Jean Everson MartinaFederal University of Santa Catarina | UFSC · Departamento de Informática e Estatística
Jean Everson Martina
PhD in Computer Science
About
68
Publications
37,366
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
317
Citations
Citations since 2017
Introduction
Additional affiliations
May 2013 - present
April 2013 - present
Publications
Publications (68)
For the Italian play-writer and 1934 Nobel-Prize winner Luigi Pirandello, a fictional mask is either self-imposed or, in most cases, forced on by society, being what makes life possible. Drawing from that, we believe that due to the non-deterministic nature of the human being, the only way to specify and verify human-tailored security protocols (kn...
Lower renewable energy generator prices are leading people to install solar panels to reduce their electricity bills or, in some cases, even sell the surplus generated energy to the grid and earn credits from the grid operator. Generally, they are limited to trading the energy they generate with the grid company, which has a dominant role in price...
Data science has increased the capacity to analyze buildings, infrastructure, and urban systems, expanding the scope and impact of management and design decisions. The interdependence between users' privacy and the responsible algorithms is essential in the methodology. Here, studies inquire into this issue in the face of the General Law for the Pr...
Introdução: o comportamento suicida é um problema de saúde pública, portanto é essencial a oferta de recursos para prevenção e amparo da pessoa em sofrimento Objetivo: identificar funcionalidades em aplicativos de smartphone internacionais para criação de aplicativo brasileiro para prevenção do comportamento suicida. Método: revisão de aplicativos...
Steganography is one of the ways to hide data between parties. Its use can be worrisome, e.g., to hide illegal communications. Researchers found that public blockchains can be an attractive place to hide communications; however, there is not much evidence of actual use in blockchains. Besides, previous work showed a lack of steganalysis methods for...
Timestamps allow us to identify a date and time when a piece of data existed or an event took place. For example, we use timestamps to establish the date when we grant a patent. Services that offer trusted timestamps on the blockchain exist, where one creates a timestamp on a value by sending the blockchain a transaction containing the value, which...
The great extension of Brazil's territory, combined with its demographics of more than 200 million inhabitants, results in a complex, slow and expensive notary system. Blockchain technologies can be of huge help in this scenario. It provides a decentralized peer-to-peer way of storing and validating documents. In this article, we start the discussi...
Steganography has been used as a way to hide data in files or in messages traveling on communication channels. Its use can be worrisome when it is used without proper authorization. Recently, it has been detected that there are arbitrary files included in the public blockchain of the Bitcoin cryptocurrency. The main concern arises when such data in...
Muitas das interações com os sistemas de governo eletrônico (e-gov) no Brasil são realizadas por meio do uso de certificados digitais emitidos por uma infraestrutura de chaves públicas controlada pelo governo (ICP-Brasil). Os certificados digitais são uma ferramenta perfeita para que pessoas se passarem por outras pessoas virtualmente, roubando ass...
Blockchains oferecem propriedades como descentralização, transparência, pseudo-anonimização e integridade de dados. Combinadas com contratos inteligentes, elas permitem o desenvolvimento de aplicativos e acordos descentralizados sem a necessidade de terceiros confiáveis. Elas também podem funcionar como ferramentas para a melhoria de processos de g...
A extensão do território brasileiro, combinado com sua demografia de mais de 200 milhões de habitantes, resulta em um sistema cartorário complexo, caro e lento. Tecnologias de blockchain podem ser de grande ajuda neste cenário. Elas nos provêm uma maneira distribuída de armazenar e validar dados em uma rede peer-to-peer descentralizada. Neste artig...
IoT (Internet-of-things) platforms can connect sensors and devices along supply chains of production and logistics systems, as well as end users of products, allowing for co-designed and customized solutions. This paper aims to present perspectives for the IoT-based integration of manufacturing lines. More specifically, it will address the implemen...
Internet of things (IoT) and Fog computing applications deal with sensitive data and need security tools to be protected against attackers. CoAP (Constrained Application Protocol), combined with DTLS (Datagram Transport Layer Security), provides security to IoT/Fog applications. However, processing times need to be considered when using this combin...
Car insurance companies worldwide have launched reward programs that provide benefits (e.g., cash-back) to good drivers. However, two issues may arise from these programs. First, drivers cannot easily verify whether their insurer is properly following the program rules upon computing their rewards. The second issue is that privacy can be violated w...
Higher Education Degree Certificates in Brazil are a tool for social mobility. Access to higher education is still an issue in a developing economy with continental size and historic inequalities. Some people see this combination as an opportunity to exploit the system, producing fake degree certificates, or issuing official degree certificates to...
O objetivo desta apresentação é descrever um sistema que está sendo atualmente implementado na Universidade Federal de Santa Catarina para a criação de documentos eletrônicos assinados digitalmente utilizando a Infraestrutura de Chaves Públicas para Ensino e Pesquisa (ICPEDU). Neste sistema adotamos uma estrutura similar à utilizada na infraestrutu...
A 60-year-old Brazilian university campus reflects its development actions throughout history. The degradation of its water streams and automobiles prioritization has significantly impacted the ecosystems’ resilience and the university’s activities. This article explores data analytics and visualization of Wi-Fi authentication processes, whose data...
The validation of academic credits and issuance of academic degree certificates in the Brazilian education system currently occurs in a semi or completely noncomputerized way. The actual digitization of this system could make it more secure and decrease bureaucracy in terms of document validation, saving in storage and labor. Due to the recent incr...
This article is a curated transcription of the discussion that took place at the workshop when the author presented the paper.
In this paper we argue that we must impoverish (or enrich in a different sense) threat models in order to be able to verify fail-safe security protocols that include human peers (a.k.a. security ceremonies). Some of the threat models we use nowadays for establishing the security of communication protocols are far too much concerned with failing dea...
The teaching of sorting algorithms is an essential topic in undergraduate computing courses. Typically the courses are taught through traditional lectures and exercises involving the implementation of the algorithms. As an alternative, this article presents the design and evaluation of three educational games for teaching Quicksort and Heapsort. Th...
Patient-centered medical systems promote empowerment of patients, who can decide on the accesses and usage of their personal data. To inspire a sense of trust and encourage the adoption of such systems, it is desired to allow one to verify whether the system has acted in accordance with the patients’ preferences. However, it is argued that even aud...
In managing administrative processes of the Public University, the impacts innovation directly in organizational culture, to suggest changes in the way people do their jobs. The use of technology can mitigate this impact, if it has simplified the process and generate benefits to people in carrying out their tasks. This article aims to analyze the p...
In this paper we verify the security aspects of a cross-layer, application-oriented communication protocol for Wireless Sensor Networks (WSN). The Trustful Space-Time Protocol (TSTP) encompasses a majority of features recurrently needed by WSN applications like medium access control, geographic routing, location estimation, precise time synchroniza...
Telemedicine systems require authentication services that are strong enough to ensure confidentiality and privacy of data and, at the same time, flexible to meet the needs of professionals and patients. The focus of this paper is the validations of a new authentication process. We propose an authentication service for telemedicine based on web serv...
In recent years, there has been a trend for developing single sign-on systems. One alternative to deploy such systems is the use of Federated Identity Management systems. We argue that it is possible to use identity federations to automate the digital certificate issuance and use these certificates to authenticate back into federations. We use the...
O ensino de algoritmos de ordenação nas disciplinas de estrutura de dados, dos cursos da área de Computação, tipicamente é realizado por meio de aula-expositiva e implementação de algoritmos pelos alunos. Com objetivo de apoiar o ensino de algoritmos, o artigo apresenta o jogo SORTIA 2.0, que visa ensinar o algoritmo de ordenação Heapsort através d...
This is a book for people who teach programming. We have been using Moodle/VPL in Computer Sciences and Engineering courses at UFSC for some years now and this book reflects our experiences. It is not only a step-by-step manual for the novice teacher wanting to start to use VPL in her lectures, but also a detailed report, describing experiences tha...
Multicast, originally designed as an efficient way of broadcasting content, is being used in security protocols. Multicast security protocols are difficult to verify using model checking because they typically involve a large number of participants. Likewise, the exponential growth of knowledge being distributed during protocol run is a challenge....
Helios é um sistema de votação online, que permite aos eleitores verificarem se seu voto foi corretamente computado pela cabine de votação e armazenado para contabilização final dos votos. Melhorias visando a usabilidade foram propostas por Neumann, são elas o uso de a) diversos independentes institutos de verificação e b) aplicativo para smartphon...
![Fig. 1. Construction of the machine-readable zone[16]](profile/Felipe-Sasso/publication/269629982/figure/fig1/AS:392095031414794@1470494148138/Construction-of-the-machine-readable-zone16_Q320.jpg)
![Fig. 2. Data groups [16]](profile/Felipe-Sasso/publication/269629982/figure/fig2/AS:392095031414798@1470494148172/Data-groups-16_Q320.jpg)
A lot of effort has been made recently to build academic federations. However some issues are still open. The first is off-line authentication. Today's model of federation re-quires systems to work on-line and synchronously, what limits its use for some applications. Second, the data federated institutions make available is only for computer system...
Ever since Needham and Schroeder introduced the notion of an active attacker, significant research has been conducted regarding protocol design and analysis to verify that the protocols’ goals are robust against this type of attacker. Nowadays, the Dolev-Yao threat model is the most widely accepted attacker model for the analysis of security protoc...
form only given. Since Needham and Schroeder introduced the idea of an active attacker, a lot of research has been made on the technical side of information security in order to verify the protocols' claims against this type of attacker. Nowadays, the Dolev-Yao threat model is the most widely accepted attacker model for that. Consequently, we tend...
It is a mistake to assume that each embedded object in the Internet of Things will implement a TCP/IP stack similar to those present in contemporary operating systems. Typical requirements of ordinary things, such as low power consumption, small size, and low cost, demand innovative solutions. In this article, we describe the design, implementation...
Multicast, originally designed as an efficient way of broad-casting content, is increasingly used in security protocols. Multicast se-curity protocols are difficult to verify using model checking because they typically involve a large number of participants and because of the ex-ponentially growth of knowledge distribution. Multicast is a general w...
Since Needham and Schroeder introduced the idea of an active attacker, a lot of research has been made in the protocol design and analysis area in order to verify the protocols' claims against this type of attacker. Nowadays, the Dolev-Yao threat model is the most widely accepted attacker model in the analysis of security protocols. Consequently, t...
We present a proposal for a new multi-factor authentication scheme through the use of biometrics and smart-cards. Targeted to the Brazilian court system, which is being redesigned, the main goals of this protocol are to provide adequate division between authentication and authorisation services, as well as, the existence of different roles for impr...
Over an insecure network, agents need means to communicate securely. To these means we often call security protocols. Security protocols, although constructed over the arrangement of simple security blocks, normally target the yielding of complex goals. They seem simple at a first glance, but hide subtleties that allow them to be exploited. One way...
The concept of a ceremony as an extension of network and security protocols was introduced by Ellison. There are no currently available methods or tools to check correctness of the properties in such ceremonies. The potential application for security ceremonies are vast and fill gaps left by strong assumptions in security protocols. Assumptions inc...
Multicast, originally designed as an efficient way of broadcasting content, is increasingly used in security protocols. Multicast security protocols are difficult to verify using model checking because they typically involve a large number of participants and because of the exponentially growth of knowledge distribution. Multicast is a general way...
Ceremonies are a useful tool to HSMs in PKI environments. They state operational procedures and usage scenarios. Their correct construction can lead to a safer operation. This paper presents basic ceremony procedures to manage the life cycle of cryptographic keys and ideas of requirements needed to assure security throughout the usage of ceremonies...
![Figure 3. Interaction model by Rukš˙ enas et al.[8]](profile/Ricardo-Custodio/publication/220775725/figure/fig2/AS:394020074344454@1470953114371/Interaction-model-by-Ruks-enas-et-al8_Q320.jpg)
Ceremonies are a useful tool to establish trust in scenarios where protocols operate. They describe a greater range of issues not taken into account by protocol designers. We take an already-designed protocol and ceremony for a key management protocol operating in a Public-Key Infrastructure environment and test it using a formal method. The ceremo...
The aim of this study is to analyse the business risks involved in electronic transactions, in particular, those regarding the Brazilian Electronic Bill of Sale case. The research problem is that there are different technological security tools with different security levels that impact directly in the business risk. We try to construct a simple gu...
A program was built to hide an arbitrary file inside audio using three different methods based on current research in the field. Standard libraries were used to compress (with bzip2) and encrypt (using AES) the data before it is embedded. The error-correcting Hamming and Golay codes were implemented to increase the system's resistance to malicious...
Ceremonies are a useful tool to HSMs in PKI environments. They state operational procedures and usage scenarios. Their correct construction can lead to a safer operation. This paper presents basic ceremony procedures to manage the life cycle of cryptographic keys and ideas of requirements needed to assure security throughout the usage of ceremonies...
A Nota Fiscal Eletrônica Nacional(NF-e) é uma legislação tributária que institui a versão digital da nota fiscal modelo 1/1-A, usada principalmente para declarar operações de venda de mercadorias entre empresas em tempo real, substituindo o documento fiscal impresso. Este artigo formaliza e analisa os protocolos de envio e confirmação de processame...
Hardware Security Modules (HSMs) are an useful tool to deploy public key infrastructure (PKI) and its applications. This paper presents necessary procedures and protocols to perform backup and audit in such devices when deployed in PKIs. These protocols were evaluated in an implementation of a real HSM, enabling it to perform secure backups and to...
The concept of ceremony as an extension to network/security protocols was introduced by Ellison. No methods or tools to check correctness or the properties in such ceremonies are currently available. The applications for security ceremonies are vast and normally fill gaps left by strong assumptions in security protocols, like provisioning of crypto...
The private keys used in a PKI are its most important asset. Protect these keys from unauthorised use or disclosure is essential to secure a PKI. Relying parties need assurances that the private key used to sign their certificates is controlled and managed following pre-defined statement policy. Hardware Security Modules (HSM) offer physical and lo...
The private keys used in a PKI are its most important asset. Protect these keys from unauthorised use or disclosure is essential
to secure a PKI. Relying parties need assurances that the private key used to sign their certificates is controlled and managed
following pre-defined statement policy. Hardware Security Modules (HSM) offer physical and lo...
This project concerns the implementation of a framework for locating and operating a remote computer that connects to the Internet. The framework consists of three key pieces of software, written in Java. This implementation fulfils the requirements of being able to install and remove capabilities via the addition and removal of plugins on the fram...
The project involved creating a pair of programs that allow arbi-trary files to be hidden in cover HTTP network traffic. The server and client are implemented as plugins to a web server and a web browser respectively, which communicate using opaque data in a selection of HTTP header fields. The project involved created a pair of plugin programs tha...
We describe a system able to produce trusted digital signatures in electronic documents even on untrustworthy computational platforms. In our system, all signatures executed by a certain platform are recorded by a trusted third party for comparison in case of dispute. Furthermore, we propose the use of auditable code execution and time restrictions...
The Brazilian Electronic Bill of Sale(NF-e) is a taxing legislation that establishes an electronic system to replace the actual paper-based goods ta- xing system. It is used to declare to the government operations related with buying and selling goods between companies in real time, replacing the actual paperwork. This paper aims to formalise and a...
This paper presents the deployment of a Hardware Security Module in a Public Key Infrastructure. Its main contribution is improvements to the auditing system and backup operations. It covers descriptions of sub-protocols used by the OpenHSM to enable it to perform secure backups and provide an audit trail. It also introduces a ceremony procedure to...
An application was completed that runs on the Android mobile phone platform. The application allows its users to send and receive text messages that are encrypted with the Advanced Encryption Standard using hashing algorithms or Elliptic Curve Diffie-Hellman for key creation. Cer-tificates can also be created, signed, verified and sent to others us...
We have been investigating the formalisation of security pro-tocols involving multicast communications. Our formalisation has been done using the Inductive Method and the theorem prover Isabelle. Our objective in this paper is to show the importance of having tools that support the challenge of verifying such protocols, as well as to call to the re...
Projects
Projects (9)
A fragmentação dos espaços de pesquisa e aprendizagem do câmpus universitário e seu impacto ambiental são os principais fatores responsáveis pelas intervenções recentes mais significativas em câmpus universitários que buscam a inovação através da integração entre as diferentes áreas do conhecimento e da criação de novas oportunidades de relações com a cidade e o meio ambiente. Esta pesquisa busca avaliar oportunidades de associação das dinâmicas da comunidade acadêmica da Universidade Federal de Santa Catarina e dos bairros vizinhos com as dinâmicas naturais, especialmente das áreas próximas aos córregos dentro do câmpus, através de projetos regenerativos. Estes projetos visam a recuperação de áreas naturais degradadas, criando novas possibilidades para a regeneração dos ecossistemas associada à criação de oportunidades para a renovação do câmpus e da própria universidade. Enquanto a avaliação das dinâmicas naturais possui instrumentos que vêm sendo implementados no câmpus, como por exemplo, para monitorar a qualidade dos cursos d?água, não contamos com instrumentos confiáveis para identificar as dinâmicas humanas no câmpus. A pesquisa por instrumentos para esta avaliação, especialmente através das conexões de wi-fi realizadas em centenas de roteadores espalhados pelo câmpus, com registros de mais de dez anos, é o principal objetivo deste projeto de pesquisa. Estes dados brutos possuem grande complexidade e envolvem riscos que devem ser avaliados com cuidado, como por exemplo, a qualidade destes dados, a privacidade e segurança dos usuários que realizam estas conexões, vazamento de dados, etc. Para avaliar a qualidade dos dados, propomos realizar monitoramentos alternativos através de câmeras digitais e drones e uma colaboração com o Laboratório de Segurança em Computação (LABSEC/UFSC) permitirá buscar algoritmos de pesquisa para garantir o anonimato dos dados coletados. Estratégias para o futuro da universidade serão propostas a partir da análise deste conjunto de dados, informações e pesquisas.
The project aims to analyze the operational, economic and social viability of implementing an IoT platform for distributed and highly automated manufacturing lines destined to the manufacture of customized items (for personalized medical treatment).
The IoT platform (INCANTO platform) aims to connect sensors and devices along a supply chain of intelligent production and logistics systems, as well as end users of medical products, actively mobilizing a process of co-designing customized solutions.
The project comprises resources for the mobility of faculty and students from Brazil to International Partners and vice versa. In particular, the exchange aims to reinforce the insertion of UFSC in the international scenario.
Keywords: Advanced manufacturing; Industry 4.0; Cyber-Physical Systems (CPS); Internet of Things (IoT); mass customization; supply chains; intelligent production and logistics systems