Abstract
Handwritten signature recognition is still the most widely accepted method to validate paper based documents. However, in the digital world, there is no readymade way to distinguish a real handwritten signature on a scanned document from a forged copy of another signature made by the same person on another document that is simply "pasted" into the forged document. In this paper we describe how we are using the touch screen of smartphones or tablets to collect handwritten signature images and associated biometric markers derived from the motion direction of handwritten signatures that are made directly into the device touchscreen. These time base biometric markers can then be converted into signaling time waves, by using the dragging or lifting movements the user makes with a touch screen omnidirectional tip stylus, when he handwrites is signature at the device touchscreen. These time/space signaling time waves can then be converted into a biometric bit stream that can be matched with previously enrolled biometric markers of the user's handwritten signature. In this paper we contend that the collection of these simple biometric features is sufficient to achieve a level of user recognition and authentication that is sufficient for the majority of online user authentication and digital documents authenticity.

Abstract
We expose an USB vulnerability in some vendors' customization of the android system, where the serial AT commands processed by the cellular modem are extended to allow other functionalities. We target that vulnerability for the specific vendor system and present a proof of concept of the attack in a realistic scenario environment. For this we use an apparently inoffensive smartphone charging station like the one that is now common at public places like airports. We unveil the implications of such vulnerability that culminate in flashing a compromised boot partition, root access, enable adb and install a surveillance application that is impossible to uninstall without re-flashing the android boot partition. All these attacks are done without user consent or knowledge on the attacked mobile phone.

Abstract
Introduction: The improvements made to healthcare IT systems made over the past years led to the creation of a multitude of different applications essential to the institutions daily operations. Aim: We aim to create and install a system capable of displaying production metrics for healthcare management with little requirements, efforts and software providers involved. Methods: We propose a system capable of displaying production metrics for healthcare facilities, by extracting HL7 messages and other eHealth relevant protocols directly from the institution's network infrastructure. Our system is then able to populate a knowledge database with meaningful information derived from the gathered data. Results: Our system is currently being tested on a large healthcare facility where it extracts and analyses a daily average of 44,000 HL7 messages. The system is currently capable of inferring and displaying the daily distribution of healthcare related activities such as laboratory orders or even relevant billing information. Conclusion: HL7 messages moving over the network contain valuable information that can then be used to assess many relevant production metrics for the entire facility and from otherwise non-interoperable production systems that, in most cases, can only be seen as black boxes by other system integrators.

Abstract
The massive growth of the Internet and its services is currently being sustained by the mercantilization of users' identities and private data. Traditional services on the Web require the user to disclose many unnecessary sensitive identity attributes like bankcards, geographic position, or even personal health records in order to provide a service. In essence, the services are presented as free and constitute a means by which the user is mercantilized, often without realizing the real value of its data to the market. In this chapter the auhors describe OFELIA (Open Federated Environment for Leveraging of Identity and Authorization), a digital identity architecture designed from the ground up to be user centric. OFELIA is an identity/authorization versatile infrastructure that does not depend upon the massive aggregation of users' identity attributes to offer a highly versatile set of identity services but relies instead on having those attributes distributed among and protected by several otherwise unrelated Attribute Authorities. Only the end user, with his smartphone, knows how to aggregate these scattered Attribute Authorities' identity attributes back into some useful identifiable and authenticated entity identity that can then be used by Internet services in a secure and interoperable way.

Abstract
The development of eHealth technologies over the last few years has been pushing healthcare institutions to evolve their own infrastructures. Along with this evolution, critical systems now need to use communication standards such as HL7 or DICOM in order to exchange information in a more meaningful and efficient way. However, healthcare institutions often experience complications when different systems communicate directly even when using communication standards. We aim to assess the quality of the data present in HL7 messages exchanged between different critical systems in a large healthcare facility and therefore propose an integration infrastructure that allows a real time and centralized way to manage, route and monitor the integration flows between various systems.

Abstract
Several pilot tests show that patients who are able to access their Electronic Health Records (EHR), become more responsible and involved in the maintenance of their health. However, despite technologically feasible and legally possible, there is no validated or standardized toolset available yet, for patients to review and manage their EHR. Many privacy, security and usability issues must be solved first before this practice can be made mainstream. This paper proposes and discusses the design of an access control visual application that addresses most of these issues, and offers patients a secure, controlled and easy access to their EHR.