José a. Onieva

@article{rios2022pmec,

title = {Personal IoT Privacy Control at the Edge},

author = {Ruben Rios and Jose A. Onieva and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/rios2022pmec.pdf},

doi = {10.1109/MSEC.2021.3101865},

issn = {1540-7993},

year  = {2022},

date = {2022-01-01},

urldate = {2022-01-01},

journal = {IEEE Security \& Privacy},

volume = {20},

pages = {23 - 32},

publisher = {IEEE},

abstract = {This article introduces a privacy manager for IoT data based on Edge Computing. This poses the advantage that privacy is enforced before data leaves the control of the user, who is provided with a tool to express data sharing preferences based on a novel context-aware privacy language.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{onieva2019vec,

title = {Edge-Assisted Vehicular Networks Security},

author = {Jose A. Onieva and Ruben Rios and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/onieva2019vec.pdf},

doi = {10.1109/JIOT.2019.2904323},

issn = {2327-4662},

year  = {2019},

date = {2019-10-01},

urldate = {2019-10-01},

journal = {IEEE Internet of Things Journal},

volume = {6},

pages = {8038-8045},

publisher = {IEEE Computer Society},

abstract = {Edge Computing paradigms are expected to solve some major problems affecting current application scenarios that rely on Cloud computing resources to operate. These novel paradigms will bring computational resources closer to the users and by doing so they will not only reduce network latency and bandwidth utilization but will also introduce some attractive context-awareness features to these systems. In this paper we show how the enticing features introduced by Edge Computing paradigms can be exploited to improve security and privacy in the critical scenario of vehicular networks (VN), especially existing authentication and revocation issues. In particular, we analyze the security challenges in VN and describe three deployment models for vehicular edge computing, which refrain from using vehicular- to-vehicular communications. The result is that the burden imposed to vehicles is considerably reduced without sacrificing the security or functional features expected in vehicular scenarios.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{roman2018VIS,

title = {Immune System for the Internet of Things using Edge Technologies},

author = {Rodrigo Roman and Ruben Rios and Jose A. Onieva and Javier Lopez},

url = {/wp-content/papers/roman2018VIS.pdf

https://ieeexplore.ieee.org/document/8449989/},

doi = {10.1109/JIOT.2018.2867613},

issn = {2327-4662},

year  = {2019},

date = {2019-06-01},

urldate = {2019-06-01},

journal = {IEEE Internet of Things Journal},

volume = {6},

pages = {4774-4781},

publisher = {IEEE Computer Society},

abstract = {The Internet of Things (IoT) and Edge Computing are starting to go hand in hand. By providing cloud services close to end-users, edge paradigms enhance the functionality of IoT deployments, and facilitate the creation of novel services such as augmented systems. Furthermore, the very nature of these paradigms also enables the creation of a proactive defense architecture, an immune system, which allows authorized immune cells (e.g., virtual machines) to traverse edge nodes and analyze the security and consistency of the underlying IoT infrastructure. In this article, we analyze the requirements for the development of an immune system for the IoT, and propose a security architecture that satisfies these requirements. We also describe how such a system can be instantiated in Edge Computing infrastructures using existing technologies. Finally, we explore the potential application of immune systems to other scenarios and purposes.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{rios2013a,

title = {Covert Communications through Network Configuration Messages},

author = {Ruben Rios and Jose A. Onieva and Javier Lopez},

url = {/wp-content/papers/rios2013a.pdf},

doi = {10.1016/j.cose.2013.03.004},

issn = {0167-4048},

year  = {2013},

date = {2013-11-01},

urldate = {2013-11-01},

journal = {Computers \& Security},

volume = {39, Part A},

pages = {34 - 46},

publisher = {Elsevier},

abstract = {Covert channels are a form of hidden communication that may violate the integrity of systems. Since their birth in Multi-Level Security systems in the early 70’s they have evolved considerably, such that new solutions have appeared for computer networks mainly due to vague protocols specifications. In this paper we concentrate on short-range covert channels and analyze the opportunities of concealing data in various extensively used protocols today. From this analysis we observe several features that can be effectively exploited for subliminal data transmission in the Dynamic Host Configuration Protocol (DHCP). The result is a proof-of-concept implementation, HIDE_DHCP, which integrates three different covert channels each of which accommodate to different stealthiness and capacity requirements. Finally, we provide a theoretical and experimental analysis of this tool in terms of its reliability, capacity, and detectability.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{FerrerGomilla2009,

title = {Certified electronic mail: Properties revisited},

author = {Josep L. Ferrer-Gomila and Jose A. Onieva and Magdalena Payeras and Javier Lopez},

url = {/wp-content/papers/FerrerGomilla2009.pdf

http://www.sciencedirect.com/science/article/B6V8G-4WR19XR-1/2/eda89f747b077fc68fa061f213ddf6d5},

doi = {10.1016/j.cose.2009.06.009},

issn = {0167-4048},

year  = {2010},

date = {2010-01-01},

urldate = {2010-01-01},

journal = {Computers \& Security},

volume = {29},

number = {2},

pages = {167 - 179},

abstract = {Certified electronic mail is an added value to traditional electronic mail. In the definition of this service some differences arise: a message in exchange for a reception proof, a message and a non repudiation of origin token in exchange for a reception proof, etc. It greatly depends on whether we want to emulate the courier service or improve the service in the electronic world. If the definition of the service seems conflictive, the definition of the properties and requirements of a good certified electronic mail protocol is even more difficult. The more consensuated features are the need of a fair exchange and the existence of a trusted third party (TTP). Each author chooses the properties that considers the most important, and many times the list is conditioned by the proposal. Which kind of TTP must be used? Must it be verifiable, transparent and/or stateless? Which features must the communication channel fulfil? Which temporal requirements must be established? What kind of fairness is desired? What efficiency level is required? Are confidentiality or transferability of the proofs compulsory properties? In this paper we collect the definitions, properties and requirements related with certified electronic mail. The aim of the paper is to create a clearer situation and analyze how some properties cannot be achieved simultaneously. Each protocol designer will have to decide which properties are the most important in the environment in where the service is to be deployed.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}