Callejo, Patricia; Gómez-Fernandez, Ignacio; Bagnulo, Marcelo “Animation” URL in NFT marketplaces considered harmful for privacy Journal Article In: International Journal of Information Security, 2024, ISSN: 1615-5270. Abstract | Links | BibTeX | Tags: Blockchain, I-Shaper, NFT, privacy Rojo-Rivas, MaríaIsabel; Díaz-Sánchez, Daniel; Almenarez, Florina; Marín-Lopez, Andrés Kriper: A blockchain network with permissioned storage Journal Article In: Future Generation Computer Systems, vol. 138, pp. 160-171, 2022, ISSN: 0167-739X. Abstract | Links | BibTeX | Tags: Access control, Blockchain, compromise, Confidentiality, cynamon, Distributed storage, Permissioned storage, privacy, ricon Chica-Manjarrez, Sergio; Marín-López, Andrés; Díaz-Sánchez, Daniel; Almenares-Mendoza, Florina On the Automation of Auditing in Power Grid Companies Proceedings Article In: Actas de congreso internacional, Citas Google 2, CORE C, pp. 331 - 340, 2020, ISBN: ISSN/ISBN) 978-1-4503-5988-7. Abstract | Links | BibTeX | Tags: auditing, containers, cynamon, inteligenciafuentesabiertas, privacy, scalability, Security Sánchez-Guerrero, Rosa; Almenárez-Mendoza, Florina; Díaz-Sánchez, Daniel; Arias-Cabarcos, Patricia; Marín-López, Andrés Collaborative eHealth Meets Security: Privacy-Enhancing Patient Profile Management Journal Article In: IEEE Journal of Biomedical and Health Informatics, vol. 21, iss. 6, pp. 1741-1749, 2017, ISSN: 2168-2194 . Abstract | Links | BibTeX | Tags: EHR, emadrid2, Merkle Tree, Minimal Disclosure, privacy, Profile Management Díaz-Sánchez, Daniel; Simon-Sherratt, R.; Almenarez, Florina; Arias, Patricia; Marín, Andrés Secure store and forward proxy for dynamic IoT applications over M2M networks Journal Article In: IEEE Transactions on Consumer Electronics, vol. 62, iss. 4, pp. 389-397, 2016, ISSN: 0098-3063. Abstract | Links | BibTeX | Tags: encryption, Internet of Things, Machine to Machine, privacy Rodriguez-Carrion, Alicia; Rebollo-Monedero, David; Forne, Jordi; Campo-Vázquez, Celeste; García-Rubio, Carlos; Parra-Arnau, Javier; Das, Sajal Entropy-based privacy against profiling of user mobility Journal Article In: Entropy, vol. 17, iss. 6, pp. 3913-3946, 2015, ISSN: 1099-4300. Abstract | Links | BibTeX | Tags: emrisco, entropy, location history, location-based services, perturbative methods, privacy Díaz-Sánchez, Daniel; Almenarez, Florina; Marín, Andrés; Sánchez-Guerrero, Rosa; Arias, Patricia Media Gateway: bringing privacy to Private Multimedia Clouds connections Journal Article In: Telecommunication Systems, vol. 55, iss. 2, pp. 315-330, 2014, ISSN: 1572-9451. Abstract | Links | BibTeX | Tags: Cloud computing, multimedia, privacy, streaming Sánchez-Guerrero, Rosa; Almenárez, Florina; Díaz-Sánchez, Daniel; Arias, Patricia; Marín, Andrés A model for dimensioning a secure event-driven health care system Proceedings Article In: 2012 5th Joint IFIP Wireless and Mobile Networking Conference (WMNC), Institute of Electrical and Electronics Engineers (IEEE), 2013, ISBN: 978-1-4673-2993-4. Abstract | Links | BibTeX | Tags: privacy, Protocols, Security Marín-López, Andrés; Díaz-Sánchez, Daniel; Almenárez-Mendoza, Florina; Arias-Cabarcos, Patricia; Sánchez-Guerrero, Rosa; Sanvido, Fabio Private cloud and media privacy in social networks Proceedings Article In: 2012 IEEE Second International Conference on Consumer Electronics - Berlin (ICCE-Berlin), IEEE, 2012, ISSN: 2166-6814. Abstract | Links | BibTeX | Tags: Cloud computing, privacy, Security Sánchez-Guerrero, Rosa; Almenárez, Florina; Díaz-Sánchez, Daniel; Marín, Andrés; Arias, Patricia; Sanvido, Fabio An Event Driven Hybrid Identity Management Approach to Privacy Enhanced e-Health Journal Article In: Sensors , vol. 12, iss. 5, pp. 6129-6154, 2012, ISSN: 1424-8220. Abstract | Links | BibTeX | Tags: delegation, event, federation, health care, identity management, privacy, revocation consent, servicioseguridad, theory queue, user-centric Sanvido, F.; Díaz-Sánchez, D.; Sánchez-Guerrero, R.; Almenares, F.; Arias, P. Privacy enhanced cloud services home aggregator Proceedings Article In: 2012 IEEE International Conference on Consumer Electronics (ICCE), Institute of Electrical and Electronics Engineers (IEEE), 2012, ISSN: 2158-3994. Abstract | Links | BibTeX | Tags: Cloud computing, emadrid, privacy, Protocols, Security Sánchez-Guerrero, Rosa; Arias-Cabarcos, Patricia; Almenares-Mendoza, Florina; Díaz-Sanchez, Daniel Trust-aware federated IdM in consumer cloud computing Proceedings Article In: 2012 IEEE International Conference on Consumer Electronics (ICCE), Institute of Electrical and Electronics Engineers (IEEE), 2012, ISSN: 2158-3994. Abstract | Links | BibTeX | Tags: Cloud computing, privacy, Security Sánchez, Rosa; Almenares, Florina; Arias, Patricia; Díaz-Sánchez, Daniel; Marín, Andrés Enhancing privacy and dynamic federation in IdM for consumer cloud computing Journal Article In: IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, vol. 58, iss. 1, pp. 95-103, 2012, ISSN: 0098-3063. Abstract | Links | BibTeX | Tags: authentication, Cloud computing, Computer architecture, context, desarrollodespliegue, privacy, Protocols Sánchez-Guerrero, Rosa; Díaz-Sánchez, Daniel; Marín-López, Andrés; Arias-Cabarcos, Patricia; Almenares-Mendoza, Florina Improving privacy in identity management systems for health care scenarios Proceedings Article In: Proceedings of the 5th International Symposium of Ubiquitous Computing and Ambient Intelligence (UCAMI 2011), December 5-8th, 2011, Riviera Maya, Mexico, UCAMI, 2011, ISBN: 978-84-694-9677-0. Abstract | Links | BibTeX | Tags: anonymity, delegation, desarrollodespliegue, federation, health care, identity management, privacy, Pseudonymity, user-centric Díaz-Sánchez, Daniel; Almenarez, Florina; Marín, Andrés; Arias, Patricia; Sánchez-Guerrero, Rosa; Sanvido, Fabio A privacy aware media gateway for connecting private multimedia clouds to limited devices Proceedings Article In: 2011 4th Joint IFIP Wireless and Mobile Networking Conference (WMNC 2011), Institute of Electrical and Electronics Engineers (IEEE), 2011, ISBN: 978-1-4577-1192-3. Abstract | Links | BibTeX | Tags: Cloud computing, emadrid, multimedia, privacy, streaming Díaz-Sánchez, Daniel; Marín, Andrés; Almenárez, Florina; Cortés, Alberto Socializing electronics: Secure interactions in social networks Proceedings Article In: 2010 Digest of Technical Papers International Conference on Consumer Electronics (ICCE), Institute of Electrical and Electronics Engineers (IEEE), 2010, ISSN: 2158-3994. Abstract | Links | BibTeX | Tags: privacy, Social network services2024
@article{marcelo001,
title = {“Animation” URL in NFT marketplaces considered harmful for privacy},
author = {Patricia Callejo and Ignacio Gómez-Fernandez and Marcelo Bagnulo},
doi = {https://doi.org/10.1007/s10207-024-00908-x},
issn = {1615-5270},
year = {2024},
date = {2024-09-17},
journal = {International Journal of Information Security},
abstract = {Non-Fungible Tokens (NFTs) are becoming increasingly popular as a way to represent and own digital property. However, the usage of NFTs also prompts questions about privacy. In this work, we show that it is possible to use NFTs to retrieve enough information to fingerprint users. By doing so, we can uniquely associate users with blockchain accounts. This would allow linking several blockchain accounts to the same user. This work focuses on the vulnerabilities presented by some popular NFT marketplaces. Since NFTs may have HTML files embedded, they allow the use of fingerprinting techniques if not handled carefully. Finally, we provide recommendations and countermeasures for the different actors in this ecosystem to avoid these kinds of tracking methods and, in doing so, safeguard user privacy.},
keywords = {Blockchain, I-Shaper, NFT, privacy},
pubstate = {published},
tppubtype = {article}
}
2022
@article{diazsanchez010,
title = {Kriper: A blockchain network with permissioned storage},
author = {MaríaIsabel Rojo-Rivas and Daniel Díaz-Sánchez and Florina Almenarez and Andrés Marín-Lopez},
doi = {https://doi.org/10.1016/j.future.2022.08.006},
issn = {0167-739X},
year = {2022},
date = {2022-08-17},
urldate = {2022-08-17},
journal = {Future Generation Computer Systems},
volume = {138},
pages = {160-171},
abstract = {Blockchain has been a revolution in the past few years. Beyond the new currencies that were created around different incarnations of the blockchain concept, there are many other contributions that provide interesting services as a data linked structure using a decentralized network that provide a high level of security. Companies have developed many projects to incorporate blockchain into their business logic pursuing to incorporate other related services as persistence of large volumes of data, privacy or anonymity of transactions, distributed data processing, security (confidentiality, integrity, and availability), document management or micro messages in real time. Nevertheless, as it will be discussed in this article, current blockchains do not meet the needs of companies in many aspects, leading to a scarce or superficial adoption. This article introduces Kriper, a blockchain that aims at meeting corporate world needs by responding with a community-based, open blockchain that may also be segregated and private for certain uses whereas it provides a permissioned distributed storage and micro message lightweight services.},
keywords = {Access control, Blockchain, compromise, Confidentiality, cynamon, Distributed storage, Permissioned storage, privacy, ricon},
pubstate = {published},
tppubtype = {article}
}
2020
@inproceedings{pa054,
title = {On the Automation of Auditing in Power Grid Companies},
author = {Sergio Chica-Manjarrez and Andrés Marín-López and Daniel Díaz-Sánchez and Florina Almenares-Mendoza},
doi = {10.3233/AISE200057},
isbn = {ISSN/ISBN) 978-1-4503-5988-7},
year = {2020},
date = {2020-07-23},
urldate = {2020-07-23},
booktitle = {Actas de congreso internacional, Citas Google 2, CORE C},
pages = {331 - 340},
abstract = {Auditing is a common task required to secure networks. This becomes of utter importance in power grid companies, the authorities of electricity supply. An increasing number of connected devices makes the use of semi automatic or fully automated auditing imperative. The inventory system has to incorporate the auditing results and subsequently integrate them in the security assessment of the company. The risk metrics incorporate the severity of exposures and facilitate the selection of vulnerabilities that have to be mitigated, according to the risk appetite of the company. This automatic approach has to address scale and privacy issues of large companies. In addition, connections from foreign domains that carry out the auditing involve additional risks that must be considered to effectively test the likelihood and depth of the found vulnerabilities.
In this paper we discuss the requirements of an automatic auditing system and present AUTOAUDITOR, a highly configurable module which allow companies to automatically perform pentesting in specific assets.},
keywords = {auditing, containers, cynamon, inteligenciafuentesabiertas, privacy, scalability, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
In this paper we discuss the requirements of an automatic auditing system and present AUTOAUDITOR, a highly configurable module which allow companies to automatically perform pentesting in specific assets.2017
@article{8003467,
title = {Collaborative eHealth Meets Security: Privacy-Enhancing Patient Profile Management},
author = {Rosa Sánchez-Guerrero and Florina Almenárez-Mendoza and Daniel Díaz-Sánchez and Patricia Arias-Cabarcos and Andrés Marín-López},
url = {/download/Collaborative_eHealth_meets_Security_Privacy-Enhancing_Patient_Profile_Management.pdf
https://ieeexplore.ieee.org/document/8003467},
doi = {10.1109/JBHI.2017.2655419},
issn = {2168-2194 },
year = {2017},
date = {2017-11-01},
urldate = {2017-11-01},
journal = {IEEE Journal of Biomedical and Health Informatics},
volume = {21},
issue = {6},
pages = {1741-1749},
abstract = {Collaborative healthcare environments offer potential benefits, including enhancing the healthcare quality delivered to patients and reducing costs. As a direct consequence, sharing of electronic health records (EHRs) among healthcare providers has experienced a noteworthy growth in the last years, since it enables physicians to remotely monitor patients' health and enables individuals to manage their own health data more easily. However, these scenarios face significant challenges regarding security and privacy of the extremely sensitive information contained in EHRs. Thus, a flexible, efficient, and standards-based solution is indispensable to guarantee selective identity information disclosure and preserve patient's privacy. We propose a privacy-aware profile management approach that empowers the patient role, enabling him to bring together various healthcare providers as well as user-generated claims into an unique credential. User profiles are represented through an adaptive Merkle Tree, for which we formalize the underlying mathematical model. Furthermore, performance of the proposed solution is empirically validated through simulation experiments.},
keywords = {EHR, emadrid2, Merkle Tree, Minimal Disclosure, privacy, Profile Management},
pubstate = {published},
tppubtype = {article}
}
2016
@article{7838091,
title = {Secure store and forward proxy for dynamic IoT applications over M2M networks},
author = {Daniel Díaz-Sánchez and R. Simon-Sherratt and Florina Almenarez and Patricia Arias and Andrés Marín},
url = {https://ieeexplore.ieee.org/document/7838091
https://phpmyadmin.pervasive.it.uc3m.es/download/Secure__Store_and_Forward_Proxy_for_Dynamic_IoT_Applications_over_M2M_Networks.pdf},
doi = {10.1109/TCE.2016.7838091},
issn = {0098-3063},
year = {2016},
date = {2016-11-01},
urldate = {2016-11-01},
journal = {IEEE Transactions on Consumer Electronics},
volume = {62},
issue = {4},
pages = {389-397},
abstract = {Internet of Things (IoT) applications are expected to generate a huge unforeseen amount of traffic flowing from Consumer Electronics devices to the network. In order to overcome existing interoperability problems, several standardization bodies have joined to bring a new generation of Machine to Machine (M2M) networks as a result of the evolution of wireless sensor/actor networks and mobile cellular networks to converged networks. M2M is expected to enable IoT paradigms and related concepts into a reality at a reasonable cost. As part of the convergence, several technologies preventing new IoT services to interfere with existing Internet services are flourishing. Responsive, message-driven, resilient and elastic architectures are becoming essential parts of the system. These architectures will control the entire data flow for an IoT system requiring sometimes to store, shape and forward data among nodes of a M2M network to improve network performance. However, IoT generated data have an important personal component since it is generated in personal devices or are the result of the observation of the physical world, so rises significant security concerns. This article proposes a novel opportunistic flexible secure store and forward proxy for M2M networks and its mapping to asynchronous protocols that guarantees data confidentiality.},
keywords = {encryption, Internet of Things, Machine to Machine, privacy},
pubstate = {published},
tppubtype = {article}
}
2015
@article{campo009,
title = {Entropy-based privacy against profiling of user mobility},
author = {Alicia Rodriguez-Carrion and David Rebollo-Monedero and Jordi Forne and Celeste Campo-Vázquez and Carlos García-Rubio and Javier Parra-Arnau and Sajal Das},
url = {http://hdl.handle.net/10016/27924},
doi = {https://doi.org/10.3390/e17063913},
issn = {1099-4300},
year = {2015},
date = {2015-06-10},
urldate = {2015-06-10},
journal = {Entropy},
volume = {17},
issue = {6},
pages = {3913-3946},
abstract = {Location-based services (LBSs) flood mobile phones nowadays, but their use poses an evident privacy risk. The locations accompanying the LBS queries can be exploited by the LBS provider to build the user profile of visited locations, which might disclose sensitive data, such as work or home locations. The classic concept of entropy is widely used to evaluate privacy in these scenarios, where the information is represented as a sequence of independent samples of categorized data. However, since the LBS queries might be sent very frequently, location profiles can be improved by adding temporal dependencies, thus becoming mobility profiles, where location samples are not independent anymore and might disclose the user's mobility patterns. Since the time dimension is factored in, the classic entropy concept falls short of evaluating the real privacy level, which depends also on the time component. Therefore, we propose to extend the entropy-based privacy metric to the use of the entropy rate to evaluate mobility profiles. Then, two perturbative mechanisms are considered to preserve locations and mobility profiles under gradual utility constraints. We further use the proposed privacy metric and compare it to classic ones to evaluate both synthetic and real mobility profiles when the perturbative methods proposed are applied. The results prove the usefulness of the proposed metric for mobility profiles and the need for tailoring the perturbative methods to the features of mobility profiles in order to improve privacy without completely loosing utility.},
keywords = {emrisco, entropy, location history, location-based services, perturbative methods, privacy},
pubstate = {published},
tppubtype = {article}
}
2014
@article{diazsanchez001,
title = {Media Gateway: bringing privacy to Private Multimedia Clouds connections},
author = {Daniel Díaz-Sánchez and Florina Almenarez and Andrés Marín and Rosa Sánchez-Guerrero and Patricia Arias },
url = {https://link.springer.com/article/10.1007/s11235-013-9783-1},
doi = {https://doi.org/10.1007/s11235-013-9783-1},
issn = {1572-9451},
year = {2014},
date = {2014-02-01},
urldate = {2014-02-01},
journal = {Telecommunication Systems},
volume = {55},
issue = {2},
pages = {315-330},
abstract = {The growing interest in media sharing combined with the explosion of social applications have opened an opportunity window for cloud based applications for media management as Media Cloud, described in this article, that has brought the concept of Cloud Computing to home environments. Media Cloud provides a comprehensive and efficient solution for managing content among federated home environments. As part of the purpose of empowering the user role as well as to improve user experience, we placed significant efforts on interoperability and privacy protection when it comes to accessing cloud resources from other networks. This article describes a solution that enables limited devices to access contents located in private clouds, as Media Cloud, with the cooperation of network providers.},
keywords = {Cloud computing, multimedia, privacy, streaming},
pubstate = {published},
tppubtype = {article}
}
2013
@inproceedings{pa020,
title = {A model for dimensioning a secure event-driven health care system},
author = {Rosa Sánchez-Guerrero and Florina Almenárez and Daniel Díaz-Sánchez and Patricia Arias and Andrés Marín},
url = {https://ieeexplore.ieee.org/document/6416152},
doi = {https://doi.org/10.1109/WMNC.2012.6416152},
isbn = {978-1-4673-2993-4},
year = {2013},
date = {2013-01-24},
urldate = {2013-01-24},
booktitle = {2012 5th Joint IFIP Wireless and Mobile Networking Conference (WMNC)},
publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
abstract = {Privacy is close to the user information and thus, present in any ubiquitous computing scenario. In this sense, privacy in identity management is gaining more importance, since IdM systems deal with services that requires sharing attributes belonging to users' identity with different entities across security domains. However, the effective revocation consent -considered as a privacy rule in sensitive scenarios- has not been fully addressed. This article builds on the flexible event-based user consent-revocation mechanism defined in [4] for health care scenarios. In this article we analyze the network dimensioning to calculate the overhead of activating/deactivating attributes and privileges, as subscription and notification event messages exchanged. We consider two main simulation scenarios: a large hospital, and a small-medium hospital.},
keywords = {privacy, Protocols, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
2012
@inproceedings{pa011,
title = {Private cloud and media privacy in social networks},
author = {Andrés Marín-López and Daniel Díaz-Sánchez and Florina Almenárez-Mendoza and Patricia Arias-Cabarcos and Rosa Sánchez-Guerrero and Fabio Sanvido},
url = {https://ieeexplore.ieee.org/document/6336476},
doi = {https://doi.org/10.1109/ICCE-Berlin.2012.6336476},
issn = {2166-6814},
year = {2012},
date = {2012-10-22},
booktitle = {2012 IEEE Second International Conference on Consumer Electronics - Berlin (ICCE-Berlin)},
publisher = {IEEE},
abstract = {Privacy rules imposed by social networks (SNs) impose several restrictions to user privacy. Though they usually offer the user some control to limit access to his own data, the social network may share uploaded data with other partners and marketing companies. Pictures and videos may have a second life, even after being deleted by the user, and consequently storage and access must take place in the user home domain or facilities managed by the user, following an end to end approach. We propose to combine the usage of private clouds, specialized in media contents, in cooperation with SNs, offering the user complete control over his data, while benefiting from the SNs visibility to announce and spread the data. To achieve transparency, we propose a plug-in system to embed links as annotations in reduced media replacement uploaded in the SN. These links point to the real resource stored in the private cloud, now under complete user control. We perform validation tests which show important improvements in uploading time and user experience.},
keywords = {Cloud computing, privacy, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{sanchezguerrero001,
title = {An Event Driven Hybrid Identity Management Approach to Privacy Enhanced e-Health},
author = {Rosa Sánchez-Guerrero and Florina Almenárez and Daniel Díaz-Sánchez and Andrés Marín and Patricia Arias and Fabio Sanvido
},
url = {https://www.mdpi.com/1424-8220/12/5/6129
https://www.mdpi.com/1424-8220/12/5/6129/pdf?version=1403317529},
doi = {https://doi.org/10.3390/s120506129},
issn = {1424-8220},
year = {2012},
date = {2012-05-10},
urldate = {2012-05-10},
journal = {Sensors },
volume = {12},
issue = {5},
pages = {6129-6154},
abstract = {Credential-based authorization offers interesting advantages for ubiquitous scenarios involving limited devices such as sensors and personal mobile equipment: the verification can be done locally; it offers a more reduced computational cost than its competitors for issuing, storing, and verification; and it naturally supports rights delegation. The main drawback is the revocation of rights. Revocation requires handling potentially large revocation lists, or using protocols to check the revocation status, bringing extra communication costs not acceptable for sensors and other limited devices. Moreover, the effective revocation consent—considered as a privacy rule in sensitive scenarios—has not been fully addressed. This paper proposes an event-based mechanism empowering a new concept, the sleepyhead credentials, which allows to substitute time constraints and explicit revocation by activating and deactivating authorization rights according to events. Our approach is to integrate this concept in IdM systems in a hybrid model supporting delegation, which can be an interesting alternative for scenarios where revocation of consent and user privacy are critical. The delegation includes a SAML compliant protocol, which we have validated through a proof-of-concept implementation. This article also explains the mathematical model describing the event-based model and offers estimations of the overhead introduced by the system. The paper focus on health care scenarios, where we show the flexibility of the proposed event-based user consent revocation mechanism.},
keywords = {delegation, event, federation, health care, identity management, privacy, revocation consent, servicioseguridad, theory queue, user-centric},
pubstate = {published},
tppubtype = {article}
}
@inproceedings{pa014,
title = {Privacy enhanced cloud services home aggregator},
author = {F. Sanvido and D. Díaz-Sánchez and R. Sánchez-Guerrero and F. Almenares and P. Arias},
url = {https://ieeexplore.ieee.org/document/6162012},
doi = {https://doi.org/10.1109/ICCE.2012.6162012},
issn = {2158-3994},
year = {2012},
date = {2012-03-01},
urldate = {2012-03-01},
booktitle = {2012 IEEE International Conference on Consumer Electronics (ICCE)},
publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
abstract = {During the past years we have assisted to the huge diffusion of Cloud based Services, but security and privacy are still an issue in the Cloud due to a problem of trust endemic in the Cloud paradigm; users who have subscribed some kind of Cloud service must fully trust their providers. In this paper we propose a new, yet simple way to guarantee privacy for end user's data and operations. We propose to use an application inside an STB as single point of concentration for user's Cloud services accounts. Thus, a higher degree of privacy could be achieved by splitting user's data and operations over multiple identities and even over multiple providers' networks. In this article we depict, as example, the case of on-line storage and synchronization service.},
keywords = {Cloud computing, emadrid, privacy, Protocols, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{pa015,
title = {Trust-aware federated IdM in consumer cloud computing},
author = {Rosa Sánchez-Guerrero and Patricia Arias-Cabarcos and Florina Almenares-Mendoza and Daniel Díaz-Sanchez},
url = {https://ieeexplore.ieee.org/document/6161734},
doi = {https://doi.org/10.1109/ICCE.2012.6161734},
issn = {2158-3994},
year = {2012},
date = {2012-03-01},
booktitle = {2012 IEEE International Conference on Consumer Electronics (ICCE)},
publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
abstract = {Cloud computing paradigm has emerged as the natural evolution and integration of advances in several areas including distributed computing and consumer electronics. In this complex ecosystem, security and identity management challenges have arisen, given their dynamism and heterogeneity. As a direct consequence, dynamic federated identity management has arisen as an indispensable mechanism to enable the global scalability that is required for the successful implantation of Cloud technologies. With this requirement in mind, we present a trust-aware IdM architecture based on privacy and reputation extensions compliant with the SAMLv2 standard media.},
keywords = {Cloud computing, privacy, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{almenarez003,
title = {Enhancing privacy and dynamic federation in IdM for consumer cloud computing},
author = {Rosa Sánchez and Florina Almenares and Patricia Arias and Daniel Díaz-Sánchez and Andrés Marín},
url = {https://ieeexplore.ieee.org/document/6170060
https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6170060},
doi = {https://doi.org/10.1109/TCE.2012.6170060},
issn = {0098-3063},
year = {2012},
date = {2012-02-01},
urldate = {2012-02-01},
journal = {IEEE TRANSACTIONS ON CONSUMER ELECTRONICS},
volume = {58},
issue = {1},
pages = {95-103},
abstract = {Consumer cloud computing paradigm has emerged as the natural evolution and integration of advances in several areas including distributed computing, service oriented architecture and consumer electronics. In this complex ecosystem, security and identity management challenges have cropped up, given their dynamism and heterogeneity. As a direct consequence, dynamic federated identity management with privacy improvements has arisen as an indispensable mechanism to enable the global scalability and usability that are required for the successful implantation of Cloud technologies. With these requirements in mind, we present an IdM architecture based on privacy and reputation extensions compliance with the SAMLv2/ID-FF standards.},
keywords = {authentication, Cloud computing, Computer architecture, context, desarrollodespliegue, privacy, Protocols},
pubstate = {published},
tppubtype = {article}
}
2011
@inproceedings{pa033,
title = {Improving privacy in identity management systems for health care scenarios},
author = {Rosa Sánchez-Guerrero and Daniel Díaz-Sánchez and Andrés Marín-López and Patricia Arias-Cabarcos and Florina Almenares-Mendoza},
url = {http://hdl.handle.net/10016/13102},
isbn = {978-84-694-9677-0},
year = {2011},
date = {2011-12-27},
urldate = {2011-12-27},
booktitle = {Proceedings of the 5th International Symposium of Ubiquitous Computing and Ambient Intelligence (UCAMI 2011), December 5-8th, 2011, Riviera Maya, Mexico},
publisher = {UCAMI},
abstract = {Privacy is a very complex and subjective concept with different meaning to different people. The meaning depends on the context. Moreover, privacy is close to the user information and thus, present in any ubiquitous computing scenario. In the context of identity management (IdM), privacy is gaining more importance since IdM systems deal with services that requires sharing attributes belonging to users’ identity with different entities across domains. Consequently, privacy is a fundamental aspect to be addressed by IdM to protect the exchange of user attributes between services and identity providers across different networks and security domains in pervasive computing. However, problems such as the effective revocation consent, have not been fully addressed. Furthermore, privacy depends heavily on users and applications requiring some degree of flexibility. This paper analyzes the main current identity models, as well as the privacy support presented by the identity management frameworks. After the main limitations are identified, we propose a delegation protocol for the SAML standard in order to enhance the revocation consent within healthcare scenarios.},
keywords = {anonymity, delegation, desarrollodespliegue, federation, health care, identity management, privacy, Pseudonymity, user-centric},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{pa023,
title = {A privacy aware media gateway for connecting private multimedia clouds to limited devices},
author = {Daniel Díaz-Sánchez and Florina Almenarez and Andrés Marín and Patricia Arias and Rosa Sánchez-Guerrero and Fabio Sanvido},
url = {https://ieeexplore.ieee.org/document/6097259},
doi = {https://doi.org/10.1109/WMNC.2011.6097259},
isbn = {978-1-4577-1192-3},
year = {2011},
date = {2011-12-12},
urldate = {2011-12-12},
booktitle = {2011 4th Joint IFIP Wireless and Mobile Networking Conference (WMNC 2011)},
publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
abstract = {Multimedia availability is exceeding our capacity of management in home environment and outside it. For that reason, solutions as Media Cloud have brought the concept of Cloud Computing to home environments. Media Cloud provides a comprehensive and efficient solution for managing content among federated home environments. However, when consuming those contents outside a home environment some problems should be addressed as dealing with limited devices and protecting user generated and commercial contents from eavesdroppers. This article describes a solution that enables limited devices to access contents located in private clouds, as Media Cloud, with the cooperation of network providers.},
keywords = {Cloud computing, emadrid, multimedia, privacy, streaming},
pubstate = {published},
tppubtype = {inproceedings}
}
2010
@inproceedings{pa038,
title = {Socializing electronics: Secure interactions in social networks},
author = {Daniel Díaz-Sánchez and Andrés Marín and Florina Almenárez and Alberto Cortés},
url = {https://ieeexplore.ieee.org/document/5418685},
doi = {https://doi.org/10.1109/ICCE.2010.5418685},
issn = {2158-3994},
year = {2010},
date = {2010-02-22},
booktitle = {2010 Digest of Technical Papers International Conference on Consumer Electronics (ICCE)},
publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
abstract = {Social networks help us to follow friends and family daily lives. Home devices are rich in user's information so they are appropriate platforms to deploy social network applications. This article addresses two main requirements: content must be adapted to different devices and user's privacy must be respected. To enable social network interaction in home environments and to overcome privacy problems we present two home gateway applications: the Social Enabler and its counterpart the Social Watchdog.},
keywords = {privacy, Social network services},
pubstate = {published},
tppubtype = {inproceedings}
}
Publications
“Animation” URL in NFT marketplaces considered harmful for privacy Journal Article In: International Journal of Information Security, 2024, ISSN: 1615-5270. Kriper: A blockchain network with permissioned storage Journal Article In: Future Generation Computer Systems, vol. 138, pp. 160-171, 2022, ISSN: 0167-739X. On the Automation of Auditing in Power Grid Companies Proceedings Article In: Actas de congreso internacional, Citas Google 2, CORE C, pp. 331 - 340, 2020, ISBN: ISSN/ISBN) 978-1-4503-5988-7. Collaborative eHealth Meets Security: Privacy-Enhancing Patient Profile Management Journal Article In: IEEE Journal of Biomedical and Health Informatics, vol. 21, iss. 6, pp. 1741-1749, 2017, ISSN: 2168-2194 . Secure store and forward proxy for dynamic IoT applications over M2M networks Journal Article In: IEEE Transactions on Consumer Electronics, vol. 62, iss. 4, pp. 389-397, 2016, ISSN: 0098-3063. Entropy-based privacy against profiling of user mobility Journal Article In: Entropy, vol. 17, iss. 6, pp. 3913-3946, 2015, ISSN: 1099-4300. Media Gateway: bringing privacy to Private Multimedia Clouds connections Journal Article In: Telecommunication Systems, vol. 55, iss. 2, pp. 315-330, 2014, ISSN: 1572-9451. A model for dimensioning a secure event-driven health care system Proceedings Article In: 2012 5th Joint IFIP Wireless and Mobile Networking Conference (WMNC), Institute of Electrical and Electronics Engineers (IEEE), 2013, ISBN: 978-1-4673-2993-4. Private cloud and media privacy in social networks Proceedings Article In: 2012 IEEE Second International Conference on Consumer Electronics - Berlin (ICCE-Berlin), IEEE, 2012, ISSN: 2166-6814. An Event Driven Hybrid Identity Management Approach to Privacy Enhanced e-Health Journal Article In: Sensors , vol. 12, iss. 5, pp. 6129-6154, 2012, ISSN: 1424-8220. Privacy enhanced cloud services home aggregator Proceedings Article In: 2012 IEEE International Conference on Consumer Electronics (ICCE), Institute of Electrical and Electronics Engineers (IEEE), 2012, ISSN: 2158-3994. Trust-aware federated IdM in consumer cloud computing Proceedings Article In: 2012 IEEE International Conference on Consumer Electronics (ICCE), Institute of Electrical and Electronics Engineers (IEEE), 2012, ISSN: 2158-3994. Enhancing privacy and dynamic federation in IdM for consumer cloud computing Journal Article In: IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, vol. 58, iss. 1, pp. 95-103, 2012, ISSN: 0098-3063. Improving privacy in identity management systems for health care scenarios Proceedings Article In: Proceedings of the 5th International Symposium of Ubiquitous Computing and Ambient Intelligence (UCAMI 2011), December 5-8th, 2011, Riviera Maya, Mexico, UCAMI, 2011, ISBN: 978-84-694-9677-0. A privacy aware media gateway for connecting private multimedia clouds to limited devices Proceedings Article In: 2011 4th Joint IFIP Wireless and Mobile Networking Conference (WMNC 2011), Institute of Electrical and Electronics Engineers (IEEE), 2011, ISBN: 978-1-4577-1192-3. Socializing electronics: Secure interactions in social networks Proceedings Article In: 2010 Digest of Technical Papers International Conference on Consumer Electronics (ICCE), Institute of Electrical and Electronics Engineers (IEEE), 2010, ISSN: 2158-3994.2024
2022
2020
2017
2016
2015
2014
2013
2012
2011
2010