ARES

Advanced REsearch on information Security and privacy

Funded by Spain Ministry of Science (CONSOLIDER - INGENIO. CSD2007-00004)
Duration: 01/10/2007 to 09/09/2014
Website: http://crises-deim.urv.cat/ares
Project Overview: 

The ARES project was born from the belief of six Spanish research groups that security enhancement and privacy preservation are compatible. Therefore, the core goal of ARES is to bring security to the information society while preserving individual rights, especially the privacy of individuals. ARES focuses on three intertwined application scenarios (Ubiquitous computing, protection of critical information infrastructures, secure electronic commerce and digital content distribution), while tackling different technical challenges in the areas of cryptology, smart cards, personal identification and biometrics, access control and authentication, network security, security certification and trust generation.

In the area of ubiquitous computing, the security and privacy issues of different technologies like Wireless Sensor Networks (WSN) [1] and Radio-frequency identification (RFID) has been studied. On WSN, our research was focused on studying how the application requirements influence on the different security mechanisms that should be included to deploy a fault-tolerant sensor application. Regarding RFID, our analyses provided insightful advice on the secure integration of this technology in different healthcare scenarios while enhancing patient’s safety, data privacy and secure communications. Future planning involves the secure integration of these technologies in the Internet of Things (IoT) paradigm[2][3].

As for the area of Critical Infrastructures (e.g. transport systems, energy suppliers, water treatment systems), where a disturbance in any of their components could affect the performance of other ones, it is important to analyze the influence of technologies such as the Internet and WSN [4][5] for improving the reliability and robustness of SCADA (supervisory control and data acquisition) systems [6][7][8]. Such analysis has lead to the design of different security components. For example, the Adaptive Assignment Manager component is able to identify which human operator is the most suitable to attend a certain alarm based on his reputation [9]. Another example is a sensor-based Early Warning System that can anticipate a possible anomalous event or situation and provide a response on time [10].

References

  1. J. Lopez, R. Roman, and C. Alcaraz, "Analysis of Security Threats, Requirements, Technologies and Standards in Wireless Sensor Networks",
    Foundations of Security Analysis and Design 2009, LNCS 5705, Springer Berlin/Heidelberg, pp. 289-338, August, 2009. DOI More..

    Abstract

    As sensor networks are more and more being implemented in real world settings, it is necessary to analyze how the different requirements of these real-world applications can influence the security mechanisms. This paper offers both an overview and an analysis of the relationship between the different security threats, requirements, applications, and security technologies. Besides, it also overviews some of the existing sensor network standards, analyzing their security mechanisms.

  2. C. Alcaraz, P. Najera, J. Lopez, and R. Roman, "Wireless Sensor Networks and the Internet of Things: Do We Need a Complete Integration?",
    1st International Workshop on the Security of the Internet of Things (SecIoT’10), IEEE, pp. xxxx, December, 2010. More..

    Abstract

    Wireless sensor networks (WSN) behave as a digital skin, providing a virtual layer where the information about the physical world can be accessed by any computational system. As a result, they are an invaluable resource for realizing the vision of the Internet of Things (IoT). However, it is necessary to consider whether the devices of a WSN should be completely integrated into the Internet or not. In this paper, we tackle this question from the perspective of security. While we will mention the different security challenges that may arise in such integration process, we will focus on the issues that take place at the network level.

  3. J. Lopez, R. Roman, and P. Najera, "Los Desafíos de Seguridad en la Internet de los Objetos",
    Revista SIC, vol. 88, Ediciones CODA, pp. 66-73, Feb 2010. More..

    Abstract

    El paradigma de la Internet de los Objetos, donde todos aquellos objetos físicos que nos rodean tendrán la capacidad de generar y consumir información en el ámbito de un mundo virtual, se encuentra cada vez más cerca. Es ahora un buen momento para llamar la atención sobre sus principales desafíos de seguridad, tanto desde un punto de vista global como asociados a sus elementos más importantes (la tecnología RFID y las redes de sensores). Así, este paradigma puede ser plenamente comprendido y protegido, evolucionando hacia uno de los nuevos pilares del futuro.

  4. C. Alcaraz, and J. Lopez, "A Security Analysis for Wireless Sensor Mesh Networks in Highly Critical Systems",
    IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews, vol. 40, no. 4, IEEE, pp. 419-428, July, 2010. DOI (I.F.: 2.105)More..

    Abstract

    Nowadays, critical control systems are a fundamental component contributing to the overall performance of critical infrastructures in our society, most of which belong to the industrial sector. These complex systems include in their design different types of information and communication technology systems, such as wireless (mesh) sensor networks, to carry out control processes in real time. This fact has meant that several communication standards, such as Zigbee PRO, WirelessHART, and ISA100.11a, have been specified to ensure coexistence, reliability, and security in their communications. The main purpose of this paper has been to review these three standards and analyze their security. We have identified a set of threats and potential attacks in their routing protocols, and we consequently provide recommendations and countermeasures to help Industry protect its infrastructures.

    Impact Factor: 2.105
    Journal Citation Reports® Science Edition (Thomson Reuters, 2010)
  5. Citekey Alcaraz2009a not found
  6. C. Alcaraz, G. Fernandez, R. Roman, A. Balastegui, and J. Lopez, "Gestión segura de redes SCADA",
    Nuevas tendencias en gestión de redes, Novática, no. 196, CEPIS, pp. 20-25, December, 2008. More..

    Abstract

    En el momento que se introduce en el mercado nuevas tecnologías basadas en entornos distribuidos comienzan a surgir en paralelo nuevos problemas de seguridad en los sistemas SCADA (Supervisory Control and Data Acquisition), los cuales monitorizan y gestionan otras infraestructuras de gran complejidad y escala. Un fallo o una interrupción en uno de sus componentes podría suponer un impacto negativo sobre la funcionalidad de otras infraestructuras, por lo que se hace necesario realizar frecuentes análisis de seguridad para así mantener actualizado el conocimiento y proveer recomendaciones y/o soluciones para mitigar o evitar futuras ocurrencias, garantizando una gestión de red fiable y siempre disponible.

  7. C. Alcaraz, G. Fernandez, R. Roman, A. Balastegui, and J. Lopez, "Secure Management of SCADA Networks",
    Novatica, New Trends in Network Management, vol. 9, no. 6, Cepis UPGRADE, pp. 22-28, December, 2008. More..

    Abstract

    When a Supervisory Control and Data Acquisition (SCADA) system monitors and manages other complex infrastructures through the use of distributed technologies, it becomes a critical infrastructure by itself: A failure or disruption in any of its components could implicate a serious impact on the performance of the other infrastructures. The connection with other systems makes a SCADA system more vulnerable against attacks, generating new security problems. As a result, it is essential to perform diverse security analysis frequently in order to keep an updated knowledge and to provide recommendations and/or solutions to mitigate or avoid anomalous events. This will facilitate the existence of a suitable, reliable, and available control network.

  8. C. Alcaraz, R. Roman, P. Najera, and J. Lopez, "Acceso seguro a redes de sensores en SCADA a través de Internet",
    XI Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2010), pp. 337-342, September, 2010. More..

    Abstract

    Las Infraestructuras Críticas (ICs) son monitorizadas por sistemas altamente complejos, conocidos como sistemas SCADA (Sistemas de Control y Adquisición de Datos), cuyo principal soporte se encuentra en las subestaciones, las cuales miden de primera instancia el estado real de tales ICs. Para mejorar este control, la industria está actualmente demandando la integración en el modelo tradicional de dos avances tecnológicos: Internet y las redes de sensores inalámbricas. Sin embargo, su incorporación requiere analizar los requisitos de seguridad que surgen en dicho contexto, así como diversos aspectos correlacionados (ej. mantenimiento, rendimiento, seguridad y optimización) y, en base a estos, la estrategia de integración más adecuada para satisfacer dichos requisitos. Este artículo proporciona dicho análisis en profundidad con el fin de ofrecer un modelo de integración seguro adecuado para entornos críticos.

  9. C. Alcaraz, et al., "Adaptive Dispatching of Incidences Based on Reputation for SCADA Systems",
    6th International Conference on Trust, Privacy and Security in Digital Business (TrustBus’09), Springer-Verlag, pp. 86-94, September, 2009. DOI More..

    Abstract

    SCADA systems represent a challenging scenario where the management of critical alarms is crucial. Their response to these alarms should be efficient and fast in order to mitigate or contain undesired effects. This work presents a mechanism, the Adaptive Assignment Manager (AAM) that will aid to react to incidences in a more efficient way by dynamically assigning alarms to the most suitable human operator. The mechanism uses various inputs for identifying the operators such as their availability, workload and reputation. In fact, we also define a reputation component that stores the reputation of the human operators and uses feedback from past experiences.

  10. C. Alcaraz, A. Balastegui, and J. Lopez, "Early Warning System for Cascading Effect Control in Energy Control Systems",
    5th International conference on Critical Information Infrastructures Security (CRITIS’10), LNCS 6712, Springer, pp. 55-67, September, 2010. More..

    Abstract

    A way of controlling a cascading effect caused by a failure or a threat in a critical system is using intelligent mechanisms capable of predicting anomalous behaviours and also capable of reacting against them in advance. These mechanisms are known as Early Warning Systems (EWS) and this will be precisely the main topic of this paper. Specially, we present an EWS design based on a Wireless Sensor Network (using the ISA100.11a standard) that constantly supervise the application context. This EWS is also based on forensic techniques to provide dynamic learning capacities. As a result, this new approach will aid to provide a reliable control of incidences by offering a dynamic alarm management, identification of the most suitable field operator to attend an alarm, reporting of causes and responsible operators, and learning from new anomalous situations.