Vehicular Cloud: Architecture and Security Challenges

Date: July 27th, 2016
Speaker: Lei Zhang (East China Normal University)
Place: URV

Privacy-preserving Information Sharing: Tools and Applications

Date: June 28th, 2016
Speaker: Emiliano De Cristofaro (University College London)
Place: INE3 (UOC)

Cyber Security in Industrial Control System

Date: April 22th, 2016
Speaker: Giuseppe Bernieri (Universit√° degli Studi Roma Tre)
Place: Malaga

Indoor Localization System

Date: April 22th, 2016
Speaker: Federicca Pascucci (Universit√° degli Studi Roma)
Place: Malaga

On the optimization of non-perfect secret sharing schemes

Date: December 2013
Speaker: Torben Hansen (Aarhus University)
Place: URV

Ecosistemas Inalámbricos: Hacia Entornos Inteligentes

Date: May 2013
Speaker: Francisco Falcone (Universidad Pública de Navarra)
Place: URV


Date: March 2013
Speaker: Arturo Ribagorda (Universidad Carlos III de Madrid)
Place: UMA

Aplicaciones de la Inteligencia Computacional

Date: March 2013
Speaker: José García (Universitat Alacant)
Place: URV

The Evolution of Clustering Protocols for Mobile Ad Hoc and Wireless Sensor Networks

Date: October, 2012
Speaker: Prof. Wendi Heinzelman (University of Rochester)
Place: Universitat Politècnica de Catalunya

Creation and Technology of Enigmedia

Date: October, 2012
Speaker: Gerard Vidal (Enigmedia)
Place: Universitat Rovira i Virgili

Authentication mechanisms for wireless sensor networks

Date: September, 2012
Speaker: Youn-sik Hong (University of Incheon)
Place: Universidad de Málaga

Access Control and Privacy for Data Management Systems

Date: June, 2012
Speaker: Prof. Elena Ferrari (University of Insubria)
Place: Universitat Politècnica de Catalunya

Semantic attacks, the third level of attacks which evolves over cyber-mediated attacks and cyber attacks

Date: May, 2012
Speaker: Jose Manuel Fernández (École Polytechnique de Montréal)
Place: Universidad de Málaga

Stability in Systems with Self-Interested Agents

Date: May, 2012
Speaker: Prof. Maria Polukarov (University of Southampton)
Place: Universitat Politècnica de Catalunya

Security protocols

Date: April, 2012
Speaker: Jorge R. Cuellar (Siemens AG)
Place: Universidad de Málaga

Relay Attacks and Distance Bounding Protocols in RFID Environments

Speaker: Dr. Gildas Avoine (Université catholique de Louvain, Belgium)
Date: Dec. 1, 2011 11h30
Place: Universitat Rovira i Virgili
Abstract: Radio Frequency IDentification (RFID) is a pervasive technology that we commonly use in our everyday lives: building access control, mass transportation, payment cards,... This technology nevertheless arrives with its set of security issues. Among them is the relay attack. A relay attack consists in relaying the messages sent between the RFID reader (verifier) and RFID tag (prover) during the execution of an authentication protocol. The adversary so makes the reader believe that the tag is within its close proximity while it is actually not present in the reader field. After a brief introduction to the RFID technology, we will presicely describe in this presentation the techniques for relay attacks and their practicability. We will then extend the relay attack to more powerful attacks, including the Mafia Fraud and the Terrorist Fraud. After the description of the frauds, we will focus the presentation on the distance bounding protocols, which aim to thwart the considered attacks. Research on distance bounding protocols is an emerging theoretical topic, yet with direct pratical implications.

Data shuffling for statistical database privacy

Speaker: Dr. Kris Muralidhar (University of Kentucky, USA)
Date: Nov. 23, 2011 11h30
Place: Universitat Rovira i Virgili
Abstract: This study discusses a new procedure for masking confidential numerical data-a procedure called data shuffling -in which the values of the confidential variables are \"shuffled\" among observations. The shuffled data provides a high level of data utility and minimizes the risk of disclosure. From a practical perspective, data shuffling overcomes reservations about using perturbed or modified confidential data because it retains all the desirable properties of perturbation methods and performs better than other masking techniques in both data utility and disclosure risk. In addition, data shuffling can be implemented using only rank-order data, and thus provides a nonparametric method for masking. We illustrate the applicability of data shuffling.

Array Codes and Applications

Speaker: Mario Blaum (IBM Almaden Research Center, Univ. Complutense of Madrid)
Date: Sep. 22, 2011 11h00
Place: Universitat Politècnica de Catalunya
Abstract: Array codes are a broad family of codes that are based on simple parity operations in a two-dimensional framework. Their main applications are in Redundant Array of Independent Disks (RAID) architectures and in recovery of large packets of data when data is transmitted in packets (like in the Internet). They can be regarded as erasure correcting codes in an mxn array, where a number of columns contain parity while k of them contain information. When the code can recover up to n-k erased columns, its performance is optimal (it meets the Singleton bound) and the code is called Maximum Distance Separable (MDS). I will concentrate mainly on MDS codes. MDS codes recovering up to two erasures have been widely used. Examples of these codes are the EVENODD code and the Row-Diagonal Parity (RDP) code. A competitor of MDS array codes are Reed-Solomon (RS) codes. However, RS codes are based on finite field operations, as opposed to array codes, which are based on simple parity lines. As a consequence, array codes are simpler to implement. I will give a review of array codes and state some of the main challenges to their construction. The talk requires a general knowledge of error-correcting codes, but mainly it will be self-contained.

Non-homogeneous anonymizations

Speaker: Dr. Tamir Tassa (The Open University, Israel)
Date: Sep. 20, 2011 12h30
Abstract: Privacy Preserving Data Publishing (PPDP) is an evolving research field that is targeted at developing anonymization techniques to enable publishing data so that privacy is preserved while data distortion is minimized. Up until recently most of the research on PPDP considered partition-based anonymization models. The approach in such models is to partition the database records into groups and then homogeneously generalize the quasi-identifiers in all records within a group, as a countermeasure against linking attacks. We describe in this talk alternative anonymization models which are not based on partitioning and homogeneous generalization. Such models extend the set of acceptable anonymizations of a given table, whence they allow achieving similar privacy goals with much less information loss. We shall briefly review the basic models of homogeneous anonymization (e.g. k-anonymity and l-diversity) and then define non-homogeneous anonymization, discuss its privacy, describe algorithms and demonstrate the advantage of such anonymizations in reducing the information loss. We shall then discuss the usefulness of those models for data mining purposes. In particular, we will show that the reduced information loss that characterizes such anonymizations translates also to enhanced accuracy when using the anonymized tables to learn classification models.

A short and simple introduction to algebraic-geometric codes

Speaker: Sabine Kampf (Ulm university, Germany)
Date: Sep. 16, 2011 11h00
Place: Universitat Politècnica de Catalunya
Abstract:An introduction to algebraic-geometric (AG) codes, with a focus on Hermitian codes, is given. To keep this introduction shorter and simpler than other introductions only the topics that are essential for the definition of AG codes are treated, and often they are further restricted to a special case. Using the example of Hermitian codes it is shown that almost any certain kind of AG code can be described without knowledge about algebraic geometry. The talk ends with some remarks on decoding Hermitian codes.

An approach to access to control in dynamic environments

Speaker: Prof. Ed Dawson (Information Security Institute, QUT, Australia)
Date: Jun. 13, 2011 11h30
Place: Universitat Politècnica de Catalunya
Abstract: Traditional authorisation models such as RBAC are based on the implicit assumption that an administrator can anticipate the legitimate access needs of users and pre-define an access policy that allocates privileges accordingly. However, as business, government and industry become increasingly information-intensive and interconnected, they exhibit a level of dynamism that seriously challenges the validity of this assumption. This talk will review the motivation for developing authorisation models that can respond to unanticipated changes in users' operational needs without requiring the intervention of an administrator. It will review a number of recent proposals that seek to explicitly include a notion of risk to achieve more flexible access decision making. Finally it will present some of our own work that draws on insights from the field of economics and the insurance literature to deliver an authorisation model where users can acquire unassigned permissions while limiting their power to misuse this dynamic capability.

Applied Cryptography for Privacy & Security

Speaker: Dr. Emmanouil Magkos (Ionian University, Greece)
Date: Apr. 6, 2011 12h00
Place: Universitat Rovira i Virgili
Abstract: A. The Ionian University & the Department of Informatics B. The Privacy vs {Security, Accountability} problem: A high-level theoresis B1. Physical transactions that transform into e-transactions(Cases: e-voting, e-auctions, traitor tracing) B2.Pure e-transactions (Cases: Pervasive Computing Environements - PCEs, Privacy-Preserving Data Mining - PPDM, Location-Based Services (LBS), Vehicular Ad-hoc Networks (VANETs)) C. Conclusions - Discussion

Establishing Pairwise Keys in Wireless Sensor Networks - An Overview

Speaker: Sarita Agrawal (Dhirubhai Ambani Institute of Research of Information and Communication Technology, India)
Date: Feb. 10, 2011 11h00
Place: Universidad de Málaga
Abstract: Wireless Sensor Networks (WSN) have evolved from the first prototypes that were tested in university laboratories to full-fledged applications that measure any kind of information and feed it to large data-mining systems. As these networks are quite vulnerable to various attacks due to their inherent features (e.g. low computational and communication capabilities, wireless channel in a distributed environment), from the very beginning security was considered as a essential requisite in the design of successful WSN deployments. However, there is one particular field that needs to be carefully reviewed: key management schemes (KMS), that is, the algorithms that deploy pairwise keys for securing link-to-link and end-to-end communications. The state of the art in this field is very advanced, but little is known about which scheme should be used in which context. In this talk we will review the most important KMS for WSN and explain in which contexts they can be applied so as to optimize the resources of the network.

Location and Absence Privacy in Geo-Social Networks

Speaker: Carmen Ruiz Vicente (Aalbrog University, Denmark)
Date: Dec. 22, 2010 11h30
Place: Universitat Rovira i Virgili
Abstract: Online social networks often involve very large numbers of users who share very large volumes of content. This content is increasingly being tagged with geo-spatial and temporal coordinates that may then be used in services. For example, a service may retrieve photos taken in a certain region. The resulting geo-aware social networks (GeoSNs) pose privacy threats beyond those found in location-based services. Content published in a GeoSN is often associated with references to multiple users, without the publisher being aware of the privacy preferences of those users. Moreover, this content is often accessible to multiple users. This renders it difficult for GeoSN users to control which information about them is available and to whom it is available. In this talk, we will present GeoSNs as a new emerging trend of online services. We will illustrate two privacy threats that occur in GeoSNs: location privacy and absence privacy. The former concerns the availability of information about the presence of users in specific locations at given times. This threat has been extensively investigated in the context of location-based services; however, its application in a GeoSN setting poses new challenges. The latter is an innovative notion that concerns the availability of information about the absence of an individual from specific locations during given periods of time. In this talk, we will formalize these two notions of privacy in a GeoSN setting, propose techniques for enforcing them with privacy guarantees and finally point out promising directions for future work.

Access Control and Privacy for Data Management Systems

Speaker: Prof. Elena Ferrari (University of Insubria, Italy)
Date: Jul. 30, 2010 11h30
Place: Universitat Politècnica de Catalunya
Abstract:The first part of the course will review basic notions of access control and will present the most significant access control models (DAC, MAC, RBAC, credential-based). The second part will focus on access control for relational data management systems. The access control of System R will be briefly presented together with relevant extensions, such as positive/negative authorizations and noncascading revoke operations. Moreover, access control support provided by the SQL:2003 standard will be discussed. The third part will focus on privacy issues in database systems and will discuss access control models specifically tailored to privacy protection (e.g., hippocratic databases, purpose-based access control). Finally, the fourth part of the course will focus on some recent developments in the field of Web 2.0 data protection. In particular, the course will review some recent proposals for the protection of Social Networks data and relationships. The use of Semantic Web technologies for personalizing web access will also be discussed.