CRACS - Indexed Articles in Conferences

Permanent URI for this collection

http://localhost:4000/handle/123456789/124

Browse

Browsing CRACS - Indexed Articles in Conferences by Author "Alexandre Barbosa Augusto"
  • Item
    A Secure and Dynamic Mobile Identity Wallet Authorization Architecture Based on a XMPP Messaging Infrastructure
    ( 2013) Alexandre Barbosa Augusto ; Manuel Eduardo Correia
    In this chapter, the authors propose and describe an identity management framework that allows users to asynchronously control and effectively share sensitive dynamic data, thus guaranteeing security and privacy in a simple and transparent way. Their approach is realised by a fully secure mobile identity digital wallet, running on mobile devices (Android devices), where users can exercise discretionary control over the access to sensitive dynamic attributes, disclosing their value only to pre-authenticated and authorised users for determined periods of time. For that, the authors rely on an adaptation of the OAuth protocol to authorise and secure the disclosure of personal-private user data by the usage of token exchange and new XML Schemas to establish secure authorisation and disclosure of a set of supported dynamic data types that are being maintained by the personal mobile digital wallet. The communication infrastructure is fully implemented over the XMPP instant messaging protocol and is completely compatible with the public XMPP large messaging infrastructures already deployed on the Internet for real time XML document interchange. Copyright (C) 2013, IGI Global. Copying or distributing in print or electronic forms without written permission of IGI Global is prohibited.
  • Item
    A secure RBAC mobile agent access control model for Healthcare Institutions
    ( 2013) Santos Pereira,C ; Alexandre Barbosa Augusto ; Ricardo Correia ; Manuel Eduardo Correia
    In medical organizations, healthcare providers need to have fast access to patients' medical information in order to make accurate diagnoses as well as to provide appropriate treatments. Efficient healthcare is thus highly dependent on doctors being provided with access to patients' medical information at the right time and place. However it frequently happens that critical pieces of pertinent information end up not being used because they are located in information systems that do not inter-operate in a timely manner. Unfortunately the standard operational mode for many healthcare applications, and even healthcare institutions, is to be managed and operated as isolated islands that do not share information in an efficient manner. There are many reasons that contribute to this grim state of affairs, but what interests us the most is the lack of enforceable security policies for systems interoperability and data exchange and the existence of many heterogeneous legacy systems that are almost impossible to directly include into any reasonable secure interoperable workflow. In this paper we propose a RBAC mobile agent access control model supported by a specially managed public key infrastructure for mobile agent's strong authentication and access control. Our aim is to create the right means for doctors to be provided with timely accurate information, which would be otherwise inaccessible, by the means of strongly authenticated mobile agents capable of securely bridging otherwise isolated institutional eHealth domains and legacy applications.