Prone Positioning for ARDS. still misunderstood and misused

Acute respiratory distress syndrome (ARDS) is a clinical syndrome characterized by a non-cardiogenic pulmonary edema with bilateral chest X-ray opacities and hypoxemia refractory to oxygen therapy and low level of positive end-expiratory pressure (1). Recently, a large observational study reported an ARDS prevalence of 10.4% of all ICU admissions and of 23.4% of all subjects receiving mechanical ventilation (2). Despite these alarming numbers, according to the most recent literature, ARDS is still under-recognized, undertreated, and associated with a mortality rate that in the most severe forms is close to 50% (2)

A standard-driven communication protocol for disconnected clinics in rural areas

The importance of the Electronic Health Record (EHR), which stores all healthcare-related data belonging to a patient, has been recognized in recent years by governments, institutions, and industry. Initiatives like Integrating the Healthcare Enterprise (IHE) have been developed for the definition of standard methodologies for secure and interoperable EHR exchanges among clinics and hospitals. Using the requisites specified by these initiatives, many large-scale projects have been set up to enable healthcare professionals to handle patients' EHRs. Applications deployed in these settings are often considered safety-critical, thus ensuring such security properties as confidentiality, authentication, and authorization is crucial for their success. In this paper, we propose a communication protocol, based on the IHE specifications, for authenticating healthcare professionals and assuring patients' safety in settings where no network connection is available, such as in rural areas of some developing countries. We define a specific threat model, driven by the experience of use cases covered by international projects, and prove that an intruder cannot cause damages to the safety of patients and their data by performing any of the attacks falling within this threat model. To demonstrate the feasibility and effectiveness of our protocol, we have fully implemented it

A symbolic semantics for a clculus for service-oriented computing

We introduce a symbolic characterisation of the operational semantics of COWS, a formal language for specifying and combining service-oriented applications, while modelling their dynamic behaviour. This alternative semantics avoids infinite representations of COWS terms due to the value-passing nature of communication in COWS and is more amenable for automatic manipulation by analytical tools, such as e.g. equivalence and model checkers. We illustrate our approach through a ‘translation service’ scenario

e-Health for Rural Areas in Developing Countries: Lessons from the Sebokeng Experience

We report the experience gained in an e-Health project in the Gauteng province, in South Africa. A Proof-of-Concept of the project has been already installed in 3 clinics in the Sebokeng township. The project is now going to be applied to 300 clinics in the whole province. This extension of the Proof-of-Concept can however give rise to security aws because of the inclusion of rural areas with unreliable Internet connection. We address this problem and propose a safe solution

A WSDL-Based Type System for WS-BPEL

We tackle the problem of providing rigorous formal foundations to current software engineering technologies for web services. We focus on two of the most used XML-based languages for web services: WSDL and WS-BPEL. To this aim, first we select an expressive subset of WS-BPEL, with special concern for modeling the interactions among web service instances in a network context, and define its operational semantics. We call ws-calculus the resulting formalism. Then, we put forward a rigorous typing discipline that formalizes the relationship existing between ws-calculus terms and the associated WSDL documents and supports verification of their compliance. We prove that the type system and the operational semantics of ws-calculus are ‘sound’ and apply our approach to an example application involving three interacting web services

On Properties of Policy-Based Specifications

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus become a crucial issue in the design of modern computing systems. Among the different access control approaches proposed in the last decades, the policy-based one permits to capture, by resorting to the concept of attribute, all systems' security-relevant information and to be, at the same time, sufficiently flexible and expressive to represent the other approaches. In this paper, we move a step further to understand the effectiveness of policy-based specifications by studying how they permit to enforce traditional security properties. To support system designers in developing and maintaining policy-based specifications, we formalise also some relevant properties regarding the structure of policies. By means of a case study from the banking domain, we present real instances of such properties and outline an approach towards their automatised verification.Comment: In Proceedings WWV 2015, arXiv:1508.0338

COWS: A Timed Service-Oriented Calculus

COWS (Calculus for Orchestration of Web Services) is a foundational language for Service Oriented Computing that combines in an original way a number of ingredients borrowed from well-known process calculi, e.g. asynchronous communication, polyadic synchronization, pattern matching, protection, delimited receiving and killing activities, while resulting different from any of them. In this paper, we extend COWS with timed orchestration constructs, this way we obtain a language capable of completely formalizing the semantics of WS-BPEL, the ‘de facto’ standard language for orchestration of web services. We present the semantics of the extended language and illustrate its peculiarities and expressiveness by means of several examples

On a Formal and User-friendly Linguistic Approach to Access Control of Electronic Health Data

The importance of the exchange of Electronic Health Records (EHRs) between hospitals has been recognized by governments and institutions. Due to the sensitivity of data exchanged, only mature standards and implementations can be chosen to operate. This exchange process is of course under the control of the patient, who decides who has the rights to access her personal healthcare data and who has not, by giving her personal privacy consent. Patients’ privacy consent is regulated by local legislations, which can vary frequently from region to region. The technology implementing such privacy aspects must be highly adaptable, often resulting in complex security scenarios that cannot be easily managed by patients and software designers. To overcome such security problems, we advocate the use of a linguistic approach that relies on languages for expressing policies with solid mathematical foundations. Our approach bases on FACPL, a policy language we have intentionally designed by taking inspiration from OASIS XACML, the de-facto standard used in all projects covering secure EHRs transmission protected by patients’ privacy consent. FACPL can express policies similar to those expressible by XACML but, differently from XACML, it has an intuitive syntax, a formal semantics and easy to use software tools supporting policy development and enforcement. In this paper, we present the potentialities of our approach and outline ongoing work

Modeling adaptation with a tuple-based coordination language

In recent years, it has been argued that systems and applications, in order to deal with their increasing complexity, should be able to adapt their behavior according to new requirements or environment conditions. In this paper, we present a preliminary investigation aiming at studying how coordination languages and formal methods can contribute to a better understanding, implementation and usage of the mechanisms and techniques for adaptation currently proposed in the literature. Our study relies on the formal coordination language Klaim as a common framework for modeling some adaptation techniques, namely the MAPE-K loop, aspect- and context-oriented programming

Towards Model-Driven Development of Access Control Policies for Web Applications

We introduce a UML-based notation for graphically modeling systems’ security aspects in a simple and intuitive way and a model-driven process that transforms graphical specifications of access control policies in XACML. These XACML policies are then translated in FACPL, a policy language with a formal semantics, and the resulting policies are evaluated by means of a Java-based software tool