Aportación de la monitorización mediante redes de sensores y técnicas no invasivas para la conservación preventiva del Patrimonio

La presente tesis doctoral presenta una serie de estudios en el campo del patrimonio basados en metodologías de monitorización mediante redes de sensores y técnicas no invasivas con el objetivo de realizar nuevas aportaciones a la conservación preventiva mediante el seguimiento de los daños de deterioro o la prevención de los mismos. Las metodologías de monitorización mediante el despliegue de redes tridimensionales basadas en data loggers abordan estudios microclimáticos, de confort y energéticos a corto plazo, donde se establecen conclusiones relativas a la eficiencia energética de tres sistemas de calefacción muy utilizados en iglesias de la región centro de la Península Ibérica, abordando aspectos de afección de los mismos en el confort de los ocupantes o en el deterioro de los elementos patrimoniales o constructivos. Se desplegaron además distintas plataformas de redes de sensores inalámbricas procediendo a analizar en esta tesis cuál es la que presenta mejores resultados en el ámbito del patrimonio con el objetivo de una monitorización a largo plazo y considerando aspectos de comunicaciones, consumo y configuración de las redes. Una vez conocida la plataforma que presenta mejores resultados comparativos se muestra una metodología de estudio de la calidad de las comunicaciones en múltiples escenarios de patrimonio cultural y natural con la misma, que servirá para establecer una serie de aspectos a considerar en el despliegue de redes de sensores inalámbricas en futuros escenarios a monitorizar. Al igual que ocurre con las redes de sensores basadas en data loggers, las tareas de monitorización desarrolladas en esta tesis mediante el despliegue de las distintas plataformas inalámbricas ha permitido la detección de numerosos fenómenos de deterioro que son descritos a lo largo de la investigación y cuyo seguimiento supone una aportación a la prevención de daños en los distintos escenarios. Asimismo en el desarrollo de la tesis se realiza una aportación para la conservación preventiva mediante la monitorización con distintas técnicas no invasivas como la termografía infrarroja, las medidas de humedad superficial mediante protimeter, las técnicas de prospección de resistividad eléctrica de alta resolución o la prospección georradar. De este modo se desarrollan distintas aportaciones y conclusiones acerca de las ventajas y/o limitaciones de uso de las mismas analizando la idoneidad de aplicar cada una de ellas en distintas fases de análisis o con distintas capacidades de detección o caracterización de los daños. El estudio de imbricación de dichas técnicas ha sido desarrollado en un escenario real que presenta graves daños por humedad, habiendo sido posible la caracterización del origen de los mismos. ABSTRACT This doctoral dissertation discusses field research conducted to monitor heritage assets with sensor networks and other non-invasive techniques. The aim pursued was to contribute to conservation by tracking or preventing decay-induced damage. Monitoring methodologies based on three-dimensional data logger networks were used in short-term micro-climatic, comfort and energy studies to draw conclusions about the energy efficiency of three heating systems widely used in central Iberian churches. The impact of these systems on occupant comfort and decay of heritage or built elements was also explored. Different wireless sensor platforms were deployed and analysed to determine which delivered the best results in the context of long-term heritage monitoring from the standpoints of communications, energy demand and network architecture. A methodology was subsequently designed to study communication quality in a number of cultural and natural heritage scenarios and help establish the considerations to be borne in mind when deploying wireless sensor networks for heritage monitoring in future. As in data logger-based sensor networks, the monitoring conducted in this research with wireless platforms identified many instances of decay, described hereunder. Tracking those situations will help prevent damage in the respective scenarios. The research also contributes to preventive conservation based on non-invasive monitoring using techniques such as infrared thermography, protimeter-based surface damp measurements, high resolution electrical resistivity surveys and georadar analysis. The conclusions drawn address the advantages and drawbacks of each technique and its suitability for the various phases of analysis and capacity to detect or characterise damage. This dissertation also describes the intermeshed usage of these techniques that led to the identification of the origin of severe damp-induced damage in a real scenario.

Explicit context matching in content-based publish/subscribe systems

Although context could be exploited to improve performance, elasticity and adaptation in most distributed systems that adopt the publish/subscribe (P/S) communication model, only a few researchers have focused on the area of context-aware matching in P/S systems and have explored its implications in domains with highly dynamic context like wireless sensor networks (WSNs) and IoT-enabled applications. Most adopted P/S models are context agnostic or do not differentiate context from the other application data. In this article, we present a novel context-aware P/S model. SilboPS manages context explicitly, focusing on the minimization of network overhead in domains with recurrent context changes related, for example, to mobile ad hoc networks (MANETs). Our approach represents a solution that helps to efficiently share and use sensor data coming from ubiquitous WSNs across a plethora of applications intent on using these data to build context awareness. Specifically, we empirically demonstrate that decoupling a subscription from the changing context in which it is produced and leveraging contextual scoping in the filtering process notably reduces (un)subscription cost per node, while improving the global performance/throughput of the network of brokers without fltering the cost of SIENA-like topology changes.

Sistema de ayuda a la selección de soluciones de protección de datos personales, para los productos y servicios en “Internet de las Cosas”

Los nuevos productos y servicios de “Internet de las Cosas” nos harán más eficientes, con una mayor capacidad de actuación y una mejor comprensión de nuestro entorno. Se desarrollarán nuevas ayudas técnicas que permitirán prolongar nuestra vida activa, y muchas ventajas que hoy día nos costaría imaginar. Sin embargo coexistiremos con una gran cantidad de dispositivos que recopilarán información sobre nuestra actividad, costumbres, preferencias, etc., que podrían amenazar nuestra privacidad. La desconfianza que estos riesgos podrían generar en las personas, actuaría como una barrera que podría dificultar el pleno desarrollo de esta nueva gama de productos y servicios. Internet de las Cosas, alcanza su significado más representativo con las Ciudades Inteligentes (Smart Cities) que proporcionan las herramientas necesarias para mejorar la gestión de las ciudades modernas de una manera mucho más eficiente. Estas herramientas necesitan recolectar información de los ciudadanos abriendo la posibilidad de someterlos a un seguimiento. Así, las políticas de seguridad y privacidad deben desarrollarse para satisfacer y gestionar la heterogeneidad legislativa en torno a los servicios prestados y cumplir con las leyes del país en el que se proporcionan estos servicios. El objetivo de esta tesis es aportar una posible solución para la garantizar la seguridad y privacidad de los datos personales en Internet de las Cosas, mediante técnicas que resulten de la colaboración entre las áreas empresarial, legislativa y tecnológica para dar confianza a todos los actores involucrados y resolver la posible colisión de intereses entre ellos, y también debe ser capaz de poder gestionar la heterogeneidad legislativa. Considerando que gran parte de estos servicios se canalizan a través de redes de sensores inalámbricos, y que estas redes tienen importantes limitaciones de recursos, se propone un sistema de gestión que además sea capaz de dar una cobertura de seguridad y privacidad justo a medida de las necesidades. ABSTRACT New products and services offered by the “Internet of Things” will make people more efficient and more able to understand the environment and take better decisions. New assistive technologies will allow people to extend their working years and many other advantages that currently are hard to foreseen. Nonetheless, we will coexist with a large number of devices collecting information about activities, habits, preferences, etc. This situation could threaten personal privacy. Distrust could be a barrier to the full development of these new products and services. Internet of Things reaches its most representative meaning by the Smart Cities providing the necessary solutions to improve the management of modern cities by means of more efficient tools. These tools require gathering citizens’ information about their activity, preferences, habits, etc. opening up the possibility of tracking them. Thus, privacy and security policies must be developed in order to satisfy and manage the legislative heterogeneity surrounding the services provided and comply with the laws of the country where they are provided. The objective of this thesis is to provide a feasible solution to ensure the security and privacy of personal data on the Internet of Things through resulting techniques from the collaboration between business, legislative and technological areas so as to give confidence to all stakeholders and resolve the possible conflict of interest between them, as well as to manage the legislative heterogeneity. Whereas most of these services are based on wireless sensor networks, and these networks have significant resource constraints, the proposed management system is also able to cover the security and privacy requirements considering those constrains.

Sistema de ayuda a la selección de soluciones de protección de datos personales, para los productos y servicios en “Internet de las Cosas”

Los nuevos productos y servicios de “Internet de las Cosas” nos harán más eficientes, con una mayor capacidad de actuación y una mejor comprensión de nuestro entorno. Se desarrollarán nuevas ayudas técnicas que permitirán prolongar nuestra vida activa, y muchas ventajas que hoy día nos costaría imaginar. Sin embargo coexistiremos con una gran cantidad de dispositivos que recopilarán información sobre nuestra actividad, costumbres, preferencias, etc., que podrían amenazar nuestra privacidad. La desconfianza que estos riesgos podrían generar en las personas, actuaría como una barrera que podría dificultar el pleno desarrollo de esta nueva gama de productos y servicios. Internet de las Cosas, alcanza su significado más representativo con las Ciudades Inteligentes (Smart Cities) que proporcionan las herramientas necesarias para mejorar la gestión de las ciudades modernas de una manera mucho más eficiente. Estas herramientas necesitan recolectar información de los ciudadanos abriendo la posibilidad de someterlos a un seguimiento. Así, las políticas de seguridad y privacidad deben desarrollarse para satisfacer y gestionar la heterogeneidad legislativa en torno a los servicios prestados y cumplir con las leyes del país en el que se proporcionan estos servicios. El objetivo de esta tesis es aportar una posible solución para la garantizar la seguridad y privacidad de los datos personales en Internet de las Cosas, mediante técnicas que resulten de la colaboración entre las áreas empresarial, legislativa y tecnológica para dar confianza a todos los actores involucrados y resolver la posible colisión de intereses entre ellos, y también debe ser capaz de poder gestionar la heterogeneidad legislativa. Considerando que gran parte de estos servicios se canalizan a través de redes de sensores inalámbricos, y que estas redes tienen importantes limitaciones de recursos, se propone un sistema de gestión que además sea capaz de dar una cobertura de seguridad y privacidad justo a medida de las necesidades. ABSTRACT New products and services offered by the “Internet of Things” will make people more efficient and more able to understand the environment and take better decisions. New assistive technologies will allow people to extend their working years and many other advantages that currently are hard to foreseen. Nonetheless, we will coexist with a large number of devices collecting information about activities, habits, preferences, etc. This situation could threaten personal privacy. Distrust could be a barrier to the full development of these new products and services. Internet of Things reaches its most representative meaning by the Smart Cities providing the necessary solutions to improve the management of modern cities by means of more efficient tools. These tools require gathering citizens’ information about their activity, preferences, habits, etc. opening up the possibility of tracking them. Thus, privacy and security policies must be developed in order to satisfy and manage the legislative heterogeneity surrounding the services provided and comply with the laws of the country where they are provided. The objective of this thesis is to provide a feasible solution to ensure the security and privacy of personal data on the Internet of Things through resulting techniques from the collaboration between business, legislative and technological areas so as to give confidence to all stakeholders and resolve the possible conflict of interest between them, as well as to manage the legislative heterogeneity. Whereas most of these services are based on wireless sensor networks, and these networks have significant resource constraints, the proposed management system is also able to cover the security and privacy requirements considering those constrains.

Trust-ware: A Methodology to Analyze, Design, and Secure Trust and Reputation Systems

Entendemos por inteligencia colectiva una forma de inteligencia que surge de la colaboración y la participación de varios individuos o, siendo más estrictos, varias entidades. En base a esta sencilla definición podemos observar que este concepto es campo de estudio de las más diversas disciplinas como pueden ser la sociología, las tecnologías de la información o la biología, atendiendo cada una de ellas a un tipo de entidades diferentes: seres humanos, elementos de computación o animales. Como elemento común podríamos indicar que la inteligencia colectiva ha tenido como objetivo el ser capaz de fomentar una inteligencia de grupo que supere a la inteligencia individual de las entidades que lo forman a través de mecanismos de coordinación, cooperación, competencia, integración, diferenciación, etc. Sin embargo, aunque históricamente la inteligencia colectiva se ha podido desarrollar de forma paralela e independiente en las distintas disciplinas que la tratan, en la actualidad, los avances en las tecnologías de la información han provocado que esto ya no sea suficiente. Hoy en día seres humanos y máquinas a través de todo tipo de redes de comunicación e interfaces, conviven en un entorno en el que la inteligencia colectiva ha cobrado una nueva dimensión: ya no sólo puede intentar obtener un comportamiento superior al de sus entidades constituyentes sino que ahora, además, estas inteligencias individuales son completamente diferentes unas de otras y aparece por lo tanto el doble reto de ser capaces de gestionar esta gran heterogeneidad y al mismo tiempo ser capaces de obtener comportamientos aún más inteligentes gracias a las sinergias que los distintos tipos de inteligencias pueden generar. Dentro de las áreas de trabajo de la inteligencia colectiva existen varios campos abiertos en los que siempre se intenta obtener unas prestaciones superiores a las de los individuos. Por ejemplo: consciencia colectiva, memoria colectiva o sabiduría colectiva. Entre todos estos campos nosotros nos centraremos en uno que tiene presencia en la práctica totalidad de posibles comportamientos inteligentes: la toma de decisiones. El campo de estudio de la toma de decisiones es realmente amplio y dentro del mismo la evolución ha sido completamente paralela a la que citábamos anteriormente en referencia a la inteligencia colectiva. En primer lugar se centró en el individuo como entidad decisoria para posteriormente desarrollarse desde un punto de vista social, institucional, etc. La primera fase dentro del estudio de la toma de decisiones se basó en la utilización de paradigmas muy sencillos: análisis de ventajas e inconvenientes, priorización basada en la maximización de algún parámetro del resultado, capacidad para satisfacer los requisitos de forma mínima por parte de las alternativas, consultas a expertos o entidades autorizadas o incluso el azar. Sin embargo, al igual que el paso del estudio del individuo al grupo supone una nueva dimensión dentro la inteligencia colectiva la toma de decisiones colectiva supone un nuevo reto en todas las disciplinas relacionadas. Además, dentro de la decisión colectiva aparecen dos nuevos frentes: los sistemas de decisión centralizados y descentralizados. En el presente proyecto de tesis nos centraremos en este segundo, que es el que supone una mayor atractivo tanto por las posibilidades de generar nuevo conocimiento y trabajar con problemas abiertos actualmente así como en lo que respecta a la aplicabilidad de los resultados que puedan obtenerse. Ya por último, dentro del campo de los sistemas de decisión descentralizados existen varios mecanismos fundamentales que dan lugar a distintas aproximaciones a la problemática propia de este campo. Por ejemplo el liderazgo, la imitación, la prescripción o el miedo. Nosotros nos centraremos en uno de los más multidisciplinares y con mayor capacidad de aplicación en todo tipo de disciplinas y que, históricamente, ha demostrado que puede dar lugar a prestaciones muy superiores a otros tipos de mecanismos de decisión descentralizados: la confianza y la reputación. Resumidamente podríamos indicar que confianza es la creencia por parte de una entidad que otra va a realizar una determinada actividad de una forma concreta. En principio es algo subjetivo, ya que la confianza de dos entidades diferentes sobre una tercera no tiene porqué ser la misma. Por otro lado, la reputación es la idea colectiva (o evaluación social) que distintas entidades de un sistema tiene sobre otra entidad del mismo en lo que respecta a un determinado criterio. Es por tanto una información de carácter colectivo pero única dentro de un sistema, no asociada a cada una de las entidades del sistema sino por igual a todas ellas. En estas dos sencillas definiciones se basan la inmensa mayoría de sistemas colectivos. De hecho muchas disertaciones indican que ningún tipo de organización podría ser viable de no ser por la existencia y la utilización de los conceptos de confianza y reputación. A partir de ahora, a todo sistema que utilice de una u otra forma estos conceptos lo denominaremos como sistema de confianza y reputación (o TRS, Trust and Reputation System). Sin embargo, aunque los TRS son uno de los aspectos de nuestras vidas más cotidianos y con un mayor campo de aplicación, el conocimiento que existe actualmente sobre ellos no podría ser más disperso. Existen un gran número de trabajos científicos en todo tipo de áreas de conocimiento: filosofía, psicología, sociología, economía, política, tecnologías de la información, etc. Pero el principal problema es que no existe una visión completa de la confianza y reputación en su sentido más amplio. Cada disciplina focaliza sus estudios en unos aspectos u otros dentro de los TRS, pero ninguna de ellas trata de explotar el conocimiento generado en el resto para mejorar sus prestaciones en su campo de aplicación concreto. Aspectos muy detallados en algunas áreas de conocimiento son completamente obviados por otras, o incluso aspectos tratados por distintas disciplinas, al ser estudiados desde distintos puntos de vista arrojan resultados complementarios que, sin embargo, no son aprovechados fuera de dichas áreas de conocimiento. Esto nos lleva a una dispersión de conocimiento muy elevada y a una falta de reutilización de metodologías, políticas de actuación y técnicas de una disciplina a otra. Debido su vital importancia, esta alta dispersión de conocimiento se trata de uno de los principales problemas que se pretenden resolver con el presente trabajo de tesis. Por otro lado, cuando se trabaja con TRS, todos los aspectos relacionados con la seguridad están muy presentes ya que muy este es un tema vital dentro del campo de la toma de decisiones. Además también es habitual que los TRS se utilicen para desempeñar responsabilidades que aportan algún tipo de funcionalidad relacionada con el mundo de la seguridad. Por último no podemos olvidar que el acto de confiar está indefectiblemente unido al de delegar una determinada responsabilidad, y que al tratar estos conceptos siempre aparece la idea de riesgo, riesgo de que las expectativas generadas por el acto de la delegación no se cumplan o se cumplan de forma diferente. Podemos ver por lo tanto que cualquier sistema que utiliza la confianza para mejorar o posibilitar su funcionamiento, por su propia naturaleza, es especialmente vulnerable si las premisas en las que se basa son atacadas. En este sentido podemos comprobar (tal y como analizaremos en más detalle a lo largo del presente documento) que las aproximaciones que realizan las distintas disciplinas que tratan la violación de los sistemas de confianza es de lo más variado. únicamente dentro del área de las tecnologías de la información se ha intentado utilizar alguno de los enfoques de otras disciplinas de cara a afrontar problemas relacionados con la seguridad de TRS. Sin embargo se trata de una aproximación incompleta y, normalmente, realizada para cumplir requisitos de aplicaciones concretas y no con la idea de afianzar una base de conocimiento más general y reutilizable en otros entornos. Con todo esto en cuenta, podemos resumir contribuciones del presente trabajo de tesis en las siguientes. • La realización de un completo análisis del estado del arte dentro del mundo de la confianza y la reputación que nos permite comparar las ventajas e inconvenientes de las diferentes aproximación que se realizan a estos conceptos en distintas áreas de conocimiento. • La definición de una arquitectura de referencia para TRS que contempla todas las entidades y procesos que intervienen en este tipo de sistemas. • La definición de un marco de referencia para analizar la seguridad de TRS. Esto implica tanto identificar los principales activos de un TRS en lo que respecta a la seguridad, así como el crear una tipología de posibles ataques y contramedidas en base a dichos activos. • La propuesta de una metodología para el análisis, el diseño, el aseguramiento y el despliegue de un TRS en entornos reales. Adicionalmente se exponen los principales tipos de aplicaciones que pueden obtenerse de los TRS y los medios para maximizar sus prestaciones en cada una de ellas. • La generación de un software que permite simular cualquier tipo de TRS en base a la arquitectura propuesta previamente. Esto permite evaluar las prestaciones de un TRS bajo una determinada configuración en un entorno controlado previamente a su despliegue en un entorno real. Igualmente es de gran utilidad para evaluar la resistencia a distintos tipos de ataques o mal-funcionamientos del sistema. Además de las contribuciones realizadas directamente en el campo de los TRS, hemos realizado aportaciones originales a distintas áreas de conocimiento gracias a la aplicación de las metodologías de análisis y diseño citadas con anterioridad. • Detección de anomalías térmicas en Data Centers. Hemos implementado con éxito un sistema de deteción de anomalías térmicas basado en un TRS. Comparamos la detección de prestaciones de algoritmos de tipo Self-Organized Maps (SOM) y Growing Neural Gas (GNG). Mostramos como SOM ofrece mejores resultados para anomalías en los sistemas de refrigeración de la sala mientras que GNG es una opción más adecuada debido a sus tasas de detección y aislamiento para casos de anomalías provocadas por una carga de trabajo excesiva. • Mejora de las prestaciones de recolección de un sistema basado en swarm computing y odometría social. Gracias a la implementación de un TRS conseguimos mejorar las capacidades de coordinación de una red de robots autónomos distribuidos. La principal contribución reside en el análisis y la validación de las mejoras increméntales que pueden conseguirse con la utilización apropiada de la información existente en el sistema y que puede ser relevante desde el punto de vista de un TRS, y con la implementación de algoritmos de cálculo de confianza basados en dicha información. • Mejora de la seguridad de Wireless Mesh Networks contra ataques contra la integridad, la confidencialidad o la disponibilidad de los datos y / o comunicaciones soportadas por dichas redes. • Mejora de la seguridad de Wireless Sensor Networks contra ataques avanzamos, como insider attacks, ataques desconocidos, etc. Gracias a las metodologías presentadas implementamos contramedidas contra este tipo de ataques en entornos complejos. En base a los experimentos realizados, hemos demostrado que nuestra aproximación es capaz de detectar y confinar varios tipos de ataques que afectan a los protocoles esenciales de la red. La propuesta ofrece unas velocidades de detección muy altas así como demuestra que la inclusión de estos mecanismos de actuación temprana incrementa significativamente el esfuerzo que un atacante tiene que introducir para comprometer la red. Finalmente podríamos concluir que el presente trabajo de tesis supone la generación de un conocimiento útil y aplicable a entornos reales, que nos permite la maximización de las prestaciones resultantes de la utilización de TRS en cualquier tipo de campo de aplicación. De esta forma cubrimos la principal carencia existente actualmente en este campo, que es la falta de una base de conocimiento común y agregada y la inexistencia de una metodología para el desarrollo de TRS que nos permita analizar, diseñar, asegurar y desplegar TRS de una forma sistemática y no artesanal y ad-hoc como se hace en la actualidad. ABSTRACT By collective intelligence we understand a form of intelligence that emerges from the collaboration and competition of many individuals, or strictly speaking, many entities. Based on this simple definition, we can see how this concept is the field of study of a wide range of disciplines, such as sociology, information science or biology, each of them focused in different kinds of entities: human beings, computational resources, or animals. As a common factor, we can point that collective intelligence has always had the goal of being able of promoting a group intelligence that overcomes the individual intelligence of the basic entities that constitute it. This can be accomplished through different mechanisms such as coordination, cooperation, competence, integration, differentiation, etc. Collective intelligence has historically been developed in a parallel and independent way among the different disciplines that deal with it. However, this is not enough anymore due to the advances in information technologies. Nowadays, human beings and machines coexist in environments where collective intelligence has taken a new dimension: we yet have to achieve a better collective behavior than the individual one, but now we also have to deal with completely different kinds of individual intelligences. Therefore, we have a double goal: being able to deal with this heterogeneity and being able to get even more intelligent behaviors thanks to the synergies that the different kinds of intelligence can generate. Within the areas of collective intelligence there are several open topics where they always try to get better performances from groups than from the individuals. For example: collective consciousness, collective memory, or collective wisdom. Among all these topics we will focus on collective decision making, that has influence in most of the collective intelligent behaviors. The field of study of decision making is really wide, and its evolution has been completely parallel to the aforementioned collective intelligence. Firstly, it was focused on the individual as the main decision-making entity, but later it became involved in studying social and institutional groups as basic decision-making entities. The first studies within the decision-making discipline were based on simple paradigms, such as pros and cons analysis, criteria prioritization, fulfillment, following orders, or even chance. However, in the same way that studying the community instead of the individual meant a paradigm shift within collective intelligence, collective decision-making means a new challenge for all the related disciplines. Besides, two new main topics come up when dealing with collective decision-making: centralized and decentralized decision-making systems. In this thesis project we focus in the second one, because it is the most interesting based on the opportunities to generate new knowledge and deal with open issues in this area, as well as these results can be put into practice in a wider set of real-life environments. Finally, within the decentralized collective decision-making systems discipline, there are several basic mechanisms that lead to different approaches to the specific problems of this field, for example: leadership, imitation, prescription, or fear. We will focus on trust and reputation. They are one of the most multidisciplinary concepts and with more potential for applying them in every kind of environments. Besides, they have historically shown that they can generate better performance than other decentralized decision-making mechanisms. Shortly, we say trust is the belief of one entity that the outcome of other entities’ actions is going to be in a specific way. It is a subjective concept because the trust of two different entities in another one does not have to be the same. Reputation is the collective idea (or social evaluation) that a group of entities within a system have about another entity based on a specific criterion. Thus, it is a collective concept in its origin. It is important to say that the behavior of most of the collective systems are based on these two simple definitions. In fact, a lot of articles and essays describe how any organization would not be viable if the ideas of trust and reputation did not exist. From now on, we call Trust an Reputation System (TRS) to any kind of system that uses these concepts. Even though TRSs are one of the most common everyday aspects in our lives, the existing knowledge about them could not be more dispersed. There are thousands of scientific works in every field of study related to trust and reputation: philosophy, psychology, sociology, economics, politics, information sciences, etc. But the main issue is that a comprehensive vision of trust and reputation for all these disciplines does not exist. Every discipline focuses its studies on a specific set of topics but none of them tries to take advantage of the knowledge generated in the other disciplines to improve its behavior or performance. Detailed topics in some fields are completely obviated in others, and even though the study of some topics within several disciplines produces complementary results, these results are not used outside the discipline where they were generated. This leads us to a very high knowledge dispersion and to a lack in the reuse of methodologies, policies and techniques among disciplines. Due to its great importance, this high dispersion of trust and reputation knowledge is one of the main problems this thesis contributes to solve. When we work with TRSs, all the aspects related to security are a constant since it is a vital aspect within the decision-making systems. Besides, TRS are often used to perform some responsibilities related to security. Finally, we cannot forget that the act of trusting is invariably attached to the act of delegating a specific responsibility and, when we deal with these concepts, the idea of risk is always present. This refers to the risk of generated expectations not being accomplished or being accomplished in a different way we anticipated. Thus, we can see that any system using trust to improve or enable its behavior, because of its own nature, is especially vulnerable if the premises it is based on are attacked. Related to this topic, we can see that the approaches of the different disciplines that study attacks of trust and reputation are very diverse. Some attempts of using approaches of other disciplines have been made within the information science area of knowledge, but these approaches are usually incomplete, not systematic and oriented to achieve specific requirements of specific applications. They never try to consolidate a common base of knowledge that could be reusable in other context. Based on all these ideas, this work makes the following direct contributions to the field of TRS: • The compilation of the most relevant existing knowledge related to trust and reputation management systems focusing on their advantages and disadvantages. • We define a generic architecture for TRS, identifying the main entities and processes involved. • We define a generic security framework for TRS. We identify the main security assets and propose a complete taxonomy of attacks for TRS. • We propose and validate a methodology to analyze, design, secure and deploy TRS in real-life environments. Additionally we identify the principal kind of applications we can implement with TRS and how TRS can provide a specific functionality. • We develop a software component to validate and optimize the behavior of a TRS in order to achieve a specific functionality or performance. In addition to the contributions made directly to the field of the TRS, we have made original contributions to different areas of knowledge thanks to the application of the analysis, design and security methodologies previously presented: • Detection of thermal anomalies in Data Centers. Thanks to the application of the TRS analysis and design methodologies, we successfully implemented a thermal anomaly detection system based on a TRS.We compare the detection performance of Self-Organized- Maps and Growing Neural Gas algorithms. We show how SOM provides better results for Computer Room Air Conditioning anomaly detection, yielding detection rates of 100%, in training data with malfunctioning sensors. We also show that GNG yields better detection and isolation rates for workload anomaly detection, reducing the false positive rate when compared to SOM. • Improving the performance of a harvesting system based on swarm computing and social odometry. Through the implementation of a TRS, we achieved to improve the ability of coordinating a distributed network of autonomous robots. The main contribution lies in the analysis and validation of the incremental improvements that can be achieved with proper use information that exist in the system and that are relevant for the TRS, and the implementation of the appropriated trust algorithms based on such information. • Improving Wireless Mesh Networks security against attacks against the integrity, confidentiality or availability of data and communications supported by these networks. Thanks to the implementation of a TRS we improved the detection time rate against these kind of attacks and we limited their potential impact over the system. • We improved the security of Wireless Sensor Networks against advanced attacks, such as insider attacks, unknown attacks, etc. Thanks to the TRS analysis and design methodologies previously described, we implemented countermeasures against such attacks in a complex environment. In our experiments we have demonstrated that our system is capable of detecting and confining various attacks that affect the core network protocols. We have also demonstrated that our approach is capable of rapid attack detection. Also, it has been proven that the inclusion of the proposed detection mechanisms significantly increases the effort the attacker has to introduce in order to compromise the network. Finally we can conclude that, to all intents and purposes, this thesis offers a useful and applicable knowledge in real-life environments that allows us to maximize the performance of any system based on a TRS. Thus, we deal with the main deficiency of this discipline: the lack of a common and complete base of knowledge and the lack of a methodology for the development of TRS that allow us to analyze, design, secure and deploy TRS in a systematic way.

Trust and Privacy Solutions Based on Holistic Service Requirements

The products and services designed for Smart Cities provide the necessary tools to improve the management of modern cities in a more efficient way. These tools need to gather citizens’ information about their activity, preferences, habits, etc. opening up the possibility of tracking them. Thus, privacy and security policies must be developed in order to satisfy and manage the legislative heterogeneity surrounding the services provided and comply with the laws of the country where they are provided. This paper presents one of the possible solutions to manage this heterogeneity, bearing in mind these types of networks, such as Wireless Sensor Networks, have important resource limitations. A knowledge and ontology management system is proposed to facilitate the collaboration between the business, legal and technological areas. This will ease the implementation of adequate specific security and privacy policies for a given service. All these security and privacy policies are based on the information provided by the deployed platforms and by expert system processing.

Desenvolvimento de sistema automatizado de monitoramento de ambientes de produção animal, utilizando uma rede de sensores sem fio

As redes de sensores sem fio, aplicadas à automação do controle de ambientes representam um paradigma emergente da computação, onde múltiplos nós providos de sensores, sistemas computacionais autônomos e capacidade de comunicação sem fio, conformam uma rede cuja topologia altamente dinâmica permite adquirir informações sobre sistemas complexos sendo monitorados. Um dos fatores essenciais para obter um ganho na produtividade avícola é o controle da ambiência animal. Atualmente os métodos utilizados para o monitoramento e controle ambiental não podem considerar a grande quantidade de microambientes internos nos ambientes de produção animal e também requerem infraestruturas cabeadas complexas. Dentro desse contexto o objetivo deste trabalho foi desenvolver e testar um sistema automatizado de controle ambiental, através da utilização de sensores sem fio, que auxilie e proporcione maior segurança no controle de ambientes automatizados. O sistema monitora variáveis que influenciam na produtividade de aves, tais como temperatura e umidade e outras variáveis físico-químicas do aviário. A infraestrutura desenvolvida foi testada em um aviário experimental e resultou em um sistema seguro e com grande escalabilidade, que é capaz de controlar e monitorar o ambiente e ainda coletar e gravar dados. Foi utilizado o protocolo ZigBee® para gerenciar o fluxo de dados do sistema. Foram feitas análises da eficiência de comunicação do sistema no aviário, monitorando os pacotes de dados perdidos. Os testes demonstraram uma perda de dados de aproximadamente 2% dos pacotes enviados, demonstrando a eficiência das redes ZigBee® para gerenciar o fluxo de dados no interior do aviário. Desta forma, pode-se concluir que é possível e viável a implantação de uma rede ZigBee®, para automatizar ambientes de produção animal com coleta de dados em tempo real, utilizando um sistema integrado via internet, que compreende: instrumentação eletrônica, comunicação sem fio e engenharia de software\".

Efficient Multi-hop Broadcast Data Dissemination in IoT and Smart Cities

Internet of Things (IoT) can be defined as a “network of networks” composed by billions of uniquely identified physical Smart Objects (SO), organized in an Internet-like structure. Smart Objects can be items equipped with sensors, consumer devices (e.g., smartphones, tablets, or wearable devices), and enterprise assets that are connected both to the Internet and to each others. The birth of the IoT, with its communications paradigms, can be considered as an enabling factor for the creation of the so-called Smart Cities. A Smart City uses Information and Communication Technologies (ICT) to enhance quality, performance and interactivity of urban services, ranging from traffic management and pollution monitoring to government services and energy management. This thesis is focused on multi-hop data dissemination within IoT and Smart Cities scenarios. The proposed multi-hop techniques, mostly based on probabilistic forwarding, have been used for different purposes: from the improvement of the performance of unicast protocols for Wireless Sensor Networks (WSNs) to the efficient data dissemination within Vehicular Ad-hoc NETworks (VANETs).

An adaptive IEEE 802.15.4 MAC layer transmission scheme for applications with heterogeneous traffic

IEEE 802.15.4 networks has the features of low data rate and low power consumption. It is a strong candidate technique for wireless sensor networks and can find many applications to smart grid. However, due to the low network and energy capacities it is critical to maximize the bandwidth and energy efficiencies of 802.15.4 networks. In this paper we propose an adaptive data transmission scheme with CSMA/CA access control, for applications which may have heavy traffic loads such as smart grids. The adaptive access control is simple to implement. Its compatibility with legacy 802.15.4 devices can be maintained. Simulation results demonstrate the effectiveness of the proposed scheme with largely improved bandwidth and power efficiency. © 2013 International Information Institute.

Modelagem do consumo de energia de redes de sensores sem fio usando SystemC-AMS e stateflow

This work aims at modeling power consumption at the nodes of a Wireless Sensor Network (WSN). For doing so, a finite state machine was implemented by means of SystemC-AMS and Stateflow modeling and simulation tools. In order to achieve this goal, communication data in a WSN were collected. Based on the collected data, a simulation environment for power consumption characterization, which aimed at describing the network operation, was developed. Other than performing power consumption simulation, this environment also takes into account a discharging model as to analyze the battery charge level at any given moment. Such analysis result in a graph illustrating the battery voltage variations as well as its state of charge (SOC). Finally, a case study of the WSN power consumption aims to analyze the acquisition mode and network data communication. With this analysis, it is possible make adjustments in node-sensors to reduce the total power consumption of the network.

Estudo e desenvolvimento de algoritmos criptográficos para redes de sensores sem fio, utilizando técnicas de programação genética

Cryptography is the main form to obtain security in any network. Even in networks with great energy consumption restrictions, processing and memory limitations, as the Wireless Sensors Networks (WSN), this is no different. Aiming to improve the cryptography performance, security and the lifetime of these networks, we propose a new cryptographic algorithm developed through the Genetic Programming (GP) techniques. For the development of the cryptographic algorithm’s fitness criteria, established by the genetic GP, nine new cryptographic algorithms were tested: AES, Blowfish, DES, RC6, Skipjack, Twofish, T-DES, XTEA and XXTEA. Starting from these tests, fitness functions was build taking into account the execution time, occupied memory space, maximum deviation, irregular deviation and correlation coefficient. After obtaining the genetic GP, the CRYSEED and CRYSEED2 was created, algorithms for the 8-bits devices, optimized for WSNs, i.e., with low complexity, few memory consumption and good security for sensing and instrumentation applications.

Estudo e desenvolvimento de algoritmos criptográficos para redes de sensores sem fio, utilizando técnicas de programação genética

Cryptography is the main form to obtain security in any network. Even in networks with great energy consumption restrictions, processing and memory limitations, as the Wireless Sensors Networks (WSN), this is no different. Aiming to improve the cryptography performance, security and the lifetime of these networks, we propose a new cryptographic algorithm developed through the Genetic Programming (GP) techniques. For the development of the cryptographic algorithm’s fitness criteria, established by the genetic GP, nine new cryptographic algorithms were tested: AES, Blowfish, DES, RC6, Skipjack, Twofish, T-DES, XTEA and XXTEA. Starting from these tests, fitness functions was build taking into account the execution time, occupied memory space, maximum deviation, irregular deviation and correlation coefficient. After obtaining the genetic GP, the CRYSEED and CRYSEED2 was created, algorithms for the 8-bits devices, optimized for WSNs, i.e., with low complexity, few memory consumption and good security for sensing and instrumentation applications.

Secrecy Capacity Analysis Over κ–μ Fading Channels: Theory and Applications

In this paper, we consider the transmission of confidential information over a κ-μ fading channel in the presence of an eavesdropper who also experiences κ-μ fading. In particular, we obtain novel analytical solutions for the probability of strictly positive secrecy capacity (SPSC) and a lower bound of secure outage probability (SOPL) for independent and non-identically distributed channel coefficients without parameter constraints. We also provide a closed-form expression for the probability of SPSC when the μ parameter is assumed to take positive integer values. Monte-Carlo simulations are performed to verify the derived results. The versatility of the κ-μ fading model means that the results presented in this paper can be used to determine the probability of SPSC and SOPL for a large number of other fading scenarios, such as Rayleigh, Rice (Nakagamin), Nakagami-m, One-Sided Gaussian, and mixtures of these common fading models. In addition, due to the duality of the analysis of secrecy capacity and co-channel interference (CCI), the results presented here will have immediate applicability in the analysis of outage probability in wireless systems affected by CCI and background noise (BN). To demonstrate the efficacy of the novel formulations proposed here, we use the derived equations to provide a useful insight into the probability of SPSC and SOPL for a range of emerging wireless applications, such as cellular device-to-device, peer-to-peer, vehicle-to-vehicle, and body centric communications using data obtained from real channel measurements.

IoT Based Pain Management using Physiological Parameters

The continuous technology evaluation is benefiting our lives to a great extent. The evolution of Internet of things and deployment of wireless sensor networks is making it possible to have more connectivity between people and devices used extensively in our daily lives. Almost every discipline of daily life including health sector, transportation, agriculture etc. is benefiting from these technologies. There is a great potential of research and refinement of health sector as the current system is very often dependent on manual evaluations conducted by the clinicians. There is no automatic system for patient health monitoring and assessment which results to incomplete and less reliable heath information. Internet of things has a great potential to benefit health care applications by automated and remote assessment, monitoring and identification of diseases. Acute pain is the main cause of people visiting to hospitals. An automatic pain detection system based on internet of things with wireless devices can make the assessment and redemption significantly more efficient. The contribution of this research work is proposing pain assessment method based on physiological parameters. The physiological parameters chosen for this study are heart rate, electrocardiography, breathing rate and galvanic skin response. As a first step, the relation between these physiological parameters and acute pain experienced by the test persons is evaluated. The electrocardiography data collected from the test persons is analyzed to extract interbeat intervals. This evaluation clearly demonstrates specific patterns and trends in these parameters as a consequence of pain. This parametric behavior is then used to assess and identify the pain intensity by implementing machine learning algorithms. Support vector machines are used for classifying these parameters influenced by different pain intensities and classification results are achieved. The classification results with good accuracy rates between two and three levels of pain intensities shows clear indication of pain and the feasibility of this pain assessment method. An improved approach on the basis of this research work can be implemented by using both physiological parameters and electromyography data of facial muscles for classification.

Simulació de xarxes WSN

Trabajo de final de carrera enfocado a la simulacion de una WSN (Wireless Sensors Networks) mediante el programa Contiki 2.7 y el SO Ubuntu. La idea global del proyecto es conseguir simular un entorno con nodos sensores, y a posteriori comprobar su correcto funcionamiento en motas reales. Comprobando los resultados obtenidos en ambos entornos. De esta manera se puede facilitar la puesta en marcha de este tipo de redes inalámbricas en una aplicación real.