2012
Autores
Santos Pereira, C; Augusto, AB; Correia, ME; Ferreira, A; Cruz Correia, R;
Publicação
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Abstract
The Internet has proved the enormous benefits that can be accrued to all players involved in online services. However, it has also clearly demonstrated the risks involved in exposing personal data to the outside world and constitutes at the same time a teeming breeding ground of innovation for highly flexible security solutions that can minimize these risks. It is now widely believed that the benefits of online services to healthcare in general supplant the risks involved, provided adequate security measures are taken and the role played by all the parties involved, be they physicians, nurses or patients are clearly outlined. Due to the highly sensitive nature of the data held on the Electronic Health Record (EHR), it is commonly agreed that providing online access to patients EHR to the outside world carries an unacceptable level of risk not only to the patients but also to the healthcare institution that plays a custodian to that sensitive data. However, by sharing these risks with the patients, healthcare institutions can start to equate the possibility of providing controlled exterior online access to patients EHR. The mobile phone is nowadays the preferred mean by which people can interact with each other at a distance. Not only that, the smartphone constitutes the full embodiment of the truly personal device users carry constantly with them, everywhere. They are therefore the ideal means by which the user can casually and conveniently interact with information systems. In this paper we propose a discretionary online access rights management mechanism based on the Role Based Access Control (RBAC) model that takes advantage on the personal/technical characteristics and data communications capabilities of the smartphone in order to provide patients with the means by which they can conveniently exercise safe discretionary online access permissions to their own EHR. © 2012 Springer-Verlag.
2012
Autores
Martins, RA; Correia, ME; Augusto, AB;
Publicação
INFORMATION SYSTEMS AND TECHNOLOGIES
Abstract
This paper performs a survey on the state of the art in the security and access controls mechanisms employed by multi agent systems as a form of data transaction, with special emphasis on their security threats and how these issues are currently being tackled for multi-agent systems. In this paper we provide a brief summary of current approaches and provide comments on their relevance, implementation and safety assumptions behind their safe operation on real systems with sensitive data. We also take special notice on the security issues approached by each one of the analysed proposals and the sometimes ingenious ways proposed by different authors to solve them. We also pay special attention to issues related with the authentication, confidentiality, integrity and access control mechanisms employed to minimise security incidents. Nowadays multi-agent systems are increasingly being researched and deployed to solve complex interoperability issues that normally occur between different institutions. The final result of this survey is a summary aggregation of knowledge about security and access control practices for multi agent models and implementations.
2012
Autores
Maia, LA; Correia, ME;
Publicação
SISTEMAS Y TECNOLOGIAS DE INFORMACION, VOLS 1 AND 2
Abstract
The mobile phone is currently the preferred means by which people can communicate and interact with each other at a distance. Not only that, the smart-phone nowadays constitutes the full embodiment of the truly personal device users carry constantly with them, everywhere. They are therefore the ideal means by which the user can casually and conveniently interact with Information systems. It can also act as a convenient and highly practical storage place for sensitive identity information. Moreover nowadays there is a real urgent need to have in place secure, non-refutable and securely managed identities and communications, with sufficiently strong authentication mechanisms that can assure, among other important properties, strong non-repudiation. In this paper we describe how we have managed to combine the functionalities provided by OpenSC and the University of Graz IAIK java security provider to more easily port java security applications based on the desktop JCA API to the Android platform. This enables us to take advantage of the full extent of the security programming facilities provided by the Java programming language on android devices equipped with smart digital (SD) based smart cards.
2012
Autores
Ramalho, JC; Simoes, A; Queiros, R;
Publicação
Innovations in XML Applications and Metadata Management: Advancing Technologies
Abstract
As new concepts such as virtualization, cloud computing, and web applications continue to emerge, XML has begun to assume the role as the universal language for communication among contrasting systems that grow throughout the internet. Innovations in XML Applications and Metadata Management: Advancing Technologies addresses the functionality between XML and its related technologies towards application development based on previous concepts. This book aims to highlights the variety of purposes for XML applications and how the technology development brings together advancements in the virtual world.
2012
Autores
Simões, A; Queirós, R; Cruz, DCd;
Publicação
SLATE
Abstract
2012
Autores
Alves, S; Mackie, I;
Publicação
LINEARITY
Abstract
The access to the final selection minute is only available to applicants.
Please check the confirmation e-mail of your application to obtain the access code.