This page has only limited features, please log in for full access.

Dr. Alvaro Alonso
Universidad Politecnica de Madrid (UPM)

Basic Info


Research Keywords & Expertise

0 Identity
0 Identity & Access Management (IAM)
0 Security
0 Security and Privacy
0 videoconferencing

Fingerprints

Identity
videoconferencing
Security
Identity & Access Management (IAM)
Security and Privacy

Honors and Awards

The user has no records in this section


Career Timeline

The user has no records in this section.


Short Biography

The user biography is not available.
Following
Followers
Co Authors
The list of users this user is following is empty.
Following: 0 users

Feed

Journal article
Published: 23 June 2021 in Electronics
Reads 0
Downloads 0

Although many courses in computer science and software engineering require students to work on practical assignments, these are usually toy projects that do not come close to real professional developments. As such, recent graduates often fail to meet industry expectations when they first enter the workforce. In view of the gap between graduates’ skills and industry expectations, several institutions have resorted to integrating open-source software development as part of their programs. In this pilot study, we report on the results of the contributions of eleven students to the FIWARE open-source project as part of their final year project. Our findings suggest that both teachers and students have a positive perception towards contributing to the FIWARE open-source initiative and that students increased their knowledge of technologies valued by the industry. We also found that this kind of project requires an additional initial effort for the students as well as for the instructor to monitor their progress. Consequently, it is important that the instructors have previous experience in FIWARE, as many of the students need help during the process.

ACS Style

Javier Conde; Sonsoles López-Pernas; Alejandro Pozo; Andres Munoz-Arcentales; Gabriel Huecas; Álvaro Alonso. Bridging the Gap between Academia and Industry through Students’ Contributions to the FIWARE European Open-Source Initiative: A Pilot Study. Electronics 2021, 10, 1523 .

AMA Style

Javier Conde, Sonsoles López-Pernas, Alejandro Pozo, Andres Munoz-Arcentales, Gabriel Huecas, Álvaro Alonso. Bridging the Gap between Academia and Industry through Students’ Contributions to the FIWARE European Open-Source Initiative: A Pilot Study. Electronics. 2021; 10 (13):1523.

Chicago/Turabian Style

Javier Conde; Sonsoles López-Pernas; Alejandro Pozo; Andres Munoz-Arcentales; Gabriel Huecas; Álvaro Alonso. 2021. "Bridging the Gap between Academia and Industry through Students’ Contributions to the FIWARE European Open-Source Initiative: A Pilot Study." Electronics 10, no. 13: 1523.

Journal article
Published: 09 April 2021 in International Journal of Environmental Research and Public Health
Reads 0
Downloads 0

To provide web services adapted to the users’ functional capabilities, diversity must be considered from the conceptualization and design phases of the services’ development. In previous work, we proposed a model that allows the provisioning of adapted interfaces based on users’ identity and their functional attributes to facilitate this task for software designers and developers. However, these identities and attributes are self-declared by the users, which may impact reliability and usability. In this work, we propose an extension of our model to resolve these deficiencies by delegating the identity and attributes’ provision to external certified entities. The European electronic Identification, Authentication and Trust Services (eIDAS) regulation established a solution to ensure the cross-border mutual recognition of Electronic Identification (eID) mechanisms among the European Member States. This research aims to provide an extension of this regulation mentioned above (eIDAS) to support functional attributes and connect our previously proposed model to this extended eIDAS network. Thanks to this proposal, web services can guarantee adapted and personalized interfaces while improving the functionalities offered without any previous configuration by users and, in a reliable way, since the functional attributes belong to the users’ official eID. As the attribute set provided by eIDAS nodes only contains citizens’ personal and legal ones, we also propose a mechanism to connect the eIDAS network to external attribute providers that could extend the eIDAS profile of users with their functional attributes. We deployed a pilot to validate the proposed model consisting of an identity provider, an eIDAS node supporting the extended reference code, and an attribute provider supporting functional attributes. We also designed and implemented a simple service that supports eID authentication and serves adapted interfaces based on the retrieved extended eIDAS profile. Finally, we developed an experience for getting feedback from a set of real users with different functional capabilities. According to the results, we concluded that the generalized adoption of the proposed solution in the European digital web services will significantly improve their accessibility in terms of ease of use and adaptability to users’ capacities.

ACS Style

Lourdes Marco; Alejandro Pozo; Gabriel Huecas; Juan Quemada; Álvaro Alonso. User-Adapted Web Services by Extending the eIDAS Specification with Functional Attributes. International Journal of Environmental Research and Public Health 2021, 18, 3980 .

AMA Style

Lourdes Marco, Alejandro Pozo, Gabriel Huecas, Juan Quemada, Álvaro Alonso. User-Adapted Web Services by Extending the eIDAS Specification with Functional Attributes. International Journal of Environmental Research and Public Health. 2021; 18 (8):3980.

Chicago/Turabian Style

Lourdes Marco; Alejandro Pozo; Gabriel Huecas; Juan Quemada; Álvaro Alonso. 2021. "User-Adapted Web Services by Extending the eIDAS Specification with Functional Attributes." International Journal of Environmental Research and Public Health 18, no. 8: 3980.

Journal article
Published: 03 February 2021 in IEEE Internet Computing
Reads 0
Downloads 0

The use of Digital Twins in the industry has become a growing trend in recent years, allowing to improve the lifecycle of any process by taking advantage of the relationship between the physical and the virtual world. Existing literature formulates several challenges for building Digital Twins, as well as some proposals for overcoming them. However, in the vast majority of the cases, the architectures and technologies presented are strongly bounded to the domain where the Digital Twins are applied. This article proposes the FIWARE Ecosystem, combining its catalog of components and its Smart Data Models, as a solution for the development of any Digital Twin. We also provide a use case to showcase how to use FIWARE for building Digital Twins through a complete example of a Parking Digital Twin. We conclude that the FIWARE Ecosystem constitutes a real reference option for developing DTs in any domain.

ACS Style

Javier Conde; Andres Munoz-Arcentales; Alvaro Alonso; Sonsoles Lopez-Pernas; Joaquin Salvachua. Modeling Digital Twin Data and Architecture: A Building Guide with FIWARE as Enabling Technology. IEEE Internet Computing 2021, PP, 1 -1.

AMA Style

Javier Conde, Andres Munoz-Arcentales, Alvaro Alonso, Sonsoles Lopez-Pernas, Joaquin Salvachua. Modeling Digital Twin Data and Architecture: A Building Guide with FIWARE as Enabling Technology. IEEE Internet Computing. 2021; PP (99):1-1.

Chicago/Turabian Style

Javier Conde; Andres Munoz-Arcentales; Alvaro Alonso; Sonsoles Lopez-Pernas; Joaquin Salvachua. 2021. "Modeling Digital Twin Data and Architecture: A Building Guide with FIWARE as Enabling Technology." IEEE Internet Computing PP, no. 99: 1-1.

Journal article
Published: 10 September 2020 in Sustainability
Reads 0
Downloads 0

The COVID-19 pandemic imposed in many countries, in the short term, the interruption of face-to-face teaching activities and, in the medium term, the existence of a ‘new normal’, in which teaching methods should be able to switch from face-to-face to remote overnight. However, this flexibility can pose a great difficulty, especially in the assessment of practical courses with a high student–teacher ratio, in which the assessment tools or methods used in face-to-face learning are not ready to be adopted within a fully online environment. This article presents a case study describing the transformation of the assessment method of a programming course in higher education to a fully online format during the COVID-19 pandemic, by means of an automated student-centered assessment tool. To evaluate the new assessment method, we studied students’ interactions with the tool, as well as students’ perceptions, which were measured with two different surveys: one for the programming assignments and one for the final exam. The results show that the students’ perceptions of the assessment tool were highly positive: if using the tool had been optional, the majority of them would have chosen to use it without a doubt, and they would like other courses to involve a tool like the one presented in this article. A discussion about the use of this tool in subsequent years in the same and related courses is also presented, analyzing the sustainability of this new assessment method.

ACS Style

Enrique Barra; Sonsoles López-Pernas; Álvaro Alonso; Juan Sánchez-Rada; Aldo Gordillo; Juan Quemada. Automated Assessment in Programming Courses: A Case Study during the COVID-19 Era. Sustainability 2020, 12, 7451 .

AMA Style

Enrique Barra, Sonsoles López-Pernas, Álvaro Alonso, Juan Sánchez-Rada, Aldo Gordillo, Juan Quemada. Automated Assessment in Programming Courses: A Case Study during the COVID-19 Era. Sustainability. 2020; 12 (18):7451.

Chicago/Turabian Style

Enrique Barra; Sonsoles López-Pernas; Álvaro Alonso; Juan Sánchez-Rada; Aldo Gordillo; Juan Quemada. 2020. "Automated Assessment in Programming Courses: A Case Study during the COVID-19 Era." Sustainability 12, no. 18: 7451.

Journal article
Published: 04 August 2020 in Sensors
Reads 0
Downloads 0

The Internet of Things (IoT) brings plenty of opportunities to enhance society’s activities, from improving a factory’s production chain to facilitating people’s household tasks. However, it has also brought new security breaches, compromising privacy and authenticity. IoT devices are vulnerable to being accessed from the Internet; they lack sufficient resources to face cyber-attack threats. Keeping a balance between access control and the devices’ resource consumption has become one of the highest priorities of IoT research. In this paper, we evaluate an access control architecture based on the IAACaaS (IoT application-Scoped Access Control as a Service) model with the aim of protecting IoT devices that communicate using the Publish/Subscribe pattern. IAACaaS is based on the OAuth 2.0 authorization framework, which externalizes the identity and access control infrastructure of applications. In our evaluation, we implement the model using FIWARE Generic Enablers and deploy them for a smart buildings use case with a wireless communication. Then, we compare the performance of two different approaches in the data-sharing between sensors and the Publish/Subscribe broker, using Constrained Application Protocol (CoAP) and Hypertext Transfer Protocol (HTTP) protocols. We conclude that the integration of Publish/Subscribe IoT deployments with IAACaaS adds an extra layer of security and access control without compromising the system’s performance.

ACS Style

Alejandro Pozo; Álvaro Alonso; Joaquín Salvachúa. Evaluation of an IoT Application-Scoped Access Control Model over a Publish/Subscribe Architecture Based on FIWARE. Sensors 2020, 20, 4341 .

AMA Style

Alejandro Pozo, Álvaro Alonso, Joaquín Salvachúa. Evaluation of an IoT Application-Scoped Access Control Model over a Publish/Subscribe Architecture Based on FIWARE. Sensors. 2020; 20 (15):4341.

Chicago/Turabian Style

Alejandro Pozo; Álvaro Alonso; Joaquín Salvachúa. 2020. "Evaluation of an IoT Application-Scoped Access Control Model over a Publish/Subscribe Architecture Based on FIWARE." Sensors 20, no. 15: 4341.

Journal article
Published: 09 May 2020 in Sustainability
Reads 0
Downloads 0

In recent years, a new business paradigm has emerged which revolves around effectively extracting value from data. In this scope, providing a secure ecosystem for data sharing that ensures data governance and traceability is of paramount importance as it holds the potential to create new applications and services. Protecting data goes beyond restricting who can access what resource (covered by identity and Access Control): it becomes necessary to control how data are treated once accessed, which is known as data Usage Control. Data Usage Control provides a common and trustful security framework to guarantee the compliance with data governance rules and responsible use of organizations’ data by third-party entities, easing and ensuring secure data sharing in ecosystems such as Smart Cities and Industry 4.0. In this article, we present an implementation of a previously published architecture for enabling access and Usage Control in data-sharing ecosystems among multiple organizations using the FIWARE European open source platform. Additionally, we validate this implementation through a real use case in the food industry. We conclude that the proposed model, implemented using FIWARE components, provides a flexible and powerful architecture to manage Usage Control in data-sharing ecosystems.

ACS Style

Andres Munoz-Arcentales; Sonsoles López-Pernas; Alejandro Pozo; Álvaro Alonso; Joaquín Salvachúa; Gabriel Huecas. Data Usage and Access Control in Industrial Data Spaces: Implementation Using FIWARE. Sustainability 2020, 12, 3885 .

AMA Style

Andres Munoz-Arcentales, Sonsoles López-Pernas, Alejandro Pozo, Álvaro Alonso, Joaquín Salvachúa, Gabriel Huecas. Data Usage and Access Control in Industrial Data Spaces: Implementation Using FIWARE. Sustainability. 2020; 12 (9):3885.

Chicago/Turabian Style

Andres Munoz-Arcentales; Sonsoles López-Pernas; Alejandro Pozo; Álvaro Alonso; Joaquín Salvachúa; Gabriel Huecas. 2020. "Data Usage and Access Control in Industrial Data Spaces: Implementation Using FIWARE." Sustainability 12, no. 9: 3885.

Journal article
Published: 21 January 2020 in Sustainability
Reads 0
Downloads 0

The European electronic IDentification, Authentication and trust Services (eIDAS) regulation makes available a solution to ensure the cross-border mutual recognition of electronic IDentification (eID) mechanisms among Member States. However, the basic set of attributes currently provided by each country only contains citizens’ personal and legal attributes, preventing e-services to take full advantage of citizens’ domain-specific information, such as academic or medical data. In this article, we propose an extension of the eIDAS specification to support academic attributes as part of citizens’ profiles. In addition, we present an architecture to enable the connection of eIDAS nodes to national attribute providers to enrich citizens’ profiles with additional academic attributes. We have deployed the eIDAS extension in the specific case of the Spanish eIDAS infrastructure, and we have connected it to an attribute provider of the Technical University of Madrid (UPM). We have also improved a set of institutional services of that university by enabling the connection to eIDAS and enhancing the features offered to students based on their academic profiles retrieved from the eIDAS extended infrastructure. Finally, we have evaluated the resulting services thanks to real students from two different countries, concluding that the widespread adoption of the proposed solution in the academic services of European universities will greatly improve their quality and usability.

ACS Style

Álvaro Alonso; Alejandro Pozo; Aldo Gordillo; Sonsoles López-Pernas; Andrés Munoz-Arcentales; Lourdes Marco; Enrique Barra. Enhancing University Services by Extending the eIDAS European Specification with Academic Attributes. Sustainability 2020, 12, 770 .

AMA Style

Álvaro Alonso, Alejandro Pozo, Aldo Gordillo, Sonsoles López-Pernas, Andrés Munoz-Arcentales, Lourdes Marco, Enrique Barra. Enhancing University Services by Extending the eIDAS European Specification with Academic Attributes. Sustainability. 2020; 12 (3):770.

Chicago/Turabian Style

Álvaro Alonso; Alejandro Pozo; Aldo Gordillo; Sonsoles López-Pernas; Andrés Munoz-Arcentales; Lourdes Marco; Enrique Barra. 2020. "Enhancing University Services by Extending the eIDAS European Specification with Academic Attributes." Sustainability 12, no. 3: 770.

Journal article
Published: 21 November 2019 in Procedia Computer Science
Reads 0
Downloads 0

We are experiencing a new digital revolution in which data are becoming a key pillar for business and industry. Promoting data sharing, without compromising data sovereignty and traceability, is fundamental since it provides a heterogeneous ecosystem with the potential to enrich the variety of applications and services that take part in this digital revolution. In this scope, the use of secure and trusted platforms for sharing and processing personal and industrial data is crucial for the creation of a data market and a data economy. Protecting data goes beyond restricting who can access what resource (covered by identity and access control respectively): it becomes necessary to control how data are treated, which is known as data usage control. Data usage control provides a common and trustful security framework to guarantee the sovereignty and the responsible use of organizations’ data by third-party entities, easing and ensuring data sharing in ecosystems such as industry or smart cities. In this article, we present an architecture proposal for achieving access and usage control in shared data ecosystems among multiple organizations. The proposed architecture is based on the UCON (Usage Control) model and an extended XACML (eXtensible Access Control Markup Language) Reference Architecture, relying on key aspects of the IDS (International Data Spaces) Reference Architecture Model. Its modular design and technology-agnostic nature provide an integral solution while maintaining flexibility of implementation.

ACS Style

Andres Munoz-Arcentales; Sonsoles López-Pernas; Alejandro Pozo; Álvaro Alonso; Joaquín Salvachúa; Gabriel Huecas. An Architecture for Providing Data Usage and Access Control in Data Sharing Ecosystems. Procedia Computer Science 2019, 160, 590 -597.

AMA Style

Andres Munoz-Arcentales, Sonsoles López-Pernas, Alejandro Pozo, Álvaro Alonso, Joaquín Salvachúa, Gabriel Huecas. An Architecture for Providing Data Usage and Access Control in Data Sharing Ecosystems. Procedia Computer Science. 2019; 160 ():590-597.

Chicago/Turabian Style

Andres Munoz-Arcentales; Sonsoles López-Pernas; Alejandro Pozo; Álvaro Alonso; Joaquín Salvachúa; Gabriel Huecas. 2019. "An Architecture for Providing Data Usage and Access Control in Data Sharing Ecosystems." Procedia Computer Science 160, no. : 590-597.

Conference paper
Published: 01 November 2019 in ICERI2019 Proceedings
Reads 0
Downloads 0
ACS Style

Álvaro Alonso; Aldo Gordillo; Alejandro Pozo; Sonsoles López-Pernas; Lourdes Marco; Enrique Barra. EXTENDING THE EIDAS EUROPEAN SPECIFICATION FOR SUPPORTING ACADEMIC ATTRIBUTES. ICERI2019 Proceedings 2019, 2008 -2014.

AMA Style

Álvaro Alonso, Aldo Gordillo, Alejandro Pozo, Sonsoles López-Pernas, Lourdes Marco, Enrique Barra. EXTENDING THE EIDAS EUROPEAN SPECIFICATION FOR SUPPORTING ACADEMIC ATTRIBUTES. ICERI2019 Proceedings. 2019; ():2008-2014.

Chicago/Turabian Style

Álvaro Alonso; Aldo Gordillo; Alejandro Pozo; Sonsoles López-Pernas; Lourdes Marco; Enrique Barra. 2019. "EXTENDING THE EIDAS EUROPEAN SPECIFICATION FOR SUPPORTING ACADEMIC ATTRIBUTES." ICERI2019 Proceedings , no. : 2008-2014.

Journal article
Published: 11 September 2019 in Applied Sciences
Reads 0
Downloads 0

Information and Communication Technologies (ICT) need to be accessible for every single person in the globe. Governments and companies are starting to regulate products and services to ensure digital accessibility as a mandatory requirement. A recent example is the European standard EN 301 549, where the functional accessibility requirements for ICT products and services are defined. Especially on the Web, these standards must be integrated throughout the development processes, where the selected architecture models play an essential role. Starting from a model that is based on the OAuth 2.0 protocol, and that allows the complete delegation of authorization (so that an as a service access control mechanism is provided), this paper propose an identity model for providing inclusive services and applications. The model takes advantage of the users’ profiles and their functional attributes to determine how to serve web interfaces to them in a specific service. Those attributes are entirely flexible, and can be defined linked to users’ functional capabilities, or even a particular skill. We have implemented the proposed model as an extension of an existing open source Identity Manager and tested it with a real use case deployment. We conclude that the proposed solution enables a new identity paradigm that allows service providers to design their interfaces satisfying the diversity requirements in terms of design and development.

ACS Style

Lourdes Marco; Álvaro Alonso; Juan Quemada. An Identity Model for Providing Inclusive Services and Applications. Applied Sciences 2019, 9, 3813 .

AMA Style

Lourdes Marco, Álvaro Alonso, Juan Quemada. An Identity Model for Providing Inclusive Services and Applications. Applied Sciences. 2019; 9 (18):3813.

Chicago/Turabian Style

Lourdes Marco; Álvaro Alonso; Juan Quemada. 2019. "An Identity Model for Providing Inclusive Services and Applications." Applied Sciences 9, no. 18: 3813.

Journal article
Published: 03 July 2019 in IEEE Access
Reads 0
Downloads 0

Secure electronic identification (eID) is one of the key enablers of data protection, privacy and the prevention of online fraud. However, until now, the lack of common legal basis prevented European Member States from recognizing and accepting eIDs issued in other Member States. The Electronic Identification and Trust Services (eIDAS) Regulation provides a solution to these issues by ensuring the cross-border mutual recognition of eIDs. FIWARE is an European initiative that provides a rather simple yet powerful set of APIs (Application Programming Interfaces) that ease the development of Smart Applications in multiple vertical sectors and oriented to the Future Internet. In this paper we propose a model that enables the connection of FIWARE OAuth 2.0-based services with the eID authentication provided by eIDAS reference. Thanks to this model, services already connected with an OAuth 2.0 identity provider can be automatically connected with eIDAS nodes for providing eID authentication to European citizens. For validating the proposed model we have deployed an instance of the FIWARE Identity Manager connected to the Spanish eIDAS node. Then, we have registered two services (a private videoconferencing system and a public smart city deployment) and extended their functionalities for enriching the user experience leveraging the eID authentication. We have evaluated the integration of both services in the eIDAS network with real users from seven different countries. We conclude that the proposed model facilitates the integration of generic and FIWARE-based OAuth 2.0 services to the eIDAS infrastructure, making the connection transparent for developers.

ACS Style

Alvaro Alonso; Alejandro Pozo; Johnny Choque; Gloria Bueno; Joaquin Salvachua; Luis Diez; Jorge Marin; Pedro Luis Chas Alonso. An Identity Framework for Providing Access to FIWARE OAuth 2.0-Based Services According to the eIDAS European Regulation. IEEE Access 2019, 7, 88435 -88449.

AMA Style

Alvaro Alonso, Alejandro Pozo, Johnny Choque, Gloria Bueno, Joaquin Salvachua, Luis Diez, Jorge Marin, Pedro Luis Chas Alonso. An Identity Framework for Providing Access to FIWARE OAuth 2.0-Based Services According to the eIDAS European Regulation. IEEE Access. 2019; 7 (99):88435-88449.

Chicago/Turabian Style

Alvaro Alonso; Alejandro Pozo; Johnny Choque; Gloria Bueno; Joaquin Salvachua; Luis Diez; Jorge Marin; Pedro Luis Chas Alonso. 2019. "An Identity Framework for Providing Access to FIWARE OAuth 2.0-Based Services According to the eIDAS European Regulation." IEEE Access 7, no. 99: 88435-88449.

Conference paper
Published: 01 November 2018 in ICERI2018 Proceedings
Reads 0
Downloads 0
ACS Style

Lourdes Marcos; Sonsoles López-Pernas; Alvaro Alonso. ACCESSIBILITY REVIEW FOR WEB-BASED LEARNING TOOLS AND MATERIALS. ICERI2018 Proceedings 2018, 2393 -2402.

AMA Style

Lourdes Marcos, Sonsoles López-Pernas, Alvaro Alonso. ACCESSIBILITY REVIEW FOR WEB-BASED LEARNING TOOLS AND MATERIALS. ICERI2018 Proceedings. 2018; ():2393-2402.

Chicago/Turabian Style

Lourdes Marcos; Sonsoles López-Pernas; Alvaro Alonso. 2018. "ACCESSIBILITY REVIEW FOR WEB-BASED LEARNING TOOLS AND MATERIALS." ICERI2018 Proceedings , no. : 2393-2402.

Journal article
Published: 11 July 2018 in Sensors
Reads 0
Downloads 0

We are in front of a new digital revolution that will transform the way we understand and use services and infrastructures. One of the key factors of this revolution is related to the evolution of the Internet of Things (IoT). Connected sensors will be installed in cities and homes affecting the daily life of people and providing them new ways of performing their daily activities. However, this revolution will also affect business and industry bringing the IoT to the production processes in what is called Industry 4.0. Sensor-enabled manufacturing equipment will allow real time communication, smart diagnosis and autonomous decision making. In this scope, the Industrial Data Spaces (IDS) Association has created a Reference Architecture model that aims to provide a common frame for designing and deploying Industry IoT infrastructures. In this paper, we present an implementation of such Reference Architecture based on FIWARE open source software components (Generic Enablers). We validate the proposed architecture by deploying and testing it in a real industry use case that tries to improve the maintenance and operation of milling machines. We conclude that the FIWARE-based IDS implementation fits the requirements of the IDS Reference Architecture providing open source software suitable to any Industry 4.0 environment.

ACS Style

Álvaro Alonso; Alejandro Pozo; José Manuel Cantera; Francisco De La Vega; Juan José Hierro. Industrial Data Space Architecture Implementation Using FIWARE. Sensors 2018, 18, 2226 .

AMA Style

Álvaro Alonso, Alejandro Pozo, José Manuel Cantera, Francisco De La Vega, Juan José Hierro. Industrial Data Space Architecture Implementation Using FIWARE. Sensors. 2018; 18 (7):2226.

Chicago/Turabian Style

Álvaro Alonso; Alejandro Pozo; José Manuel Cantera; Francisco De La Vega; Juan José Hierro. 2018. "Industrial Data Space Architecture Implementation Using FIWARE." Sensors 18, no. 7: 2226.

Journal article
Published: 17 October 2017 in Future Internet
Reads 0
Downloads 0

Access control is a key element when guaranteeing the security of online services. However, devices that make the Internet of Things have some special requirements that foster new approaches to access control mechanisms. Their low computing capabilities impose limitations that make traditional paradigms not directly applicable to sensors and actuators. In this paper, we propose a dynamic, scalable, IoT-ready model that is based on the OAuth 2.0 protocol and that allows the complete delegation of authorization, so that an as a service access control mechanism is provided. Multiple tenants are also supported by means of application-scoped authorization policies, whose roles and permissions are fine-grained enough to provide the desired flexibility of configuration. Besides, OAuth 2.0 ensures interoperability with the rest of the Internet, yet preserving the computing constraints of IoT devices, because its tokens provide all the necessary information to perform authorization. The proposed model has been fully implemented in an open-source solution and also deeply validated in the scope of FIWARE, a European project with thousands of users, the goal of which is to provide a framework for developing smart applications and services for the future Internet. We provide the details of the deployed infrastructure and offer the analysis of a sample smart city setup that takes advantage of the model. We conclude that the proposed solution enables a new access control as a service paradigm that satisfies the special requirements of IoT devices in terms of performance, scalability and interoperability.

ACS Style

Álvaro Alonso; Federico Fernández; Lourdes Marco; Joaquín Salvachúa. IAACaaS: IoT Application-Scoped Access Control as a Service. Future Internet 2017, 9, 64 .

AMA Style

Álvaro Alonso, Federico Fernández, Lourdes Marco, Joaquín Salvachúa. IAACaaS: IoT Application-Scoped Access Control as a Service. Future Internet. 2017; 9 (4):64.

Chicago/Turabian Style

Álvaro Alonso; Federico Fernández; Lourdes Marco; Joaquín Salvachúa. 2017. "IAACaaS: IoT Application-Scoped Access Control as a Service." Future Internet 9, no. 4: 64.

Conference paper
Published: 01 March 2017 in 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN)
Reads 0
Downloads 0

Access Control is crucial for security management, but in the context of the Internet of Things it cannot be implemented the same way as traditional systems do. Indeed, devices that make the Internet of Things impose some constraints that encourage the design of new access control mechanisms, which should provide flexibility of configuration, as well as support several authorization scopes at the same time, yet being computationally light, dynamic and scalable in order to be ready for the forthcoming Cloud Computing paradigm. In this paper we propose an authorization model that is based on the OAuth 2.0 protocol. From the point of view of the identity provider, this model allows managing roles and permissions for an application-scoped authorization, to enable more flexible scenarios in which multiple tenants take part. With regard to devices, the OAuth 2.0 makes authorization extremely light, because all the required information is provided with a token. Considering all this, authorization management is completely delegated to an external system, so that an as-a-service access control mechanism is provided. The proposed model complies with the security, flexibility and performance requirements that are needed in the Internet of Things paradigm.

ACS Style

Federico Fernández; Alvaro Alonso; Lourdes Marcos; Joaquin Salvachua. A model to enable application-scoped access control as a service for IoT using OAuth 2.0. 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN) 2017, 322 -324.

AMA Style

Federico Fernández, Alvaro Alonso, Lourdes Marcos, Joaquin Salvachua. A model to enable application-scoped access control as a service for IoT using OAuth 2.0. 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN). 2017; ():322-324.

Chicago/Turabian Style

Federico Fernández; Alvaro Alonso; Lourdes Marcos; Joaquin Salvachua. 2017. "A model to enable application-scoped access control as a service for IoT using OAuth 2.0." 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN) , no. : 322-324.

Conference paper
Published: 01 August 2016 in 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud)
Reads 0
Downloads 0

Scheduling resources in Cloud distributed videoconferencing systems presents a complex challenge not resolved yet. Traditional scheduling models are not applicable due to the particular characteristics of such type of systems. One of the main issues is estimating how many resources will consume a new client that connects to a videoconferencing session. Otherwise, it is difficult to decide where to allocate new requests. This paper proposes a new metric to perform this estimation basing on different parameters of the sessions. To validate the metric we set up a real scenario comparing the behaviour with and without the proposed metric. The conclusion is that the metric enables the design of more advanced and precise scheduling algorithms. Furthermore, thanks to this metric, resources are used more efficiently resulting in performance improvements and cost saving.

ACS Style

Alvaro Alonso; Ignacio Aguado; Joaquin Salvachua; Joaquin Luciano Salvachua Rodriguez. A Metric to Estimate Resource Use in Cloud-Based Videoconferencing Distributed Systems. 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud) 2016, 25 -32.

AMA Style

Alvaro Alonso, Ignacio Aguado, Joaquin Salvachua, Joaquin Luciano Salvachua Rodriguez. A Metric to Estimate Resource Use in Cloud-Based Videoconferencing Distributed Systems. 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud). 2016; ():25-32.

Chicago/Turabian Style

Alvaro Alonso; Ignacio Aguado; Joaquin Salvachua; Joaquin Luciano Salvachua Rodriguez. 2016. "A Metric to Estimate Resource Use in Cloud-Based Videoconferencing Distributed Systems." 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud) , no. : 25-32.

Journal article
Published: 01 February 2016 in Computer Standards & Interfaces
Reads 0
Downloads 0

Highlights•We propose a distributed architecture for video conferencing servers (MCUs).•The MCU is divided into simple parts that broadcast streams, OneToManys.•We describe and evaluate the new control architecture that allows distributed deployment.•This solution provides improved scalability and deployment granularity. AbstractNew technologies are making videoconferencing more ubiquitous than ever. This imposes a big challenge for scaling software MCUs, the traditional videoconferencing servers. We propose, implement and test an architecture for a distributed MCU designed to be deployed in a Cloud Computing environment. The main design idea is to break monolithic MCUs into more simple parts: broadcasters. These broadcasters can be deployed independently on the fly. This achieves a higher deployment granularity and flexibility. We describe the control architecture that allows this distribution and prove the viability of the system with a fully developed implementation.

ACS Style

Pedro Rodríguez; Álvaro Alonso; Joaquín Salvachúa; Javier Cerviño. Materialising a new architecture for a distributed MCU in the Cloud. Computer Standards & Interfaces 2016, 44, 234 -242.

AMA Style

Pedro Rodríguez, Álvaro Alonso, Joaquín Salvachúa, Javier Cerviño. Materialising a new architecture for a distributed MCU in the Cloud. Computer Standards & Interfaces. 2016; 44 ():234-242.

Chicago/Turabian Style

Pedro Rodríguez; Álvaro Alonso; Joaquín Salvachúa; Javier Cerviño. 2016. "Materialising a new architecture for a distributed MCU in the Cloud." Computer Standards & Interfaces 44, no. : 234-242.

Conference paper
Published: 01 August 2014 in 2014 International Conference on Future Internet of Things and Cloud
Reads 0
Downloads 0

Multi party videoconference systems use MCU (Multipoint Control Unit) devices to forward media streams. In this paper we describe a mechanism that allows the mobility of such streams between MCU devices. This mobility is especially useful when redistribution of streams is needed due to scalability requirements. These requirements are mandatory in Cloud scenarios to adapt the number of MCUs and their capabilities to variations in the user demand. Our mechanism is based on TURN (Traversal Using Relay around NAT) standard and adapts MICE (Mobility with ICE) specification to the requirements of this kind of scenarios. We conclude that this mechanism achieves the stream mobility in a transparent way for client nodes and without interruptions for the users.

ACS Style

Álvaro Alonso; Joaquin Luciano Salvachua Rodriguez; Joaquín Salvachúa; Javier Cerviño. Dynamic Media Stream Mobility with TURN. 2014 International Conference on Future Internet of Things and Cloud 2014, 15 -22.

AMA Style

Álvaro Alonso, Joaquin Luciano Salvachua Rodriguez, Joaquín Salvachúa, Javier Cerviño. Dynamic Media Stream Mobility with TURN. 2014 International Conference on Future Internet of Things and Cloud. 2014; ():15-22.

Chicago/Turabian Style

Álvaro Alonso; Joaquin Luciano Salvachua Rodriguez; Joaquín Salvachúa; Javier Cerviño. 2014. "Dynamic Media Stream Mobility with TURN." 2014 International Conference on Future Internet of Things and Cloud , no. : 15-22.

Conference paper
Published: 01 August 2014 in 2014 International Conference on Future Internet of Things and Cloud
Reads 0
Downloads 0

One of the key factors for a given application to take advantage of cloud computing is the ability to scale in an efficient, fast and reliable way. In centralized multi-party video conferencing, dynamically scaling a running conversation is a complex problem. In this paper we propose a methodology to divide the Multipoint Control Unit (the video conferencing server) into more simple units, broadcasters. Each broadcaster receives the media from a participant, processes it and forwards it to the rest. These broadcasters can be distributed among a group of CPUs. By using this methodology, video conferencing systems can scale in a more granular way, improving the deployment.

ACS Style

Joaquin Luciano Salvachua Rodriguez; Alvaro Alonso; Joaquín Salvachúa; Javier Cerviño; Rodriguez P.; Alonso A.; Salvachua J.. dOTM: A Mechanism for Distributing Centralized Multi-party Video Conferencing in the Cloud. 2014 International Conference on Future Internet of Things and Cloud 2014, 61 -67.

AMA Style

Joaquin Luciano Salvachua Rodriguez, Alvaro Alonso, Joaquín Salvachúa, Javier Cerviño, Rodriguez P., Alonso A., Salvachua J.. dOTM: A Mechanism for Distributing Centralized Multi-party Video Conferencing in the Cloud. 2014 International Conference on Future Internet of Things and Cloud. 2014; ():61-67.

Chicago/Turabian Style

Joaquin Luciano Salvachua Rodriguez; Alvaro Alonso; Joaquín Salvachúa; Javier Cerviño; Rodriguez P.; Alonso A.; Salvachua J.. 2014. "dOTM: A Mechanism for Distributing Centralized Multi-party Video Conferencing in the Cloud." 2014 International Conference on Future Internet of Things and Cloud , no. : 61-67.

Conference paper
Published: 01 June 2013 in 2013 World Congress on Computer and Information Technology (WCCIT)
Reads 0
Downloads 0

The increase in CPU power and screen quality of todays smartphones as well as the availability of high bandwidth wireless networks has enabled high quality mobile videoconferencing never seen before. However, adapting to the variety of devices and network conditions that come as a result is still not a trivial issue. In this paper, we present a multiple participant videoconferencing service that adapts to different kind of devices and access networks while providing an stable communication. By combining network quality detection and the use of a multipoint control unit for video mixing and transcoding, desktop, tablet and mobile clients can participate seamlessly. We also describe the cost in terms of bandwidth and CPU usage of this approach in a variety of scenarios.

ACS Style

Pedro Rodriguez; Alvaro Alonso; Joaquín Salvachúa; Enrique Barra; Javier Cerviño; Paul Rodriguez; Alberto Alonso. Adaptive cross-device videoconferencing solution for wireless networks based on QoS monitoring. 2013 World Congress on Computer and Information Technology (WCCIT) 2013, 1 -6.

AMA Style

Pedro Rodriguez, Alvaro Alonso, Joaquín Salvachúa, Enrique Barra, Javier Cerviño, Paul Rodriguez, Alberto Alonso. Adaptive cross-device videoconferencing solution for wireless networks based on QoS monitoring. 2013 World Congress on Computer and Information Technology (WCCIT). 2013; ():1-6.

Chicago/Turabian Style

Pedro Rodriguez; Alvaro Alonso; Joaquín Salvachúa; Enrique Barra; Javier Cerviño; Paul Rodriguez; Alberto Alonso. 2013. "Adaptive cross-device videoconferencing solution for wireless networks based on QoS monitoring." 2013 World Congress on Computer and Information Technology (WCCIT) , no. : 1-6.