Associate Teaching Professor; Associate Director, Cybersecurity and Information Assurance Graduate Program
- Attribute-based access control
- IoT communications protection
- Technology innovations in Cyber Threats and Cyber Defenses
- PhD in Computer Science, Carlos III University of Madrid – Spain
- MSc in Computer Science, Málaga University – Spain
- MSc in Business Administration, Rey Juan Carlos University – Spain
- Applied Cyber Security, MIT Professional Education – Massachusetts Institute of Technology
Jose Sierra is an Associate Teaching Professor and Associate Director of Information Assurance and Cybersecurity Program at the Khoury College of Computer Sciences. He earned his PhD at Carlos III University in 2000. Jose’s research areas include authentication and access control protocols, mobile payments protection, lightweight cryptographic protocols and IoT security. He has a very active publication record, with an important number of conference proceedings and journal papers. During his academic career, he has had the opportunity to research and work at several universities, such as the British Bradford and Westminster, to well-established U.S. ones like UC Berkeley and MIT.
What are the specifics of your educational background?
My education has been focused on computer science. In this field I achieved my MSc degree in 1997, joining after that as a research assistant at the Pontificia de Comillas University in Madrid. Parallel to that, I began my PhD on Internet security protocols at the Carlos III University until 2000, when I obtained my doctoral thesis with honors.
In 2003, in order to complement my technical background, I took a MSc in Business Administration at the Rey Juan Carlos University, culminating it in 2005.
More recently, for personal interests, I was granted two professional certifications in Cybersecurity: Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM)
What are your research interests?
My research interests have been centered on the design, implementation, and management of security services for interconnected systems. Initially, my research was based on the foundations of some cryptographic algorithms and later focused on their use for the implementation of security protocols. In recent years, my research has evolved to cybersecurity management and how organizations can make strategic decisions, which will help them to counteract cyberthreats. This is the case of remote authentication protocols, where I developed new protocols and schemes applicable to electronic payment. Other areas with remarkable results were Vehicular Ad-Hoc Networks (VANETs) protection, P2PSIP security architecture, and low-performance computing devices used in Wireless Sensor Networks.
My research work in the validation and evaluation of security protocols triggered the creation of my research group: the EVALUES IT Security Laboratory (evalues.es). On this subject, my work evolved from formal validation logics for security protocols to assessment methodologies for commercial implementations of IPSEC architecture. In 2007, I led a team of researchers to create the IPSEC Evaluation Methodology, which is used to determine conformance and security levels for IPSEC VPN implementations.
Where did you spend your most defining years?
During my doctoral thesis, besides my home university, I developed some of my research at two British universities: at Bradford University I studied my thesis’ cryptographic aspects, and at Westminster my work was mainly centered on the analysis of the interconnected information systems emerging threats.
In 2000, I was awarded a fellowship grant of the International Computer Science Institute (University of California Berkeley), which I consider the most relevant research stay in my career. The work carried out at Berkeley was motivated by the analysis and design of Authentication, Authorization, and Accountability protocols (AAA).
In 2010, after ten years as an associate professor, I attained a postdoctoral research stay at the Computer Science and Artificial Intelligence Laboratory (CSAIL) at (MIT). My role at MIT involved the design of security protocols for Implantable Medical Devices (IMD).
My research was conducted at the International Computer Science Institute at UC Berkeley.
What are the specifics of your industry experience?
Throughout my career, I enjoyed a tight relationship with several industries. I have had the opportunity of participating in and leading several R&D projects for different sectors (last 5 years):
Aero Spatial Defense Sector.
- Innovative AAA System for Interoperable Distributed Architectures
- Design and implementation of a Security Compliance Accreditation plan for Defense Simulation Laboratory
- Design and implementation of a Secure Communication library for ground systems data synchronization
- Development of Smartcard-based Identification and Authentication System for multiplatform ground systems
National & European founded research.
- Advances for the city of the future: sustainable, smart, and efficient. WP1 Security Architecture (Ciudad 2020)
- Smart Robot Security. WP6 Access control and Authorization for Internet of the Things (Smoty)
HiTec & Telecom Providers.
- Security Architecture for a Supply Chain Management System based on Block-Chain
- CLOUD-PKI: Cloud Certification services based on HSM cryptography module
- Android Software Security Evaluation