Arias-Cabarcos, Patricia; Almenárez-Mendoza, Florina; Marín-López, Andrés; Díaz-Sánchez, Daniel; Sánchez-Guerrero, Rosa A Metric-Based Approach to Assess Risk for "On Cloud" Federated Identity Management Journal Article In: Journal of Network and Systems Management, vol. 20, iss. 4, pp. 513-533, 2012, ISSN: 1573-7705. Abstract | Links | BibTeX | Tags: Cloud computing, consequence, federation, risk assessment, SAML, servicioseguridad, Trust management Sanvido, Fabio; Díaz-Sánchez, Daniel; Almenárez-Mendoza, Florina; Marín-López, Andrés Dynamic Negotiation Layer for Secure Semantic Service Oriented Architectures Proceedings Article In: UBICOMM 2011 : The Fifth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, pp. 165 - 168, 2011, ISBN: 978-1-61208-171-7 . Abstract | Links | BibTeX | Tags: ontology interoperability, SAML, semantic policy, semantic services Almenárez, Florina; Arias, Patricia; Díaz-Sánchez, Daniel; Marín, Andrés; Sánchez., Rosa fedTV: Personal Networks Federation for IdM in Mobile DTV Journal Article In: IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, vol. 57, iss. 2, pp. 499 - 506, 2011, ISSN: 0098-3063. Abstract | Links | BibTeX | Tags: anot, anotacionsemantica, authentication, Digital TV, identity management, Mobile communication, Mobile computing, mobile DTV, Mobile handsets, Personal Network Federation, SAML, Trust management2012
@article{ariascabarcos001,
title = {A Metric-Based Approach to Assess Risk for "On Cloud" Federated Identity Management},
author = {Patricia Arias-Cabarcos and Florina Almenárez-Mendoza and Andrés Marín-López and Daniel Díaz-Sánchez and Rosa Sánchez-Guerrero },
url = {https://link.springer.com/article/10.1007/s10922-012-9244-2},
doi = {https://doi.org/10.1007/s10922-012-9244-2},
issn = {1573-7705},
year = {2012},
date = {2012-07-04},
urldate = {2012-07-04},
journal = {Journal of Network and Systems Management},
volume = {20},
issue = {4},
pages = {513-533},
abstract = {The cloud computing paradigm is set to become the next explosive revolution on the Internet, but its adoption is still hindered by security problems. One of the fundamental issues is the need for better access control and identity management systems. In this context, Federated Identity Management (FIM) is identified by researchers and experts as an important security enabler, since it will play a vital role in allowing the global scalability that is required for the successful implantation of cloud technologies. However, current FIM frameworks are limited by the complexity of the underlying trust models that need to be put in place before inter-domain cooperation. Thus, the establishment of dynamic federations between the different cloud actors is still a major research challenge that remains unsolved. Here we show that risk evaluation must be considered as a key enabler in evidence-based trust management to foster collaboration between cloud providers that belong to unknown administrative domains in a secure manner. In this paper, we analyze the Federated Identity Management process and propose a taxonomy that helps in the classification of the involved risks in order to mitigate vulnerabilities and threats when decisions about collaboration are made. Moreover, a set of new metrics is defined to allow a novel form of risk quantification in these environments. Other contributions of the paper include the definition of a generic hierarchical risk aggregation system, and a descriptive use-case where the risk computation framework is applied to enhance cloud-based service provisioning.
},
keywords = {Cloud computing, consequence, federation, risk assessment, SAML, servicioseguridad, Trust management},
pubstate = {published},
tppubtype = {article}
}
2011
@inproceedings{pa021,
title = {Dynamic Negotiation Layer for Secure Semantic Service Oriented Architectures},
author = {Fabio Sanvido and Daniel Díaz-Sánchez and Florina Almenárez-Mendoza and Andrés Marín-López
},
url = {https://d1wqtxts1xzle7.cloudfront.net/83301598/download_full-libre.pdf?1649227962=&response-content-disposition=inline%3B+filename%3D2011_Technical_Program_Committee_PECES_2.pdf&Expires=1712232629&Signature=VNZB3mTjl0twRnbwVDjheAym0V2F-5MxmOZn9hlYyDBFGrPQ6xahSqA~DoWxky9SL5qicmVX2u9cpKqLmk39IRcwzDt7QW4kIBlJrOHMHHU1XzQxcz6e-1jFvsHPLexu6T-vxyEWvcDR-9iFKKU1LzJdoNxCm09EpG5JQB0TAQGqCI5HYnLSXdYGQHSJhTse1og0Ap2cN7nZcKakGIUfky5dytM24gegfmiZv2hoegIxrx2V~KY0WnfCx1RqcNQ~wtiS8VnG4w5ha7YrNl7HEpwVn9ut~dINxDp81uBEK-eaRpXm0cyWkq9vd2N0l2Y4zp~WWFtl5HrIzPciziTW6A__&Key-Pair-Id=APKAJLOHF5GGSLRBV4ZA#page=178},
isbn = {978-1-61208-171-7 },
year = {2011},
date = {2011-12-12},
booktitle = {UBICOMM 2011 : The Fifth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies},
pages = {165 - 168},
abstract = {The approach of users connected anytime, anywhere, has led to merging isolated islands of enriched services environments into the WEB, leaving the user free to choose among an huge number of services. In this context the introduction of ontologies and the creation of semantic Web services mainly focus on using reasoners and planning algorithms to achieve automation in basic processes as discovery, composition and invocation. Nevertheless, there is a problem in standardizing one unique ontology that rises in alignment issues between the domain-specific ontologies on which semantic web service description language eventually rely. Moreover, there is no standardized processes that properly face privacy problem when participants require a graduate disclosure of domain sensitive information. We argue in this paper that a negotiation layer that could connect service consumer and service provider is necessary in order to overcome such limitations. The use of SAML as transverse security language is proposed.},
keywords = {ontology interoperability, SAML, semantic policy, semantic services},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{almenarez002,
title = {fedTV: Personal Networks Federation for IdM in Mobile DTV},
author = {Florina Almenárez and Patricia Arias and Daniel Díaz-Sánchez and Andrés Marín and Rosa Sánchez.},
url = {https://ieeexplore.ieee.org/document/5955185
https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5955185},
doi = {https://doi.org/10.1109/TCE.2011.5955185},
issn = {0098-3063},
year = {2011},
date = {2011-05-03},
urldate = {2011-05-03},
journal = {IEEE TRANSACTIONS ON CONSUMER ELECTRONICS},
volume = {57},
issue = {2},
pages = {499 - 506},
abstract = {Mobile Social TV and Mobile Video Blogging are new challenging scenarios arising from mobile and online DTV. They will allow for new interactions, and dynamically share content and delegate services. That requires the dynamic discovery, joining, and establishing new federations, emerging the trust management as an important facet for that. Such trust management should be autonomous, user-centric, and dynamic to cope with forthcoming applications. We propose an enhanced mobile client to support federated environments for cooperation in mobile DTV scenarios. Our proposal extends the Enhanced Client Profile defined in SAML v2, incorporating a trust management layer inside user's consumer electronic devices' software.},
keywords = {anot, anotacionsemantica, authentication, Digital TV, identity management, Mobile communication, Mobile computing, mobile DTV, Mobile handsets, Personal Network Federation, SAML, Trust management},
pubstate = {published},
tppubtype = {article}
}
Publications
A Metric-Based Approach to Assess Risk for "On Cloud" Federated Identity Management Journal Article In: Journal of Network and Systems Management, vol. 20, iss. 4, pp. 513-533, 2012, ISSN: 1573-7705. Dynamic Negotiation Layer for Secure Semantic Service Oriented Architectures Proceedings Article In: UBICOMM 2011 : The Fifth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, pp. 165 - 168, 2011, ISBN: 978-1-61208-171-7 . fedTV: Personal Networks Federation for IdM in Mobile DTV Journal Article In: IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, vol. 57, iss. 2, pp. 499 - 506, 2011, ISSN: 0098-3063.2012
2011