Papers by Javier Miranda López
Charles Payne, Adventium Labs, USA (Program Chair) Michael Franz, University of California, Irvin... more Charles Payne, Adventium Labs, USA (Program Chair) Michael Franz, University of California, Irvine, USA (Program Co-Chair) Anas Abou El Kalam, IRIT/ENSEEIHT Claudio Ardagna, U. of Milan Vijay Atluri, Rudgers U. Tuomas Aura, Microsoft Research Lee Badger, NIST Kosta Beznosov, U. of British Columbia Marco Casassa Mont, HP Labs Shiping Chen, Sybase, Inc. Marc Dacier, Symantec Corporation Robert Deng, Singapore Mgmt U. Mary Denz, Air Force Research Lab Jeremy Epstein, SRI International Philip Fong, U. of ...
ieeexplore.ieee.org
Pierangela Samarati (PC Chair), Università degli Studi di Milano Charles Payne (PC Co-Chair), Adv... more Pierangela Samarati (PC Chair), Università degli Studi di Milano Charles Payne (PC Co-Chair), Adventium Labs ... Claudio A. Ardagna, University of Milan, Italy Vijay Atluri, Rutgers University, USA Tuomas Aura, Microsoft Research, UK Konstantin Beznosov, University of British Columbia, Canada Marco Casassa-Mont, HP Bristol, UK Marc Dacier, Symantec, France Robert Deng, Singapore Management University, Singapore Mary Denz, Air Force Research Laboratory, USA Andre dos Santos, U. of Puerto Rico-Mayaguez, Puerto Rico Anas Abou ...
computer.org
Pierangela Samarati (PC Chair), Università degli Studi di Milano Charles Payne (PC Co-Chair), Adv... more Pierangela Samarati (PC Chair), Università degli Studi di Milano Charles Payne (PC Co-Chair), Adventium Labs ... Tuomas Aura, Microsoft Research, UK Lujo Bauer, Carnegie Mellon University David Elliott Bell, Selfless Security Terry Benzel, USC-ISI Konstantin Beznosov, University of British Columbia Rafae Bhatti, Florida International University Sabrina De Capitani di Vimercati, Università degli Studi di Milano Marc Dacier, Eurecom Institute Mary Denz, Air Force Research Laboratory Jan Eloff, University of Pretoria Philip Fong, University of Regina ...
... 45 4.2.2 Token Technologies 45 4.2.3 Two-Factor Authentication 47 4.2.4 ... methods, and tech... more ... 45 4.2.2 Token Technologies 45 4.2.3 Two-Factor Authentication 47 4.2.4 ... methods, and techniques to overcome them within the framework of international ... quality business integrated information security management; Principles of user authentication technologies; Principles ...
While there is wide agreement on the immense potential of Internet, its growth and performance ar... more While there is wide agreement on the immense potential of Internet, its growth and performance are adversely affected by security issues. Despite its impressive size, scope and reach, the Internet has not yet become a common vehicle for many of these new possibilities. Progress in fields as electronic commerce and government-citizen relationships have been limited by the open design of the network itself. Today, Public-Key Infrastructures are the basis of the protocols and tools needed to guarantee the security demanded in those fields. Trust management and user identification are also important issues that remain unresolved. This paper introduces a key management and user identification system, named Cert'eM, that is based on the electronic mail service. Cert'eM provides important advantages over existing Public-Key Infrastructures and user identification proposals.
La seguridad es uno de los aspectos más conflictivos del uso de Internet. La falta de una polític... more La seguridad es uno de los aspectos más conflictivos del uso de Internet. La falta de una política de seguridad global está frenando el desarrollo de Internet en áreas tan interesantes y prometedoras como el comercio electrónico o la interacción con las administraciones públicas. Las técnicas criptográficas actuales proporcionan un alto grado de confidencialidad; no obstante, es difícil garantizar la identificación segura de los usuarios y, además, la gestión de las claves de los mismos es poco eficiente y presenta graves problemas de escalabilidad y seguridad. En este trabajo se describe una solución a ambos problemas basada en una Infraestructura de Clave Pública que proporciona una administración simple y eficiente de las claves de los usuarios y posibilita la autenticación segura de los mismos. El sistema se ha probado con éxito de forma local y, en breve, será instalado para su prueba por parte de la comunidad de usuarios de RedIris.
Resumen: La seguridad es uno de los aspectos más conflictivos del uso de Internet. La falta de un... more Resumen: La seguridad es uno de los aspectos más conflictivos del uso de Internet. La falta de una política de seguridad global está frenando el desarrollo de Internet en áreas tan interesantes y prometedoras como el comercio electrónico o la interacción con las administraciones públicas. Las técnicas criptográficas actuales proporcionan un alto grado de confidencialidad; no obstante, es difícil garantizar la identificación segura de los usuarios y, además, la gestión de las claves de los mismos es poco eficiente y presenta graves problemas de escalabilidad. Este trabajo describe las características de implementación de una solución a ambos problemas basada en una Infraestructura de Clave Pública (PKI) que proporciona una administración simple y eficiente de las claves de los usuarios y posibilita la autenticación segura de los mismos.
Internet is now a conventional component in the life of millions of people, introducing new ways ... more Internet is now a conventional component in the life of millions of people, introducing new ways of relation and living. However, Internet related technologies may change many more aspects in our lives than they actually have done. Fields such as electronic commerce have the potential to represent dramatic changes in our society but the reality is that they have not fulfilled their promised objectives because there are open problems in the security of the underlying communication mechanisms and also in the implementation of the commercial processes. This paper presents the SALE.com system, a framework for the secure commerce of information that is based on the following idea: The security requirements of all processes related to the secure transmission and commerce of information can be fulfilled if we guarantee that the software running at the other side of the communication line is protected. To characterize what we call "protected software" we must fulfil some conditions; in particular, we must ensure that it is neither possible to discover nor to alter the function that the software performs and it is also impossible to impersonate the software. The solution that we present is also based on the notion of "secure container", a protected package of data and administrative information. Opposed to other proposals we use "active" instead of "passive" containers (we use software instead of data) in order to avoid some problems of the latter. Our solution uses mobile software elements that we call "sales agents" to convey the protected contents and force the user to fulfil the conditions previously established before the access to the contents is granted.
La copia ilegal de software ha sido, desde la popularización del uso de los ordenadores, uno de l... more La copia ilegal de software ha sido, desde la popularización del uso de los ordenadores, uno de los mayores problemas para su industria. Para atacar este problema han aparecido en la literatura propuestas de esquemas de protección de software basados en tokens hardware resi stentes a ataques físicos. Todos ellos dependen de dos premisas: (a) la resistencia del token a los ataques físicos, y (b) la dificultad de analizar y modificar el software para evitar la comprobación de la presencia del token. La experiencia demuestra que la primera premisa es razonable (e incluso inevitable). Sin embargo, la segunda es poco realista porque el análisis de código ejecutable siempre es posible. Además, las técnicas utilizadas para dificultar esta labor no son efectivas para disuadir a un usuario deshonesto con unos recursos medios. En este trabajo se describe un esquema robusto de protección de software basado en el uso combinado de criptografía y tarjetas inteligentes. La seguridad de este nuevo esquema depende únicamente de la primera premisa, ya que la modificación del código para evitar la comprobación de la presencia del token no pe rmite romper este esquema.
... Pointcheval, David, Ecole Normale Superieure, France Quirchmayr, Gerald, University of South ... more ... Pointcheval, David, Ecole Normale Superieure, France Quirchmayr, Gerald, University of South Australia, Australia Rannenberg, Kai, Microsoft Research Cambridge, UK ... Marcus Hütten Antonio Maña Torsten Priebe Torsten Schlichting Gorm Salomonsen Sandra Steinbrecher ...
This paper presents CASENET, a Fifth European Framework research project whose objectives are to ... more This paper presents CASENET, a Fifth European Framework research project whose objectives are to develop and implement a tool-supported framework for the systematic specification, design and analysis of ecommerce and e-government transactions to produce protocols with proven security properties, and to assist in code generation for these protocols. The methodologies and tools developed by the project will enable the designer of an e-commerce or e-government application to generate a formal protocol specification with the desired security properties and be usable for the security analysis of protocols. After successful analysis, the methodologies and tools will assist in transforming the formal protocol specification into final code, provide test cases for testing the code with respect to the initial requirements and services for real-time auditing in order to check that the participants of a protocol act according to the description.
Resumen-La confidencialidad ha pasado de ser un requisito de seguridad a ser considerado como req... more Resumen-La confidencialidad ha pasado de ser un requisito de seguridad a ser considerado como requisito funcional y de obligado cumplimiento e inclusión en todos los sistemas de comunicaciones. Un inconveniente que presenta las técnicas criptográficas, utilizadas para obtener la confidencialidad de la información, surge cuando varias entidades se ven forzadas a compartir información secreta para realizar tareas puntuales de colaboración, ya que las primitivas tradicionales utilizadas para conseguir la confidencialidad resultan poco flexibles. La situación ideal permitiría hacer posible dicha colaboración sin que ninguna de las partes revele la información aportada. En este escenario entra en juego la tecnología de Computación Segura Multiparte (CSM) que posibilita realizar operaciones con la información compartida sin tener que hacerla pública. Este trabajo muestra una solución CSM aplicada a una subasta electrónica que permite la realización de la subasta sin que las apuestas sean reveladas a ningún participante, incluyendo el subastador, por lo que no necesita el estableciendo de ninguna autoridad confiable. Aunque la literatura ofrece una amplia variedad de propuestas teóricas de CSM desde su creación en la década de los ochenta, no es común su aplicación práctica en situaciones reales.
Caelli, William, Chen, Kevin, Dawson, Edward, Henricksen, Matthew, Lopez, Javier, Okamoto, Eiji, ... more Caelli, William, Chen, Kevin, Dawson, Edward, Henricksen, Matthew, Lopez, Javier, Okamoto, Eiji, Russell, Selwyn, & Smith, Jason (2002) Online Public Key Infrastructure. In: VII Spanish Meeting on Cryptology and Information Security (VII RECSI), 5-7 September, ...
... 15(3), 1 - 4 (2001) Page 13. 2. Litke, A., Skoutas, D., Varvarigou, T.: Mobile Grid Computing... more ... 15(3), 1 - 4 (2001) Page 13. 2. Litke, A., Skoutas, D., Varvarigou, T.: Mobile Grid Computing: Changes and Challenges of Resourse Management in a Mobile Grid Environment. ... 271 - 278. ACM Press, Atlanta, Georgia, USA (2002) 13. ...
Abstract: Virtual Private Network (VPN) solutions mainly focus on security aspects. However, when... more Abstract: Virtual Private Network (VPN) solutions mainly focus on security aspects. However, when security is considered the unique problem, some collateral ones arise. VPN users suffer from restrictions in their access to the network. They are not free to use traditional Internet services such as electronic mail exchange and audio/video conference with non-VPN users, and to access Web and Ftp servers external to the organization. In this paper we present a new solution, located at the TCP/IP transport layer and oriented to UDP ...
During the last decades, a huge amount of trust and reputation models have been proposed, each of... more During the last decades, a huge amount of trust and reputation models have been proposed, each of them with their own particularities and targeting different domains. While much effort has been made in defining ever-increasing complex models, little attention has been paid to abstract away the particularities of these models into a common set of easily understandable concepts. We propose a conceptual framework for computational trust models that is used for developing a component-oriented development framework that aims to assist developers during the implementation phase.
During the last years, many trust and reputation models have been proposed, each one targeting di... more During the last years, many trust and reputation models have been proposed, each one targeting different contexts and purposes, and with their own particularities. While most contributions focus on defining everincreasing complex models, little attention has been paid to the process of building these models inside applications during their implementation. The result is that models have traditionally considered as ad-hoc and after-the-fact solutions that do not always fit with the design of the application. To overcome this, we propose an object-oriented development framework onto which it is possible to build applications that require functionalities provided by trust and reputation models. The framework is extensible and flexible enough to allow implementing an important variety of trust models. This paper presents the framework, describes its main components, and gives examples on how to use it in order to implement three different trust models.
Uploads
Papers by Javier Miranda López