Francisco Rocha scite author profile

Francisco Rocha

4Publications

159Citation Statements Received

83Citation Statements Given

How they've been cited

219

158

How they cite others

Affiliations

University of Lisbon, University of Luxembourg, Newcastle University

Publications

Order By: Most citations

Lucy in the sky without diamonds: Stealing confidential data in the cloud

Rocha

Correia

2011

130

View full text Add to dashboard Cite

Cloud Computing is a recent paradigm that is creating high expectations about benefits such as the payper-use model and elasticity of resources. However, with this optimism come also concerns about security. In a public cloud, the user's data storage and processing is no longer done inside its premises, but in data centers owned and administrated by the cloud provider. This may be a concern for organizations that deal with critical data, such as medical records. We show that a malicious insider can steal confidential data of the cloud user, so the user is mostly left with trusting the cloud provider. The paper achieves this goal by showing a set of attacks that demonstrate how a malicious insider can easily obtain passwords, cryptographic keys, files and other confidential data. Additionally, the paper shows that recent research results that might be useful to protect data in the cloud, are still not enough to deal with the problem. The paper is a call to arms for research in the topic.

show abstract

The Final Frontier: Confidentiality and Privacy in the Cloud

2011

View full text Add to dashboard Cite

show abstract

Towards Safe and Secure Autonomous and Cooperative Vehicle Ecosystems

Lima

Rocha

Völp

et al. 2016

View full text Add to dashboard Cite

Semi-autonomous driver assists are already widely deployed and fully autonomous cars are progressively leaving the realm of laboratories. This evolution coexists with a progressive connectivity and cooperation, creating important safety and security challenges, the latter ranging from casual hackers to highly-skilled attackers, requiring a holistic analysis, under the perspective of fully-fledged ecosystems of autonomous and cooperative vehicles. This position paper attempts at contributing to a better understanding of the global threat plane and the specific threat vectors designers should be attentive to. We survey paradigms and mechanisms that may be used to overcome or at least mitigate the potential risks that may arise through the several threat vectors analyzed.

show abstract

A Generic Logging Template for Infrastructure as a Service Cloud

Wongthai

Rocha

Moorsel

2013

View full text Add to dashboard Cite

Infrastructure as a Service (IaaS) consists of a cloud-based infrastructure to offer consumers raw computation resources such as storage and networking. These resources are billed using a pay-per-use cost model. However, this type of infrastructure is far from being a security haven as the seven main threats defined by the Cloud Security Alliance (CSA) indicate. Using logging systems can provide evidence to support accountability for an IaaS cloud, which helps us mitigating known threats. In this paper, we research to which extent such logging systems help mitigate risks associated with the threats identified by the CSA. A generic architecture 'template' for logging systems is proposed. This template encompasses all possible instantiations of logging solutions for IaaS cloud. We map existing logging systems to our generic template, and identify a logging solution to mitigate the risks associated with CSA threat number one (related to spam activities). We then argue that the template we suggest can be used to perform a systematic analysis of logging systems in terms of security before deploying them in production systems.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Francisco Rocha

Lucy in the sky without diamonds: Stealing confidential data in the cloud

The Final Frontier: Confidentiality and Privacy in the Cloud

Towards Safe and Secure Autonomous and Cooperative Vehicle Ecosystems

A Generic Logging Template for Infrastructure as a Service Cloud

Contact Info

Product

Resources

About