Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
Publications

Publications by Manuel Eduardo Correia

2015

Time/Space based Biometric Handwritten Signature Verification

Authors
Goncalves, RP; Augusto, AB; Correia, ME;

Publication
2015 10TH IBERIAN CONFERENCE ON INFORMATION SYSTEMS AND TECHNOLOGIES (CISTI)

Abstract
Handwritten signature recognition is still the most widely accepted method to validate paper based documents. However, in the digital world, there is no readymade way to distinguish a real handwritten signature on a scanned document from a forged copy of another signature made by the same person on another document that is simply "pasted" into the forged document. In this paper we describe how we are using the touch screen of smartphones or tablets to collect handwritten signature images and associated biometric markers derived from the motion direction of handwritten signatures that are made directly into the device touchscreen. These time base biometric markers can then be converted into signaling time waves, by using the dragging or lifting movements the user makes with a touch screen omnidirectional tip stylus, when he handwrites is signature at the device touchscreen. These time/space signaling time waves can then be converted into a biometric bit stream that can be matched with previously enrolled biometric markers of the user's handwritten signature. In this paper we contend that the collection of these simple biometric features is sufficient to achieve a level of user recognition and authentication that is sufficient for the majority of online user authentication and digital documents authenticity.

2014

USB Connection Vulnerabilities on Android Smartphones: Default and Vendors' Customizations

Authors
Pereira, A; Correia, M; Brandao, P;

Publication
COMMUNICATIONS AND MULTIMEDIA SECURITY, CMS 2014

Abstract
We expose an USB vulnerability in some vendors' customization of the android system, where the serial AT commands processed by the cellular modem are extended to allow other functionalities. We target that vulnerability for the specific vendor system and present a proof of concept of the attack in a realistic scenario environment. For this we use an apparently inoffensive smartphone charging station like the one that is now common at public places like airports. We unveil the implications of such vulnerability that culminate in flashing a compromised boot partition, root access, enable adb and install a surveillance application that is impossible to uninstall without re-flashing the android boot partition. All these attacks are done without user consent or knowledge on the attacked mobile phone.

2015

Visualization of Passively Extracted HL7 Production Metrics

Authors
Ferreira, R; Correia, ME; Rocha Goncalves, FN; Cruz Correia, RJ;

Publication
HEALTHINF 2015 - Proceedings of the International Conference on Health Informatics, Lisbon, Portugal, 12-15 January, 2015.

Abstract
Introduction: The improvements made to healthcare IT systems made over the past years led to the creation of a multitude of different applications essential to the institutions daily operations. Aim: We aim to create and install a system capable of displaying production metrics for healthcare management with little requirements, efforts and software providers involved. Methods: We propose a system capable of displaying production metrics for healthcare facilities, by extracting HL7 messages and other eHealth relevant protocols directly from the institution's network infrastructure. Our system is then able to populate a knowledge database with meaningful information derived from the gathered data. Results: Our system is currently being tested on a large healthcare facility where it extracts and analyses a daily average of 44,000 HL7 messages. The system is currently capable of inferring and displaying the daily distribution of healthcare related activities such as laboratory orders or even relevant billing information. Conclusion: HL7 messages moving over the network contain valuable information that can then be used to assess many relevant production metrics for the entire facility and from otherwise non-interoperable production systems that, in most cases, can only be seen as black boxes by other system integrators.

2013

A mobile-based attribute aggregation architecture for user-centric identity management

Authors
Augusto, AB; Correia, ME;

Publication
Architectures and Protocols for Secure Information Technology Infrastructures

Abstract
The massive growth of the Internet and its services is currently being sustained by the mercantilization of users' identities and private data. Traditional services on the Web require the user to disclose many unnecessary sensitive identity attributes like bankcards, geographic position, or even personal health records in order to provide a service. In essence, the services are presented as free and constitute a means by which the user is mercantilized, often without realizing the real value of its data to the market. In this chapter the auhors describe OFELIA (Open Federated Environment for Leveraging of Identity and Authorization), a digital identity architecture designed from the ground up to be user centric. OFELIA is an identity/authorization versatile infrastructure that does not depend upon the massive aggregation of users' identity attributes to offer a highly versatile set of identity services but relies instead on having those attributes distributed among and protected by several otherwise unrelated Attribute Authorities. Only the end user, with his smartphone, knows how to aggregate these scattered Attribute Authorities' identity attributes back into some useful identifiable and authenticated entity identity that can then be used by Internet services in a secure and interoperable way.

2015

Data Quality in HL7 Messages - A Real Case Analysis

Authors
Ferreira, R; Correia, ME; Rocha Goncalves, F; Cruz Correia, R;

Publication
2015 IEEE 28TH INTERNATIONAL SYMPOSIUM ON COMPUTER-BASED MEDICAL SYSTEMS (CBMS)

Abstract
The development of eHealth technologies over the last few years has been pushing healthcare institutions to evolve their own infrastructures. Along with this evolution, critical systems now need to use communication standards such as HL7 or DICOM in order to exchange information in a more meaningful and efficient way. However, healthcare institutions often experience complications when different systems communicate directly even when using communication standards. We aim to assess the quality of the data present in HL7 messages exchanged between different critical systems in a large healthcare facility and therefore propose an integration infrastructure that allows a real time and centralized way to manage, route and monitor the integration flows between various systems.

2014

Envisioning secure and usable access control for patients

Authors
Ferreira, AM; Lenzini, G; Pereira, CS; Augusto, AB; Correia, ME;

Publication
3nd IEEE International Conference on Serious Games and Applications for Health, SeGAH 2014, Rio de Janeiro, Brazil, May 14-16, 2014

Abstract
Several pilot tests show that patients who are able to access their Electronic Health Records (EHR), become more responsible and involved in the maintenance of their health. However, despite technologically feasible and legally possible, there is no validated or standardized toolset available yet, for patients to review and manage their EHR. Many privacy, security and usability issues must be solved first before this practice can be made mainstream. This paper proposes and discusses the design of an access control visual application that addresses most of these issues, and offers patients a secure, controlled and easy access to their EHR.

  • 2
  • 11