Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
Publications

Publications by Manuel Eduardo Correia

2018

On the Interoperability of European National Identity Cards

Authors
Shehu, As; Pinto, A; Correia, ME;

Publication
Ambient Intelligence - Software and Applications -, 9th International Symposium on Ambient Intelligence, ISAmI 2018, Toledo, Spain, 20-22 June 2018

Abstract
Electronic identity (eID) schemes are key enablers of secure digital services. eIDs have been adopted in several European countries using smart-cards for secure authentication and authorization. Towards achieving a European digital single market where European citizens can seamlessly access cross-border public services using their national eIDs, the European Union (EU) developed the electronic IDentification, Authentication and trust Services (eIDAS) regulation. eIDAS creates an interoperable framework that integrates the eIDs adopted in the EU Member States (MS). It is also an enabler of a cross-border operation, harmonized with the General Data Protection Regulation (GDPR) regulation by protecting the privacy of personal data. If one can use the same procedure for authentication and authorization abroad, one can better understand new services that use eIDs. This paper provides a comparative analysis of eID cards adopted in EU MS and their privacy features in preparedness for eIDs cross-border interoperation. © Springer Nature Switzerland AG 2019.

2019

Iris: Secure reliable live-streaming with opportunistic mobile edge cloud offloading

Authors
Martins, R; Correia, ME; Antunes, L; Silva, F;

Publication
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE

Abstract
The ever-increasing demand for higher quality live streams is driving the need for better networking infrastructures, specially when disseminating content over highly congested areas, such as stadiums, concerts and museums. Traditional approaches to handle this type of scenario relies on a combination of cellular data, through 4G distributed antenna arrays (DAS), with a high count of WiFi (802.11) access points. This obvious requires a substantial upfront cost for equipment, planning and deployment. Recently, new efforts have been introduced to securely leverage the capabilities of wireless multipath, including WiFi multicast, 4G, and device-to-device communications. In order to solve these issues, we propose an approach that lessens the requirements imposed on the wireless infrastructures while potentially expanding wireless coverage through the crowd-sourcing of mobile devices. In order to achieve this, we propose a novel pervasive approach that combines secure distributed systems, WiFi multicast, erasure coding, source coding and opportunistic offloading that makes use of hyperlocal mobile edge clouds. We empirically show that our solution is able to offer a 11 fold reduction on the infrastructural WiFi bandwidth usage without having to modify any existing software or firmware stacks while ensuring stream integrity, authorization and authentication.

2019

Reputation based approach for improved fairness and robustness in P2P protocols

Authors
Nwebonyi, FN; Martins, R; Correia, ME;

Publication
PEER-TO-PEER NETWORKING AND APPLICATIONS

Abstract
Peer-to-Peer (P2P) overlay networks have gained popularity due to their robustness, cost advantage, network efficiency and openness. Unfortunately, the same properties that foster their success, also make them prone to several attacks. To mitigate these attacks, several scalable security mechanisms which are based on the concepts of trust and reputation have been proposed. These proposed methods tend to ignore some core practical requirements that are essential to make them more useful in the real world. Some of such requirements include efficient bootstrapping of each newcomer's reputation, and mitigating seeder(s) exploitation. Additionally, although interaction among participating peers is usually the bases for reputation, the importance given to the frequency of interaction between the peers is often minimized or ignored. This can result in situations where barely known peers end-up having similar trust scores to the well-known and consistently cooperative nodes. After a careful review of the literature, this work proposes a novel and scalable reputation based security mechanism that addresses the aforementioned problems. The new method offers more efficient reputation bootstrapping, mitigation of bandwidth attack and better management of interaction rate, which further leads to improved fairness. To evaluate its performance, the new reputation model has been implemented as an extension of the BitTorrent protocol. Its robustness was tested by exposing it to popular malicious behaviors in a series of extensive PeerSim simulations. Results show that the proposed method is very robust and can efficiently mitigate popular attacks on P2P overlay networks.

2019

Privacy Preservation and Mandate Representation In Identity Management Systems

Authors
Shehu, AS; Pinto, A; Correia, ME;

Publication
2019 14TH IBERIAN CONFERENCE ON INFORMATION SYSTEMS AND TECHNOLOGIES (CISTI)

Abstract
The growth in Internet usage has increased the use of electronic services requiring users to register their identity on each service they subscribe to. This has resulted in the prevalence of redundant users data on different services. To protect and regulate access by users to these services identity management systems (IdMs) are put in place. IdMs uses frameworks and standards e.g SAML, OAuth and Shibboleth to manage digital identities of users for identification and authentication process for a service provider. However, current IdMs have not been able to address privacy issues (unauthorised and fine-grained access) that relate to protecting users identity and private data on web services. Many implementations of these frameworks are only concerned with the identification and authentication process of users but not authorisation. They mostly give full control of users digital identities and data to identity and service providers with less or no users participation. This results in a less privacy enhanced solutions that manage users available data in the electronic space. This article proposes a user-centred mandate representation system that empowers resource owners to take full of their digital data; determine and delegate access rights using their mobile phone. Thereby giving users autonomous powers on their resources to grant access to authenticated entities at their will. Our solution is based on the OpenID Connect framework for authorisation service. To evaluate the proposal, we've compared it with some related works and the privacy requirements yardstick outlined in GDPR regulation [1] and [2]. Compared to other systems that use OAuth 2.0 or SAML our solution uses an additional layer of security, where data owner assumes full control over the disclosure of their identity data through an assertion issued from their mobile phones to authorisation server (AS), which in turn issues an access token. This would enable data owners to assert the authenticity of a request, while service providers and requestors also benefit from the correctness and freshness of identity data disclosed to them.

2019

Security and Fairness in IoT Based e-Health System: A Case Study of Mobile Edge-Clouds

Authors
Nwebonyi, FN; Martins, R; Correia, ME;

Publication
2019 INTERNATIONAL CONFERENCE ON WIRELESS AND MOBILE COMPUTING, NETWORKING AND COMMUNICATIONS (WIMOB)

Abstract
Through IoT, humans and objects can be connected seamlessly, to guaranty improved quality of service (QoS). IoT-driven e-Health systems benefit from such rich network setting, to transmit health information and deliver health services. It is expected to grow massively in scale, but for that to happen, several issues need to be addressed, including security and trust. Edge computing paradigms, such as Fog computing and Cloudlet, are already popular in IoT based e-Health domain. Fog nodes are leveraged to reduce latency between IoT devices and remote cloud computing infrastructure. In this work, we explain how Mobile edge-clouds, which is a less popular edge computing paradigm, can be employed to achieve similar or lower latency, at a lower cost. We also propose a lightweight mechanism for security and fairness in e-Health protocols that are based on mobile edge-clouds and other paradigms. Detailed simulation experiments show that the proposed method is scalable and can efficiently mitigate attacks that are targeted at e-Health information and the network.

2020

Profiling IT Security and Interoperability in Brazilian Health Organisations From a Business Perspective

Authors
Rui, RJ; Martinho, R; Oliveira, AA; Alves, D; Nogueira Reis, ZSN; Santos Pereira, C; Correia, ME; Antunes, LF; Cruz Correia, RJ;

Publication
INTERNATIONAL JOURNAL OF E-HEALTH AND MEDICAL COMMUNICATIONS

Abstract
The proliferation of electronic health (e-Health) initiatives in Brazil over the last 2 decades has resulted in a considerable fragmentation within health information technology (IT), with a strong political interference. The problem regarding this issue became twofold: 1) there are considerable flaws regarding interoperability and security involving patient data; and 2) it is difficult even for an experienced company to enter the Brazilian health IT market. In this article, the authors aim to assess the current state of IT interoperability and security in hospitals in Brazil and evaluate the best business strategy for an IT company to enter this difficult but very promising health IT market. A face-to-face questionnaire was conducted among 11 hospital units to assess their current status regarding IT interoperability and security aspects. Global Brazilian socio-economic data was also collected, and helped to not only identify areas of investment regarding health IT security and interoperability, but also to derive a business strategy, composed out of recommendations listed in the paper.

  • 4
  • 11