Papers by Silvia Llorente
El proceso de conversion de las universidades europeas para converger en un unico Espacio Europeo... more El proceso de conversion de las universidades europeas para converger en un unico Espacio Europeo de Ensenanza Superior (EEES) esta provocando, entre otros, un cambio en el metodo de ensenanza. Entre estos cambios figura la creciente necesidad de incorporar herramientas de e-learning que den soporte al estudiante cuando se haya fuera del ambito universitario. En este articulo describimos nuestra experiencia, utilizando la intranet que ofrece la Facultat d'Informatica de Barcelona (FIB) en la asignatura Projecte de Sistemes Operatius (ProSO). El objetivo es el de proporcionar al alumno un entorno virtual para el seguimiento de la asignatura que complemente las clases presenciales. Esta experiencia ha resultado satisfactoria y se continua usando. Asimismo, proponemos una serie de funcionalidades que consideramos necesarias para apoyar de manera efectiva este tipo de cursos.
Studies in health technology and informatics, May 18, 2023
The MedSecurance project focus on identifying new challenges in cyber security with focus on hard... more The MedSecurance project focus on identifying new challenges in cyber security with focus on hardware and software medical devices in the context of emerging healthcare architectures. In addition, the project will review best practice and identify gaps in the guidance, particularly the guidance stipulated by the medical device regulation and directives. Finally, the project will develop comprehensive methodology and tooling for the engineering of trustworthy networks of inter-operating medical devices, that shall have security-for-safety by design, with a strategy for device certification and certifiable dynamic network composition, ensuring that patient safety is safeguarded from malicious cyber actors and technology "accidents".
Studies in health technology and informatics, May 18, 2023
Patients need mechanisms to integrate health information coming from different sources, including... more Patients need mechanisms to integrate health information coming from different sources, including personal devices. This would lead to Personalized Digital Health (PDH). HIPAMS (Health Information Protection And Management System) is a modular and interoperable secure architecture that helps in achieving this objective and building a Framework for PDH. The paper presents HIPAMS and how it supports PDH.
PubMed, 2019
Provision of security and privacy to genomic data is a key issue in current genomic information r... more Provision of security and privacy to genomic data is a key issue in current genomic information representation. Existing formats do not give a solution to these issues (or they provide a partial one), so new solutions are demanded. MPEG-G (ISO/IEC 23092, Genomic Information Representation) is an International Standard for the representation of genomic information being defined by the MPEG Committee (Moving Pictures Expert Group, ISO/IEC JTC1 SC29/WG11). We provide flexible protection to the information stored inside the MPEG-G format with a combination of security techniques and privacy rules.
F1000Research, 2019
jmpegg library provides MPEG-G files encoding/decoding features. The library is written in a pure... more jmpegg library provides MPEG-G files encoding/decoding features. The library is written in a pure java language without external dependencies. The library also supports conversion between MPEG-G and well-known genomic formats.
Studies in Health Technology and Informatics, 2020
Making data Findable, Accessible, Interoperable and Reusable (FAIR) is a good approach when data ... more Making data Findable, Accessible, Interoperable and Reusable (FAIR) is a good approach when data needs to be shared. However, security and privacy are still critical aspects. In the FAIRification process, there is a need both for de-identification of data and for license attribution. The paper analyses some of the issues related to this process when the objective is sharing genomic information. The main results are the identification of the already existing standards that could be used for this purpose and how to combine them. Nevertheless, the area is quickly evolving and more specific standards could be specified.
Methods of Information in Medicine
Background Privacy management is a key issue when dealing with storage and distribution of health... more Background Privacy management is a key issue when dealing with storage and distribution of health information. However, FAIR (Findability, Accessibility, Interoperability, and Reusability) principles when sharing information are in increasing demand in several organizations, especially for information generated in public-funded research projects. Objectives The two main objectives of the presented work are the definition of a secure and interoperable modular architecture to manage different kinds of medical content (xIPAMS [x, for Any kind of content, Information Protection And Management System] and HIPAMS [Health Information Protection And Management System]), and the application of FAIR principles to that architecture in such a way that privacy and security are compatible with FAIR. Methods We propose the concept of xIPAMS as a modular architecture, following standards for interoperability, which defines mechanisms for privacy, protection, storage, search, and access to health-re...
Studies in health technology and informatics, Nov 3, 2022
Medical data describe patient health information, both in healthy and disease conditions. In any ... more Medical data describe patient health information, both in healthy and disease conditions. In any case, health institutions need to ask for patient consent in order to provide their services. Patients usually give consent on a one-time basis, for a specific usage. Afterwards, if medical data usage is research, original patient consent does not apply and further consents should be required. On the other hand, provenance of medical data to verify the origin of health procedures is desirable, as digital health is increasing. We propose HIPAMS modular architecture to provide both provenance and dynamic consents for medical data as described in this paper.
Multimedia Tools and Applications, 2020
New genome sequencing technologies have simplified the generation of genomic data, making them mo... more New genome sequencing technologies have simplified the generation of genomic data, making them more common but in turn a likely target of attack. Security strategies have been devised such as restricting the amount of information that can be queried or using new encryption techniques. These solutions might not be enough if the entire file has to be shared, as the recipient might leak the accessible information. This contribution addresses this issue using watermarking. Each read in a genomic file is modified depending on its content and a secret key. This allows generating different watermarked instances of the original file. Each watermark acts as a fingerprint: if a leak occurs, the unique modifications of the instance points to who originated the unauthorized publication. Using the key, the modifications can be undone. This allows sharing a leak-discouraging version with which the relevance of a file can be assessed, and can be reversed to the original if needed.
Journal of Personalized Medicine
Genomic information is a very sensitive type of digital information as it not only applies to a p... more Genomic information is a very sensitive type of digital information as it not only applies to a person, but also to close relatives. Therefore, privacy provision is key to protecting genomic information from unauthorized access. It is worth noting that most of the current genomic information formats do not provide specific mechanisms by which to secure the stored information. In order to solve, among other things, the privacy provision issue, we proposed the GIPAMS (Genomic Information Protection And Management System) modular architecture, which is based on the use of standards such as ISO/IEC 23092 and a few GA4GH (Global Alliance for Genomics and Health) initiatives. Some of the GIPAMS modules have already been implemented, mainly based on ISO/IEC 23092 features, and we are conducting work on the complete version of the architecture, and other standards are also considered. One of the objectives of GIPAMS is to enable the management of different formats of genomic information in ...
Semantic Web, 2016
The MPEG-21 Media Contract Ontology (MCO), a part of the standard ISO/IEC 21000, is an ontology t... more The MPEG-21 Media Contract Ontology (MCO), a part of the standard ISO/IEC 21000, is an ontology to represent contracts dealing with rights on multimedia assets and intellectual property protected content in general. A core model provides the elements to describe the permissions, obligations and prohibitions exchanged in the clauses of a contract. Specific vocabulary is defined in a model extension to represent the most common rights and constraints in the audiovisual context. Design principles, a methodology and a comparative analysis are given, as well as the practical guidelines to use the standard. A thorough description of the contract creation workflow from an original contract is given, including a sample contract text, the RDF version, the detailed mapping of the most relevant clauses and the reconstructed version. A set of MCO-related tools is described, including (i) the reference software to create and edit MCO contracts; (ii) modules to identify, store, search, validate and deliver MCO contracts and (iii) a tool to convert between the akin Contract Expression Language (CEL) contracts and the MCO contracts and (iv) the actual use of MCO in the Rightsdraw family of services.
2012 IEEE Consumer Communications and Networking Conference (CCNC), 2012
ABSTRACT Controlling, protecting and managing access to multimedia content could be a difficult t... more ABSTRACT Controlling, protecting and managing access to multimedia content could be a difficult task if a system was not prepared for it. To solve this situation minimizing the impact on the existing system, we propose the use of a modular architecture which provides digital rights and privacy policies management features. It can be integrated just invoking some web service calls, depending on which services are needed. To show its use, we present several scenarios where we have successfully integrated it, like distribution of content for digital terrestrial television broadcasting and access to personal health information.
Signal Processing: Image Communication, 2014
MPEG-M is a suite of ISO/IEC standards (ISO/IEC 23006) that has been developed under the auspices... more MPEG-M is a suite of ISO/IEC standards (ISO/IEC 23006) that has been developed under the auspices of Moving Picture Experts Group (MPEG). MPEG-M, also known as Multimedia Service Platform Technologies (MSPT), facilitates a collection of multimedia middleware APIs and elementary services as well as service aggregation so that service providers can offer users a plethora of innovative services by extending current IPTV technology toward the seamless integration of personal content creation and distribution, e-commerce, social networks and Internet distribution of digital media.
Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 2012
New mobile devices (pda's, tablets) permit the implementation of new business models as they are ... more New mobile devices (pda's, tablets) permit the implementation of new business models as they are always connected and provide multimedia capabilities for capturing images, videos, music or even conversations. Together with an architecture for the secure management and distribution of multimedia content called MIPAMS, we propose a mobile business model with the implementation of a mobile application based on iOS (Apple operating system for mobile devices) for publishing added value content captured with a mobile device.
International Conference on Electronic Publishing, 2005
The Web contains many digital multimedia creations prepared for being consumed by final users. Ne... more The Web contains many digital multimedia creations prepared for being consumed by final users. Nevertheless, in many cases, these users need the appropriate rights to do so. Licenses and rights can be digitally associated to multimedia content, as well as to other metadata, like the author(s)' name(s), the date where it was produced, the time when it was created, its title, the person or organisation who owns exploitation rights, etc. The aim of the work presented in this paper is to find rights and licenses, among other metadata, in the Web, by using semantic web techniques. In case there is no license or it cannot be used by anyone (for instance, public domain license), we will try to find out the necessary information for getting a license, that is, the author, the rights owner or whoever who has the ability to provide us with a license over a digital content.
Studies in Health Technology and Informatics, 2015
Privacy provision is a key issue for successful secure access to patients' health information... more Privacy provision is a key issue for successful secure access to patients' health information. Current approaches do not always provide patients with the ability to define suitable rules to access to their information in a secure way. This paper presents an approach to give patients control over their information by means of external services. In this way, health information management and access control are kept independent and more secure.
Abstract: The use of electronic commerce is spreading day to day to reach environments that have ... more Abstract: The use of electronic commerce is spreading day to day to reach environments that have been rather unexplored until this moment, such as governments and administrations. More and more, administrations offer on-line services to the citizens of their countries or regions. It is becoming necessary to have a mechanism for the formal definition of these on-line electronic services (or e-services). Doing so, we would be able to automatically build systems capable to manage these new e-services. An important feature of e-services is that a workflow can be defined to control their development. These concepts do not only apply to e-government, but also to e-business and e-commerce in general. Early experience on the provision of professional e-services has helped us to take this approach. In this paper we present how e-services using workflow-based systems can be defined in a formal way with the target of building them automatically. For this purpose, we specify a method for expres...
Our main motivation for identifying the metadata present in a collaborative editing service was t... more Our main motivation for identifying the metadata present in a collaborative editing service was to offer it through electronic commerce, as we have previously done some work in the definition of electronic commerce of services. In this work we focused in controlling complex services with the help of a workflow [1] for offering them through electronic commerce. We have also identified the metadata present in complex services [2, 3] and now we want to go a step further by identifying metadata present in content generated by a specific complex service, collaborative editing of multimedia documents. To help us in doing this identification, we have taken the metadata defined in Learning Object Metadata (LOM) [4] as a starting point. In this paper, we show the selection and adaptation of this schema to our needs and also the use we make of this information in the collaborative editing service. The final result of this task should be a new schema, completely addressed to the collaborative ...
When content producers are forced to generate and manage content day after day (and, most of the ... more When content producers are forced to generate and manage content day after day (and, most of the time, in a hurry), as in the case of TV broadcasters, they have different priorities and requirements than other kinds of content providers. However, the requirement for content interchange through optimum content search is always there. The paper presents how the issue of interoperability of metadata and digital rights information is solved in a specific project, the XAC (Xarxa IP Audiovisual de Catalunya, Audiovisual IP Network of Catalonia), where producers of TV programmes are the main involved content owners. After an analysis of how these content providers manage metadata and rights information, a specific proposal fulfilling providers’ requirements and International Standards, the XAC Metadata Set (XAC-MS), is described. This is the basis for implementing a system for multimedia content interchange that could be extended to other kinds of multimedia publishing.
Uploads
Papers by Silvia Llorente