Pérez-Díaz, Jaime; Almenares-Mendoza, Florina Authorisation models for IoT environments: A survey Journal Article In: www.elsevier.com/locate/iot, 2024, ISSN: 2542-6605. Abstract | Links | BibTeX | Tags: ABAC, compromise, DAC, I-Shaper, IoT, MAC, Models, Platforms, Qursa, RBAC, Security Blanco-Romero, Javier; Lorenzo, Vicente; Almenares, Florina; Díaz-Sánchez, Daniel; and Celeste Campo,; García-Rubio, Carlos Integrating Post-Quantum Cryptography into CoAP and MQTT-SN Protocols Conference 2024 IEEE Symposium on Computers and Communications (ISCC), IEEE, 2024, ISBN: 979-8-3503-5424-9. Abstract | Links | BibTeX | Tags: coap, compromise, cryptography, I-Shaper, IoT, MQTT-SN, Post-Quantum Cryptography, PQC, Protocols, Qursa Gutierrez-Portela, Fernando; Arteaga-Arteaga, Harold-Brayan; Almenares-Mendoza, Florina; Calderon-Benavides, Liliana; Acosta-Mesa, Héctor-Gabriel; Tabares-Soto, Reinel Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI) Journal Article In: IEEE Access, vol. 11, pp. 70542 - 70559, 2023, ISSN: 2169-3536. Abstract | Links | BibTeX | Tags: compromise, intrusion detection system, IoT Perez-Diaz, Jaime; Almenares-Mendoza, Florina Integrating an optimised PUF-based authentication scheme in OSCORE Proceedings Article In: Ad Hoc Networks Journal, 2022, ISSN: 1570-8705. Abstract | Links | BibTeX | Tags: coap, compromise, cynamon, IoT, mqtt, protocol security Seoane-Merida, Victor; Almenares-Mendoza, Florina; Campo-Vázquez, Celeste; García-Rubio, Carlos Performance Evaluation of the CoAP Protocol with Security Support for IoT Environments Conference PE-WASUN '20: Proceedings of the 17th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, ASSOCIATION FOR COMPUTING MACHINERY, INC , 2020, ISBN: 978-1-4503-8118-5. Abstract | Links | BibTeX | Tags: coap, cynamon, DTLS, IoT, magos, Performance evaluation Rubio-Drosdov, Eugenio; Díaz-Sánchez, Daniel; Marín-López, Andrés; Almenares-Mendoza, Florina A Framework for Microservice Migration and Performance Assessment Proceedings Article In: pp. 291 - 299, 2020, ISBN: 978-1-4503-5988-7. Abstract | Links | BibTeX | Tags: cynamon, inteligenciafuentesabiertas, IoT, microservices, smart grids, testing Martí, Mónica; García-Rubio, Carlos; Campo-Vázquez, Celeste Performance Evaluation of CoAP and MQTT_SN in an IoT Environment Conference Proceedings of 13th International Conference on Ubiquitous Computing and Ambient Intelligence UCAmI 2019, MDPI AG , 2019. Abstract | Links | BibTeX | Tags: coap, Energy consumption, inrisco, IoT, magos, MQTT_SN, wsn Díaz-Sánchez, Daniel; Marín-López, Andrés; Almenares-Mendoza, Florina; Arias-Cabarcos, Patricia DNS-Based Dynamic Authentication for Microservices in IoT Proceedings Article In: pp. 1-11, 2018, ISSN: 2504-3900. Abstract | Links | BibTeX | Tags: chameleon signatures, DANE, DNSSEC, inteligenciafuentesabiertas, IoT, microservices Diaz-Sánchez, Daniel; Sherratt, Simon; Arias, Patricia; Almenarez, Florina; Marín, Andrés Enabling actor model for crowd sensing and IoT Proceedings Article In: IEEE, 2015, ISSN: 0747-668X. Abstract | Links | BibTeX | Tags: Cloud computing, emrisco, IoT, Wireless communication Familiar, Miguel; Martínez, Jose; García-Rubio, Carlos Service architecting and dynamic composition in pervasive smart ecosystems for the internet of things based on sensor network technology Journal Article In: Journal of Ambient Intelligence and Smart Environments , vol. 6, iss. 3, pp. 331-333, 2014, ISBN: 1876-1364. Abstract | Links | BibTeX | Tags: IoT, pervasive smart ecosystems2024
@article{almenarez018,
title = {Authorisation models for IoT environments: A survey},
author = {Jaime Pérez-Díaz and Florina Almenares-Mendoza},
url = {https://www.sciencedirect.com/science/article/pii/S2542660524003718?via%3Dihub#d1e3887},
doi = {https://doi.org/10.1016/j.iot.2024.101430},
issn = {2542-6605},
year = {2024},
date = {2024-11-23},
urldate = {2024-11-23},
journal = { www.elsevier.com/locate/iot},
abstract = {Authorization models are pivotal in the Internet of Things (IoT) ecosystem, ensuring secure management of data access and communication. These models function after authentication, determining the specific actions that a device is allowed to perform. This paper aims to provide a comprehensive and comparative analysis of authorization solutions within IoT contexts, based on the requirements identified from the existing literature. We critically assess the functionalities and capabilities of various authorization solutions, particularly those designed for IoT cloud platforms and distributed architectures. Our findings highlight the urgent need for further development of authorization models optimized for the unique demands of IoT environments. Consequently, we address both the persistent challenges and the gaps within this domain. As IoT continues to reshape the technological landscape, the refinement and adaptation of authorization models remain imperative ongoing pursuits.},
keywords = {ABAC, compromise, DAC, I-Shaper, IoT, MAC, Models, Platforms, Qursa, RBAC, Security},
pubstate = {published},
tppubtype = {article}
}
@conference{javierblanco002,
title = {Integrating Post-Quantum Cryptography into CoAP and MQTT-SN Protocols},
author = {Javier Blanco-Romero and Vicente Lorenzo and Florina Almenares and Daniel Díaz-Sánchez and and Celeste Campo and Carlos García-Rubio},
url = {https://ieeexplore.ieee.org/abstract/document/10733716/figures#figures},
doi = {https://doi.org/10.1109/ISCC61673.2024.10733716},
isbn = {979-8-3503-5424-9},
year = {2024},
date = {2024-10-31},
urldate = {2024-10-31},
booktitle = {2024 IEEE Symposium on Computers and Communications (ISCC)},
publisher = {IEEE},
abstract = {Post-Quantum Cryptography (PQC) is a practical and cost-effective solution to defend against emerging quantum computing threats. So, leading worldwide security agencies and standardization bodies strongly advocate for the proactive integration of PQ cryptography into underlying frameworks to support applications, protocols, and services. The current research predominantly addresses the incorporation of PQC in Internet communication protocols such as HTTP and DNS; nevertheless, the focus on embedded devices has been limited to evaluating PQC’s integration within TLS/DTLS in isolation. Hence, there is a notable gap in understanding how PQC impacts IoT-specific communication protocols. This paper presents the integration of PQC into two communication protocols specifically tailored for IoT devices, the Constrained Application Protocol (CoAP) and MQTT for Sensor Networks (MQTT-SN), via the wolfSSL library. These two integrations contribute to the understanding of PQC’s implications for IoT communication protocols.},
keywords = {coap, compromise, cryptography, I-Shaper, IoT, MQTT-SN, Post-Quantum Cryptography, PQC, Protocols, Qursa},
pubstate = {published},
tppubtype = {conference}
}
2023
@article{almenarez017,
title = {Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)},
author = {Fernando Gutierrez-Portela and Harold-Brayan Arteaga-Arteaga and Florina Almenares-Mendoza and Liliana Calderon-Benavides and Héctor-Gabriel Acosta-Mesa and Reinel Tabares-Soto},
url = {https://ieeexplore.ieee.org/document/10172186},
doi = {https://doi.org/10.1109/ACCESS.2023.3292267},
issn = {2169-3536},
year = {2023},
date = {2023-07-04},
urldate = {2023-07-04},
journal = {IEEE Access},
volume = {11},
pages = {70542 - 70559},
abstract = {One of the fields where Artificial Intelligence (AI) must continue to innovate is computer security. The integration of Wireless Sensor Networks (WSN) with the Internet of Things (IoT) creates ecosystems of attractive surfaces for security intrusions, being vulnerable to multiple and simultaneous attacks. This research evaluates the performance of supervised ML techniques for detecting intrusions based on network traffic captures. This work presents a new balanced dataset (IDSAI) with intrusions generated in attack environments in a real scenario. This new dataset has been provided in order to contrast model generalization from different datasets. The results show that for the detection of intruders, the best supervised algorithms are XGBoost, Gradient Boosting, Decision Tree, Random Forest, and Extra Trees, which can generate predictions when trained and predicted with ten specific intrusions (such as ARP spoofing, ICMP echo request Flood, TCP Null, and others), both of binary form (intrusion and non-intrusion) with up to 94% of accuracy, as multiclass form (ten different intrusions and non-intrusion) with up to 92% of accuracy. In contrast, up to 90% of accuracy is achieved for prediction on the Bot-IoT dataset using models trained with the IDSAI dataset.},
keywords = {compromise, intrusion detection system, IoT},
pubstate = {published},
tppubtype = {article}
}
2022
@inproceedings{almenarez007,
title = {Integrating an optimised PUF-based authentication scheme in OSCORE},
author = {Jaime Perez-Diaz and Florina Almenares-Mendoza },
doi = {https://doi.org/10.1016/j.adhoc.2022.103038},
issn = {1570-8705},
year = {2022},
date = {2022-11-23},
urldate = {2022-11-23},
volume = {140},
publisher = {Ad Hoc Networks Journal},
abstract = {Due to the growth in the amount and type of connected devices, mainly IoT devices, new scalable, lightweight and security-aware protocols, e.g., CoAP and MQTT, have been defined. For the definition of these protocols, the axioms concerning security must cover all the needs regarding authentication, confidentiality, integrity and availability of both devices and servers.
CoAP specifies mainly protocol security based on the transport layer through DTLS. Nevertheless, OSCORE (Object Security for Constrained RESTful Environments) has been recently defined to support end-to-end protection of RESTful interactions over the CoAP protocol. It was designed for constrained devices and networks supporting a range of proxy operations, including translation between different transport protocols. The main challenge presents in OSCORE is the establishment and exchange of pre-shared keys required to protect data. For that, this paper defines how use an optimised version of SRAM-based PUF (Physical Unclonable Functions) for a secure authentication, key establishment and exchanging model. The proposal has been implemented and evaluated in a scenario including IoT devices.},
keywords = {coap, compromise, cynamon, IoT, mqtt, protocol security},
pubstate = {published},
tppubtype = {inproceedings}
}
CoAP specifies mainly protocol security based on the transport layer through DTLS. Nevertheless, OSCORE (Object Security for Constrained RESTful Environments) has been recently defined to support end-to-end protection of RESTful interactions over the CoAP protocol. It was designed for constrained devices and networks supporting a range of proxy operations, including translation between different transport protocols. The main challenge presents in OSCORE is the establishment and exchange of pre-shared keys required to protect data. For that, this paper defines how use an optimised version of SRAM-based PUF (Physical Unclonable Functions) for a secure authentication, key establishment and exchanging model. The proposal has been implemented and evaluated in a scenario including IoT devices.2020
@conference{campo016b,
title = {Performance Evaluation of the CoAP Protocol with Security Support for IoT Environments},
author = {Victor Seoane-Merida and Florina Almenares-Mendoza and Celeste Campo-Vázquez and Carlos García-Rubio},
doi = {https://doi.org/10.1145/3416011.3424754},
isbn = {978-1-4503-8118-5},
year = {2020},
date = {2020-11-09},
urldate = {2020-11-09},
booktitle = {PE-WASUN '20: Proceedings of the 17th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks},
pages = {41-48},
publisher = {ASSOCIATION FOR COMPUTING MACHINERY, INC },
abstract = {Internet of Things (IoT) can be defined as the interconnection through Internet of an unprecedented number of devices with the purpose of exchanging data. It stands as one of the most popular technologies for the following years and it is requiring substantial changes in the Internet protocols to meet its requirements. As the application layer is decisive for the quality of the connection, this paper analyzes the performance offered by one of the most popular protocols for the application layer in IoT: the Constrained Application Protocol (CoAP). This analysis aims to examine the features and capabilities of this protocol and to determine its feasibility to operate under constrained devices using security support. For this, a realistic network scenario is deployed to run the simulations and to measure bandwidth, consumption of resources (i.e., CPU cycles and bandwidth usage) and communication latency. Additionally, the trade-off between security and performance is discussed measuring the bandwidth overhead and the consumption increase associated to secure the communications. Different ciphering and authentication algorithms are tested, following the recommendations made by the Internet Engineering Task Force (IETF).},
keywords = {coap, cynamon, DTLS, IoT, magos, Performance evaluation},
pubstate = {published},
tppubtype = {conference}
}
@inproceedings{pa059,
title = {A Framework for Microservice Migration and Performance Assessment},
author = {Eugenio Rubio-Drosdov and Daniel Díaz-Sánchez and Andrés Marín-López and Florina Almenares-Mendoza},
doi = {doi:10.3233/AISE200053},
isbn = {978-1-4503-5988-7},
year = {2020},
date = {2020-06-25},
urldate = {2020-06-25},
pages = {291 - 299},
abstract = {In a large Smart Grid, smart meters produce tremendous amount of data that are hard to process, analyze and store. Fog computing is an environment that offers a place for collecting, computing and storing smart meter data before transmitting them to the cloud. Due to the distributed, heterogeneous and resource constrained nature of the fog computing nodes, fog applications need to be developed as a collection of interdependent, lightweight modules. Since this concept aligns with the goals of microservices architecture (MSA), efficient placement of microservices-based Smart Grid applications within fog environments has the potential to fully leverage capabilities of fog devices. Microservice architecture is an emerging software architectural style. It is based on microservices to provide several advantages over a monolithic solution, such as autonomy, composability, scalability, and fault-tolerance. However, optimizing the migration of microservices from one fog environment to other while assuring certain quality is still a big issue that needs to be addressed. In this paper, we propose an approach for assisting the migration of microservices in MSA-based Smart Grid systems, based on the analysis of their performance within the possible candidate destinations. Developers create microservices that will be eventually deployed at a given infrastructure. Either the developer, cosidering the design, or the entity deploying the service have a good knowledge of the quality required by the microservice. Due to that, they can create tests that determine if a destination meets the requirements of a given microservice and embed these tests as part of the microservice. Our goal is to automate the execution of performance tests by attaching a specification that contains the test parameters to each microservice.},
keywords = {cynamon, inteligenciafuentesabiertas, IoT, microservices, smart grids, testing},
pubstate = {published},
tppubtype = {inproceedings}
}
2019
@conference{campo017,
title = {Performance Evaluation of CoAP and MQTT_SN in an IoT Environment},
author = {Mónica Martí and Carlos García-Rubio and Celeste Campo-Vázquez },
doi = {https://doi.org/10.3390/proceedings2019031049},
year = {2019},
date = {2019-11-20},
urldate = {2019-11-20},
booktitle = {Proceedings of 13th International Conference on Ubiquitous Computing and Ambient Intelligence UCAmI 2019},
publisher = {MDPI AG },
abstract = {The fast growth of the Internet of Things (IoT) has made this technology one of the most promising paradigms of recent years. Wireless Sensor Networks (WSNs) are one of the most important challenges of the Internet of things. These networks are made up of devices with limited processing power, memory, and energy. The constrained nature of WSNs makes it necessary to have specific restricted protocols to work in these environments. In this paper, we present an energy consumption and network traffic study of the main IoT application layer protocols, the Constrained Application Protocol (CoAP), and the version of Message Queue Telemetry Transport (MQTT) for sensor networks (MQTT_SN). The simulations presented evaluate the performance of these protocols with different network configurations.},
keywords = {coap, Energy consumption, inrisco, IoT, magos, MQTT_SN, wsn},
pubstate = {published},
tppubtype = {conference}
}
2018
@inproceedings{pa055,
title = {DNS-Based Dynamic Authentication for Microservices in IoT},
author = {Daniel Díaz-Sánchez and Andrés Marín-López and Florina Almenares-Mendoza and Patricia Arias-Cabarcos},
url = {https://www.mdpi.com/2504-3900/2/19/1233},
doi = {https://doi.org/10.3390/proceedings2191233},
issn = {2504-3900},
year = {2018},
date = {2018-10-25},
pages = {1-11},
abstract = {IoT devices provide with real-time data to a rich ecosystems of services and applications that will be of uttermost importance for ubiquitous computing. The volume of data and the involved subscribe/notify signaling will likely become a challenge also for access and core netkworks. Designers may opt for microservice architectures and fog computing to address this challenge while offering the required flexibility for the main players of ubiquitous computing: nomadic users. Microservices require strong security support for Fog computing, to rely on nodes in the boundary of the network for secure data collection and processing. IoT low cost devices face outdated certificates and security support, due to the elapsed time from manufacture to deployment. In this paper we propose a solution based on microservice architectures and DNSSEC, DANE and chameleon signatures to overcome these difficulties. We will show how trap doors included in the certificates allow a secure and flexible delegation for off-loading data collection and processing to the fog. The main result is showing this requires minimal manufacture device configuration, thanks to DNSSEC support.},
keywords = {chameleon signatures, DANE, DNSSEC, inteligenciafuentesabiertas, IoT, microservices},
pubstate = {published},
tppubtype = {inproceedings}
}
2015
@inproceedings{pa006,
title = {Enabling actor model for crowd sensing and IoT},
author = {Daniel Diaz-Sánchez and Simon Sherratt and Patricia Arias and Florina Almenarez and Andrés Marín},
url = {https://ieeexplore.ieee.org/document/7177779},
doi = {https://doi.org/10.1109/ISCE.2015.7177779},
issn = {0747-668X},
year = {2015},
date = {2015-08-06},
urldate = {2015-08-06},
publisher = {IEEE},
abstract = {The cloud is playing a very important role in wireless sensor network, crowd sensing and IoT data collection and processing. However, current cloud solutions lack of some features that hamper the innovation a number of other new services. We propose a cloud solution that provides these missing features as multi-cloud and device multi-tenancy relying in a whole different fully distributed paradigm, the actor model.},
keywords = {Cloud computing, emrisco, IoT, Wireless communication},
pubstate = {published},
tppubtype = {inproceedings}
}
2014
@article{garciarubio006,
title = {Service architecting and dynamic composition in pervasive smart ecosystems for the internet of things based on sensor network technology},
author = {Miguel Familiar and Jose Martínez and Carlos García-Rubio },
doi = {https://doi.org/10.3233/ais-140262},
isbn = {1876-1364},
year = {2014},
date = {2014-05-05},
urldate = {2014-05-05},
journal = {Journal of Ambient Intelligence and Smart Environments },
volume = {6},
issue = {3},
pages = {331-333},
publisher = {Journal of Ambient Intelligence and Smart Environments},
abstract = {The present article summarizes the doctoral dissertation of Miguel S. Familiar.},
keywords = {IoT, pervasive smart ecosystems},
pubstate = {published},
tppubtype = {article}
}
Publications
Authorisation models for IoT environments: A survey Journal Article In: www.elsevier.com/locate/iot, 2024, ISSN: 2542-6605. Integrating Post-Quantum Cryptography into CoAP and MQTT-SN Protocols Conference 2024 IEEE Symposium on Computers and Communications (ISCC), IEEE, 2024, ISBN: 979-8-3503-5424-9. Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI) Journal Article In: IEEE Access, vol. 11, pp. 70542 - 70559, 2023, ISSN: 2169-3536. Integrating an optimised PUF-based authentication scheme in OSCORE Proceedings Article In: Ad Hoc Networks Journal, 2022, ISSN: 1570-8705. Performance Evaluation of the CoAP Protocol with Security Support for IoT Environments Conference PE-WASUN '20: Proceedings of the 17th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, ASSOCIATION FOR COMPUTING MACHINERY, INC , 2020, ISBN: 978-1-4503-8118-5. A Framework for Microservice Migration and Performance Assessment Proceedings Article In: pp. 291 - 299, 2020, ISBN: 978-1-4503-5988-7. Performance Evaluation of CoAP and MQTT_SN in an IoT Environment Conference Proceedings of 13th International Conference on Ubiquitous Computing and Ambient Intelligence UCAmI 2019, MDPI AG , 2019. DNS-Based Dynamic Authentication for Microservices in IoT Proceedings Article In: pp. 1-11, 2018, ISSN: 2504-3900. Enabling actor model for crowd sensing and IoT Proceedings Article In: IEEE, 2015, ISSN: 0747-668X. Service architecting and dynamic composition in pervasive smart ecosystems for the internet of things based on sensor network technology Journal Article In: Journal of Ambient Intelligence and Smart Environments , vol. 6, iss. 3, pp. 331-333, 2014, ISBN: 1876-1364.2024
2023
2022
2020
2019
2018
2015
2014