Publications - Pervasive Computing Laboratory

Access control anotacionsemantica authentication Cloud computing coap compromise cryptography cynamon Discovery emadrid emrisco home network I-Shaper identity management inrisco inteligenciafuentesabiertas Internet of Things IoT magos Pervasive computing privacy Protocols Qursa Ramones raudo2 Security Smart Card Trust management Ubisec VANETs 
Show all
2025
 Díaz-Sánchez, Daniel;  Almenárez-Mendoza, Florina;  Campo-Vázquez, Celeste;  García-Rubio, Carlos
Zero-trust token authorization with trapdoor hashes for scalable distributed firewalls Journal Article 
In: Elsevier, 2025, ISSN: 0167-739X.
Abstract | Links | BibTeX | Tags: Chamaleon hashes, decentralized authorization, delegation, Discovery, I-Shaper, IoT, Qursa, Ramones, zero trust
@article{danieldiaz032,

title = {Zero-trust token authorization with trapdoor hashes for scalable distributed firewalls},

author = {Daniel Díaz-Sánchez and Florina Almenárez-Mendoza and Celeste Campo-Vázquez and Carlos García-Rubio },

url = {https://www.sciencedirect.com/science/article/pii/S0167739X25005217?via%3Dihub},

doi = {https://doi.org/10.1016/j.future.2025.108227},

issn = {0167-739X},

year  = {2025},

date = {2025-11-06},

urldate = {2025-11-06},

journal = {Elsevier},

abstract = {Massive Internet of Things (IoT) deployments expose networks to severe risks, as a single compromised device can facilitate lateral movements across the entire infrastructure. Traditional firewalls, based on static rules, are fragile, difficult to synchronize across domains, and poorly suited for Zero Trust principles. In this work, we propose a scalable authorization architecture where each flow carries a cryptographically protected token that incorporates a signed and immutable policy, verifiable in a non-interactive manner. The tokens are issued based on attestation evidence, and the messages are reinforced using trapdoor chameleon hashes, which allows for flexible delegation and transferability without invalidating the original policy. Through key aggregation techniques, we enable collaborative issuance, optional anonymity, and multi-party governance. The experimental evaluation in a real testbed demonstrates that the verification of this embedded authorization incurs a fixed and predictable cost—higher than that of rule lookups, but constant regardless of network size, rule growth, or concurrency. This balance eliminates the burden of distributing and maintaining large rule tables while ensuring granular per-flow authorization, privacy preservation, and interoperability between providers. The proposal materializes a Zero Trust model resistant to impersonation, replay, and lateral attacks, and lays the groundwork for future optimizations through the progressive incorporation of post-quantum primitives.},

keywords = {Chamaleon hashes, decentralized authorization, delegation, Discovery, I-Shaper, IoT, Qursa, Ramones, zero trust},

pubstate = {published},

tppubtype = {article}

}

Close
Massive Internet of Things (IoT) deployments expose networks to severe risks, as a single compromised device can facilitate lateral movements across the entire infrastructure. Traditional firewalls, based on static rules, are fragile, difficult to synchronize across domains, and poorly suited for Zero Trust principles. In this work, we propose a scalable authorization architecture where each flow carries a cryptographically protected token that incorporates a signed and immutable policy, verifiable in a non-interactive manner. The tokens are issued based on attestation evidence, and the messages are reinforced using trapdoor chameleon hashes, which allows for flexible delegation and transferability without invalidating the original policy. Through key aggregation techniques, we enable collaborative issuance, optional anonymity, and multi-party governance. The experimental evaluation in a real testbed demonstrates that the verification of this embedded authorization incurs a fixed and predictable cost—higher than that of rule lookups, but constant regardless of network size, rule growth, or concurrency. This balance eliminates the burden of distributing and maintaining large rule tables while ensuring granular per-flow authorization, privacy preservation, and interoperability between providers. The proposal materializes a Zero Trust model resistant to impersonation, replay, and lateral attacks, and lays the groundwork for future optimizations through the progressive incorporation of post-quantum primitives.
Close
https://www.sciencedirect.com/science/article/pii/S0167739X25005217?via%3Dihub
doi:https://doi.org/10.1016/j.future.2025.108227
Close
 Díaz-Sánchez, Daniel;  Campo, Celeste;  García-Rubio, Carlos
Zero‑Trust Token Authorization with Trapdoor Hashes for Scalable Distributed Firewalls Journal Article 
In: pp. 18, 2025.
Abstract | Links | BibTeX | Tags: blind signatures, decentralized authorization, Discovery, I-Shaper, IoT, Qursa, Ramones, TLS Integration
@article{danieldiaz030,

title = {Zero‑Trust Token Authorization with Trapdoor Hashes for Scalable Distributed Firewalls},

author = {Daniel Díaz-Sánchez and Celeste Campo and Carlos García-Rubio },

url = {https://papers.ssrn.com/sol3/papers.cfm?abstract_id=5313600},

doi = {http://dx.doi.org/10.2139/ssrn.5313600},

year  = {2025},

date = {2025-08-31},

urldate = {2025-08-31},

pages = {18},

abstract = {Massive Internet of Things (IoT) deployments expose networks to severe risks, as a single compromised device can facilitate lateral movements across the entire infrastructure. Traditional firewalls, based on static rules, are fragile, difficult to synchronize across domains, and poorly suited for Zero Trust principles. In this work, we propose a scalable authorization architecture where each flow carries a cryptographically protected textit{token} that incorporates a signed and immutable policy, verifiable in a non-interactive manner. The textit{tokens} are issued based on attestation evidence, and the messages are reinforced using trapdoor textit{chameleon hashes}, which allows for flexible delegation and transferability without invalidating the original policy. Through key aggregation techniques, we enable collaborative issuance, optional anonymity, and multi-party governance. The experimental evaluation in a real textit{testbed} demonstrates that the verification of this embedded authorization incurs a fixed and predictable cost—higher than that of rule lookups, but constant regardless of network size, rule growth, or concurrency. This balance eliminates the burden of distributing and maintaining large rule tables while ensuring granular per-flow authorization, privacy preservation, and interoperability between providers. The proposal materializes a Zero Trust model resistant to impersonation, replay, and lateral attacks, and lays the groundwork for future optimizations through the progressive incorporation of post-quantum primitives.},

keywords = {blind signatures, decentralized authorization, Discovery, I-Shaper, IoT, Qursa, Ramones, TLS Integration},

pubstate = {published},

tppubtype = {article}

}

Close
Massive Internet of Things (IoT) deployments expose networks to severe risks, as a single compromised device can facilitate lateral movements across the entire infrastructure. Traditional firewalls, based on static rules, are fragile, difficult to synchronize across domains, and poorly suited for Zero Trust principles. In this work, we propose a scalable authorization architecture where each flow carries a cryptographically protected textit{token} that incorporates a signed and immutable policy, verifiable in a non-interactive manner. The textit{tokens} are issued based on attestation evidence, and the messages are reinforced using trapdoor textit{chameleon hashes}, which allows for flexible delegation and transferability without invalidating the original policy. Through key aggregation techniques, we enable collaborative issuance, optional anonymity, and multi-party governance. The experimental evaluation in a real textit{testbed} demonstrates that the verification of this embedded authorization incurs a fixed and predictable cost—higher than that of rule lookups, but constant regardless of network size, rule growth, or concurrency. This balance eliminates the burden of distributing and maintaining large rule tables while ensuring granular per-flow authorization, privacy preservation, and interoperability between providers. The proposal materializes a Zero Trust model resistant to impersonation, replay, and lateral attacks, and lays the groundwork for future optimizations through the progressive incorporation of post-quantum primitives.
Close
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=5313600
doi:http://dx.doi.org/10.2139/ssrn.5313600
Close