Díaz-Sánchez, Daniel; Marín, Andrés; Almenarez, Florina; Campo, Celeste; Cortés, Alberto; García-Rubio, Carlos Trust Negotiation Protocol Support for Secure Mobile Network Service Deployment Book Chapter In: IFIP International Federation for Information Processing, vol. 284, pp. 271 - 282, Springer US, 2008, ISBN: 978-0-387-84838-9. Abstract | Links | BibTeX | Tags: international telecommunication union, message authentication code, Mutual Authentication, protocol message, recursosteleeducacion, transport layer security Almenarez, Florina; Díaz, Daniel; Marín, Andrés Secure Ad-Hoc mBusiness: Enhancing WindowsCE Security Journal Article In: Lecture Notes In Computer Sciences, vol. 3184, pp. 90-99, 2004, ISSN: 0302-9743. Abstract | Links | BibTeX | Tags: EasyWireless, everyware, Mutual Authentication, Smart Card, Trust Degree, Trust Relationship, Trusted Third Party, Ubisec2008
@inbook{bc005,
title = {Trust Negotiation Protocol Support for Secure Mobile Network Service Deployment},
author = {Daniel Díaz-Sánchez and Andrés Marín and Florina Almenarez and Celeste Campo and Alberto Cortés and Carlos García-Rubio },
url = {https://link.springer.com/chapter/10.1007/978-0-387-84839-6_22
https://link.springer.com/content/pdf/10.1007/978-0-387-84839-6.pdf},
doi = {https://doi.org/10.1007/978-0-387-84839-6_22},
isbn = {978-0-387-84838-9},
year = {2008},
date = {2008-01-09},
urldate = {2008-01-09},
booktitle = {IFIP International Federation for Information Processing},
volume = {284},
pages = {271 - 282},
publisher = {Springer US},
abstract = {User-centric services might enforce requirements difficult to be endorsed by visited networks unless tight coupled trust relations are previously established among providers. Maintaining those fixed trust relations is costly and unmanageable if the number of providers increases. Moreover, it requires providers to use a common security model, credentials, policies…Trust Negotiation can be the solution to this problem since allows to negotiate gradually a security state enabling multiple factor authentication and authorization even for “strangers” by exchanging various credentials. However, there are still two problems to solve, the first one is the delay introduced by the trust negotiation messages if used as bootstrapping in every interaction; the second one is the lack of protocol support. In this article we address those problems by presenting an extension to TLS that enables trust negotiation and credential issuing (to speed-up following interactions) over a secure channel.
},
keywords = {international telecommunication union, message authentication code, Mutual Authentication, protocol message, recursosteleeducacion, transport layer security},
pubstate = {published},
tppubtype = {inbook}
}
2004
@article{10.1007/978-3-540-30079-3_10,
title = {Secure Ad-Hoc mBusiness: Enhancing WindowsCE Security},
author = {Florina Almenarez and Daniel Díaz and Andrés Marín},
editor = {Sokratis Katsikas and Javier Lopez and Günther Pernul},
url = {https://link.springer.com/chapter/10.1007/978-3-540-30079-3_10
https://doi.org/10.1007/978-3-540-30079-3_10},
doi = {10.1007/978-3-540-30079-3_10},
issn = {0302-9743},
year = {2004},
date = {2004-01-01},
urldate = {2004-01-01},
journal = {Lecture Notes In Computer Sciences},
volume = {3184},
pages = {90-99},
publisher = {Springer Berlin Heidelberg},
address = {Berlin, Heidelberg},
abstract = {Nowadays we can perform business transactions with remote servers interconnected to Internet using our personal devices. These transactions can also be possible without any infrastructure in pure ad-hoc networks. In both cases, interacting parts are often unknown, therefore, they require some mechanism to establish ad-hoc trust relationships and perform secure transactions. Operating systems for mobile platforms support secure communication and authentication, but this support is based on hierarchical PKI. For wireless communications, they use the (in)secure protocol WEP. This paper presents a WCE security enhanced architecture allowing secure transactions, mutual authentication, and access control based on dynamic management of the trusted certificate list. We have successfully implemented our own CSP to support the new certificate management and data ciphering.},
keywords = {EasyWireless, everyware, Mutual Authentication, Smart Card, Trust Degree, Trust Relationship, Trusted Third Party, Ubisec},
pubstate = {published},
tppubtype = {article}
}
Publications
Trust Negotiation Protocol Support for Secure Mobile Network Service Deployment Book Chapter In: IFIP International Federation for Information Processing, vol. 284, pp. 271 - 282, Springer US, 2008, ISBN: 978-0-387-84838-9. Secure Ad-Hoc mBusiness: Enhancing WindowsCE Security Journal Article In: Lecture Notes In Computer Sciences, vol. 3184, pp. 90-99, 2004, ISSN: 0302-9743.2008
2004