Cookies Policy
We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out More
Close
  • Menu
Interest
Topics
Details

Details

  • Name

    Manuel Eduardo Correia
  • Cluster

    Computer Science
  • Role

    Senior Researcher
  • Since

    01st January 2009
004
Publications

2019

Reputation-Based Security System For Edge Computing

Authors
Nwebonyi, FN; Martins, R; Correia, ME;

Publication
Proceedings of the 13th International Conference on Availability, Reliability and Security, ARES 2018, Hamburg, Germany, August 27-30, 2018

Abstract

2019

Iris: Secure reliable live-streaming with opportunistic mobile edge cloud offloading

Authors
Martins, R; Correia, ME; Antunes, L; Silva, F;

Publication
Future Generation Computer Systems

Abstract
The ever-increasing demand for higher quality live streams is driving the need for better networking infrastructures, specially when disseminating content over highly congested areas, such as stadiums, concerts and museums. Traditional approaches to handle this type of scenario relies on a combination of cellular data, through 4G distributed antenna arrays (DAS), with a high count of WiFi (802.11) access points. This obvious requires a substantial upfront cost for equipment, planning and deployment. Recently, new efforts have been introduced to securely leverage the capabilities of wireless multipath, including WiFi multicast, 4G, and device-to-device communications. In order to solve these issues, we propose an approach that lessens the requirements imposed on the wireless infrastructures while potentially expanding wireless coverage through the crowd-sourcing of mobile devices. In order to achieve this, we propose a novel pervasive approach that combines secure distributed systems, WiFi multicast, erasure coding, source coding and opportunistic offloading that makes use of hyperlocal mobile edge clouds. We empirically show that our solution is able to offer a 11 fold reduction on the infrastructural WiFi bandwidth usage without having to modify any existing software or firmware stacks while ensuring stream integrity, authorization and authentication. © 2019 Elsevier B.V.

2019

Reputation based approach for improved fairness and robustness in P2P protocols

Authors
Nwebonyi, FN; Martins, R; Correia, ME;

Publication
Peer-to-Peer Networking and Applications

Abstract
Peer-to-Peer (P2P) overlay networks have gained popularity due to their robustness, cost advantage, network efficiency and openness. Unfortunately, the same properties that foster their success, also make them prone to several attacks. To mitigate these attacks, several scalable security mechanisms which are based on the concepts of trust and reputation have been proposed. These proposed methods tend to ignore some core practical requirements that are essential to make them more useful in the real world. Some of such requirements include efficient bootstrapping of each newcomer’s reputation, and mitigating seeder(s) exploitation. Additionally, although interaction among participating peers is usually the bases for reputation, the importance given to the frequency of interaction between the peers is often minimized or ignored. This can result in situations where barely known peers end-up having similar trust scores to the well-known and consistently cooperative nodes. After a careful review of the literature, this work proposes a novel and scalable reputation based security mechanism that addresses the aforementioned problems. The new method offers more efficient reputation bootstrapping, mitigation of bandwidth attack and better management of interaction rate, which further leads to improved fairness. To evaluate its performance, the new reputation model has been implemented as an extension of the BitTorrent protocol. Its robustness was tested by exposing it to popular malicious behaviors in a series of extensive PeerSim simulations. Results show that the proposed method is very robust and can efficiently mitigate popular attacks on P2P overlay networks. © 2018, Springer Science+Business Media, LLC, part of Springer Nature.

2019

Privacy preservation and mandate representation in identity management systems

Authors
Shehu, AS; Pinto, A; Correia, ME;

Publication
Iberian Conference on Information Systems and Technologies, CISTI

Abstract
The growth in Internet usage has increased the use of electronic services requiring users to register their identity on each service they subscribe to. This has resulted in the prevalence of redundant users data on different services. To protect and regulate access by users to these services identity management systems (IdMs)are put in place. IdMs uses frameworks and standards e.g SAML, OAuth and Shibboleth to manage digital identities of users for identification and authentication process for a service provider. However, current IdMs have not been able to address privacy issues (unauthorised and fine-grained access)that relate to protecting users identity and private data on web services. Many implementations of these frameworks are only concerned with the identification and authentication process of users but not authorisation. They mostly give full control of users digital identities and data to identity and service providers with less or no users participation. This results in a less privacy enhanced solutions that manage users available data in the electronic space. This article proposes a user-centred mandate representation system that empowers resource owners to take full of their digital data; determine and delegate access rights using their mobile phone. Thereby giving users autonomous powers on their resources to grant access to authenticated entities at their will. Our solution is based on the OpenID Connect framework for authorisation service. To evaluate the proposal, we've compared it with some related works and the privacy requirements yardstick outlined in GDPR regulation [1] and [2]. Compared to other systems that use OAuth 2.0 or SAML our solution uses an additional layer of security, where data owner assumes full control over the disclosure of their identity data through an assertion issued from their mobile phones to authorisation server (AS), which in turn issues an access token. This would enable data owners to assert the authenticity of a request, while service providers and requestors also benefit from the correctness and freshness of identity data disclosed to them. © 2019 AISTI.

2018

HS.Register - An Audit-Trail Tool to Respond to the General Data Protection Regulation (GDPR)

Authors
Gonçalves Ferreira, DN; Leite, M; Pereira, CS; Correia, ME; Coelho Antunes, LF; Correia, RC;

Publication
Building Continents of Knowledge in Oceans of Data: The Future of Co-Created eHealth - Proceedings of MIE 2018, Medical Informatics Europe, Gothenburg, Sweden, April 24-26, 2018

Abstract

Supervised
thesis

2017

Anonimização de bases de dados empresariais de acordo com a nova Regulamentação Europeia de Proteção de Dados

Author
Frederico António Sá Oliveira Pinho

Institution
UP-FCUP

2017

Establishing Trust and Confidence Among Entities in Distributed Networks

Author
Francis Nwebonyi Nwebonyi

Institution
UP-FCUP

2017

A Web Anonymizer Platform for Datasets with Personal Information

Author
Christophe da Silva Ferreira

Institution
UP-FCUP

2017

A flexible framework for Rogue Access Point detection

Author
Ricardo Jorge Esteves Gonçalves

Institution
UP-FCUP

2016

Secure VoIP communications

Author
João Miguel Maia Soares de Resende

Institution
UP-FCUP