2020
Authors
Areias, M; Barbosa, J; Dutra, I;
Publication
Proceedings - Symposium on Computer Architecture and High Performance Computing
Abstract
2020
Authors
Rui, RJ; Martinho, R; Oliveira, AA; Alves, D; Nogueira Reis, ZSN; Santos Pereira, C; Correia, ME; Antunes, LF; Cruz Correia, RJ;
Publication
INTERNATIONAL JOURNAL OF E-HEALTH AND MEDICAL COMMUNICATIONS
Abstract
The proliferation of electronic health (e-Health) initiatives in Brazil over the last 2 decades has resulted in a considerable fragmentation within health information technology (IT), with a strong political interference. The problem regarding this issue became twofold: 1) there are considerable flaws regarding interoperability and security involving patient data; and 2) it is difficult even for an experienced company to enter the Brazilian health IT market. In this article, the authors aim to assess the current state of IT interoperability and security in hospitals in Brazil and evaluate the best business strategy for an IT company to enter this difficult but very promising health IT market. A face-to-face questionnaire was conducted among 11 hospital units to assess their current status regarding IT interoperability and security aspects. Global Brazilian socio-economic data was also collected, and helped to not only identify areas of investment regarding health IT security and interoperability, but also to derive a business strategy, composed out of recommendations listed in the paper.
2020
Authors
Sa Correia, L; Correia, ME; Cruz Correia, R;
Publication
PROCEEDINGS OF THE 13TH INTERNATIONAL JOINT CONFERENCE ON BIOMEDICAL ENGINEERING SYSTEMS AND TECHNOLOGIES, VOL 5: HEALTHINF
Abstract
Complex data management on healthcare institutions makes very hard to identify illegitimate accesses which is a serious issue. We propose to develop a system to detect accesses with suspicious behavior for further investigation. We modeled use cases (UC) and sequence diagrams (SD) showing the data flow between users and systems. The algorithms represented by activity diagrams apply rules based on professionals' routines, use data from an audit trail (AT) and classify accesses as suspicious or normal. The algorithms were evaluated between 23rd and 31st July 2019. The results were analyzed using absolute and relative frequencies and dispersion measures. Access classification was in accordance to rules applied. "Check time of activity" UC had 64,78% of suspicious classifications, being 55% of activity period shorter and 9,78% longer than expected, "Check days of activity" presented 2,27% of suspicious access and "EHR read access" 79%, the highest percentage of suspicious accesses. The results show the first picture of HIS accesses. Deeper analysis to evaluate algorithms sensibility and specificity should be done. Lack of more detailed information about professionals' routines and systems. and low quality of systems logs are some limitations. Although we believe this is an important step in this field.
2020
Authors
Shehu, AS; Pinto, A; Correia, ME;
Publication
PROCEEDINGS OF THE 17TH INTERNATIONAL JOINT CONFERENCE ON E-BUSINESS AND TELECOMMUNICATIONS (SECRYPT), VOL 1
Abstract
The evolutionary growth of information technology has enabled us with platforms that eases access to a wide range of electronic services. Typically, access to these services requires users to authenticate their identity, which involves the release, dissemination and processing of personal data by third parties such as service and identity providers. The involvement of these and other entities in managing and processing personal identifiable data has continued to raise concerns on privacy of personal information. Identity management systems (IdMs) emerged as a promising solution to address major access control and privacy issues, however most research works are focused on securing service providers (SPs) and the services provided, with little emphases on users privacy. In order to optimise users privacy and ensure that personal information are used only for intended purposes, there is need for authorisation systems that controls who may access what and under what conditions. However, for adoption data owners perspective must not be neglected. To address these issues, this paper introduces the concept of IdM and access control framework which operates with RESTful based services. The proposal provides a new level of abstraction and logic in access management, while giving data owner a decisive control over access to personal data using smartphone. The framework utilises Attribute based access control (ABAC) method to authenticate and authorise users, Open ID Connect (OIDC) protocol for data owner authorisation and Public-key cryptography to achieve perfect forward secrecy communication. The solution enables data owner to attain the responsibility of granting or denying access to their data, from a secured communication with an identity provider using a digitally signed token.
2020
Authors
Lopes, N; Martins, R; Correia, ME; Serrano, S; Nunes, F;
Publication
PROCEEDINGS OF THE 2020 6TH INTERNATIONAL WORKSHOP ON CONTAINER TECHNOLOGIES AND CONTAINER CLOUDS (WOC '20)
Abstract
Nowadays the use of container technologies is ubiquitous and thus the need to make them secure arises. Container technologies such as Docker provide several options to better improve container security, one of those is the use of a Seccomp profile. A major problem with these profiles is that they are hard to maintain because of two different factors: they need to be updated quite often and present a complex and time consuming task to determine exactly what to update, therefore not many people use them. The research goal of this paper is to make Seccomp profiles a viable technique in a production environment by proposing a reliable method to generate custom Seccomp profiles for arbitrary containerized application. This research focused on developing a solution with few requirements allowing for an easy integration with any environment with no human intervention. Results show that using a custom Seccomp profile can mitigate several attacks and even some zero day vulnerabilities on containerized applications. This represents a big step forward on using Seccomp in a production environment, which would benefit users worldwide.
2020
Authors
Alves, LQ; Ruivo, R; Fonseca, MM; Lopes Marques, M; Ribeiro, P; Castro, LFC;
Publication
NUCLEIC ACIDS RESEARCH
Abstract
The rapid expansion of high-quality genome assemblies, exemplified by ongoing initiatives such as the Genome-10K and i5k, demands novel automated methods to approach comparative genomics. Of these, the study of inactivating mutations in the coding region of genes, or pseudogenization, as a source of evolutionary novelty is mostly overlooked. Thus, to address such evolutionary/genomic events, a systematic, accurate and computationally automated approach is required. Here, we present PseudoChecker, the first integrated online platform for gene inactivation inference. Unlike the few existing methods, our comparative genomics-based approach displays full automation, a built-in graphical user interface and a novel index, PseudoIndex, for an empirical evaluation of the gene coding status. As a multi-platform online service, PseudoChecker simplifies access and usability, allowing a fast identification of disruptive mutations. An analysis of 30 genes previously reported to be eroded in mammals, and 30 viable genes from the same lineages, demonstrated that PseudoChecker was able to correctly infer 97% of loss events and 95% of functional genes, confirming its reliability. PseudoChecker is freely available, without login required, at http://pseudochecker.ciimar.up.pt.
The access to the final selection minute is only available to applicants.
Please check the confirmation e-mail of your application to obtain the access code.