This page has only limited features, please log in for full access.

Unclaimed
Lourdes Marcos
Escuela Técnica Superior de Ingenieros de Telecomunicación, Universidad Politécnica de Madrid, 28040 Madrid, Spain

Honors and Awards

The user has no records in this section


Career Timeline

The user has no records in this section.


Short Biography

The user biography is not available.
Following
Followers
Co Authors
The list of users this user is following is empty.
Following: 0 users

Feed

Journal article
Published: 09 April 2021 in International Journal of Environmental Research and Public Health
Reads 0
Downloads 0

To provide web services adapted to the users’ functional capabilities, diversity must be considered from the conceptualization and design phases of the services’ development. In previous work, we proposed a model that allows the provisioning of adapted interfaces based on users’ identity and their functional attributes to facilitate this task for software designers and developers. However, these identities and attributes are self-declared by the users, which may impact reliability and usability. In this work, we propose an extension of our model to resolve these deficiencies by delegating the identity and attributes’ provision to external certified entities. The European electronic Identification, Authentication and Trust Services (eIDAS) regulation established a solution to ensure the cross-border mutual recognition of Electronic Identification (eID) mechanisms among the European Member States. This research aims to provide an extension of this regulation mentioned above (eIDAS) to support functional attributes and connect our previously proposed model to this extended eIDAS network. Thanks to this proposal, web services can guarantee adapted and personalized interfaces while improving the functionalities offered without any previous configuration by users and, in a reliable way, since the functional attributes belong to the users’ official eID. As the attribute set provided by eIDAS nodes only contains citizens’ personal and legal ones, we also propose a mechanism to connect the eIDAS network to external attribute providers that could extend the eIDAS profile of users with their functional attributes. We deployed a pilot to validate the proposed model consisting of an identity provider, an eIDAS node supporting the extended reference code, and an attribute provider supporting functional attributes. We also designed and implemented a simple service that supports eID authentication and serves adapted interfaces based on the retrieved extended eIDAS profile. Finally, we developed an experience for getting feedback from a set of real users with different functional capabilities. According to the results, we concluded that the generalized adoption of the proposed solution in the European digital web services will significantly improve their accessibility in terms of ease of use and adaptability to users’ capacities.

ACS Style

Lourdes Marco; Alejandro Pozo; Gabriel Huecas; Juan Quemada; Álvaro Alonso. User-Adapted Web Services by Extending the eIDAS Specification with Functional Attributes. International Journal of Environmental Research and Public Health 2021, 18, 3980 .

AMA Style

Lourdes Marco, Alejandro Pozo, Gabriel Huecas, Juan Quemada, Álvaro Alonso. User-Adapted Web Services by Extending the eIDAS Specification with Functional Attributes. International Journal of Environmental Research and Public Health. 2021; 18 (8):3980.

Chicago/Turabian Style

Lourdes Marco; Alejandro Pozo; Gabriel Huecas; Juan Quemada; Álvaro Alonso. 2021. "User-Adapted Web Services by Extending the eIDAS Specification with Functional Attributes." International Journal of Environmental Research and Public Health 18, no. 8: 3980.

Journal article
Published: 21 January 2020 in Sustainability
Reads 0
Downloads 0

The European electronic IDentification, Authentication and trust Services (eIDAS) regulation makes available a solution to ensure the cross-border mutual recognition of electronic IDentification (eID) mechanisms among Member States. However, the basic set of attributes currently provided by each country only contains citizens’ personal and legal attributes, preventing e-services to take full advantage of citizens’ domain-specific information, such as academic or medical data. In this article, we propose an extension of the eIDAS specification to support academic attributes as part of citizens’ profiles. In addition, we present an architecture to enable the connection of eIDAS nodes to national attribute providers to enrich citizens’ profiles with additional academic attributes. We have deployed the eIDAS extension in the specific case of the Spanish eIDAS infrastructure, and we have connected it to an attribute provider of the Technical University of Madrid (UPM). We have also improved a set of institutional services of that university by enabling the connection to eIDAS and enhancing the features offered to students based on their academic profiles retrieved from the eIDAS extended infrastructure. Finally, we have evaluated the resulting services thanks to real students from two different countries, concluding that the widespread adoption of the proposed solution in the academic services of European universities will greatly improve their quality and usability.

ACS Style

Álvaro Alonso; Alejandro Pozo; Aldo Gordillo; Sonsoles López-Pernas; Andrés Munoz-Arcentales; Lourdes Marco; Enrique Barra. Enhancing University Services by Extending the eIDAS European Specification with Academic Attributes. Sustainability 2020, 12, 770 .

AMA Style

Álvaro Alonso, Alejandro Pozo, Aldo Gordillo, Sonsoles López-Pernas, Andrés Munoz-Arcentales, Lourdes Marco, Enrique Barra. Enhancing University Services by Extending the eIDAS European Specification with Academic Attributes. Sustainability. 2020; 12 (3):770.

Chicago/Turabian Style

Álvaro Alonso; Alejandro Pozo; Aldo Gordillo; Sonsoles López-Pernas; Andrés Munoz-Arcentales; Lourdes Marco; Enrique Barra. 2020. "Enhancing University Services by Extending the eIDAS European Specification with Academic Attributes." Sustainability 12, no. 3: 770.

Journal article
Published: 11 September 2019 in Applied Sciences
Reads 0
Downloads 0

Information and Communication Technologies (ICT) need to be accessible for every single person in the globe. Governments and companies are starting to regulate products and services to ensure digital accessibility as a mandatory requirement. A recent example is the European standard EN 301 549, where the functional accessibility requirements for ICT products and services are defined. Especially on the Web, these standards must be integrated throughout the development processes, where the selected architecture models play an essential role. Starting from a model that is based on the OAuth 2.0 protocol, and that allows the complete delegation of authorization (so that an as a service access control mechanism is provided), this paper propose an identity model for providing inclusive services and applications. The model takes advantage of the users’ profiles and their functional attributes to determine how to serve web interfaces to them in a specific service. Those attributes are entirely flexible, and can be defined linked to users’ functional capabilities, or even a particular skill. We have implemented the proposed model as an extension of an existing open source Identity Manager and tested it with a real use case deployment. We conclude that the proposed solution enables a new identity paradigm that allows service providers to design their interfaces satisfying the diversity requirements in terms of design and development.

ACS Style

Lourdes Marco; Álvaro Alonso; Juan Quemada. An Identity Model for Providing Inclusive Services and Applications. Applied Sciences 2019, 9, 3813 .

AMA Style

Lourdes Marco, Álvaro Alonso, Juan Quemada. An Identity Model for Providing Inclusive Services and Applications. Applied Sciences. 2019; 9 (18):3813.

Chicago/Turabian Style

Lourdes Marco; Álvaro Alonso; Juan Quemada. 2019. "An Identity Model for Providing Inclusive Services and Applications." Applied Sciences 9, no. 18: 3813.

Conference paper
Published: 01 November 2018 in ICERI2018 Proceedings
Reads 0
Downloads 0
ACS Style

Sonsoles López-Pernas; Alberto Benito; Lourdes Marcos; Aldo Gordillo. IMPROVAL OF AN EDUCATIONAL PLATFORM THROUGH THE INTEGRATION OF AN EXTENSIBLE E-LEARNING AUTHORING TOOL. ICERI2018 Proceedings 2018, 10117 -10124.

AMA Style

Sonsoles López-Pernas, Alberto Benito, Lourdes Marcos, Aldo Gordillo. IMPROVAL OF AN EDUCATIONAL PLATFORM THROUGH THE INTEGRATION OF AN EXTENSIBLE E-LEARNING AUTHORING TOOL. ICERI2018 Proceedings. 2018; ():10117-10124.

Chicago/Turabian Style

Sonsoles López-Pernas; Alberto Benito; Lourdes Marcos; Aldo Gordillo. 2018. "IMPROVAL OF AN EDUCATIONAL PLATFORM THROUGH THE INTEGRATION OF AN EXTENSIBLE E-LEARNING AUTHORING TOOL." ICERI2018 Proceedings , no. : 10117-10124.

Conference paper
Published: 01 November 2018 in ICERI2018 Proceedings
Reads 0
Downloads 0
ACS Style

Lourdes Marcos; Sonsoles López-Pernas; Alvaro Alonso. ACCESSIBILITY REVIEW FOR WEB-BASED LEARNING TOOLS AND MATERIALS. ICERI2018 Proceedings 2018, 2393 -2402.

AMA Style

Lourdes Marcos, Sonsoles López-Pernas, Alvaro Alonso. ACCESSIBILITY REVIEW FOR WEB-BASED LEARNING TOOLS AND MATERIALS. ICERI2018 Proceedings. 2018; ():2393-2402.

Chicago/Turabian Style

Lourdes Marcos; Sonsoles López-Pernas; Alvaro Alonso. 2018. "ACCESSIBILITY REVIEW FOR WEB-BASED LEARNING TOOLS AND MATERIALS." ICERI2018 Proceedings , no. : 2393-2402.

Journal article
Published: 17 October 2017 in Future Internet
Reads 0
Downloads 0

Access control is a key element when guaranteeing the security of online services. However, devices that make the Internet of Things have some special requirements that foster new approaches to access control mechanisms. Their low computing capabilities impose limitations that make traditional paradigms not directly applicable to sensors and actuators. In this paper, we propose a dynamic, scalable, IoT-ready model that is based on the OAuth 2.0 protocol and that allows the complete delegation of authorization, so that an as a service access control mechanism is provided. Multiple tenants are also supported by means of application-scoped authorization policies, whose roles and permissions are fine-grained enough to provide the desired flexibility of configuration. Besides, OAuth 2.0 ensures interoperability with the rest of the Internet, yet preserving the computing constraints of IoT devices, because its tokens provide all the necessary information to perform authorization. The proposed model has been fully implemented in an open-source solution and also deeply validated in the scope of FIWARE, a European project with thousands of users, the goal of which is to provide a framework for developing smart applications and services for the future Internet. We provide the details of the deployed infrastructure and offer the analysis of a sample smart city setup that takes advantage of the model. We conclude that the proposed solution enables a new access control as a service paradigm that satisfies the special requirements of IoT devices in terms of performance, scalability and interoperability.

ACS Style

Álvaro Alonso; Federico Fernández; Lourdes Marco; Joaquín Salvachúa. IAACaaS: IoT Application-Scoped Access Control as a Service. Future Internet 2017, 9, 64 .

AMA Style

Álvaro Alonso, Federico Fernández, Lourdes Marco, Joaquín Salvachúa. IAACaaS: IoT Application-Scoped Access Control as a Service. Future Internet. 2017; 9 (4):64.

Chicago/Turabian Style

Álvaro Alonso; Federico Fernández; Lourdes Marco; Joaquín Salvachúa. 2017. "IAACaaS: IoT Application-Scoped Access Control as a Service." Future Internet 9, no. 4: 64.

Conference paper
Published: 01 March 2017 in 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN)
Reads 0
Downloads 0

Access Control is crucial for security management, but in the context of the Internet of Things it cannot be implemented the same way as traditional systems do. Indeed, devices that make the Internet of Things impose some constraints that encourage the design of new access control mechanisms, which should provide flexibility of configuration, as well as support several authorization scopes at the same time, yet being computationally light, dynamic and scalable in order to be ready for the forthcoming Cloud Computing paradigm. In this paper we propose an authorization model that is based on the OAuth 2.0 protocol. From the point of view of the identity provider, this model allows managing roles and permissions for an application-scoped authorization, to enable more flexible scenarios in which multiple tenants take part. With regard to devices, the OAuth 2.0 makes authorization extremely light, because all the required information is provided with a token. Considering all this, authorization management is completely delegated to an external system, so that an as-a-service access control mechanism is provided. The proposed model complies with the security, flexibility and performance requirements that are needed in the Internet of Things paradigm.

ACS Style

Federico Fernández; Alvaro Alonso; Lourdes Marcos; Joaquin Salvachua. A model to enable application-scoped access control as a service for IoT using OAuth 2.0. 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN) 2017, 322 -324.

AMA Style

Federico Fernández, Alvaro Alonso, Lourdes Marcos, Joaquin Salvachua. A model to enable application-scoped access control as a service for IoT using OAuth 2.0. 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN). 2017; ():322-324.

Chicago/Turabian Style

Federico Fernández; Alvaro Alonso; Lourdes Marcos; Joaquin Salvachua. 2017. "A model to enable application-scoped access control as a service for IoT using OAuth 2.0." 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN) , no. : 322-324.