@InProceedings{Camacho_2016_INForum_AgriPrecisao, author = {Jos\'{e} Camacho and Alberto Cunha and Miguel L. Pardal}, booktitle = {INForum}, title = {{Agricultura de Precisão com Sensores e Tecnologias da Internet das Coisas}}, year = {2016}, address = {Lisboa, Portugal}, month = {September}, note = {Comunicação}, } @InProceedings{Coelho_2016_INForum_SmartPlacesJS, author = {Samuel M. Coelho and Miguel L. Pardal}, booktitle = {INForum}, title = {{Smart Places: A framework to develop proximity-based mobile applications}}, year = {2016}, address = {Lisboa, Portugal}, month = {September}, } @InProceedings{Correia_2012_INForum_RFID-Arduino, author = {Nuno Correia and Miguel L. Pardal and M\'{a}rio Romano and Jos\'{e} Alves Marques}, booktitle = {INForum}, title = {{RFID and Arduino: Managing RFID Events on a Real World Prototype}}, year = {2012}, address = {Caparica, Portugal}, month = {September}, } @InProceedings{Correia_2013_IEEE-RFID_Poster, author = {Nuno Correia and Miguel L Pardal and M{\'{a}}rio Romano and Jos{\'{e}} {Alves Marques}}, booktitle = {2013 IEEE International Conference on RFID (IEEE RFID 2013)}, title = {{Reduce RFID Implementation Costs With Middleware Improvements}}, year = {2013}, address = {Orlando, Florida, USA}, month = apr, abstract = {System reliability can be improved through several ways, the most common is to buy more hardware to cover RFID's reliability issues. A way less costly solution is to improve middleware systems by eliminating the occurrence of false tag reads. This work intends to redesign the Fosstrak's data cleaning module - EPCGlobal compliant middleware. As part of an ongoing work, an adaptive sliding-window technique was implemented and it will be improved with behaviour characteristics of the captured objects. Previous knowledge of the business steps will also make part of this development.}, days = {30}, } @InProceedings{Diogo_2016_INForum_BootstrapVampire, author = {Tiago Diogo and Miguel L. Pardal}, booktitle = {INForum}, title = {{Arranque Seguro de Redes 6LoWPAN para prevenir Ataques Vampiro na Internet das Coisas}}, year = {2016}, address = {Lisboa, Portugal}, month = {September}, note = {Comunicação}, } @InProceedings{Guerra_2004_UKAIS_IntegrationMethodology, author = {Marta Guerra and Miguel Pardal and Miguel Mira da Silva}, booktitle = {Conference of the UK Academy for Information Systems (UKAIS)}, title = {{An Integration Methodology based on the Enterprise Architecture}}, year = {2004}, address = {Glasgow, Scotland, UK}, month = {May}, } @InProceedings{Leitao_2010_CENTERIS_SmartSTEP, author = {Jo{\~a}o C. C. Leit{\~a}o and Miguel L. Pardal}, booktitle = {Conference on Enterprise Information Systems (CENTERIS)}, title = {{Smart Web Services: systems integration using policy driven automatic configuration}}, year = {2010}, address = {Viana do Castelo, Portugal}, month = {October}, abstract = {Web Services (WS) are an important tool for the integration of enterprise applications. With a growing set of WS related standards (WS-*), the technology has become increasingly more complicated to configure and manage, even more so when the Quality of Service (QoS) requirements of the system are changing. This paper presents the results of a study conducted on the ability of the major Web Services implementations to adapt to changing QoS attributes. Their shortcomings are then used as motivation for SmartSTEP, a proposal for a more advanced policy-driven automatic configuration solution.}, keywords = {Web Services, Quality of Service, Information Systems Integration, Policy, Automatic Configuration, Java, STEP Framework}, } @TechReport{Pardal_2003_IASI, author = {Miguel Pardal and Marta Guerra}, institution = {Instituto Superior Técnico}, title = {Metodologia de integração baseada na arquitectura de sistemas de informação}, year = {2003}, month = {December}, note = {Trabalho da disciplina de Integração de Sistemas Empresariais do Mestrado em Engenharia Informática e de Computadores}, comment = {Artigos: -Proposta de metodologia de integração -Modelo de especificação de integração -Integração de aplicações do Departamento de Engenharia Informática do Instituto Superior Técnico -Utilização do motor de integração webMethods}, } @TechReport{Pardal_2003_ASI-DEI, author = {Miguel Pardal and Marta Guerra and Gabriel Pestana and Inês Barreto}, institution = {Instituto Superior Técnico}, title = {Arquitectura de Sistemas de Informação do Departamento de Engenharia Informática}, year = {2003}, month = {July}, note = {Trabalho da disciplina de Arquitectura Tecnológica dos Sistemas de Informação do Mestrado em Engenharia Informática e de Computadores}, comment = {Tópicos: -Arquitectura de processos de negócio -Arquitectura de informação -Arquitectura de aplicações -Plano de implementação -Alinhamento da arquitectura de aplicações com pacotes de software existentes}, } @TechReport{Pardal_2008_TR_GS1Ids, author = {Miguel Pardal}, institution = {Instituto Superior T\'{e}cnico, Technical University of Lisbon}, title = {{GS1 Identifier management architecture}}, year = {2008}, month = {October}, abstract = {The forthcoming widespread use of smart things, like RFID tags and sensors, along with omnipresent wireless networks, will create an Internet of Things (IoT), where most everyday objects will be interconnected and part of an universal-purpose system akin to the Internet. This position paper looks at the IoT in a computer science research perspective. It identifies the main challenges to address and points to a set of possible research paths. It also provides some insight into what will change in the way information systems are designed and used in the IoT era.}, } @TechReport{Pardal_2008_TR_TowardsIoT, author = {Miguel Pardal}, institution = {Instituto Superior T\'{e}cnico, Technical University of Lisbon}, title = {{Computer science research for the Internet of Things}}, year = {2008}, month = {February}, abstract = {The forthcoming widespread use of smart things, like RFID tags and sensors, along with omnipresent wireless networks, will create an Internet of Things (IoT), where most everyday objects will be interconnected and part of an universal-purpose system akin to the Internet. This position paper looks at the IoT in a computer science research perspective. It identifies the main challenges to address and points to a set of possible research paths. It also provides some insight into what will change in the way information systems are designed and used in the IoT era.}, } @InProceedings{Pardal_2007_IADIS-WWWInternet_WSMap_Poster, author = {Miguel Pardal}, booktitle = {IADIS International Conference WWW/Internet}, title = {{WS-Map: A Web-based Survey of Web Services Standards}}, year = {2007}, address = {Vila Real, Portugal}, month = {October}, note = {Poster}, abstract = {Organizations want to make their information systems more agile so they can better adapt to changes in business requirements. Web Services is a technology proposal to enable such flexible and reusable systems. Interoperability is a critical constraint because most business processes cross organization and technology boundaries. This paper presents WS-Map, a broad and vendor independent standards index, freely accessible over the Internet, comprising a survey of Web Services technology. Using WS-Map, developers, researchers and other Web Services users can put standards in perspective and make more informed technology decisions for their projects.}, keywords = {Web Services; Enterprise Information Systems; Enterprise Applications Integration; Distributed Systems; Survey}, } @InProceedings{Pardal_2007_NWeSP_WSExtensions, author = {Miguel Pardal}, booktitle = {3rd International Conference on Next Generation Web Services Practices (NWeSP)}, title = {{Core mechanisms for Web Services extensions}}, year = {2007}, address = {Seoul, Korea}, month = {October}, publisher = {IEEE Computer Society}, abstract = {Organizations expect Web Services to make their information systems more agile, so they can better adapt to changes in business requirements. Hence, this technology focuses on interoperability and flexibility giving developers the ability to customize, reuse and enhance Web Service functionalities as well as non-functional extensions such as security, transactions and reliable messaging. This paper describes the core mechanisms necessary to build Web Services extensions, regardless of the underlying platform. This contribution is based on the results of a comprehensive evaluation of existing implementations.}, keywords = {Web Services, Web Services extensions, Security, Distributed Transactions, Reliable Messaging, Enterprise Applications}, } @TechReport{Pardal_2006_TR_WSSecurity, author = {Miguel Pardal}, institution = {Instituto Superior Técnico}, title = {{A survey and case-study evaluation of Web Services security technology}}, year = {2006}, month = {December}, abstract = {Organizations want to make their information systems more agile so they can better answer the challenge of adapting to changes in business requirements. Web Services and Service-Oriented Architectures propose systems with greater flexibility, reuse and interoperability. However, the essential security standards and implementations have yet to be sufficiently evaluated in practical uses. This paper presents a survey of Web Services technology with additional detail for security standards and implementations. It also evaluates the technology using a complex and valuable business case-study: real estate transactions. A prototype evidenced insufficiencies in the available implementations.}, keywords = {Service-Oriented Architectures, Web Services, Security, Enterprise Information Systems, Enterprise Applications Integration, Distributed Systems}, } @InProceedings{Pardal_2006_XATA, author = {Miguel Pardal}, booktitle = {XML: Aplicações e Tecnologias Associadas (XATA)}, title = {{Em constru\c{c}\~{a}o: uma an\'{a}lise ao estado actual da plataforma de Servi\c{c}os Web para neg\'{o}cio electr\'{o}nico}}, year = {2006}, address = {Portalegre, Portugal}, month = {February}, } @TechReport{Pardal_2004_SmartcardInterop, author = {Miguel Pardal}, institution = {Instituto Superior Técnico}, title = {Interoperabilidade de cartões inteligentes}, year = {2004}, month = {July}, note = {Trabalho da disciplina de Tópicos Avançados de Sistemas de Informação do Mestrado em Engenharia Informática e de Computadores}, } @TechReport{Pardal_2003_SmartCards, author = {Miguel Pardal}, institution = {Instituto Superior Técnico}, title = {Utilização de cartões inteligentes em aplicações móveis}, year = {2003}, month = {December}, note = {Trabalho da disciplina de Algoritmos e Aplicações de Segurança do Mestrado em Engenharia Informática e de Computadores}, } @TechReport{Pardal_2000_TFC, author = {Miguel Pardal and Lu\'{i}s Camacho}, institution = {Instituto Superior T\'{e}cnico}, title = {Servidor de Informa\c{c}\~{a}o Pessoal}, year = {2000}, type = {Trabalho Final de Curso}, keywords = {linguagem Java (com utilizações de JDBC, RMI (Remote Method Invocation), applets, servlets e das APIs XML); Internet (Web e correio electrónico); base de dados relacional SQL Server; componentes COM (construídos utilizando as linguagens Visual C++, Visual Basic e Visual J++); processadores de linguagens (flex e bison); telefonia móvel: SMS, WAP}, } @InProceedings{Pardal_2006_SINO, author = {Miguel Pardal and Alberto Cunha}, booktitle = {Seguran\c{c}a Inform\'{a}tica nas Organiza\c{c}\~{o}es (SINO)}, title = {{Tecnologia de seguran\c{c}a para Web Services}}, year = {2006}, address = {Aveiro, Portugal}, } @InProceedings{Pardal_2004_IADIS-eSociety_MultiServices, author = {Miguel Pardal and Alberto Cunha}, booktitle = {International IADIS Conference e-Society}, title = {{Building multi-services in personal mobile devices based on partially trusted domains}}, year = {2004}, address = {Avila, Spain}, month = {July}, organization = {IADIS}, } @Article{Pardal_2008_IJWSP_STEPExtensions, author = {Miguel Pardal and S{\'e}rgio Fernandes and Jorge Martins and Joana Paulo Pardal}, journal = {International Journal of Web Services Practices}, title = {{Customizing Web Services with Extensions in the STEP framework}}, year = {2008}, month = {June}, note = {Issue 1}, volume = {3}, abstract = {Organizations expect Web Services to make their information systems more agile so they can better adapt to changes in business requirements. Hence, this technology's design principles focus on interoperability and flexibility to give developers the ability to customize, reuse and enhance functionalities as well as non-functionalities such as security, transactions and reliable messaging. In particular, an effective Web Services customization must give application developers simple and expressive ways to program the changes they need without losing any capabilities available in the platform. We propose customization with Web Services Extensions and present the concept, its core mechanisms and its implementation on the STEP Framework, an open-source multi-layer Java enterprise application framework.}, booktitle = {International Journal of Web Services Practices}, keywords = {Customization, Java, STEP Framework, Web Services}, publisher = {IEEE Computer Society}, } @PhdThesis{Pardal_2014_PhD, author = {Miguel Filipe Leit{\~a}o Pardal}, school = {Instituto Superior T\'{e}cnico, Universidade de Lisboa}, title = {{Scalable and secure RFID data discovery}}, year = {2014}, month = {June}, note = {Dissertation}, abstract = {The combined use of Enterprise Resources Planning (ERP) and Supply Chain Management (SCM) systems has greatly improved the efficiency of supply chains. Further improvements require a deeper connection between the virtual and physical worlds. Automatic identification technologies, like radio-frequency identification (RFID), allow identification data about tagged physical objects to be collected by readers deployed across locations in the supply chain. This data is stored and managed using traceability systems to allow efficient answers to queries like Track and Trace. A practical traceability system should perform adequately for the large number of physical objects flowing in the supply chain (address the scale problem); and it should protect the sensitive business data from unauthorized access (address the data visibility problem). The original contributions of this dissertation are: quantitative cost models that compare traceability systems for given supply chain scenarios; and visibility restriction mechanisms that can be used to define and enforce supply chain data access control policies. The analytic models take supply chain and target system parameters and compute cost estimates for data capture and queries, even when many implementation details are not available. The visibility restriction mechanisms are capable of identifying assets and stating the existence of records and the data access conditions, even if some of the supply chain partners are not known in advance. The policies are authored in RDF format with a distributed data model; and are enforced in a security infrastructure based on the XACML standard. The results are illustrated with examples from several industries and a case study in the Pharmaceutical supply chain.}, keywords = {Information System, Business-to-Business, Supply Chain Management, Traceability, Automatic Identification, Scalability, Security, Access control, Internet of Things, Pharmaceutical Supply Chain}, } @PhdThesis{Pardal_2009_PhD_Proposal, author = {Miguel Filipe Leit{\~a}o Pardal}, school = {Instituto Superior T\'{e}cnico, Technical University of Lisbon}, title = {{Scalable and secure RFID data discovery}}, year = {2009}, month = {July}, note = {Thesis proposal}, abstract = {Radio-frequency identification (RFID) enables the total visibility supply chain, where trading partners collect data about physical goods in the supply chain and share it, as long as their own interests are safeguarded. The sharing restrictions can be stated in discovery policies, interpreted and enforced by discovery services that lookup information about physical goods across organizational boundaries and disperse geographic regions. This research proposal aims to study how discovery policies and context data can improve the scalability of secure discovery services.}, keywords = {Business-to-business, B2B, RFID Discovery, Scalability, Security}, } @MastersThesis{Pardal_2006_MSc, author = {Miguel Filipe Leit{\~a}o Pardal}, school = {Instituto Superior T\'{e}cnico, Universidade T\'{e}cnica de Lisboa}, title = {{Security of Enterprise Applications in Service Architectures}}, year = {2006}, month = {September}, abstract = {Organizations want to make their information systems more agile so they can better answer the challenge of continuous adaptation to business requirements. Service architectures and Web Services are a proposal to structure systems with greater flexibility, reuse and interoperability. However, the important security standards and implementations have yet to be sufficiently evaluated in practical uses. This thesis evaluates Web Services Security with a complex and valuable business case study: real estate transactions. A prototype evidenced several insufficiencies in the available implementations. The most relevant contribution of this thesis is the up-to-date and complete description of Web Services technology, with an insightful assessment of security standards and implementations.}, comment = {Original title: "Segurança de aplicações empresariais em arquitecturas de serviços", Language: Portuguese, Portugal}, } @MastersThesis{Pardal_2006_MSc_PT, author = {Miguel Filipe Leit{\~a}o Pardal}, school = {Instituto Superior T\'{e}cnico}, title = {{Segurança de aplicações empresariais em arquitecturas de serviços}}, year = {2006}, month = {September}, abstract = {As organizações procuram agilizar os seus sistemas de informação para melhor responder ao permanente desafio de adaptação aos requisitos de negócio. As arquitecturas de serviços e os Web Services são uma proposta para estruturar os sistemas com maior flexibilidade, reutilização e interoperabilidade. No entanto, as importantes normas e implementações de segurança não foram ainda suficientemente avaliadas na prática. Esta tese avalia a Web Services Security com um caso de estudo real, complexo e com valor: a compra e venda de imóvel. Foi realizado um protótipo que evidenciou insuficiências das implementações disponíveis. O contributo mais significativo desta tese \'{e} o retrato actual e completo da tecnologia de Web Services, com uma avaliação aprofundada das normas e implementações de segurança.}, keywords = {Arquitecturas de Serviços, Web Services, Segurança, Sistemas de Informação Empresariais, Integração de Aplicações Empresariais, Sistemas Distribuídos}, } @Article{Pardal_2005_OrdemEngenheiros, author = {Miguel Filipe Leit{\~a}o Pardal}, journal = {Ingenium}, title = {{Resumo do melhor est\'{a}gio em Engenharia Inform\'{a}tica 2004: Integra\c{c}\~{a}o de tecnologias Web em sistemas de informa\c{c}\~{a}o de Banca e Seguros}}, year = {2005}, month = {Janeiro-Fevereiro}, number = {85}, volume = {II S\'{e}rie}, } @TechReport{Pardal_2011_TR_TraceabilityCostModel, author = {Miguel L. Pardal}, institution = {Instituto Superior T\'{e}cnico, Technical University of Lisbon}, title = {{Traceability Cost Model}}, year = {2011}, month = {March}, abstract = {This report presents a cost model developed to compare traceability information system architectures.}, } @TechReport{Pardal_2010_TR_ToughSTEP, author = {Miguel L. Pardal}, institution = {Instituto Superior T\'{e}cnico, Technical University of Lisbon}, title = {{Performance assessment of the STEP Framework}}, year = {2010}, month = {November}, abstract = {This technical report presents a performance study of the STEP Framework, an open-source application framework based on the Java platform that hasbeen used for several years to teach the development of distributed enterprise applications to Computer Science and Engineering undergrad students.}, } @InProceedings{Pardal_2012_IEEE-RFID_DSVisibility, author = {Miguel L. Pardal and Mark Harrison and Jos{\'e} Alves Marques}, booktitle = {IEEE International Conference on RFID}, title = {{Assessment of Visibility Restriction Mechanisms for RFID Data Discovery Services}}, year = {2012}, address = {Orlando, FL, USA}, month = {April}, pages = {7}, abstract = {RFID is a technology that enables the automated capture of observations of uniquely identified physical objects as they move through supply chains. Discovery Services provide links to repositories that have traceability information about specific physical objects. Each supply chain party publishes records to a Discovery Service to create such links and also specifies access control policies to restrict who has visibility of link information, since it is commercially sensitive and could reveal inventory levels, flow patterns, trading relationships, etc. The requirement of being able to share information on a needto- know basis, e.g. within the specific chain of custody of an individual object, poses a particular challenge for authorization and access control, because in many supply chain situations the information owner might not have sufficient knowledge about all the companies who should be authorized to view the information, because the path taken by an individual physical object only emerges over time, rather than being fully pre-determined at the time of manufacture. This led us to consider novel approaches to delegate trust and to control access to information. This paper presents an assessment of visibility restriction mechanisms for Discovery Services capable of handling emergent object paths. We compare three approaches: enumerated access control (EAC), chain-of-communication tokens (CCT), and chainof- trust assertions (CTA). A cost model was developed to estimate the additional cost of restricting visibility in a baseline traceability system and the estimates were used to compare the approaches and to discuss the trade-offs.}, } @InProceedings{Pardal_2012_IEEE-RFID_DSVisibility_Poster, author = {Miguel L. Pardal and Mark Harrison and Jos{\'e} Alves Marques}, booktitle = {IEEE International Conference on RFID}, title = {{Assessment of Visibility Restriction Mechanisms for RFID Data Discovery Services}}, year = {2012}, address = {Orlando, FL, USA}, month = {April}, note = {Poster}, pages = {2}, abstract = {RFID is a technology that enables the automated capture of observations of uniquely identified physical objects as they move through supply chains. Discovery Services provide links to repositories that have traceability information about specific physical objects. Each supply chain party publishes records to a Discovery Service to create such links and also specifies access control policies to restrict who has visibility of link information, since it is commercially sensitive and could reveal inventory levels, flow patterns, trading relationships, etc. The requirement of being able to share information on a needto- know basis, e.g. within the specific chain of custody of an individual object, poses a particular challenge for authorization and access control, because in many supply chain situations the information owner might not have sufficient knowledge about all the companies who should be authorized to view the information, because the path taken by an individual physical object only emerges over time, rather than being fully pre-determined at the time of manufacture. This led us to consider novel approaches to delegate trust and to control access to information. This poster presents an assessment of visibility restriction mechanisms for Discovery Services capable of handling emergent object paths. We compare three approaches: enumerated access control (EAC), chain-of-communication tokens (CCT), and chainof- trust assertions (CTA). A cost model was developed to estimate the additional cost of restricting visibility in a baseline traceability system and the estimates were used to compare the approaches and to discuss the trade-offs.}, } @Article{Pardal_2014_IJCISIM_SCAz-XACML, author = {Miguel L. Pardal and Mark Harrison and Sanjay Sarma and Jos{\'e} Alves Marques}, journal = {International Journal of Computer Information Systems and Industrial Management Applications}, title = {{Access Control Policies for Traceability Information Systems}}, year = {2014}, pages = {560-570}, volume = {6}, url = {http://www.mirlabs.org/ijcisim/regular_papers_2014/IJCISIM_52.pdf}, } @InProceedings{Pardal_2013_IEEE-RFID_PharmaAccess, author = {Miguel L. Pardal and Mark Harrison and Sanjay Sarma and Jos{\'e} Alves Marques}, booktitle = {IEEE International Conference on RFID}, title = {{Expressive RFID data access policies for the Pharmaceuticals supply chain}}, year = {2013}, address = {Orlando, FL, USA}, month = {April}, pages = {8}, abstract = {The Pharma(ceuticals) industry is at a cross-roads. There are growing concerns that illegitimate products are penetrating the supply chain. There are proposals in many countries to apply RFID and other traceability technologies to solve this problem. However there are several trade-offs and one of the most crucial is between data visibility and confidentiality. In this paper, we use the TrakChain assessment framework tools to study the US Pharma supply chain and to compare candidate solutions to achieve traceability data security: Point-of-Dispense Authentication, Network-based electronic Pedigree, and Document-based electronic Pedigree. We also propose extensions to a supply chain authorization language that is able to capture expressive data sharing conditions considered necessary by the industry's trading partners.}, } @InProceedings{Pardal_2012_IEEE-RFIDTA_SCAz, author = {Miguel L. Pardal and Mark Harrison and Sanjay Sarma and Jos{\'e} Alves Marques}, booktitle = {IEEE International Conference on RFID Technology and Applications}, title = {{Enforcing RFID Data Visibility Restrictions Using XACML Security Policies}}, year = {2012}, address = {Nice, France}, month = {November}, abstract = {Radio Frequency Identification (RFID) technology allows automatic data capture from tagged objects moving in a supply chain. This data can be very useful if it is used to answer traceability queries, however it is distributed across many different repositories, owned by different companies. Discovery Services (DS) are designed to assist in retrieving the RFID data relevant for traceability queries while enforcing sharing policies that are defined and required by participating companies to prevent sensitive data from being exposed. In this paper we define an interface for Supply Chain Authorization (SC-Az) and describe the implementation of two visibility restriction mechanisms based on Access Control Lists (ACLs) and Capabilities. Both approaches were converted to the standard eXtensible Access Control Markup Language (XACML) and their correctness and performance was evaluated for supply chains with increasing size.}, keywords = {RFID, security, authorization, SCAz}, } @InProceedings{Pardal_2012_NWeSP_XACMLPerf, author = {Miguel L. Pardal and Mark Harrison and Sanjay Sarma and Jos{\'e} Alves Marques}, booktitle = {8th International Conference on Next Generation Web Services Practices (NWeSP)}, title = {{Performance Assessment of XACML Authorizations for Supply Chain Traceability Web Services}}, year = {2012}, address = {S\~{a}o Carlos, Brazil}, month = {November}, abstract = {Service-Oriented Architecture (SOA) and Web Services (WS) offer advanced flexibility and interoperability capa-bilities. However they imply significant performance overheads that need to be carefully considered. Supply Chain Management (SCM) and Traceability systems are an interesting domain for the use of WS technologies that are usually deemed to be too complex and unnecessary in practical applications, especially regarding security. This paper presents an externalized security architecture that uses the eXtensible Access Control Markup Language (XACML) authorization standard to enforce visibility restrictions on trace-ability data in a supply chain where multiple companies collabo-rate; the performance overheads are assessed by comparing ‘raw’ authorization implementations - Access Control Lists, Tokens, and RDF Assertions - with their XACML-equivalents.}, keywords = {Web Services; Authorization; XACML; Performance; Supply Chain Traceability}, } @InProceedings{Pardal_2010_IWRT_TowardsIoT, author = {Miguel L. Pardal and Jos{\'e} Alves Marques}, booktitle = {4th International Workshop on RFID Technology - Concepts, Applications, Challenges (IWRT)}, title = {{Towards the Internet of Things: An Introduction to RFID Technology}}, year = {2010}, address = {Funchal, Madeira, Portugal}, editor = {Quan Z. Sheng and Aikaterini Mitrokotsa and Sherali Zeadally and Zakaria Maamar}, month = {June}, pages = {69-78}, publisher = {SciTePress}, abstract = {Radio frequency identification (RFID) is an automatic identification technology making its way to supply chains in Retail, Pharmaceutical, and other industries. RFID extends the reach of supply chain information systems in such a way that it will soon be possible and economically feasible to tag valuable physical objects and then to track and trace them, enabling many novel and useful applications. This paper provides an introduction to RFID for practitioners with a computer science background.}, keywords = {RFID, Internet of Things, EPC}, } @InProceedings{Pardal_2015_CHIST-ERA_TrakChain_Poster, author = {PMiguel L. Pardal and Jos{\'e} Alves Marques}, booktitle = {CHIST-ERA}, title = {{TrakChain protects Track and Trace data in the Internet of (many) Things}}, year = {2015}, address = {Lisbon, Portugal}, month = {June}, note = {Poster}, abstract = {RFID technology enables traceability systems that capture detailed data about goods as they move in the supply chain. Securing this data requires evaluating dynamic conditions to authorize business partners that are not known in advance. Furthermore, the system must promote trust and give incentives so that each partner shares its own data. TrakChain implemented data visibility restriction policies using RDF and SPARQL. These policies can be converted to a standard format, XACML, to reuse existing enforcement infrastructures and tools. The expressiveness of the policies was evaluated against a set of requirements for a pharmaceutical traceability system.}, url = {http://conference2015.chistera.eu/communications?field_speaker_nature_tid=7&field_speaker_topic_tid=11&page=1}, } @Article{Pardal_2015_ERCIM_TrakChain, author = {Miguel L. Pardal and Jos{\'e} Alves Marques}, journal = {ERCIM News}, title = {{TrakChain estimates costs for Track and Trace in the Internet of (many) Things}}, year = {2015}, month = {April}, note = {ISSN: 0926-4981}, number = {101}, pages = {42-43}, abstract = {The TrakChain assessment tools take a description of a physical supply chain – relevant locations, how many goods are received, how often, etc. – and estimate the performance of track and trace queries in a modelled traceability system, providing predictions of how much processing and storage will be required for the working system. The tools were developed at Instituto Superior Técnico, Universidade de Lisboa, Portugal and were evaluated using a Pharmaceuticals supply chain case study.}, url = {http://ercim-news.ercim.eu/en101/special/trakchain-estimates-costs-for-track-and-trace-in-the-internet-of-many-things}, } @InProceedings{Pardal_2011_IEEE-RFID_Poster, author = {Miguel L. Pardal and Jos{\'e} Alves Marques}, booktitle = {IEEE International Conference on RFID}, title = {{Building an Assessment Framework for RFID Data Discovery Service Architectures}}, year = {2011}, address = {Orlando, FL, USA}, month = {April}, note = {Poster}, pages = {2}, abstract = {A Discovery Service is an information system designed to facilitate RFID data exchange between trading partners in a supply chain, in a secure and scalable manner. There are several Discovery Service architecture proposals, but it is unclear what is the best architecture for a given supply chain problem. This poster presents a framework that is being built to evaluate and compare Discovery Service architectures with quantitative metrics.}, } @InProceedings{Pardal_2011_IEEE-RFIDTA_TraceabilityCostModel, author = {Miguel L. Pardal and Jos{\'e} Alves Marques}, booktitle = {IEEE International Conference on RFID Technology and Applications}, title = {{Cost Model for RFID-based Traceability Information Systems}}, year = {2011}, address = {Sitges, Barcelona, Spain}, month = {September}, abstract = {Radio Frequency Identification (RFID) is a technology that can be used to tag physical objects and to detect and identify them automatically along the supply chain. A RFID-based traceability information system uses the captured data to answer track, trace, and bill-of-materials queries. There are several published system proposals, but it is unclear how solutions for a given supply chain problem can be compared. This paper presents an analytical model to compare traceability information systems based on the estimated cost of data capture and query processing.}, } @InCollection{Pardal_2013_CCIS_ToughSTEP, author = {Miguel L. Pardal and Joana P. Pardal and Jos\'{e} Alves Marques}, booktitle = {Cloud Computing and Services Science}, publisher = {Springer International Publishing}, title = {{Performance Assessment of Web Services in the STEP Framework}}, year = {2013}, editor = {Ivan Ivanov and Marten van Sinderen and Frank Leymann and Tony Shan}, pages = {200--214}, series = {Communications in Computer and Information Science}, volume = {367}, doi = {10.1007/978-3-319-04519-1_13}, journal = {Communications in Computer and Information Science (CCIS)}, keywords = {Web Services; Performance; Measurement}, url = {http://dx.doi.org/10.1007/978-3-319-04519-1_13}, } @InProceedings{Pardal_2012_CLOSER_ToughSTEP, author = {Miguel L. Pardal and Joana Paulo Pardal and Jos{\'e} Alves Marques}, booktitle = {2nd International Conference on Cloud Computing and Services Science (CLOSER)}, title = {{Improving Web Services performance, one STEP at a time}}, year = {2012}, address = {Porto, Portugal}, month = {April}, abstract = {Web Services were designed for Enterprise systems. They are a flexible but complex technology, with numerous performance pitfalls for developers. They also have significant overhead when compared with platform-specific solutions (e.g. Java RMI). The end solutions have to combine (virtualized) platform, application framework, and application-specific code. As a result of this complexity, the performance of the final application is often disappointing and requires improvement. This paper describes the implementation of performance tools for an open-source application framework based on the Java platform and presents the findings of a detailed assessment of Web Services performance using the newly developed tools. The challenges, techniques, and lessons learned are relevant beyond the scope of the used framework because widely used open-source libraries were studied as well, namely: Hibernate, JAX-WS, and Log4J.}, keywords = {Web Services, Performance, Measurement.}, } @InProceedings{Perdigao_2010_IWRT_EPCVirtualLab, author = {Carlos Perdig{\~a}o and Miguel L. Pardal}, booktitle = {4th International Workshop on RFID Technology - Concepts, Applications, Challenges (IWRT)}, title = {{EPC Virtual Lab: Experiments using an RFID location simulator}}, year = {2010}, address = {Funchal, Madeira, Portugal}, editor = {Quan Z. Sheng and Aikaterini Mitrokotsa and Sherali Zeadally and Zakaria Maamar}, month = {June}, pages = {107-112}, publisher = {SciTePress}, abstract = {Radio frequency identification (RFID) is an automatic data capture technology that has great potential to improve business. However, RFID projects have significant up-front costs: buying tags and readers, and installing them in business locations. Until now, a physical deployment was required to properly test RFID software and its integration with existing systems. This paper describes EPC Virtual Laboratory (EPC VLab), a physical world simulation engine, that can be used to feed standard RFID information systems with realistic data. The simulator has proved to be useful for preliminary and exploratory testing.}, keywords = {RFID, EPC, simulator}, } @InProceedings{Pinho_2016_INForum_UpdaThing, author = {Tom\'{a}s Pinho and Miguel L. Pardal}, booktitle = {INForum}, title = {{UpdaThing: um sistema de atualizações seguro para a Internet das Coisas}}, year = {2016}, address = {Lisboa, Portugal}, month = {September}, } @InProceedings{Raposo_2016_NCA_MACHETE, author = {Diogo Raposo and Miguel L. Pardal and Luis Rodrigues and Miguel Correia}, booktitle = {15th IEEE International Symposium on Network Computing and Applications (NCA)}, title = {{MACHETE}: Multi-path Communication for Cloud Security}, year = {2016}, month = oct, publisher = {IEEE}, abstract = {Communication through the Internet raises privacy and confidentiality concerns. Protocols such as HTTPS may be used to protect the communication, but occasionally vulnerabilities that may allow snooping on packet content are discovered. To address this issue, we present MACHETE, an application-layer multi-path communication mechanism that provides additional confidentiality by splitting data streams in different physical paths. MACHETE has to handle two challenges: sending packets over different paths when Internet’s routing imposes a single path between pairs of network interfaces; splitting streams of data sent over TCP connections. MACHETE is the first to exploit MultiPath TCP (MPTCP) for security purposes. It leverages overlay networks and multihoming to handle the first challenge and MPTCP to handle the second. MACHETE establishes an overlay network and scatters the data over the available paths, thus reducing the effectiveness of snooping attacks. Mechanisms are provided to select paths based on path diversity.}, keywords = {Multi-path Routing, Communication Confidentiality, Eavesdropping, Communication Privacy, MultiPath TCP}, location = {Cambridge (MA), USA}, } @InProceedings{Balu_2016_NCA_DARSHANA, author = {Karan Balu and Miguel L. Pardal and Miguel Correia}, booktitle = {15th IEEE International Symposium on Network Computing and Applications (NCA)}, title = {{DARSHANA}: Detecting Route Hijacking For Communication Confidentiality}, year = {2016}, month = sep, abstract = {The Border Gateway Protocol (BGP) plays a critical role in the Internet providing connectivity to hosts across the world. Unfortunately, due to its limited security, attackers can hijack traffic by generating invalid routes. Some detection systems for route hijacking have been presented, but they require non-public information, high resources, or can easily be circumvented by attackers. We propose DARSHANA, a monitoring solution that detects route hijacking based solely on data-plane information, and has enough redundancy to prevent attacker countermeasures such as dropping of traceroute probes. DARSHANA uses active probing techniques that enable detection in near real-time. By using diverse methods, DARSHANA can still detect attacks even if the adversary manages to counter some techniques. We show that our solution allows effective detection of many hijacking attacks by emulating them using PlanetLab and Amazon AWS}, bibtexorigem = {12290 www.Inesc-ID.pt 2017-01-31}, } @InProceedings{Joaquim_2016_NCA_VTTLS, author = {Andr{\'e} Joaquim and Miguel L. Pardal and Miguel Correia}, booktitle = {15th IEEE International Symposium on Network Computing and Applications (NCA)}, title = {{vtTLS}: A Vulnerability-Tolerant Communication Protocol}, year = {2016}, month = sep, abstract = {We present VTTLS, a vulnerability-tolerant communication protocol based on diversity and redundancy. There are often concerns about the strength of some of the encryption mechanisms used in SSL/TLS channels, with some regarded as insecure at some point in time. VTTLS is our solution to mitigate the problem of secure communication channels being vulnerable to attacks due to unexpected vulnerabilities in encryption mechanisms. It is based on diversity and redundancy of cryptographic mechanisms and certificates to provide a secure communication channel even when one or more mechanisms are vulnerable. VTTLS relies on a combination of k cipher suites. Even if k − 1 cipher suites are insecure or vulnerable, VTTLS relies on the remaining cipher suite to maintain the channel secure. We evaluated the performance of VTTLS by comparing it to an OpenSSL channel.}, keywords = {network protocol, secure communication channels, diversity, redundancy, vulnerability-tolerance}, } @TechReport{Pardal_SafeCloud_D1_1, author = {Miguel Pardal and Miguel Correia and Sree Harsha Totakura and Georg Carle and Karan Balu and Andr\'{e} Joaquim and Diogo Raposo}, institution = {SafeCloud Project}, title = {SafeCloud Deliverable 1.1: Private communication middleware architecture}, year = {2016}, month = feb, note = {Horizon 2020 DS-2014-1 653884}, } @TechReport{Pardal_SafeCloud_D1_2, author = {Miguel Pardal and Miguel Correia and Andr\'{e} Joaquim and Karan Balu and Diogo Raposo and Lu\'{i}s Rodrigues and David R. Matos and Sree Harsha Totakura and Heiko Niedermayer}, institution = {SafeCloud Project}, title = {SafeCloud Deliverable 1.2: First version of the private communication middleware components}, year = {2017}, month = feb, note = {Horizon 2020 DS-2014-1 653884}, } @InProceedings{Matos_2017_Middleware_Rectify, author = {David R. Matos and Miguel L. Pardal and Miguel Correia}, booktitle = {18th International Middleware Conference}, title = {Rectify: Black-Box Intrusion Recovery in PaaS Clouds}, year = {2017}, month = dec, publisher = {ACM}, series = {Middleware '17}, abstract = {Web applications hosted on the cloud are exposed to cyberattacks and can be compromised by HTTP requests that exploit vulnerabilities. Platform as a Service (PaaS) offerings often provide a backup service that allows restoring application state after a serious attack, but all valid state changes since the last backup are lost. We propose Rectify, a new approach to recover from intrusions on applications running in a PaaS. Rectify is a service designed to be deployed alongside the application in a PaaS container. It does not require modifcations to the software and the recovery can be performed by a system administrator. Machine learning techniques are used to associate the requests received by the application to the statements issued to the database. Rectify was evaluated using three widely used web applications – Wordpress, LimeSurvey and MediaWiki – and the results show that the effects of malicious requests can be removed whilst preserving the valid application data.}, keywords = {PaaS, Rollback, Recovery, Intrusion Removal}, } @InProceedings{Matos_2018_Middleware_RockFS, author = {David R. Matos and Miguel L. Pardal and Georg Carle and Miguel Correia}, booktitle = {19th International Middleware Conference}, title = {RockFS: Cloud-backed File System Resilience to Client-Side Attacks}, year = {2018}, month = dec, publisher = {ACM}, series = {Middleware '18}, abstract = {Cloud-backed file systems provide on-demand, high-availability, scalable storage. Their security may be improved with techniques such as erasure codes and secret sharing to fragment files and encryption keys in several clouds. Attacking the server-side of such systems involves penetrating one or more clouds, which can be extremely difficult. Despite all these benefits, a weak side remains: the client-side. The client devices store user credentials that, if stolen or compromised, may lead to confidentiality, integrity, and availability violations. In this paper we propose RockFS, a cloud-backed file system framework that aims to make the client-side of such systems resilient to attacks. RockFS protects data in the client device and allows undoing unintended file modifications.}, keywords = {File Systems, Cloud Computing, Privacy, Intrusion Recovery}, } @InProceedings{Joaquim_2017_OPODIS_VTTLS, author = {Andr{\'e} Joaquim and Miguel L. Pardal and Miguel Correia}, booktitle = {21st International Conference on Principles of Distributed Systems (OPODIS)}, title = {Vulnerability-Tolerant Transport Layer Security}, year = {2017}, editor = {James Aspnes, Alysson Bessani, Pascal Felber, and Jo\~{a}o Leit\~{a}o}, month = dec, publisher = {LIPICS}, abstract = {SSL/TLS communication channels play a very important role in Internet security, including cloud computing and server infrastructures. There are often concerns about the strength of the encryption mechanisms used in TLS channels. Vulnerabilities can lead to some of the cipher suites once thought to be secure to become insecure and no longer recommended for use or in urgent need of a software update. However, the deprecation/update process is very slow and weeks or months can go by before most web servers and clients are protected, and some servers and clients may never be updated. In the meantime, the communications are at risk of being intercepted and tampered by attackers. In this paper we propose an alternative to TLS to mitigate the problem of secure communication channels being susceptible to attacks due to unexpected vulnerabilities in its mechanisms. Our solution, called Vulnerability-Tolerant Transport Layer Security (vtTLS), is based on diversity and redundancy of cryptographic mechanisms and certificates to ensure a secure communication even when one or more mechanisms are vulnerable. Our solution relies on a combination of k cipher suites which ensure that even if k − 1 cipher suites are insecure or vulnerable, the remaining cipher suite keeps the communication channel secure. The performance and cost of vtTLS were evaluated and compared with OpenSSL, one of the most widely used implementations of TLS.}, keywords = {Secure communication channels; Transport layer security; SSL/TLS; Diversity; Redundancy; Vulnerability tolerance}, } @TechReport{Pardal_SafeCloud_D1_3, author = {Miguel Pardal and Miguel Correia and Andr\'{e} Joaquim and Karan Balu and Diogo Raposo and Isabel Costa and Ricardo Moura and Sree Harsha Totakura and Heiko Niedermayer}, institution = {SafeCloud Project}, title = {SafeCloud Deliverable 1.3: Final version of the private communication middleware components}, year = {2018}, month = feb, note = {Horizon 2020 DS-2014-1 653884}, } @InProceedings{NET-2018-03-1_07, author = {Sergey Podanev and Miguel L. Pardal}, booktitle = {Proceedings of the Seminars Future Internet ({FI}) and Innovative Internet Technologies and Mobile Communication ({IITM}), Winter Semester 2017/2018}, title = {WeSee: dynamic visualization of Web Service use}, year = {2018}, address = {Munich, Germany}, editor = {Carle, Georg and Raumer, Daniel}, month = mar, pages = {45--52}, publisher = {Chair of Network Architectures and Services, Department of Computer Science, Technische Universit{\"a}t M{\"u}nchen}, series = {Network Architectures and Services ({NET})}, volume = {NET-2018-03-1}, doi = {10.2313/NET-2018-03-1_07}, file = {NET-2018-03-1_07.pdf:https\://www.net.in.tum.de/fileadmin/TUM/NET/NET-2018-03-1/NET-2018-03-1_07.pdf:PDF}, month_numeric = {3}, } @InProceedings{Matos_Pardal_EuroSysWP2DS_SecuringEHealth, author = {David R. Matos and Miguel L. Pardal and Pedro Ad\~{a}o and António Rito Silva and Miguel Correia}, booktitle = {EuroSys, Workshop on Privacy by Design in Distributed Systems}, title = {Securing Electronic Health Records in the Cloud}, year = {2018}, month = apr, abstract = {Health care institutions gather and store sensitive information from patients with the goal of providing the best care. The medical history of a patient is essential to guarantee that the right diagnosis is achieved and help the clinical staff act in the shortest time possible. This information is highly sensitive and must be kept private for the responsible staff only. At the same time, the medical records should be accessible by any health care institution to ensure that a patient can be attended anywhere. To guarantee data availability, health care institutions rely on data repositories accessible through the internet. This exposes a threat since patient data can be accessed by unauthorized personnel. It is also extremely diffcult to manage access to data using standard access control mechanisms due to the vast amount of users, groups and patients and the constant adjustment in privileges that must be done to maintain confidentiality. This paper proposes a solution to the difficulty that is managing user access control to a complex universe of user data and guarantee confidentiality while using cloud computing services to store medical records.}, keywords = {Privacy, Confidentiality, E-Health, Security Architecture, Information Flow, Isolation, Client Platform Security}, } @InProceedings{Camacho_Pardal_WSmartFarming, author = {José Camacho and Alberto Cunha and Miguel L. Pardal}, booktitle = {Cyber-Physical Systems Week, Smart Farming Workshop}, title = {IoT Middleware for Precision Agriculture: Workforce Monitoring in Olive Fields}, year = {2018}, month = apr, abstract = {Precision Agriculture systems allow farmers to have a deeper, more detailed knowledge about the agricultural field, and helps them make better management decisions. However, the existing solutions rely upon significant investment in new equipment and changes in field layouts making it impractical to farms with less mechanized methods. In this paper we propose an Agricultural Workforce Monitoring system to enrich data on production models. Our approach uses a conventional smartphone embedded with sensors to monitor workers’ locations and movements that allow for activity inference. The solution uses GPS and Dead Reckoning to capture worker’s locations in the agricultural field, and Machine Learning to classify the agricultural worker activities throughout their working day. The developed system was implemented and evaluated in actual olive fields.}, keywords = {Precision Agriculture, Sensor Integration, Location, GPS, Dead Reckoning, Internet of Things}, } @InProceedings{Gomes_Pardal_ANT_CloudVsFog, author = {Marcus Gomes and Miguel L. Pardal}, booktitle = {9th International Conference on Ambient Systems, Networks and Technologies (ANT)}, title = {Cloud vs Fog: assessment of alternative deployments for a latency-sensitive IoT application}, year = {2018}, month = may, abstract = {Companies produce data in large volumes and in multiple varieties. This trend is intensifying with the deployment of Internet of Things (IoT) devices. Companies need to process data more efficiently and at the edge of the network if they are to remain capable of making timely business decisions based on data. Apache Hadoop and Hive are two widely used data processing systems. However, they rely on complex software stacks that cannot run in a typical IoT gateway device, i.e., a computer with low hardware specifications. An approach to solve this problem is to replace the software with a leaner system with the same functionality. This approach is the value proposition of Unicage, a data processing system based on Unix shell scripting, that promises better performance by using the operating system directly for execution and inter-process communication. In this paper, we benchmark data processing systems with workloads that compare Unicage with Hadoop and with Hive. The results show that the complexity of the software stack is indeed a significant bottleneck in data processing}, keywords = {Internet of Things, Data Processing, Benchmarking, Software Stacks, Performance Measurement}, } @InProceedings{Moreira_Pardal_ANT_LeanBench, author = {João M. P. Moreira and Helena Galhardas and Miguel L. Pardal}, booktitle = {9th International Conference on Ambient Systems, Networks and Technologies (ANT)}, title = {LeanBench: comparing software stacks for batch and query processing of IoT data}, year = {2018}, month = may, abstract = {Internet of Things (IoT) smart places are systems composed of sensors, actuators and computing infrastructure that acquires data about the surrounding environment and uses that data to improve the user experience of the smart place. For instance, RFID readers can detect a tag approaching and, after the event is processed in a dedicated server, open a door automatically. Many IoT applications are latency-sensitive because actions need to be done in a timely manner. To meet this requirement these applications are usually provisioned close to the physical place, which represents an infrastructure burden because it is not always practical to deploy a physical server at a location. Utility computing in the Cloud can solve this issue but the latency requirements must be carefully assessed. Fog computing is a concept that brings the cloud close to devices at the edge of the network, aiming to provide low latency communication for applications and services. The present work implemented a provisioning mechanism to deploy a “smart warehouse” IoT application according in utility computing platforms: Cloud and Fog. We compared the event latency performance of both approaches and the results show that a fog deployment is more adequate for the considered IoT application.}, keywords = {Utility computing, Cloud computing, Fog computing, Provisioning, Internet of Things, RFID}, } @InProceedings{Apolinario_Pardal_2018_TrustCom, author = {Filipe Apolinário and Miguel L. Pardal and Miguel Correia}, booktitle = {The 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (IEEE TrustCom-18)}, title = {S-Audit: Efficient Data Integrity Verification for Cloud Storage}, year = {2018}, month = jul, abstract = {Commercial cloud storage services are being widely adopted. The most common integrity verification methods for data stored remotely are based on cryptographic hashes and digital signatures. These allow checking that the data has not been tampered while stored in the cloud. However, both require downloading all the data before doing the verification, with significant time and monetary costs. This paper presents S-Audit, a service that provides integrity verification of data stored in commercial clouds. S-Audit uses homomorphic authentication with digital signatures to avoid retrieving the protected data from the cloud. The service was integrated with a cloud-backed file system called SCFS to show how it can be used in practice. Our experimental evaluation shows that using \textsc{S-Audit} is 7.1\% cheaper than using RSA signatures when the integrity of the data is verified monthly, and 34.9\% when verified weekly, in a typical setting.}, keywords = {Security, Integrity, Digital Signatures, Homomorphic Authentication}, } @InProceedings{Calado_2018_NCA, author = {Diogo Calado and Miguel L. Pardal}, booktitle = {17th IEEE International Symposium on Network Computing and Applications (NCA)}, title = {Tamper-proof incentive scheme for mobile crowdsensing systems}, year = {2018}, month = nov, } @InProceedings{Ferreira_2018_NCA, author = {João Ferreira and Miguel L. Pardal}, booktitle = {17th IEEE International Symposium on Network Computing and Applications (NCA)}, title = {Witness-based location proofs for mobile devices}, year = {2018}, month = nov, } @InProceedings{Santos_2019_INForum_STOP, author = {Henrique F. Santos and Miguel L. Pardal}, booktitle = {INForum}, title = {{Operation STOP: itinerary verification for smart vehicle inspections}}, year = {2019}, address = {Guimar\~{a}es, Portugal}, month = sep, } @InProceedings{Amaral_2019_INForum_FaultSee, author = {Miguel Amaral and Miguel L. Pardal and Miguel Matos}, booktitle = {INForum}, title = {{FaultSee: Avalia\c{c}\~{a}o Reproduz\'{i}vel de Sistemas Distribu\'{i}dos Sujeitos a Faltas}}, year = {2019}, address = {Guimar\~{a}es, Portugal}, month = sep, } @InProceedings{Wang_2019_INForum_SPYKE, author = {Sheng Wang and Rui Claro and Miguel L. Pardal}, booktitle = {INForum}, title = {{SPYKE: Security ProxY with Knowledge-based intrusion prEvention}}, year = {2019}, address = {Guimar\~{a}es, Portugal}, month = sep, } @InProceedings{Maia_2019_INForum_CROSS, author = {Gabriel A. Maia and Miguel L. Pardal}, booktitle = {INForum}, title = {{CROSS: loCation pROof techniqueS for consumer mobile applicationS}}, year = {2019}, address = {Guimar\~{a}es, Portugal}, month = sep, } @InProceedings{Carmo_2019_INForum_NWatch, author = {Pedro E. Carmo and Miguel L. Pardal}, booktitle = {INForum}, title = {{IoT Neighborhood Watch: device monitoring for anomaly detection}}, year = {2019}, address = {Guimar\~{a}es, Portugal}, month = sep, } @Article{Martins_2020_Proelium, author = {Tolentino Martins and Miguel Pardal and Jos{\'e} Borges}, journal = {Proelium - Revista Científica da Academia Militar}, title = {{Gestão de vulnerabilidade e risco no suporte à decisão}}, year = {2020}, month = {January}, note = {Series VIII}, volume = {4}, abstract = {An integrated approach to support decisions in the information security scope requires timely processing of available information. The proactive monitoring and management of vulnerabilities and risk affecting corporate assets, and consequently risk management associated to those assets, needs a model allowing decision makers to own, acquire and manage, conspicuous information, providing them with capabilities to adequately support management decisions. In this work, a model is proposed that allows vulnerability, risk, business impact metrics, and indicators related with corporate risk objectives, through information acquisition, evaluation and modelling. Additionally, that information is complemented with results produced through data mining models, that are also supplied to decision makers. The model provides basic vectors to support the construction of a proactive, conspicuous, graphical and integrated dashboard providing decision makers with an agile and effective decision process able to deal with the challenges of information security environment.}, editor = {David Pascoal Rosado}, keywords = {Information Security, Vulnerabilities, Risk Management, Business Impact Analysis, Decision Support, Neural Networks, Data Mining}, publisher = {Academia Militar (Portugal)}, } @TechReport{Bras_2020_TR_BibTrek, author = {José Brás and Miguel L. Pardal}, institution = {INESC-ID, Instituto Superior T\'{e}cnico, University of Lisbon}, title = {{BibTrek: A Graph Visualization Tool for Cybersecurity Research Publications}}, year = {2020}, month = {January}, abstract = {With the advent of more elaborate cyberattacks, security researchers and operators are having difficulty in keeping up with the lasted research results. In many occasions, it is not trivial to discover the most important paper regarding one topic. The technical information is usually present in scientific research publications and most of the knowledge present in them relies on the work of several other publications, which they reference. To assist in this research and study endeavor, we propose BibTrek, a tool that can query bibliographic APIs and store data in a graph than can be visualized. With BibTrek we make use of several computer science webbased libraries to acquire information from multiple sources and display them into a graph database to better relate the references between publications, but also authors and other relevant information. We present the implementation of a prototype that reads data from DBLP and stores the results in the Neo4J database. The code is available on GitHub.}, } @InProceedings{Apolinario_2022_SAC_FingerCI, author = {Filipe Apolinário and Nelson Escravana and Éric Hervé and Miguel L. Pardal and Miguel Correia}, booktitle = {The 37th ACM/SIGAPP Symposium On Applied Computing}, title = {{FingerCI: Generating Specifications for Critical Infrastructures}}, year = {2022}, address = {Brno, Czech Republic}, month = apr, abstract = {Cyber-physical attacks on critical infrastructures (CI) or industrial control systems (ICS) can compromise the integrity and operability of physical systems, potentially damaging critical facilities. Specificationbased Intrusion Detection Systems (IDSs) can detect those attacks but often require an accurate specification of the monitored ICS, which is often a deterrent to their usage. This paper presents FingerCI, a solution to automatically generate a model of an ICS, which we name a fingerprint, based on network traffic inspection, business process discovery, and physical behaviour analysis. An airport baggage handling system testbed shows that the fingerprints can be used to configure specification-based IDS with high accuracy results, reducing the amount of effort required to use that detection approach.}, } @InProceedings{Amaral_2020_EDCC_FaultSee, author = {Miguel Amaral and Miguel L. Pardal and Hugues Mercier and Miguel Matos}, booktitle = {The 16th European Dependable Computing Conference (EDCC)}, title = {{FaultSee: Reproducible Fault Injection in Distributed Systems}}, year = {2020}, address = {Munich, Germany}, month = sep, abstract = {Distributed systems are increasingly important in modern society, often operating on a global scale with stringent dependability requirements. Despite the vast amount of research and the development of techniques to build dependable systems, faults are inevitable as one can witness from regular failures of major providers of IT services. It is therefore fundamental to evaluate distributed systems under different fault patterns and adversarial conditions to assess their high-level behaviour and minimize the occurrence of failures. However, succinctly capturing the system configuration, environment, fault patterns and other variables affecting an experiment is very hard, leading to a reproducibility crisis. In this paper we propose the FaultSee toolkit. The two components of FaultSee are (1) the simple and descriptive FDSL language that captures the system, environment, workload and fault pattern characteristics; and (2) an easy-to-use platform to deploy and run the experiments described by the language. FAULTSEE allows to precisely describe and reproduce experiments and leads to a better assessment the impact of faults in distributed systems. We showcase the key features of FAULTSEE by studying the impact of faults with real deployments of Apache Cassandra and BFT-Smart.}, keywords = {dependability, fault-injection, systems evaluation, reproducibility, distributed systems}, } @InProceedings{Moura_2020_IFIP-SEC_MultiTLS, author = {Ricardo Moura and David R. Matos and Miguel L. Pardal and Miguel Correia}, booktitle = {The 35th International Conference on ICT Systems Security and Privacy Protection (IFIP SEC)}, title = {{MultiTLS: Secure communication channels with cipher suite diversity}}, year = {2020}, address = {Maribor, Slovenia}, month = sep, abstract = {TLS ensures confidentiality, integrity, and authenticity of communications. However, design, implementation, and cryptographic vulnerabilities can make TLS communication channels insecure. We need mechanisms that allow the channels to be kept secure even when a new vulnerability is discovered. We present MultiTLS, a middleware based on diversity and tunneling mechanisms that allows keeping communication channels secure even when new vulnerabilities are discovered. MultiTLS creates a secure communication channel through the encapsulation of k TLS channels, where each one uses a different cipher suite. We evaluated the performance of MultiTLS and concluded that it has the advantage of being easy to use and maintain since it does not modify any of its dependencies.}, keywords = {Secure communication channels, SSL/TLS, Security, Vulnerability-tolerance, Diversity for security, Tunneling}, } @InProceedings{Santos_2020_AdHocNow_STOP, author = {Henrique F. Santos and Rui L. Claro and Leonardo S. Rocha and Miguel L. Pardal}, booktitle = {The 19th International Conference on Ad Hoc Networks and Wireless (AdHoc-Now)}, title = {{STOP: a location spoofing resistant vehicle inspection system}}, year = {2020}, address = {Bari, Italy}, month = oct, abstract = {An effort is being made by authorities worldwide to improve the safety of the transportation of goods while preserving efficiency. Vehicle inspections are important for safety but not very frequent. When they do happen, vehicles are selected on the roadside and authorities spend a long time retrieving the relevant information while the vehicle is stopped. In this paper, we present and evaluate STOP, a road transportation vehicle inspection support system with tamper-proof records to prevent location spoofing attacks. To the best of our knowledge, it is the first such system described in literature. The STOP system uses mobile devices and a central server to allow authorities to select and notify vehicles for inspection while retrieving the needed information to prepare the procedure beforehand. The location chain for each vehicle can be verified and signed by the inspectors. We implemented a prototype in the Android platform and tested it with real users. We evaluated the system’s location retrieval accuracy, response times, and Bluetooth communication during inspection.}, keywords = {Smart Mobility, Transportation, Mobile Applications, Location Spoofing Prevention, Location Proofs}, } @InProceedings{Maia_2020_AdHocNow_CROSSCity, author = {Gabriel A. Maia and Rui L. Claro and Miguel L. Pardal}, booktitle = {The 19th International Conference on Ad Hoc Networks and Wireless (AdHoc-Now)}, title = {{CROSS City: Wi-Fi Location Proofs for Smart Tourism}}, year = {2020}, address = {Bari, Italy}, month = oct, abstract = {The ubiquitousness of smartphones, wearables and other mobile devices, coupled with the increasing number of communications infrastructure present in smart cities, has led to the rise of location-based services. Many of these services do not verify the location information they consume and are vulnerable to spoofing attacks. Location proof systems aim to solve this by allowing devices to interact with locationspecific resources and later prove that they were at the location. In this paper we describe and evaluate CROSS, a system that performs location verification using techniques compatible with off-the-shelf Android smartphones. We present three strategies to produce location proofs with increasing tamper-resistance. We designed our system with user privacy and security in mind, minimizing the number of connections between devices. We implemented a prototype application to assess the feasibility and reliability of the proof strategies. The application allows rewarding users who complete a touristic route with proofs of visit collected along the way. Our evaluation, which included experiments with 30 users, showed that we can use the system in real-world scenarios, providing adequate security guarantees for the use case.}, keywords = {Location Spoofing Prevention, Location Proof, Context Awareness, Security, Internet of Things}, } @InProceedings{Martins_2020_NCA, author = {MFilipe Martins and David R. Matos and Miguel L. Pardal and Miguel Correia}, booktitle = {19th IEEE International Symposium on Network Computing and Applications (NCA)}, title = {{Recoverable Token: Recovering from Intrusions against Digital Assets in Ethereum}}, year = {2020}, month = nov, abstract = {Blockchain systems allow storing digital assets in a tamper-proof, consensus-based, append-only ledger in a decentralized fashion, where no single party has full control. A blockchain is an immutable, append-only, log of transactions. Unfortunately, in some cases there is the need to undo transactions that result from intrusions, e.g., when the private keys of a wallet are stolen, when one of the transaction participants does not comply with what was agreed upon, or when smart contract vulnerabilities are exploited by attackers. There are also accidental scenarios, e.g., when private keys are lost leaving the associated digital assets inaccessible. Although there have been a few proposals which allow modifications to the blockchain, they break the basic guarantees they are supposed to provide. We propose an approach for wallet owners to recover from attacks against their digital assets and accidental loss, while still assuring fundamental properties of the blockchain technology. We implemented the mechanism for Ethereum / EVM.}, keywords = {Intrusion Recovery, Blockchain, Digital Assets, Tokens, Ethereum}, } @InProceedings{Vaz_2020_Mobiquitous, author = {Diogo Vaz and David R. Matos and Miguel L. Pardal and Miguel Correia}, booktitle = {17th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (MobiQuitous)}, title = {{MIRES: Recovering Mobile Applications based on Backend-as-a-Service from Cyber Attacks}}, year = {2020}, month = dec, abstract = {Many popular mobile applications rely on the Backend-as-a-Service (BaaS) cloud computing model to simplify the development and management of services like data storage, user authentication and notifications. However, vulnerabilities and other issues may lead to malicious operations on the mobile application client-side and malicious requests being sent to the backend, corrupting the state of the application in the cloud. To deal with these attacks after they happen and are successful, it is necessary to remove the immediate effects created by the malicious requests and subsequent effects derived from later requests. In this paper, we present MIRES, an intrusion recovery service for mobile applications based on BaaS. MIRES uses a two-phase recovery process that restores the integrity of the mobile application and minimizes its unavailability. We implemented MIRES in Android and with the Firebase platform and made experiments with 3 mobile applications that showed results of 1000 operations reverted in less than 1 minute and with the mobile application inaccessible only for less than 15 seconds.}, keywords = {Intrusion Recovery, Mobile Computing, Backend-as-a-Service, Cloud}, } @InProceedings{Ferrao_2021_INForum_OffensiveSecurity, author = {José Ferrão and Samih Eisa and Miguel L. Pardal}, booktitle = {INForum}, title = {{Offensive security assessment of a REST API for a location proof system}}, year = {2021}, address = {Lisboa, Portugal}, month = sep, abstract = {Despite the best efforts of designers, a system cannot be said to be truly secure and robust until it has experienced - and thwarted - attacks from skilled and motivated attackers. With that in mind, we performed an offensive security assessment of CROSS, a smart tourism application that uses location proofs. The server is exposed on the public Internet and offers a REST-based API. We performed a vulnerability assessment and penetration testing on the server, using generic attack tools, and from different vantage points in the network, always in the attacker perspective. We present the tools and techniques used to attack the REST API, a detailed presentation of the findings, and the procedures for hardening the server. The security assessment used five different tools and we were able to find a previously unknown vulnerability that allowed unauthorized writes to the database of the target system.}, keywords = {Vulnerability Assessment, Penetration Testing, Offensive Security, Location Proof Systems, REST API Security}, } @InProceedings{Teixeira_2021_INForum_antiDoSte, author = {Pedro Teixeira and Samih Eisa and Miguel L. Pardal}, booktitle = {INForum}, title = {{Denial-of-service test-bed for distributed location proof system}}, year = {2021}, address = {Lisboa, Portugal}, month = {September}, note = {Comunicação}, } @InProceedings{Carvalho_2021_INForum_LCT, author = {Pedro Carvalho and Leonardo Sampaio Rocha and Samih Eisa and Miguel L. Pardal}, booktitle = {INForum}, title = {{Location Certificate Transparency for third-party-verifiable location proofs}}, year = {2021}, address = {Lisboa, Portugal}, month = {September}, note = {Comunicação}, } @InProceedings{Francisco_2021_INForum_POSE, author = {Miguel Francisco and Samih Eisa and Miguel L. Pardal}, booktitle = {INForum}, title = {{POSE: Protocol Buffer-based Security Enhancement for Location Proof System on Constrained Devices}}, year = {2021}, address = {Lisboa, Portugal}, month = {September}, note = {Comunicação}, } @TechReport{Ferreira_2021_HPBD, author = {Miguel Ferreira and André Neves and Rodrigo Gorjão and Carlos Cruz and Miguel L. Pardal}, title = {{Smart meter data processing: a showcase for simple and efficient textual processing}}, year = {2021}, month = {September}, note = {Presented on Workshop on High-Performance and Reliable Big Data (HPBD)}, school = {Instituto Superior Técnico, Unicage Europe}, } @InProceedings{Rosa_2021_VNC_ROAD_Poster, author = {Pedro M. Rosa and Miguel L. Pardal and Gabriel Pestana}, booktitle = {IEEE Vehicular Networking Conference (VNC)}, title = {{The ROAD to resilient location for the Internet of Vehicles}}, year = {2021}, address = {Virtual Event}, month = nov, note = {Poster}, abstract = {The Internet of Vehicles will allow vehicles to exchange much more information, but these interactions will require the enforcement of both safety and security policies. In this poster we adapt a widely used policy framework and propose the ROAD location subsystem to prevent GPS spoofing and other attacks. Our proposal relies on witnessing between vehicles and infrastructure, but also between passengers, bikers, and pedestrians. We argue that such redundancy and diversity will enable resilient location for future road safety.}, } @InProceedings{Francisco_2021_NCA, author = {Miguel Francisco and Samih Eisa and Miguel L. Pardal}, booktitle = {20th IEEE International Symposium on Network Computing and Applications (NCA)}, title = {{Secure protocol buffers for Bluetooth Low-Energy communication with wearable devices}}, year = {2021}, month = nov, abstract = {Wearable devices are further connecting people to the world, extending the reach of smartphones and the Internet. New applications are possible such as activity and location tracking that allows health monitoring and increased access to health services. Bluetooth Low-Energy (BLE) is a pivotal technology for this vision, as it allows power-efficient network connections to smartphones and to service infrastructure. However, there are design flaws and implementation vulnerabilities in BLE that affect the most widely used chipsets and operating systems. In this paper, we present POSE, an end-to-end security layer, that can mitigate attacks on BLE pairing and link-layer communications. POSE uses protocol buffers for efficient message data serialization/deserialization and, on top of them, provides message confidentiality and authenticity, including message freshness. POSE was implemented and its processing time, packet overhead, and CPU usage were evaluated. The results show that POSE is an efficient solution for secure communication with wearables and other constrained devices, especially when they already use protocol buffers.}, keywords = {Internet of Things, Bluetooth Low-Energy, Security, Privacy, Protocol Buffers}, } @Article{Matos_2021_TDSC, author = {Matos, David and Pardal, Miguel and Correia, Miguel}, journal = {IEEE Transactions on Dependable and Secure Computing}, title = {{Sanare: Pluggable Intrusion Recovery for Web Applications}}, year = {2021}, issn = {1941-0018}, pages = {1-1}, abstract = {Web applications are exposed to many threats and, despite the best defensive efforts, are often successfully attacked. Reverting the effects of an attack on the state requires a profound knowledge about the application, to understand what data did the attack corrupt. Furthermore, it requires knowing what steps are needed to revert the effects without modifying legitimate data created by legitimate users. Existing intrusion recovery systems are capable of reverting the effects of the attack but they require modifications to the source code of the application, which may be unpractical. We present Sanare, a pluggable intrusion recovery system designed for web applications that use different data repositories to keep their state. Sanare does not require modification to the source code of the application or the server. Instead, it uses a new deep learning scheme that we also introduce in the paper, Matchare, that learns the matches between the HTTP requests and the database statements, file system operations, and web service requests that the HTTP requests caused. We evaluated Sanare with three open source web applications: WordPress, GitLab and ownCloud. In our experiments, Matchare achieved precision and recall higher than 97.5% with a performance overhead of less than 18% to the application.}, doi = {10.1109/TDSC.2021.3139472}, } @InProceedings{Miranda_2020_SAC_Sensmart, author = {Ricardo Miranda and Miguel L. Pardal and António Grilo}, booktitle = {The 35th ACM/SIGAPP Symposium On Applied Computing}, title = {{Sensmart: Sensor Data Market for the Internet of Things}}, year = {2020}, address = {Brno, Czech Republic}, month = mar, abstract = {Currently, there are millions of sensors connected to the Internet. These sensors gather various types of data, from temperature, humidity, sound and image, to location or biometrics, to name a few. These kinds of data can be very relevant for scientific or business purposes. However, there is no online platform or marketplace where it can be easily exchanged. In this work we design and implement Sensmart, a solution through which it is possible to purchase and sell sensor data. Suppliers share their devices or data and consumers can buy data or acquire control of a device over a period of time. Sensmart goes beyond data exchange, and provides the ability to control a sensing device, for example, a customer can position a camera or move a robot. The platform was tested and evaluated through use cases and the implemented solution allows customers to share sensor devices and the data in an effective way.}, } @InProceedings{Tiago_2022_SAC_SureSpace, author = {Jo\~{a}o Tiago and Samih Eisa and Miguel L. Pardal}, title = {{SureSpace: Orchestrating Beacons and Witnesses to Certify Device Location}}, year = {2022}, month = {April}, isbn = {9781450387132}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3477314.3508382}, doi = {10.1145/3477314.3508382}, abstract = {Location-aware mobile applications are increasingly popular and useful. However, as more services rely on location, there are concerns that users may misreport their location to gain undue advantages. One way to prevent such location spoofing is to rely on location certification systems. For example, SureThing uses Wi-Fi or Bluetooth beacons and ad-hoc witnesses to allow a user to make proof of location at a specific time and place. This approach can be extended to smart spaces, such as smart buildings, managed by platforms like DS2OS. In this work, we present SureSpace, a new system that combines location certification with smart space management, to verify the location of users in rooms inside smart buildings. The new system relies on a prover mobile device and on existing infrastructure in the room to act as signal beacons and witnesses. The system is evaluated and shown to be effective using light and audio signals to achieve security by diversity and thwart location spoofing attacks.}, booktitle = {Proceedings of the 37th ACM/SIGAPP Symposium on Applied Computing}, pages = {164–173}, numpages = {10}, keywords = {internet of things, location certification systems, signal processing, smart space orchestration}, location = {Virtual Event}, series = {SAC '22} } @InProceedings{Antunes_2022_FUZZ-IEEE_Compress-NLP-Models, author = {Jo\~{a}o Antunes and Miguel L. Pardal and Luisa Coheur}, booktitle = {IEEE International Conference on Fuzzy Systems (FUZZ-IEEE)}, title = {{A Study on the Best Way to Compress Natural Language Processing Models}}, year = {2022}, month = {July}, pages = {1-8}, abstract = {Current research in Natural Language Processing shows a growing number of models extensively trained with large computational budgets. However, these models present computationally demanding requirements, preventing them from being deployed in devices with strict resource and response latency limitations. In this paper, we apply state-of-the-art model compression techniques to create compact versions of several of these models. In order to evaluate whether the trade-off between model performance and budget is worthwhile, we evaluate them in terms of efficiency, model simplicity and environmental foot-print. We also present a brief comparison between uncompressed and compressed models when running in low-end hardware.}, doi = {10.1109/FUZZ-IEEE55066.2022.9882595}, issn = {1558-4739}, } @Misc{Claro_2022_arXiv_LXspots, author = {Rui Claro and Samih Eisa and Miguel L. Pardal}, title = {{Lisbon Hotspots: Wi-Fi access point dataset for time-bound location proofs}}, year = {2022}, copyright = {Creative Commons Attribution Share Alike 4.0 International}, doi = {10.48550/ARXIV.2208.04741}, keywords = {Computers and Society (cs.CY), FOS: Computer and information sciences, E.1}, publisher = {arXiv}, url = {https://arxiv.org/abs/2208.04741}, abstract = {Wi-Fi hotspots are a valuable resource for people on the go, especially tourists, as they provide a means to connect personal devices to the Internet. This extra connectivity can be helpful in many situations, e.g., to enable map and chat applications to operate outdoors when cellular connectivity is unavailable or is expensive. Retail stores and many public services have recognized that hotspots have potential to attract and retain customers, so many of them offer free and open Wi-Fi. In busy cities, with many locals and visitors, the number of hotspots is very significant. Some of these hotspots are available for long periods of time, while others are short-lived. When we have many users with devices collecting hotspot observations, they can be used to detect the location - using the long-lived hotspots - and to prove the time when the location was visited - using the short-lived hotspots observed by others users at the location. In this article, we present a dataset of collected Wi-Fi data from the most important tourist locations in the city of Lisbon, Portugal, over a period of months, that was used to show the feasibility of using hotspot data for location detection and proof. The obtained data and algorithms were assessed for a specific use case: smart tourism. We also present the data model used to store the observations and the algorithms developed to detect and prove location of a user device at a specific time. The Lisbon Hotspots dataset, LXspots, is made publicly available to the scientific community so that other researchers can also make use of it to develop new and innovative mobile and Internet of Things applications.}, keywords={Wi-Fi Scavenging, Location Proofs, Mobile Applications, Internet of Things, Smart Tourism}, } @Misc{Vaz_2022_arXiv_RB-Learner, author = {Diogo Vaz and David R. Matos and Miguel L. Pardal and Miguel Correia}, title = {{Learning to generate Reliable Broadcast Algorithms}}, year = {2022}, copyright = {arXiv.org perpetual, non-exclusive license}, doi = {10.48550/ARXIV.2208.00525}, keywords = {Distributed, Parallel, and Cluster Computing (cs.DC), Data Structures and Algorithms (cs.DS), Machine Learning (cs.LG), Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences}, publisher = {arXiv}, url = {https://arxiv.org/abs/2208.00525}, abstract = {Modern distributed systems are supported by fault-tolerant algorithms, like Reliable Broadcast and Consensus, that assure the correct operation of the system even when some of the nodes of the system fail. However, the development of distributed algorithms is a manual and complex process, resulting in scientific papers that usually present a single algorithm or variations of existing ones. To automate the process of developing such algorithms, this work presents an intelligent agent that uses Reinforcement Learning to generate correct and efficient fault-tolerant distributed algorithms. We show that our approach is able to generate correct fault-tolerant Reliable Broadcast algorithms with the same performance of others available in the literature, in only 12,000 learning episodes.}, keywords={Fault-Tolerant Distributed Algorithms, Reliable Broadcast, Automatic Code Generation, Reinforcement Learning}, } @Article{Vaz_2022_IEEE-TCC_MIRES, author = {Diogo Vaz and David R. Matos and Miguel L. Pardal and Miguel Correia}, journal = {IEEE Transactions on Cloud Computing}, title = {{MIRES: Intrusion Recovery for Applications based on Backend-as-a-Service}}, year = {2022}, issn = {2168-7161}, pages = {1-1}, abstract = {The Backend-as-a-Service (BaaS) cloud computing model supports many modern popular mobile applications because it simplifies the development and management of services such as data storage, user authentication, and notifications. However, vulnerabilities and other issues may allow malicious actions on the client side to have impact on the backend, i.e., to corrupt the state of the application in the cloud. To deal with these attacks - after they occur and are successful - it is necessary to remove the direct effects of malicious requests and the effects derived from later operations on corrupted data. We introduce MIRES, the first intrusion recovery service for mobile applications based on the BaaS model. MIRES uses a two-stage recovery process that restores the integrity of the mobile application and minimizes its unavailability. MIRES provides multi-service recovery for applications that use more than one data store. We implemented MIRES for Android and for the Firebase cloud-based BaaS platform. We did experiments on 4 mobile applications which showed that MIRES can revert hundreds to thousands of operations in seconds, with an associated unavailability of the application also in the range of seconds.}, doi = {10.1109/TCC.2022.3178982}, } @InProceedings{Figueiredo_2022_NCA_SureRepute, author = {Rafael Figueiredo and Samih Eisa and Miguel L. Pardal}, booktitle = {21st IEEE International Symposium on Network Computing and Applications (NCA)}, title = {{SureRepute: Reputation System for Crowdsourced Location Witnesses}}, year = {2022}, month = dec, abstract = {Location is an important attribute for many mobile applications but it needs to be verified. For example, a user of a tourism application that gives out rewards can falsify his location to pretend that he has visited many attractions and thus receive benefits without deserving them. To counter these attacks, the system asks users to prove their location through witnesses, i.e., other devices that happen to be at the location at the same time and that can be partially trusted. However, for this approach to be effective, it is important to keep track of the witness behavior over time. Many crowdsourcing applications, like Waze, build up reputations for their users, and rely on user co-location and redundant inputs for data verification. In this work, we present SureRepute, a reputation system capable of withstanding reputation attacks while still maintaining user privacy. The results show that the system is able to protect itself and its configuration is flexible, allowing different trade-offs between security and usability, as required in realworld applications. The experiments show how the reputation system can be easily integrated into existing applications without producing a significant overhead in response times.}, keywords = {Reputation System, Location Certification Systems, Privacy, Reputation Attacks, Defense Against Reputation Attacks, Reputation Score}, } @InProceedings{Vicente_2022_NCA_LoCaaS, author = {Lucas H. Vicente and Samih Eisa and Miguel L. Pardal}, booktitle = {21st IEEE International Symposium on Network Computing and Applications (NCA)}, title = {{LoCaaS: Location-Certification-as-a-Service}}, year = {2022}, month = dec, abstract = {Millions of tourists each year use smartphone applications to discover points of interest. Despite relying heavily on location sensing, most of them are susceptible to location spoofing, but not all. CROSS City is a smart tourism application that rewards users for completing tourist itineraries and uses location certificates to prevent attacks. In this case, the location verification relies on the periodic collection of public Wi-Fi network observations by multiple users to make sure the travelers actually went to the points of interest. In this paper, we introduce the Location-Certification-as-a-Service (LoCaaS) approach, supported by a cloud-native and improved location certification system, capable of producing and validating time-bound location proofs using network data collected by tourists’ mobile devices. We show that the system can efficiently compute the stable and transient networks for a given location that are used, respectively, to validate the location of a tourist and to prove the time-of-visit. The system was deployed to the Google Cloud Platform and was validated with performance experiments and a real-world deployment.}, keywords = {Location Spoofing, Location Certificate, Security, Cloud Computing}, } @InProceedings{Grade_2022_NCA_P2P-Witnessing, author = {Ricardo Grade and Samih Eisa and Miguel L. Pardal}, booktitle = {21st IEEE International Symposium on Network Computing and Applications (NCA)}, title = {{Bluetooth Peer-to-Peer Location Certification with a Gamified Mobile Application}}, year = {2022}, month = dec, abstract = {Nowadays, tourists turn to digital platforms to discover new places to explore. CROSS City is a smart tourism mobile application that enhances the user experience of tourists visiting points of interest in a route by rewarding them in the end, if they actually visited all locations. From a technical standpoint, the user location is certified resorting to strategies that take advantage of both the diversity of the existing Wi-Fi network infrastructure throughout the city, as well as the presence of other users at the same site using Bluetooth. This work developed a new, peer-to-peer location certification strategy and added gamification elements to encourage users to keep the wireless radios turned on and use the app more. This work was evaluated both in laboratory experiments and with users in a real-world scenario which demonstrated that the new Bluetooth peer-based strategy is both feasible and resistant to collusion attacks.}, keywords = {Location Certification, Location Spoofing Prevention, Peer-to-Peer Communication, Bluetooth, Internet of Things, Gamification, User Experience}, } @misc{Ferreira_2022_arXiv_SmartMeters, title={Smart meter data processing: a showcase for simple and efficient textual processing}, author={Miguel Ferreira and André Neves and Rodrigo Gorjão and Carlos Cruz and Miguel L. Pardal}, year={2022}, eprint={2212.13656}, archivePrefix={arXiv}, primaryClass={cs.DC}, url={https://arxiv.org/abs/2212.13656}, abstract={The increase in the production and collection of data from devices is an ongoing trend due to the roll-out of more cyber-physical applications. Smart meters, because of their importance in power grids, are a class of such devices whose produced data requires meticulous processing. In this paper, we use Unicage, a data processing system based on classic Unix shell scripting, that delivers excellent performance in a simple package. We use this methodology to process smart meter data in XML format, subjected to the constraints posed by a real use case. We develop a solution that parses, validates and performs a simple aggregation of 27 million XML files in less than 10 minutes. We present a study of the solution as well as the benefits of its adoption.}, keywords={Unicage, Shell scripting, Data Processing, Big Data, Smart Meters}, } @misc{Nascimento_2022_arXiv_SparkVsUnicage, title={Does Big Data Require Complex Systems? A Performance Comparison Between Spark and Unicage Shell Scripts}, author={Duarte M. Nascimento and Miguel Ferreira and Miguel L. Pardal}, year={2022}, eprint={2212.13647}, archivePrefix={arXiv}, primaryClass={cs.DC}, url={https://arxiv.org/abs/2212.13647}, abstract={The paradigm of big data is characterized by the need to collect and process data sets of great volume, arriving at the systems with great velocity, in a variety of formats. Spark is a widely used big data processing system that can be integrated with Hadoop to provide powerful abstractions to developers, such as distributed storage through HDFS and resource management through YARN. When all the required configurations are made, Spark can also provide quality attributes, such as scalability, fault tolerance, and security. However, all of these benefits come at the cost of complexity, with high memory requirements, and additional latency in processing. An alternative approach is to use a lean software stack, like Unicage, that delegates most control back to the developer. In this work we evaluated the performance of big data processing with Spark versus Unicage, in a cluster environment hosted in the IBM Cloud. Two sets of experiments were performed: batch processing of unstructured data sets, and query processing of structured data sets. The input data sets were of significant size, ranging from 64 GB to 8192 GB in volume. The results show that the performance of Unicage scripts is superior to Spark for search workloads like grep and select, but that the abstractions of distributed storage and resource management from the Hadoop stack enable Spark to execute workloads with inter-record dependencies, such as sort and join, with correct outputs.}, keywords={Big Data Systems, Software Stacks, Data Processing, Benchmarking, Cloud Computing}, } @Article{Vaz_2023_Access_GenRB, author={Diogo Vaz and David R. Matos and Miguel L. Pardal and Miguel Correia}, journal={IEEE Access}, title={Synthesis of Fault-Tolerant Reliable Broadcast Algorithms With Reinforcement Learning}, year={2023}, volume={11}, number={}, pages={62394-62408}, abstract={Fault-tolerant algorithms, such as Reliable Broadcast, assure the correct operation of modern distributed systems, even when some of the system nodes fail. However, the development of distributed algorithms is a manual and complex process, where slight changes in requirements can require a complete redesign of the algorithm. To automate the process of developing such algorithms, this work presents a new approach that uses Reinforcement Learning to synthesize correct and efficient fault-tolerant distributed algorithms. This work shows the first application of the approach on the synthesis of fault-tolerant Reliable Broadcast algorithms. The presented technique is capable of synthesizing correct and efficient algorithms with the same performance as others available in the literature as well as a new Byzantine tolerant algorithm, in only 12,000 learning episodes. Based on the success of this implementation, we aim, in the future, to extend this technique to other distributed algorithms such as Consensus.}, keywords={Fault-Tolerant Distributed Algorithms, Reliable Broadcast, Program Synthesis, Reinforcement Learning, Program Verification,Model-Checking}, doi={10.1109/ACCESS.2023.3287405}, ISSN={2169-3536}, month={jun}, } @InProceedings{Maximino_2023_CISTI_DriverMonitoring, author = {Pedro Maximino and Rui S. Cruz and Miguel L. Pardal}, booktitle = {18th Iberian Conference on Information Systems and Technologies (CISTI)}, title = {Smart Healthcare Monitoring System For Healthy Driving in Public Transportation}, year = {2023}, abstract = {In an age where citizens are constantly moving between different places, transport demand is extremely high, and so, it is important to have sophisticated public transportation systems in place to ensure a sustainable development of urban areas and meet the needs of citizens. Public transport operators consequently need to provide reliable services in order to minimize disruption events that can affect the vehicles and their drivers, such asbreakdowns, accidents or illnesses.The project here described focuses on the type of events and approaches related with the vehicle drivers and the identification of both their performance profiles and health condition while in operation. For that purpose, existing non-intrusive technologiespresent on the vehicleare leveraged, able to collect data related to physiological measurements taken in real-time. Such sensitive data will be processed, stored and shared in a secure manner, using blockchain-based technologies, so that only authenticated and authorized partieswill be able to access the data, according to their clearance level, through an Application Programming Interface (API) designed for that purpose. The architecture of the system will be microservices-based, with components deployed at different infrastructure levels—from On Board Units (OBUs) in vehicles up to cloud-based subsystems.}, keywords = {Blockchain, Public Transportation, Security, Reliability, Performance Profile, Microservices}, } @InProceedings{Pollicino_2023_VTC_Miradouros, title={Decentralized position detection for moving vehicles}, author={Francesco Pollicino and Samih Eisa and Pedro Rosa and Miguel L. Pardal and Mirco Marchetti}, booktitle={IEEE 97th Vehicular Technology Conference (VTC2023-Spring)}, pages={}, year={2023}, organization={IEEE}, abstract={Modern cars are equipped with sensors that can detect other moving vehicles and obstacles on the road. However, their range is usually limited to line-of-sight and their accuracy is also limited. To provide information beyond the sensor range, each vehicle broadcasts Basic Safety Messages (BSMs) with its position and speed. For road awareness, it would be best if multiple vehicles could confirm the position (redundancy), using their on-board sensors for verification (diversity), and excluding position and speed errors (plausibility). This paper presents a decentralized solution that uses multiple vantage points to provide more trust in moving vehicle position data. It extends broadcast messages with sensor verification and plausibility filtering. It processes a stream of data from nearby vehicles and for short time periods, to achieve the safety benefits without the privacy risks of long-term data retention. The proposal was evaluated with detailed simulations with different levels of traffic and misbehavior. It provides good detection results with only a limited increase in network and computing resources.}, keywords={Vehicle positioning, Location proof, VANET, V2V, C-ITS, BSM, DSRC, WAVE}, } @InProceedings{Vaz_2023_DSNDisrupt_GenDistrAlgos, author = {Diogo Vaz and David R. Matos and Miguel L. Pardal and Miguel Correia}, booktitle = {53rd IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)}, title = {Automatic Generation of Distributed Algorithms with Generative AI}, year = {2023}, volume = {}, issn = {}, pages = {}, abstract = {Fault-tolerant distributed algorithms such as Reliable Broadcast, Causal Broadcast, Total Order Broadcast, and Consensus, are at the core of many modern distributed systems. However, the development of distributed algorithms by humans is a laborious and complex process. This work presents a novel approach to generating distributed algorithms using Generative Artificial Intelligence that allows for automating the process of generating such algorithms. The paper also summarizes our initial results on using the approach to generate Reliable Broadcast algorithms.}, keywords = {Fault-Tolerant Distributed Algorithms, Reliable Broadcast, Automatic Algorithm Generation, Generative AI, Reinforcement Learning, Automatic Algorithm Validation}, month = {jun}, note = {Disrupt track - Disruptive Ideas and New Interdisciplinary Results.}, } @Article{Moura_2023_COSE_MultiTLS, title = {MultiTLS: using multiple and diverse ciphers for stronger secure channels}, journal = {Computers & Security}, volume = {132}, pages = {103342}, year = {2023}, issn = {0167-4048}, doi = {https://doi.org/10.1016/j.cose.2023.103342}, url = {https://www.sciencedirect.com/science/article/pii/S0167404823002523}, author = {Ricardo Moura and Ricardo Lopes and David R. Matos and Miguel L. Pardal and Miguel Correia}, abstract = {Computer communication is at the foundation of how the modern world works, connecting people and machines over public infrastructure. For this reason, communication is exposed to attacks, either by passive listening, or by active interference in the communication. Security protocols like TLS (Transport Layer Security) play a crucial role in ensuring the confidentiality, integrity, and authenticity of the communication. However, like in all technologies, there may be flaws in the design, implementation, or cryptography of TLS that compromise the security of the communication channel. Remediation of such vulnerabilities takes time, leaving valuable services exposed to potential attacks. In this article, we present MultiTLS, a middleware based on cipher diversity and network tunneling that enables secure communication even when new vulnerabilities are discovered. MultiTLS creates a secure communication tunnel through the encapsulation of k TLS channels, where each one uses a different cipher suite. This approach allows the communication channel to remain protected, even when k-1 cipher suites become vulnerable, because of the remaining cipher suite. The diversity of cipher suites tolerates cryptography faults. We evaluated the implementation of MultiTLS and concluded that it is easy to use and to maintain up-to-date, since it does not require code changes to any of its dependencies. We also evaluated its performance in practical use cases and proved that it is viable an useful for various personal and corporate contexts using Internet communications.}, keywords = {Secure communication channels, Transport layer security, Vulnerability-tolerance, Security through diversity, Tunneling, Virtual private network}, } @Article{Matos_2023_Access_microVerum, author={David R. Matos and Miguel L. Pardal and António Rito Silva and Miguel Correia}, journal={IEEE Access}, title={microVerum: Intrusion Recovery for Microservice Applications}, year={2023}, volume={}, number={}, pages={}, abstract={Microservice architectures allow complex applications to be developed as a collection of loosely coupled components. The heterogeneous architecture of these applications makes the process of recovering from intrusions especially complex, error-prone, and time-consuming. Although there are several recovery mechanisms for monolithic applications, applying such mechanisms in microservices would not work due to the distribution of the components, the different technologies used by each service, and their scale. Moreover, it can be difficult to trace the services affected by an intrusion and which actions to revert. We propose microVerum, a framework for recovering microservices from intrusions that corrupt the application state. Our approach allows recovery of large-scale microservice applications by logging user requests and the operations that are propagated through several microservices. When a system administrator detects a faulty request, microVerum can execute compensating operations in each of the affected microservices. We implemented, evaluated, and made the code of microVerum available. Our experiments show that µVerum is able to revert the effects in an intrusion in one second while the application is running.}, keywords={Microservices, Cloud Computing, Intrusion Recovery}, ISSN={2169-3536}, month={july}, } @InProceedings{Apolinario_2022_CPS4CIP_ComSEC, author = {Filipe Apolinário and Jo\~{a}o Guiomar and Éric Hervé and Sven Hrastnik and Nelson Escravana and Miguel L. Pardal and Miguel Correia}, booktitle = {The 3rd International Workshop on Cyber-Physical Security for Critical Infrastructures Protection (CPS4CIP)}, title = {{ComSEC: Secure communications for baggage handling systems}}, year = {2022}, editor = {Luca Verderame and Enrico Cambiaso and Rita Ugarelli and Isabel Praça}, month = {September}, abstract = {Throughout the years, the number of network attacks targeting industrial control systems (ICS) has increased. A notable example targeting airport infrastructures is false data injection attacks, where attackers try to impersonate parts of the ICS system using spoofing techniques, sending unauthorized commands to hinder the quality of service. This article presents ComSEC, a bump-in-the-wire technology for detecting attacks against integrity and replays. The article also describes the development and deployment on the simulation platform of two ComSEC prototypes for monitoring airport baggage handling systems (BHSs): a virtualized version crafted for monitoring virtual machines; a physical hardware version crafted for monitoring airport physical hardware systems. ComSEC was evaluated on a digital twin BHS, available on the SATIE simulation platform and integrated with the Zagreb airport BHS.}, keywords={integrity verification, critical infrastructures, airport security} } @InProceedings{Saraiva_2024_CPS4CIP_IM-DISCO, author = {Guilherme Saraiva and Filipe Apolinário and Miguel L. Pardal}, booktitle = {The 4th International Workshop on Cyber-Physical Security for Critical Infrastructures Protection (CPS4CIP)}, title = {{IM-DISCO: Invariant Mining for Detecting IntrusionS in Critical Operations}}, year = {2024}, editor = {}, month = {September}, abstract = {In today's interconnected world, robust cybersecurity measures are crucial, especially for Cyber-Physical Systems. While anomaly-based Intrusion Detection Systems can identify abnormal behaviors, interpreting the resulting alarms is challenging. An alternative approach utilizes invariant rules to describe system operations, providing clearer explanations for abnormal behaviors. In this context, invariant rules are conditions that must hold true for a system’s different operational modes. However, defining these rules is time-consuming and costly. This paper presents IM-DISCO, a tool that analyzes operational data to propose inference rules characterizing different modes of system operation. Deviations from these rules indicate anomalies, enabling continuous monitoring with incident detection and response. In our evaluation, focusing on rail transportation, we achieved 99.29% accuracy in detecting and characterizing operational modes using real-world train data. Additionally, we achieved 99.86% accuracy in identifying anomalies during simulated attacks. Notably, our results demonstrate an average detection time of 0.026 ms, enabling swift incident response to prevent catastrophic events.}, keywords={anomaly detection, cyber-physical systems, invariants, intrusion detection systems} } @Comment{jabref-meta: databaseType:bibtex;}