Arias-Cabarcos, Patricia; Almenárez, Florina; Trapero, Rubén; Díaz-Sánchez, Daniel; Marín, Andrés Blended Identity: Pervasive IdM for Continuous Authentication Journal Article In: IEEE Xplore, vol. 13, iss. 3, pp. 32-39, 2015, ISSN: 1540-7993. Abstract | Links | BibTeX | Tags: blended identity, emrisco, identity management, IdM, Pervasive computing, Protocols, risk assessment, Security Arias-Cabarcos, Patricia; Almenares-Mendoza, Florina; Gómez-Mármol, Felix; López, Andrés Marín- To Federate or Not To Federate: A Reputation-Based Mechanism to Dynamize Cooperation in Identity Management Journal Article In: Wireless Personal Communications, vol. 75, iss. 3, pp. 1769-1786, 2013, ISSN: 0929-6212. Abstract | Links | BibTeX | Tags: cooperative systems, identity federation, identity management, trust and reputation management Sánchez-Guerrero, Rosa; Almenárez, Florina; Díaz-Sánchez, Daniel; Marín, Andrés; Arias, Patricia; Sanvido, Fabio An Event Driven Hybrid Identity Management Approach to Privacy Enhanced e-Health Journal Article In: Sensors , vol. 12, iss. 5, pp. 6129-6154, 2012, ISSN: 1424-8220. Abstract | Links | BibTeX | Tags: delegation, event, federation, health care, identity management, privacy, revocation consent, servicioseguridad, theory queue, user-centric Sánchez-Guerrero, Rosa; Díaz-Sánchez, Daniel; Marín-López, Andrés; Arias-Cabarcos, Patricia; Almenares-Mendoza, Florina Improving privacy in identity management systems for health care scenarios Proceedings Article In: Proceedings of the 5th International Symposium of Ubiquitous Computing and Ambient Intelligence (UCAMI 2011), December 5-8th, 2011, Riviera Maya, Mexico, UCAMI, 2011, ISBN: 978-84-694-9677-0. Abstract | Links | BibTeX | Tags: anonymity, delegation, desarrollodespliegue, federation, health care, identity management, privacy, Pseudonymity, user-centric Sánchez-Guerrero, Rosa; Díaz-Sánchez, Daniel; Almenares-Mendoza, Florina; López, Andrés Marín-; Arias-Cabarcos, Patricia; Proserpio, Davide An identity aware wimax personalization for pervasive computing services Proceedings Article In: Proceedings of the 5th International Symposium of Ubiquitous Computing and Ambient Intelligence (UCAMI 2011), December 5-9th, 2011, Riviera Maya, Mexico., UCAMI, 2011, ISBN: 978-84-694-9677-0. Abstract | Links | BibTeX | Tags: authentication, desarrollodespliegue, identity management, IEEE 802.16, personalization, Security, WiMAX Sánchez-Guerrero, Rosa; Díaz-Sánchez, Daniel; Almenarez, Florina; Arias, Patricia; Proserpio, Davide; Marín, Andrés Introducing identity management in WiMAX to enable secure and personalized services Proceedings Article In: 2011 4th Joint IFIP Wireless and Mobile Networking Conference (WMNC 2011), Institute of Electrical and Electronics Engineers (IEEE), 2011, ISBN: 978-1-4577-1192-3. Abstract | Links | BibTeX | Tags: authentication, identity management, IEEE 802.16, netlab, personalization, Security, WiMAX Sanvido, Fabio; Díaz-Sánchez, Daniel; Almenárez-Mendoza, Florina; Marín-López, Andrés A Survey on Security in Future Internet and Cloud Proceedings Article In: International Conference on Advances in Future Internet (UBICOMM 2011), 2011, ISBN: 978-1-61208-148-9. Abstract | BibTeX | Tags: Cloud computing, future internet, identity management, raudo2, Security, trust Almenárez, Florina; Arias, Patricia; Díaz-Sánchez, Daniel; Marín, Andrés; Sánchez., Rosa fedTV: Personal Networks Federation for IdM in Mobile DTV Journal Article In: IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, vol. 57, iss. 2, pp. 499 - 506, 2011, ISSN: 0098-3063. Abstract | Links | BibTeX | Tags: anot, anotacionsemantica, authentication, Digital TV, identity management, Mobile communication, Mobile computing, mobile DTV, Mobile handsets, Personal Network Federation, SAML, Trust management Cabarcos, Patricia Arias; Guerrero, Rosa Sánchez; Mendoza, Florina Almenárez; Díaz-Sánchez, Daniel; López, Andrés Marín FamTV: An Architecture for Presence-Aware Personalized Television Journal Article In: IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, vol. 57, iss. 1, pp. 6-13, 2011, ISSN: 0098-3063. Abstract | Links | BibTeX | Tags: content personalization, Digital TV, identity management, presence detection2015
@article{ariascabarcos002,
title = {Blended Identity: Pervasive IdM for Continuous Authentication},
author = {Patricia Arias-Cabarcos and Florina Almenárez and Rubén Trapero and Daniel Díaz-Sánchez and Andrés Marín},
url = {https://ieeexplore.ieee.org/document/7118079},
doi = {https://doi.org/10.1109/MSP.2015.62},
issn = {1540-7993},
year = {2015},
date = {2015-06-04},
urldate = {2015-06-04},
journal = {IEEE Xplore},
volume = {13},
issue = {3},
pages = {32-39},
abstract = {A proper identity management approach is necessary for pervasive computing to be invisible to users. Federated identity management is key to achieving efficient identity blending and natural integration in the physical and online layers where users, devices, and services are present.},
keywords = {blended identity, emrisco, identity management, IdM, Pervasive computing, Protocols, risk assessment, Security},
pubstate = {published},
tppubtype = {article}
}
2013
@article{almenarez010,
title = {To Federate or Not To Federate: A Reputation-Based Mechanism to Dynamize Cooperation in Identity Management },
author = {Patricia Arias-Cabarcos and Florina Almenares-Mendoza and Felix Gómez-Mármol and Andrés Marín- López },
doi = {https://doi.org/10.1007/s11277-013-1338-y},
issn = {0929-6212},
year = {2013},
date = {2013-08-01},
urldate = {2013-08-01},
journal = {Wireless Personal Communications},
volume = {75},
issue = {3},
pages = {1769-1786},
abstract = {Identity Management systems cannot be centralized anymore. Nowadays, users have multiple accounts, profiles and personal data distributed throughout the web and hosted by different providers. However, the online world is currently divided into identity silos forcing users to deal with repetitive authentication and registration processes and hindering a faster development of large scale e-business. Federation has been proposed as a technology to bridge different trust domains, allowing user identity information to be shared in order to improve usability. But further research is required to shift from the current static model, where manual bilateral agreements must be pre-configured to enable cooperation between unknown parties, to a more dynamic one, where trust relationships are established on demand in a fully automated fashion. This paper presents IdMRep, the first completely decentralized reputation-based mechanism which makes dynamic federation a reality. Initial experiments demonstrate its accuracy as well as an assumable overhead in scenarios with and without malicious nodes.},
keywords = {cooperative systems, identity federation, identity management, trust and reputation management},
pubstate = {published},
tppubtype = {article}
}
2012
@article{sanchezguerrero001,
title = {An Event Driven Hybrid Identity Management Approach to Privacy Enhanced e-Health},
author = {Rosa Sánchez-Guerrero and Florina Almenárez and Daniel Díaz-Sánchez and Andrés Marín and Patricia Arias and Fabio Sanvido
},
url = {https://www.mdpi.com/1424-8220/12/5/6129
https://www.mdpi.com/1424-8220/12/5/6129/pdf?version=1403317529},
doi = {https://doi.org/10.3390/s120506129},
issn = {1424-8220},
year = {2012},
date = {2012-05-10},
urldate = {2012-05-10},
journal = {Sensors },
volume = {12},
issue = {5},
pages = {6129-6154},
abstract = {Credential-based authorization offers interesting advantages for ubiquitous scenarios involving limited devices such as sensors and personal mobile equipment: the verification can be done locally; it offers a more reduced computational cost than its competitors for issuing, storing, and verification; and it naturally supports rights delegation. The main drawback is the revocation of rights. Revocation requires handling potentially large revocation lists, or using protocols to check the revocation status, bringing extra communication costs not acceptable for sensors and other limited devices. Moreover, the effective revocation consent—considered as a privacy rule in sensitive scenarios—has not been fully addressed. This paper proposes an event-based mechanism empowering a new concept, the sleepyhead credentials, which allows to substitute time constraints and explicit revocation by activating and deactivating authorization rights according to events. Our approach is to integrate this concept in IdM systems in a hybrid model supporting delegation, which can be an interesting alternative for scenarios where revocation of consent and user privacy are critical. The delegation includes a SAML compliant protocol, which we have validated through a proof-of-concept implementation. This article also explains the mathematical model describing the event-based model and offers estimations of the overhead introduced by the system. The paper focus on health care scenarios, where we show the flexibility of the proposed event-based user consent revocation mechanism.},
keywords = {delegation, event, federation, health care, identity management, privacy, revocation consent, servicioseguridad, theory queue, user-centric},
pubstate = {published},
tppubtype = {article}
}
2011
@inproceedings{pa033,
title = {Improving privacy in identity management systems for health care scenarios},
author = {Rosa Sánchez-Guerrero and Daniel Díaz-Sánchez and Andrés Marín-López and Patricia Arias-Cabarcos and Florina Almenares-Mendoza},
url = {http://hdl.handle.net/10016/13102},
isbn = {978-84-694-9677-0},
year = {2011},
date = {2011-12-27},
urldate = {2011-12-27},
booktitle = {Proceedings of the 5th International Symposium of Ubiquitous Computing and Ambient Intelligence (UCAMI 2011), December 5-8th, 2011, Riviera Maya, Mexico},
publisher = {UCAMI},
abstract = {Privacy is a very complex and subjective concept with different meaning to different people. The meaning depends on the context. Moreover, privacy is close to the user information and thus, present in any ubiquitous computing scenario. In the context of identity management (IdM), privacy is gaining more importance since IdM systems deal with services that requires sharing attributes belonging to users’ identity with different entities across domains. Consequently, privacy is a fundamental aspect to be addressed by IdM to protect the exchange of user attributes between services and identity providers across different networks and security domains in pervasive computing. However, problems such as the effective revocation consent, have not been fully addressed. Furthermore, privacy depends heavily on users and applications requiring some degree of flexibility. This paper analyzes the main current identity models, as well as the privacy support presented by the identity management frameworks. After the main limitations are identified, we propose a delegation protocol for the SAML standard in order to enhance the revocation consent within healthcare scenarios.},
keywords = {anonymity, delegation, desarrollodespliegue, federation, health care, identity management, privacy, Pseudonymity, user-centric},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{pa034,
title = {An identity aware wimax personalization for pervasive computing services},
author = {Rosa Sánchez-Guerrero and Daniel Díaz-Sánchez and Florina Almenares-Mendoza and Andrés Marín- López and Patricia Arias-Cabarcos and Davide Proserpio },
url = {http://hdl.handle.net/10016/13098
https://e-archivo.uc3m.es/bitstreams/685697a7-32a6-45e9-b60c-913dad70d44e/download},
isbn = {978-84-694-9677-0},
year = {2011},
date = {2011-12-27},
urldate = {2011-12-27},
booktitle = {Proceedings of the 5th International Symposium of Ubiquitous Computing and Ambient Intelligence (UCAMI 2011), December 5-9th, 2011, Riviera Maya, Mexico.},
publisher = {UCAMI},
abstract = {Mobile Internet access is becoming more and more pervasive in the new 4G scenarios, where WiMAX is to play a crucial role. WiMax has advantages when considering both energy consumption and bandwidth, when compared with HSDPA and LTE. However, we have found some limitations in IEEE 802.16 security support, which may limit authentication and authorization mechanisms for ubiquitous service development. In this article we analyze weaknesses and vulnerabilities we have found in WiMAX security. WiMax, with the adequate identity management support, could be invaluable for developing new pervasive computing services. We propose the introduction of identity management in WiMAX, as a pervious step to the definition of identity aware WiMax personalization of pervasive computing services.},
keywords = {authentication, desarrollodespliegue, identity management, IEEE 802.16, personalization, Security, WiMAX},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{pa022,
title = {Introducing identity management in WiMAX to enable secure and personalized services},
author = {Rosa Sánchez-Guerrero and Daniel Díaz-Sánchez and Florina Almenarez and Patricia Arias and Davide Proserpio and Andrés Marín},
url = {https://ieeexplore.ieee.org/document/6097228},
doi = {https://doi.org/10.1109/WMNC.2011.6097228},
isbn = {978-1-4577-1192-3},
year = {2011},
date = {2011-12-12},
urldate = {2011-12-12},
booktitle = {2011 4th Joint IFIP Wireless and Mobile Networking Conference (WMNC 2011)},
publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
abstract = {The increasing popularity of broadband Internet and the widespread penetration of full-featured mobile devices have signaled WiMAX importance. IEEE 802.16 standard has focused on security from the beginning, being security support a fundamental aspect in wireless communication. We have found some limitations concerning authentication and authorization mechanisms at user level. To overcome those limitations we consider necessary to provide a proper identity management support for WiMAX for enhancing users' experience whereas delivering services in a secure fashion. In this article we analyze several weaknesses and vulnerabilities in WiMAX security and propose the introduction of identity management in WiMAX for a better provision of secure personalized services.},
keywords = {authentication, identity management, IEEE 802.16, netlab, personalization, Security, WiMAX},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{pa028,
title = {A Survey on Security in Future Internet and Cloud},
author = {Fabio Sanvido and Daniel Díaz-Sánchez and Florina Almenárez-Mendoza and Andrés Marín-López},
isbn = {978-1-61208-148-9},
year = {2011},
date = {2011-08-27},
urldate = {2011-08-27},
booktitle = {International Conference on Advances in Future Internet (UBICOMM 2011)},
abstract = {https://personales.upv.es/thinkmind/dl/conferences/afin/afin_2011/afin_2011_2_30_70129.pdf},
keywords = {Cloud computing, future internet, identity management, raudo2, Security, trust},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{almenarez002,
title = {fedTV: Personal Networks Federation for IdM in Mobile DTV},
author = {Florina Almenárez and Patricia Arias and Daniel Díaz-Sánchez and Andrés Marín and Rosa Sánchez.},
url = {https://ieeexplore.ieee.org/document/5955185
https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5955185},
doi = {https://doi.org/10.1109/TCE.2011.5955185},
issn = {0098-3063},
year = {2011},
date = {2011-05-03},
urldate = {2011-05-03},
journal = {IEEE TRANSACTIONS ON CONSUMER ELECTRONICS},
volume = {57},
issue = {2},
pages = {499 - 506},
abstract = {Mobile Social TV and Mobile Video Blogging are new challenging scenarios arising from mobile and online DTV. They will allow for new interactions, and dynamically share content and delegate services. That requires the dynamic discovery, joining, and establishing new federations, emerging the trust management as an important facet for that. Such trust management should be autonomous, user-centric, and dynamic to cope with forthcoming applications. We propose an enhanced mobile client to support federated environments for cooperation in mobile DTV scenarios. Our proposal extends the Enhanced Client Profile defined in SAML v2, incorporating a trust management layer inside user's consumer electronic devices' software.},
keywords = {anot, anotacionsemantica, authentication, Digital TV, identity management, Mobile communication, Mobile computing, mobile DTV, Mobile handsets, Personal Network Federation, SAML, Trust management},
pubstate = {published},
tppubtype = {article}
}
@article{ariascabarcos003,
title = {FamTV: An Architecture for Presence-Aware Personalized Television},
author = {Patricia Arias Cabarcos and Rosa Sánchez Guerrero and Florina Almenárez Mendoza and Daniel Díaz-Sánchez and Andrés Marín López},
url = {https://ieeexplore.ieee.org/document/5735473
https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5735473},
doi = {https://doi.org/10.1109/TCE.2011.5735473},
issn = {0098-3063},
year = {2011},
date = {2011-02-01},
urldate = {2011-02-01},
journal = {IEEE TRANSACTIONS ON CONSUMER ELECTRONICS},
volume = {57},
issue = {1},
pages = {6-13},
abstract = {Since the advent of the digital era, the traditional TV scenario has rapidly evolved towards an ecosystem comprised of a myriad of services, applications, channels, and contents. As a direct consequence, the amount of available information and configuration options targeted at today's end consumers have become unmanageable. Thus, personalization and usability emerge as indispensable elements to improve our content-overloaded digital homes. With these requirements in mind, we present a way to combine content adaptation paradigms together with presence detection in order to allow a seamless and personalized entertainment experience when watching TV.},
keywords = {content personalization, Digital TV, identity management, presence detection},
pubstate = {published},
tppubtype = {article}
}
Publications
Blended Identity: Pervasive IdM for Continuous Authentication Journal Article In: IEEE Xplore, vol. 13, iss. 3, pp. 32-39, 2015, ISSN: 1540-7993. To Federate or Not To Federate: A Reputation-Based Mechanism to Dynamize Cooperation in Identity Management Journal Article In: Wireless Personal Communications, vol. 75, iss. 3, pp. 1769-1786, 2013, ISSN: 0929-6212. An Event Driven Hybrid Identity Management Approach to Privacy Enhanced e-Health Journal Article In: Sensors , vol. 12, iss. 5, pp. 6129-6154, 2012, ISSN: 1424-8220. Improving privacy in identity management systems for health care scenarios Proceedings Article In: Proceedings of the 5th International Symposium of Ubiquitous Computing and Ambient Intelligence (UCAMI 2011), December 5-8th, 2011, Riviera Maya, Mexico, UCAMI, 2011, ISBN: 978-84-694-9677-0. An identity aware wimax personalization for pervasive computing services Proceedings Article In: Proceedings of the 5th International Symposium of Ubiquitous Computing and Ambient Intelligence (UCAMI 2011), December 5-9th, 2011, Riviera Maya, Mexico., UCAMI, 2011, ISBN: 978-84-694-9677-0. Introducing identity management in WiMAX to enable secure and personalized services Proceedings Article In: 2011 4th Joint IFIP Wireless and Mobile Networking Conference (WMNC 2011), Institute of Electrical and Electronics Engineers (IEEE), 2011, ISBN: 978-1-4577-1192-3. A Survey on Security in Future Internet and Cloud Proceedings Article In: International Conference on Advances in Future Internet (UBICOMM 2011), 2011, ISBN: 978-1-61208-148-9. fedTV: Personal Networks Federation for IdM in Mobile DTV Journal Article In: IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, vol. 57, iss. 2, pp. 499 - 506, 2011, ISSN: 0098-3063. FamTV: An Architecture for Presence-Aware Personalized Television Journal Article In: IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, vol. 57, iss. 1, pp. 6-13, 2011, ISSN: 0098-3063.2015
2013
2012
2011