Cookies
O website necessita de alguns cookies e outros recursos semelhantes para funcionar. Caso o permita, o INESC TEC irá utilizar cookies para recolher dados sobre as suas visitas, contribuindo, assim, para estatísticas agregadas que permitem melhorar o nosso serviço. Ver mais
Aceitar Rejeitar
  • Menu
Tópicos
de interesse
Detalhes

Detalhes

  • Nome

    Rolando Martins
  • Cluster

    Informática
  • Cargo

    Investigador Sénior
  • Desde

    01 abril 2012
001
Publicações

2023

Deterministic or probabilistic?- A survey on Byzantine fault tolerant state machine replication

Autores
Freitas, T; Soares, J; Correia, ME; Martins, R;

Publicação
COMPUTERS & SECURITY

Abstract
Byzantine Fault tolerant (BFT) protocols are implemented to guarantee the correct system/application behavior even in the presence of arbitrary faults (i.e., Byzantine faults). Byzantine Fault tolerant State Machine Replication (BFT-SMR) is a known software solution for masking arbitrary faults and malicious attacks (Liu et al., 2020). In this survey, we present and discuss relevant BFT-SMR protocols, focusing on deterministic and probabilistic approaches. The main purpose of this paper is to discuss the characteristics of proposed works for each approach, as well as identify the trade-offs for each different approach.& COPY; 2023 The Author(s). Published by Elsevier Ltd. This is an open access article under the CC BY license ( http://creativecommons.org/licenses/by/4.0/ )

2023

Skynet: a Cyber-Aware Intrusion Tolerant Overseer

Autores
Freitas, T; Soares, J; Correia, ME; Martins, R;

Publicação
53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2023 - Supplemental Volume, Porto, Portugal, June 27-30, 2023

Abstract
The increasing level of sophistication of cyber attacks which are employing cross-cutting strategies that leverage multi-domain attack surfaces, including but not limited to, software defined networking poisoning, biasing of machine learning models to suppress detection, exploiting software (development), and leveraging system design deficiencies.While current defensive solutions exist, they only partially address multi-domain and multi-stage attacks, thus rendering them ineffective to counter the upcoming generation of attacks. More specifically, we argue that a disruption is needed to approach separated knowledge domains, namely Intrusion Tolerant systems, cybersecurity, and machine learning.We argue that current solutions tend to address different concerns/facets of overlapping issues and they tend to make strong assumptions of supporting infrastructure, e.g., assuming that event probes/metrics are not compromised.To address these issues, we present Skynet, a platform that acts as a secure overseer that merges traditional roles of SIEMs with conventional orchestrators while being rooted on the fundamentals introduced by previous generations of intrusion tolerant systems. Our goal is to provide an open-source intrusion tolerant platform that can dynamically adapt to known and unknown security threats in order to reduce potential vulnerability windows. © 2023 IEEE.

2022

The case for blockchain in IoT identity management

Autores
Sousa, PR; Resende, JS; Martins, R; Antunes, L;

Publicação
JOURNAL OF ENTERPRISE INFORMATION MANAGEMENT

Abstract
Purpose The aim of this paper is to evaluate the use of blockchain for identity management (IdM) in the context of the Internet of things (IoT) while focusing on privacy-preserving approaches and its applications to healthcare scenarios. Design/methodology/approach The paper describes the most relevant IdM systems focusing on privacy preserving with or without blockchain and evaluates them against ten selected features grouped into three categories: privacy, usability and IoT. Then, it is important to analyze whether blockchain should be used in all scenarios, according to the importance of each feature for different use cases. Findings Based on analysis of existing systems, Sovrin is the IdM system that covers more features and is based on blockchain. For each of the evaluated use cases, Sovrin and UniquID were the chosen systems. Research limitations/implications This paper opens new lines of research for IdM systems in IoT, including challenges related to device identity definition, privacy preserving and new security mechanisms. Originality/value This paper contributes to the ongoing research in IdM systems for IoT. The adequacy of blockchain is not only analyzed considering the technology; instead the authors analyze its application to real environments considering the required features for each use case.

2021

A Kolmogorov Complexity for multidisciplinary domains

Autores
S. Resende, J; Almeida, M; Martins, R; Antunes, L;

Publicação
Proceedings of Entropy 2021: The Scientific Tool of the 21st Century

Abstract

2021

Towards a Modular On-Premise Approach for Data Sharing

Autores
Resende, JS; Magalhaes, L; Brandao, A; Martins, R; Antunes, L;

Publicação
SENSORS

Abstract
The growing demand for everyday data insights drives the pursuit of more sophisticated infrastructures and artificial intelligence algorithms. When combined with the growing number of interconnected devices, this originates concerns about scalability and privacy. The main problem is that devices can detect the environment and generate large volumes of possibly identifiable data. Public cloud-based technologies have been proposed as a solution, due to their high availability and low entry costs. However, there are growing concerns regarding data privacy, especially with the introduction of the new General Data Protection Regulation, due to the inherent lack of control caused by using off-premise computational resources on which public cloud belongs. Users have no control over the data uploaded to such services as the cloud, which increases the uncontrolled distribution of information to third parties. This work aims to provide a modular approach that uses cloud-of-clouds to store persistent data and reduce upfront costs while allowing information to remain private and under users' control. In addition to storage, this work also extends focus on usability modules that enable data sharing. Any user can securely share and analyze/compute the uploaded data using private computing without revealing private data. This private computation can be training machine learning (ML) models. To achieve this, we use a combination of state-of-the-art technologies, such as MultiParty Computation (MPC) and K-anonymization to produce a complete system with intrinsic privacy properties.

Teses
supervisionadas

2022

Sistemas de Deteção de Intrusão utilizando Machine Learning

Autor
Mara Quintas Almeida

Instituição
UP-FCUP

2022

Decentralized CDN for Video Streaming

Autor
Matias de São José Rosa Ramalho Frazão Correia

Instituição
UP-FCUP

2022

Trustworthy and Robust Intra-Vehicle Communication

Autor
Patrícia Adelaide Lopes Machado

Instituição
UP-FCUP

2022

Design of a Flexible and Extensible Fault Injector for Testing Concurrent and Distributed Applications

Autor
Pedro Fernando Moreira da Silva Antunes

Instituição
UP-FCUP

2022

SkyNet: Towards a Dynamic and Adaptive Intrusion Tolerant System

Autor
Tadeu Augusto Leite Freitas

Instituição
UP-FCUP