Publications

Export results:
Author Title Type [ Year(Asc)]
Filters: First Letter Of Last Name is V  [Clear All Filters]
R. Rios, J. Cuellar, and J. Lopez, "Ocultación de la estación base en redes inalámbricas de sensores",
XI Jornadas de Ingeniería Telemática (JITEL 2013), J. E. Díaz Verdejo, J. Navarro Ortiz, and J. J. Ramos Muñoz Eds., Asociación de Telemática, pp. 481-486, Oct 2013. More..

Abstract

La estación base es el elemento más importante en un red de sensores y, por tanto, es necesario evitar que un atacante pueda hacerse con el control de este valioso dispositivo. Para ello, el atacante puede valerse tanto de técnicas de análisis de tráfico como de la captura de nodos. En este trabajo presentamos un esquema que consta de dos fases, la primera está dedicada a homogeneizar los patrones de tráfico y la segunda encargada de perturbar las tablas de rutas de los nodos. Ambas fases permiten mantener a la estación base fuera del alcance del atacante con un coste computacional insignificante y un consumo energético moderado. La validez de nuestro esquema ha sido validada analíticamente y a través de numerosas simulaciones.

PDF icon rios2013b.pdf (348.08 KB)
J. L. Vivas, I. Agudo, and J. Lopez, "Security Assurance During the Software Development Process",
International Conference on Computer Systems and Technologies (CompSysTech09), ACM, pp. 11.7.1-11.7.6, 2009. DOI More..

Abstract

Assurance has been a major topic for critical systems. Assurance is usually associated with safety conditions but has also an important role for checking security requirements. Security is best assured if it is addressed holistically, systematically, and from the very beginning in the software’s development process. We propose to integrate assurance and system development by letting the different stages of the system development life-cycle be mapped to the structure of the assurance case.

 

PDF icon vivas09.pdf (31.06 KB)
C. Dixon, C. Fernandez-Gago, M. Fisher, and W. van der Hoek, "Using Temporal Logics of Knowledge in the Formal Verification of Security Protocols",
11th International Symposium on Temporal Representation and Reasoning (TIME’04), IEEE Computer Society, pp. 148-151, 2004. DOI More..

Abstract

Temporal logics of knowledge are useful for reasoning about situations where the knowledge of an agent or component is important, and where change in this knowledge may occur over time. Here we use temporal logics of knowledge to reason about security protocols. We show how to specify part of the Needham-Schroeder protocol using temporal logics of knowledge and prove various properties using a clausal resolution calculus for this logic.

PDF icon Dix04.pdf (54.5 KB)
J. Lopez, J. J. Ortega, J. M. Troya, and J. L. Vivas, "High-level Specification of Security Systems",
IEEE Globecom 2003 - Communications Security Track, IEEE Press, pp. 1506-1510, December, 2003. More..

Abstract

In order to study the security systems, we have developed a methodology for the application to the analysis of cryptographic protocols of the formal analysis techniques commonly used in communication protocols. In particular, we have extended the design and analysis phases with security properties. Our proposal uses a specification notation based on HMSC/MSC, which can be automatically translated into a generic SDL specification.

PDF icon javierlopez2003.pdf (55.43 KB)
J. Lopez, J. J. Ortega, J. M. Troya, and J. L. Vivas, "How to Specify Security Services: A Practical Approach",
7th IFIP Conference on Multimedia and Communications Security (CMS’03), LNCS 2828, Springer-Verlag, pp. 158-171, October, 2003. More..

Abstract

Security services are essential for ensuring secure communications. Typically no consideration is given to security requirements during the initial stages of system development. Security is only added latter as an afterthought in function of other factors such as the environment into which the system is to be inserted, legal requirements, and other kinds of constraints. In this work we introduce a methodology for the specification of security requirements intended to assist developers in the design, analysis, and implementation phases of protocol development. The methodology consists of an extension of the ITU-T standard requirements language MSC and HMSC, called SRSL, defined as a high level language for the specification of security protocols. In order to illustrate it and evaluate its power, we apply the new methodology to a real world example, the integration of an electronic notary system into a web-based multi-users service platform.

PDF icon javierlopez2003a.pdf (400.31 KB)
J. L. Vivas, J. A. Montenegro, and J. Lopez, "Towards Business Process-Driven Framework for Security Engineering with the UML",
6th International Conference on Information Security (ISC’03), LNCS 2851, Springer-Verlag, pp. 381-395, October, 2003. More..

Abstract

A challenging task in security engineering concerns the specification and integration of security with other requirements at the top level of requirements engineering. Empirical studies show that it is commonly at the business process level that customers and end users are able to express their security needs. In addition, systems are often developed by automating existing manual business processes. Since many security notions belongs conceptually to the world of business processes, it is natural to try to capture and express them in the context of business models in which moreover customers and end users feel most comfortable. In this paper, based on experience drawn from an ongoing work within the CASENET project \cite{CASENET}, we propose a UML-based business process-driven framework for the development of security-critical systems.

PDF icon josevivas2003.pdf (206.96 KB)
J. Davila, L. Fuentes, J. Lopez, J. maria troya, and A. Vallecillo, "Internet Secure Communications Between Citizens and Public Administrations",
IFIP Conference on Advances in Electronic Government, pp. 109-120, 2000.
A. Mana, F. Villalba, and J. Lopez, "Secure Examinations Through The Internet",
IFIP World Computer Congress, pp. 695-708, August, 1998. More..

Abstract

The objective of the present work is to present a solution to the problem of simultaneously examining groups of students in different computer laboratories while each student uses a computer with Internet access. The system presented focus on security and ease of use, being, at the same time, transparent to the users (students) and providing added services to the main objective of simultaneous examinations in several rooms with just one teacher.

F. Lopez, J. Lopez, A. Vergara, and L. Pino, "Determination of Objects Orientation in Assembly Lines using Neural Networks",
5th Intern. Conf. on Computer Aided Systems Theory and Technology (EUROCAST’97), pp. 183-189, February, 1997. More..

Abstract

This paper is a first approach to the use of artificial neural networks as a tool to estimate the orientation of an object, and is mainly directed towards industrial applications. The capability of neural networks to generalise is a key element in the calculation of an object’s orientation. In this sense, a neural network can identify the angle of a part never seen before. To evaluate the efficiency of this method we have performed a series of tests with the different parts used in a car assembly line.

Modify or remove your filters and try again.