Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
Interest
Topics
Details

Details

  • Name

    Manuel Eduardo Correia
  • Cluster

    Computer Science
  • Role

    Senior Researcher
  • Since

    01st January 2009
004
Publications

2020

Profiling IT security and interoperability in Brazilian health organisations from a business perspective

Authors
Rui, RJ; Martinho, R; Oliveira, AA; Alves, D; Nogueira Reis, ZSN; Santos Pereira, C; Correia, ME; Antunes, LF; Cruz Correia, RJ;

Publication
International Journal of E-Health and Medical Communications

Abstract
The proliferation of electronic health (e-Health) initiatives in Brazil over the last 2 decades has resulted in a considerable fragmentation within health information technology (IT), with a strong political interference. The problem regarding this issue became twofold: 1) there are considerable flaws regarding interoperability and security involving patient data; and 2) it is difficult even for an experienced company to enter the Brazilian health IT market. In this article, the authors aim to assess the current state of IT interoperability and security in hospitals in Brazil and evaluate the best business strategy for an IT company to enter this difficult but very promising health IT market. A face-to-face questionnaire was conducted among 11 hospital units to assess their current status regarding IT interoperability and security aspects. Global Brazilian socio-economic data was also collected, and helped to not only identify areas of investment regarding health IT security and interoperability, but also to derive a business strategy, composed out of recommendations listed in the paper. Copyright © 2020, IGI Global.

2020

Illegitimate HIS access by healthcare professionals detection system applying an audit trail-based model

Authors
Correia, LS; Correia, ME; Correia, RC;

Publication
HEALTHINF 2020 - 13th International Conference on Health Informatics, Proceedings; Part of 13th International Joint Conference on Biomedical Engineering Systems and Technologies, BIOSTEC 2020

Abstract
Complex data management on healthcare institutions makes very hard to identify illegitimate accesses which is a serious issue. We propose to develop a system to detect accesses with suspicious behavior for further investigation. We modeled use cases (UC) and sequence diagrams (SD) showing the data flow between users and systems. The algorithms represented by activity diagrams apply rules based on professionals' routines, use data from an audit trail (AT) and classify accesses as suspicious or normal. The algorithms were evaluated between 23rd and 31st July 2019. The results were analyzed using absolute and relative frequencies and dispersion measures. Access classification was in accordance to rules applied. "Check time of activity" UC had 64, 78% of suspicious classifications, being 55% of activity period shorter and 9, 78% longer than expected, "Check days of activity" presented 2, 27% of suspicious access and "EHR read access" 79%, the highest percentage of suspicious accesses. The results show the first picture of HIS accesses. Deeper analysis to evaluate algorithms sensibility and specificity should be done. Lack of more detailed information about professionals' routines and systems, and low quality of systems logs are some limitations. Although we believe this is an important step in this field.

2019

Reputation-Based Security System For Edge Computing

Authors
Nwebonyi, FN; Martins, R; Correia, ME;

Publication
Proceedings of the 13th International Conference on Availability, Reliability and Security, ARES 2018, Hamburg, Germany, August 27-30, 2018

Abstract

2019

Iris: Secure reliable live-streaming with opportunistic mobile edge cloud offloading

Authors
Martins, R; Correia, ME; Antunes, L; Silva, F;

Publication
Future Generation Computer Systems

Abstract
The ever-increasing demand for higher quality live streams is driving the need for better networking infrastructures, specially when disseminating content over highly congested areas, such as stadiums, concerts and museums. Traditional approaches to handle this type of scenario relies on a combination of cellular data, through 4G distributed antenna arrays (DAS), with a high count of WiFi (802.11) access points. This obvious requires a substantial upfront cost for equipment, planning and deployment. Recently, new efforts have been introduced to securely leverage the capabilities of wireless multipath, including WiFi multicast, 4G, and device-to-device communications. In order to solve these issues, we propose an approach that lessens the requirements imposed on the wireless infrastructures while potentially expanding wireless coverage through the crowd-sourcing of mobile devices. In order to achieve this, we propose a novel pervasive approach that combines secure distributed systems, WiFi multicast, erasure coding, source coding and opportunistic offloading that makes use of hyperlocal mobile edge clouds. We empirically show that our solution is able to offer a 11 fold reduction on the infrastructural WiFi bandwidth usage without having to modify any existing software or firmware stacks while ensuring stream integrity, authorization and authentication. © 2019 Elsevier B.V.

2019

Reputation based approach for improved fairness and robustness in P2P protocols

Authors
Nwebonyi, FN; Martins, R; Correia, ME;

Publication
Peer-to-Peer Networking and Applications

Abstract
Peer-to-Peer (P2P) overlay networks have gained popularity due to their robustness, cost advantage, network efficiency and openness. Unfortunately, the same properties that foster their success, also make them prone to several attacks. To mitigate these attacks, several scalable security mechanisms which are based on the concepts of trust and reputation have been proposed. These proposed methods tend to ignore some core practical requirements that are essential to make them more useful in the real world. Some of such requirements include efficient bootstrapping of each newcomer’s reputation, and mitigating seeder(s) exploitation. Additionally, although interaction among participating peers is usually the bases for reputation, the importance given to the frequency of interaction between the peers is often minimized or ignored. This can result in situations where barely known peers end-up having similar trust scores to the well-known and consistently cooperative nodes. After a careful review of the literature, this work proposes a novel and scalable reputation based security mechanism that addresses the aforementioned problems. The new method offers more efficient reputation bootstrapping, mitigation of bandwidth attack and better management of interaction rate, which further leads to improved fairness. To evaluate its performance, the new reputation model has been implemented as an extension of the BitTorrent protocol. Its robustness was tested by exposing it to popular malicious behaviors in a series of extensive PeerSim simulations. Results show that the proposed method is very robust and can efficiently mitigate popular attacks on P2P overlay networks. © 2018, Springer Science+Business Media, LLC, part of Springer Nature.

Supervised
thesis

2019

Establishing Trust and Confidence Among Entities in Distributed Networks

Author
Francis Nwebonyi Nwebonyi

Institution
UP-FCUP

2018

Infrastructure for Identity Management, Authentication and Authorization

Author
Muhammad Shehu Abubakar-Sadiq

Institution
UP-FCUP

2018

Authentication modules for Keycloak authentication server

Author
Daicy Patricia Duarte Paiva

Institution
UP-FCUP

2017

Anonimização de bases de dados empresariais de acordo com a nova Regulamentação Europeia de Proteção de Dados

Author
Frederico António Sá Oliveira Pinho

Institution
UP-FCUP

2017

Establishing Trust and Confidence Among Entities in Distributed Networks

Author
Francis Nwebonyi Nwebonyi

Institution
UP-FCUP