Cookies
Usamos cookies para melhorar nosso site e a sua experiência. Ao continuar a navegar no site, você aceita a nossa política de cookies. Ver mais
Fechar
  • Menu
Tópicos
de interesse
Detalhes

Detalhes

  • Nome

    Luís Filipe Antunes
  • Cluster

    Informática
  • Cargo

    Coordenador de Centro
  • Desde

    15 dezembro 2011
007
Publicações

2019

pTASC: trustable autonomous secure communications

Autores
Sousa, PR; Cirne, A; Resende, JS; Martins, R; Antunes, L;

Publicação
Proceedings of the 20th International Conference on Distributed Computing and Networking, ICDCN 2019, Bangalore, India, January 04-07, 2019

Abstract

2019

pTASC

Autores
Sousa, PR; Cirne, A; Resende, JS; Martins, R; Antunes, L;

Publicação
Proceedings of the 20th International Conference on Distributed Computing and Networking - ICDCN '19

Abstract

2019

OpenEHR and General Data Protection Regulation: Evaluation of Principles and Requirements

Autores
Goncalves Ferreira, D; Sousa, M; Bacelar Silva, G; Frade, S; Antunes, L; Beale, T; Cruz Correia, R;

Publicação
JMIR MEDICAL INFORMATICS

Abstract
Background: Concerns about privacy and personal data protection resulted in reforms of the existing legislation in the European Union (EU). The General Data Protection Regulation (GDPR) aims to reform the existing directive on the topic of personal data protection of EU citizens with a strong emphasis on more control of the citizens over their data and in the establishment of rules for the processing of personal data. OpenEHR is a standard that embodies many principles of interoperable and secure software for electronic health records (EHRs) and has been advocated as the best approach for the development of hospital information systems. Objective: This study aimed to understand to what extent the openEHR standard can help in the compliance of EHR systems to the GDPR requirements. Methods: A list of requirements for an EHR to support GDPR compliance and also a list of the openEHR design principles were made. The requirements were categorized and compared with the principles by experts on openEHR and GDPR. Results: A total of 50 GDPR requirements and 8 openEHR design principles were identified. The openEHR principles conformed to 30% (15/50) of GDPR requirements. All the openEHR principles were aligned with GDPR requirements. Conclusions: This study showed that the openEHR principles conform well to GDPR, underlining the common wisdom that truly realizing security and privacy requires it to be built in from the start. By using an openEHR-based EHR, the institutions are closer to becoming compliant with GDPR while safeguarding the medical data.

2019

Iris: Secure reliable live-streaming with opportunistic mobile edge cloud offloading

Autores
Martins, R; Correia, ME; Antunes, L; Silva, F;

Publicação
Future Generation Computer Systems

Abstract
The ever-increasing demand for higher quality live streams is driving the need for better networking infrastructures, specially when disseminating content over highly congested areas, such as stadiums, concerts and museums. Traditional approaches to handle this type of scenario relies on a combination of cellular data, through 4G distributed antenna arrays (DAS), with a high count of WiFi (802.11) access points. This obvious requires a substantial upfront cost for equipment, planning and deployment. Recently, new efforts have been introduced to securely leverage the capabilities of wireless multipath, including WiFi multicast, 4G, and device-to-device communications. In order to solve these issues, we propose an approach that lessens the requirements imposed on the wireless infrastructures while potentially expanding wireless coverage through the crowd-sourcing of mobile devices. In order to achieve this, we propose a novel pervasive approach that combines secure distributed systems, WiFi multicast, erasure coding, source coding and opportunistic offloading that makes use of hyperlocal mobile edge clouds. We empirically show that our solution is able to offer a 11 fold reduction on the infrastructural WiFi bandwidth usage without having to modify any existing software or firmware stacks while ensuring stream integrity, authorization and authentication. © 2019 Elsevier B.V.

2019

Breaking MPC implementations through compression

Autores
Resende, JS; Sousa, PR; Martins, R; Antunes, L;

Publicação
International Journal of Information Security

Abstract
There are many cryptographic protocols in the literature that are scientifically and mathematically sound. By extension, cryptography today seeks to respond to numerous properties of the communication process beyond confidentiality (secrecy), such as integrity, authenticity, and anonymity. In addition to the theoretical evidence, implementations must be equally secure. Due to the ever-increasing intrusion from governments and other groups, citizens are now seeking alternatives ways of communication that do not leak information. In this paper, we analyze multiparty computation (MPC), which is a sub-field of cryptography with the goal of creating methods for parties to jointly compute a function over their inputs while keeping those inputs private. This is a very useful method that can be used, for example, to carry out computations on anonymous data without having to leak that data. Thus, due to the importance of confidentiality in this type of technique, we analyze active and passive attacks using complexity measures (compression and entropy). We start by obtaining network traces and syscalls, then we analyze them using compression and entropy techniques. Finally, we cluster the traces and syscalls using standard clustering techniques. This approach does not need any deep specific knowledge of the implementations being analyzed. This paper presents a security analysis for four MPC frameworks, where three were identified as insecure. These insecure libraries leak information about the inputs provided by each party of the communication. Additionally, we have detected, through a careful analysis of its source code, that SPDZ-2’s secret sharing schema always produces the same results. © 2019, Springer-Verlag GmbH Germany, part of Springer Nature.

Teses
supervisionadas

2018

Assessing Complexity of Physiological Interactions

Autor
Teresa Sarmento Henriques

Instituição
UP-FM

2017

A Web Anonymizer Platform for Datasets with Personal Information

Autor
Christophe da Silva Ferreira

Instituição
UP-FCUP

2017

RFID Clone

Autor
Pedro Manuel Roque Cabral

Instituição
UP-FCUP

2017

Briareos - A Modular Framework for Elastic Intrusion Detection and Prevention

Autor
André Martins Carrilho Costa Baptista

Instituição
UP-FCUP

2017

Anonimização de bases de dados empresariais de acordo com a nova Regulamentação Europeia de Proteção de Dados

Autor
Frederico António Sá Oliveira Pinho

Instituição
UP-FCUP