Bernardo Alarcos

Ontology Alignment Architecture for Semantic Sensor Web Integration

Sensor networks are a concept that has become very popular in data acquisition and processing for multiple applications in different fields such as industrial, medicine, home automation, environmental detection, etc. Today, with the proliferation of small communication devices with sensors that collect environmental data, semantic Web technologies are becoming closely related with sensor networks. The linking of elements from Semantic Web technologies with sensor networks has been called Semantic Sensor Web and has among its main features the use of ontologies. One of the key challenges of using ontologies in sensor networks is to provide mechanisms to integrate and exchange knowledge from heterogeneous sources (that is, dealing with semantic heterogeneity). Ontology alignment is the process of bringing ontologies into mutual agreement by the automatic discovery of mappings between related concepts. This paper presents a system for ontology alignment in the Semantic Sensor Web which uses fuzzy logic techniques to combine similarity measures between entities of different ontologies. The proposed approach focuses on two key elements: the terminological similarity, which takes into account the linguistic and semantic information of the context of the entitys names, and the structural similarity, based on both the internal and relational structure of the concepts. This work has been validated using sensor network ontologies and the Ontology Alignment Evaluation Initiative (OAEI) tests. The results show that the proposed techniques outperform previous approaches in terms of precision and recall.

Detecting and defeating advanced man-in-the-middle attacks against TLS

TLS is an essential building block for virtual private networks. A critical aspect for the security of TLS dialogs is authentication and key exchange, usually performed by means of certificates. An insecure key exchange can lead to a man-in-the-middle attack (MITM). Trust in certificates is generally achieved using Public Key Infrastructures (PKIs), which employ trusted certificate authorities (CAs) to establish certificate validity chains.

An Infocard-Based Proposal for Unified Single Sign on

During last years, service federation has been a hot topic for researchers all along the world. In that context, single sign on (SSO) access to services has risen as a major concern for this kind of environments and many proposals suited to several scenarios have been stated. We can think of eduroam an eduGAIN as two major examples of this, the former as a federated initiative to provide access to network and the latter as a confederated proposal to provide secure access to web (and non-web as grid) resources. Given that both architectures usually are deployed in a common security domain, it could be interesting to explore ways to bring both worlds together, that is, to find a way to get access as we get access to the network services. Currently, there are two disjoint actions: first get access to network, with its own authentication process, and second get access to other resources through eduGAIN. The process could be greatly simplified if a way is devised to unify both accesses what has been called unified Single Sing On (uSSO). In this work, we propose a novel framework to provide uSSO in that environment with minor modifications to existing deployments employing Infocard Technology.

Providing authentication & authorization mechanisms for active service charging

Active network technology enables fast deployment of new network services tailored to the specific needs of end users, among others features. Nevertheless proper charging for these new added value services require suitable authentication and authorization mechanisms. In this article we describe a security architecture for SARA (Simple Active Router-Assistant) architecture, an active network platform deployed in the context of the IST-GCAP project. The proposed solution provides all the required security features, and it also grants proper scalability of the overall system, by using a distributed key-generation algorithm.

ROSA: Realistic Open Security Architecture for Active Networks

Active network technology enables fast deployment of new network services tailored to the specific needs of end users, among other features. Nevertheless, security is still a main concern when considering the industrial adoption of this technology. In this article we describe an open security architecture for active network platforms that follow the discrete approach. The proposed solution provides all the required security features, and it also grants proper scalability of the overall system, by using a distributed key-generation algorithm. The performance of the proposal is validated with experimental data obtained from a prototype implementation of the solution.

Carrying ATM cells over Ethernet

This paper presents the design details and performance measurements of an implementation of the Cells In Frame (CIF) protocol over the Linux operative system. The CIF protocol allows to encapsulate ATM cells in Ethernet frames, bringing in this way the advantages of ATM technology over legacy Ethernet networks. Throughput, delay, and delay variation have been measured in order to determine the ability of this approach to suite properly the requirements of multimedia traffic. The obtained results point out that this scheme will provide the necessary ATM quality of service at the price of a minimum throughput reduction respect to native Ethernet. Also, a new queuing algorithm is being researched to optimize traffic management.

Smart Toys Designed for Detecting Developmental Delays

In this paper, we describe the design considerations and implementation of a smart toy system, a technology for supporting the automatic recording and analysis for detecting developmental delays recognition when children play using the smart toy. To achieve this goal, we take advantage of the current commercial sensor features (reliability, low consumption, easy integration, etc.) to develop a series of sensor-based low-cost devices. Specifically, our prototype system consists of a tower of cubes augmented with wireless sensing capabilities and a mobile computing platform that collect the information sent from the cubes allowing the later analysis by childhood development professionals in order to verify a normal behaviour or to detect a potential disorder. This paper presents the requirements of the toy and discusses our choices in toy design, technology used, selected sensors, process to gather data from the sensors and generate information that will help in the decision-making and communication of the information to the collector system. In addition, we also describe the play activities the system supports.

Forensic analysis of Telegram Messenger for Windows Phone

This article presents a forensic analysis methodology for obtaining the digital evidence generated by one of todays many instant messaging applications, namely Telegram Messenger for Windows Phone, paying particular attention to the digital forensic artifacts produced. The paper provides an overview of this forensic analysis, while focusing particularly on how the information is structured and the user, chat and conversation data generated by the application are organised, with the goal of extracting related data from the information. The application has several other features (e.g. games, bots, stickers) besides those of an instant messaging application (e.g. messages, images, videos, files). It is therefore necessary to decode and interpret the information, which may relate to criminal offences, and establish the relation of different types of user, chat and conversation.

Using Expressive Dialogues and Gradient Information to Improve Trade-Offs in Bilateral Negotiations

A bilateral negotiation may be seen as an interaction between two parties with the goal of reaching an agreement over a given range of issues which usually involves solving a conflict of interests between the parties involved. In our previous work, we address the problem of automatic bilateral negotiation by using fuzzy constraints as a mean to express participants preferences, focusing in purchase negotiation scenarios. Other research works have used similarity criteria to perform trade-offs in bilateral bargaining scenarios, without any expressive mechanisms between participants. In this paper, we combine our expressive approach with the traditional positional bargaining schema. In particular, we explore the possibility of using the derivatives of each agents valuation function to issue direction requests to narrow the solution search space of its counterpart, thus improving the effectiveness and efficiency of the negotiation over traditional positional approaches.

Design of a Set of Software Tools for Side-Channel Attacks

This contribution presents the design and the first experimental results of a set of software tools to carry out side-channel attacks against cryptographic devices, especially smartcards. To this aim, the main attacks of this class are commented, with special emphasis in power analysis attacks. The final objective is to make this set of tools available to the scientific community, so that it can be improved and enlarged according to particular needs.