Publications - Pervasive Computing Laboratory

Access control anotacionsemantica authentication Cloud computing coap compromise cryptography cynamon emadrid emrisco home network I-Shaper identity management inrisco inteligenciafuentesabiertas Internet of Things IoT IPTV magos Pervasive computing privacy Protocols Qursa raudo2 Security Smart Card trust Trust management Ubisec VANETs 
Show all
2022
 Díaz-Sanchez, Daniel;  Almenarez-Mendoza, Florina;  Marín-López, Andres;  Rojo-Rivas, Isabel
A Hybrid Approach to Ephemeral PKI Credentials Validation and Auditing Proceedings Article 
In: Proceedings of the International Conference on Ubiquitous Computing & Ambient Intelligence (UCAmI 2022), pp. 1043 - 1054, Springer International Publishing, 2022, ISBN: 978-3-031-21332-8.
Abstract | BibTeX | Tags: compromise, ricon
@inproceedings{pa056,

title = {A Hybrid Approach to Ephemeral PKI Credentials Validation and Auditing},

author = {Daniel Díaz-Sanchez and Florina Almenarez-Mendoza and Andres Marín-López and Isabel Rojo-Rivas },

isbn = {978-3-031-21332-8},

year  = {2022},

date = {2022-12-20},

urldate = {2022-12-20},

booktitle = {Proceedings of the International Conference on Ubiquitous Computing & Ambient Intelligence (UCAmI 2022)},

pages = {1043 - 1054},

publisher = {Springer International Publishing},

abstract = {IoT/M2M solutions are expected to rely on near computing infrastructures for deployment of services, frequently ephemeral, that will need adequate protection. Communication protocols in IoT services have widely adopted TLS/PKI as the de facto security standard despite PKI was not designed for issuing short lived credentials. Moreover, after several Certificate Authorities were compromised, some Certificate Pinning proposal were developed to give an additional verification to PKI certificates. Some Certificate Pinning solutions, as Certificate Transparency, provide long term auditing information for PKI certificates issued by renowned Certificate Authorities only, whereas others, as DANE, are able to verify self-issued certificates and give support for security islands that would benefit the development of IoT/M2M micro services but cannot provide long term auditing information. This article describe DANEAudits, a novel service with the objective of complementing DANE with long term auditing information without the need of new Trusted Third Parties different from the information owner.},

keywords = {compromise, ricon},

pubstate = {published},

tppubtype = {inproceedings}

}

Close
IoT/M2M solutions are expected to rely on near computing infrastructures for deployment of services, frequently ephemeral, that will need adequate protection. Communication protocols in IoT services have widely adopted TLS/PKI as the de facto security standard despite PKI was not designed for issuing short lived credentials. Moreover, after several Certificate Authorities were compromised, some Certificate Pinning proposal were developed to give an additional verification to PKI certificates. Some Certificate Pinning solutions, as Certificate Transparency, provide long term auditing information for PKI certificates issued by renowned Certificate Authorities only, whereas others, as DANE, are able to verify self-issued certificates and give support for security islands that would benefit the development of IoT/M2M micro services but cannot provide long term auditing information. This article describe DANEAudits, a novel service with the objective of complementing DANE with long term auditing information without the need of new Trusted Third Parties different from the information owner.
Close
 Rojo-Rivas, MaríaIsabel;  Díaz-Sánchez, Daniel;  Almenarez, Florina;  Marín-Lopez, Andrés
Kriper: A blockchain network with permissioned storage Journal Article 
In: Future Generation Computer Systems, vol. 138, pp. 160-171, 2022, ISSN: 0167-739X.
Abstract | Links | BibTeX | Tags: Access control, Blockchain, compromise, Confidentiality, cynamon, Distributed storage, Permissioned storage, privacy, ricon
@article{diazsanchez010,

title = {Kriper: A blockchain network with permissioned storage},

author = {MaríaIsabel Rojo-Rivas and Daniel Díaz-Sánchez and Florina Almenarez and Andrés Marín-Lopez},

doi = {https://doi.org/10.1016/j.future.2022.08.006},

issn = {0167-739X},

year  = {2022},

date = {2022-08-17},

urldate = {2022-08-17},

journal = {Future Generation Computer Systems},

volume = {138},

pages = {160-171},

abstract = {Blockchain has been a revolution in the past few years. Beyond the new currencies that were created around different incarnations of the blockchain concept, there are many other contributions that provide interesting services as a data linked structure using a decentralized network that provide a high level of security. Companies have developed many projects to incorporate blockchain into their business logic pursuing to incorporate other related services as persistence of large volumes of data, privacy or anonymity of transactions, distributed data processing, security (confidentiality, integrity, and availability), document management or micro messages in real time. Nevertheless, as it will be discussed in this article, current blockchains do not meet the needs of companies in many aspects, leading to a scarce or superficial adoption. This article introduces Kriper, a blockchain that aims at meeting corporate world needs by responding with a community-based, open blockchain that may also be segregated and private for certain uses whereas it provides a permissioned distributed storage and micro message lightweight services.},

keywords = {Access control, Blockchain, compromise, Confidentiality, cynamon, Distributed storage, Permissioned storage, privacy, ricon},

pubstate = {published},

tppubtype = {article}

}

Close
Blockchain has been a revolution in the past few years. Beyond the new currencies that were created around different incarnations of the blockchain concept, there are many other contributions that provide interesting services as a data linked structure using a decentralized network that provide a high level of security. Companies have developed many projects to incorporate blockchain into their business logic pursuing to incorporate other related services as persistence of large volumes of data, privacy or anonymity of transactions, distributed data processing, security (confidentiality, integrity, and availability), document management or micro messages in real time. Nevertheless, as it will be discussed in this article, current blockchains do not meet the needs of companies in many aspects, leading to a scarce or superficial adoption. This article introduces Kriper, a blockchain that aims at meeting corporate world needs by responding with a community-based, open blockchain that may also be segregated and private for certain uses whereas it provides a permissioned distributed storage and micro message lightweight services.
Close
doi:https://doi.org/10.1016/j.future.2022.08.006
Close