Edificio de Investigación Ada Byron
C/ Arquitecto Francisco Peñalosa, nº 18
Ampliación Campus de Teatinos. Universidad de Málaga
29071 Málaga (Spain)
Phone: +34-951-952914 Fax: +34-951-952749
Domain of interest and research
- Protecting the Internet of Things
- Security Architectures (Edge Computing Infrastructures)
- Protection of Critical Infrastructures
- Security in Wireless Sensor Networks
- "Bring security to the real world": For Dr. Roman, security should not be an obscure concept that is difficult to apply, but a simple idea that can be easily explained and deployed. Consequently, Dr. Roman's research is mainly focused on providing useful and relevant security solutions that fulfill the requirements of both applications and its users.
- Security solutions for the Internet of Things: One of our goals is to provide security mechanisms for various IoT scenarios, such as monitoring solutions for Industrial Internet of Things scenarios (SADCIP project) and the introduction of the "digital witness" concept in IoT Forensics (IoTest project).
- Security Architectures: Another of our goals is to define and create security architectures that fulfill the requirements of the application and its environment. Currently we are studying the security of edge paradigms, such as Fog Computing and Mobile Edge Computing (SMOG project).
- Ph.D. in Computer Science (with European Doctorate mention), University of Malaga (June 2008).
- Undergraduate Research Fellow, Institute for Infocomm Research (I2R), Singapore (August 2003 - December 2004).
- MSc. in Computer Engineering, University of Malaga (August 2003).
- BSc. in Computer Science, University of Malaga (August 2000).
- "Edge-Assisted Vehicular Networks Security",
IEEE Internet of Things Journal, IEEE Computer Society, In Press. DOI (I.F.: 5.863)
Edge Computing paradigms are expected to solve some major problems affecting current application scenarios that rely on Cloud computing resources to operate. These novel paradigms will bring computational resources closer to the users and by doing so they will not only reduce network latency and bandwidth utilization but will also introduce some attractive context-awareness features to these systems. In this paper we show how the enticing features introduced by Edge Computing paradigms can be exploited to improve security and privacy in the critical scenario of vehicular networks (VN), especially existing authentication and revocation issues. In particular, we analyze the security challenges in VN and describe three deployment models for vehicular edge computing, which refrain from using vehicular- to-vehicular communications. The result is that the burden imposed to vehicles is considerably reduced without sacrificing the security or functional features expected in vehicular scenarios.Impact Factor: 5.863Journal Citation Reports® Science Edition (Thomson Reuters, 2017)
- "Tracking APTs in Industrial Ecosystems: A Proof of Concept",
Journal of Computer Security, Elsevier, In Press. (I.F.: 2.650)Impact Factor: 2.650Journal Citation Reports® Science Edition (Thomson Reuters, 2017)
- "Current Cyber-Defense Trends in Industrial Control Systems",
Computers & Security Journal, Elsevier, 07/2019. DOI (I.F.: 2.650)
Advanced Persistent Threats (APTs) have become a serious hazard for any critical infrastructure, as a single solution to protect all industrial assets from these complex attacks does not exist. It is then essential to understand what are the defense mechanisms that can be used as a first line of defense. For this purpose, this article will firstly study the spectrum of attack vectors that APTs can use against existing and novel elements of an industrial ecosystem. Afterwards, this article will provide an analysis of the evolution and applicability of Intrusion Detection Systems (IDS) that have been proposed in both the industry and academia.Impact Factor: 2.650Journal Citation Reports® Science Edition (Thomson Reuters, 2017)
- "Immune System for the Internet of Things using Edge Technologies",
IEEE Internet of Things Journal, vol. 6, issue 3, IEEE Computer Society, pp. 4774-4781, 06/2019. DOI (I.F.: 5.863)
The Internet of Things (IoT) and Edge Computing are starting to go hand in hand. By providing cloud services close to end-users, edge paradigms enhance the functionality of IoT deployments, and facilitate the creation of novel services such as augmented systems. Furthermore, the very nature of these paradigms also enables the creation of a proactive defense architecture, an immune system, which allows authorized immune cells (e.g., virtual machines) to traverse edge nodes and analyze the security and consistency of the underlying IoT infrastructure. In this article, we analyze the requirements for the development of an immune system for the IoT, and propose a security architecture that satisfies these requirements. We also describe how such a system can be instantiated in Edge Computing infrastructures using existing technologies. Finally, we explore the potential application of immune systems to other scenarios and purposes.Impact Factor: 5.863Journal Citation Reports® Science Edition (Thomson Reuters, 2017)
- "Evolution and Trends in the Security of the Internet of Things",
IEEE Computer, vol. 51, issue 7, IEEE Computer Society, pp. 16-25, 07/2018. DOI (I.F.: 1.940)Impact Factor: 1.940Journal Citation Reports® Science Edition (Thomson Reuters, 2017)
- "Mobile edge computing, Fog et al.: A survey and analysis of security threats and challenges",
Future Generation Computer Systems, vol. 78, issue 1, Elsevier, pp. 680-698, 01/2018. DOI (I.F.: 4.639)
For various reasons, the cloud computing paradigm is unable to meet certain requirements (e.g. low latency and jitter, context awareness, mobility support) that are crucial for several applications (e.g. vehicular networks, augmented reality). To fulfil these requirements, various paradigms, such as fog computing, mobile edge computing, and mobile cloud computing, have emerged in recent years. While these edge paradigms share several features, most of the existing research is compartmentalised; no synergies have been explored. This is especially true in the field of security, where most analyses focus only on one edge paradigm, while ignoring the others. The main goal of this study is to holistically analyse the security threats, challenges, and mechanisms inherent in all edge paradigms, while highlighting potential synergies and venues of collaboration. In our results, we will show that all edge paradigms should consider the advances in other paradigms.Impact Factor: 4.639Journal Citation Reports® Science Edition (Thomson Reuters, 2017)
- "Digital Witness: Safeguarding Digital Evidence by using Secure Architectures in Personal Devices",
IEEE Network, IEEE Communications Society, pp. 12-19, 2016. DOI (I.F.: 7.230)
Personal devices contain electronic evidence associated with the behaviour of their owners and other devices in their environment, which can help clarify the facts of a cyber-crime scene. These devices are usually analysed as containers of proof. However, it is possible to harness the boom of personal devices to define the concept of digital witnesses, where personal devices are able to actively acquire, store, and transmit digital evidence to an authorised entity, reliably and securely. This article introduces this novel concept, providing a preliminary analysis on the management of digital evidence and the technologies that can be used to implement it with security guarantees in IoT environments. Moreover, the basic building blocks of a digital witness are defined.Impact Factor: 7.230Journal Citation Reports® Science Edition (Thomson Reuters, 2016)
- "On the features and challenges of security and privacy in distributed internet of things",
Computer Networks, vol. 57, Elsevier, pp. 2266–2279, July 2013. DOI (I.F.: 1.282)
In the Internet of Things, services can be provisioned using centralized architectures, where central entities acquire, process, and provide information. Alternatively, distributed architectures, where entities at the edge of the network exchange information and collaborate with each other in a dynamic way, can also be used. In order to understand the applicability and viability of this distributed approach, it is necessary to know its advantages and disadvantages – not only in terms of features but also in terms of security and privacy challenges. The purpose of this paper is to show that the distributed approach has various challenges that need to be solved, but also various interesting properties and strengths.Impact Factor: 1.282Journal Citation Reports® Science Edition (Thomson Reuters, 2013)
- Sensors, Internet of Things section - MDPI
- International Journal on Advances in Security - IARIA
- Guest Editor:
- International Journal of Information Security - Springer ("IoT Security and Privacy")
- Journal of Security and Communication Networks - Wiley ("Security in a Completely Interconnected World")
- Journal of Security and Communication Networks - Wiley ("Protecting the Internet of Things")
- Journal of Communication Systems - Wiley ("Advanced Processing Technologies and Applications for Mobile Communication Systems")
- General (co)chair:
- 2011: ACNS
- 2010: SecIoT
- Program (co)chair:
- 2019: EuroSPEC
- 2012: SecIoT
- 2011: IWCS
- Program committee member (last 5 years):
- 2019: SIoT
- 2018: CPSS, SePrIoT, SPIoT
- 2017: SIoT
- 2016: TrustBus, WISTP, SIoT, ISI WIC, ICCVE
- 2015: SIoT
- Organization committee member:
- 2008: ESORICS
- 2007: CRITIS, EuroPKI,JITEL
- IEEE, member.