-6583, IEEE, 10/2020. DOI (I.F.: 10.215)More..

Abstract

In Industrial Internet of Things (IIoT) scenarios, where a plethora of IoT technologies coexist with consolidated industrial infrastructures, the integration of security mechanisms that provide protection against cyber-security attacks becomes a critical challenge. Due to the stealthy and persistent nature of some of these attacks, such as Advanced Persistent Threats, it is crucial to go beyond traditional Intrusion Detection Systems for the traceability of these attacks. In this sense, Opinion Dynamics poses a novel approach for the correlation of anomalies, which has been successfully applied to other network security domains. In this paper, we aim to analyze its applicability in the IIoT from a technical point of view, by studying its deployment over different IIoT architectures and defining a common framework for the acquisition of data considering the computational constraints involved. The result is a beneficial insight that demonstrates the feasibility of this approach when applied to upcoming IIoT infrastructures.

Impact Factor: 10.215
Journal Citation Reports® Science Edition (Thomson Reuters, 2020)

PDF icon Rubio2020IIoT.pdf (2.13 MB)
J. E. Rubio, R. Roman, and J. Lopez, "Integration of a Threat Traceability Solution in the Industrial Internet of Things",
IEEE Transactions on Industrial Informatics, vol. 16, issue 10, no. 6575-6583, IEEE, 10/2020. DOI (I.F.: 10.215)More..

Abstract

In Industrial Internet of Things (IIoT) scenarios, where a plethora of IoT technologies coexist with consolidated industrial infrastructures, the integration of security mechanisms that provide protection against cyber-security attacks becomes a critical challenge. Due to the stealthy and persistent nature of some of these attacks, such as Advanced Persistent Threats, it is crucial to go beyond traditional Intrusion Detection Systems for the traceability of these attacks. In this sense, Opinion Dynamics poses a novel approach for the correlation of anomalies, which has been successfully applied to other network security domains. In this paper, we aim to analyze its applicability in the IIoT from a technical point of view, by studying its deployment over different IIoT architectures and defining a common framework for the acquisition of data considering the computational constraints involved. The result is a beneficial insight that demonstrates the feasibility of this approach when applied to upcoming IIoT infrastructures.

Impact Factor: 10.215
Journal Citation Reports® Science Edition (Thomson Reuters, 2020)

PDF icon Rubio2020IIoT.pdf (2.13 MB)
J. A. Onieva, J. Lopez, R. Roman, J. Zhou, and S. Gritzalis, "Integration of non-repudiation services in mobile DRM scenarios",
Telecommunications Systems, vol. 35, pp. 161-176, September, 2007. More..

Abstract

In any kind of electronic transaction, it is extremely important to assure that any of the parties involved can not deny their participation in the information exchange. This security property, which is called non-repudiation, becomes more important in Digital Rights Management (DRM) scenarios, where a consumer can freely access to certain contents but needs to obtain the proper Right Object (RO) from a vendor in order to process it. Any breach in this process could result on financial loss for any peer, thus it is necessary to provide a service that allows the creation of trusted evidence. Unfortunately, non-repudiation services has not been included so far in DRM specifications due to practical issues and the type of content distributed. In this paper we analyze how to allow the integration of non-repudiation services to a DRM framework, providing a set of protocols that allows the right objects acquisition to be undeniable, alongside with a proof-of-concept implementation and a validation process.

PDF icon JoseA.Onieva2007a.pdf (292.68 KB)
A. Nieto, R. Rios, and J. Lopez, "IoT-Forensics meets Privacy: Towards Cooperative Digital Investigations",
Sensors, vol. 18, issue 2, no. 492, MDPI, 02/2018. DOI (I.F.: 3.031)More..

Abstract

IoT-Forensics is a novel paradigm for the acquisition of electronic evidence whose operation is conditioned by the peculiarities of the Internet of Things (IoT) context. As a branch of computer forensics, this discipline respects the most basic forensic principles of preservation, traceability, documentation, and authorization. The digital witness approach also promotes such principles in the context of the IoT while allowing personal devices to cooperate in digital investigations by voluntarily providing electronic evidence to the authorities. However, this solution is highly dependent on the willingness of citizens to collaborate and they may be reluctant to do so if the sensitive information within their personal devices is not sufficiently protected when shared with the investigators. In this paper, we provide the digital witness approach with a methodology that enables citizens to share their data with some privacy guarantees. We apply the PRoFIT methodology, originally defined for IoT-Forensics environments, to the digital witness approach in order to unleash its full potential. Finally, we show the feasibility of a PRoFIT-compliant digital witness with two use cases.

Impact Factor: 3.031
Journal Citation Reports® Science Edition (Thomson Reuters, 2018)

PDF icon nrlSensors2018.pdf (14.4 MB)
K
R. Roman, C. Alcaraz, J. Lopez, and N. Sklavos, "Key management systems for sensor networks in the context of the Internet of Things",
Computers & Electrical Engineering, vol. 37, Elsevier, pp. 147-159, Mar 2011. DOI (I.F.: 0.837)More..

Abstract

If a wireless sensor network (WSN) is to be completely integrated into the Internet as part of the Internet of Things (IoT), it is necessary to consider various security challenges, such as the creation of a secure channel between an Internet host and a sensor node. In order to create such a channel, it is necessary to provide key management mechanisms that allow two remote devices to negotiate certain security credentials (e.g. secret keys) that will be used to protect the information flow. In this paper we will analyse not only the applicability of existing mechanisms such as public key cryptography and pre-shared keys for sensor nodes in the IoT context, but also the applicability of those link-layer oriented key management systems (KMS) whose original purpose is to provide shared keys for sensor nodes belonging to the same WSN.

Impact Factor: 0.837
Journal Citation Reports® Science Edition (Thomson Reuters, 2011)

PDF icon roman2011.pdf (586.42 KB)
L
J. Lopez, R. Roman, and P. Najera, "Los Desafíos de Seguridad en la Internet de los Objetos",
Revista SIC, vol. 88, Ediciones CODA, pp. 66-73, Feb 2010. More..

Abstract

El paradigma de la Internet de los Objetos, donde todos aquellos objetos físicos que nos rodean tendrán la capacidad de generar y consumir información en el ámbito de un mundo virtual, se encuentra cada vez más cerca. Es ahora un buen momento para llamar la atención sobre sus principales desafíos de seguridad, tanto desde un punto de vista global como asociados a sus elementos más importantes (la tecnología RFID y las redes de sensores). Así, este paradigma puede ser plenamente comprendido y protegido, evolucionando hacia uno de los nuevos pilares del futuro.

PDF icon jlopez09.pdf (1.06 MB)
M
R. Roman, J. Lopez, and M. Mambo, "Mobile edge computing, Fog et al.: A survey and analysis of security threats and challenges",
Future Generation Computer Systems, vol. 78, issue 1, Elsevier, pp. 680-698, 01/2018. DOI (I.F.: 5.768)More..

Abstract

For various reasons, the cloud computing paradigm is unable to meet certain requirements (e.g. low latency and jitter, context awareness, mobility support) that are crucial for several applications (e.g. vehicular networks, augmented reality). To fulfil these requirements, various paradigms, such as fog computing, mobile edge computing, and mobile cloud computing, have emerged in recent years. While these edge paradigms share several features, most of the existing research is compartmentalised; no synergies have been explored. This is especially true in the field of security, where most analyses focus only on one edge paradigm, while ignoring the others. The main goal of this study is to holistically analyse the security threats, challenges, and mechanisms inherent in all edge paradigms, while highlighting potential synergies and venues of collaboration. In our results, we will show that all edge paradigms should consider the advances in other paradigms.

Impact Factor: 5.768
Journal Citation Reports® Science Edition (Thomson Reuters, 2018)

PDF icon RomanFog16.pdf (775.54 KB)
R. Rios, C. Fernandez-Gago, and J. Lopez, "Modelling Privacy-Aware Trust Negotiations",
Computers & Security, vol. 77 , issue August 2018, Elsevier, pp. 773-789, 2018. DOI (I.F.: 3.062)More..

Abstract

Trust negotiations are mechanisms that enable interaction between previously unknown users. After exchanging various pieces of potentially sensitive information, the participants of a negotiation can decide whether or not to trust one another. Therefore, trust negotiations bring about threats to personal privacy if not carefully considered. This paper presents a framework for representing trust negotiations in the early phases of the Software Development Life Cycle (SDLC). The framework can help software engineers to determine the most suitable policies for the system by detecting conflicts between privacy and trust requirements. More precisely, we extend the SI* modelling language and provide a set of predicates for defining trust and privacy policies and a set of rules for describing the dynamics of the system based on the established policies. The formal representation of the model facilitates its automatic verification. The framework has been validated in a distributed social network scenario for connecting drivers with potential passengers willing to share a journey.

Impact Factor: 3.062
Journal Citation Reports® Science Edition (Thomson Reuters, 2018)

PDF icon Ruben2017trust.pdf (425.82 KB)
O
D. G. Rosado, E. Fernandez-Medina, and J. Lopez, "Obtaining Security Requirements for a Mobile Grid System",
International Journal of Grid and High Performance Computing, vol. 1, IGI-Global, pp. 1-17, Jan 2009. DOI More..

Abstract

Mobile Grid includes the characteristics of the Grid systems together with the peculiarities of Mobile Computing, withthe additional feature of supporting mobile users and resources ina seamless, transparent, secure and efficient way. Security ofthese systems, due to their distributed and open nature, isconsidered a topic of great interest. We are elaborating amethodology of development to build secure mobile grid systemsconsidering security on all life cycle. In this paper we present thepractical results applying our methodology to a real case,specifically we apply the part of security requirements analysis toobtain and identify security requirements of a specific applicationfollowing a set of tasks defined for helping us in the definition,identification and specification of the security requirements onour case study. The methodology will help us to build a securegrid application in a systematic and iterative way.

PDF icon rosado2009c.pdf (219.29 KB)
P
R. Rios, J. A. Onieva, R. Roman, and J. Lopez, "Personal IoT Privacy Control at the Edge",
IEEE Security & Privacy , vol. 20, issue 1, IEEE, In Press. DOI (I.F.: 3.573)More..

Abstract

This article introduces a privacy manager for IoT data based on Edge Computing. This poses the advantage that privacy is enforced before data leaves the control of the user, who is provided with a tool to express data sharing preferences based on a novel context-aware privacy language.

Impact Factor: 3.573
Journal Citation Reports® Science Edition (Thomson Reuters, 2020)

R. Rios, J. A. Onieva, R. Roman, and J. Lopez, "Personal IoT Privacy Control at the Edge",
IEEE Security & Privacy , vol. 20, issue 1, IEEE, In Press. DOI (I.F.: 3.573)More..

Abstract

This article introduces a privacy manager for IoT data based on Edge Computing. This poses the advantage that privacy is enforced before data leaves the control of the user, who is provided with a tool to express data sharing preferences based on a novel context-aware privacy language.

Impact Factor: 3.573
Journal Citation Reports® Science Edition (Thomson Reuters, 2020)

I. Agudo, R. Rios, and J. Lopez, "A Privacy-Aware Continuous Authentication Scheme for Proximity-Based Access Control",
Computers & Security, vol. 39 (B), Elsevier, pp. 117-126, 11/2013. DOI (I.F.: 1.172)More..

Abstract

Continuous authentication is mainly associated with the use of biometrics to guarantee that a resource is being accessed by the same user throughout the usage period. Wireless devices can also serve as a supporting technology for continuous authentication or even as a complete alternative to biometrics when accessing proximity-based services. In this paper we present the implementation of a secure, non-invasive continuous authentication scheme supported by the use of Wearable Wireless Devices (WWD), which allow users to gain access to proximity-based services while preserving their privacy. Additionally we devise an improved scheme that circumvents some of the limitations of our implementation.

Impact Factor: 1.172
Journal Citation Reports® Science Edition (Thomson Reuters, 2013)

PDF icon agudo2013.pdf (436.44 KB)
R. Rios, J. Cuellar, and J. Lopez, "Probabilistic receiver-location privacy protection in wireless sensor networks",
Information Sciences, vol. 321, Elsevier, pp. 205 - 223, 07/2015. DOI (I.F.: 3.364)More..

Abstract

Wireless sensor networks (WSNs) are continually exposed to many types of attacks. Among these, the attacks targeted at the base station are the most devastating ones since this essential device processes and analyses all traffic generated in the network. Moreover, this feature can be exploited by a passive adversary to determine its location based on traffic analysis. This receiver-location privacy problem can be reduced by altering the traffic pattern of the network but the adversary may still be able to reach the base station if he gains access to the routing tables of a number of sensor nodes. In this paper we present HISP-NC (Homogenous Injection for Sink Privacy with Node Compromise protection), a receiver-location privacy solution that consists of two complementary schemes which protect the location of the base station in the presence of traffic analysis and node compromise attacks. The HISP-NC data transmission protocol prevents traffic analysis by probabilistically hiding the flow of real traffic with moderate amounts of fake traffic. Moreover, HISP-NC includes a perturbation mechanism that modifies the routing tables of the nodes to introduce some level of uncertainty in attackers capable of retrieving the routing information from the nodes. Our scheme is validated both analytically and experimentally through extensive simulations.

Impact Factor: 3.364
Journal Citation Reports® Science Edition (Thomson Reuters, 2015)

PDF icon rios2015.pdf (692.33 KB)
J. Lopez, C. Alcaraz, J. Rodriguez, R. Roman, and J. E. Rubio, "Protecting Industry 4.0 against Advanced Persistent Threats",
European CIIP Newsletter, vol. 11, issue 26, no. 1, European CIIP Newsletter, pp. 27-29, 03/2017. More..
PDF icon lopez2017ecn.pdf (226.62 KB)
J. Lopez, C. Alcaraz, J. Rodriguez, R. Roman, and J. E. Rubio, "Protecting Industry 4.0 against Advanced Persistent Threats",
European CIIP Newsletter, vol. 11, issue 26, no. 1, European CIIP Newsletter, pp. 27-29, 03/2017. More..
PDF icon lopez2017ecn.pdf (226.62 KB)
J. Lopez, C. Alcaraz, J. Rodriguez, R. Roman, and J. E. Rubio, "Protecting Industry 4.0 against Advanced Persistent Threats",
European CIIP Newsletter, vol. 11, issue 26, no. 1, European CIIP Newsletter, pp. 27-29, 03/2017. More..
PDF icon lopez2017ecn.pdf (226.62 KB)
R
J. E. Rubio, C. Alcaraz, and J. Lopez, "Recommender System for Privacy-Preserving Solutions in Smart Metering",
Pervasive and Mobile Computing, vol. 41, Pervasive and Mobile Computing, pp. 205-218, 10/2017. (I.F.: 2.974)More..

Abstract

Nowadays, Smart Grid is envisaged to provide several benefits to both customers and grid operators. However, Smart Meters introduce many privacy issues if consumption data is analysed. In this paper we analyse the main techniques that address privacy when collecting electricity readings. In addition to privacy, it is equally important to preserve efficiency to carry on with monitoring operations, so further control requirements and communication protocols are also studied. Our aim is to provide guidance to installers who intend to integrate such mechanisms on the grid, presenting an expert system to recommend an appropriate deployment strategy.

Impact Factor: 2.974
Journal Citation Reports® Science Edition (Thomson Reuters, 2017)

PDF icon rubiorecommender17.pdf (461.99 KB)
N. Nomikos, et al., "Relay Selection for Secure 5G Green Communications",
Telecommunication Systems , vol. 59, issue 1, Springer US, pp. 169-187, 05/2015. DOI (I.F.: 0.822)More..

Abstract

In this article, we present relay selection policies in applications with secrecy requirements which are of interest in the fifth generation (5G) of wireless networks. More specifically, we provide a classification of relays based on their distinct communication attributes, such as processing, multiple antennas, storage, channel estimation, density and security level. In addition, we discuss the level of efficiency exhibited by each relay class, regarding their impact in delay-critical applications and green communications applications, while aiming at a specific security level at the physical layer. Then, relay selection policies are proposed taking into consideration the goals set by each application. Numerical evaluation of the proposed policies in terms of the average secrecy rate, average delay and power reduction show improved performance compared to other state-of-the-art solutions. 

Impact Factor: 0.822
Journal Citation Reports® Science Edition (Thomson Reuters, 2015)

J. Lopez, J. E. Rubio, and C. Alcaraz, "A Resilient Architecture for the Smart Grid",
IEEE Transactions on Industrial Informatics, vol. 14, issue 8, IEEE, pp. 3745-3753, 08/2019, 2018. DOI (I.F.: 7.377)More..

Abstract

The Smart Grid offers many benefits due to the bidirectional communication between the users and the utility company, which makes it possible to perform a fine-grain consumption metering. This can be used for Demand Response purposes with the generation and delivery of electricity in real time. It is essential to rapidly anticipate high peaks of demand or potential attacks, so as to avoid power outages and denial of service, while effectively supplying consumption areas. In this paper, we propose a novel architecture where cloud computing resources are leveraged (and tested in practice) to enable, on the one hand, the consumption prediction through time series forecasting, as well as load balancing to uniformly distribute the demand over a set of available generators. On the other and, it also allows the detection of connectivity losses and intrusions within the control network by using controllability concepts.

Impact Factor: 7.377
Journal Citation Reports® Science Edition (Thomson Reuters, 2018)

PDF icon transactionInformaticsSG2018.pdf (609.25 KB)
R. Roman, C. Alcaraz, and J. Lopez, "The Role of Wireless Sensor Networks in the Area of Critical Information Infrastructure",
Information Security Technical Report, vol. 12, no. 1, Elsevier, pp. 24-31, 2007. DOI More..

Abstract

Critical Infrastructures, such as energy, banking, and transport, are an essential pillar to the well-being of the national and international economy, security and quality of life. These infrastructures are dependent on a spectrum of highly interconnected information infrastructures for their smooth, reliable and continuous operation. The field of protecting such Critical Information Infrastructures, or CIIP, faces numerous challenges, such as managing the secure interaction between peers, assuring the resilience and robustness of the overall system, and deploying warning and alert systems, amongst others. In this tapestry of CIIP, Wireless Sensor Networks can be used as an invaluable tool due to their intelligent distributed control capabilities, alongside with their capability to work under severe conditions. In this paper, we justify why Wireless Sensor Networks technology is suitable for providing security for these scenarios, describing both their advantages and research issues and their role in the overall scheme of protecting the Critical Information Infrastructures.

PDF icon Roman2007a.pdf (183.54 KB)
S
C. Alcaraz, G. Fernandez, R. Roman, A. Balastegui, and J. Lopez, "Secure Management of SCADA Networks",
Novatica, New Trends in Network Management, vol. 9, no. 6, Cepis UPGRADE, pp. 22-28, December, 2008. More..

Abstract

When a Supervisory Control and Data Acquisition (SCADA) system monitors and manages other complex infrastructures through the use of distributed technologies, it becomes a critical infrastructure by itself: A failure or disruption in any of its components could implicate a serious impact on the performance of the other infrastructures. The connection with other systems makes a SCADA system more vulnerable against attacks, generating new security problems. As a result, it is essential to perform diverse security analysis frequently in order to keep an updated knowledge and to provide recommendations and/or solutions to mitigate or avoid anomalous events. This will facilitate the existence of a suitable, reliable, and available control network.

PDF icon Alcaraz2008b.pdf (325.52 KB)
C. Alcaraz, J. Lopez, J. Zhou, and R. Roman, "Secure SCADA Framework for the Protection of Energy Control Systems",
Concurrency and Computation Practice & Experience, vol. 23, no. 12, John Wiley & Sons, Inc., pp. 1414-1430, Aug 2011. DOI (I.F.: 0.636)More..

Abstract

Energy distribution systems are becoming increasingly widespread in today’s society. One of the elements that is used to monitor and control these systems are the SCADA (Supervisory Control and Data Acquisition) systems. In particular, these control systems and their complexities, together with the emerging use of the Internet and wireless technologies, bring new challenges that must be carefully considered. Examples of such challenges are the particular bene¯ts of the integration of those new technologies, and also the e®ects they may have on the overall SCADA security. The main task of this paper is to provide a framework that shows how the integration of di®erent state-of-the-art technologies in an energy control system, such as Wireless Sensor Networks (WSNs), Mobile Ad-Hoc Networks (MANETs), and the Internet, can bring some interesting benefits such as status management and anomaly prevention, while maintaining the security of the whole system.

Impact Factor: 0.636
Journal Citation Reports® Science Edition (Thomson Reuters, 2011)

PDF icon Alcaraz2011a.pdf (908.82 KB)
R. Roman, P. Najera, and J. Lopez, "Securing the Internet of Things",
IEEE Computer, vol. 44, no. 9, IEEE, pp. 51 -58, Sept 2011. DOI (I.F.: 1.47)More..

Abstract

This paper presents security of Internet of things. In the Internet of Things vision, every physical object has a virtual component that can produce and consume services Such extreme interconnection will bring unprecedented convenience and economy, but it will also require novel approaches to ensure its safe and ethical use. The Internet and its users are already under continual attack, and a growing economy-replete with business models that undermine the Internet’s ethical use-is fully focused on exploiting the current version’s foundational weaknesses.

Impact Factor: 1.47
Journal Citation Reports® Science Edition (Thomson Reuters, 2011)

PDF icon 1633.pdf (373.78 KB)
C. Alcaraz, R. Roman, P. Najera, and J. Lopez, "Security of Industrial Sensor Network-based Remote Substations in the context of the Internet of Things",
Ad Hoc Networks, vol. 11, Elsevier, pp. 1091–1104, 2013. DOI (I.F.: 1.943)More..

Abstract

The main objective of remote substations is to provide the central system with sensitive information from critical infrastructures, such as generation, distribution or transmission power systems. Wireless sensor networks have been recently applied in this particular context due to their attractive services and inherent benefits, such as simplicity, reliability and cost savings. However, as the number of control and data acquisition systems that use the Internet infrastructure to connect to substations increases, it is necessary to consider what connectivity model the sensor infrastructure should follow: either completely isolated from the Internet or integrated with it as part of the Internet of Things paradigm. This paper therefore addresses this question by providing a thorough analysis of both security requirements and infrastructural requirements corresponding to all those TCP/IP integration strategies that can be applicable to networks with constrained computational resources.

Impact Factor: 1.943
Journal Citation Reports® Science Edition (Thomson Reuters, 2013)

PDF icon 1752.pdf (1.21 MB)
D. G. Rosado, E. Fernandez-Medina, and J. Lopez, "Security Services Architecture for Secure Mobile Grid Systems",
Journal of Systems Architecture, vol. 57, Elsevier, pp. 240-258, 2011. (I.F.: 0.444)More..

Abstract

 Mobile Grid, is a full inheritor of the Grid with the additional feature that it supports mobile users andresources. Security is an important aspect in Grid based systems, and it is more complex to ensure thisin a mobile platform owing to the limitations of resources in these devices. A Grid infrastructure that supportsthe participation of mobile nodes and incorporates security aspects will thus play a significant rolein the development of Grid computing. The idea of developing software through systematic developmentprocesses to improve software quality is not new. However, many information systems such as those ofGrid Computing are still not developed through methodologies which have been adapted to their mostdifferentiating features. The lack of adequate development methods for this kind of systems in whichsecurity is taken into account has encouraged us to build a methodology to develop them, offering adetailed guide for their analysis, design and implementation. It is important to use software V&V techniques,according to IEEE Std. 1012 for Software Verification and Validation, to ensure that a software systemmeets the operational needs of the user. This ensures that the requirements for the system arecorrect, complete, and consistent, and that the life-cycle products correctly design and implement systemrequirements. This paper shows part of a development process that we are elaborating for the constructionof information systems based on Grid Computing, which are highly dependent on mobile devices inwhich security plays a highly important role. In the design activity of the process, we design a securityarchitecture which serves as a reference for any mobile Grid application that we wish to build since thissecurity architecture defines a complete set of security services which will be instantiated depending onthe requirements and features found in previous activities of the process. A V&V task is also defined in thedesign activity to validate and verify both the architecture built and the traceability of the artifacts generatedin this activity. In this paper, we will present the service-oriented security architecture for MobileGrid Systems which considers all possible security services that may be required for any mobile Grid application.

Impact Factor: 0.444
Journal Citation Reports® Science Edition (Thomson Reuters, 2011)

C. Alcaraz, J. Lopez, R. Roman, and H-H. Chen, "Selecting key management schemes for WSN applications",
Computers & Security, vol. 31, no. 38, Elsevier, pp. 956–966, Nov 2012. DOI (I.F.: 1.158)More..

Abstract

Key management in wireless sensor networks (WSN) is an active research topic. Due to the fact that a large number of key management schemes (KMS) have been proposed in the literature, it is not easy for a sensor network designer to know exactly which KMS best fits in a particular WSN application. In this article, we offer a comprehensive review on how the application requirements and the properties of various key management schemes influence each other. Based on this review, we show that the KMS plays a critical role in determining the security performance of a WSN network with given application requirements. We also develop a method that allows the network designers to select the most suitable KMS for a specific WSN network setting. In addition, the article also addresses the issues on the current state-of-the-art research on the KMS for homogeneous (i.e. non-hierarchical) networks to provide solutions for establishing link-layer keys in various WSN applications and scenarios.

Impact Factor: 1.158
Journal Citation Reports® Science Edition (Thomson Reuters, 2012)

PDF icon AlcarazR2012.pdf (326.12 KB)
R. Roman, J. Lopez, and S. Gritzalis, "Situation Awareness Mechanisms for Wireless Sensor Networks",
IEEE Communications Magazine, vol. 46, no. 4, IEEE, pp. 102-107, April, 2008. DOI (I.F.: 2.799)More..

Abstract

A wireless sensor network should be able to operate for long periods of time with little or no external management. There is a requirement for this autonomy: the sensor nodes must be able to configure themselves in the presence of adverse situations. Therefore, the nodes should make use of situation awareness mechanisms to determine the existence of abnormal events in their surroundings. This work approaches the problem by considering the possible abnormal events as diseases, thus making it possible to diagnose them through their symptoms, namely, their side effects. Considering these awareness mechanisms as a foundation for high-level monitoring services, this article also shows how these mechanisms are included in the blueprint of an intrusion detection system.

Impact Factor: 2.799
Journal Citation Reports® Science Edition (Thomson Reuters, 2008)

PDF icon Roman2008a.pdf (280.63 KB)
J. Lopez, C. Alcaraz, and R. Roman, "Smart Control of Operational Threats in Control Substations",
Computers & Security, vol. 38, Elsevier, pp. 14-27, OCT 2013. DOI (I.F.: 1.172)More..

Abstract

Any deliberate or unsuitable operational action in control tasks of critical infrastructures, such as energy generation, transmission and distribution systems that comprise sub-domains of a Smart Grid, could have a significant impact on the digital economy: without energy, the digital economy cannot live. In addition, the vast majority of these types of critical systems are configured in isolated locations where their control depends on the ability of a few, supposedly trustworthy, human operators. However, this assumption of reliabilty is not always true. Malicious human operators (criminal insiders) might take advantage of these situations to intentionally manipulate the critical nature of the underlying infrastructure. These criminal actions could be not attending to emergency events, inadequately responding to incidents or trying to alter the normal behaviour of the system with malicious actions. For this reason, in this paper we propose a smart response mechanism that controls human operators’ operational threats at all times. Moreover, the design of this mechanism allows the system to be able to not only evaluate by itself, the situation of a particular scenario but also to take control when areas are totally unprotected and/or isolated. The response mechanism, which is based on Industrial Wireless Sensor Networks (IWSNs) for the constant monitoring of observed critical infrastructures, on reputation for controlling human operators’ actions, and on the ISA100.11a standard for alarm management, has been implemented and simulated to evaluate its feasibility for critical contexts.

Impact Factor: 1.172
Journal Citation Reports® Science Edition (Thomson Reuters, 2013)

PDF icon 1770.pdf (1.58 MB)
R. Roman, C. Alcaraz, and J. Lopez, "A Survey of Cryptographic Primitives and Implementations for Hardware-Constrained Sensor Network Nodes",
Mobile Networks and Applications, vol. 12, no. 4, Springer, pp. 231-244, August, 2007. DOI (I.F.: 0.586)More..

Abstract

In a wireless sensor network environment, a sensor node is extremely constrained in terms of hardware due to factors such as maximizing lifetime and minimizing physical size and overall cost. Nevertheless, these nodes must be able to run cryptographic operations based on primitives such as hash functions, symmetric encryption and public key cryptography in order to allow the creation of secure services. Our objective in this paper is to survey how the existing research-based and commercial-based sensor nodes are suitable for this purpose, analyzing how the hardware can influence the provision of the primitives and how software implementations tackles the task of implementing instances of those primitives. As a result, it will be possible to evaluate the influence of provision of security in the protocols and applications/scenarios where sensors can be used.

Impact Factor: 0.586
Journal Citation Reports® Science Edition (Thomson Reuters, 2007)

PDF icon Roman2007.pdf (280.7 KB)
D. G. Rosado, E. Fernandez-Medina, J. Lopez, and M. Piattini, "Systematic Design of Secure Mobile Grid Systems",
Journal of Network and Computer Applications, vol. 34, Elsevier, pp. 1168-1183, 2011. (I.F.: 1.065)More..

Abstract

 Grid computing has arisen as an evolution of distributed systems mainly focused on the sharing of and remote access to resources in a uniform, transparent, secure, efficient and reliable manner. It is possible to join Grid technology and mobile technology in order to create one of the most promising technologies and developments to appear in recent years, in that they enrich one another and provide new solutions that solve many of the limitations and problems found in different technologies. Security is a very important factor in Mobile Grid Computing and is also difficult to achieve owing to the open nature of wireless networks and heterogeneous and distributed environments. Success in obtaining a secure system originates in incorporating security from the first stages of the development process. It has therefore been necessary to define a development process for this kind of systems in which security is incorporated in all stages of the development and the features and particularities of the Mobile Grid systems are taken into consideration. This paper presents one of the activities of this development process, the design activity, which consists of defining and designing a security software architecture. This architecture will be built from a security architecture, defined as reference architecture, in which security services, interfaces and operations are defined with the purpose of defining a reference security architecture which covers the majority of security requirements identified in the analysis activity. The design activity will build the system architecture that will be the input artefact for the subsequent activity in the process, which is the construction activity.

Impact Factor: 1.065
Journal Citation Reports® Science Edition (Thomson Reuters, 2011)

T
A. Nieto, R. Roman, and J. Lopez, "Testificación Digital",
Revista SIC, vol. 122, Ediciones CODA, pp. 94-98, Nov 2016. More..

Abstract

El creciente número de dispositivos interconectados trae consigo problemas de seguridad bien conocidos; por ejemplo, aquellos debidos a las vulnerabilidades en protocolos muy diversos –muchos de ellos propietarios– y al factor de error humano introducido por los usuarios. Sin embargo, cabe preguntarse cómo podemos usar el despliegue de tales dispositivos en beneficio de la ciberseguridad. En el proyecto IoTest se está desarrollando una solución, el Testigo Digital, que permitirá a los dispositivos personales con arquitectura de seguridad embebida reaccionar ante ataques virtuales, protegiéndonos de los ciberataques emergentes.

PDF icon nrlSIC16.pdf (476.98 KB)
D. G. Rosado, E. Fernandez-Medina, J. Lopez, and M. Piattini, "Towards a UML Extension of Reusable Secure Use Cases for Mobile Grid systems",
IEICE Trans. on Information and Systems, vol. E94-D, IEICE, pp. 243-254, Feb 2011. DOI (I.F.: 0.178)More..

Abstract

The systematic processes exactly define the development cycle and help the development team follow the same development strategies and techniques, thus allowing a continuous improvement in the quality of the developed products. Likewise, it is important that the development process used integrates security aspects from the first stages at the same level as other functional and non-functional requirements. Grid systems allow us to build very complex information systems with different and remarkable features (interoperability between multiple security domains, cross-domain authentication and authorization, dynamic, heterogeneous and limited mobile devices, etc). With the development of wireless technology and mobile devices, the Grid becomes the perfect candidate for letting mobile users make complex works that add new computational capacity to the Grid. A methodology of development for secure mobile Grid systems is being defined. One of the activities of this methodology is the requirements analysis which is based in reusable use cases. In this paper, we will present a UML-extension for security use cases and Grid use case which capture the behaviour of this kind of systems. A detailed description of all these new use cases defined in the UML extension is necessary, describing the stereotypes, tagged values, constraints and graphical notation. We show an example of how to apply and use this extension for building the diagram of use cases and incorporating common security aspects for this kind of systems. Also, we will see how the diagrams built can be reused in the construction of others diagrams saving time and effort in this task.
 

Impact Factor: 0.178
Journal Citation Reports® Science Edition (Thomson Reuters, 2011)

PDF icon rosado2009.pdf (302.25 KB)
J. E. Rubio, R. Roman, C. Alcaraz, and Y. Zhang, "Tracking APTs in Industrial Ecosystems: A Proof of Concept",
Journal of Computer Security, vol. 27, issue 5, Elsevier, pp. 521-546, 09/2019. (I.F.: 3.579)More..
Impact Factor: 3.579
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon RubioSIJCS19.pdf (3.26 MB)
J. E. Rubio, R. Roman, C. Alcaraz, and Y. Zhang, "Tracking APTs in Industrial Ecosystems: A Proof of Concept",
Journal of Computer Security, vol. 27, issue 5, Elsevier, pp. 521-546, 09/2019. (I.F.: 3.579)More..
Impact Factor: 3.579
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon RubioSIJCS19.pdf (3.26 MB)
J. Lopez, R. Roman, I. Agudo, and C. Fernandez-Gago, "Trust Management Systems for Wireless Sensor Networks: Best practices",
Computer Communications, vol. 33, no. 9, Elsevier, pp. 0140-3664, 2010. DOI (I.F.: 0.816)More..

Abstract

Wireless sensor networks (WSNs) have been proven a useful technology for perceiving information about the physical world and as a consequence has been used in many applications such as measurement of temperature, radiation, flow of liquids, etc. The nature of this kind of technology, and also their vulnerabilities to attacks make the security tools required for them to be considered in a special way. The decision making in a WSN is essential for carrying out certain tasks as it aids sensors establish collaborations. In order to assist this process, trust management systems could play a relevant role. In this paper, we list the best practices that we consider are essential for developing a good trust management system for WSN and make an analysis of the state of the art related to these practices.

Impact Factor: 0.816
Journal Citation Reports® Science Edition (Thomson Reuters, 2010)

PDF icon JavierLopezMunoz2010.pdf (210.98 KB)
U
R. Rios, and J. Lopez, "(Un)Suitability of Anonymous Communication Systems to WSN",
IEEE Systems Journal, vol. 7, no. 2, IEEE Systems Council, pp. 298 - 310, Jun 2013. DOI (I.F.: 1.746)More..

Abstract

Anonymous communication systems have been extensively studied by the research community to prevent the disclosure of sensitive information from the analysis of individuals’ traffic patterns. Many remarkable solutions have been developed in this area, most of which have proven to be effective in the protection of user privacy against different types of attacks. Recently, the privacy preservation problem has also been considered in the realm of wireless sensor networks (WSNs) due to their imminent adoption in real-world scenarios. A special challenge that arises from the analysis of the flow of sensor nodes’ communications is the location privacy problem. In this work we concentrate on analyzing the suitability of traditional anonymous communication systems originally designed for the Internet to the original scenario of sensor networks. The results show that, in most cases, traditional solutions do not provide the adequate protection means for the particular problem of location privacy, while other solutions are too resource-consuming for the restricted capabilities of sensor nodes.

Impact Factor: 1.746
Journal Citation Reports® Science Edition (Thomson Reuters, 2013)

PDF icon Rios2012a.pdf (488.58 KB)
P. Najera, R. Roman, and J. Lopez, "User-centric secure integration of personal RFID tags and sensor networks",
Security and Communication Networks, vol. 6, Wiley-Blackwell, pp. 1177–1197, Oct 2013. DOI (I.F.: 0.433)More..

Abstract

A personal network (PN) should enable the collaboration of user’s devices and services in a flexible, self-organizing and friendly manner. For such purpose, the PN must securely accommodate heterogeneous technologies with uneven computational and communication resources. In particular, personal RFID tags can enable seamless recognition of user’s context, provide user authentication and enable novel services enhancing the quality and quantity of data handled by the PN. However, the highly constrained features of common RFID tags and their passive role in the network highlights the need of an adequate secure communication model with personal tags which enables their participation as a member of the PN. In this paper, we present our concept of PN, with special emphasis on the role of RFID and sensor networks, and define a secure architecture for PNs including methods for the secure access to context-aware technologies from both local PN members and the Internet of Things. The PN architecture is designed to support differentiated security mechanisms to maximize the level of security for each type of personal device. Furthermore, we analyze which security solutions available in the literature can be adapted for our architecture, as well as the challenges and security mechanisms still necessary in the secure integration of personal tags.

Impact Factor: 0.433
Journal Citation Reports® Science Edition (Thomson Reuters, 2013)

V
S. Rusell, E. Dawson, E. Okamoto, and J. Lopez, "Virtual Certificates and Synthetic Certificates: New Paradigms for Improving Public Key Validation",
Computer Communications, vol. 26, no. 16, Elsevier, pp. 1826-1838, 2003. (I.F.: 0.508)More..

Abstract

The certificate paradigm is applied recursively to obtain the public keys of a number of Certification Authorities and, accordingly, to obtain the public keys of a number of final entities. Thus, validation of the authorized public key of a party in a network transaction is commonly based on processing the certificate chain descended from a trusted root issuer, involving non-negligible time and cost. Those chains become long in communications between large organizations, which is the typical case of e-commerce and e-government applications. The process of validation of extensive chains introduces performance problems in two aspects: signature verification and revocation checking. That is, the repeated processing of long chains of certificates creates severe efficiency problems. This fact causes that most of the advantages provided by Public Key Infrastructures (PKIs) are not conveniently exploited. In this paper we analyze the scenarios in which large volumes of digitally signed transactions between commercial entities exist. These cases require of interoperation among PKIs. We show that solutions available in those scenarios still involve processing of too long chains of certificates, either at the receiving computer or by an outsourced entity. For this reason, we propose new concepts of virtual certificate and synthetic certificate for faster and less costly processing of certificate chains. In this way, communications in a certificate-based intercommunity can be highly improved. We also show how these types of certificates can be applied in practice.

Impact Factor: 0.508
Journal Citation Reports® Science Edition (Thomson Reuters, 2003)

PDF icon SelwynRusell2003.pdf (227.92 KB)