Jose A. Onieva

 Domain of interest and research

• Digital Identity
• Covert Channels
• Malware Analysis
• Non-repudiation protocols, Fair exchange protocols, Certified Electronic Protocols and Contract Signing Protocols
• Payment protocols
• Edge/Fog Computing Security

Current research

• Edge/Fog Computing: In NICS, we are trying to define the basic security services for Fog and Edge Computing because we think that this paradigm brings new challenges and opportunities that makes providing these services to the resource continiuum from cloud to sensors an exciting task. SMOG and SecureEDGE are allowing us to take the first steps towards that objective. 
• Malware Analysis: We are tackling different problems related with Malware:
  • Malware analysis is complicated due to anti-forensic techniques. This needs to be tackled by continuous new counter techniques.
  • Indicators of Compromise need to be intelligently collected and graphed to allow Malware Investigations. Independently from Malware  omplexity and with auto expanding graphs.
  • Binary Code similarity needs to be effective and efficiently processed in order to correlate similar behaviours among petabytes of malware code. A new fuzzy hash function that is efficient and recognizes code functionality. 
  • IA results applied to malware

Education

 I received the M.Sc. and Ph.D. degrees in computer science from the University of Málaga, Spain, in 2002, and 2006, respectively.

Relevant publications

• J. A. Onieva, R. Rios, R. Roman, and J. Lopez, "Edge-Assisted Vehicular Networks Security",
  IEEE Internet of Things Journal, vol. 6, issue 5, IEEE Computer Society, pp. 8038-8045, 10/2019. DOI (I.F.: 9.936)More..

  Abstract

  Edge Computing paradigms are expected to solve some major problems affecting current application scenarios that rely on Cloud computing resources to operate. These novel paradigms will bring computational resources closer to the users and by doing so they will not only reduce network latency and bandwidth utilization but will also introduce some attractive context-awareness features to these systems. In this paper we show how the enticing features introduced by Edge Computing paradigms can be exploited to improve security and privacy in the critical scenario of vehicular networks (VN), especially existing authentication and revocation issues. In particular, we analyze the security challenges in VN and describe three deployment models for vehicular edge computing, which refrain from using vehicular- to-vehicular communications. The result is that the burden imposed to vehicles is considerably reduced without sacrificing the security or functional features expected in vehicular scenarios.

  Impact Factor: 9.936

  Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

  ---

  
• R. Roman, R. Rios, J. A. Onieva, and J. Lopez, "Immune System for the Internet of Things using Edge Technologies",
  IEEE Internet of Things Journal, vol. 6, issue 3, IEEE Computer Society, pp. 4774-4781, 06/2019. DOI (I.F.: 9.936)More..

  Abstract

  The Internet of Things (IoT) and Edge Computing are starting to go hand in hand. By providing cloud services close to end-users, edge paradigms enhance the functionality of IoT deployments, and facilitate the creation of novel services such as augmented systems. Furthermore, the very nature of these paradigms also enables the creation of a proactive defense architecture, an immune system, which allows authorized immune cells (e.g., virtual machines) to traverse edge nodes and analyze the security and consistency of the underlying IoT infrastructure. In this article, we analyze the requirements for the development of an immune system for the IoT, and propose a security architecture that satisfies these requirements. We also describe how such a system can be instantiated in Edge Computing infrastructures using existing technologies. Finally, we explore the potential application of immune systems to other scenarios and purposes.

  Impact Factor: 9.936

  Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

  ---

  
• R. Rios, R. Roman, J. A. Onieva, and J. Lopez, "From Smog to Fog: A Security Perspective",
  2nd IEEE International Conference on Fog and Edge Mobile Computing (FMEC 2017), IEEE Computer Society, pp. 56-61, 06/2017. DOI More..

  Abstract

  Cloud computing has some major limitations that hinder its application to some specific scenarios (e.g., Industrial IoT, and remote surgery) where there are particularly stringent requirements, such as extremely low latency. Fog computing is a specialization of the Cloud that promises to overcome the aforementioned limitations by bringing the Cloud closer to end-users. Despite its potential benefits, Fog Computing is still a developing paradigm which demands further research, especially on security and privacy aspects. This is precisely the focus of this paper: to make evident the urgent need for security mechanisms in Fog computing, as well as to present a research strategy with the necessary steps and processes that are being undertaken within the scope of the SMOG project, in order to enable a trustworthy and resilient Fog ecosystem.

  
• R. Rios, J. A. Onieva, and J. Lopez, "Covert Communications through Network Configuration Messages",
  Computers & Security, vol. 39, Part A, Elsevier, pp. 34 - 46, Nov 2013. DOI (I.F.: 1.172)More..

  Abstract

  Covert channels are a form of hidden communication that may violate the integrity of systems. Since their birth in Multi-Level Security systems in the early 70’s they have evolved considerably, such that new solutions have appeared for computer networks mainly due to vague protocols specifications. In this paper we concentrate on short-range covert channels and analyze the opportunities of concealing data in various extensively used protocols today. From this analysis we observe several features that can be effectively exploited for subliminal data transmission in the Dynamic Host Configuration Protocol (DHCP). The result is a proof-of-concept implementation, HIDE\_DHCP, which integrates three different covert channels each of which accommodate to different stealthiness and capacity requirements. Finally, we provide a theoretical and experimental analysis of this tool in terms of its reliability, capacity, and detectability.

  Impact Factor: 1.172

  Journal Citation Reports® Science Edition (Thomson Reuters, 2013)

  ---

  

• J. A. Onieva, J. Lopez, and J. Zhou, "Secure Multi-Party Non-Repudiation Protocols and Applications", Advances in Information Security, vol. 43, Springer, 2009. More..

• J. L. Ferrer-Gomilla, J. A. Onieva, M. Payeras, and J. Lopez, "Certified electronic mail: Properties revisited",
  Computers & Security, vol. 29, no. 2, pp. 167 - 179, 2010. DOI (I.F.: 0.889)More..

  Abstract

  Certified electronic mail is an added value to traditional electronic mail. In the definition of this service some differences arise: a message in exchange for a reception proof, a message and a non repudiation of origin token in exchange for a reception proof, etc. It greatly depends on whether we want to emulate the courier service or improve the service in the electronic world. If the definition of the service seems conflictive, the definition of the properties and requirements of a good certified electronic mail protocol is even more difficult. The more consensuated features are the need of a fair exchange and the existence of a trusted third party (TTP). Each author chooses the properties that considers the most important, and many times the list is conditioned by the proposal. Which kind of TTP must be used? Must it be verifiable, transparent and/or stateless? Which features must the communication channel fulfil? Which temporal requirements must be established? What kind of fairness is desired? What efficiency level is required? Are confidentiality or transferability of the proofs compulsory properties? In this paper we collect the definitions, properties and requirements related with certified electronic mail. The aim of the paper is to create a clearer situation and analyze how some properties cannot be achieved simultaneously. Each protocol designer will have to decide which properties are the most important in the environment in where the service is to be deployed.

  Impact Factor: 0.889

  Journal Citation Reports® Science Edition (Thomson Reuters, 2010)

  ---

  
• J. A. Onieva, J. Zhou, and J. Lopez, "Multi-Party Nonrepudiation: A survey",
  ACM Comput. Surveys, vol. 41, no. 1, pp. 5, December, 2008. (I.F.: 9.92)More..

  Abstract

  Nonrepudiation is a security service that plays an important role in many Internet applications. Traditional two-party nonrepudiation has been studied intensively in the literature. This survey focuses on multiparty scenarios and provides a comprehensive overview. It starts with a brief introduction of fundamental issues on nonrepudiation, including the types of nonrepudiation service and cryptographic evidence, the roles of trusted third-party, nonrepudiation phases and requirements, and the status of standardization. Then it describes the general multiparty nonrepudiation problem, and analyzes state-of-the-art mechanisms. After this, it presents in more detail the 1-N multiparty nonrepudiation solutions for distribution of different messages to multiple recipients. Finally, it discusses advanced solutions for two typical multiparty nonrepudiation applications, namely, multiparty certified email and multiparty contract signing.

  Impact Factor: 9.92

  Journal Citation Reports® Science Edition (Thomson Reuters, 2008)

  ---

  
• J. Zhou, J. A. Onieva, and J. Lopez, "A Synchronous Multi-Party Contract Signing Protocol Improving Lower Bound of Steps",
  21st International Information Security Conference (IFIP SEC’06), no. 201, Springer, pp. 221-232, May, 2006. More..

  Abstract

  Contract signing is a fundamental service in doing business. The Internet has facilitated the electronic commerce, and it is necessary to find appropriate mechanisms for contract signing in the digital world. A number of two-party contract signing protocols have been proposed with various features. Nevertheless, in some applications, a contract may need to be signed by multiple parties. Less research has been done on multi-party contract signing. In this paper, we propose a new synchronous multi-party contract signing protocol that, with n parties, it reaches a lower bound of 3(n − 1) steps in the all-honest case and 4n − 2 steps in the worst case (i.e., all parties contact the trusted third party). This is so far the most efficient synchronous multi-party contract signing protocol in terms of the number of messages required. We further consider the additional features like timeliness and abuse-freeness in the improved version.

  
• J. A. Onieva, J. Zhou, J. Lopez, and M. Carbonell, "Agent-mediated non-repudiation protocols",
  Electronic Commerce Research and Applications, vol. 3, no. 2, Elsevier, pp. 152-162, 2004. More..

  Abstract

  Non-repudiation is a security service that provides cryptographic evidence to support the settlement of disputes in electronic commerce. In commercial transactions, an intermediary (or agent) might be involved to help transacting parties to conduct their business. Nevertheless, such an intermediary may not be fully trusted. In this paper, we propose agent-mediated non-repudiation protocols and analyze their security requirements. We first present a simple scenario with only one recipient, followed by a more complicated framework where multiple recipients are involved and collusion between them is possible. We also identify applications that could take advantage of these agent-mediated non-repudiation protocols.

  

Attended courses and seminars

• IPICS’05. International Summer School. University of the Aegean, Chios, Greece. 18-29 July, 2005.
• Electronic Commerce Security (University of Malaga), UMA, Málaga, 27-30, June.

Scientific Activities

• Editor:
  • Journal of Convergence (JoC), http://joc-journal.org/
• General (co)chair:
  • II Workshop in Information Security Theory and Practices 2008 (WISTP 2008). Sevilla, May 13-16.
  • 1st FTRA International Workshop on Convergence Security in Pervasive Environments (IWCS 2011), Crete, Greece, June 28-30, 2011.
  • FTRA/IEEE 3rd International Conference on Computer Science and its Applications (CSA-11).
• Program committee member (a selection):
  • 5th International Conference on Security and Cryptography (SECRYPT 2010). Athens, Greece, 26-28 July.
  • IV Workshop in Information Security Theory and Practices 2010 (WISTP 2010), Passau, Germany, April 2010.
  • Fifth International Conference on Availability, Reliability and Security (ARES 2010), Krakow, Poland 15-18 February.
  • 6th International ICST Conference on Security and Privacy in Communication Networks (SecureComm 2010), Singapore, 7-10 Septiember.
  • 4th International Conference on Network and System Security (NSS 2010). Melbourne, Australia, 1-3 September.
  • 8th IEEE Consumer Communications and Networking Conference (CCNC 2011), Security Track. Las Vegas, USA, 8-11 January.
  • V Workshop in Information Security Theory and Practices 2010 (WISTP 2011), Heraklion, Greece, 1-3 June.
  • 8th International Conference on Availability, Reliability and Security (ARES 2013), University of Regensburg, Germany. 2-6, September, 2013.
  • 8th International Conference on Security of Information and Networks (SIN2015). Sochi, Russia, 8-10 September, 2015.
  • Fifth International Symposium on Security in Computing and Communications (SSCC’17), Karnataka, India, 13-16 September 2017.
  • Fifth Workshop on Cryptography and Security in Computing Systems (CS2 2018). Manchester, UK, 24 January.

Memberships

• Member of Criptored, http://www.criptored.upm.es/