Papers by Henrique Santos
Com a utilização cada vez maior de Tecnologias da Informação e das Comunicações (TIC) nos Sistema... more Com a utilização cada vez maior de Tecnologias da Informação e das Comunicações (TIC) nos Sistemas de Informação (SI) das organizações, surgem com crescente evidência os problemas de segurança e, em particular, a questão da autenticação do utilizador. Esta questão é hoje fundamental já que o acesso indevido a informação sensível pode provocar grandes prejuízos à organização. Neste trabalho descreve-se uma das técnicas utilizadas na autenticação, a biometria, como forma de aumentar a qualidade da autenticação. Nesse sentido, é analisado o estado da arte, são identificadas algumas vantagens, desvantagens e limitações das principais tecnologias desenvolvidas e procura-se perceber o impacto que a autenticação biométrica pode ter nas organizações, quando conjugada com a tecnologia proporcionada pelos cartões com capacidade de processamento e armazenamento seguro, conhecidos como Smart Cards. Finalmente, é brevemente introduzido o projecto de investigação em curso para o desenvolvimento de um sistema que explora estas tecnologias. -chave: autenticação, biometria, segurança, Smart Cards 1. Introdução O problema de estabelecer uma associação entre um indivíduo e uma identidade pode ser dividido em duas categorias: autenticação e identificação. Autenticação refere-se ao problema de confirmar ou negar uma alegada identidade de um indivíduo, enquanto identificação refere-se ao problema de estabelecer a identidade, desconhecida à partida, de um indivíduo [Thian 2001]. O âmbito deste documento é a autenticação de um sujeito ligado, directa ou indirectamente, ao indivíduo ou organização que pretende confirmar a sua identidade. Quando um operário fabril, ao entrar no seu posto de trabalho, passa pelo relógio de ponto para carimbar o seu cartão ou registar a passagem do seu cartão magnético, fornece uma informação à organização: a que horas se apresentou ao serviço. Esta informação tem consequências no custo que a sua organização irá ter com o seu salário. A pergunta que se põe é "como é que sabemos que não é o primeiro operário a chegar e o último a sair quem carimba todos os cartões?". O exemplo apresentado pode ser um tanto exagerado mas representa uma das situações em que a autenticação fraudulenta pode acarretar custos para uma organização. Muitos outros exemplos podem ser apresentados: o acesso não autorizado à contabilidade de uma empresa por alguém que obteve a palavra passe do contabilista, o acesso a um laboratório de alta segurança, ou simplesmente o acesso a informação estratégica por alguém que se faz passar por um utilizador legítimo. A procura de um método de autenticação tem sido vasta, envolvendo, tradicionalmente, sistemas que têm a ver com a partilha de um segredo entre utilizador e objecto de segurança.
Gain Enhancement of Diversity Slot Antenna Using FSS with Metamaterial Unit Cells for UWB Systems
2022 IEEE Wireless Antenna and Microwave Symposium (WAMS)
Tokenisation denotes one of the most successful implementations of blockchain that concretes its ... more Tokenisation denotes one of the most successful implementations of blockchain that concretes its benefits into practice, also in the public sector, where it can help to reverse the declining citizen trust in governments. Process Tokenisation is the possibility of adopting blockchain as infrastructure for a business process, measured by its level of "Tokenisability". Going towards a Process Tokenisation Model for the Public Sector, this position paper presents the context in which process tokenisation is necessary for the public sector and draws on Process Virtualisation Theory to propose constructs to help a public organisation identify the most suitable business process for tokenisation. Also, a European Blockchain Service Infrastructure use case description evaluates the model. As a result, the Process Tokenisation Model for the Public Sector demonstrated valuable, foreseeing sustainable potential benefits.
This work has been financed by FEDER funds through the Competitivity Factors Operational Courseme... more This work has been financed by FEDER funds through the Competitivity Factors Operational Courseme – C OMPETE: POCI-01-0145-FEDER-007136 and POCI-010145-FEDER-007043 and FCT – Fundacao para a Ciencia e Tecnologia within the Project Scope: UID/CEC/00319/2013.
2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3)
Nowadays it is possible to verify that there is a change in the way of buying, that is, the tradi... more Nowadays it is possible to verify that there is a change in the way of buying, that is, the traditional means of shopping is increasingly giving way to the electronic medium and, consequently, electronic payment means. The Internet, by making it possible to purchase and pay online, through means such as PayPal, Credit Cards, PaySafeCard, among others, has contributed to greater convenience, speed and efficiency, making the daily life of the population easier. This phenomenon gives rise to a new generation of consumers, the online consumers [1]. Therefore, the objective of this research was to understand which means of online payments are most used by consumers. As a way of responding to this objective, a quantitative methodology was used, in which an online questionnaire was created to collect data Some results corroborate with the literature, but others contradict it, especially regarding the age range of online consumers.
Plenary: Modern Educational Paradigms for a Computer and Engineer Career
2019 IEEE World Conference on Engineering Education (EDUNINE)
This paper has the goal to discuss the aspects of Engineering and Computing paradigms. In other w... more This paper has the goal to discuss the aspects of Engineering and Computing paradigms. In other words, it is to have a look and ponder the importance of engineering for the welfare of human kind. It is to think about the art and the endeavor of many people whose talent is problem solve. No matter the challenge the fact is that by the comprehension of Physics Law and the use of mathematics as a toll, engineers are able to overcome any challenge. Just look to the History and how it is full of brilliant minds pushing the limits of co-creation with the creation force that is the source of everything. By understanding the nature of things and looking at obstacles as the propeller for betterment. That is engineering and that is what makes the world goes around a joint venture with all the sciences that complete the world scenario.
2021 29th Telecommunications Forum (TELFOR), 2021
This article is an open access article distributed under the terms and conditions of the Creative... more This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY
Avaliação De Aprendizagens Em Streaming
Resumo A declaração de Bolonha trouxe consigo uma nova forma de ver as metodologias de ensino/apr... more Resumo A declaração de Bolonha trouxe consigo uma nova forma de ver as metodologias de ensino/aprendizagem, enfatizando o papel activo do aluno no processo de aquisição de conhecimentos. Com o objectivo de responder a esta necessidade e de criar espaços educativos mais motivadores e participativos foi criado um módulo temático em streaming para utilizar numa unidade curricular de um curso de pós-graduação da Universidade do Minho. Os alunos foram sujeitos a uma avaliação de conhecimentos para investigar se os ...
Within video stateless receivers, a central server should deliver information securely to the aut... more Within video stateless receivers, a central server should deliver information securely to the authorized users, over a public channel, even if receivers do not update their state from session to session. This is the case of a multimedia conditional access systems based on one way broadcasting. This paper suggests a new approach to assure a secure communication in such environments. The proposed approach is an efficient key exchange scheme for stateless receivers. It reduces the number of private keys used in traditional conditional access systems and the number of encryptions operations as it does not need to encrypt the ciphering keys. Furthermore, the presented approach eliminates the required key refreshment presented in other approaches. We tested the proposed system using AES algorithm. A numerical example is used to demonstrate the effectiveness of the presented approach. This technique can be very useful for small devices, with limited resources and strict power consumption r...
Historically, some new technologies are faced with rejection or acceptance. So researchers develo... more Historically, some new technologies are faced with rejection or acceptance. So researchers developed TAM (Technology Acceptance Model). TAM depends upon the user perception of the easiness and benefits. Authentication plays an important role in our lives as we use it every day. Odour, as a biometric technique, has some important characteristics, mainly, it is faster and easier since users will be not involved with unfamiliar interfaces such as typing password, signing or even deliberate exposing some part of the body. Odour field is still under development and needs a lot of work. In spite of the few limited researches that discuss the odour as user authentication technique their results predict that it would be good tool. This brings a question about the future of odour authentication systems and using it in real world. A questionnaire was distributed to measure the acceptance of using odour as authentication system and analyzed the collect data. It is concluded that it would be su...
2018 IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE)
The working midst has become challenging due to the multicultural environment and the need of ski... more The working midst has become challenging due to the multicultural environment and the need of skills such as cultural understanding, are very important in the formation of an engineer. It has been like this for many years however, now more than ever. So, for engineering schools, internationalization has become, on top of others, another demand for the accomplishment of a good program. It became necessary to provide international academic experience for the students. For this reason, internationalization is now a strategy to raise the quality of courses and as another result of these efforts, to raise the engineering students' retention rate along the program. The goal of this paper is to present and discuss the internationalization process of a University's engineering school, with the objective of making the program more attractive and promoting the double diploma in order to higher the quality of the programs.
The Role of Professional Associations in Contemporaneous Engineer Careers
2018 IEEE World Engineering Education Conference (EDUNINE)
This paper presents the new IEEE Education Society Conference - the IEEE World Engineering Educat... more This paper presents the new IEEE Education Society Conference - the IEEE World Engineering Education Conference - EDUNINE that has been designed for the Region 9, Latin America. The first edition was in Santos, São Paulo, Brazil, in 2017 and for the second edition it has been chosen Buenos Aires, the capital city of Argentina. The 2018 edition theme is “The role of Professional Associations in Contemporaneous Engineer Careers ”. This endeavor provides a forum for participants to refresh the knowledge base and explore the innovations in engineering and technology education. It strives to become the premier conference offering in addition plenty of networking opportunities, meeting and interacting with leading scientists and researchers, friends and colleagues as well as sponsors and exhibitors. The main goal is to present the history, efforts and hard work that this initiative involves and how much it can collaborate for the dissemination of quality and pertinent research.
Keystroke Dynamics – stepping forward in authentication
Abstract. Software based biometrics, utilising keystroke dynamics has been proposed as a cost eff... more Abstract. Software based biometrics, utilising keystroke dynamics has been proposed as a cost effective means of enhancing computer access security. Keystroke dynamics has been successfully employed as a means of identifying legitimate/illegitimate login attempts based on the typing style of the login entry. In this paper, we collected keystroke dynamics data in the form of digraphs from a series of users entering a specific login ID. We wished to determine if there were any particular patterns in the typing styles that would indicate whether a login attempt was legitimate or not using rough sets. Our analysis produced a sensitivity of 98%, specificity of 94 % and an overall accuracy of 97 % with respect to detecting intruders. In addition, our results indicate that typing speed and particular digraph combinations were the main determinants with respect to automated detection of system attacks. 1.
Contributing Authors António J. Esteves received the DEng degree and the MSc degree from Universi... more Contributing Authors António J. Esteves received the DEng degree and the MSc degree from University of Aveiro. Since 1995, he is working on his PhD thesis on Digital Systems. He has been a researcher in INESC-Aveiro. His research interests focus on hardware/software partitioning and high-level synthesis. He is author of several articles published on international conferences and books. Since 1993, he is a lecturer of the Department of Informatics, University of Minho. João M. Fernandes received the DEng degree and the MSc degree from U.Minho, and since 1995 he is working towards his PhD thesis on Computer Engineering. He has been a researcher in U.Bristol and, since 1991, he is a lecturer of the Department of Informatics, University of Minho. His research interests focus on hardware/software codesign and object-oriented methodologies for embedded systems development and he has published several articles on conferences, journals and books. Ricardo J. Machado received the DEng degree from U.Porto and received the MSc degree from U.Minho. Since 1997, he is working on his PhD thesis on Computer Engineering. He has been a researcher in INESC-Porto and in ENSEA-Paris and has worked in Texas Instruments. His research interests focus on hardware/software codesign and embedded real-time systems. He is author of several articles published on international conferences, journals and books and he is also co-author of 1 Texas Instruments international patent.
Abstract: The traditional authentication system used in technological applications is the well-kn... more Abstract: The traditional authentication system used in technological applications is the well-known and widely spread user/password pair. This technology as proved itself as well acceptable by the users and quite safe when used according to good security practices, this is: frequent change of the password; use of letters, number and symbols in the password; not revealing the password to others; not using the same password in more then one service; etc. But this is not what really happens, so we need to improve the protocol. Graphical secrets present lots of advantages and can increase the level of security without a significant change in the users habits. For that, we need to possess strong ways to convert them into strings that will fed the implemented passwords systems. In this paper we present a method to do so.
Abstract: Some applications are using images instead of words as the user's authentication s... more Abstract: Some applications are using images instead of words as the user's authentication secret, in order to increase the number of possible keys (key's space), taking advantage of the several possibilities for each mouse click and of the fact that humans memorize images better then words. This paper presents the characterisation of the graphical keys chosen by almost 200 regular users of a website and the results show some important fact that must taken into account to maximize the security of the authentication process.
2017 IEEE World Engineering Education Conference (EDUNINE)
Recently it has been noticed an increased number of cyber-incidents, sometimes causing seriously ... more Recently it has been noticed an increased number of cyber-incidents, sometimes causing seriously impact to organizations and governments. Cyberattacks exploits a variety of technological and social vulnerabilities to achieve a malicious objective. The emergence of new and sophisticated Cyberthreats demand very skilled operators with a solid knowledge about concepts and technologies related to Cybersecurity and Cyberdefense. However, the landscape of this base knowledge is very diverse in nature, requiring agile learning methods, besides a very demanding training process limited by the intrinsic technology's complexity and broad range of application domains. Although existing Cybersecurity and Cyberdefense curricula spans a wide array of topics and training strategies, its programs content lack focus on some particular aspect, like depth of education/training and its link to professional development. This paper intends to provide some reflections regarding the curricula contents that should be considered when a graduate level curriculum in cybersecurity is designed.
Wideband and Low-Profile Phased Array Smartphone Antenna Supporting 28-38 GHz
2021 29th Telecommunications Forum (TELFOR)
This paper introduces a low-profile 5G phased array with a broad operation band for smartphone ap... more This paper introduces a low-profile 5G phased array with a broad operation band for smartphone applications. The design procedure is simple and easy to accomplish. It is composed of eight endfire dipoles with a 1×8 linear array arrangement at the top side of the smartphone. The design is arranged on an RT5880 material with 0.25 mm thickness. The resonators of the array are placed on the same copper side of the ground plane. The employed elements have low profiles with discrete-feeding ports. The proposed array offers a broad impedance bandwidth from 28 to 38 GHz which could cover 5G candidate frequencies. Moreover, the coupling of the single radiators is less than -20 dB at the centre frequency. Well-defined end-fire radiation, good efficiency, highly miniaturized profile, wide beam-steering, sufficient gain levels, and wide operation band are the promising characteristics of the introduced array.
Uploads
Papers by Henrique Santos