Personal information

Other IDs

ResearcherID: D-4648-2011
Scopus Author ID: 6508031693

Keywords

Security in Software Engineering, Big Data Security, Information Security Management Systems

Biography

Eduardo Fernández- Medina es Catedrático de Universidad en la Escuela Superior de Informática de Ciudad Real (Departamento de Tecnologías y Sistemas de Información) desde abril de 2017 (acreditado en 2011). Es Director del grupo GSyA (Grupo de Seguridad y Auditoria) de la UCLM desde 2006 y director de la Escuela Superior de Informática de Ciudad Real desde 2012, habiendo sido también subdirector de dicha escuela entre 2006 y 2008.
Ha tenido una productividad científica intensa, contando con decenas de publicaciones, de las que destacan más de 50 artículos en revistas JCR (20 de ellas en primer o segundo cuartil), 7 editoriales de números especiales de revistas JCR, y más de una treintena de conferencias destacables en sus ámbitos de investigación.
Sus líneas de investigación siempre han estado centradas en ciberseguridad, principalmente en dos grandes bloques, uno relativo al desarrollo de sistemas de información seguros a través de métodos y técnicas de ingeniería del software (ingeniería de requisitos seguros, seguridad en bases de datos y almacenes de datos, seguridad en procesos de negocio, seguridad en Cloud Computing y seguridad en Big Data, principalmente), y otro sobre gestión de la seguridad (sistemas de gestión de la seguridad, metodologías de análisis y gestión de riesgos, arquitecturas de seguridad, etc.). Sobre esas líneas de investigación, ha liderado doce proyectos de investigación, destacando dos del plan nacional de I+D, cuatro de otros planes nacionales de carácter industrial, siendo el resto de convocatorias regionales. También ha sido el coordinador responsable de dos redes nacionales de investigación en seguridad de la información. Ha dirigido o codirigido un total de 13 tesis doctorales en estas líneas de investigación (10 de ellas en los últimos 10 años), y actualmente se encuentra dirigiendo 3 tesis más.
Ha realizado varias estancias de investigación en centros internacionales, la última en 2017, en la Florida Atlantic University, con una duración de 3 meses. Colabora con varios investigadores internacionales, de los que destacan por una mayor intensidad reciente, el grupo SENSE (Secure and dependable software Systems), de la Universidad de Brighton (UK) y el grupo de Investigación en seguridad de sistemas, de la Florida Atlantic University (USA).
También ha tenido una intensa actividad como organizador de eventos científicos, tanto congresos, como workshops y sesiones técnicas en temas de seguridad. Ha sido presidente de comité de programa de varios congresos internacionales, revisor de numerosos artículos en más de dos docenas de revistas científicas, y ha sido miembro del comité de programa de más de 50 congresos y workshops diferentes. Lidera la participación de la UCLM en la Red de Excelencia Nacional en Ciberseguridad (RENIC), de la que somos socios fundadores.
Ha desempeñado el cargo de adjunto del área de Tecnologías de la Información y de las Comunicaciones de la ANEP desde 2008 hasta 2012.
Ha contribuido en el desarrollo de numerosas herramientas con registro de la propiedad (alguna de ellas están siendo explotadas en empresas), ha participado en AQC, Spin-Off del grupo Alarcos, y ha sido socio fundador de la Spin-off IBERLYNX, abordando trabajos sobre seguridad en desarrollo de software para dispositivos móviles, a través de la que se ha canalizado y transferido a la empresa los trabajos de investigación.

Activities

Collapse all

Employment (1)

Universidad de Castilla-La Mancha: Campus de Ciudad Real, Castilla-La Mancha, España, Castilla-La Mancha, ES

1999-10-01 to present | Catedrático de Universidad (Departamento de Tecnologías y Sistemas de Información)
Employment
Source: Self-asserted source
Eduardo Fernandez-Medina

Education and qualifications (1)

Universidad de Castilla-La Mancha: Ciudad Real, Castilla-La Mancha, ES

2002-06-07 to present | Doctor en Informática (Departamento de Tecnologías y Sistemas de Información)
Education
Source: Self-asserted source
Eduardo Fernandez-Medina

Works (50 of 272)

Items per page:
Page 1 of 6

Cybersecurity in the Maritime Sector: A Point of Analysis in Risk Management

2024 | Book chapter
DOI: 10.1007/978-3-031-49799-5_66
Contributors: Ferney Martínez; Luis Enrique Sánchez; Antonio Santos-Olmo; David G. Rosado; Eduardo Fernández-Medina
Source: check_circle
Crossref

Towards a Holistic Cybersecurity Framework for e-Governments

2024-09-18 | Conference paper
DOI: 10.1109/ARGENCON62399.2024.10735846
Contributors: Víctor Figueroa; Luis E. Sánchez; Antonio Santos-Olmo; David G. Rosado; Eduardo Fernández-Medina
Source: check_circle
Crossref

Enabling security risk assessment and management for business process models

Journal of Information Security and Applications
2024-08 | Journal article
DOI: 10.1016/j.jisa.2024.103829
Contributors: David G. Rosado; Luis E. Sánchez; Ángel Jesús Varela-Vaca; Antonio Santos-Olmo; María Teresa Gómez-López; Rafael M. Gasca; Eduardo Fernández-Medina
Source: check_circle
Crossref

USE OF CHATGPT IN UNIVERSITY COMPUTER SCIENCE TEACHING: ADVANTAGES AND DISADVANTAGES

2024-03 | Conference paper
DOI: 10.21125/inted.2024.1675
Contributors: Manuel Serrano; Antonio Santos-Olmo; David Garcia-Rosado; Luis Enrique Sanchez-Crespo; Carlos Blanco; Eduardo Fernandez-Medina
Source: check_circle
Crossref

New Frontiers in Security Risk Management

IT Professional
2023-05 | Journal article
DOI: 10.1109/MITP.2023.3251720
Contributors: Luis Enrique Sánchez; Antonio Santos-Olmo; Haralambos Mouratidis; Eduardo Fernández-Medina
Source: check_circle
Crossref

MARISMA-BiDa Pattern: Integrated Risk Analysis for Big Data

2021 | Book chapter
DOI: 10.18239/jornadas_2021.34.43
Contributors: David G. Rosado; Julio Moreno; Luis E. Sánchez; Antonio Santos-Olmo; Manuel A. Serrano; Eduardo Fernández-Medina
Source: check_circle
Crossref

Secure Development of Big Data Ecosystems

IEEE Access
2019 | Journal article
DOI: 10.1109/ACCESS.2019.2929330
EID:

2-s2.0-85070340133
Contributors: Moreno, J.; Fernandez, E.B.; Serrano, M.A.; Fernandez-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

A security pattern for key-value NoSQL database authorization

ACM International Conference Proceeding Series
2018 | Conference paper
DOI: 10.1145/3282308.3282321
EID:

2-s2.0-85061267791
Contributors: Moreno, J.; Fernandez-Medina, E.; Fernandez, E.B.; Serrano, M.A.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Hacía un marco de definición de requisitos para Big Data

Avances en Ingenieria de Software a Nivel Iberoamericano, CIbSE 2018
2018 | Conference paper
EID:

2-s2.0-85054053227
Contributors: Moreno, J.; Serrano, M.A.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

How the conceptual modelling improves the security on document databases

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
2018 | Book
DOI: 10.1007/978-3-030-00847-5_36
EID:

2-s2.0-85054860611
Contributors: Blanco, C.; García-Saiz, D.; Peral, J.; Maté, A.; Oliver, A.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Patrón de seguridad para la autorización de bases de datos NoSQL (par clave-valor)

Actas de las 23rd Jornadas de Ingenieria del Software y Bases de Datos, JISBD 2018
2018 | Conference paper
EID:

2-s2.0-85071755737
Contributors: Moreno, J.; Fernandez, E.B.; Serrano, M.A.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Towards a security reference architecture for big data

CEUR Workshop Proceedings
2018 | Conference paper
EID:

2-s2.0-85044318708
Contributors: Moreno, J.; Serrano, M.A.; Fernandez-Medina, E.; Fernandez, E.B.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Framework for modelling and implementing secure NoSQL document databases

Actas de las 22nd Jornadas de Ingenier�a del Software y Bases de Datos, JISBD 2017
2017 | Conference paper
EID:

2-s2.0-85071663722
Contributors: Blanco, C.; Peral, J.; Trujillo, J.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Management of sensitive data on NoSQL databases

CEUR Workshop Proceedings
2017 | Conference paper
EID:

2-s2.0-85035027255
Contributors: García-Ruiz, C.M.; Oliver, A.; Peral, J.; Trujillo, J.; Blanco, C.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Propuesta de marco para el gobierno de la seguridad en entornos big data

Actas de las 22nd Jornadas de Ingenier�a del Software y Bases de Datos, JISBD 2017
2017 | Conference paper
EID:

2-s2.0-85071669418
Contributors: Moreno, J.; Serrano, M.A.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Applying the action-research method to develop a methodology to reduce the installation and maintenance times of Information Security Management Systems

Future Internet
2016 | Journal article
DOI: 10.3390/fi8030036
EID:

2-s2.0-84992290263
Contributors: Santos-Olmo, A.; Sánchez, L.E.; Rosado, D.G.; Fernández-Medina, E.; Piattini, M.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Competency Assessment of the Engineering Software for the Curricular Orientation of Students

IEEE Latin America Transactions
2016 | Journal article
DOI: 10.1109/TLA.2016.7555261
EID:

2-s2.0-84986209026
Contributors: Sanchez Crespo, L.E.; Santos Olmo Parra, A.; Garcia Rosado, D.; Camacho Estrada, S.; Fernandez Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Design Activity in the Process of Migrating Security Features to Cloud

IEEE Latin America Transactions
2016 | Journal article
DOI: 10.1109/TLA.2016.7555263
EID:

2-s2.0-84986207669
Contributors: Marquez, L.; Rosado, D.G.; Mouratidis, H.; Fernandez Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Development of an expert system for the evaluation of students' curricula on the basis of competencies

Future Internet
2016 | Journal article
DOI: 10.3390/fi8020022
EID:

2-s2.0-84984584165
Contributors: Sánchez, L.E.; Santos-Olmo, A.; Álvarez, E.; Huerta, M.; Camacho, S.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Main issues in Big Data security

Future Internet
2016 | Journal article
DOI: 10.3390/fi8030044
EID:

2-s2.0-85010817735
Contributors: Moreno, J.; Serrano, M.A.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Methodology for Dynamic Analysis and Risk Management on ISO27001

IEEE Latin America Transactions
2016 | Journal article
DOI: 10.1109/TLA.2016.7555273
EID:

2-s2.0-84986216582
Contributors: Santos Olmo Parra, A.; Sanchez Crespo, L.E.; Alvarez, E.; Huerta, M.; Fernandez Medina Paton, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

The importance of the security culture in SMEs as regards the correct management of the security of their assets

Future Internet
2016 | Journal article
DOI: 10.3390/fi8030030
EID:

2-s2.0-84992268418
Contributors: Santos-Olmo, A.; Sánchez, L.E.; Caballero, I.; Camacho, S.; Fernandez-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

A framework for secure migration processes of legacy systems to the cloud

Lecture Notes in Business Information Processing
2015 | Book
DOI: 10.1007/978-3-319-19243-7_46
EID:

2-s2.0-84937458587
Contributors: Márquez, L.; Rosado, D.G.; Mouratidis, H.; Mellado, D.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

An architecture for automatically developing secure OLAP applications from models

Information and Software Technology
2015 | Journal article
DOI: 10.1016/j.infsof.2014.10.008
EID:

2-s2.0-84921032909
Contributors: Blanco, C.; García-Rodríguez De Guzmán, I.; Fernández-Medina, E.; Trujillo, J.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

An MDA approach for developing secure OLAP applications: Metamodels and transformations

Computer Science and Information Systems
2015 | Journal article
DOI: 10.2298/CSIS140617007B
EID:

2-s2.0-84937548458
Contributors: Blanco, C.; de Guzmán, I.G.-R.; Fernández-Medina, E.; Trujillo, J.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Content related to computing security on computer engineering degree according to international professional certificates

IEEE Latin America Transactions
2015 | Journal article
DOI: 10.1109/TLA.2015.7164222
EID:

2-s2.0-84938410951
Contributors: Rosado, D.G.; Sanchez, L.E.; Mellado, D.; Fernandez Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Eliciting security requirements for business processes of legacy systems

Lecture Notes in Business Information Processing
2015 | Book
DOI: 10.1007/978-3-319-25897-3_7
EID:

2-s2.0-84952642987
Contributors: Argyropoulos, N.; Alcañiz, L.M.; Mouratidis, H.; Fish, A.; Rosado, D.G.; De Guzmán, I.G.-R.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Empirical evaluation of a cloud computing information security governance framework

Information and Software Technology
2015 | Journal article
DOI: 10.1016/j.infsof.2014.10.003
EID:

2-s2.0-84913594157
Contributors: Rebollo, O.; Mellado, D.; Fernández-Medina, E.; Mouratidis, H.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Modelling secure cloud systems based on system requirements

2nd International Workshop on Evolving Security and Privacy Requirements Engineering, ESPRE 2015 - Proceedings
2015 | Conference paper
DOI: 10.1109/ESPRE.2015.7330163
EID:

2-s2.0-84963610073
Contributors: Shei, S.; Alcañiz, L.M.; Mouratidis, H.; Delaney, A.; Rosado, D.G.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Enterprise security pattern: A model-driven architecture instance

Computer Standards & Interfaces
2014 | Journal article
DOI: 10.1016/j.csi.2013.12.009
WOSUID:

WOS:000333489000007
Contributors: Moral-Garcia, Santiago; Moral-Rubio, Santiago; Fernandez, Eduardo B.; Fernandez-Medina, Eduardo
Source: Self-asserted source
Eduardo Fernandez-Medina via ResearcherID
grade
Preferred source (of 2)‎

Enterprise security pattern: A new type of security pattern

Security and Communication Networks
2014 | Journal article
DOI: 10.1002/sec.863
EID:

2-s2.0-84910668043
Contributors: Moral-García, S.; Moral-Rubio, S.; Rosado, D.G.; Fernández, E.B.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

ISGcloud: A Security Governance Framework for Cloud Computing

Computer Journal
2014 | Journal article
DOI: 10.1093/comjnl/bxu141
EID:

2-s2.0-84943422915
Contributors: Rebollo, O.; Mellado, D.; Fernandez-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Modernizing Secure OLAP Applications with a Model-Driven Approach

Computer Journal
2014 | Journal article
DOI: 10.1093/comjnl/bxu070
EID:

2-s2.0-84942645909
Contributors: Blanco, C.; Fernández-Medina, E.; Trujillo, J.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Secure Tropos framework for software product lines requirements engineering

Computer Standards & Interfaces
2014 | Journal article
DOI: 10.1016/j.csi.2013.12.006
WOSUID:

WOS:000333489000004
Contributors: Mellado, Daniel; Mouratidis, Haralambos; Fernandez-Medina, Eduardo
Source: Self-asserted source
Eduardo Fernandez-Medina via ResearcherID
grade
Preferred source (of 2)‎

Security in legacy systems migration to the cloud: A systematic mapping study

Proceedings of the 11th International Workshop on Security in Information Systems, WOSIS 2014 - In Conjunction with ICEIS 2014
2014 | Conference paper
EID:

2-s2.0-84902322523
Contributors: Alcañiz, L.M.; Rosado, D.G.; Mellado, D.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Showing the benefits of applying a model driven architecture for developing secure OLAP applications

Journal of Universal Computer Science
2014 | Journal article
EID:

2-s2.0-84897040963
Contributors: Blanco, C.; de Guzmán, I.G.-R.; Fernández-Medina, E.; Trujillo, J.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Showing the Benefits of Applying a Model Driven Architecture for Developing Secure OLAP Applications

Journal of Universal Computer Science
2014 | Journal article
WOSUID:

WOS:000333449100002
Contributors: Blanco, Carlos; Garcia-Rodriguez de Guzman, Ignacio; Fernandez-Medina, Eduardo; Trujillo, Juan
Source: Self-asserted source
Eduardo Fernandez-Medina via ResearcherID

An analysis of security issues for cloud computing

Journal of Internet Services and Applications
2013 | Journal article
DOI: 10.1186/1869-0238-4-5
EID:

2-s2.0-84887724123
Contributors: Hashizume, K.; Rosado, D.G.; Fernández-Medina, E.; Fernandez, E.B.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Development of Secure XML Data Warehouses with QVT

Information and Software Technology
2013 | Journal article
DOI: 10.1016/j.infsof.2013.03.003
WOSUID:

WOS:000321168700010
Contributors: Vela, B.; Mazon, J. N.; Blanco, C.; Fernandez-Medina, E.; Trujillo, J.; Marcos, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via ResearcherID
grade
Preferred source (of 2)‎

ISMS building for SMEs through the reuse of knowledge

Small and Medium Enterprises: Concepts, Methodologies, Tools, and Applications
2013 | Book chapter
Part of DOI: 10.4018/978-1-4666-3886-0.ch022
EID:

2-s2.0-84944207327
Contributors: Sánchez, L.E.; Santos-Olmo, A.; Fernandez-Medina, E.; Piattini, M.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Methodological framework for risk analysis in information management in SMEs

Dyna
2013 | Journal article
WOSUID:

WOS:000317173800009
Contributors: Enrique Sanchez, Luis; Santos-Olmo, Antonio; Fernandez-Medina, Eduardo; Piattini, Mario
Source: Self-asserted source
Eduardo Fernandez-Medina via ResearcherID

Methodological framework for risk analysis in the information management in SMEs,Marco metodológico para análisis de riesgos en el manejo de información en PYMES

Dyna (Spain)
2013 | Journal article
EID:

2-s2.0-84876271338
Contributors: Sánchez, L.E.; Santos-Olmo, A.; Fernández-Medina, E.; Piattini, M.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

A new enterprise security pattern: Secure Software as a Service (SaaS)

Proceedings of the 9th International Workshop on Security in Information Systems, WOSIS 2012, in Conjunction with ICEIS 2012
2012 | Conference paper
EID:

2-s2.0-84865696951
Contributors: Moral-García, S.; Moral-Rubio, S.; Fernández, E.B.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

A practical application of our MDD approach for modeling secure XML data warehouses

Decision Support Systems
2012 | Journal article
DOI: 10.1016/j.dss.2011.11.008
WOSUID:

WOS:000301889000012
Contributors: Vela, Belen; Blanco, Carlos; Fernandez-Medina, Eduardo; Marcos, Esperanza
Source: Self-asserted source
Eduardo Fernandez-Medina via ResearcherID
grade
Preferred source (of 2)‎

A systematic review of information security governance frameworks in the Cloud Computing environment

Journal of Universal Computer Science
2012 | Journal article
EID:

2-s2.0-84862676002
Contributors: Rebollo, O.; Mellado, D.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

A Systematic Review of Information Security Governance Frameworks in the Cloud Computing Environment

Journal of Universal Computer Science
2012 | Journal article
WOSUID:

WOS:000304354800005
Contributors: Rebollo, Oscar; Mellado, Daniel; Fernandez-Medina, Eduardo
Source: Self-asserted source
Eduardo Fernandez-Medina via ResearcherID

A systematic review of methodologies and models for the analysis and management of associative and hierarchical risk in SMEs

Proceedings of the 9th International Workshop on Security in Information Systems, WOSIS 2012, in Conjunction with ICEIS 2012
2012 | Conference paper
EID:

2-s2.0-84865681427
Contributors: Santos-Olmo, A.; Sánchez, L.E.; Fernández-Medina, E.; Piattini, M.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

Automated support for the auditing of personal data based on requirements cataloguing

Privacy: Management, Legal Issues and Security Aspects
2012 | Book chapter
EID:

2-s2.0-84895391297
Contributors: Martínez, M.A.; Ureña, F.; Fernández-Medina, E.; Toval, A.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier

HC plus : Towards a Framework for Improving Processes in Health Organizations by Means of Security and Data Quality Management

Journal of Universal Computer Science
2012 | Journal article
WOSUID:

WOS:000308796100007
Contributors: Caballero, Ismael; Enrique Sanchez, Luis; Freitas, Alberto; Fernandez-Medina, Eduardo
Source: Self-asserted source
Eduardo Fernandez-Medina via ResearcherID

HC+: Towards a framework for improving processes in health organizations by means of security and data quality management

Journal of Universal Computer Science
2012 | Journal article
EID:

2-s2.0-84866243834
Contributors: Caballero, I.; Sánchez, L.E.; Freitas, A.; Fernández-Medina, E.
Source: Self-asserted source
Eduardo Fernandez-Medina via Scopus - Elsevier
Items per page:
Page 1 of 6

Peer review (4 reviews for 2 publications/grants)

Review activity for Advanced engineering informatics. (1)
Review activity for Computers & security. (3)
How many people are using ORCID?