2012
Autores
Santos Pereira, C; Augusto, AB; Correia, ME; Ferreira, A; Cruz Correia, R;
Publicação
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Abstract
The Internet has proved the enormous benefits that can be accrued to all players involved in online services. However, it has also clearly demonstrated the risks involved in exposing personal data to the outside world and constitutes at the same time a teeming breeding ground of innovation for highly flexible security solutions that can minimize these risks. It is now widely believed that the benefits of online services to healthcare in general supplant the risks involved, provided adequate security measures are taken and the role played by all the parties involved, be they physicians, nurses or patients are clearly outlined. Due to the highly sensitive nature of the data held on the Electronic Health Record (EHR), it is commonly agreed that providing online access to patients EHR to the outside world carries an unacceptable level of risk not only to the patients but also to the healthcare institution that plays a custodian to that sensitive data. However, by sharing these risks with the patients, healthcare institutions can start to equate the possibility of providing controlled exterior online access to patients EHR. The mobile phone is nowadays the preferred mean by which people can interact with each other at a distance. Not only that, the smartphone constitutes the full embodiment of the truly personal device users carry constantly with them, everywhere. They are therefore the ideal means by which the user can casually and conveniently interact with information systems. In this paper we propose a discretionary online access rights management mechanism based on the Role Based Access Control (RBAC) model that takes advantage on the personal/technical characteristics and data communications capabilities of the smartphone in order to provide patients with the means by which they can conveniently exercise safe discretionary online access permissions to their own EHR. © 2012 Springer-Verlag.
2007
Autores
Bessa, S; Correia, ME; Brandao, P;
Publicação
2007 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS, VOLS 1-3
Abstract
In this paper we present the development, implementation and simulation of a simple Distributed Hash Table (DHT) protocol for a Peer to peer (P2P) overlay network inspired by small world [3, 2] concepts. Our simulation and implementation, done on the Peersim [10] java network simulator, showed results consistent with other state of the art DHT implementations with a more simple and pragmatic approach for the graph construction algorithm. We present the results Of Simulating this protocol on large P2P networks and compare them with the results obtained in Symphony [14], another small world inspired DHT.
2009
Autores
Baptista, N; Prior, R; Correia, ME;
Publicação
2009 COMPUTATION WORLD: FUTURE COMPUTING, SERVICE COMPUTATION, COGNITIVE, ADAPTIVE, CONTENT, PATTERNS
Abstract
Several studies have demonstrated the advantages of using IVR (Interactive Voice Response) technologies[5], which allow the users to phone a computer and access services by pressing the appropriate touch-tone keys on their telephones. Because it offers substantial benefits in terms of cost and time efficiency, there is a continuous pursuit for increased automation using IVR. The real challenge lies in providing a user-friendly, yet cost-effective interface to users in order to improve their interaction with existing services, making them more usable and useful, providing an experience that fits their specific objectives and utilization contexts. This paper describes a method and system for providing customizable audio access to email messages kept in several IMAP (Internet Message Access Protocol) backstorages using an IVR application that takes full advantage of TTS (Text-To-Speech) software.
2012
Autores
Martins, RA; Correia, ME; Augusto, AB;
Publicação
INFORMATION SYSTEMS AND TECHNOLOGIES
Abstract
This paper performs a survey on the state of the art in the security and access controls mechanisms employed by multi agent systems as a form of data transaction, with special emphasis on their security threats and how these issues are currently being tackled for multi-agent systems. In this paper we provide a brief summary of current approaches and provide comments on their relevance, implementation and safety assumptions behind their safe operation on real systems with sensitive data. We also take special notice on the security issues approached by each one of the analysed proposals and the sometimes ingenious ways proposed by different authors to solve them. We also pay special attention to issues related with the authentication, confidentiality, integrity and access control mechanisms employed to minimise security incidents. Nowadays multi-agent systems are increasingly being researched and deployed to solve complex interoperability issues that normally occur between different institutions. The final result of this survey is a summary aggregation of knowledge about security and access control practices for multi agent models and implementations.
2009
Autores
Falcao Reis, F; Almeida, D; Correia, ME;
Publicação
SISTEMAS E TECHNOLOGIAS DE INFORMACAO: ACTAS DA 4A CONFERENCIA IBERICA DE SISTEMAS E TECNOLOGIAS DE LA INFORMACAO
Abstract
With the massive migration of real world bureaucratic and business processes to the virtual world comes an ever increasing dependency on the security of the Internet infrastructure. To ensure the secure exchange of sensitive personal information and to help support the provisioning of a multitude of identity mechanisms and protocols there is an increased need for a very flexible, interoperable and user-centric Identity Management infrastructure. OpenID is a decentralized system protocol for user-centric identification and digital identity management in the Internet that is being largely deployed all over the world. In this paper we present Extended OpenID (EOID), an Identity Provider which leverages a secured OpenID 2.0 infrastructure with the recently released Portuguese Citizen Card (CC). EOID is composed by an OpenID server that uses the CC for strong authentication and a Firefox Plugin for an easier much more secure user experience.
2012
Autores
Maia, LA; Correia, ME;
Publicação
SISTEMAS Y TECNOLOGIAS DE INFORMACION, VOLS 1 AND 2
Abstract
The mobile phone is currently the preferred means by which people can communicate and interact with each other at a distance. Not only that, the smart-phone nowadays constitutes the full embodiment of the truly personal device users carry constantly with them, everywhere. They are therefore the ideal means by which the user can casually and conveniently interact with Information systems. It can also act as a convenient and highly practical storage place for sensitive identity information. Moreover nowadays there is a real urgent need to have in place secure, non-refutable and securely managed identities and communications, with sufficiently strong authentication mechanisms that can assure, among other important properties, strong non-repudiation. In this paper we describe how we have managed to combine the functionalities provided by OpenSC and the University of Graz IAIK java security provider to more easily port java security applications based on the desktop JCA API to the Android platform. This enables us to take advantage of the full extent of the security programming facilities provided by the Java programming language on android devices equipped with smart digital (SD) based smart cards.
The access to the final selection minute is only available to applicants.
Please check the confirmation e-mail of your application to obtain the access code.