Design of a secure architecture for the exchange of biomedical information in m-Health scenarios

El paradigma de m-Salud (salud móvil) aboga por la integración masiva de las más avanzadas tecnologías de comunicación, red móvil y sensores en aplicaciones y sistemas de salud, para fomentar el despliegue de un nuevo modelo de atención clínica centrada en el usuario/paciente. Este modelo tiene por objetivos el empoderamiento de los usuarios en la gestión de su propia salud (p.ej. aumentando sus conocimientos, promocionando estilos de vida saludable y previniendo enfermedades), la prestación de una mejor tele-asistencia sanitaria en el hogar para ancianos y pacientes crónicos y una notable disminución del gasto de los Sistemas de Salud gracias a la reducción del número y la duración de las hospitalizaciones. No obstante, estas ventajas, atribuidas a las aplicaciones de m-Salud, suelen venir acompañadas del requisito de un alto grado de disponibilidad de la información biomédica de sus usuarios para garantizar una alta calidad de servicio, p.ej. fusionar varias señales de un usuario para obtener un diagnóstico más preciso. La consecuencia negativa de cumplir esta demanda es el aumento directo de las superficies potencialmente vulnerables a ataques, lo que sitúa a la seguridad (y a la privacidad) del modelo de m-Salud como factor crítico para su éxito. Como requisito no funcional de las aplicaciones de m-Salud, la seguridad ha recibido menos atención que otros requisitos técnicos que eran más urgentes en etapas de desarrollo previas, tales como la robustez, la eficiencia, la interoperabilidad o la usabilidad. Otro factor importante que ha contribuido a retrasar la implementación de políticas de seguridad sólidas es que garantizar un determinado nivel de seguridad implica unos costes que pueden ser muy relevantes en varias dimensiones, en especial en la económica (p.ej. sobrecostes por la inclusión de hardware extra para la autenticación de usuarios), en el rendimiento (p.ej. reducción de la eficiencia y de la interoperabilidad debido a la integración de elementos de seguridad) y en la usabilidad (p.ej. configuración más complicada de dispositivos y aplicaciones de salud debido a las nuevas opciones de seguridad). Por tanto, las soluciones de seguridad que persigan satisfacer a todos los actores del contexto de m-Salud (usuarios, pacientes, personal médico, personal técnico, legisladores, fabricantes de dispositivos y equipos, etc.) deben ser robustas y al mismo tiempo minimizar sus costes asociados. Esta Tesis detalla una propuesta de seguridad, compuesta por cuatro grandes bloques interconectados, para dotar de seguridad a las arquitecturas de m-Salud con unos costes reducidos. El primer bloque define un esquema global que proporciona unos niveles de seguridad e interoperabilidad acordes con las características de las distintas aplicaciones de m-Salud. Este esquema está compuesto por tres capas diferenciadas, diseñadas a la medidas de los dominios de m-Salud y de sus restricciones, incluyendo medidas de seguridad adecuadas para la defensa contra las amenazas asociadas a sus aplicaciones de m-Salud. El segundo bloque establece la extensión de seguridad de aquellos protocolos estándar que permiten la adquisición, el intercambio y/o la administración de información biomédica -- por tanto, usados por muchas aplicaciones de m-Salud -- pero no reúnen los niveles de seguridad detallados en el esquema previo. Estas extensiones se concretan para los estándares biomédicos ISO/IEEE 11073 PHD y SCP-ECG. El tercer bloque propone nuevas formas de fortalecer la seguridad de los tests biomédicos, que constituyen el elemento esencial de muchas aplicaciones de m-Salud de carácter clínico, mediante codificaciones novedosas. Finalmente el cuarto bloque, que se sitúa en paralelo a los anteriores, selecciona herramientas genéricas de seguridad (elementos de autenticación y criptográficos) cuya integración en los otros bloques resulta idónea, y desarrolla nuevas herramientas de seguridad, basadas en señal -- embedding y keytagging --, para reforzar la protección de los test biomédicos.The paradigm of m-Health (mobile health) advocates for the massive integration of advanced mobile communications, network and sensor technologies in healthcare applications and systems to foster the deployment of a new, user/patient-centered healthcare model enabling the empowerment of users in the management of their health (e.g. by increasing their health literacy, promoting healthy lifestyles and the prevention of diseases), a better home-based healthcare delivery for elderly and chronic patients and important savings for healthcare systems due to the reduction of hospitalizations in number and duration. It is a fact that many m-Health applications demand high availability of biomedical information from their users (for further accurate analysis, e.g. by fusion of various signals) to guarantee high quality of service, which on the other hand entails increasing the potential surfaces for attacks. Therefore, it is not surprising that security (and privacy) is commonly included among the most important barriers for the success of m-Health. As a non-functional requirement for m-Health applications, security has received less attention than other technical issues that were more pressing at earlier development stages, such as reliability, eficiency, interoperability or usability. Another fact that has contributed to delaying the enforcement of robust security policies is that guaranteeing a certain security level implies costs that can be very relevant and that span along diferent dimensions. These include budgeting (e.g. the demand of extra hardware for user authentication), performance (e.g. lower eficiency and interoperability due to the addition of security elements) and usability (e.g. cumbersome configuration of devices and applications due to security options). Therefore, security solutions that aim to satisfy all the stakeholders in the m-Health context (users/patients, medical staff, technical staff, systems and devices manufacturers, regulators, etc.) shall be robust and, at the same time, minimize their associated costs. This Thesis details a proposal, composed of four interrelated blocks, to integrate appropriate levels of security in m-Health architectures in a cost-efcient manner. The first block designes a global scheme that provides different security and interoperability levels accordingto how critical are the m-Health applications to be implemented. This consists ofthree layers tailored to the m-Health domains and their constraints, whose security countermeasures defend against the threats of their associated m-Health applications. Next, the second block addresses the security extension of those standard protocols that enable the acquisition, exchange and/or management of biomedical information | thus, used by many m-Health applications | but do not meet the security levels described in the former scheme. These extensions are materialized for the biomedical standards ISO/IEEE 11073 PHD and SCP-ECG. Then, the third block proposes new ways of enhancing the security of biomedical standards, which are the centerpiece of many clinical m-Health applications, by means of novel codings. Finally the fourth block, with is parallel to the others, selects generic security methods (for user authentication and cryptographic protection) whose integration in the other blocks results optimal, and also develops novel signal-based methods (embedding and keytagging) for strengthening the security of biomedical tests. The layer-based extensions of the standards ISO/IEEE 11073 PHD and SCP-ECG can be considered as robust, cost-eficient and respectful with their original features and contents. The former adds no attributes to its data information model, four new frames to the service model |and extends four with new sub-frames|, and only one new sub-state to the communication model. Furthermore, a lightweight architecture consisting of a personal health device mounting a 9 MHz processor and an aggregator mounting a 1 GHz processor is enough to transmit a 3-lead electrocardiogram in real-time implementing the top security layer. The extra requirements associated to this extension are an initial configuration of the health device and the aggregator, tokens for identification/authentication of users if these devices are to be shared and the implementation of certain IHE profiles in the aggregator to enable the integration of measurements in healthcare systems. As regards to the extension of SCP-ECG, it only adds a new section with selected security elements and syntax in order to protect the rest of file contents and provide proper role-based access control. The overhead introduced in the protected SCP-ECG is typically 2{13 % of the regular file size, and the extra delays to protect a newly generated SCP-ECG file and to access it for interpretation are respectively a 2{10 % and a 5 % of the regular delays. As regards to the signal-based security techniques developed, the embedding method is the basis for the proposal of a generic coding for tests composed of biomedical signals, periodic measurements and contextual information. This has been adjusted and evaluated with electrocardiogram and electroencephalogram-based tests, proving the objective clinical quality of the coded tests, the capacity of the coding-access system to operate in real-time (overall delays of 2 s for electrocardiograms and 3.3 s for electroencephalograms) and its high usability. Despite of the embedding of security and metadata to enable m-Health services, the compression ratios obtained by this coding range from ' 3 in real-time transmission to ' 5 in offline operation. Complementarily, keytagging permits associating information to images (and other signals) by means of keys in a secure and non-distorting fashion, which has been availed to implement security measures such as image authentication, integrity control and location of tampered areas, private captioning with role-based access control, traceability and copyright protection. The tests conducted indicate a remarkable robustness-capacity tradeoff that permits implementing all this measures simultaneously, and the compatibility of keytagging with JPEG2000 compression, maintaining this tradeoff while setting the overall keytagging delay in only ' 120 ms for any image size | evidencing the scalability of this technique. As a general conclusion, it has been demonstrated and illustrated with examples that there are various, complementary and structured manners to contribute in the implementation of suitable security levels for m-Health architectures with a moderate cost in budget, performance, interoperability and usability. The m-Health landscape is evolving permanently along all their dimensions, and this Thesis aims to do so with its security. Furthermore, the lessons learned herein may offer further guidance for the elaboration of more comprehensive and updated security schemes, for the extension of other biomedical standards featuring low emphasis on security or privacy, and for the improvement of the state of the art regarding signal-based protection methods and applications

Selected Papers from the First International Symposium on Future ICT (Future-ICT 2019) in Conjunction with 4th International Symposium on Mobile Internet Security (MobiSec 2019)

The International Symposium on Future ICT (Future-ICT 2019) in conjunction with the 4th International Symposium on Mobile Internet Security (MobiSec 2019) was held on 17–19 October 2019 in Taichung, Taiwan. The symposium provided academic and industry professionals an opportunity to discuss the latest issues and progress in advancing smart applications based on future ICT and its relative security. The symposium aimed to publish high-quality papers strictly related to the various theories and practical applications concerning advanced smart applications, future ICT, and related communications and networks. It was expected that the symposium and its publications would be a trigger for further related research and technology improvements in this field

DCT Implementation on GPU

There has been a great progress in the field of graphics processors. Since, there is no rise in the speed of the normal CPU processors; Designers are coming up with multi-core, parallel processors. Because of their popularity in parallel processing, GPUs are becoming more and more attractive for many applications. With the increasing demand in utilizing GPUs, there is a great need to develop operating systems that handle the GPU to full capacity. GPUs offer a very efficient environment for many image processing applications. This thesis explores the processing power of GPUs for digital image compression using Discrete cosine transform

Foundations of Software Science and Computation Structures

This open access book constitutes the proceedings of the 23rd International Conference on Foundations of Software Science and Computational Structures, FOSSACS 2020, which took place in Dublin, Ireland, in April 2020, and was held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2020. The 31 regular papers presented in this volume were carefully reviewed and selected from 98 submissions. The papers cover topics such as categorical models and logics; language theory, automata, and games; modal, spatial, and temporal logics; type theory and proof theory; concurrency theory and process calculi; rewriting theory; semantics of programming languages; program analysis, correctness, transformation, and verification; logics of programming; software specification and refinement; models of concurrent, reactive, stochastic, distributed, hybrid, and mobile systems; emerging models of computation; logical aspects of computational complexity; models of software security; and logical foundations of data bases.

The role of early life history in learning and retention of predator recognition by fish and amphibians

Predation risk is a major driver of evolution and ecology of animals. Predator avoidance is essential because failing to evade threats will result in injury or death. However, avoiding predators is costly because it means missing out on foraging and mating opportunities. To maximize opportunity, organisms must be able to perceive and assess threat levels, allowing them to avoid reducing activity when risk is minimal. Many aquatic organisms use injury-released “alarm” cues from conspecifics to detect a predation threat. They may learn to recognize predators from simultaneous exposures to alarm cues and a novel predator odour. Any other information that they can incorporate as they are learning may improve the accuracy with which they can predict the degree of threat in subsequent exposures. In this thesis, I explore embryonic and early learning of predator recognition by aquatic organisms. Using paired exposure to alarm cues and novel predator odours, I show that embryonic fish are not only able to learn to recognize predators, but can also do so in a threat-sensitive manner and from cues of closely-related heterospecific fish. I also demonstrate that the effect of a difference in age between the alarm cue producer and receiver varies between species and is situation-dependent. Specifically, newly-hatched rainbow trout respond equally to alarm cues from newly-hatched and six-month-old individuals at various concentrations. In contrast, although the scientific record shows that embryonic minnows hatch early in response to embryonic alarm cues, I found that they do not modify their hatching time in response to adult alarm cues. I also use learning exposures of paired alarm cues and predator odour at different early life stages to demonstrate that ontogeny has significant impacts on fish and tadpoles’ retention of learned predator information, whereby embryonic learners forget more slowly than slightly older larval conspecifics. I propose that embryonic learners may have increased cognitive plasticity as a result of a sensitive period in their development

Entropy in Image Analysis II

Image analysis is a fundamental task for any application where extracting information from images is required. The analysis requires highly sophisticated numerical and analytical methods, particularly for those applications in medicine, security, and other fields where the results of the processing consist of data of vital importance. This fact is evident from all the articles composing the Special Issue "Entropy in Image Analysis II", in which the authors used widely tested methods to verify their results. In the process of reading the present volume, the reader will appreciate the richness of their methods and applications, in particular for medical imaging and image security, and a remarkable cross-fertilization among the proposed research areas

DNA-Based Mimics of Membrane Proteins Lipid-DNA Interactions Determine Function

Nucleic acids, particularly DNA, are used as a nanoscale building material, due to their unique controllability via complementarity of base pairing. One of the potential applications of DNA nanotechnology is creating synthetic constructs mimicking function of membrane proteins. These natural molecular machines function embedded in the lipid bilayer. Similar membrane attachment of DNA-based structures is achieved by modifying the nucleic acid with hydrophobic anchors, most commonly cholesterol. Aiming at developing a fully functional and controllable synthetic membrane construct, the first step I undertook was to understand and utilize fundamental interactions between molecules: DNA, cholesterol and lipids. Instead of starting with a complicated DNA-based model mimicking protein architecture, here I have created a set of simple systems that allowed me to examine the major interactions between involved molecules. This work describes four aspects of the DNA-lipid systems that I have built and studied experimentally. Firstly, I have analysed the effects of membrane-spanning DNA duplex on the lipids’ arrangement in the pore and presented how this arrangement can be remodelled depending on the hydrophilicity of the DNA design. Secondly, I have looked at the same system from the opposite perspective - studied and prevented the distortion of the transmembrane DNA construct induced by the surrounding lipids. Thirdly, I have evaluated the importance of ions in mediating DNA-lipid interactions, reporting analysis of two electrostatic phenomena: screening and bridging. Finally, utilizing a nanoengineered four-helix structure, I discussed surfactant’s influence on DNA membrane insertion efficiency, showing that aggregation of the nanostructures is one of the major factors determining their spontaneous membrane-spanning. While the understanding of phenomena in minimalistic systems is crucial for further development of complex pore-forming constructs, here I showed that even simple DNA nanostructures, when rationally designed, can mimic functionality of natural membrane proteins.EPSRC; Winton Programme for the Physics of Sustainabilit

Foundations of Software Science and Computation Structures

This open access book constitutes the proceedings of the 23rd International Conference on Foundations of Software Science and Computational Structures, FOSSACS 2020, which took place in Dublin, Ireland, in April 2020, and was held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2020. The 31 regular papers presented in this volume were carefully reviewed and selected from 98 submissions. The papers cover topics such as categorical models and logics; language theory, automata, and games; modal, spatial, and temporal logics; type theory and proof theory; concurrency theory and process calculi; rewriting theory; semantics of programming languages; program analysis, correctness, transformation, and verification; logics of programming; software specification and refinement; models of concurrent, reactive, stochastic, distributed, hybrid, and mobile systems; emerging models of computation; logical aspects of computational complexity; models of software security; and logical foundations of data bases.

The Adaptable Growth of Seashells: Informing the Design of the Built Environment through Quantitative Biomimicry

Our current design philosophy in the creation and planning of our country’s infrastructure exudes an attitude of nonchalance that is incongruous with the significant impact the built infrastructure has on the natural environment. We are living through an era of obsolescence, in which structures are demolished thoughtlessly as they outgrow their ability to meet human demands. Obsolescence can be viewed as a “hazard” in the sense that this phenomenon is leaving swaths of buildings in unusable and undesirable conditions, lessening the quality of host locales, and polluting the environment with demolitions and the need for more construction resources. Designing our buildings to be adaptable to changing needs, rather than sufficient for predicted loads and functions, may help mitigate the amount of unnecessary demolitions. However, designing adaptably is not something we know how to do well; luckily, Nature has billions of years of experience that we can turn to. Biomimicry is a design approach that emulates Nature’s time-tested patterns and strategies for sustainable solutions to human challenges. While biomimicry has been used in many fields, applications in the built environment at the structures scale are scarce. Moreover, the examples that we do see are largely concerning thermal regulation. Even more troubling is how the popularization of biomimicry has led to frequent and misleading claims that qualitative, conceptual inspiration is inherently sustainable, given mere references of Nature. This project pairs infra/structural problems with natural solutions to bring these issues to attention in the civil engineering discipline. The spiraled shell of the Turritella terebra, a marine snail, is studied in this research to provide engineers with an example of how to use biomimicry in a comprehensive way. The spiraled gastropod shell demonstrates a simple form of adaptable growth, in which it is able to change its form through time to meet increases in its own performance demands. This project discusses how the snail’s environmental conditions influence its evolutionary traits through one of Nature’s principles (form follows function). The shell is mathematically characterized and structurally modeled to identify the functional roots responsible for its interesting resulting form. By pinpointing the emergent properties leading to adaptable growth, we create an opportunity to extract fundamental lessons of adaptability for application to the built environment. Shell samples of the T. terebra are experimentally tested with a structural engineering lens, and a finite element (FE) model of the shell is validated with these results. The FE model is then used to study parametric effects of ecological constraints—such as drag on the shell, fracture due to predators, and living space—to identify how adjustments to Nature’s design compare to reality. Many interesting findings about shell growth are discussed; however, comparisons to human structures are generalized into three main notions. The shell optimizes living convenience as it ages; the shell increases its external load capacity with age/length; and the data suggests that the snail undergoes a change in motivation for survival, or that its vulnerability to certain hazards changes with growth— none of which human structures demonstrate a capability of. Implications and future work of this project include drawing adaptability connections for use in structural design, designing for adaptability at city and regional scales, educating both practicing and student engineers about the opportunities of adaptability and biomimicry, perhaps incrementally improving 3D printing to include time as a fourth dimension, and grounding this work in the field of complexity science. This project aims to cultivate interest in biomimicry within the civil engineering community. This discussion of how to further develop biomimicry into a quantitative tool is provided with the hopes that engineers are convinced to consider adaptable lessons from Nature for sustainable solutions

Modes and mechanisms of hfq mediated stress regulation in bacteria

To survive bacteria must be able to respond to its ever-changing environmental conditions. sRNAs have been implicated in a variety of stress-response pathways that help bacterial systems modulate gene expression. The RNA binding protein Hfq facilities this process by, helping sRNA to base pair with its target mRNAs to initiate gene regulation. A common feature of Hfq-mediated gene regulation is the network-based organization where a single sRNA can control multiple messages to promote integrated response to stress. Current mechanistic models that are present to describe Hfq functions cannot explain the complexity at which Hfq performs gene regulation. In this work we have used a variety of biophysical, biochemical and biological approaches to understand the nature of Hfq interactions with target mRNAs