Multi-Factor graphical user authentication for web applications

Nowadays everybody uses web applications and need to protect their accounts with strong authentication methods. Following this need, this work research problems and solutions related with the authentication, specially concerning textual and graphical passwords. The common problem among the users is the difficulty remembering a textual password that is long and random-looking. Because of the visual aspect, graphical passwords are more easy to remember. This work proposes a recognition and recall based graphical authentication methods that can be used as a challenge to authenticate users. A security analysis is made to check the correctness of the proposed solution and how it minimizes the vulnerabilities of the authentication process. These analysis will enable us to implement these challenges in future work as an extension to authentication, authorization and accounting services, supporting a multi-factor authentication and combining theses challenges with others already available. The idea is to extend an authentication method on Apache Shiro to provide developers with a common framework to develop secure web application with strong authentication, authorization and accounting.Hoje em dia, as pessoas fazem uso de aplicações web e necessitam proteger as suas contas com métodos de autenticação forte. Considerando esta necessidade, este trabalho investiga os problemas e soluções de autenticação, especialmente relacionadas com palavras chave textuais e gráficas. Um problema comum dos utilizadores é a dificuldade de se lembrar de palavras chave textuais que sejam longas e pareçam criadas aleatoriamente. Devido ao aspeto visual, as palavras chave gráficas são mais fáceis de recordar. Este trabalho propõe métodos de autenticação gráfica baseados em reconhecimento e localização de pontos que podem ser utilizados como desafios de autenticação. É também efetuada uma análise de segurança aos métodos propostos por verificar a sua correção e que minimizam vulnerabilidades do processo de autenticação. Estes resultados permitirão, no futuro, implementar desafios de autenticação adicionais como uma extensão aos serviços de autenticação, autorização e contabilização, suportando autenticação multi-fator. A ideia será estender os métodos de autenticação do Apache Shiro para permitir os programadores desenvolverem, utilizando uma framework comum, aplicações web seguras com autenticação, autorização e contabilização

Secure data exchange in Industrial Internet of Things

The use of the Industrial Internet of Things (IoT) is widespread, working as an enabler to implement large, scalable, reliable, and secure industrial environments. Although existing deployments do not meet security standards and have limited resources for each component which leads to several security breaches, such as trust between components, partner factories, or remote-control. These security failures can lead to critical outcomes, from theft of production information to forced production stoppages, accidents, including physical and others. The combination of blockchain-based solutions with IIoT environments is gaining momentum due to their resilience and security properties. However, chain-structured classic blockchain solutions are very resource-intensive and are not suitable for power-constrained IoT devices. To mitigate the mentioned security concerns, a secure architecture is proposed using a structured asynchronous blockchain DAG (Directed Acyclic Graph) that simultaneously provides security and transaction efficiency for the solution. The solution was modelled with special details in the use cases and sequence diagrams. Security concerns were integrated from the start, and a threat model was created using the STRIDE approach to test the security of the proposed solution. As a result, a flexible solution was been developed that significantly reduces the attack vectors in IIoT environments. The proposed architecture is versatile and flexible, is supported by an extensive security assessment, which allows it to be deployed in a variety of customizable industrial environments and scenarios, as well as to include future hardware and software extensions.This work has been supported by FCT – Fundação para a Ciência e Tecnologia within the Project Scope: UIDB/05757/2020.info:eu-repo/semantics/publishedVersio

Analysis of the workforce Skills for the factories of the future

Industry 4.0 is promoting the digitisation of manufacturing sector towards smart and more efficient factories, seen worldwide as the fourth industrial revolution. However, its complete adoption strongly depends on the skills that existing workforce and future professionals can have in the different dimensions of this multidisciplinary vision, contributing to increase the digital maturity level of companies from the industrial sector. Additionally, new job profiles are emerging to face the implementation of these innovative approaches, which implies the need for the re-qualification and up-skilling of existing workforce, particularly focusing the digital skills. In this context, this paper analyses the gap and impact in the non-technical and technical skills required for the successful transition into digitisation, particularly across six manufacturing areas covering the collaborative robotics (cobots), additive manufacturing, mechatronics and machine automation, data analytics, cybersecurity and humanmachine interface.This work is part of the FIT4FoF project that has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement nº 820701.info:eu-repo/semantics/publishedVersio

Towards a secure data exchange in IIoT

Industrial Internet of Things (IIoT) plays a central role in the Fourth Industrial Revolution, with many specialists working towards implementing large scalable, reliable and secure industrial environments. However, existing environments are lacking security standards and have limited resources per component which results in various security breaches, e.g., trust in between the components, partner factories or remote control units with the system. Due to the resilience and its security properties, combining blockchain-based solutions with IIoT environments is gaining popularity. Despite that, chain-structured classic blockchain solutions are extremely resource-intensive and are not suitable for power-constrained IoT devices. To mitigate the referred security challenges, a secure architecture is proposed by using a DAG-structured asynchronous blockchain that can provide system security and transactions efficiency at the same time. Use-cases and sequence diagrams were created to model the solution. The achieved results are robust, supported by an extensive security evaluation, which foster future developments over the proposed architecture. Therefore, as the proposed architecture is generic and flexible, its deployment in diverse customized industrial environments and scenarios, as well as the incorporation of future hardware and software, is possible.info:eu-repo/semantics/publishedVersio

Deployment of a smart and predictive maintenance system in an industrial case study

Industrial manufacturing environments are often characterized as being stochastic, dynamic and chaotic, being crucial the implementation of proper maintenance strategies to ensure the production efficiency, since the machines? breakdown leads to a degradation of the system performance, causing the loss of productivity and business opportunities. In this context, the use of emergent ICT technologies, such as Internet of Things (IoT), machine learning and augmented reality, allows to develop smart and predictive maintenance systems, contributing for the reduction of unplanned machines? downtime by predicting possible failures and recovering faster when they occur. This paper describes the deployment of a smart and predictive maintenance system in an industrial case study, that considers IoT and machine learning technologies to support the online and real-time data collection and analysis for the earlier detection of machine failures, allowing the visualization, monitoring and schedule of maintenance interventions to mitigate the occurrence of such failures. The deployed system also integrates machine learning and augmented reality technologies to support the technicians during the execution of maintenance interventions.2411-78B2-7CDB | Pedro Miguel MoreiraN/

Using AR interfaces to support industrial maintenance procedures

Industries are becoming more and more digitized to better implement intelligent and predictive maintenance support systems, aligned with Industry 4.0, which requires the progressive digitization of data collection and processes. Maintenance interventions, in an evolving technological context, are increasingly more complex and difficult for technicians to perform. In these environments, the use of Augmented Reality (AR) to help assist and guide in the maintenance operations, can accomplish a considerable gain in productivity. AR allows to superimpose information objects in real scenes, such as text, images, audiovisuals, and 2D/3D model animations, making available contextual information about the process, based on location and perspective. This paper describes the design and implementation of a prototype augmented reality application to support maintenance tasks inside a metal stamping production unit, that produces components for the automotive sector. It aims to train and guide personnel during the maintenance operations, and offering an extra channel to reach expert help.2411-78B2-7CDB | Pedro Miguel MoreiraN/

Autenticação multi-factor gráfico para aplicações web

Nowadays, there is a current trend that leads people to use web applications, requiring additional concerns for the protection of their accounts with strong authentication methods. In this sense, this work researches the problems and solutions related with the authentication, specially concerning textual and graphical passwords. One common authentication problem is the difficulty users have in remembering textual passwords, especially when they are long and random-looking. In alternative, graphical passwords are easier to remember, because of their visual aspect. This work proposes a recognition and recall based graphical authentication methods that can be used in the challenge phase of user authentication. A security analysis is made to check the correctness of the proposed solution and how it minimizes the vulnerabilities of the authentication process. These analyses will enable us to implement these challenges in future work as an extension to authentication, authorization and accounting services, supporting a multi-factor authentication and combining these challenges with others already available. The idea is to extend an authentication method on Apache Shiro to provide developers with a common framework to develop secure web application with strong authentication, authorization and accounting.Hoje em dia, as pessoas recorrem, de forma crescente, à utilização de aplicações web, necessitando proteger as suas contas com métodos de autenticação forte. Considerando esta necessidade, este trabalho investiga os problemas e soluções de autenticação, especialmente relacionadas com palavras chave textuais e gráficas. Um problema comum dos utilizadores é a dificuldade de se lembrar de palavras chave textuais que sejam longas e pareçam criadas aleatoriamente. Por outro lado, as palavras chave gráficas são mais fáceis de recordar, devido ao aspeto visual. Este trabalho propõe métodos de autenticação gráfica baseados em reconhecimento e localização de pontos que podem ser utilizados como desafios de autenticação. É, também, efetuada uma análise de segurança aos métodos propostos por verificar a sua correção e que minimizam vulnerabilidades do processo de autenticação. Estes resultados permitirão, no futuro, implementar desafios de autenticação adicionais como uma extensão aos serviços de autenticação, autorização e contabilização, de forma a suportar autenticação multifator. A ideia será estender os métodos de autenticação do Apache Shiro para permitir os programadores desenvolverem, utilizando uma framework comum, aplicações web seguras com autenticação, autorização e contabilização.info:eu-repo/semantics/publishedVersio

Co-Occurrence of Familial Mediterranean Fever and Hematologic Malignancies: Case Report Series

Introduction: Familial Mediterranean Fever (FMF) is an autosomal recessive genetic disorder primarily found among individuals of Mediterranean descent, including Armenians, Italians, Greeks, Arabs, Turks and Jews. In the Armenian population, approximately 90% of FMF cases are associated with three main mutations (M694V, V726A, and M680I) in two alleles of MEFV gene, while more than 300 MEFV variants have been reported worldwide. The homozygous M694V genotype is associated with frequent renal failure due to amyloidosis. Clinical manifestations of FMF include periodic attacks of diffuse serositis with pain and fever that are treated with colchicine or biologic therapy. There is a scarcity of data on patients with FMF and hematologic malignancies. Limited data makes it difficult to generate evidence-based recommendations for the management of these patients, which is mostly based on expert opinions or few case reports. Here we report the case series of patients from Armenia with simultaneous presence of FMF and hematologic malignancies (FMFHM) and evaluate their management challenges. Methods: Data was collected from the Armenian National Registry of Blood Disorders, at the Hematology Center after Prof. R. Yeolyan, and through personal interviews conducted with each patient. Hematology Center is the only institution in Armenia managing hematologic malignancies. We have analyzed 8 patients diagnosed with both FMFHM during 2000-2020, treated in the pediatric (1 patient) and adult (7 patients) hematology departments. Results: 8 patients with FMFHM were identified, from which 4 were diagnosed with myeloproliferative neoplasms (MPN), 2 with acute leukemia (AL), and 2 with non-Hodgkin lymphoma (NHL). The median age of patients was 46, range 20-60 years. Only 5 (62.5%) of patients were regularly taking colchicine for FMF, while the rest refused it. Four MPN patients received treatment only with oral medications (tyrosine kinase inhibitors, hydroxyurea). Autologous hemopoietic stem cell transplantation (auto-HSCT) was performed in 1 NHL patient after indicated 1 st and 2 nd line immuno-chemotherapy. Another 2 AL patients and one NHL patient received protocol-based respective chemotherapy regimens. Moderate gastrointestinal (GI) complications (e.g., epigastric pain, nausea, vomiting, intestinal discomfort) was experienced by 7 (87.5%) patients. Allergic reactions (e.g., moderate skin rash, itching) were seen in 5 patient (62.5%), of which one developed severe anaphylactic shock. A patient with FMF and PMF had ischemic stroke caused by thrombi. Arterial hypertension occurred in 3 (37.5%). Only in one patient reduction of colchicine dosage was performed (1mg/day was reduced to 0.6mg/d), because of interaction with imatinib. The rest of patients received chemotherapy and colchicine treatment as indicated. All 8 patients are alive, 5 of them are in hematologic or molecular remission, two of which received concurrent colchicine treatment. One patient in remission developed renal failure due to FMF (colchicine was refused). Two patients with MPN treated with colchicine experienced disease stabilization. Conclusion: In conclusion, the concurrent appearance of FMFHM may potentially increase the risk of GI side effects, allergic complications, and arterial hypertension, however definitive conclusions require further investigations in larger patient cohorts. While the overall treatment responses were largely positive, the association between MEFV and HM mutations warrants deeper exploration to provide more precise drug administration recommendations for colchicine and cancer medications. Future studies in this area will contribute to a better understanding of the interplay between these conditions and guide optimal treatment strategies