Implementing mobile applications with the MIPAMS content management platform

New mobile devices (pda’s, tablets) permit the implementation of new business models as they are always connected and provide multimedia capabilities for capturing images, videos, music or even conversations. Together with an architecture for the secure management and distribution of multimedia content called MIPAMS, we propose a mobile business model with the implementation of a mobile application based on iOS (Apple operating system for mobile devices) for publishing added value content captured with a mobile device.Peer ReviewedPostprint (author’s final draft

Open DRM and the future of media

This article offers an analysis of the various methods for implementing interoperable digital rights management platforms.info:eu-repo/semantics/acceptedVersio

Rights and services interoperability for multimedia content management

The main goal of the work presented in this thesis is to describe the definition of interoperability mechanisms between rights expression languages and policy languages. Starting from languages interoperability, the intention is to go a step further and define how services for multimedia content management can interoperate by means of service-oriented generic and standardised architectures. In order to achieve this goal, several standards and existing initiatives will be analysed and taken into account. Regarding rights expression languages and policy languages, standards like MPEG-21 Rights Expression Language (REL), Open Digital Rights Language (ODRL) and eXtensible Access Control Markup Language (XACML) are considered. Regarding services for content management, the Multimedia Information Protection And Management System (MIPAMS), a standards-based implemented architecture, and the Multimedia Service Platform Technologies (MSPT), also known as MPEG-M standard, are considered. The contribution of this thesis is divided into two parts, one devoted to languages interoperability and the other one devoted to services interoperability, both addressed to multimedia content management. They are briefly described next. The first part of the contribution describes how MPEG-21 REL, ODRL and XACML can interoperate, defining the mapping mechanisms to translate expressions from language to language. The mappings provided have different levels of granularity, starting from a mapping based on a programmatic approach coming from high-level modelling diagrams done using Unified Modelling Language (UML) and Entity-Relationship (ER). The next level of mappings includes specific mappings between MPEG-21 REL and XACML and ODRL and XACML. Finally, a more general solution is proposed by using a broker. Part of this work was done in the context of the VISNET-II Network of Excellence and the AXMEDIS Integrated Project. The findings done prove the validity of the interoperability methods described. The second part of the contribution describes how to describe standards based building blocks to provide interoperable services for multimedia content management. This definition is based on the analysis of existing content management use cases, from the ones involving less security over multimedia content managed to the ones providing full-featured digital rights management (DRM) (including access control and ciphering techniques) to support secure content management. In this section it is also presented the work done in the research projects AXMEDIS, Musiteca and Culturalive. It is also shown the standardisation work done for MPEG-M, particularly on elementary services and service aggregation. To demonstrate the usage of both technologies a mobile application integrating both MPEG-M and MIPAMS is presented. Furthermore, some conclusions and future work is presented in the corresponding section, together with the refereed publications, which are briefly described in the document. In summary, the work presented can follow different research lines. On the one hand, further study on rights expression languages and policy languages is required as new versions of them have recently appeared. It is worth noting the standardisation of a contract expression language, MPEG-21 CEL, which has also to be further analysed in order to evaluate its interoperability with rights and policy languages. On the other hand, standard initiatives must be followed in order to complete the map of SB3's, considering MPEG standards and also other standards not only related to multimedia but also other application scenarios, like e-health or e-government

MPEG-M: A Digital Media Ecosystem for Interoperable Applications

MPEG-M is a suite of ISO/IEC standards (ISO/IEC 23006) that has been developed under the auspices of Moving Picture Experts Group (MPEG). MPEG-M, also known as Multimedia Service Platform Technologies (MSPT), facilitates a collection of multimedia middleware APIs and elementary services as well as service aggregation so that service providers can offer users a plethora of innovative services by extending current IPTV technology toward the seamless integration of personal content creation and distribution, e-commerce, social networks and Internet distribution of digital media

Specification and implementation of metadata for secure image provenance information

The booming of AI tools capable of modifying images has equipped fake media producers with strong tools in their arsenal. Complementary to the efforts of implementing fake media detectors, research organizations are designing a standardized way of describing the modification history of digital media in a cryptographically secure way, ensuring that this information cannot be tampered with. This thesis proposes a specification which focuses on JPEG images and specifies a data model based on the JPEG Universal Metadata Box Format (JUMBF) standard. Furthermore, it proposes the encryption of a subset of provenance metadata that could pose privacy-related risks to the users. Along with the specification, a library has been developed to manage provenance information of JPEG images. To that extent, a set of libraries that handle JUMBF information is required to be implemented. These libraries have been submitted as a proposed reference software contributing to the JUMBF standard

Handling confidentiality and privacy on cloud-based health information systems

Health-related data include not only the patient’s personal information, but also specific information about the patient health problems, supplementary diagnostic examination results, and much more. All this information is extremely sensitive and should only be accessed by the proper entities and actors, for special specific purposes. Described herein is an approach to address security and privacy of health-related data based on rights management technologies, with an architecture to minimize security risks and privacy conerns. This approach consists of the reutilisation of an open-source and open-specifications rights management system, and designing and adapting the necessary components to address the specific security and privacy requirements that must be faced when managing health and patient data.info:eu-repo/semantics/acceptedVersio

DRM and access control architectures interoperability

Digital objects are managed in a controlled way through the complete value chain by DRM systems. Access Control Frameworks manage access by users to resources. This paper presents a solution that enables users of both systems to work collaboratively. It is based on the definition of an interoperability Broker that provides users of both systems with transparent access and use of content taking into account users’ roles and content usage rules. It consists of modules that provide interoperability between digital rights and access control rules, between protected digital objects and digital resources and to manage the user’s roles in both systemsPostprint (published version

FAIR aspects of a health information protection and management system

Background: Privacy management is a key issue when dealing with storage and distribution of health information. However, FAIR (Findability, Accessibility, Interoperability, and Reusability) principles when sharing information are in increasing demand in several organizations, especially for information generated in public-funded research projects. Objectives: The two main objectives of the presented work are the definition of a secure and interoperable modular architecture to manage different kinds of medical content (xIPAMS [x, for Any kind of content, Information Protection And Management System] and HIPAMS [Health Information Protection And Management System]), and the application of FAIR principles to that architecture in such a way that privacy and security are compatible with FAIR. Methods: We propose the concept of xIPAMS as a modular architecture, following standards for interoperability, which defines mechanisms for privacy, protection, storage, search, and access to health-related information. Results: xIPAMS provides FAIR principles and preserves patient's privacy. For each module, we identify how FAIR principles apply. Conclusions: We have analyzed how xIPAMS, and in particular HIPAMS (Health content), support the FAIR principles focusing on security and privacy. We have identified the FAIR principles supported by the different xIPAMS modules, concluding that the four principles are supported. Our analysis has also considered a possible implementation based on the concept of DACS (Document Access and Communication System), a system storing medical documents in a private and secure way. In addition, we have analyzed security aspects of the FAIRification process and how they are provided by xIPAMS modules.The work presented in this article has been partially supported by the Spanish Government under the project: GenClinLab-Sec (Mechanisms for secure and efficient management of genomic information tailored to clinical laboratories: Security Aspects, PID2020-114394RB-C31) funded by MCIN/AEI/10.13039/501100011033 and by the Generalitat de Catalunya (2017 SGR 1749).Peer ReviewedPostprint (published version

Implementation of privacy and security for a genomic information system based on standards

Genomic information is a very sensitive type of digital information as it not only applies to a person, but also to close relatives. Therefore, privacy provision is key to protecting genomic information from unauthorized access. It is worth noting that most of the current genomic information formats do not provide specific mechanisms by which to secure the stored information. In order to solve, among other things, the privacy provision issue, we proposed the GIPAMS (Genomic Information Protection And Management System) modular architecture, which is based on the use of standards such as ISO/IEC 23092 and a few GA4GH (Global Alliance for Genomics and Health) initiatives. Some of the GIPAMS modules have already been implemented, mainly based on ISO/IEC 23092 features, and we are conducting work on the complete version of the architecture, and other standards are also considered. One of the objectives of GIPAMS is to enable the management of different formats of genomic information in a unique and interoperable way, providing privacy and security for formats that do not currently support them.This research has been partially supported by the Spanish Government under the project GenClinLab-Sec (Mechanisms for secure and efficient management of genomic information tailored to clinical laboratories: Security Aspects, PID2020-114394RB-C31) funded by MCIN/AEI/10.13039/ 501100011033 and by the Generalitat de Catalunya (2017 SGR 1749).Peer ReviewedPostprint (published version

pHealth 2021. Proc. of the 18th Internat. Conf. on Wearable Micro and Nano Technologies for Personalised Health, 8-10 November 2021, Genoa, Italy

Smart mobile systems – microsystems, smart textiles, smart implants, sensor-controlled medical devices – together with related body, local and wide-area networks up to cloud services, have become important enablers for telemedicine and the next generation of healthcare services. The multilateral benefits of pHealth technologies offer enormous potential for all stakeholder communities, not only in terms of improvements in medical quality and industrial competitiveness, but also for the management of healthcare costs and, last but not least, the improvement of patient experience. This book presents the proceedings of pHealth 2021, the 18th in a series of conferences on wearable micro and nano technologies for personalized health with personal health management systems, hosted by the University of Genoa, Italy, and held as an online event from 8 – 10 November 2021. The conference focused on digital health ecosystems in the transformation of healthcare towards personalized, participative, preventive, predictive precision medicine (5P medicine). The book contains 46 peer-reviewed papers (1 keynote, 5 invited papers, 33 full papers, and 7 poster papers). Subjects covered include the deployment of mobile technologies, micro-nano-bio smart systems, bio-data management and analytics, autonomous and intelligent systems, the Health Internet of Things (HIoT), as well as potential risks for security and privacy, and the motivation and empowerment of patients in care processes. Providing an overview of current advances in personalized health and health management, the book will be of interest to all those working in the field of healthcare today