Jorge Bernal BernabeUniversity of Murcia | UM · Department of Information and Communication Engineering
Jorge Bernal Bernabe
PhD in Computer Science
About
103
Publications
54,280
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,776
Citations
Introduction
Jorge Bernal Bernabe received the MSc, Master, and PhD in Computer Science as well as an MBA from the University of Murcia (Spain). Currently, he is an Associate Professor in the Department of Information and Communications Engineering of the University of Murcia. During the last years, he has been working in several European research projects in FP7 and H2020, such as Semiramis, Inter-Trust, SocIoTal, ARIES, CyberSec4Europe, Olympus, ANASTACIA or Inspire5GPlus.
Publications
Publications (103)
Cloud computing is an emerging paradigm to offer on-demand IT services to customers. The access control to resources located in the cloud is one of the critical aspects to enable business to shift into the cloud. Some recent works provide access control models suitable for the cloud; however there are important shortages that need to be addressed i...
Internet of Things environments are comprised of heterogeneous devices that are continuously exchanging information and being accessed ubiquitously through lossy networks. This drives the need of a flexible, lightweight and adaptive access control mechanism to cope with the pervasive nature of such global ecosystem, ensuring, at the same time, reli...
Security and privacy concerns are becoming an important barrier for large scale adoption and deployment of the Internet of Things. To address this issue, the identity management system defined herein provides a novel holistic and privacy-preserving solution aiming to cope with heterogeneous scenarios that requires both traditional online access con...
Blockchains offer a decentralized, immutable and verifiable ledger that can record transactions of digital assets, provoking a radical change in several innovative scenarios, such as smart cities, eHealth or eGovernment. However, blockchains are subject to different scalability, security and potential privacy issues, such as transaction linkability...
The Internet of Things brings a multi-disciplinary revolution in several application areas. However, security and privacy concerns are undermining a reliable and resilient broad-scale deployment of IoT-enabled Critical Infrastructures (IoT-CIs). To fill this gap, this paper proposes a comprehensive architectural design that captures the main securi...
The management of network intelligence in Beyond 5G (B5G) networks encompasses the complex challenges of scalability, dynamicity, interoperability, privacy, and security. These are essential steps towards achieving the realization of truly ubiquitous Artificial Intelligence (AI)-based analytics, empowering seamless integration across the entire Con...
This paper presents an architectural proposal for enhancing anomaly detection in the CyberSec4Europe project use case Open Banking. It proposes a trusted privacy-preserving ecosystem of threat intelligence platforms, based on MISP, to automatically exchange and process cyber threat information in an auditable and privacy-preserving manner. Addition...
The increase in the interconnection of physical devices and the emergence of the 5 G paradigm foster the generation and distribution of massive amounts of data. The complexity associated with the management of these data requires a suitable access control approach that empowers citizens to control how their data are shared, so potential privacy iss...
The pervasiveness of Internet of Things (IoT) has made the management of computer networks more troublesome. The softwarized control provided by Software-Defined Networking (SDN) is not sufficient to overcome the problems raising in this context. An increasing number of attacks can, in fact, occur in SDN-aware IoT networks if the security configura...
This paper summarizes the contents and presentations held at a workshop at the IFIP Summer School on Privacy and Identity Management 2021, focusing on privacy-preserving identity management. In this document, we first introduce the necessary background on privacy-preserving identity management, including core cryptographic concepts. We then present...
Network Function Virtualization (NFV) and Software Distributed Networking (SDN) technologies play a crucial role in enabling 5G system and beyond. A synergy between these both technologies has been identified for enabling a new concept dubbed service function chains (SFC) that aims to reduce both the capital expenditures (CAPEX) and operating expen...
The application of Machine Learning (ML) techniques to the well-known intrusion detection systems (IDS) is key to cope with increasingly sophisticated cybersecurity attacks through an effective and efficient detection process. In the context of the Internet of Things (IoT), most ML-enabled IDS approaches use centralized approaches where IoT devices...
Federated Learning (FL) has attracted significant interest given its prominent advantages and applicability in many scenarios. However, it has been demonstrated that sharing updated gradients/weights during the training process can lead to privacy concerns. In the context of the Internet of Things (IoT), this can be exacerbated due to Intrusion Det...
Despite the latest efforts to foster the adoption of privacy-enhancing Attribute-Based Credential (p-ABC) systems in electronic services, those systems are not yet broadly adopted. The main reasons behind this are performance efficiency issues, lack of interoperability with standards, and the centralized architectural scheme that relies on a unique...
The growing availability of mobile devices has lead to an arising development of smart cities services that share a huge amount of (personal) information and data. Without accurate and verified management, they could become severe back-doors for security and privacy. In this paper, we propose a smart city infrastructure able to integrate a distribu...
With the strong development of the Internet of Things (IoT), the definition of IoT devices’ intended behavior is key for an effective detection of potential cybersecurity attacks and threats in an increasingly connected environment. In 2019, the Manufacturer Usage Description (MUD) was standardized within the IETF as a data model and architecture f...
Lack of standardization and the subsequent difficulty of integration has been one of the main reasons for the scarce adoption of privacy-preserving Attribute-Based Credentials (p-ABC). Integration with the W3C's Verifiable Credentials (VC) specification would help by encouraging homogenization between different p-ABC schemes and bringing them all c...
The application of Machine Learning (ML) techniques to the well-known intrusion detection systems (IDS) is key to cope with increasingly sophisticated cybersecurity attacks through an effective and efficient detection process. In the context of the Internet of Things (IoT), most ML-enabled IDS approaches use centralized approaches where IoT devices...
Identity Management (IdM) systems have traditionally relied on a centralized model prone to privacy, trust, and security problems, like potential massive data breaches or identity spoofing. Identity providers accumulate excessive power that might allow them to become a big brother, analyzing and storing as much data as possible. Users should be abl...
The emerging fifth-generation (5G) mobile networks are empowered by softwarization and programmability, leading to the huge potentials of unprecedented flexibility and capability in cognitive network management such as self-reconfiguration and self-optimization. To help unlock such potentials, this paper proposes a novel framework that is able to m...
SlowDoS attacks exploit slow transmissions on application-level protocols like HTTP to carry out denial of service against web-servers. These attacks are difficult to be detected with traditional signature-based intrusion detection approaches, even more when the HTTP traffic is encrypted. To cope with this challenge, this paper describes and AI-bas...
The Fifth Generation (5G) mobile networking coupled with Internet of Things (IoT) can provide innovative solutions for a wide range of uses cases. The flexibility of virtualized, softwarized and multi-tenant infrastructures and the high performance promised by 5G technology are key to cope with the deployment of the IoT use cases demanded by variou...
Zero-touch network and Service Management (ZSM) exploits Network Function Virtualization (NFV) and Software-Defined Networking (SDN) to efficiently and dynamically orchestrate different Service Function Chaining (SFC), whereby reducing capital expenditure and operation expenses. The SFC is an optimization problem that shall consider different const...
Besides its classical three service models (IaaS, PaaS, and SaaS), container as a service (CaaS) has gained significant acceptance. It offers without the difficulty of high-performance challenges of traditional hypervisors deployable applications. As the adoption of containers is increasingly wide spreading, the use of tools to manage them across t...
More and more people are concerned about data privacy and this is applicable to vehicular scenarios in which on-board units (OBU) and user devices are exposed to traceability across different access networks and service domains. General Data Protection Regulation (GDPR) in European countries indicates the way to proceed to guarantee privacy and acc...
The promise of disparate features envisioned by the 3GPP for 5G, such as offering enhanced Mobile Broadband connectivity while providing massive Machine Type Communications likely with very low data rates and maintaining Ultra Reliable Low Latency Communications requirements, create a very challenging environment for protecting the 5G networks them...
Computer security incident response teams typically rely on threat intelligence platforms for information about sightings of cyber threat events and indicators of compromise. Other security building blocks, such as Network Intrusion Detection Systems, can leverage the information to prevent malicious adversaries from spreading malware across critic...
The distribution of Internet of Things (IoT) devices in remote areas and the need for network resilience in such deployments is increasingly important in smart spaces covering scenarios, such as agriculture, forest, coast preservation, and connectivity survival against disasters. Although Low-Power Wide Area Network (LPWAN) technologies, like LoRa,...
Software Defined Network (SDN) and Network Function Virtualization (NFV) are bringing many advantages to optimize and automatize security management at the network edge, enabling the deployment of virtual network security functions (VSFs) in MEC nodes, to strengthen the end-to-end security in IoT environments. The benefits could exploit in mobile M...
IoT systems can be leveraged by Network Function Virtualization (NFV) and Software-Defined Networking (SDN) technologies, thereby strengthening their overall flexibility, security and resilience. In this sense, adaptive and policy-based security frameworks for SDN/NFV-aware IoT systems can provide a remarkable added value for self-protection and se...
Despite the latest research efforts to foster mobility and roaming in heterogeneous Low Power Wide Area Networks (LP-WANs) networks, handover roaming of Internet of Things (IoT) devices is not a success mainly due to fragmentation and difficulties to establish trust across different network domains as well as the lack of interoperability of differe...
Internet of Things security is attracting a growing attention from both academic and industry communities. Indeed, IoT devices are prone to various security attacks varying from Denial of Service (DoS) to network intrusion and data leakage. This paper presents a novel machine learning (ML) based security framework that automatically copes with the...
As the IoT adoption is growing in several fields, cybersecurity attacks involving low-cost end-user devices are increasing accordingly, undermining the expected deployment of IoT solutions in a broad range of scenarios. To address this challenge, emerging Network Function Virtualization (NFV) and Software Defined Networking (SDN) technologies can i...
Despite the advantages that the Internet of Things (IoT) will bring to our daily life, 1 the increasing interconnectivity, as well as the amount and sensitivity of data make IoT devices an 2 attractive target for attackers. To address this issue, the recent Manufacturer Usage Description (MUD) 3 standard has been proposed to describe network access...
The increasing popularity of video applications and ever-growing high-quality video transmissions (e.g. 4K resolutions), has encouraged other sectors to explore the growth of opportunities. In the case of health sector, mobile Health services are becoming increasingly relevant in real-time emergency video communication scenarios where a remote medi...
Privacy enhancing technologies (PETs) allow to achieve user’s transactions unlinkability across different online Service Providers. However, current PETs fail to guarantee unlinkability against the Identity Provider (IdP), which becomes a single point of failure in terms of privacy and security, and therefore, might impersonate its users. To addres...
The fourth industrial revolution is being mainly driven by the integration of Internet of Things (IoT) technologies to support the development lifecycle of systems and products. Despite the well-known advantages for the industry, an increasingly pervasive industrial ecosystem could make such devices an attractive target for potential attackers. Rec...
Despite several efforts in the last years to make Identity Management Systems (IdMs) reliable, secured and privacy-respectful, identity-related cybercrimes are still continuously expanding. Current IdMs lack of proper security and privacy mechanisms that can holistically manage user’s privacy, strong authentication and ID-proofing mechanisms based...
The continuous, rapid and widespread usage of ICT systems, the constrainedand large-scale nature of certain related networks such as IoT (Internet ofThings), the autonomous nature of upcoming systems, as well as the newcyber-threats appearing from new disruptive technologies, are given riseto new kind of cyberattacks and security issues. In this se...
Identity-theft, fraud and other related cyber-crimes are continually evolving, causing important damages and problems for European citizens in both virtual and physical places. To meet this challenge, ARIES has devised and implemented a reliable identity management framework endowed with new processes, biometric features, services and security modu...
This book chapter presents the main key innovations being devised, implemented and validated in the scope of Anastacia H2020 EU research project, to meet the cybersecurity challenge of protecting dynamically heterogenous IoT scenarios, endowed with SDN/NFV capabilities, which face evolving kind of cyber-attacks. The key innovations encompasses, amo...
Cybersecurity and Privacy issues are becoming an important barrier for a trusted and dependable global digital society development. Cyber-criminals are continuously shifting their cyber-attacks specially against cyber-physical systems and IoT, since they present additional vulnerabilities due to their constrained capabilities, their unattended natu...
This chapter includes an overview of latest research activities in the field of
IoT security and privacy. It illustrates main trends in the cybersecurity
domain related to IoT devices, including privacy issues, and surveys the main privacy threats in IoT focuses on the urgent (and often neglected) topic of privacy within the IoT arena, considering...
The increase of Software Defined Networks (SDN) and Network Function Virtualization (NFV) technologies is bringing many security management benefits that can be exploited at the edge of Internet of Things (IoT) networks to deal with cyber-threats. In this sense, this paper presents and evaluates a novel policy-based and cyber-situational awareness...
Internet of Things (IoT) is a key business driver for the upcoming fifth-generation (5G) mobile networks, which in turn will enable numerous innovative IoT applications such as smart city, mobile health, and other massive IoT use cases being defined in 5G standards. To truly unlock the hidden value of such mission-critical IoT applications in a lar...
As the Internet of Things evolves, citizens are starting to change the way they share information and communicate with their surrounding environment, enabling a constant, invisible and sometimes unintended information exchange. This trend raises new challenges regarding user's privacy and personal consent about the disclosure of personal data that...
Billions of Internet of Things (IoT) devices are expected to populate our environments and provide novel pervasive services by interconnecting the physical and digital world. However, the increased connectivity of everyday objects can open manifold security vectors for cybercriminals to perform malicious attacks. These threats are even augmented by...
Fog/edge computing, function as a service, and programmable infrastructures, like software-defined networking or network function virtualisation, are becoming ubiquitously used in modern Information Technology infrastructures. These technologies change the characteristics and capabilities of the underlying computational substrate where services run...
This paper proposes a novel policy-based framework to manage Authentication, Authorization and Accounting (AAA) and Channel Protection security functions in IoT networks enabled with Software defined Networks (SDN) and Network Function Virtualization (NFV) technologies. The virtual AAA, including network authenticators, are deployed as VNF dynamica...
Fog/edge computing, function as a service, and programmable infrastructures, like software-defined networking or network function virtualisation, are becoming ubiquitously used in modern Information Technology infrastructures. These technologies change the characteristics and capabilities of the underlying computational substrate where services run...
As the Internet of Things evolves, security and privacy aspects are becoming the main barriers in the development of innovative and valuable services that will transform our society. One of the biggest challenges in IoT lies in the design of secure and privacy-preserving solutions guaranteeing privacy properties such as anonymity, unlinkability, mi...
The pervasive nature of Internet of Things entails additional threats that compromise the security and privacy of IoT devices and, eventually, the users. This issue is aggravated in constrained IoT
devices equipped with minimal hardware resources. Current security and privacy implementations need to be re-designed and implemented maintaining its Le...
This paper introduces the ARIES identity ecosystem aimed at setting up a reliable identity framework comprising new technologies, processes and security features that ensure highest levels of quality in secure credentials for highly secure and privacy-respecting physical and digital identity management processes. The identity ecosystem is being dev...
This article presents an innovative approach to address a rapidly evolving and polymorphic threat environment related to the emergence of the Internet of Things in the global Internet, with a focus on Cyber Physical Systems, Cloud architecture and SDN/NFV technologies. The article presents the view and methodological approach of ANASTACIA research...
The emergence of the Internet of Things paradigm promises a multi-disciplinary revolution covering different spheres of our daily lives. However, the ubiquitous nature of IoT requires inclusive approaches in order to agree on a common understanding about its implications. Particularly, in order to unlock its huge potential and maximize its benefits...
Self-management of smart objects to create trust relationships among them is becoming more and more important in the Internet of Things and Big Data domains. As a result, the present proposal devises a novel approach to automatically compose opportunistic aggregations of objects (bubbles) based on Complex Event Processing (CEP) and fuzzy clustering...