Visible to the public Biblio

Filters: Author is Bernabe, J. B.  [Clear All Filters]
2021-03-29
Moreno, R. T., Rodríguez, J. G., López, C. T., Bernabe, J. B., Skarmeta, A..  2020.  OLYMPUS: A distributed privacy-preserving identity management system. 2020 Global Internet of Things Summit (GIoTS). :1—6.

Despite the latest initiatives and research efforts to increase user privacy in digital scenarios, identity-related cybercrimes such as identity theft, wrong identity or user transactions surveillance are growing. In particular, blanket surveillance that might be potentially accomplished by Identity Providers (IdPs) contradicts the data minimization principle laid out in GDPR. Hence, user movements across Service Providers (SPs) might be tracked by malicious IdPs that become a central dominant entity, as well as a single point of failure in terms of privacy and security, putting users at risk when compromised. To cope with this issue, the OLYMPUS H2020 EU project is devising a truly privacy-preserving, yet user-friendly, and distributed identity management system that addresses the data minimization challenge in both online and offline scenarios. Thus, OLYMPUS divides the role of the IdP among various authorities by relying on threshold cryptography, thereby preventing user impersonation and surveillance from malicious or nosy IdPs. This paper overviews the OLYMPUS framework, including requirements considered, the proposed architecture, a series of use cases as well as the privacy analysis from the legal point of view.

2017-12-28
Farris, I., Bernabe, J. B., Toumi, N., Garcia-Carrillo, D., Taleb, T., Skarmeta, A., Sahlin, B..  2017.  Towards provisioning of SDN/NFV-based security enablers for integrated protection of IoT systems. 2017 IEEE Conference on Standards for Communications and Networking (CSCN). :169–174.

Nowadays the adoption of IoT solutions is gaining high momentum in several fields, including energy, home and environment monitoring, transportation, and manufacturing. However, cybersecurity attacks to low-cost end-user devices can severely undermine the expected deployment of IoT solutions in a broad range of scenarios. To face these challenges, emerging software-based networking features can introduce new security enablers, providing further scalability and flexibility required to cope with massive IoT. In this paper, we present a novel framework aiming to exploit SDN/NFV-based security features and devise new efficient integration with existing IoT security approaches. The potential benefits of the proposed framework is validated in two case studies. Finally, a feasibility study is presented, accounting for potential interactions with open-source SDN/NFV projects and relevant standardization activities.