Abstract

Abstract

Abstract
Introduction The new General Data Protection Regulation (GDPR) compels health care institutions and their software providers to properly document all personal data processing and provide clear evidence that their systems are inline with the GDPR. All applications involved in personal data processing should therefore produce meaningful event logs that can later be used for the effective auditing of complex processes. Aim This paper aims to describe and evaluate HS.Register, a system created to collect and securely manage at scale audit logs and data produced by a large number of systems. Methods HS.Register creates a single audit log by collecting and aggregating all kinds of meaningful event logs and data (e.g. ActiveDirectory, syslog, log4j, web server logs, REST, SOAP and HL7 messages). It also includes specially built dashboards for easy auditing and monitoring of complex processes, crossing different systems in an integrated way, as well as providing tools for helping on the auditing and on the diagnostics of difficult problems, using a simple web application. HS.Register is currently installed at five large Portuguese Hospitals and is composed of the following open-source components: HAproxy, RabbitMQ, Elasticsearch, Logstash and Kibana. Results HS.Register currently collects and analyses an average of 93 million events per week and it is being used to document and audit HL7 communications. Discussion Auditing tools like HS.Register are likely to become mandatory in the near future to allow for traceability and detailed auditing for GDPR compliance. © 2018 European Federation for Medical Informatics (EFMI) and IOS Press.

Abstract
The society’s requirement for constant connectivity, leads to the need for an increasing number of available Wi-Fi Access Points (APs). These can be located almost everywhere: schools, coffee shops, shopping malls, airports, trains, buses. This proliferation raises problems of trustworthiness and cost-effective difficulties for verifying such security. In order to address these issues, it is necessary to detect effectively Rogue Access Points (RAPs). There are open source solutions and others developed within enterprises for commercial purposes. Relative to the latter, it has become obvious that they are not accessible to everyone due to their high costs, and the former do not address all the types of RAPs. In this paper, we research these solutions and do a thorough survey study of the most commonly used and recent Wi-Fi type of attacks. Based on this knowledge we developed a solution to detect RAPs, which covers the most commonly known attacks. This proposed solution, is a modular framework composed of Scanners, Detectors and Actuators, which are responsible for scanning for available APs, apply a set of heuristics to detect them and apply a countermeasure mechanism. Copyright

Abstract
Currently the breakthroughs in most computer vision problems have been achieved by applying deep learning methods. The traditional methodologies that used to successfully discriminate the data features appear to be overwhelmed by the capabilities of learning of the deep network architectures. Nevertheless, many recent works choose to integrate the old handcrafted features into the deep convolutional networks to increase even more their impressive performance. In fingerprint recognition, the minutiae are specific points used to identify individuals and their extraction is a crucial module in a fingerprint recognition system. This can only be emphasized by the fact that the US Federal Bureau of Investigation (FBI) sets as a threshold for a positive identification a number of 8 common minutiae. Deep neural networks have been used to learn possible representations of fingerprint minutiae but, however surprisingly, in this paper it is shown that for now the best choice for an automatic minutiae extraction system is still the traditional road map. A comparison study was conducted with state-of-the-art methods and the best results were achieved by handcraft features. © Springer Nature Switzerland AG 2019.

Abstract
Electronic identity (eID) schemes are key enablers of secure digital services. eIDs have been adopted in several European countries using smart-cards for secure authentication and authorization. Towards achieving a European digital single market where European citizens can seamlessly access cross-border public services using their national eIDs, the European Union (EU) developed the electronic IDentification, Authentication and trust Services (eIDAS) regulation. eIDAS creates an interoperable framework that integrates the eIDs adopted in the EU Member States (MS). It is also an enabler of a cross-border operation, harmonized with the General Data Protection Regulation (GDPR) regulation by protecting the privacy of personal data. If one can use the same procedure for authentication and authorization abroad, one can better understand new services that use eIDs. This paper provides a comparative analysis of eID cards adopted in EU MS and their privacy features in preparedness for eIDs cross-border interoperation. © Springer Nature Switzerland AG 2019.