Javier López

@article{Alcaraz2023a,

title = {Protecting Digital Twin Networks for 6G-enabled Industry 5.0 Ecosystems},

author = {Cristina Alcaraz and Javier Lopez},

url = {/wp-content/papers/Alcaraz2023a.pdf

https://ieeexplore.ieee.org/abstract/document/10239369},

doi = {10.1109/MNET.004.2200529},

issn = {0890-8044},

year  = {2023},

date = {2023-12-31},

urldate = {2023-12-31},

journal = {IEEE Network Magazine},

volume = {37},

number = {2},

pages = {302-308},

publisher = {IEEE},

abstract = {New industrial paradigms, such as the Industrial Internet of Things (IIoT) and Industry 5.0, are emerging in industrial contexts with the aim of fostering quality in operational processes. With the expected launch of 6G in the coming years, IIoT networks in Industry 5.0 ecosystems can leverage 6G technology and its support for training machine learning models using Digital Twins (DTs), embedded in DT Networks (DTNs), to transparently and continuously optimize their communications. Unfortunately, the use of these technologies, in turn, intensifies the attack surface and poses a serious threat to the new goals of Industry 5.0, such as improving the user experience, sustainability and resilience. This article therefore proposes a layered protection framework for 6G-enabled IIoT environments, where not only DTs and DTNs are fully protected, but also the whole 6G ecosystem, complying with the expected goals of Industry 5.0. To achieve this, the framework identifies for each protection layer a set of security and privacy services to subsequently relate them to existing computing infrastructures (cloud, edge, edge-cloud) and provide the best approach for future IIoT deployments.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{surveyIoTrust2023,

title = {A Survey on IoT Trust Model Frameworks},

author = {Davide Ferraris and Carmen Fernandez-Gago and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/surveyIoTrust2023.pdf},

doi = {10.1007/s11227-023-05765-4},

year  = {2023},

date = {2023-11-17},

urldate = {2023-11-17},

journal = {The Journal of Supercomputing},

abstract = {Trust can be considered as a multidisciplinary concept, which is strongly related to the context and it falls in different fields such as Philosophy, Psychology or Computer Science. Trust is fundamental in every relationship, because without it, an entity will not interact with other entities. This aspect is very important especially in the Internet of Things (IoT), where many entities produced by different vendors and created for different purposes have to interact among them through the internet often under uncertainty. Trust can overcome this uncertainty, creating a strong basis to ease the process of interaction among these entities. We believe that considering trust in the IoT is fundamental, and in order to implement it in any IoT entity, it is fundamental to consider it through the whole System Development Life Cycle. In this paper, we propose an analysis of different works that consider trust for the IoT. We will focus especially on the analysis of frameworks that have been developed in order to include trust in the IoT. We will make a classification of them providing a set of parameters that we believe are fundamental in order to properly consider trust in the IoT. Thus, we will identify important aspects to be taken into consideration when developing frameworks that implement trust in the IoT, finding gaps and proposing possible solutions.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Roman2023a,

title = {Current Perspectives on Securing Critical Infrastructures’ Supply Chains},

author = {Rodrigo Roman and Cristina Alcaraz and Javier Lopez and Kouichi Sakurai},

url = {/wp-content/papers/Roman2023a.pdf},

doi = {10.1109/MSEC.2023.3247946},

issn = {1540-7993},

year  = {2023},

date = {2023-03-08},

urldate = {2023-03-08},

journal = {IEEE Security \& Privacy},

volume = {21},

number = {4},

pages = {29-38},

publisher = {IEEE},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Alcaraz2022b,

title = {Digital Twin: A Comprehensive Survey of Security Threats},

author = {Cristina Alcaraz and Javier Lopez},

url = {/wp-content/papers/Alcaraz2022b.pdf

https://ieeexplore.ieee.org/document/9765576},

doi = {10.1109/COMST.2022.3171465},

issn = {1553-877X},

year  = {2022},

date = {2022-04-01},

urldate = {2022-04-01},

journal = {IEEE Communications Surveys \& Tutorials},

volume = {24},

number = {thirdquarter 2022},

pages = {1475 - 1503},

publisher = {IEEE},

address = {IEEE},

abstract = {Industry 4.0 is having an increasingly positive impact on the value chain by modernizing and optimizing the production and distribution processes. In this streamline, the digital twin (DT) is one of the most cutting-edge technologies of Industry 4.0, providing simulation capabilities to forecast, optimize and estimate states and configurations. In turn, these technological capabilities are encouraging industrial stakeholders to invest in the new paradigm, though an increased focus on the risks involved is really needed. More precisely, the deployment of a DT is based on the composition of technologies such as cyber-physical systems, the Industrial Internet of Things, edge computing, virtualization infrastructures, artificial intelligence and big data. However, the confluence of all these technologies and the implicit interaction with the physical counterpart of the DT in the real world generate multiple security threats that have not yet been sufficiently studied. In that context, this paper analyzes the current state of the DT paradigm and classifies the potential threats associated with it, taking into consideration its functionality layers and the operational requirements in order to achieve a more complete and useful classification. We also provide a preliminary set of security recommendations and approaches that can help to ensure the appropriate and trustworthy use of a DT.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{rios2022pmec,

title = {Personal IoT Privacy Control at the Edge},

author = {Ruben Rios and Jose A. Onieva and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/rios2022pmec.pdf},

doi = {10.1109/MSEC.2021.3101865},

issn = {1540-7993},

year  = {2022},

date = {2022-01-01},

urldate = {2022-01-01},

journal = {IEEE Security \& Privacy},

volume = {20},

pages = {23 - 32},

publisher = {IEEE},

abstract = {This article introduces a privacy manager for IoT data based on Edge Computing. This poses the advantage that privacy is enforced before data leaves the control of the user, who is provided with a tool to express data sharing preferences based on a novel context-aware privacy language.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Flamini2022,

title = {Towards Trustworthy Autonomous Systems: Taxonomies and Future Perspectives},

author = {Francesco Flammini and Cristina Alcaraz and Emanuele Bellini and Stefano Marrone and Javier Lopez and Andrea Bondavalli},

url = {/wp-content/papers/Flamini2022.pdf

https://ieeexplore.ieee.org/abstract/document/9979717/authors$#$authors},

doi = {10.1109/TETC.2022.3227113},

issn = {2168-6750},

year  = {2022},

date = {2022-01-01},

urldate = {2022-01-01},

journal = {IEEE Transactions on Emerging Topics in Computing},

publisher = {IEEE},

abstract = {The class of Trustworthy Autonomous Systems (TAS) includes cyber-physical systems leveraging on self-x technologies that make them capable to learn, adapt to changes, and reason under uncertainties in possibly critical applications and evolving environments. In the last decade, there has been a growing interest in enabling artificial intelligence technologies, such as advanced machine learning, new threats, such as adversarial attacks, and certification challenges, due to the lack of sufficient explainability. However, in order to be trustworthy, those systems also need to be dependable, secure, and resilient according to well-established taxonomies, methodologies, and tools. Therefore, several aspects need to be addressed for TAS, ranging from proper taxonomic classification to the identification of research opportunities and challenges. Given such a context, in this paper address relevant taxonomies and research perspectives in the field of TAS. We start from basic definitions and move towards future perspectives, regulations, and emerging technologies supporting development and operation of TAS.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Agudo2020,

title = {A Blockchain Approach for Decentralized V2X (D-V2X)},

author = {Isaac Agudo and Manuel Montenegro-G\'{o}mez and Javier Lopez},

url = {/wp-content/papers/Agudo2020.pdf},

doi = {10.1109/TVT.2020.3046640},

issn = {0018-9545},

year  = {2021},

date = {2021-05-01},

urldate = {2021-05-01},

journal = {IEEE Transactions on Vehicular Technology},

volume = {70},

number = {5},

pages = {4001 - 4010},

publisher = {IEEE},

abstract = {New mobility paradigms have appeared in recent years, and everything suggests that some more are coming. This fact makes apparent the necessity of modernizing the road infrastructure, the signalling elements and the traffic management systems. Many initiatives have emerged around the term Intelligent Transport System (ITS) in order to define new scenarios and requirements for this kind of applications. We even have two main competing technologies for implementing Vehicular communication protocols (V2X), C-V2X and 802.11p, but neither of them is widely deployed yet. 

One of the main barriers for the massive adoption of those technologies is governance. Current solutions rely on the use of a public key infrastructure that enables secure collaboration between the different entities in the V2X ecosystem, but given its global scope, managing such infrastructure requires reaching agreements between many parties, with conflicts of interest between automakers and telecommunication operators. As a result, there are plenty of use cases available and two mature communication technologies, but the complexity at the business layer is stopping the drivers from taking advantage of ITS applications. 

Blockchain technologies are defining a new decentralized paradigm for most traditional applications, where smart contracts provide a straightforward mechanism for decentralized governance. In this work, we propose an approach for decentralized V2X (D-V2X) that does not require any trusted authority and can be implemented on top of any communication protocol. We also define a proof-of-concept technical architecture on top of a cheap and highly secure System-on-Chip (SoC) that could allow for massive adoption of D-V2X.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{lopez2020,

title = {Digital Twins for Intelligent Authorization in the B5G-enabled Smart Grid},

author = {Javier Lopez and Juan E. Rubio and Cristina Alcaraz},

url = {/wp-content/papers/lopez2020.pdf

https://ieeexplore.ieee.org/document/9430900},

doi = {10.1109/MWC.001.2000336},

issn = {1536-1284},

year  = {2021},

date = {2021-04-01},

urldate = {2021-04-01},

journal = {IEEE Wireless Communications},

volume = {28},

pages = {48-55},

publisher = {IEEE},

abstract = {Beyond fifth generation (B5G) communication networks and computation paradigms in the edge are expected to be integrated into power grid infrastructures over the coming years. In this sense, AI technologies will play a fundamental role to efficiently manage dynamic information flows of future applications, which impacts the authorization policies applied in such a complex scenario. This article studies how digital twins can evolve their context awareness capabilities and simulation technologies to anticipate faults or to detect cyber-security issues in real time, and update access control policies accordingly. Our study analyzes the evolution of monitoring platforms and architecture decentralization, including the application of machine learning and blockchain technologies in the smart grid, toward the goal of implementing autonomous and self-learning agents in the medium and long term. We conclude this study with future challenges on applying digital twins to B5G-based smart grid deployments.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Rubio2020IIoT,

title = {Integration of a Threat Traceability Solution in the Industrial Internet of Things},

author = {Juan E. Rubio and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/Rubio2020IIoT.pdf},

doi = {10.1109/TII.2020.2976747},

issn = {1551-3203},

year  = {2020},

date = {2020-10-01},

urldate = {2020-10-01},

journal = {IEEE Transactions on Industrial Informatics},

volume = {16},

number = {6575-6583},

publisher = {IEEE},

abstract = {In Industrial Internet of Things (IIoT) scenarios, where a plethora of IoT technologies coexist with consolidated industrial infrastructures, the integration of security mechanisms that provide protection against cyber-security attacks becomes a critical challenge. Due to the stealthy and persistent nature of some of these attacks, such as Advanced Persistent Threats, it is crucial to go beyond traditional Intrusion Detection Systems for the traceability of these attacks. In this sense, Opinion Dynamics poses a novel approach for the correlation of anomalies, which has been successfully applied to other network security domains. In this paper, we aim to analyze its applicability in the IIoT from a technical point of view, by studying its deployment over different IIoT architectures and defining a common framework for the acquisition of data considering the computational constraints involved. The result is a beneficial insight that demonstrates the feasibility of this approach when applied to upcoming IIoT infrastructures.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Alcaraz2020a,

title = {Blockchain-Assisted Access for Federated Smart Grid Domains: Coupling and Features},

author = {Cristina Alcaraz and Juan E. Rubio and Javier Lopez},

url = {/wp-content/papers/Alcaraz2020a.pdf},

issn = {0743-7315},

year  = {2020},

date = {2020-06-01},

urldate = {2020-06-01},

journal = {Journal of Parallel and Distributed Computing},

volume = {144},

pages = {124-135},

publisher = {Elsevier},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{alcaraz2019a,

title = {Covert Channels-based Stealth Attacks in Industry 4.0},

author = {Cristina Alcaraz and Giuseppe Bernieri and Federica Pascucci and Javier Lopez and Roberto Setola},

url = {/wp-content/papers/alcaraz2019a.pdf

https://ieeexplore.ieee.org/document/8715420?source=authoralert},

doi = {10.1109/JSYST.2019.2912308},

issn = {1932-8184},

year  = {2019},

date = {2019-12-01},

urldate = {2019-12-01},

journal = {IEEE Systems Journal.},

volume = {13},

pages = {3980-3988},

publisher = {IEEE},

abstract = {Industry 4.0 advent opens several cyber-threats scenarios originally designed for classic information technology, drawing the attention to the serious risks for the modern industrial control networks. To cope with this problem, in this paper we address the security issues related to covert channels applied to industrial networks, identifying the new vulnerability points when information technologies converge with operational technologies such as edge computing infrastructures. Specifically, we define two signaling strategies where we exploit the Modbus/TCP protocol as target to set up a covert channel. Once the threat channel is established, passive and active offensive attacks (i.e. data exfiltration and command an control, respectively) are further exploited by implementing and testing them on a real Industrial Internet of Things testbed. The experimental results highlight the potential damage of such specific threats, and the easy extrapolation of the attacks to other types of channels in order to show the new risks for Industry 4.0. Related to this, we discuss some countermeasures to offer an overview of possible mitigation and defense measures.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{onieva2019vec,

title = {Edge-Assisted Vehicular Networks Security},

author = {Jose A. Onieva and Ruben Rios and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/onieva2019vec.pdf},

doi = {10.1109/JIOT.2019.2904323},

issn = {2327-4662},

year  = {2019},

date = {2019-10-01},

urldate = {2019-10-01},

journal = {IEEE Internet of Things Journal},

volume = {6},

pages = {8038-8045},

publisher = {IEEE Computer Society},

abstract = {Edge Computing paradigms are expected to solve some major problems affecting current application scenarios that rely on Cloud computing resources to operate. These novel paradigms will bring computational resources closer to the users and by doing so they will not only reduce network latency and bandwidth utilization but will also introduce some attractive context-awareness features to these systems. In this paper we show how the enticing features introduced by Edge Computing paradigms can be exploited to improve security and privacy in the critical scenario of vehicular networks (VN), especially existing authentication and revocation issues. In particular, we analyze the security challenges in VN and describe three deployment models for vehicular edge computing, which refrain from using vehicular- to-vehicular communications. The result is that the burden imposed to vehicles is considerably reduced without sacrificing the security or functional features expected in vehicular scenarios.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{roman2018VIS,

title = {Immune System for the Internet of Things using Edge Technologies},

author = {Rodrigo Roman and Ruben Rios and Jose A. Onieva and Javier Lopez},

url = {/wp-content/papers/roman2018VIS.pdf

https://ieeexplore.ieee.org/document/8449989/},

doi = {10.1109/JIOT.2018.2867613},

issn = {2327-4662},

year  = {2019},

date = {2019-06-01},

urldate = {2019-06-01},

journal = {IEEE Internet of Things Journal},

volume = {6},

pages = {4774-4781},

publisher = {IEEE Computer Society},

abstract = {The Internet of Things (IoT) and Edge Computing are starting to go hand in hand. By providing cloud services close to end-users, edge paradigms enhance the functionality of IoT deployments, and facilitate the creation of novel services such as augmented systems. Furthermore, the very nature of these paradigms also enables the creation of a proactive defense architecture, an immune system, which allows authorized immune cells (e.g., virtual machines) to traverse edge nodes and analyze the security and consistency of the underlying IoT infrastructure. In this article, we analyze the requirements for the development of an immune system for the IoT, and propose a security architecture that satisfies these requirements. We also describe how such a system can be instantiated in Edge Computing infrastructures using existing technologies. Finally, we explore the potential application of immune systems to other scenarios and purposes.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{sarita2018,

title = {Detection of Node Capture Attack in Wireless Sensor Networks},

author = {Sarita Agrawal and Manik Lal Das and Javier Lopez},

issn = {1932-8184},

year  = {2019},

date = {2019-03-01},

urldate = {2019-03-01},

journal = {IEEE Systems Journal},

volume = {13},

pages = {238 - 247},

publisher = {IEEE},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{alcarazlopez-IEEESystems-2017,

title = {A Cyber-Physical Systems-Based Checkpoint Model for Structural Controllability},

author = {Cristina Alcaraz and Javier Lopez},

url = {/wp-content/papers/alcarazlopez-IEEESystems-2017.pdf

http://ieeexplore.ieee.org/document/8057984/},

doi = {10.1109/JSYST.2017.2740719},

issn = {1932-8184},

year  = {2018},

date = {2018-12-01},

urldate = {2018-12-01},

journal = {IEEE Systems Journal},

volume = {12},

pages = {3543-3554},

publisher = {IEEE},

abstract = {The protection of critical user-centric applications, such as Smart Grids and their monitoring systems, has become one of the most cutting-edge research areas in recent years. The dynamic complexity of their cyber-physical systems (CPSs) and their strong inter-dependencies with power systems, are bringing about a significant increase in security problems that may be exploited by attackers. These security holes may, for example, trigger the disintegration of the structural controllability properties due to the problem of non-locality, affecting, sooner or later, the provision of the essential services to end-users. One way to address these situations could be through automatic checkpoints in charge of inspecting the healthy status of the control network and its critical nature. This inspection can be subject to special mechanisms composed of trustworthy cyberphysical elements capable of detecting structural changes in the control and activating restoration procedures with support for warning. This is precisely the aim of this paper, which presents a CPSs-based checkpoint model with the capacity to manage heterogeneous replications that help ensure data redundancy, thereby guaranteeing the validity of the checkpoints. As a support to this study, a theoretical and practical analysis is addressed to show the functionality of the approach in real contexts.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{transactionInformaticsSG2018,

title = {A Resilient Architecture for the Smart Grid},

author = {Javier Lopez and Juan E. Rubio and Cristina Alcaraz},

url = {/wp-content/papers/transactionInformaticsSG2018.pdf},

doi = {10.1109/TII.2018.2826226},

issn = {1551-3203},

year  = {2018},

date = {2018-08-01},

urldate = {2018-08-01},

journal = {IEEE Transactions on Industrial Informatics},

volume = {14},

pages = {3745-3753},

publisher = {IEEE},

abstract = {The Smart Grid offers many benefits due to the bidirectional communication between the users and the utility company, which makes it possible to perform a fine-grain consumption metering. This can be used for Demand Response purposes with the generation and delivery of electricity in real time. It is essential to rapidly anticipate high peaks of demand or potential attacks, so as to avoid power outages and denial of service, while effectively supplying consumption areas. In this paper, we propose a novel architecture where cloud computing resources are leveraged (and tested in practice) to enable, on the one hand, the consumption prediction through time series forecasting, as well as load balancing to uniformly distribute the demand over a set of available generators. On the other and, it also allows the detection of connectivity losses and intrusions within the control network by using controllability concepts.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{RomanIoT18,

title = {Evolution and Trends in the Security of the Internet of Things},

author = {Rodrigo Roman and Javier Lopez and Stefanos Gritzalis},

url = {/wp-content/papers/RomanIoT18.pdf

https://ieeexplore.ieee.org/document/8423133/},

doi = {10.1109/MC.2018.3011051},

issn = {0018-9162},

year  = {2018},

date = {2018-07-01},

urldate = {2018-07-01},

journal = {IEEE Computer},

volume = {51},

pages = {16-25},

publisher = {IEEE Computer Society},

address = {New Jersey, USA},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{IonnaisPanosMihalisAlcarazLopez2018,

title = {Survey of IoT-enabled Cyberattacks: Assessing Attack Paths to Critical Infrastructures and Services},

author = {Ioannis Stellios and Panayiotis Kotzanikolaou and Mihalis Psarakis and Cristina Alcaraz and Javier Lopez},

url = {https://ieeexplore.ieee.org/document/8410404},

doi = {10.1109/COMST.2018.2855563},

issn = {1553-877X},

year  = {2018},

date = {2018-07-01},

urldate = {2018-07-01},

journal = {IEEE Communications Surveys and Tutorials},

volume = {20},

pages = {3453-3495},

publisher = {IEEE},

abstract = {As the deployment of Internet of Things (IoT) is experiencing an exponential growth, it is no surprise that many recent cyber attacks are IoT-enabled: The attacker initially exploits some vulnerable IoT technology as a first step towards compromising a critical system that is connected, in some way, with the IoT. For some sectors, like industry, smart grids, transportation and medical services, the significance of such attacks is obvious, since IoT technologies are part of critical backend systems. However, in sectors where IoT is usually at the enduser side, like smart homes, such attacks can be underestimated, since not all possible attack paths are examined. In this paper we survey IoT-enabled cyber attacks, found in all application domains since 2010. For each sector, we emphasize on the latest, verified IoT-enabled attacks, based on known real-world incidents and published proof-of-concept attacks. We methodologically analyze representative attacks that demonstrate direct, indirect and subliminal attack paths against critical targets. Our goal is threefold: (i) To assess IoT-enabled cyber attacks in a risk-like approach, in order to demonstrate their current threat landscape; (ii) To identify hidden and subliminal IoT-enabled attack paths against critical infrastructures and services, and (iii) To examine mitigation strategies for all application domains.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{cazorla2016cyber,

title = {Cyber Stealth Attacks in Critical Information Infrastructures},

author = {Lorena Cazorla and Cristina Alcaraz and Javier Lopez},

url = {/wp-content/papers/cazorla2016cyber.pdf

http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\&arnumber=7445136\&isnumber=8350419},

doi = {10.1109/JSYST.2015.2487684},

issn = {1932-8184},

year  = {2018},

date = {2018-06-01},

urldate = {2018-06-01},

journal = {IEEE Systems Journal},

volume = {12},

pages = {1778-1792},

publisher = {IEEE},

abstract = {Current Critical Infrastructures (CIs) are complex interconnected industrial systems that, in recent years, have incorporated information and communications technologies such as connection to the Internet and commercial off-the-shelf components. This makes them easier to operate and maintain, but exposes them to the threats and attacks that inundate conventional networks and systems. This paper contains a comprehensive study on the main stealth attacks that threaten CIs, with a special focus on Critical Information Infrastructures (CIIs). This type of attack is characterized by an adversary who is able to finely tune his actions to avoid detection while pursuing his objectives. To provide a complete analysis of the scope and potential dangers of stealth attacks we determine and analyze their stages and range, and we design a taxonomy to illustrate the threats to CIs, offering an overview of the applicable countermeasures against these attacks. From our analysis we understand that these types of attacks, due to the interdependent nature of CIs, pose a grave danger to critical systems where the threats can easily cascade down to the interconnected systems.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{LOPEZ201846,

title = {Access control for cyber-physical systems interconnected to the cloud},

author = {Javier Lopez and Juan E. Rubio},

url = {/wp-content/papers/LOPEZ201846.pdf

http://www.sciencedirect.com/science/article/pii/S1389128618300501},

doi = {10.1016/j.comnet.2018.01.037},

issn = {1389-1286},

year  = {2018},

date = {2018-01-01},

urldate = {2018-01-01},

journal = {Computer Networks},

volume = {134},

pages = {46 - 54},

publisher = {Elsevier},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{RomanFog16,

title = {Mobile edge computing, Fog et al.: A survey and analysis of security threats and challenges},

author = {Rodrigo Roman and Javier Lopez and Masahiro Mambo},

url = {/wp-content/papers/RomanFog16.pdf

https://authors.elsevier.com/c/1VmhQ,3q5xKgZZ},

doi = {10.1016/j.future.2016.11.009},

issn = {0167-739X},

year  = {2018},

date = {2018-01-01},

urldate = {2018-01-01},

journal = {Future Generation Computer Systems},

volume = {78},

pages = {680-698},

publisher = {Elsevier},

abstract = {For various reasons, the cloud computing paradigm is unable to meet certain requirements (e.g. low latency and jitter, context awareness, mobility support) that are crucial for several applications (e.g. vehicular networks, augmented reality). To fulfil these requirements, various paradigms, such as fog computing, mobile edge computing, and mobile cloud computing, have emerged in recent years. While these edge paradigms share several features, most of the existing research is compartmentalised; no synergies have been explored. This is especially true in the field of security, where most analyses focus only on one edge paradigm, while ignoring the others. The main goal of this study is to holistically analyse the security threats, challenges, and mechanisms inherent in all edge paradigms, while highlighting potential synergies and venues of collaboration. In our results, we will show that all edge paradigms should consider the advances in other paradigms.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{NietNLS15,

title = {Dynamic Knowledge-based Analysis in non-Secure 5G Green Environments using Contextual Data},

author = {Ana Nieto and Nikolaos Nomikos and Javier Lopez and Charalambos Skianis},

url = {/wp-content/papers/NietNLS15.pdf},

doi = {10.1109/JSYST.2015.2477782},

issn = {1932-8184},

year  = {2017},

date = {2017-12-01},

urldate = {2017-12-01},

journal = {IEEE Systems Journal},

volume = {11},

number = {99},

pages = {2479-2489},

publisher = {IEEE},

abstract = {The growing number of parameters in heteroge- neous networks, as is the case of the emphfifth generation (5G) Green networks, greatly complicates the analysis of the emphSecurity and Quality of Service Tradeoff (SQT). However, studying these types of relationships is crucial in Future Internet scenarios to prevent potential points of failure and to enhance the use of limited resources, increasing the user’s experience. Therefore, it is fundamental to provide tools and models for training, so that the users understand these dependencies and solve them prior to deploying new solutions. In this paper, a Recommendation System for SQT (SQT-RS) is deployed in 5G Green systems, considering the particular case of relay networks and the impact of eavesdropping and jamming contexts on the models generated by the user, aided by SQT-RS. With this goal in mind, we provide a component for the user to automatically select specific contexts based on 5G Green capabilities.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Lopez2017iotpriv,

title = {Evolving privacy: From sensors to the Internet of Things},

author = {Javier Lopez and Ruben Rios and Feng Bao and Guilin Wang},

url = {/wp-content/papers/Lopez2017iotpriv.pdf},

doi = {10.1016/j.future.2017.04.045},

issn = {0167-739X},

year  = {2017},

date = {2017-10-01},

urldate = {2017-10-01},

journal = {Future Generation Computer Systems},

volume = {75},

pages = {46\textendash57},

publisher = {Elsevier},

abstract = {The Internet of Things (IoT) envisions a world covered with billions of smart, interacting things capable of offering all sorts of services to near and remote entities. The benefits and comfort that the IoT will bring about are undeniable, however, these may come at the cost of an unprecedented loss of privacy. In this paper we look at the privacy problems of one of the key enablers of the IoT, namely wireless sensor networks, and analyse how these problems may evolve with the development of this complex paradigm. We also identify further challenges which are not directly associated with already existing privacy risks but will certainly have a major impact in our lives if not taken into serious consideration.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{nunez2017proxy,

title = {Proxy Re-Encryption: Analysis of Constructions and its Application to Secure Access Delegation},

author = {David Nu\~{n}ez and Isaac Agudo and Javier Lopez},

url = {/wp-content/papers/nunez2017proxy.pdf},

doi = {10.1016/j.jnca.2017.03.005},

issn = {1084-8045},

year  = {2017},

date = {2017-06-01},

urldate = {2017-06-01},

journal = {Journal of Network and Computer Applications},

volume = {87},

pages = {193-209},

publisher = {Elsevier},

abstract = {This paper analyzes the secure access delegation problem, which occurs naturally in the cloud, and postulate that Proxy Re-Encryption is a feasible cryptographic solution, both from the functional and efficiency perspectives. Proxy re-encryption is a special type of public-key encryption that permits a proxy to transform ciphertexts from one public key to another, without the proxy being able to learn any information about the original message. Thus, it serves as a means for delegating decryption rights, opening up many possible applications that require of delegated access to encrypted data. In particular, sharing information in the cloud is a prime example. In this paper, we review the main proxy re-encryption schemes so far, and provide a detailed analysis of their characteristics. Additionally, we also study the efficiency of selected schemes, both theoretically and empirically, based on our own implementation. Finally, we discuss some applications of proxy re-encryption, with a focus on secure access delegation in the cloud.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{AlcarazLopezWolthusen2017,

title = {OCPP Protocol: Security Threats and Challenges},

author = {Cristina Alcaraz and Javier Lopez and Stephen Wolthusen},

url = {/wp-content/papers/AlcarazLopezWolthusen2017.pdf},

doi = {10.1109/TSG.2017.2669647},

issn = {1949-3053},

year  = {2017},

date = {2017-02-01},

urldate = {2017-02-01},

journal = {IEEE Transactions on Smart Grid},

volume = {8},

pages = {2452 - 2459},

publisher = {IEEE},

abstract = {One benefit postulated for the adoption of Electric Vehicles (EVs) is their ability to act as stabilizing entities in smart grids through bi-directional charging, allowing local or global smoothing of peaks and imbalances. This benefit, however, hinges indirectly on the reliability and security of the power flows thus achieved. Therefore this paper studies key security properties of the alreadydeployed Open Charge Point Protocol (OCPP) specifying communication between charging points and energy management systems. It is argued that possible subversion or malicious endpoints in the protocol can also lead to destabilization of power networks. Whilst reviewing these aspects, we focus, from a theoretical and practical standpoint, on attacks that interfere with resource reservation originating with the EV, which may also be initiated by a man in the middle, energy theft or fraud. Such attacks may even be replicated widely, resulting in over- or undershooting of power network provisioning, or the (total/partial) disintegration of the integrity and stability of power networks.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{ieeenet16-nrl,

title = {Digital Witness: Safeguarding Digital Evidence by using Secure Architectures in Personal Devices},

author = {Ana Nieto and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/ieeenet16-nrl.pdf

http://ieeexplore.ieee.org/document/7764297/$#$full-text-section},

doi = {10.1109/MNET.2016.1600087NM},

issn = {0890-8044},

year  = {2016},

date = {2016-01-01},

urldate = {2016-01-01},

journal = {IEEE Network},

pages = {12-19},

publisher = {IEEE Communications Society},

abstract = {Personal devices contain electronic evidence associated with the behaviour of their owners and other devices in their environment, which can help clarify the facts of a cyber-crime scene. These devices are usually analysed as containers of proof. However, it is possible to harness the boom of personal devices to define the concept of digital witnesses, where personal devices are able to actively acquire, store, and transmit digital evidence to an authorised entity, reliably and securely. This article introduces this novel concept, providing a preliminary analysis on the management of digital evidence and the technologies that can be used to implement it with security guarantees in IoT environments. Moreover, the basic building blocks of a digital witness are defined.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{alcaraz2016POL,

title = {Policy Enforcement System for Secure Interoperable Control in Distributed Smart Grid Systems},

author = {Cristina Alcaraz and Javier Lopez and Stephen Wolthusen},

url = {/wp-content/papers/alcaraz2016POL.pdf},

issn = {1084-8045},

year  = {2016},

date = {2016-01-01},

urldate = {2016-01-01},

journal = {Journal of Network and Computer Applications},

volume = {59},

pages = {301\textendash314},

publisher = {Elsevier},

abstract = {Interoperability of distributed systems in charge of monitoring and maintaining the different critical domains belonging to Smart Grid scenarios comprise the central topic of this paper. Transparency in control transactions under a secure and reliable architecture is the aim of the policy enforcement system proposed here. The approach is based on the degree of observation of a context and on the emphrole-based access control model defined by the IEC-62351-8 standard. Only authenticated and authorised entities are able to take control of those distributed elements (e.g., IEC-61850 objects) located at distant geographical locations and close to the critical infrastructures (e.g., substations). To ensure the effectiveness of the approach, it is built on graphical-theoretical formulations corresponding to graph theory, where it is possible to illustrate power control networks through power-law distributions whose monitoring relies on emphstructural controllability theory. The interconnection of these distributions is subject to a network architecture based on the concept of the emphsupernode where the interoperability depends on a simple rule-based expert system. This expert system focuses not only on accepting or denying access, but also on providing the means to attend to extreme situations, avoiding, as much as possible, the overloading of the communication. Through one practical study we also show the functionalities of the approach and the benefits that the authorisation itself can bring to the emphinteroperability.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{alcaraz2013a,

title = {Diagnosis Mechanism for Accurate Monitoring in Critical Infrastructure Protection},

author = {Cristina Alcaraz and Javier Lopez},

url = {/wp-content/papers/alcaraz2013a.pdf},

doi = {10.1016/j.csi.2013.10.002},

issn = {0920-5489},

year  = {2014},

date = {2014-01-01},

urldate = {2014-01-01},

journal = {Computer Standards \& Interfaces},

volume = {36},

pages = {501-512},

publisher = {Elsevier},

abstract = {Situational awareness for critical infrastructure protection, such as for energy control systems, has become a topic of interest in recent years. Despite attempts to address this area of research, more progress is still necessary to find attractive solutions that help bring about prevention and response at all times from anywhere and at any time. Given this need, we therefore propose in this paper, a smart mechanism able to offer a wide-area situational awareness with the ability to: (i) Control the real state of the observed infrastructure, (ii) respond to emergency situations and (iii) assess the degree of ccuracy of the entire control system. To address these aspects, the mechanism is based on a hierarchical configuration of industrial sensors for control, the ISA100.11a standard for the prioritization and alarm management, and the F-Measure technique to study the level of accuracy of a sensor inside a neighbourhood. As proof of the functionality and feasibility of the mechanism for critical contexts, a software application implemented in nesC and Java is also presented in this paper.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{alcaraz2013b,

title = {WASAM: A Dynamic Wide-Area Situational Awareness Model for Critical Domains in Smart Grids},

author = {Cristina Alcaraz and Javier Lopez},

url = {/wp-content/papers/alcaraz2013b.pdf},

doi = {10.1016/j.future.2013.06.030},

issn = {0167-739X},

year  = {2014},

date = {2014-01-01},

urldate = {2014-01-01},

journal = {Future Generation Computer Systems},

volume = {30},

pages = {146-154},

publisher = {Elsevier},

abstract = {Control from anywhere and at anytime is nowadays a matter of paramount importance in critical systems. This is the case of the Smart Grid and its domains which should be monitored through intelligent and dynamic mechanisms able to anticipate, detect and respond before disruptions arise within the system. Given this fact and its importance for social welfare and the economy, a model for wide-area situational awareness is proposed in this paper. The model is based on a set of current technologies such as the wireless sensor networks, the ISA100.11a standard and cloud-computing together with a set of high-level functional services. These services include global and local support for prevention through a simple forecast scheme, detection of anomalies in the observation tasks, response to incidents, tests of accuracy and maintenance, as well as recovery of states and control in crisis situations.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{1770,

title = {Smart Control of Operational Threats in Control Substations},

author = {Javier Lopez and Cristina Alcaraz and Rodrigo Roman},

url = {/wp-content/papers/1770.pdf

http://www.sciencedirect.com/science/article/pii/S0167404813000588},

doi = {10.1016/j.cose.2013.03.013},

issn = {0167-4048},

year  = {2013},

date = {2013-10-01},

urldate = {2013-10-01},

journal = {Computers \& Security},

volume = {38},

pages = {14-27},

publisher = {Elsevier},

abstract = {Any deliberate or unsuitable operational action in control tasks of critical infrastructures, such as energy generation, transmission and distribution systems that comprise sub-domains of a Smart Grid, could have a significant impact on the digital economy: without energy, the digital economy cannot live. In addition, the vast majority of these types of critical systems are configured in isolated locations where their control depends on the ability of a few, supposedly trustworthy, human operators. However, this assumption of reliabilty is not always true. Malicious human operators (criminal insiders) might take advantage of these situations to intentionally manipulate the critical nature of the underlying infrastructure. These criminal actions could be not attending to emergency events, inadequately responding to incidents or trying to alter the normal behaviour of the system with malicious actions. For this reason, in this paper we propose a smart response mechanism that controls human operators’ operational threats at all times. Moreover, the design of this mechanism allows the system to be able to not only evaluate by itself, the situation of a particular scenario but also to take control when areas are totally unprotected and/or isolated. The response mechanism, which is based on Industrial Wireless Sensor Networks (IWSNs) for the constant monitoring of observed critical infrastructures, on reputation for controlling human operators’ actions, and on the ISA100.11a standard for alarm management, has been implemented and simulated to evaluate its feasibility for critical contexts.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{roman2013iot,

title = {On the features and challenges of security and privacy in distributed internet of things},

author = {Rodrigo Roman and Jianying Zhou and Javier Lopez},

url = {/wp-content/papers/roman2013iot.pdf

http://www.sciencedirect.com/science/article/pii/S1389128613000054},

doi = {10.1016/j.comnet.2012.12.018},

issn = {1389-1286},

year  = {2013},

date = {2013-07-01},

urldate = {2013-07-01},

journal = {Computer Networks},

volume = {57},

pages = {2266\textendash2279},

publisher = {Elsevier},

abstract = {In the Internet of Things, services can be provisioned using centralized architectures, where central entities acquire, process, and provide information. Alternatively, distributed architectures, where entities at the edge of the network exchange information and collaborate with each other in a dynamic way, can also be used. In order to understand the applicability and viability of this distributed approach, it is necessary to know its advantages and disadvantages \textendash not only in terms of features but also in terms of security and privacy challenges. The purpose of this paper is to show that the distributed approach has various challenges that need to be solved, but also various interesting properties and strengths.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{1752,

title = {Security of Industrial Sensor Network-based Remote Substations in the context of the Internet of Things},

author = {Cristina Alcaraz and Rodrigo Roman and Pablo Najera and Javier Lopez},

url = {/wp-content/papers/1752.pdf},

doi = {10.1016/j.adhoc.2012.12.001},

issn = {1570-8705},

year  = {2013},

date = {2013-00-01},

urldate = {2013-00-01},

journal = {Ad Hoc Networks},

volume = {11},

pages = {1091\textendash1104},

publisher = {Elsevier},

abstract = {The main objective of remote substations is to provide the central system with sensitive information from critical infrastructures, such as generation, distribution or transmission power systems. Wireless sensor networks have been recently applied in this particular context due to their attractive services and inherent benefits, such as simplicity, reliability and cost savings. However, as the number of control and data acquisition systems that use the Internet infrastructure to connect to substations increases, it is necessary to consider what connectivity model the sensor infrastructure should follow: either completely isolated from the Internet or integrated with it as part of the Internet of Things paradigm. This paper therefore addresses this question by providing a thorough analysis of both security requirements and infrastructural requirements corresponding to all those TCP/IP integration strategies that can be applicable to networks with constrained computational resources.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{1761,

title = {Wide-Area Situational Awareness for Critical Infrastructure Protection},

author = {Cristina Alcaraz and Javier Lopez},

url = {/wp-content/papers/1761.pdf

http://doi.ieeecomputersociety.org/10.1109/MC.2013.72},

doi = {10.1109/MC.2013.72},

issn = {0018-9162},

year  = {2013},

date = {2013-00-01},

urldate = {2013-00-01},

journal = {IEEE Computer},

volume = {46},

number = {4},

pages = {30-37},

publisher = {IEEE Computer Society},

abstract = {Combining a wide-area situational awareness (WASA) methodological framework with a set of requirements for awareness construction can help in the development and commissioning of future WASA cyberdefense solutions},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{AlcarazR2012,

title = {Selecting key management schemes for WSN applications},

author = {Cristina Alcaraz and Javier Lopez and Rodrigo Roman and Hsiao-Hwa Chen},

url = {/wp-content/papers/AlcarazR2012.pdf

http://www.sciencedirect.com/science/article/pii/S0167404812001034},

doi = {10.1016/j.cose.2012.07.002},

issn = {0167-4048},

year  = {2012},

date = {2012-11-01},

urldate = {2012-11-01},

journal = {Computers \& Security},

volume = {31},

number = {38},

pages = {956\textendash966},

publisher = {Elsevier},

abstract = {Key management in wireless sensor networks (WSN) is an active research topic. Due to the fact that a large number of key management schemes (KMS) have been proposed in the literature, it is not easy for a sensor network designer to know exactly which KMS best fits in a particular WSN application. In this article, we offer a comprehensive review on how the application requirements and the properties of various key management schemes influence each other. Based on this review, we show that the KMS plays a critical role in determining the security performance of a WSN network with given application requirements. We also develop a method that allows the network designers to select the most suitable KMS for a specific WSN network setting. In addition, the article also addresses the issues on the current state-of-the-art research on the KMS for homogeneous (i.e. non-hierarchical) networks to provide solutions for establishing link-layer keys in various WSN applications and scenarios.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Galindo2010,

title = {On the Energy Cost of Authenticated Key Agreement in Wireless Sensor Networks},

author = {David Galindo and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/Galindo2010.pdf},

doi = {10.1002/wcm.894},

issn = {1530-8669},

year  = {2012},

date = {2012-01-01},

urldate = {2012-01-01},

journal = {Wireless Communications and Mobile Computing},

volume = {12},

pages = {133-143},

publisher = {Wiley},

abstract = {Wireless sensors are battery-powered devices which are highly constrained in terms of computational capabilities, memory and communication bandwidth. While battery life is their main limitation, they require considerable energy to communicate data. Due to this, it turns out that the energy saving of computationally inexpensive primitives (like symmetric key cryptography (SKC)) can be nullified by the bigger amount of data they require to be sent. In this work, we study the energy cost of key agreement protocols between peers in a network using asymmetric key cryptography. Our main concern is to reduce the amount of data to be exchanged, which can be done by using special cryptographic paradigms like identity-based and self-certified cryptography. The main news is that an intensive computational primitive for resource-constrained devices, such as non-interactive identity-based authenticated key exchange, performs comparably or even better than traditional authenticated key exchange (AKE) in a variety of scenarios. Moreover, protocols based in this primitive can provide better security properties in real deployments than other simple protocols based on symmetric cryptography. Our findings illustrate to what extent the latest implementation advancements push the efficiency boundaries of public key cryptography (PKC) in wireless sensor networks (WSNs).},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{1633,

title = {Securing the Internet of Things},

author = {Rodrigo Roman and Pablo Najera and Javier Lopez},

url = {/wp-content/papers/1633.pdf},

doi = {10.1109/MC.2011.291},

issn = {0018-9162},

year  = {2011},

date = {2011-09-01},

urldate = {2011-09-01},

journal = {IEEE Computer},

volume = {44},

number = {9},

pages = {51 -58},

publisher = {IEEE},

abstract = {This paper presents security of Internet of things. In the Internet of Things vision, every physical object has a virtual component that can produce and consume services Such extreme interconnection will bring unprecedented convenience and economy, but it will also require novel approaches to ensure its safe and ethical use. The Internet and its users are already under continual attack, and a growing economy-replete with business models that undermine the Internet’s ethical use-is fully focused on exploiting the current version’s foundational weaknesses.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{vivas2010,

title = {A methodology for security assurance-driven system development},

author = {Jose L. Vivas and Isaac Agudo and Javier Lopez},

url = {/wp-content/papers/vivas2010.pdf},

doi = {10.1007/s00766-010-0114-8},

issn = {0947-3602},

year  = {2011},

date = {2011-03-01},

urldate = {2011-03-01},

journal = {Requirements Engineering},

volume = {16},

number = {1},

pages = {55-73},

publisher = {Springer},

abstract = {In this work, we introduce an assurance methodology that integrates assurance case creation with system development. It has been developed in order to provide trust and privacy assurance to the evolving European project PICOS (Privacy and Identity Management for Community Services), an international research project focused on mobile communities and community-supporting services, with special emphasis on aspects such as privacy, trust, and identity management. The leading force behind the approach is the ambition to develop a methodology for building and maintaining security cases throughout the system development life cycle in a typical system engineering effort, when much of the information relevant for assurance is produced and feedback can be provided to system developers. The first results of the application of the methodology to the development of the PICOS platform are presented.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Roman2010,

title = {A Cross-layer Approach for Integrating Security Mechanisms in Sensor Networks Architectures},

author = {Rodrigo Roman and Javier Lopez and Pablo Najera},

url = {/wp-content/papers/Roman2010.pdf},

doi = {10.1002/wcm.1006},

issn = {1530-8669},

year  = {2011},

date = {2011-01-01},

urldate = {2011-01-01},

journal = {Wireless Communications and Mobile Computing},

volume = {11},

pages = {267-276},

publisher = {Wiley},

abstract = {The wireless sensor networks (WSN) paradigm is especially vulnerable against external and internal attacks. Therefore, it is necessary to develop security mechanisms and protocols to protect them. These mechanisms must become an integral part of the software architecture and network stack of a sensor node. A question that remains is how to achieve this integration. In this paper we check how both academic and industrial solutions tackle this issue, and we present the concept of a transversal layer, where all the different security mechanisms could be contained. This way, all the elements of the architecture can interact with the security mechanisms, and the security mechanisms can have a holistic point of view of the whole architecture. We discuss the advantages of this approach, and also present how the transversal layer concept was applied to a real middleware architecture.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{vivas2009,

title = {A security framework for a workflow-based grid development platform.},

author = {Jose L. Vivas and Carmen Fernandez-Gago and Andres Benjumea and Javier Lopez},

url = {/wp-content/papers/vivas2009.pdf},

doi = {10.1016/j.csi.2009.04.001},

issn = {0920-5489},

year  = {2010},

date = {2010-10-01},

urldate = {2010-10-01},

journal = {Computer Standards and Interfaces},

volume = {32},

number = {5-6},

pages = {230-245},

publisher = {Elsevier},

abstract = {This paper describes the security framework that is to be developed for the generic grid platform created for the project GREDIA. This platform is composed of several components that need to be secured. The platform uses the OGSA standards, so that the security framework will follow GSI, the portion of Globus that implements security. Thus, we will show the security features that GSI already provides and we will outline which others need to be created or enhanced.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Agudo2010b,

title = {A Scale Based Trust Model for Multi-Context Environments},

author = {Isaac Agudo and Carmen Fernandez-Gago and Javier Lopez},

url = {/wp-content/papers/Agudo2010b.pdf},

doi = {10.1016/j.camwa.2010.02.009},

issn = {0898-1221},

year  = {2010},

date = {2010-07-01},

urldate = {2010-07-01},

journal = {Computers and Mathematics with Applications},

volume = {60},

pages = {209-216},

publisher = {Elsevier},

abstract = {When interactions among users of a system have to take place, for example, over the internet, establishing trust relationships among these users becomes crucial. However, the way this trust is established depends to a certain extent on the context where the interactions take place. Most of the time, trust is encoded as a numerical value that might not be very meaningful for a not very experienced user. In this paper we propose a model that takes into account the semantic and the computational sides of trust. This avoids users having to deal directly with the computational side; they instead deal with meaningful labels such as Bad or Good in a given context.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Alcaraz2010a,

title = {A Security Analysis for Wireless Sensor Mesh Networks in Highly Critical Systems},

author = {Cristina Alcaraz and Javier Lopez},

url = {/wp-content/papers/Alcaraz2010a.pdf

http://ieeexplore.ieee.org/search/srchabstract.jsp?tp=\&arnumber=5443456\&queryText%253DC.+Alcaraz%2526openedRefinements%253D*%2526searchField%253DSearch+All\&fromGateway=true},

doi = {10.1109/TSMCC.2010.2045373},

issn = {1094-6977},

year  = {2010},

date = {2010-07-01},

urldate = {2010-07-01},

journal = {IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews},

volume = {40},

number = {4},

pages = {419-428},

publisher = {IEEE},

abstract = {Nowadays, critical control systems are a fundamental component contributing to the overall performance of critical infrastructures in our society, most of which belong to the industrial sector. These complex systems include in their design different types of information and communication technology systems, such as wireless (mesh) sensor networks, to carry out control processes in real time. This fact has meant that several communication standards, such as Zigbee PRO, WirelessHART, and ISA100.11a, have been specified to ensure coexistence, reliability, and security in their communications. The main purpose of this paper has been to review these three standards and analyze their security. We have identified a set of threats and potential attacks in their routing protocols, and we consequently provide recommendations and countermeasures to help Industry protect its infrastructures.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{JavierLopezMunoz2010,

title = {Trust Management Systems for Wireless Sensor Networks: Best practices},

author = {Javier Lopez and Rodrigo Roman and Isaac Agudo and Carmen Fernandez-Gago},

url = {/wp-content/papers/JavierLopezMunoz2010.pdf},

doi = {10.1016/j.comcom.2010.02.006},

issn = {0140-3664},

year  = {2010},

date = {2010-01-01},

urldate = {2010-01-01},

journal = {Computer Communications},

volume = {33},

number = {9},

pages = {0140-3664},

publisher = {Elsevier},

abstract = {Wireless sensor networks (WSNs) have been proven a useful technology for perceiving information about the physical world and as a consequence has been used in many applications such as measurement of temperature, radiation, flow of liquids, etc. The nature of this kind of technology, and also their vulnerabilities to attacks make the security tools required for them to be considered in a special way. The decision making in a WSN is essential for carrying out certain tasks as it aids sensors establish collaborations. In order to assist this process, trust management systems could play a relevant role. In this paper, we list the best practices that we consider are essential for developing a good trust management system for WSN and make an analysis of the state of the art related to these practices.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{roman2009a,

title = {Integrating Wireless Sensor Networks and the Internet: A Security Analysis},

author = {Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/roman2009a.pdf},

doi = {10.1108/10662240910952373},

issn = {1066-2243},

year  = {2009},

date = {2009-03-01},

urldate = {2009-03-01},

journal = {Internet Research},

volume = {19},

number = {2},

pages = {246-259},

publisher = {Emerald},

abstract = {Purpose: This paper aims to analyze the security issues that arise when integrating wireless sensor networks (WSN) and the internet. Also, it seeks to review whether existing technology mechanisms are suitable and can be applied in this context. 

Design/methodology/approach: The paper considers the possible approaches that can be used to connect a WSN with the internet, and analyzes the security of their interactions. 

Findings: By providing the services of the network through a front-end proxy, a sensor network and the internet can interact securely. There are other challenges to be solved if the sensor nodes are integrated into the internet infrastructure, although there exists interesting advances on his matter. 

Research limitations and implications: The complete integration of sensor networks and the internet still remains as an open issue. 

Practical implications: With the current state of the art, it is possible to develop a secure sensor network that can provide its services to internet hosts with certain security properties. 

Originality/value: The paper studies the interactions between sensor networks and the internet from the point of view of security. It identifies both solutions and research challenges.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Onieva2008a,

title = {Multi-Party Nonrepudiation: A survey},

author = {Jose A. Onieva and Jianying Zhou and Javier Lopez},

url = {/wp-content/papers/JoseA.Onieva2008a.pdf},

doi = {https://doi.org/10.1145/1456650.1456655},

issn = {0360-0300},

year  = {2008},

date = {2008-12-01},

urldate = {2008-12-01},

journal = {ACM Comput. Surveys},

volume = {41},

number = {1},

pages = {5},

abstract = {Nonrepudiation is a security service that plays an important role in many Internet applications. Traditional two-party nonrepudiation has been studied intensively in the literature. This survey focuses on multiparty scenarios and provides a comprehensive overview. It starts with a brief introduction of fundamental issues on nonrepudiation, including the types of nonrepudiation service and cryptographic evidence, the roles of trusted third-party, nonrepudiation phases and requirements, and the status of standardization. Then it describes the general multiparty nonrepudiation problem, and analyzes state-of-the-art mechanisms. After this, it presents in more detail the 1-N multiparty nonrepudiation solutions for distribution of different messages to multiple recipients. Finally, it discusses advanced solutions for two typical multiparty nonrepudiation applications, namely, multiparty certified email and multiparty contract signing.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Roman2008a,

title = {Situation Awareness Mechanisms for Wireless Sensor Networks},

author = {Rodrigo Roman and Javier Lopez and Stefanos Gritzalis},

url = {/wp-content/papers/Roman2008a.pdf},

doi = {10.1109/MCOM.2008.4481348},

issn = {0163-6804},

year  = {2008},

date = {2008-04-01},

urldate = {2008-04-01},

journal = {IEEE Communications Magazine},

volume = {46},

number = {4},

pages = {102-107},

publisher = {IEEE},

abstract = {A wireless sensor network should be able to operate for long periods of time with little or no external management. There is a requirement for this autonomy: the sensor nodes must be able to configure themselves in the presence of adverse situations. Therefore, the nodes should make use of situation awareness mechanisms to determine the existence of abnormal events in their surroundings. This work approaches the problem by considering the possible abnormal events as diseases, thus making it possible to diagnose them through their symptoms, namely, their side effects. Considering these awareness mechanisms as a foundation for high-level monitoring services, this article also shows how these mechanisms are included in the blueprint of an intrusion detection system.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}