Forné, Jordi; Hinarejos, Francisca; Marín, Andrés; Almenárez, Florina; Lopez, Javier; Montenegro, Jose A.; Lacoste, Marc; Díaz, Daniel Pervasive authentication and authorization infrastructures for mobile users Journal Article In: COMPUTERS & SECURITY, vol. 29, iss. 4, pp. 501-514, 2009, ISSN: 0167-4048. Abstract | Links | BibTeX | Tags: authentication, Authorization, ITACA, security architecture, trust, Ubiquitous computing, Ubisec Díaz-Sánchez, Daniel; Marín, Andrés; Almenarez, Florina; García-Rubio, Carlos; Campo, Celeste Interaction Distance determination with PervsIM Proceedings Article In: 15th IST Mobile And Wireless Communication Summit, pp. 1-8, 2006. Campo, Celeste; Almenárez, Florina; Díaz, Daniel; García-Rubio, Carlos; Marín-López, Andrés Secure Service Discovery based on Trust Management for ad-hoc Networks Journal Article In: Journal of Universal Computer Science, vol. 12, no. 3, pp. 340-356, 2006, ISSN: 0948-695X. Abstract | Links | BibTeX | Tags: ad-hoc networks, everyware, iteaeasywireless, Security, service discovery protocol, trust, Ubisec Almenarez, Florina; Marin, Andrés; Diaz, Daniel; Sanchez, Juan Developing a model for trust management in pervasive devices Proceedings Article In: Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06), Institute of Electrical and Electronics Engineers (IEEE), 2006, ISBN: 0-7695-2520-2. Abstract | Links | BibTeX | Tags: mathematical model, peer to peer computing, Pervasive computing, Protection, Ubisec Almenarez, Florina; Díaz, Daniel; Marín, Andrés Secure Ad-Hoc mBusiness: Enhancing WindowsCE Security Journal Article In: Lecture Notes In Computer Sciences, vol. 3184, pp. 90-99, 2004, ISSN: 0302-9743. Abstract | Links | BibTeX | Tags: EasyWireless, everyware, Mutual Authentication, Smart Card, Trust Degree, Trust Relationship, Trusted Third Party, Ubisec2009
@article{marin001,
title = {Pervasive authentication and authorization infrastructures for mobile users},
author = {Jordi Forné and Francisca Hinarejos and Andrés Marín and Florina Almenárez and Javier Lopez and Jose A. Montenegro and Marc Lacoste and Daniel Díaz},
url = {https://www.sciencedirect.com/science/article/pii/S0167404809000911?via%3Dihub},
doi = {https://doi.org/10.1016/j.cose.2009.09.001},
issn = {0167-4048},
year = {2009},
date = {2009-09-25},
urldate = {2009-09-25},
journal = {COMPUTERS & SECURITY},
volume = {29},
issue = {4},
pages = {501-514},
abstract = {Network and device heterogeneity, nomadic mobility, intermittent connectivity and, more generally, extremely dynamic operating conditions, are major challenges in the design of security infrastructures for pervasive computing. Yet, in a ubiquitous computing environment, limitations of traditional solutions for authentication and authorization can be overcome with a pervasive public key infrastructure (pervasive-PKI). This choice allows the validation of credentials of users roaming between heterogeneous networks, even when global connectivity is lost and some services are temporarily unreachable. Proof-of-concept implementations and testbed validation results demonstrate that strong security can be achieved for users and applications through the combination of traditional PKI services with a number of enhancements like: (i) dynamic and collaborative trust model, (ii) use of attribute certificates for privilege management, and (iii) modular architecture enabling nomadic mobility and enhanced with reconfiguration capabilities.},
keywords = {authentication, Authorization, ITACA, security architecture, trust, Ubiquitous computing, Ubisec},
pubstate = {published},
tppubtype = {article}
}
2006
@inproceedings{pa051,
title = {Interaction Distance determination with PervsIM},
author = {Daniel Díaz-Sánchez and Andrés Marín and Florina Almenarez and Carlos García-Rubio and Celeste Campo},
year = {2006},
date = {2006-06-30},
urldate = {2006-06-30},
booktitle = {15th IST Mobile And Wireless Communication Summit},
pages = {1-8},
keywords = {Ubisec},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{campo001,
title = {Secure Service Discovery based on Trust Management for ad-hoc Networks},
author = {Celeste Campo and Florina Almenárez and Daniel Díaz and Carlos García-Rubio and Andrés Marín-López},
url = {https://www.jucs.org/jucs_12_3/secure_service_discovery_based.html
https://lib.jucs.org/article/28594/},
doi = {http://dx.doi.org/10.3217/jucs-012-03-0340},
issn = {0948-695X},
year = {2006},
date = {2006-03-28},
urldate = {2006-03-28},
journal = {Journal of Universal Computer Science},
volume = {12},
number = {3},
pages = {340-356},
abstract = {In ad-hoc networks, mobile devices communicate via wireless links without the aid of any fixed networking infrastructure. These devices must be able to
discover services dynamically and share them safely, taking into account ad-hoc networks requirements such as limited processing and communication power, decentralised
management, and dynamic network topology, among others. Legacy solutions fail in
addressing these requirements.
In this paper, we propose a service discovery protocol with security features, the Secure
Pervasive Discovery Protocol. SPDP is a fully distributed protocol in which services
offered by devices can be discovered by others, without a central server. It is based on an
anarchy trust model, which provides location of trusted services, as well as protection
of confidential information, secure communications, or access control.},
keywords = {ad-hoc networks, everyware, iteaeasywireless, Security, service discovery protocol, trust, Ubisec},
pubstate = {published},
tppubtype = {article}
}
discover services dynamically and share them safely, taking into account ad-hoc networks requirements such as limited processing and communication power, decentralised
management, and dynamic network topology, among others. Legacy solutions fail in
addressing these requirements.
In this paper, we propose a service discovery protocol with security features, the Secure
Pervasive Discovery Protocol. SPDP is a fully distributed protocol in which services
offered by devices can be discovered by others, without a central server. It is based on an
anarchy trust model, which provides location of trusted services, as well as protection
of confidential information, secure communications, or access control.@inproceedings{pa052,
title = {Developing a model for trust management in pervasive devices},
author = {Florina Almenarez and Andrés Marin and Daniel Diaz and Juan Sanchez},
url = {https://ieeexplore.ieee.org/document/1598984},
doi = {https://doi.org/10.1109/PERCOMW.2006.41},
isbn = {0-7695-2520-2},
year = {2006},
date = {2006-03-27},
urldate = {2006-03-27},
booktitle = {Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06)},
publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
abstract = {Pervasive devices interacting in open and dynamic spaces with each others require a mechanism that allows them acting autonomously in a secure way and protecting their resources. Trust is fundamental to establish communication with other users, because the identity is often uncertain and on one's own does not provide trust information, for instance, could an unknown user be trustworthy? Nowadays, these devices have a so limited security support. So, we propose a simple trust management model to enhance such support, allowing them interact in ad hoc networks and peer-to-peer applications in a secure way. In this paper, our main contribution is a mathematical and a probabilistic model, as well as demonstrating the model feasibility, since it has been assessed through the prototype implementation, which has been tested in a Pocket PC},
keywords = {mathematical model, peer to peer computing, Pervasive computing, Protection, Ubisec},
pubstate = {published},
tppubtype = {inproceedings}
}
2004
@article{10.1007/978-3-540-30079-3_10,
title = {Secure Ad-Hoc mBusiness: Enhancing WindowsCE Security},
author = {Florina Almenarez and Daniel Díaz and Andrés Marín},
editor = {Sokratis Katsikas and Javier Lopez and Günther Pernul},
url = {https://link.springer.com/chapter/10.1007/978-3-540-30079-3_10
https://doi.org/10.1007/978-3-540-30079-3_10},
doi = {10.1007/978-3-540-30079-3_10},
issn = {0302-9743},
year = {2004},
date = {2004-01-01},
urldate = {2004-01-01},
journal = {Lecture Notes In Computer Sciences},
volume = {3184},
pages = {90-99},
publisher = {Springer Berlin Heidelberg},
address = {Berlin, Heidelberg},
abstract = {Nowadays we can perform business transactions with remote servers interconnected to Internet using our personal devices. These transactions can also be possible without any infrastructure in pure ad-hoc networks. In both cases, interacting parts are often unknown, therefore, they require some mechanism to establish ad-hoc trust relationships and perform secure transactions. Operating systems for mobile platforms support secure communication and authentication, but this support is based on hierarchical PKI. For wireless communications, they use the (in)secure protocol WEP. This paper presents a WCE security enhanced architecture allowing secure transactions, mutual authentication, and access control based on dynamic management of the trusted certificate list. We have successfully implemented our own CSP to support the new certificate management and data ciphering.},
keywords = {EasyWireless, everyware, Mutual Authentication, Smart Card, Trust Degree, Trust Relationship, Trusted Third Party, Ubisec},
pubstate = {published},
tppubtype = {article}
}
Publications
Pervasive authentication and authorization infrastructures for mobile users Journal Article In: COMPUTERS & SECURITY, vol. 29, iss. 4, pp. 501-514, 2009, ISSN: 0167-4048. Interaction Distance determination with PervsIM Proceedings Article In: 15th IST Mobile And Wireless Communication Summit, pp. 1-8, 2006. Secure Service Discovery based on Trust Management for ad-hoc Networks Journal Article In: Journal of Universal Computer Science, vol. 12, no. 3, pp. 340-356, 2006, ISSN: 0948-695X. Developing a model for trust management in pervasive devices Proceedings Article In: Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06), Institute of Electrical and Electronics Engineers (IEEE), 2006, ISBN: 0-7695-2520-2. Secure Ad-Hoc mBusiness: Enhancing WindowsCE Security Journal Article In: Lecture Notes In Computer Sciences, vol. 3184, pp. 90-99, 2004, ISSN: 0302-9743.2009
2006
2004