2013
Authors
Rodrigues, HAM; Antunes, L; Correia, ME;
Publication
INTERNATIONAL CONFERENCE ON INFORMATION SOCIETY (I-SOCIETY 2013)
Abstract
Since 2011, it's mandatory to prescribe through an electronic system in Portugal. Several third party companies start to develop prescribing software/interfaces that act as gateways to transmit the prescription data from the practitioners to the Health Ministry. The use of those companies in this circuit weakens the Prescription System's security levels and compromises the confidentiality and privacy of doctors and patients' personal data. Aim: The main aim is to propose a secure and safer Prescribing System that allows prescriptions' authentication and protects the patient data, keeping their identity confidential. Results: By protecting several system flaws, this proposed increases greatly the Prescription System security levels, protects patient data, and avoid its collection from Third Party Companies. Also the physical model of the electronic Prescription appears to have all the security and applicability requirements needed to function during a communication network dysfunction.
2017
Authors
Santos Pereira, C; Cruz Correia, R; Brito, AC; Augusto, AB; Correia, ME; Bento, MJ; Antunes, L;
Publication
2017 12TH IBERIAN CONFERENCE ON INFORMATION SYSTEMS AND TECHNOLOGIES (CISTI)
Abstract
A cancer registry is a standardized tool to produce population-based data on cancer incidence and survival. Cancer registries can retrieve and store information on all cancer cases occurring in a defined population. The main sources of data on cancer cases usually include: treatment and diagnostic facilities (oncology centres or hospital departments, pathology laboratories, or imaging facilities etc.) and the official territorial death registry. The aim of this paper is to evaluate the north regional cancer registry (RORENO) of Portugal using a qualitative research. We want to characterize: the main functionalities and core processes, team involved, different healthcare institutions in the regional network and an identification of issues and potential improvements. RORENO links data of thirteen-two healthcare institutions and is responsible for the production of cancer incidence and survival report for this region. In our semi-structure interviews and observation of RORENO we identified a serious problem due to a lack of an automatic integration of data from the different sources. Most of the data are inserted manually in the system and this implies an extra effort from the RORENO team. At this moment RORENO team are still collecting data from 2011. In a near future it is crucial to automatize the integration of data linking the different healthcare institutions in the region. However, it is important to think which functionalities this system should give to the institutions in the network to maximize the engagement with the project. More than a database this should be a source of knowledge available to all the collaborative oncologic network.
2018
Authors
Gonçalves Ferreira, DN; Leite, M; Pereira, CS; Correia, ME; Coelho Antunes, LF; Correia, RC;
Publication
Building Continents of Knowledge in Oceans of Data: The Future of Co-Created eHealth - Proceedings of MIE 2018, Medical Informatics Europe, Gothenburg, Sweden, April 24-26, 2018
Abstract
Introduction The new General Data Protection Regulation (GDPR) compels health care institutions and their software providers to properly document all personal data processing and provide clear evidence that their systems are inline with the GDPR. All applications involved in personal data processing should therefore produce meaningful event logs that can later be used for the effective auditing of complex processes. Aim This paper aims to describe and evaluate HS.Register, a system created to collect and securely manage at scale audit logs and data produced by a large number of systems. Methods HS.Register creates a single audit log by collecting and aggregating all kinds of meaningful event logs and data (e.g. ActiveDirectory, syslog, log4j, web server logs, REST, SOAP and HL7 messages). It also includes specially built dashboards for easy auditing and monitoring of complex processes, crossing different systems in an integrated way, as well as providing tools for helping on the auditing and on the diagnostics of difficult problems, using a simple web application. HS.Register is currently installed at five large Portuguese Hospitals and is composed of the following open-source components: HAproxy, RabbitMQ, Elasticsearch, Logstash and Kibana. Results HS.Register currently collects and analyses an average of 93 million events per week and it is being used to document and audit HL7 communications. Discussion Auditing tools like HS.Register are likely to become mandatory in the near future to allow for traceability and detailed auditing for GDPR compliance. © 2018 European Federation for Medical Informatics (EFMI) and IOS Press.
2019
Authors
Nwebonyi, FN; Martins, R; Correia, ME;
Publication
13TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY (ARES 2018)
Abstract
Given the centralized architecture of cloud computing, there is a genuine concern about its ability to adequately cope with the demands of connecting devices which are sharply increasing in number and capacity. This has led to the emergence of edge computing technologies, including but not limited to mobile edge-clouds. As a branch of Peer-to-Peer (P2P) networks, mobile edge-clouds inherits disturbing security concerns which have not been adequately addressed in previous methods. P2P security systems have featured many trust-based methods owing to their suitability and cost advantage, but these approaches still lack in a number of ways. They mostly focus on protecting client nodes from malicious service providers, but downplay the security of service provider nodes, thereby creating potential loopholes for bandwidth attack. Similarly, trust bootstrapping is often via default scores, or based on heuristics that does not reflect the identity of a newcomer. This work has patched these inherent loopholes and improved fairness among participating peers. The use cases of mobile edge-clouds have been particularly considered and a scalable reputation based security mechanism was derived to suit them. BitTorrent protocol was modified to form a suitable test bed, using Peersim simulator. The proposed method was compared to some related methods in the literature through detailed simulations. Results show that the new method can foster trust and significantly improve network security, in comparison to previous similar systems.
2018
Authors
Gonçalves, R; Correia, ME; Brandão, P;
Publication
Proceedings of the 15th International Joint Conference on e-Business and Telecommunications, ICETE 2018 - Volume 2: SECRYPT, Porto, Portugal, July 26-28, 2018.
Abstract
The society’s requirement for constant connectivity, leads to the need for an increasing number of available Wi-Fi Access Points (APs). These can be located almost everywhere: schools, coffee shops, shopping malls, airports, trains, buses. This proliferation raises problems of trustworthiness and cost-effective difficulties for verifying such security. In order to address these issues, it is necessary to detect effectively Rogue Access Points (RAPs). There are open source solutions and others developed within enterprises for commercial purposes. Relative to the latter, it has become obvious that they are not accessible to everyone due to their high costs, and the former do not address all the types of RAPs. In this paper, we research these solutions and do a thorough survey study of the most commonly used and recent Wi-Fi type of attacks. Based on this knowledge we developed a solution to detect RAPs, which covers the most commonly known attacks. This proposed solution, is a modular framework composed of Scanners, Detectors and Actuators, which are responsible for scanning for available APs, apply a set of heuristics to detect them and apply a countermeasure mechanism. Copyright
2018
Authors
Rebelo, A; Oliveira, T; Correia, ME; Cardoso, JS;
Publication
Progress in Pattern Recognition, Image Analysis, Computer Vision, and Applications - 23rd Iberoamerican Congress, CIARP 2018, Madrid, Spain, November 19-22, 2018, Proceedings
Abstract
Currently the breakthroughs in most computer vision problems have been achieved by applying deep learning methods. The traditional methodologies that used to successfully discriminate the data features appear to be overwhelmed by the capabilities of learning of the deep network architectures. Nevertheless, many recent works choose to integrate the old handcrafted features into the deep convolutional networks to increase even more their impressive performance. In fingerprint recognition, the minutiae are specific points used to identify individuals and their extraction is a crucial module in a fingerprint recognition system. This can only be emphasized by the fact that the US Federal Bureau of Investigation (FBI) sets as a threshold for a positive identification a number of 8 common minutiae. Deep neural networks have been used to learn possible representations of fingerprint minutiae but, however surprisingly, in this paper it is shown that for now the best choice for an automatic minutiae extraction system is still the traditional road map. A comparison study was conducted with state-of-the-art methods and the best results were achieved by handcraft features. © Springer Nature Switzerland AG 2019.
The access to the final selection minute is only available to applicants.
Please check the confirmation e-mail of your application to obtain the access code.