Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
About

About

Rolando Martins studied at Faculty of Science of the University of Porto (FCUP), where he also obtained his M.Sc in Informatics: Networks and Systems. As part of his Masters thesis (YapDss), he researched the field of distributed stack splitting in Prolog, exploring OrParallelism. He also worked at EFACEC as a software engineer/architect and later as a systems researcher. He obtained his Ph.D in Computer Sci- ence from FCUP, as a part of a collaborative effort between FCUP, EFACEC and Carnegie Mellon University (CMU), under the supervision of Fernando Silva, Luís Lopes and Priya Narasimhan. His Ph.D. research topic arose from his employment at EFACEC, where he was exposed to the difficulties underlying today’s railway systems and light-rail deployments, and came to understand the scientific challenges and the impact, of addressing the issues of simultaneously supporting real-time and fault-tolerance in such systems. He is a former member of the the Intel Science and Technology Center (ISTC), where he was involved in both Cloud Computing and Embedded Computing centers, and Parallel Data Lab (PDL) at CMU. At the same time, he was also a computer research scientist at YinZcam, a spinoff from CMU that provided mobile applications for the NBA, NHL, NFL and MLS, where he was involved on cloud computing, content management systems, OAuth and video streaming. He is currently an invited assistant professor at the department of Computer Science at FCUP and researcher at CRACS (Center for Research in Advanced Computing Systems) part of INESC TEC. Some of his research interests include security, privacy, intrusion tolerance, (secure) distributed systems, edge clouds, P2P, IoT, cloud-computing, fault-tolerance (byzantine and non-byzantine), operating systems (with special interest in the Linux kernel).

Interest
Topics
Details

Details

  • Name

    Rolando Martins
  • Cluster

    Computer Science
  • Role

    Senior Researcher
  • Since

    01st April 2012
002
Publications

2021

Towards a Modular On-Premise Approach for Data Sharing

Authors
Resende, JS; Magalhaes, L; Brandao, A; Martins, R; Antunes, L;

Publication
Sensors

Abstract
The growing demand for everyday data insights drives the pursuit of more sophisticated infrastructures and artificial intelligence algorithms. When combined with the growing number of interconnected devices, this originates concerns about scalability and privacy. The main problem is that devices can detect the environment and generate large volumes of possibly identifiable data. Public cloud-based technologies have been proposed as a solution, due to their high availability and low entry costs. However, there are growing concerns regarding data privacy, especially with the introduction of the new General Data Protection Regulation, due to the inherent lack of control caused by using off-premise computational resources on which public cloud belongs. Users have no control over the data uploaded to such services as the cloud, which increases the uncontrolled distribution of information to third parties. This work aims to provide a modular approach that uses cloud-of-clouds to store persistent data and reduce upfront costs while allowing information to remain private and under users’ control. In addition to storage, this work also extends focus on usability modules that enable data sharing. Any user can securely share and analyze/compute the uploaded data using private computing without revealing private data. This private computation can be training machine learning (ML) models. To achieve this, we use a combination of state-of-the-art technologies, such as MultiParty Computation (MPC) and K-anonymization to produce a complete system with intrinsic privacy properties.

2021

Provisioning, authentication and secure communications for iot devices on fiware

Authors
Sousa, P; Magalhaes, L; Resende, J; Martins, R; Antunes, L;

Publication
Sensors

Abstract
The increasing pervasiveness of the Internet of Things is resulting in a steady increase of cyberattacks in all of its facets. One of the most predominant attack vectors is related to its identity management, as it grants the ability to impersonate and circumvent current trust mechanisms. Given that identity is paramount to every security mechanism, such as authentication and access control, any vulnerable identity management mechanism undermines any attempt to build secure systems. While digital certificates are one of the most prevalent ways to establish identity and perform authentication, their provision at scale remains open. This provisioning process is usually an arduous task that encompasses device configuration, including identity and key provisioning. Human configuration errors are often the source of many security and privacy issues, so this task should be semi-autonomous to minimize erroneous configurations during this process. In this paper, we propose an identity management (IdM) and authentication method called YubiAuthIoT. The overall provisioning has an average runtime of 1137.8 ms ± 65.11 + d. We integrate this method with the FIWARE platform, as a way to provision and authenticate IoT devices. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.

2021

ZERMIA - A Fault Injector Framework for Testing Byzantine Fault Tolerant Protocols

Authors
Soares, J; Fernandez, R; Silva, M; Freitas, T; Martins, R;

Publication
Network and System Security - Lecture Notes in Computer Science

Abstract

2021

Hardening cryptographic operations through the use of secure enclaves

Authors
Brandao, A; Resende, JS; Martins, R;

Publication
Computers and Security

Abstract
With the rising popularity of the cloud, companies lose control of both the hardware and the operating system responsible for hosting their software and data. This means that companies are at risk of losing confidential data when these are utilized in components controlled by a third-party cloud vendor. Secure enclaves can help solve this problem by creating a secure environment where code can be executed securely, guaranteeing that no unwanted parties read or modify the data inside this secure environment. While the use of secure enclaves has been focused on small footprints software, such as the implementation of trusted computing base for distributed protocols, we analyze the strengths and shortcoming of current tools in an effort to further expand the applicability of their use. Given the importance of web servers and their inherent greater exposure to attacks, we explore the hardening of Apache web server through the use of secure enclaves. This was accomplished by making the necessary modifications to further protect its private key from both the operating system and hypervisor. We also provide a performance assessment to quantify the overhead associated with the use of secure enclaves, namely, Intel SGX.

2020

Employment of Secure Enclaves in Cheat Detection Hardening

Authors
Brandao, A; Resende, JS; Martins, R;

Publication
Trust, Privacy and Security in Digital Business - Lecture Notes in Computer Science

Abstract

Supervised
thesis

2021

Privacy Preserving Middleware Platform for IoT

Author
Patrícia Raquel Vieira Sousa

Institution
UP-FCUP

2021

Exploring Azure: Internet of Things and Edge

Author
Rui Alexandre Farinha Fernandes Balau

Institution
UP-FCUP

2021

Injector de faltas para teste de aplicações

Author
Miguel André Queirós Coelho da Silva

Institution
UP-FCUP

2021

SkyNet: Towards a Dynamic and Adaptive Intrusion Tolerant System

Author
Tadeu Augusto Leite Freitas

Institution
UP-FCUP

2021

Efficient Byzantine Fault-Tolerance

Author
Ricardo Jorge Alves Fernandez

Institution
UP-FCUP