Papers by Christos Ilioudis
In our work we combined augmented reality with mobile learning and, by exploiting the characteris... more In our work we combined augmented reality with mobile learning and, by exploiting the characteristics of those two elements, we developed a mobile augmented reality blended learning application for teaching a given subject. The main contribution of this work in mAR blended learning is the augmentation of the teaching subject using dynamic, on-line content from popular sources. In this way, the content is continually revised and by exploiting the personalisation techniques that search engines use, such as user profile and language. Our mAR blended learning application was developed using open source software and yielded encouraging results when tested on pupils aged 11-12 years old.
An innovative e-health network for collaboration on emergency cases
Proceedings of the 10th IEEE International Conference on Information Technology and Applications in Biomedicine, 2010
ABSTRACT This paper discusses a collaborative and innovative e-health system called EMOSNet, for ... more ABSTRACT This paper discusses a collaborative and innovative e-health system called EMOSNet, for the support of medical decision making in the case of amputated or mangled extremities. The goal of the proposed system is to provide communication and collaboration channels between orthopedists located in regional hospitals and special surgeons of the University Hospital of Larissa, in order to confront emergency orthopedic incidences. The main contribution of this work is the development of a suitable framework for the development of a collaborative and innovative e-health system. Using state of the art technology, we develop innovative services, contribute to standardization, interoperability and security issues and provide modeling and simulation techniques for educational purposes. More specifically, we describe a framework of e-health innovation and an overview of the design methodology that relate to e-health service innovation. Our methodology introduces a technological platform for the provision of services for the delivery of a number of e-health services, ranging from second-opinion request and collaboration among distant professionals to the support of medical decision making in the case of amputated or mangled extremities.
An innovative e-health network for collaboration on emergency cases
ABSTRACT This paper discusses a collaborative and innovative e-health system called EMOSNet, for ... more ABSTRACT This paper discusses a collaborative and innovative e-health system called EMOSNet, for the support of medical decision making in the case of amputated or mangled extremities. The goal of the proposed system is to provide communication and collaboration channels between orthopedists located in regional hospitals and special surgeons of the University Hospital of Larissa, in order to confront emergency orthopedic incidences. The main contribution of this work is the development of a suitable framework for the development of a collaborative and innovative e-health system. Using state of the art technology, we develop innovative services, contribute to standardization, interoperability and security issues and provide modeling and simulation techniques for educational purposes. More specifically, we describe a framework of e-health innovation and an overview of the design methodology that relate to e-health service innovation. Our methodology introduces a technological platform for the provision of services for the delivery of a number of e-health services, ranging from second-opinion request and collaboration among distant professionals to the support of medical decision making in the case of amputated or mangled extremities.
International Journal of Information and Computer Security, 2008
The requirements for efficient management of authorizations in Web-based collaborative applicatio... more The requirements for efficient management of authorizations in Web-based collaborative applications lead to new access control administration paradigms during run-time. The need for fine-grained and just-in-time access control can effectively be addressed by dynamic administration of authorizations, either via proper role or permission activation. In this paper, an authorization architecture that is based on the DARBAC (Dynamically Administering Role Based Access Control) model and provides access control and meta-access control capabilities is presented. The paper describes the implementation of the components and the structure of the architecture within the .NET framework. The application of the implemented access control system is also demonstrated. Based on the results of this demonstration, a more detailed investigation of benefits of the proposed approach, that are related to improvements in the administration of role-based access control during run-time, is presented.
A Role Engineering Framework to Support Dynamic Authorizations in Collaborative Environments
Information Security Journal: A Global Perspective, 2012
With the increasing availability of networks and the advancements in their underlying infrastruct... more With the increasing availability of networks and the advancements in their underlying infrastructure of mobile devices, access control and authorization issues will be enablers of future technologies in collaborative environments. Recent works demonstrate efforts to dynamically authorize users without prior knowledge and with no security configuration attributes or roles previously assigned to them. Moreover, current role-based engineering approaches construct role hierarchies without reflecting the organizational structure, since they do not take into account structural organizational characteristics. In this paper we propose an innovative role structure, not solely dependent on naming methods but also that takes into account organizational as well as functional characteristics to provide a practical role assignment methodology between organizations in a collaborative environment. More specifically, we argue that beyond the fact that a role represents a job assignment to perform certain function(s), it is also a composite element representing several organizational characteristics such as organizational function, organizational domain and level of authority. The proposed role structure enables role-to-role assignment as external nonlocal users request access in a particular information system (e.g., people on the move, users logged in from a collaborative organization) and acquire local role(s). A clear advantage in the proposed framework is its flexibility in the role assignment process, since the proposed role decomposition does not require an exact match of predefined credentials. The methodology is autonomous, as no prior trust establishment is required between interactive organizations, expendable as new organizations can join the collaboration without affecting the existing ones, flexible as it does not affect the local access control policy, scalable as the collaboration can increase arbitrary and efficient as the comparison methodology guarantees the selection of the appropriate local role, if such one exists.
Using Nature and Bio-inspired Technologies for Building Innovative Proactive Security Mechanisms
... Keywords: Information security, Artificial Immune Systems, Prevention security mechanisms ...... more ... Keywords: Information security, Artificial Immune Systems, Prevention security mechanisms ... and documented its suitability and advantages when used for computer security applications. ... Artificial Immune Systems: A New Computational Intelligence Approach, Springer 2002 [2 ...
A Framework for an Institutional High Level Security Policy for the Processing of Medical Data and their Transmission through the Internet
Journal of Medical Internet Research, 2001
The Internet provides many advantages when used for interaction and data sharing among health car... more The Internet provides many advantages when used for interaction and data sharing among health care providers, patients, and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality, integrity, and availability of information. It is therefore essential that Health Care Establishments processing and exchanging medical data use an appropriate security policy. To develop a High Level Security Policy for the processing of medical data and their transmission through the Internet, which is a set of high-level statements intended to guide Health Care Establishment personnel who process and manage sensitive health care information. We developed the policy based on a detailed study of the existing framework in the EU countries, USA, and Canada, and on consultations with users in the context of the Intranet Health Clinic project. More specifically, this paper has taken into account the major directives, technical reports, law, and recommendations that are related to the protection of individuals with regard to the processing of personal data, and the protection of privacy and medical data on the Internet. We present a High Level Security Policy for Health Care Establishments, which includes a set of 7 principles and 45 guidelines detailed in this paper. The proposed principles and guidelines have been made as generic and open to specific implementations as possible, to provide for maximum flexibility and adaptability to local environments. The High Level Security Policy establishes the basic security requirements that must be addressed to use the Internet to safely transmit patient and other sensitive health care information. The High Level Security Policy is primarily intended for large Health Care Establishments in Europe, USA, and Canada. It is clear however that the general framework presented here can only serve as reference material for developing an appropriate High Level Security Policy in a specific implementation environment. When implemented in specific environments, these principles and guidelines must also be complemented by measures, which are more specific. Even when a High Level Security Policy already exists in an institution, it is advisable that the management of the Health Care Establishment periodically revisits it to see whether it should be modified or augmented.
The significance of XML technology for sharing data over the Internet is being rapidly recognised... more The significance of XML technology for sharing data over the Internet is being rapidly recognised. In this paper, we examine the security problems related to XML data and present our approach, the XML Security model, for enforcing security policies in XML based Information systems. Our methodology has been based on the study of the XML data model, on the identification of the security requirements of XML Information systems and on the survey of security models which have been proposed to support the conventional data models (relational, object-oriented, hypertext etc). The proposed approach takes into account and exploits the specific characteristics of XML data and incorporates the flexibility of Role based Access Control policies.
The Importance of Corporate Forensic Readiness in the Information Security Framework
Corporate forensics is rapidly becoming an essential component of modern business. Having no a pr... more Corporate forensics is rapidly becoming an essential component of modern business. Having no a priori knowledge on whether a security related event or corporate policy violation will lead to litigation, it is argued in this paper that digital forensics principles need to be applied to all corporate investigatory, monitoring and auditing activities. Corporate forensics are also necessary in modern organizations
Grid technologies promise to change the way that health organizations tackle complex problems by ... more Grid technologies promise to change the way that health organizations tackle complex problems by offering unprecedented opportunities for resource sharing and collaboration. Healthgrids are Grid infrastructures comprising applications, services or middleware components that deal with the specific problems arising in the processing of biomedical data. Resources in Healthgrids are databases, computing power, medical expertise and even medical devices. Securing this new environment in Health organizations is a major issue today. Security considerations and more specifically authorization decisions is a critical problem. Personal data is confidential, so access to the information must be restricted to authorized and authenticated persons. Furthermore data must be protected to guarantee its confidentiality and integrity. This work provides a suitable authorization mechanism that facilitates the usage of grid and agent technology in HealthGrid environments. More specifically, our approach applies the RBAC access control model for dynamically assigning security roles to visiting agents on hosts of the HealthGrid environment. Our methodology proposes a flexible role decomposition method, which facilitates the role assignment process. The role decomposition relies on a set of common Attribute Fields, shared between Grid's hosts, filled with Attribute values that every host evaluates according to its security goals. In any case, every host participating in the grid retains its security policy without altering or compromising its security policy in order to participate in the agent exchange process. The proposed process and the related assignment algorithms have been experimentally implemented and applied in a typical health environment. The results have shown that the proposed framework is applicable and implementable, and can be applied successfully in real life health care environments.
The security of a biometric information system depends partially on the ability of the biometric ... more The security of a biometric information system depends partially on the ability of the biometric information sensor to authenticate itself securely to the processing centre it usually interacts with, thus ensuring that the securely transmitted biometric data has not been constructed by an attacker. The biometric sensors of a biometric information system are often physically exposed to potential adversaries who may manipulate them and therefore compromise the security of the system. Such attacks can be detected by continuous and secure sensor monitoring. The proposed scheme is based on the Kerberos protocol for dealing with sensor authentication issues. Using authenticated control/data packets its functionality has been extended to provide secure sensor monitoring, which can help in detecting physical attacks on the sensor itself.
Uploads
Papers by Christos Ilioudis