Rodrigo Román

@article{surveyIoTrust2023,

title = {A Survey on IoT Trust Model Frameworks},

author = {Davide Ferraris and Carmen Fernandez-Gago and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/surveyIoTrust2023.pdf},

doi = {10.1007/s11227-023-05765-4},

year  = {2023},

date = {2023-11-17},

urldate = {2023-11-17},

journal = {The Journal of Supercomputing},

abstract = {Trust can be considered as a multidisciplinary concept, which is strongly related to the context and it falls in different fields such as Philosophy, Psychology or Computer Science. Trust is fundamental in every relationship, because without it, an entity will not interact with other entities. This aspect is very important especially in the Internet of Things (IoT), where many entities produced by different vendors and created for different purposes have to interact among them through the internet often under uncertainty. Trust can overcome this uncertainty, creating a strong basis to ease the process of interaction among these entities. We believe that considering trust in the IoT is fundamental, and in order to implement it in any IoT entity, it is fundamental to consider it through the whole System Development Life Cycle. In this paper, we propose an analysis of different works that consider trust for the IoT. We will focus especially on the analysis of frameworks that have been developed in order to include trust in the IoT. We will make a classification of them providing a set of parameters that we believe are fundamental in order to properly consider trust in the IoT. Thus, we will identify important aspects to be taken into consideration when developing frameworks that implement trust in the IoT, finding gaps and proposing possible solutions.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Roman2023a,

title = {Current Perspectives on Securing Critical Infrastructures’ Supply Chains},

author = {Rodrigo Roman and Cristina Alcaraz and Javier Lopez and Kouichi Sakurai},

url = {/wp-content/papers/Roman2023a.pdf},

doi = {10.1109/MSEC.2023.3247946},

issn = {1540-7993},

year  = {2023},

date = {2023-03-08},

urldate = {2023-03-08},

journal = {IEEE Security \& Privacy},

volume = {21},

number = {4},

pages = {29-38},

publisher = {IEEE},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{rios2022pmec,

title = {Personal IoT Privacy Control at the Edge},

author = {Ruben Rios and Jose A. Onieva and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/rios2022pmec.pdf},

doi = {10.1109/MSEC.2021.3101865},

issn = {1540-7993},

year  = {2022},

date = {2022-01-01},

urldate = {2022-01-01},

journal = {IEEE Security \& Privacy},

volume = {20},

pages = {23 - 32},

publisher = {IEEE},

abstract = {This article introduces a privacy manager for IoT data based on Edge Computing. This poses the advantage that privacy is enforced before data leaves the control of the user, who is provided with a tool to express data sharing preferences based on a novel context-aware privacy language.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Rubio2020IIoT,

title = {Integration of a Threat Traceability Solution in the Industrial Internet of Things},

author = {Juan E. Rubio and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/Rubio2020IIoT.pdf},

doi = {10.1109/TII.2020.2976747},

issn = {1551-3203},

year  = {2020},

date = {2020-10-01},

urldate = {2020-10-01},

journal = {IEEE Transactions on Industrial Informatics},

volume = {16},

number = {6575-6583},

publisher = {IEEE},

abstract = {In Industrial Internet of Things (IIoT) scenarios, where a plethora of IoT technologies coexist with consolidated industrial infrastructures, the integration of security mechanisms that provide protection against cyber-security attacks becomes a critical challenge. Due to the stealthy and persistent nature of some of these attacks, such as Advanced Persistent Threats, it is crucial to go beyond traditional Intrusion Detection Systems for the traceability of these attacks. In this sense, Opinion Dynamics poses a novel approach for the correlation of anomalies, which has been successfully applied to other network security domains. In this paper, we aim to analyze its applicability in the IIoT from a technical point of view, by studying its deployment over different IIoT architectures and defining a common framework for the acquisition of data considering the computational constraints involved. The result is a beneficial insight that demonstrates the feasibility of this approach when applied to upcoming IIoT infrastructures.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{onieva2019vec,

title = {Edge-Assisted Vehicular Networks Security},

author = {Jose A. Onieva and Ruben Rios and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/onieva2019vec.pdf},

doi = {10.1109/JIOT.2019.2904323},

issn = {2327-4662},

year  = {2019},

date = {2019-10-01},

urldate = {2019-10-01},

journal = {IEEE Internet of Things Journal},

volume = {6},

pages = {8038-8045},

publisher = {IEEE Computer Society},

abstract = {Edge Computing paradigms are expected to solve some major problems affecting current application scenarios that rely on Cloud computing resources to operate. These novel paradigms will bring computational resources closer to the users and by doing so they will not only reduce network latency and bandwidth utilization but will also introduce some attractive context-awareness features to these systems. In this paper we show how the enticing features introduced by Edge Computing paradigms can be exploited to improve security and privacy in the critical scenario of vehicular networks (VN), especially existing authentication and revocation issues. In particular, we analyze the security challenges in VN and describe three deployment models for vehicular edge computing, which refrain from using vehicular- to-vehicular communications. The result is that the burden imposed to vehicles is considerably reduced without sacrificing the security or functional features expected in vehicular scenarios.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{RubioSIJCS19,

title = {Tracking APTs in Industrial Ecosystems: A Proof of Concept},

author = {Juan E. Rubio and Rodrigo Roman and Cristina Alcaraz and Yan Zhang},

url = {/wp-content/papers/RubioSIJCS19.pdf},

issn = {0167-4048},

year  = {2019},

date = {2019-09-01},

urldate = {2019-09-01},

journal = {Journal of Computer Security},

volume = {27},

pages = {521-546},

publisher = {Elsevier},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{roman2018VIS,

title = {Immune System for the Internet of Things using Edge Technologies},

author = {Rodrigo Roman and Ruben Rios and Jose A. Onieva and Javier Lopez},

url = {/wp-content/papers/roman2018VIS.pdf

https://ieeexplore.ieee.org/document/8449989/},

doi = {10.1109/JIOT.2018.2867613},

issn = {2327-4662},

year  = {2019},

date = {2019-06-01},

urldate = {2019-06-01},

journal = {IEEE Internet of Things Journal},

volume = {6},

pages = {4774-4781},

publisher = {IEEE Computer Society},

abstract = {The Internet of Things (IoT) and Edge Computing are starting to go hand in hand. By providing cloud services close to end-users, edge paradigms enhance the functionality of IoT deployments, and facilitate the creation of novel services such as augmented systems. Furthermore, the very nature of these paradigms also enables the creation of a proactive defense architecture, an immune system, which allows authorized immune cells (e.g., virtual machines) to traverse edge nodes and analyze the security and consistency of the underlying IoT infrastructure. In this article, we analyze the requirements for the development of an immune system for the IoT, and propose a security architecture that satisfies these requirements. We also describe how such a system can be instantiated in Edge Computing infrastructures using existing technologies. Finally, we explore the potential application of immune systems to other scenarios and purposes.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{RomanIoT18,

title = {Evolution and Trends in the Security of the Internet of Things},

author = {Rodrigo Roman and Javier Lopez and Stefanos Gritzalis},

url = {/wp-content/papers/RomanIoT18.pdf

https://ieeexplore.ieee.org/document/8423133/},

doi = {10.1109/MC.2018.3011051},

issn = {0018-9162},

year  = {2018},

date = {2018-07-01},

urldate = {2018-07-01},

journal = {IEEE Computer},

volume = {51},

pages = {16-25},

publisher = {IEEE Computer Society},

address = {New Jersey, USA},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{RomanFog16,

title = {Mobile edge computing, Fog et al.: A survey and analysis of security threats and challenges},

author = {Rodrigo Roman and Javier Lopez and Masahiro Mambo},

url = {/wp-content/papers/RomanFog16.pdf

https://authors.elsevier.com/c/1VmhQ,3q5xKgZZ},

doi = {10.1016/j.future.2016.11.009},

issn = {0167-739X},

year  = {2018},

date = {2018-01-01},

urldate = {2018-01-01},

journal = {Future Generation Computer Systems},

volume = {78},

pages = {680-698},

publisher = {Elsevier},

abstract = {For various reasons, the cloud computing paradigm is unable to meet certain requirements (e.g. low latency and jitter, context awareness, mobility support) that are crucial for several applications (e.g. vehicular networks, augmented reality). To fulfil these requirements, various paradigms, such as fog computing, mobile edge computing, and mobile cloud computing, have emerged in recent years. While these edge paradigms share several features, most of the existing research is compartmentalised; no synergies have been explored. This is especially true in the field of security, where most analyses focus only on one edge paradigm, while ignoring the others. The main goal of this study is to holistically analyse the security threats, challenges, and mechanisms inherent in all edge paradigms, while highlighting potential synergies and venues of collaboration. In our results, we will show that all edge paradigms should consider the advances in other paradigms.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}