Luis Filipe Coelho Antunes
University of Porto
Network
Latest external collaboration on country level. Dive into details by clicking on the dots.
Publication
Featured researches published by Luis Filipe Coelho Antunes.
annual computer security applications conference | 2009
Ana Ferreira; David W. Chadwick; Pedro Farinha; Ricardo Correia; Gansen Zao; Rui Chilro; Luis Filipe Coelho Antunes
Access control models describe frameworks that dictate how subjects (e.g. users) access resources. In the Role-Based Access Control (RBAC) model access to resources is based on the role the user holds within the organization. RBAC is a rigid model where access control decisions have only two output options: Grant or Deny. Break The Glass (BTG) policies on the other hand are flexible and allow users to break or override the access controls in a controlled and justifiable manner. The main objective of this paper is to integrate BTG within the NIST/ANSI RBAC model in a transparent and secure way so that it can be adopted generically in any domain where unanticipated or emergency situations may occur. The new proposed model, called BTG-RBAC, provides a third decision option BTG, which grants authorized users permission to break the glass rather than be denied access. This can easily be implemented in any application without major changes to either the application code or the RBAC authorization infrastructure, apart from the decision engine. Finally, in order to validate the model, we discuss how the BTG-RBAC model is being introduced within a Portuguese healthcare institution where the legislation requires that genetic information must be accessed by a restricted group of healthcare professionals. These professionals, advised by the ethical committee, have required and asked for the implementation of the BTG concept in order to comply with the said legislation.
IEEE Transactions on Information Theory | 2012
Andreia Teixeira; Armando B. Matos; Luis Filipe Coelho Antunes
There is no generally accepted definition of conditional Rényi entropy. The (unconditional) Rényi entropy depends on a parameter α, which for the case of min-entropy takes the value ∞. Even for this particular case, there are several proposals for the definition of conditional entropy. This paper describes three general definitions of conditional Rényi entropy that were found or suggested in the literature. Their properties are studied and their values, as a function of α, are compared. The particular case of min-entropy is widely used in cryptography as a security parameter; this case is studied in some detail.
Entropy | 2011
Andreia Teixeira; Armando B. Matos; Andre Souto; Luis Filipe Coelho Antunes
Kolmogorov complexity and Shannon entropy are conceptually different measures. However, for any recursive probability distribution, the expected value of Kolmogorov complexity equals its Shannon entropy, up to a constant. We study if a similar relationship holds for R´enyi and Tsallis entropies of order α, showing that it only holds for α = 1. Regarding a time-bounded analogue relationship, we show that, for some distributions we have a similar result. We prove that, for universal time-bounded distribution mt(x), Tsallis and Renyi entropies converge if and only if α is greater than 1. We also establish the uniform continuity of these entropies.
International Journal of Medical Informatics | 2010
Ana Ferreira; Luis Filipe Coelho Antunes; David W. Chadwick; Ricardo Correia
PURPOSE The objective of this paper is to show that grounded theory (GT), together with mixed methods, can be used to involve healthcare professionals in the design and enhancement of access control policies to Electronic Medical Record (EMR) systems. METHODS The mixed methods applied for this research included, in this sequence, focus groups (main qualitative method that used grounded theory for the data analysis) and structured questionnaires (secondary quantitative method). RESULTS Results showed that the presented methodology can be used to involve healthcare professionals in the definition of access control policies to EMR systems and explore these issues in a diversified and integrated way. The methodology allowed for the generation of great amounts of data in the beginning of the study and in a short time span. Results from the applied methodology revealed a first glimpse of the theories to be generated and integrated, with future research, into access control policies. CONCLUSIONS The methodological research described in this paper is very rarely, if ever, applied in developing security tools such as access control. Nevertheless, it can be an effective way of involving healthcare professionals in the definition and enhancement of access control policies and in making information security more grounded into their workflows and daily practices.
conference on computational complexity | 2009
Luis Filipe Coelho Antunes; Lance Fortnow
Under a standard hardness assumption we exactly characterize the worst-case running time of languages that are in average polynomial-time over all polynomial-time samplable distributions. More precisely we show that if exponential time is not infinitely often in subexponential space, then the following are equivalent for any algorithm
international carnahan conference on security technology | 2008
Ana Ferreira; Ricardo Cruz-Correia; David W. Chadwick; Luis Filipe Coelho Antunes
A
descriptional complexity of formal systems | 2013
Francisco Mota; Scott Aaronson; Luis Filipe Coelho Antunes; Andre Souto
: \begin{itemize} \item For all
international conference on information theoretic security | 2009
Luis Filipe Coelho Antunes; Sophie Laplante; Alexandre Pinto; Liliana Salvador
\p
international carnahan conference on security technology | 2011
Maria João Campos; Manuel Correia; Luis Filipe Coelho Antunes
-samplable distributions
Theory of Computing Systems \/ Mathematical Systems Theory | 2017
Luis Filipe Coelho Antunes; Bruno Bauwens; Andre Souto; Andreia Teixeira
\mu