Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
Publications

Publications by António Pinto

2016

Hash-Chain-Based Authentication for IoT

Authors
Pinto, A; Costa, R;

Publication
ADCAIJ-ADVANCES IN DISTRIBUTED COMPUTING AND ARTIFICIAL INTELLIGENCE JOURNAL

Abstract
The number of everyday interconnected devices continues to increase and constitute the Internet of Things (IoT). Things are small computers equipped with sensors and wireless communications capabilities that are driven by energy constraints, since they use batteries and may be required to operate over long periods of time. The majority of these devices perform data collection. The collected data is stored on-line using web-services that, sometimes, operate without any special considerations regarding security and privacy. The current work proposes a modified hash-chain authentication mechanism that, with the help of a smartphone, can authenticate each interaction of the devices with a REST web-service using One Time Passwords (OTP) while using open wireless networks. Moreover, the proposed authentication mechanism adheres to the stateless, HTTP-like behavior expected of REST web-services, even allowing the caching of server authentication replies within a predefined time window. No other known web-service authentication mechanism operates in such manner

2016

Hash-Chain Based Authentication for IoT Devices and REST Web-Services

Authors
Pinto, A; Costa, R;

Publication
AMBIENT INTELLIGENCE - SOFTWARE AND APPLICATIONS (ISAMI 2016)

Abstract
The number of everyday interconnected devices continues to increase and constitute the Internet of Things (IoT). Things are small computers equipped with sensors and wireless communications capabilities that are driven by energy constraints, since they use batteries and may be required to operate over long periods of time. The majority of these devices perform data collection. The collected data is stored on-line using web-services that, sometimes, operate without any special considerations regarding security and privacy. The current work proposes a modified hash-chain authentication mechanism that, with the help of a smart-phone, can authenticate each interaction of the devices with a REST web-service using One Time Passwords (OTP). Moreover, the proposed authentication mechanism adheres to the stateless, HTTP-like behavior expected of REST web-services, even allowing the caching of server authentication replies within a predefined time window. No other known web-service authentication mechanism operates in such manner.

2014

Management Driven Hybrid Multicast Framework for Content Aware Networks

Authors
Iorga, R; Borcoci, E; Miruta, R; Pinto, A; Carneiro, G; Calcada, T;

Publication
IEEE COMMUNICATIONS MAGAZINE

Abstract
The need for better adaptation of networks to transported flows has led to research on new approaches such as content aware networks and network aware applications. In parallel, recent developments of multimedia and content oriented services and applications such as IPTV, video streaming, video on demand, and Internet TV reinforced interest in multicast technologies. IP multicast has not been widely deployed due to interdomain and QoS support problems; therefore, alternative solutions have been investigated. This article proposes a management driven hybrid multicast solution that is multi-domain and media oriented, and combines overlay multicast, IP multicast, and P2P. The architecture is developed in a content aware network and network aware application environment, based on light network virtualization. The multicast trees can be seen as parallel virtual content aware networks, spanning a single or multiple IP domains, customized to the type of content to be transported while fulfilling the quality of service requirements of the service provider.

2017

Collection of State Information in Live Digital Forensics

Authors
Freitas, F; Pinto, A;

Publication
AMBIENT INTELLIGENCE- SOFTWARE AND APPLICATIONS- 8TH INTERNATIONAL SYMPOSIUM ON AMBIENT INTELLIGENCE (ISAMI 2017)

Abstract
In a digital forensic investigations, the investigator usually wants to get as much state information as possible. Examples of such scenarios are households with wireless networks connecting multiple devices where a security incident occurs. USB devices present themselves as interesting vehicles for the automated collection of state information, as it can store the applications that collect the information, can store the results and can also facilitate the information collection by enabling its automatic operation. This paper proposes a USB solution to facilitate the collection of state information with integrity guarantees and multi-platform operation. Moreover, the proposed solutions is the only one that performs an extensive and homogeneous artifact collection, independently of the underlying operating system.

2015

A Framework for the Secure Storage of Data Generated in the IoT

Authors
Costa, R; Pinto, A;

Publication
Ambient Intelligence - Software and Applications - 6th International Symposium on Ambient Intelligence, ISAmI 2015, Salamanca, Spain, June 3-5, 2015.

Abstract
The Internet of Things can be seen has a growing number of things that inter-operate using an Internet-based infrastructure and that has evolved during the last years with little concern for the privacy of its users, especially regarding how the collected data is stored. Technological measures ensuring users privacy must be established. In this paper we will present a technological framework for the secure storage of data. Things can then interact with the framework's API much in the same way they now interact with its current servers, after which, the framework will performthe required operations in order to secure the data before storing it. Themethods adopted for the secure storage will maintain the sharing ability, conveniently allowing authorized access to other users, the initial user's terms (e.g. data anonymity) and the ability to revoke assigned privileges at all times. © Springer International Publishing Switzerland 2015.

2017

MuSec: Sonification of Alarms Generated by a SIEM

Authors
Sousa, L; Pinto, A;

Publication
AMBIENT INTELLIGENCE- SOFTWARE AND APPLICATIONS- 8TH INTERNATIONAL SYMPOSIUM ON AMBIENT INTELLIGENCE (ISAMI 2017)

Abstract
The information generated by a network monitoring system is overwhelming. Monitoring is imperative but very difficult to accomplish due to several reasons. More so for the case of non tech-savvy home users. Security Information Event Management applications generate alarms that correlate multiple occurrences on the network. These events are classified accordingly to their risk. An application that allows the sonification of events generated by a Security Information Event Management can facilitate the security monitoring of a home network by a less tech-savvy user by allowing him to just listen to the result of the sonification of such events.

  • 2
  • 10