Graphic summary
  • Show / hide key
  • Information


Scientific and technological production
  •  

1 to 50 of 69 results
  • Reconciling privacy and efficient utility management in smart cities

     Rebollo Monedero, David; Bartoli, Andrea; Hernández Serrano, Juan Bautista; Forné, Jordi; Soriano Ibáñez, Miguel
    European transactions on telecommunications
    Date of publication: 2014-01-01
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    A key aspect in the design of smart cities is, undoubtedly, a plan for the efficient management of utilities, enabled by technologies such as those entailing smart metering of the residential consumption of electricity, water or gas. While one cannot object to the appealing advantages of smart metering, the privacy risks posed by the submission of frequent, data-rich measurements cannot simply remain overlooked. The objective of this paper is to provide a general perspective on the contrasting issues of privacy and efficient utility management, by surveying the main requirements and tools, and by establishing exploitable connections. Copyright (c) 2013 John Wiley & Sons, Ltd.

  • WiMAX-based robust localization in the presence of misbehaving and/or malicious base stations

     Hernández Serrano, Juan Bautista; León Abarca, Olga; Soriano Ibáñez, Miguel
    Computers and electrical engineering
    Date of publication: 2013-10
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    The use of WiMAX cellular networks has arisen as a promising solution in order to provide broadband access over large, often shadowed, areas. As in other cellular networks, localization of users is extremely useful for many services and even essential for some civilian and/or military logistic operations. In a cellular WiMAX network, a node can obtain its position from beacons received by several cell base stations. Therefore, securing the localization method against potential false or erroneous feedback is of paramount importance in order to allow the nodes to get reliable position estimations. This fact implies not only making the localization method robust against erroneous or forged measurements, but also identifying which WiMAX base stations are providing such measurements. In this paper, we propose a robust localization method that can identify up to k malicious or misbehaving base stations and provide with an accurate estimation of the node position even in their presence. Simulation results prove that this proposal outperforms other existing detection techniques.

  • The TAMESIS project: enabling technologies for the health status monitoring and secure exchange of clinical record

     Pegueroles Valles, Josep Rafel; Cruz Llopis, Luis Javier de La; Vera Del Campo, Juan Victoriano; Hernández Serrano, Juan Bautista; León Abarca, Olga
    International Conference on Complex, Intelligent and Software Intensive Systems
    Presentation's date: 2013-07
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Personal Health Systems (PHS) allow to move the point of care from hospitals to the patient's home. Moreover, a PHS usually handles much more information and provides more appropriate diagnostic and personalized treatments to individuals. In this paper, we present the objectives, structure and expected innovations of the TAMESIS project. TAMESIS aims to contribute in advancing the state of the art of some of the technologies needed for the development of Personal Health Systems. Specifically, we propose techniques for preventing denial of service, sensor node malfunctioning and traffic injection. In addition, we explore a protocol that makes use of mobile agents for the exchange of medical records between networked databases. As a novel aspect, the protocol will not only support bilateral agreements, already existing in the literature, but multilateral agreements. In reference to clinical data, is critical to preserve the privacy and intimacy of patients. Thus, the data, at the time of being collected as for when it is exchanged, should be processed so as to avoid leakage of information that is not strictly necessary for the parties to fulfill their task correctly. A privacy metric suitable for PHS, and the incorporation of mechanisms needed for privacy and intimacy are also key objectives of this project. Finally, usability aspects of all the system interfaces will be considered.

  • COACH: COllaborative certificate stAtus CHecking mechanism for VANETs

     Hernández Gañan, Carlos; Muñoz Tapia, Jose Luis; Esparza Martin, Oscar; Mata Diaz, Jorge; Hernández Serrano, Juan Bautista; Alins Delgado, Juan Jose
    Journal of network and computer applications
    Date of publication: 2013-09
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Vehicular Ad Hoc Networks (VANETs) require mechanisms to authenticate messages, identify valid vehicles, and remove misbehaving vehicles. A public key infrastructure (PKI) can be used to provide these functionalities using digital certificates. However, if a vehicle is no longer trusted, its certificates have to be revoked and this status information has to be made available to other vehicles as soon as possible. In this paper, we propose a collaborative certificate status checking mechanism called COACH to efficiently distribute certificate revocation information in VANETs. In COACH, we embed a hash tree in each standard Certificate Revocation List (CRL). This dual structure is called extended-CRL. A node possessing an extended-CRL can respond to certificate status requests without having to send the complete CRL. Instead, the node can send a short response (less than 1 kB) that fits in a single UDP message. Obviously, the substructures included in the short responses are authenticated. This means that any node possessing an extended-CRL can produce short responses that can be authenticated (including Road Side Units or intermediate vehicles). We also propose an extension to the COACH mechanism called EvCOACH that is more efficient than COACH in scenarios with relatively low revocation rates per CRL validity period. To build EvCOACH, we embed an additional hash chain in the extended-CRL. Finally, by conducting a detailed performance evaluation, COACH and EvCOACH are proved to be reliable, efficient, and scalable.

  • Security Protocols Suite for Machine-to-Machine Systems  Open access

     Bartoli, Andrea
    Defense's date: 2013-06-18
    Department of Telematics Engineering, Universitat Politècnica de Catalunya
    Theses

    Read the abstract Read the abstract Access to the full text Access to the full text Open in new window  Share Reference managers Reference managers Open in new window

    Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face today’s concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribers’ and the services providers’ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging. Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks. Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks services’ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks.

  • Optimizing energy-efficiency of PHY-layer authentication in machine-to-machine networks

     Bartoli, Andrea; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel; Dohler, Mischa; Kountouris, Apostolous; Barthel, Dominique
    IEEE Global Communications Conference
    Presentation's date: 2012-12
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Security issues are gaining in importance for machine-to-machine (M2M) networks, mainly because thousands of devices are left unattended for years of operation without the possibility of human intervention. One of the most critical security issues is the prevention of denial of service (DoS) attacks, given the limited capabilities of the M2M devices and the wireless communication settings. To this end, we had earlier introduced a novel recursive PHY-Layer security scheme which was shown to yield enormous benefits with regards to DoS attacks [1]. Recognizing the importance of the thus required synchronization window and the possibility of desynchronization because of poor channel conditions, we introduce a novel synchronization process...

  • A modeling of certificate revocation and its application to synthesis of revocation traces

     Hernández Gañan, Carlos; Mata Diaz, Jorge; Muñoz Tapia, Jose Luis; Hernández Serrano, Juan Bautista; Esparza Martin, Oscar; Alins Delgado, Juan Jose
    IEEE transactions on information forensics and security
    Date of publication: 2012-12
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    One of the hardest tasks of a public key infrastructure (PKI) is to manage revocation. New communication paradigms push the revocation system to the limit and an accurate resource assessment is necessary before implementing a particular revocation distribution system. In this context, a precise modeling of certificate revocation is necessary. In this article, we analyze empirical data from real CAs to develop an accurate and rigorous model for certificate revocation. One of the key findings of our analysis is that the certificate revocation process is statistically self-similar. The proposed model is based on an autoregressive fractionally integrated moving average (ARFIMA) process. Then, using this model, we show how to build a synthetic revocation generator that can be used in simulations for resource assessment. Finally, we also show that our model produces synthetic revocation traces that are indistinguishable for practical purposes from those corresponding to actual revocations.

    Postprint (author’s final draft)

  • Design of a P2P content recommendation system using affinity networks

     Vera Del Campo, Juan Victoriano; Pegueroles Valles, Josep Rafel; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    Computer communications
    Date of publication: 2012-08
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    The success and intensive use of social networks makes strategies for efficient document location a hot topic of research. In this paper, we propose a common vector space to describe documents and users to create a social network based on affinities, and explore epidemic routing to recommend documents according to the user’s interests. Furthermore, we propose the creation of a SoftDHT structure to improve the recommendation results. Using these mechanisms, an efficient document recommender system with a fast organization of clusters of users based on their affinity can be provided, preventing the creation of unlinked communities. We show through simulations that the proposed system has a short convergence time and presents a high recall ratio.

  • Cooperative detection of primary user emulation attacks in CRNs

     León Abarca, Olga; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    Computer networks
    Date of publication: 2012
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Cognitive radio networks (CRNs) can improve the utilization of the spectrum by making use of licensed spectrum in an opportunistic manner. With such purpose, coexistence mechanisms among CRN nodes or secondary users and legitimate users of the spectrum or primary users are defined. However, due to the particular features of CRNs, new security threats arise, such as the primary user emulation (PUE) attack, which is the most challenging among all. With the aim of detecting such kind of attacks, in this paper we propose a cooperative localization method specifically suited to CRNs which relies on TDoA measurements and Taylor-series estimations. Simulations results show the goodness of the proposed method and its suitability to typical CRN scenarios.

  • Contributions to security and privacy protection in recommendation systems  Open access

     Vera Del Campo, Juan Victoriano
    Defense's date: 2012-10-29
    Department of Telematics Engineering, Universitat Politècnica de Catalunya
    Theses

    Read the abstract Read the abstract Access to the full text Access to the full text Open in new window  Share Reference managers Reference managers Open in new window

    A recommender system is an automatic system that, given a customer model and a set of available documents, is able to select and offer those documents that are more interesting to the customer. From the point of view of security, there are two main issues that recommender systems must face: protection of the users' privacy and protection of other participants of the recommendation process. Recommenders issue personalized recommendations taking into account not only the profile of the documents, but also the private information that customers send to the recommender. Hence, the users' profiles include personal and highly sensitive information, such as their likes and dislikes. In order to have a really useful recommender system and improve its efficiency, we believe that users shouldn't be afraid of stating their preferences. The second challenge from the point of view of security involves the protection against a new kind of attack. Copyright holders have shifted their targets to attack the document providers and any other participant that aids in the process of distributing documents, even unknowingly. In addition, new legislation trends such as ACTA or the ¿Sinde-Wert law¿ in Spain show the interest of states all over the world to control and prosecute these intermediate nodes. we proposed the next contributions: 1.A social model that captures user's interests into the users' profiles, and a metric function that calculates the similarity between users, queries and documents. This model represents profiles as vectors of a social space. Document profiles are created by means of the inspection of the contents of the document. Then, user profiles are calculated as an aggregation of the profiles of the documents that the user owns. Finally, queries are a constrained view of a user profile. This way, all profiles are contained in the same social space, and the similarity metric can be used on any pair of them. 2.Two mechanisms to protect the personal information that the user profiles contain. The first mechanism takes advantage of the Johnson-Lindestrauss and Undecomposability of random matrices theorems to project profiles into social spaces of less dimensions. Even if the information about the user is reduced in the projected social space, under certain circumstances the distances between the original profiles are maintained. The second approach uses a zero-knowledge protocol to answer the question of whether or not two profiles are affine without leaking any information in case of that they are not. 3.A distributed system on a cloud that protects merchants, customers and indexers against legal attacks, by means of providing plausible deniability and oblivious routing to all the participants of the system. We use the term DocCloud to refer to this system. DocCloud organizes databases in a tree-shape structure over a cloud system and provide a Private Information Retrieval protocol to avoid that any participant or observer of the process can identify the recommender. This way, customers, intermediate nodes and even databases are not aware of the specific database that answered the query. 4.A social, P2P network where users link together according to their similarity, and provide recommendations to other users in their neighborhood. We defined an epidemic protocol were links are established based on the neighbors similarity, clustering and randomness. Additionally, we proposed some mechanisms such as the use SoftDHT to aid in the identification of affine users, and speed up the process of creation of clusters of similar users. 5.A document distribution system that provides the recommended documents at the end of the process. In our view of a recommender system, the recommendation is a complete process that ends when the customer receives the recommended document. We proposed SCFS, a distributed and secure filesystem where merchants, documents and users are protected

    Este documento explora c omo localizar documentos interesantes para el usuario en grandes redes distribuidas mediante el uso de sistemas de recomendaci on. Se de fine un sistema de recomendaci on como un sistema autom atico que, dado un modelo de cliente y un conjunto de documentos disponibles, es capaz de seleccionar y ofrecer los documentos que son m as interesantes para el cliente. Las caracter sticas deseables de un sistema de recomendaci on son: (i) ser r apido, (ii) distribuido y (iii) seguro. Un sistema de recomendaci on r apido mejora la experiencia de compra del cliente, ya que una recomendaci on no es util si es que llega demasiado tarde. Un sistema de recomendaci on distribuido evita la creaci on de bases de datos centralizadas con informaci on sensible y mejora la disponibilidad de los documentos. Por ultimo, un sistema de recomendaci on seguro protege a todos los participantes del sistema: usuarios, proveedores de contenido, recomendadores y nodos intermedios. Desde el punto de vista de la seguridad, existen dos problemas principales a los que se deben enfrentar los sistemas de recomendaci on: (i) la protecci on de la intimidad de los usuarios y (ii) la protecci on de los dem as participantes del proceso de recomendaci on. Los recomendadores son capaces de emitir recomendaciones personalizadas teniendo en cuenta no s olo el per l de los documentos, sino tambi en a la informaci on privada que los clientes env an al recomendador. Por tanto, los per les de usuario incluyen informaci on personal y altamente sensible, como sus gustos y fobias. Con el n de desarrollar un sistema de recomendaci on util y mejorar su e cacia, creemos que los usuarios no deben tener miedo a la hora de expresar sus preferencias. Para ello, la informaci on personal que est a incluida en los per les de usuario debe ser protegida y la privacidad del usuario garantizada. El segundo desafi o desde el punto de vista de la seguridad implica un nuevo tipo de ataque. Dado que la prevenci on de la distribuci on ilegal de documentos con derechos de autor por medio de soluciones t ecnicas no ha sido efi caz, los titulares de derechos de autor cambiaron sus objetivos para atacar a los proveedores de documentos y cualquier otro participante que ayude en el proceso de distribuci on de documentos. Adem as, tratados y leyes como ACTA, la ley SOPA de EEUU o la ley "Sinde-Wert" en España ponen de manfi esto el inter es de los estados de todo el mundo para controlar y procesar a estos nodos intermedios. Los juicios recientes como MegaUpload, PirateBay o el caso contra el Sr. Pablo Soto en España muestran que estas amenazas son una realidad.

  • Contributions to the Security of Cognitive Radio Networks

     León Abarca, Olga
    Defense's date: 2012-01-31
    Department of Telematics Engineering, Universitat Politècnica de Catalunya
    Theses

     Share Reference managers Reference managers Open in new window

  • DICOMA-Disaster Control Management

     Hernández Serrano, Juan Bautista
    Participation in a competitive project

     Share

  • Tecnologías de apoyo para la monitorización del estado de salud e intercambio seguro de registros médicos

     Cruz Llopis, Luis Javier de La; León Abarca, Olga; Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel
    Participation in a competitive project

     Share

  • Low-cost group rekeying for unattended wireless sensor networks

     Hernández Serrano, Juan Bautista; Vera Del Campo, Juan Victoriano; Pegueroles Valles, Josep Rafel; Hernández Gañan, Carlos
    Wireless networks
    Date of publication: 2012
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Wireless sensor networks (WSNs) are made up of large groups of nodes that perform distributed monitoring services. Since sensor measurements are often sensitive data acquired in hostile environments, securing WSN becomes mandatory. However, WSNs consists of low-end devices and frequently preclude the presence of a centralized security manager. Therefore, achieving security is even more challenging. State-of-the-art proposals rely on: (1) attended and centralized security systems; or (2) establishing initial keys without taking into account how to efficiently manage rekeying. In this paper we present a scalable group key management proposal for unattended WSNs that is designed to reduce the rekeying cost when the group membership changes.

  • Towards a cooperative intrusion detection system for cognitive radio networks

     León Abarca, Olga; Román, Rodrigo; Hernández Serrano, Juan Bautista
    International Conferences on Networking
    Presentation's date: 2011-05-13
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Cognitive Radio Networks (CRNs) arise as a promising solution to the scarcity of spectrum. By means of cooperation and smart decisions influenced by previous knowledge, CRNs are able to detect and profit from the best spectrum opportunities without interfering primary licensed users. However, besides the well-known attacks to wireless networks, new attacks threat this type of networks. In this paper we analyze these threats and propose a set of intrusion detection modules targeted to detect them. Provided method will allow a CRN to identify attack sources and types of attacks, and to properly react against them.

  • Low-power low-rate goes long-range: the case for secure and cooperative machine-to-machine communications

     Bartoli, Andrea; Dohler, Mischa; Hernández Serrano, Juan Bautista; Kountouris, Apostolous; Barthel, Dominique
    International Conferences on Networking
    Presentation's date: 2011-05-13
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    The vision of connecting a large amount of objects on this planet to improve well-being and safety is slowly taking shape. Preceded by a decade-long era of research on low-power low-rate short-range wireless sensor networks, first proprietary and later standards-compliant embedded technologies have successfully been put forward. Cellular machine-to-machine (M2M) is taking this technology to a next step where communication ranges are significantly extended by relying on cellular infrastructure. This position paper discusses these emerging paradigms and highlights how cooperative as well as security requirements are core to their designs

  • Access to the full text
    Robust detection of primary user emulation attacks in IEEE 802.22 networks  Open access

     León Abarca, Olga; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    International Conference on Cognitive Radio and Advanced Spectrum Management
    Presentation's date: 2011-10-27
    Presentation of work at congresses

    Read the abstract Read the abstract Access to the full text Access to the full text Open in new window  Share Reference managers Reference managers Open in new window

    Cognitive Radio (CR) technology constitutes a new paradigm where wireless devices can access the spectrum left unused by licensed or primary users in an opportunistic way. This feature opens the door to a main new threat: the Primary User Emulation (PUE) attack, in which a malicious user transmits a fake primary signal preventing a Cognitive Radio Network (CRN) from using the available spectrum. Cooperative location of a primary source can be a valuable tool for distinguishing between a legitimate transmission and a PUE attack whenever the position of primary users is known, as it is the case of TV towers in the IEEE 802.22 standard. However, the location process can be undermined due to false data provided by malicious or faulty nodes. In this paper, we analyze the effect of forged reports on the location process of a given emitter and provide a set of countermeasures in order to make it robust to undesired behaviors.

  • Access to the full text
    Secure lossless aggregation over fading and shadowing channels for smart grid M2M networks  Open access

     Bartoli, Andrea; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel; Dohler, Mischa; Kountouris, Apostolous; Barthel, Dominique
    IEEE Transactions on Smart Grid
    Date of publication: 2011-12
    Journal article

    Read the abstract Read the abstract Access to the full text Access to the full text Open in new window  Share Reference managers Reference managers Open in new window

    Whilst security is generally perceived as an important constituent of communication systems, this paper offers a viable security-communication-tradeoff particularly tailored to Advanced Metering Infrastructures (AMIs) in Smart Grid systems. These systems, often composed of embedded nodes with highly constrained resources, require e.g. metering data to be delivered efficiently whilst neither jeopardizing communication nor security. Data aggregation is a natural choice in such settings, where the challenge is to facilitate per-hop as well as end-to-end security. The prime contribution of this paper is to propose a secure aggregation protocol that meets the requirements of Smart Grids, and to analyze its efficiency considering various system configurations as well as the impact of the wireless channel through packet error rates. Relying on analysis and corroborative simulations, unprecedented design guidelines are derived which determine the operational point beyond which aggregation is useful as well quantifying the superiority of our protocol w.r.t. non-aggregated solutions.

  • Security in Peer-to-Peer Communication Systems  Open access

     Suárez Touceda, Diego
    Defense's date: 2011-07-26
    Department of Telematics Engineering, Universitat Politècnica de Catalunya
    Theses

    Read the abstract Read the abstract Access to the full text Access to the full text Open in new window  Share Reference managers Reference managers Open in new window

    P2PSIP (Peer-to-Peer Session Initiation Protocol) is a protocol developed by the IETF (Internet Engineering Task Force) for the establishment, completion and modi¿cation of communication sessions that emerges as a complement to SIP (Session Initiation Protocol) in environments where the original SIP protocol may fail for technical, ¿nancial, security, or social reasons. In order to do so, P2PSIP systems replace all the architecture of servers of the original SIP systems used for the registration and location of users, by a structured P2P network that distributes these functions among all the user agents that are part of the system. This new architecture, as with any emerging system, presents a completely new security problematic which analysis, subject of this thesis, is of crucial importance for its secure development and future standardization. Starting with a study of the state of the art in network security and continuing with more speci¿c systems such as SIP and P2P, we identify the most important security services within the architecture of a P2PSIP communication system: access control, bootstrap, routing, storage and communication. Once the security services have been identi¿ed, we conduct an analysis of the attacks that can a¿ect each of them, as well as a study of the existing countermeasures that can be used to prevent or mitigate these attacks. Based on the presented attacks and the weaknesses found in the existing measures to prevent them, we design speci¿c solutions to improve the security of P2PSIP communication systems. To this end, we focus on the service that stands as the cornerstone of P2PSIP communication systems¿ security: access control. Among the new designed solutions stand out: a certi¿cation model based on the segregation of the identity of users and nodes, a model for secure access control for on-the-¿y P2PSIP systems and an authorization framework for P2PSIP systems built on the recently published Internet Attribute Certi¿cate Pro¿le for Authorization. Finally, based on the existing measures and the new solutions designed, we de¿ne a set of security recommendations that should be considered for the design, implementation and maintenance of P2PSIP communication systems.

  • Access to the full text
    Modeling the lion attack in cognitive radio networks  Open access

     Hernández Serrano, Juan Bautista; León Abarca, Olga; Soriano Ibáñez, Miguel
    Eurasip journal on wireless communication and networking
    Date of publication: 2011
    Journal article

    Read the abstract Read the abstract Access to the full text Access to the full text Open in new window  Share Reference managers Reference managers Open in new window

    Cognitive radio is a promising technology aiming to improve the utilization of the radio electromagnetic spectrum. A cognitive radio is a smart device which runs radio applications software to perform signal processing. The use of this software enables the device to sense and understand its environment and actively change itsmode of operation based on its observations. Unfortunately, this solution entails new security challenges. In this paper, we present a cross-layer attack to TCP connections in cognitive radio networks, analyze its impact on TCP throughput via analytical model and simulation, and propose potential countermeasures to mitigate it.

  • Procédé de traitement d'un paquet de données à l'émission, procédé de traitement d'un paquet de données à la réception, dispositifs et équipements n¿uds associés

     Kountouris, Apostolous; Barthel, Dominique; Dohler, Mischa; Bartoli, Andrea; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    Date of request: 2011-06-17
    Invention patent

     Share Reference managers Reference managers Open in new window

  • Comparación de afinidades privada mediante isomorfismo de grafos

     Vera Del Campo, Juan Victoriano; Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel
    Reunión Española sobre Criptología y Seguridad de la Información
    Presentation's date: 2010-09-08
    Presentation of work at congresses

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Access to the full text
    Secure lossless aggregation for Smart Grid M2M networks  Open access

     Bartoli, Andrea; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel; Dohler, Mischa; Kountouris, Apostolous; Barthel, Dominique
    IEEE International Conference on Smart Grid Communications
    Presentation's date: 2010-10
    Presentation of work at congresses

    Read the abstract Read the abstract Access to the full text Access to the full text Open in new window  Share Reference managers Reference managers Open in new window

    Whilst security is generally perceived as an important constituent of communication systems, this paper offers a viable security-communication-tradeoff particularly tailored to Advanced Metering Infrastructures (AMIs) in Smart Grid systems. These systems, often composed of embedded nodes with highly constrained resources, require e.g. metering data to be delivered efficiently whilst neither jeopardizing communication nor security. Data aggregation is a natural choice in such settings, where the challenge is to facilitate per-hop as well as end-to-end security. The prime contribution of this paper is to propose a secure aggregation protocol that meets the requirements of Smart Grids, and to analyze its efficiency considering various system configurations as well as the impact of the wireless channel through packet error rates. Relying on analysis and corroborative simulations, unprecedented design guidelines are derived which determine the operational point beyond which aggregation is useful as well quantifying the superiority of our protocol w.r.t. non-aggregated solutions.

  • Profile-based searches on P2P social networks

     Vera Del Campo, Juan Victoriano; Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel
    International Conference on Networks
    Presentation's date: 2010-04-13
    Presentation of work at congresses

     Share Reference managers Reference managers Open in new window

  • Securing cognitive radio networks

     León Abarca, Olga; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    International journal of communication systems
    Date of publication: 2010-05
    Journal article

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Distributed group security for wireless sensor networks

     Hernández Serrano, Juan Bautista; Vera Del Campo, Juan Victoriano; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    Date of publication: 2010
    Book chapter

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • TELEVOTE

     Hernández Serrano, Juan Bautista; Esparza Martin, Oscar; Yufera Gomez, Jose Manuel; Soriano Ibáñez, Miguel
    Participation in a competitive project

     Share

  • Un nuevo ataque a TCP para redes de radios cognitivas

     León Abarca, Olga; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    Jornadas de Ingeniería Telemática1
    Presentation's date: 2009-09-15
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Los dispositivos de radios cognitivas emergen como una prometedora tecnología que ha de permitir un mejor uso del espectro electro-magnético. Estos dispositivos se caracterizan por ser capaces de observar y entender su entorno, y cambiar consecuentemente su modo de operación. Sin embargo, estas propiedades “cognitivas” conllevan nuevos retos de seguridad. En este artículo se presenta un nuevo ataque a las conexiones TCP en redes de radios cognitivas, se proponen soluciones para mitigarlo y se evalúa el impacto del mismo con y sin contramedidas.

  • A new cross-layer attack to TCP in cognitive radio networks

     León Abarca, Olga; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    International workshop on cross-layer design
    Presentation's date: 2009-06
    Presentation of work at congresses

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • GRUP SEGURETAT DE LA INFORMACIÓ (ISG)

     Pallares Segarra, Esteve; Fernandez Muñoz, Marcel; León Abarca, Olga; Hernández Serrano, Juan Bautista; Forné, Jordi; Pegueroles Valles, Josep Rafel; Esparza Martin, Oscar; Muñoz Tapia, Jose Luis; Parra Arnau, Javier; Soriano Ibáñez, Miguel
    Participation in a competitive project

     Share

  • PROVISION SEGURA DE SERVICIOS SOBRE EL P2P (P2PSEC)

     Pegueroles Valles, Josep Rafel; Fernandez Muñoz, Marcel; Mata Diaz, Jorge; Martin Faus, Isabel Victoria; León Abarca, Olga; Esparza Martin, Oscar; Forga Alberich, Jordi; Hernández Serrano, Juan Bautista; Rico Novella, Francisco Jose; Cruz Llopis, Luis Javier de La; Alins Delgado, Juan Jose; Muñoz Tapia, Jose Luis; Soriano Ibáñez, Miguel
    Participation in a competitive project

     Share

  • SBV SECURE BIOMETRIC VOTING: SISTEMA BIOMETRICO PARA PROCESOS ELECTORALES SEGUROS

     Esparza Martin, Oscar; Hernández Serrano, Juan Bautista; Muñoz Tapia, Jose Luis; Soriano Ibáñez, Miguel
    Participation in a competitive project

     Share

  • Shared self-organized GKM protocol for MANETs

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    Journal of information science and engineering
    Date of publication: 2008-11
    Journal article

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Contribución a la seguridad de grupo en redes inalámbricas avanzadas

     Hernández Serrano, Juan Bautista
    Defense's date: 2008-06-26
    Department of Telematics Engineering, Universitat Politècnica de Catalunya
    Theses

     Share Reference managers Reference managers Open in new window

  • Análisis de seguridad de un sistema de archivos distribuido

     Vera Del Campo, Juan Victoriano; Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel
    Reunión Española sobre Criptología y Seguridad de la Información
    Presentation's date: 2008-09-04
    Presentation of work at congresses

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • SCFS: towards design and implementation of a secure distributed filesystem

     Vera Del Campo, Juan Victoriano; Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel
    International Conference on Security and Cryptography
    Presentation's date: 2008-07
    Presentation of work at congresses

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • ELefANTC E-Learning for Acquiring New Types of Skills - Continued.

     Silvestre Berges, Santiago; Soriano Ibáñez, Miguel; Hernández Serrano, Juan Bautista
    Participation in a competitive project

     Share

  • Supporting Mobility in GKM over Ad-Hoc Network Using a Decentralized and Spontaneous Algorithm

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    Lecture notes in computer science
    Date of publication: 2007-08
    Journal article

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Supporting mobility in GKM over ad-hoc network using a decentralized and spontaneous algorithm

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    International Conference on Computational Science and its Applications
    Presentation's date: 2007
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Recently there have been a noticeable growth of ad-hoc environments with peer-to-peer relations. Such environments decentralize the services in order to share their cost between their members. As a result, a decentralized security scheme for the group members must be also provided. Group Key Management (GKM) deals with the responsibility of providing privacy and group authentication in group communications, but until now it is based either in centralized solutions, useless for peer-to-peer groups, or in contributory key schemes, that require a known group size. We propose a GKM algorithm targeted to ad-hoc environments that it is decentralized and allows members to only know their one-hop neighbors. Moreover our presented algorithm can deal with the potential mobility of the ad-hoc devices.

  • Ares. team for Advanced REsearch on information Security and privacy

     Soriano Ibáñez, Miguel; Domingo Ferrer, Josep; Muñoz Tapia, Jose Luis; Forné, Jordi; Pegueroles Valles, Josep Rafel; Hernández Serrano, Juan Bautista; Pallares Segarra, Esteve; Fernandez Muñoz, Marcel
    Participation in a competitive project

     Share

  • Premio al mejor artículo de las VI Jornadas de Ingeniería Telemática - JITEL 2007

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano, Miguel
    Award or recognition

     Share

  • Mantenimiento autónomo y distribuido de la Group Key Management sobre Wireless Sensor Networks

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    Jornadas de Ingeniería Telemática
    Presentation's date: 2007-09
    Presentation of work at congresses

     Share Reference managers Reference managers Open in new window

  • Building a virtual hierarchy to simplify certification path discovery in mobile ad-hoc networks

     Satizabal, C; Hernández Serrano, Juan Bautista; Forné, Jordi; Pegueroles Valles, Josep Rafel
    Computer communications
    Date of publication: 2007-05
    Journal article

     Share Reference managers Reference managers Open in new window

  • Adapting GKM to many-to-many communications over MANET

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    Lecture notes in computer science
    Date of publication: 2006-05
    Journal article

     Share Reference managers Reference managers Open in new window

  • Building hierarchical public key infrastructures in mobile ad-hoc networks

     Satizábal Echavarría, Isabel Cristina; Forné, Jordi; Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel
    Mobile Ad-hoc and Sensor Networks
    Presentation's date: 2006-12
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Dynamism of mobile ad-hoc networks implies changing trust relationships among their nodes that can be established using peer-to-peer PKIs. Here, certification paths can be built although part of the infrastructure is temporarily unreachable because there can be multiple paths between two entities but certification path discovery is difficult since all the options do not lead to the target entity. On the contrary, in hierarchical PKIs, there is only one path between two entities and certification paths are easy to find. For that reason, we propose a protocol that establishes a virtual hierarchy in a peer-to-peer PKI. The results show that this protocol can be executed in a short time. In addition, our protocol does not require to issue new certificates among PKI entities, facilitates the certification path discovery process and the maximum path length can be adapted to the characteristics of users with limited processing and storage capacity.

  • Algoritmo escalable y descentralizado de gestión de claves de grupo en entornos ad-hoc

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    IX Reunion Española sobre Criptologia y Seguridad de la Informacion
    Presentation of work at congresses

     Share Reference managers Reference managers Open in new window

  • Decentralized and Scalable Group Key Management Algorithm for Large Ad-Hoc Groups

     Pegueroles Valles, Josep Rafel; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    Mobile Computing and Wireless Communication International Conference, 2006
    Presentation of work at congresses

     Share Reference managers Reference managers Open in new window

  • Building Hierarchical Public Key Infrastructures in Mobile Ad-Hoc Networks

     Satizábal, Cristina; Hernández Serrano, Juan Bautista; Forné, Jordi; Pegueroles Valles, Josep Rafel
    Lecture notes in computer science
    Date of publication: 2006-12
    Journal article

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Multimedia Copyright Protection Platform Demonstrator

     Soriano Ibáñez, Miguel; Fernandez Muñoz, Marcel; Sayrol Clols, Elisa; Tomàs, J; Casanelles, J; Pegueroles Valles, Josep Rafel; Hernández Serrano, Juan Bautista
    Lecture notes in computer science
    Date of publication: 2005-05
    Journal article

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Multimedia copyright protection platform demonstrator

     Soriano Ibáñez, Miguel; Fernandez Muñoz, Marcel; Sayrol Clols, Elisa; Tomas Buliart, Joan; Casanellas, Joan; Pegueroles Valles, Josep Rafel; Hernández Serrano, Juan Bautista
    International Conference on Trust Management
    Presentation's date: 2005
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    The work presented in this paper consists in the development of a portable platform to protect the copyright and distribution rights of digital contents, and empirically demonstrate the capacity of several marking and tracing algorithms. This platform is used to verify, at a practical level, the strength properties of digital watermarking and fingerprinting marks. Initially, two watermarking algorithms, one based on spread-spectrum techniques and the other based on QIM (Quantization Index Modulation), have been implemented. Moreover, we use these watermarking algorithms to embed a fingerprinting code, based on code concatenation, equipped with an efficient tracing algorithm. In this paper we focus on the implementation issues of the Java-based platform, that consists of three main packages that are fully described