Specification and unattended deployment of home networks at the edge of the network

Consumer devices continue to expand their capabilities by connecting to digital services and other devices to form information-sharing ecosystems. This is complex and requires meeting connection requirements and minimal processing capabilities to ensure communication. The emergence of new services, and the evolution of current technologies, constantly redefine the rules of the game by opening up new possibilities and increasing competition among service providers. Paradigms such as edge computing, softwarization of physical devices, self-configuration mechanisms, definition of software as a code and interoperability between devices, define design principles to be taken into account in future service infrastructures. This work analyzes these principles and presents a programmable architecture in which services and virtual devices are instantiated in any computing infrastructure, as cloud or edge computing, upon request according to the needs specified by service providers or users. Considering that the target computing infrastructures are heterogeneous, the solution defines network elements and provides network templates to ensure it can be deployed on different infrastructures irrespectively of the vendor. A prototype has been developed and tested on a virtualized cloud-based home network relying on open source solutions.This work was supported in part by the Project MAGOS under Grant TEC2017-84197- C4-1-R; in part by the Comunidad de Madrid (Spain) through the Project CYNAMON under Grant P2018/TCS-4566; and in part by the European Structural Funds (ESF and FEDER)

Contribuciones a protocolos y mecanismos de análisis y decisión para control de acceso en entornos distribuidos

MarkWeiser estableció que las tecnologías más profundas son aquellas que no vemos, que no requieren intervención del usuario, que desaparecen. . . . Esta visión de Weiser recibe el nombre de Computación Ubicua: dispositivos que se integran de forma amigable con los humanos de modo que la interacción se realiza de forma inconsciente. Estos dispositivos, desde dispositivos personales, hasta dispositivos implantados en el cuerpo, pasando por ropa inteligente, elementos de visualización, etc. han evolucionado no sólo en capacidad de cómputo, sino en capacidad de comunicación. Las tecnologías radio proporcionan mayor cobertura, velocidades de enlace superiores y calidad de servicio mejorada lo que les proporciona capacidad para conectarse a distintas redes y proveedores, así como constituir nuevas redes entre pares sin necesidad de infraestructura. El ambiente que nos rodea puede considerarse, por tanto, un entorno dinámico, formado por una población de dispositivos y servicios con alta movilidad, ricos en información de contexto y con un mayor número posibilidades de constituir redes. Este hecho nos lleva a la necesidad de procesar la información de contexto para operar por debajo de la consciencia de usuario; presentar al usuario esa información de contexto, de forma intuitiva, e inclusive tratar de imitar su forma de pensar o resolver problemas; no requerir intervención del usuario en cuestiones cotidianas, como seleccionar puntos de acceso u otros dispositivos con los que interactuar. Además, la seguridad es una pieza fundamental en estos entornos, dado que la movilidad aumenta el número de interacciones y los riesgos. Dado el gran número de dispositivos existentes en estos entornos y la gran distribución y replicación de los servicios, los dispositivos personales deben asistir al usuario en los procesos de control de acceso distribuido. Esta tesis define unos objetivos y un marco de trabajo orientado a mejorar el control de acceso, respetando la autonomía de todos los actores como dispositivos, elementos de red, servicios. . . , permitiendo que, mediante mecanismos de decisión y selección, se pueda negociar de forma flexible el acceso a los servicios y que, utilizando extensiones a protocolos de seguridad, se facilite el acceso a los mismos. Por otro lado, la tesis se enfocará también en hacer la seguridad más usable y eficaz; capaces de comunicar eficazmente a los humanos la información de seguridad, analizando sistemas de comunicación gráfica con el usuario, que permitan a personas sin conocimientos técnicos entender los riesgos de determinadas acciones. ___________________________________________Mark Weiser stated that the most profound technologies are those that disappear, those that do not require user intervention, those that we forget. . .Ubiquitous computing describes devices integrating friendly with humans in such a way that interactions become unconscious. Ubiquitous devices, that range from personal devices to body implanted devices, including smart clothes, visualization devices. . .have evolved not only increasing their computing performance, but also their communication capacity. Radio technologies provide now more coverage, increased link speeds and improved quality of service; so they can connect to many different network and even constitute peer to peer networks when there is no infrastructure. Context information processing is needed to work under users’ consciousness threshold; to intuitively show context information to the user; to mimick users’ way of thinking; to avoid disturbing the user requiring his intervention for regular tasks, as selecting the best access point or peer to interact with.Moreover, security is the key topic for this environments since the increasing mobility raise interaction rate and, thus, the risk of attack. So, the great number of devices present in these environments, together with the ubiquitous service availability, makes necessary to develop smart mechanisms for assisting the user to face distributed access control tasks. This thesis aims at improving access control, respecting the autonomy and independence of every actor: devices, network elements and services. . . I define a framework which provides selection and decision engines that allow accessing to services with a flexible yet fair negotiation. I have also defined security protocol extensions, to communicate requirements and credentials that guarantee the fairness of the process. Furthermore, this thesis focuses on making user-device interaction more effective in terms of risks communication: analyzing data processing techniques that produce results that can be visually interpreted. So users with no technical knowledge could understand the risks of their actions

Análisis de indicadores de gastos y costes del transporte urbano colectivo en España para los años 2014-2015

En la presente comunicación tratamos la realidad interna de gastos y costes de las empresas del sector del transporte urbano colectivo en España durante el período 2014-2015, a través de análisis realizados sobre la información de la base de datos desarrollada por el Observatorio de Costes y Financiación del Transporte Urbano Colectivo, con una muestra de 19 de las empresas de mayor peso en el sector, las cuales representan el 58,88% de la población de ciudades de más de 50.000 habitantes y el 30,80% de la población española total. En este sentido, entendemos que el análisis de las magnitudes internas de gastos y costes desarrollado en las siguientes páginas resulta de utilidad al ofrecer indicadores útiles de referencia para la gestión de la actividad, y utilizable por múltiples usuarios, desde las propias empresas concesionarias hasta las administraciones públicas, consorcios de transporte, usuarios del servicio, investigadores, etc.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tec

La contabilidad analítica como herramienta de información para la transparencia y la toma de decisiones: un itinerario para el análisis de costes

El presente trabajo pretender ofrecer una propuesta metodológica para la elaboración de informes analíticos sobre los resultados obtenidos a partir de la personalización del Modelo de Contabilidad Analítica del Ministerio de Educación, Cultura y Deporte del Reino de España (en adelante MECD) y cálculo de costes en las Universidades Públicas Españolas de acuerdo a los principios que contiene.El presente trabajo pretender ofrecer una propuesta metodológica para la elaboración de informes analíticos sobre los resultados obtenidos a partir del cálculo de costes en las Universidades Públicas Españolas de acuerdo a los principios del Modelo de Contabilidad Analítica del Ministerio de Educación, Cultura y Deporte. A tales efectos, el trabajo realizado aborda el estudio y análisis valorativo de las herramientas que definen la metodología propuesta (análisis de pesos relativos, análisis de promedios y medianas, estudio de desviaciones y variaciones, identificación de anomalías,…), para alcanzar los fines anteriormente descritos, formulando el esbozo de la cartografía de una metodología específica para facilitar la interpretación y la obtención de conclusiones sobre los resultados del ModeloUniversidad de Málaga. Campus de Excelencia Internacional Andalucía Tech

Implantación de modelos de cálculo, control y reducción de costes en las empresas de transporte urbano colectivo de viajeros

En la presente comunicación se presentan algunas reflexiones sobre la modelización de sistemas de cálculo, análisis, gestión, control y reducción de costes, basados en la metodología Activity Based Costing/Activity Based Management -ABC/ABM- en empresas de transporte urbano colectivo de viajeros, así como respecto a los trabajos a llevar a cabo para su implantación y el origen de los datos procesados por el modelo para su integración con los sistemas de información de tales empresas.In this paper we aim to describe how to develop a well-design cost accounting system in order to analize, control and reduce costs in urban transport enterprises, according to Activity Base Costing/Activity Based Management –ABC/ABM- methodology. In addition, we study the instalation process and th

FamTV : an architecture for presence-aware personalized television

Since the advent of the digital era, the traditional TV scenario has rapidly evolved towards an ecosystem comprised of a myriad of services, applications, channels, and contents. As a direct consequence, the amount of available information and configuration options targeted at today's end consumers have become unmanageable. Thus, personalization and usability emerge as indispensable elements to improve our content-overloaded digital homes. With these requirements in mind, we present a way to combine content adaptation paradigms together with presence detection in order to allow a seamless and personalized entertainment experience when watching TV.This work has been partially supported by the Community of Madrid (CAM), Spain under the contract number S2009/TIC-1650.Publicad

Improving privacy in identity management systems for health care scenarios

Privacy is a very complex and subjective concept with different meaning to different people. The meaning depends on the context. Moreover, privacy is close to the user information and thus, present in any ubiquitous computing scenario. In the context of identity management (IdM), privacy is gaining more importance since IdM systems deal with services that requires sharing attributes belonging to users’ identity with different entities across domains. Consequently, privacy is a fundamental aspect to be addressed by IdM to protect the exchange of user attributes between services and identity providers across different networks and security domains in pervasive computing. However, problems such as the effective revocation consent, have not been fully addressed. Furthermore, privacy depends heavily on users and applications requiring some degree of flexibility. This paper analyzes the main current identity models, as well as the privacy support presented by the identity management frameworks. After the main limitations are identified, we propose a delegation protocol for the SAML standard in order to enhance the revocation consent within healthcare scenarios.Proyecto CCG10-UC3M/TIC-4992 de la Comunidad Autónoma de Madrid y la Universidad Carlos III de Madri

SuSSo: seamless and ubiquitous single sign-on for cloud service continuity across devices

The great variety of consumer electronic devices with support of wireless communications combined with the emerging Cloud Computing paradigm is paving the way to real anytime/anywhere computing. In this context, many services, such as music or video streaming, are delivered to the clients using Cloud-based providers. However, service continuity when moving across different terminals is still a major challenge. This paper proposes SuSSo, a novel middleware architecture that allows sessions initiated from one device to be seamlessly transferred to a second one, as might be desirable in the enjoyment of long running media.Publicad

A metric-based approach to assess risk for "on cloud" federated identity management

The cloud computing paradigm is set to become the next explosive revolution on the Internet, but its adoption is still hindered by security problems. One of the fundamental issues is the need for better access control and identity management systems. In this context, Federated Identity Management (FIM) is identified by researchers and experts as an important security enabler, since it will play a vital role in allowing the global scalability that is required for the successful implantation of cloud technologies. However, current FIM frameworks are limited by the complexity of the underlying trust models that need to be put in place before inter-domain cooperation. Thus, the establishment of dynamic federations between the different cloud actors is still a major research challenge that remains unsolved. Here we show that risk evaluation must be considered as a key enabler in evidencebased trust management to foster collaboration between cloud providers that belong to unknown administrative domains in a secure manner. In this paper, we analyze the Federated Identity Management process and propose a taxonomy that helps in the classification of the involved risks in order to mitigate vulnerabilities and threats when decisions about collaboration are made. Moreover, a set of new metrics is defined to allow a novel form of risk quantification in these environments. Other contributions of the paper include the definition of a generic hierarchical risk aggregation system, and a descriptive use-case where the risk computation framework is applied to enhance cloud-based service provisioning.This work was supported in part by the Spanish Ministry of Science and Innovation under the project CONSEQUENCE (TEC2010-20572-C02-01).Publicad

An identity aware wimax personalization for pervasive computing services

Mobile Internet access is becoming more and more pervasive in the new 4G scenarios, where WiMAX is to play a crucial role. WiMax has advantages when considering both energy consumption and bandwidth, when compared with HSDPA and LTE. However, we have found some limitations in IEEE 802.16 security support, which may limit authentication and authorization mechanisms for ubiquitous service development. In this article we analyze weaknesses and vulnerabilities we have found in WiMAX security. WiMax, with the adequate identity management support, could be invaluable for developing new pervasive computing services. We propose the introduction of identity management in WiMAX, as a pervious step to the definition of identity aware WiMax personalization of pervasive computing servicesProyecto CCG10-UC3M/TIC-4992 de la Comunidad Autónoma de Madrid y la Universidad Carlos III de Madri