Implementació d'un gestor de contrasenyes online

Aquest TFC proposa la implementació d'un gestor de contrasenyes online que ha de garantir unes funcionalitats mínimes de desar i recuperar contrasenyes alhora que ha de garantir la confidencialitat de les dades emmagatzemades al servidor.

Gestió de la informació d'interès d'un treballador autònom

L’objectiu principal d’aquest treball és fer un programa que permeti portar la informació que un treballador autònom li interessa, d’acord amb les seves necessitats. En el nostre cas es tracta d’un centre d’estètica, que té més d’una seu, el qual li interessa portar tota la cartilla de clients, centres associats, proveïdors ... a més de poder fer les factures corresponents als centres associats, poder calcular en el moment que en el treballador li interessi, els ingressos realitzats durant un període de temps determinat i poder portar una agenda actualitzada dels dos centres, on es mostren totes les visites que hi ha en un dia. Per tal de realitzar el programa, s’han portat a terme mitjançant dos aplicacions, i connectant-los en una base de dades. Per una banda tenim una aplicació implementada amb C++, per l’altra, una pàgina web amb PHP, finalment com a sistema gestor de base de dades utilitzem el MySQL Server. El programa fet amb C++, consta de tota la part d’entrada i/o modificacions de dades, en aquesta part només hi pot accedir el treballador autònom, ja que és la única persona que pot fer aquesta feina. En la pàgina web, hi pot accedir qualsevol persona que tingui un nom d’usuari i una contrasenya. A través de la web es pot fer qualsevol tipus de consulta, fer tot el control de les agendes, portar a terme tot el tema de facturació i ingressos, i com a excepció l’entrada de dades de clients, ja que s’ha de poder realitzar en qualsevol moment i lloc. Per acabar, tenim la necessitat de tenir un servidor, aquest ha d’estar format, mínim, per la base de dades. Com que l’aplicació amb C++ i la base de dades han d’estar ubicades al mateix lloc. A més, necessitem un servidor web per tal de tenir la nostra pàgina a la xarxa, per aconseguir això, utilitzem un programa anomenat DynDNS, que es fa servir per a convertir una IP dinàmica en una IP estàtica i d’aquesta manera convertir un ordinador qualsevol amb un servidor web.

Creació d'una botiga virtual i automatització dels albarans, factures i cobraments

L’augment de la utilització de les noves tecnologies a la nostra societat permet a les empreses arribar al client d’una forma més rapida i facilitant la informació de manera àgil i ordenada. Amb aquest objectiu s’ha creat una botiga virtual que serà la part visible als usuaris i clients de l’empresa PRINTONER S.L , dedicada al sector dels consumibles, especialment els reciclats. Per l’empresa un dels objectius principals és oferir al client la possibilitat de comprar els seus productes de manera còmode a través d’Internet, ja que accedint amb un nom d’usuari i una contrasenya podrà obtenir totes les referències de les que es disposa, podrà tramitar les comandes i controlar-ne l’estat fins el moment de l’entrega. A part de les seccions destinades a usuaris i clients s’ha creat una zona d’administració, on els responsables de l’empresa podran gestionar tots els productes, modificar i visualitzar les comandes. A més aprofitant que aquestes quedaran guardades a una base de dades juntament amb els productes venuts, s’integrarà el sistema de facturació de l’empresa, cosa que fins el moment es feia de manera manual i maldestre. També es programarà una part on els responsables podran insertar reparacions i vendes informàtiques que s’hagin de facturar o per fer-ne un us estadístic en un futur. Tot això ens portarà a implementar un sistema d’usuaris registrats amb diferents permisos i diferents nivells d’accés a l’aplicació, fins a un total de 5. S’ha intentat fer de l’aplicació, un sistema a mida i que compleixi tots els requisits que l’empresa ens ha demanat, amb la previsió que més endavant s’hi pugui implementar un sistema de gestió d’estocs i altres millores per oferir als seus clients un servei inigualable. Per tal de portar a terme tot aquest treball s’ha utilitzat una tecnologia de lliure distribució com és el llenguatge PHP i la base de dades MySQL, aquesta opció a part d’una filosofia es produeix per intentar minimitzar els costos de l’aplicatiu. La finalitat de l’empresa amb aquest projecte és oferir millor imatge i servei, efectivitat i rapidesa en tot el procés de vendes, així com reduir costos de facturació i també de publicitat, ja que es podrà potenciar molt més la pàgina web via internet.

Haemophilia registry of the medical committee of the Swiss Haemophilia Society. Update and annual survey 2009.

The Swiss Haemophilia Registry of the Medical Committee of the Swiss Haemophilia Society started in 1996 but was set as an internet-based, double password-protected facility in the year 2000. With the inclusion of patients' data from two new centres in 2009, we assume a coverage rate of about 90% of all patients with inherited bleeding disorders in our country. Data concerning the phenotype and genotype of the disorder, its severity, its therapy, the prevalence of inhibitors are readily available to the registered users, allowing quality control of haemophilia therapy at a national level, but also rapid care of the patient visiting the emergency room of another treatment centre. Basing on the available data, about two thirds of the WFH global survey can be answered; the mortality statistics shows that bleeding remains a cause of death in haemophiliacs, also in the 21th century. The Registry allows for comparisons with international datasets, especially with respect to treatment (prophylaxis vs. on-demand therapy), factor consumption and costs.

Goya's artwork imaging with Terahertz waves

In this paper we use a Terahertz (THz) time-domain system to image and analyze the structure of an artwork attributed to the Spanish artist Goya painted in 1771. The THz images show features that cannot be seen with optical inspection and complement data obtained with X-ray imaging that provide evidence of its authenticity, which is validated by other independent studies. For instance, a feature with a strong resemblance with one of Goya"s known signatures is seen in the THz images. In particular, this paper demonstrates the potential of THz imaging as a complementary technique along with X-ray for the verification and authentication of artwork pieces through the detection of features that remain hidden to optical inspection.

Detection and chemical profiling of medicine counterfeits by Raman spectroscopy and chemometrics

Raman spectroscopy combined with chemometrics has recently become a widespread technique for the analysis of pharmaceutical solid forms. The application presented in this paper is the investigation of counterfeit medicines. This increasingly serious issue involves networks that are an integral part of industrialized organized crime. Efficient analytical tools are consequently required to fight against it. Quick and reliable authentication means are needed to allow the deployment of measures from the company and the authorities. For this purpose a method in two steps has been implemented here. The first step enables the identification of pharmaceutical tablets and capsules and the detection of their counterfeits. A nonlinear classification method, the Support Vector Machines (SVM), is computed together with a correlation with the database and the detection of Active Pharmaceutical Ingredient (API) peaks in the suspect product. If a counterfeit is detected, the second step allows its chemical profiling among former counterfeits in a forensic intelligence perspective. For this second step a classification based on Principal Component Analysis (PCA) and correlation distance measurements is applied to the Raman spectra of the counterfeits.

A novel semi-fragile forensic watermarking scheme for remote sensing images

Peer-reviewed

A Secure and Anonymous Cooperative Sensing Protocol for Cognitive Radio Networks

Spectrum is an essential resource for the provision of mobile services. In order to control and delimit its use, governmental agencies set up regulatory policies. Unfortunately, such policies have led to a deficiency of spectrum as only few frequency bands are left unlicensed, and these are used for the majority of new emerging wireless applications. One promising way to alleviate the spectrum shortage problem is adopting a spectrum sharing paradigm in which frequency bands are used opportunistically. Cognitive radio is the key technology to enable this shift of paradigm.Cognitive radio networks are self-organized systems in which devices cooperate to use those spectrum ranges that are not occupied by licensed users. They carry out spectrum sensing in order to detect vacant channels that can be used for communication. Even though spectrum sensing is an active area of research, an important issue remains unsolved: the secure authentication of sensing reports. Not providing security enables the input of false data in the system thus empowering false results. This paper presents a distributed protocol based on wireless physical layer security, symmetric cryptography and one-way functions that allows determining a final sensing decision from multiple sources in a quick and secure way, as well as it preserves users¿ privacy.

Visualizing key authenticity: turning your face into your public key

La informació biomètrica s'ha convertit en una tecnologia complementària a la criptografia que permet administrar còmodament les dades criptogràfiques. Són útils dues necessitats importants: en primer lloc, posar aquestes dades sempre a mà i, a més, fent fàcilment identificable el seu legítim propietari. En aquest article es proposa un sistema que integra la signatura biomètrica de reconeixement facial amb un esquema de signatura basat en la identitat, de manera que la cara de l'usuari esdevé la seva clau pública i la ID del sistema. D'aquesta manera, altres usuaris poden verificar els missatges utilitzant fotos del remitent, proporcionant un intercanvi raonable entre la seguretat del sistema i la usabilitat, així com una manera molt més senzilla d'autenticar claus públiques i processos de distribució.

A Secure Cooperative Sensing Protocol for Cognitive Radio Networks

Cognitive radio networks sense spectrum occupancyand manage themselves to operate in unused bands without disturbing licensed users. Spectrum sensing is more accurate if jointly performed by several reliable nodes. Even though cooperative sensing is an active area of research, the secureauthentication of local sensing reports remains unsolved, thus empowering false results. This paper presents a distributed protocol based on digital signatures and hash functions, and ananalysis of its security features. The system allows determining a final sensing decision from multiple sources in a quick and secure way.

Study of isotopic variations in black powder: reflections on the use of stable isotopes in forensic science for source inference.

Isotope ratio mass spectrometry (IRMS) has recently made its appearance in the forensic community. This high-precision technology has already been applied to a broad range of forensic fields such as illicit drugs, explosives and flammable liquids, where current, routinely used techniques have limited powers of discrimination. The conclusions drawn from the majority of these IRMS studies appear to be very promising. Used in a comparative process, as in food or drug authentication, the measurement of stable isotope ratios is a new and remarkable analytical tool for the discrimination or the identification of a substance with a definite source or origin. However, the research consists mostly of preliminary studies. The significance of this 'new' piece of information needs to be evaluated in light of a forensic framework to assess the actual potential and validity of IRMS, considering the characteristics of each field. Through the isotopic study of black powder, this paper aims at illustrating the potential of the method and the limitations of current knowledge in stable isotopes when facing forensic problems.

Sähköisten reseptien hallinta

Sähköinen reseptijärjestelmä nykyisessä muodossaan sai alkunsa Sosiaali- ja terveysministeriön aloitteesta ja Kansaneläkelaitoksen toimesta vuoden 2001 aikana. Käytössä oleva kansallinen reseptipalvelin mahdollistaa potilaiden oikeudet muun muassa apteekin vapaaseen valintaan ja lääkkeiden suorakorvausmenetelmään. Sähköinen resepti pyritään integroimaan olemassa olevien potilasrekisterijärjestelmien yhteyteen, joten semanttisen webin tuomat teknologiat kuten Web-palvelut ja XML-pohjaiset kielet ovat tärkeässä asemassa reseptien hallinnassa. Tässä työssä pyritään esittämään sähköisen reseptijärjestelmän toimintaa ja sen mahdollistavia jo olemassa olevia tekniikoita. Esille tuodaan myös uusia lisäarvoa tuovia tekniikoita, kuten RDF(S)-kuvauskielet, jotka mahdollistavat muun muassa resepteihin kohdistuvat kyselyt ja täten uudet terveyspalvelut sekä potilaille että lääkäreille. Oleellista on tietenkin myös tietoturva, sillä organisaatioiden välillä resepteissä liikkuu arkaluontoisia tietoja. Turvallisuutta pyritään edistämään muun muassa sähköisillä allekirjoituksilla ja älykorttien avulla tapahtuvalla järjestelmään tunnistautumisella. Jotta sähköinen resepti toimisi tulevaisuudessakin halutulla tavalla ja mahdollistaisi lisäarvopalveluita, on siinä panostettava sisällön lisäksi senkuvaamiseen. Sisällön ja sen suhteiden tarkka määrittely auttaa muun muassa reseptikyselyjen tekemisessä, mikä onkin olennainen osa potilasturvallisuuden ylläpitoa. Kuvauskielien ja ontologioiden käyttö voi myös auttaa lääkehoidon määrittämisessä useiden erilaisten ja jatkuvasti lisääntyvien lääkkeiden viidakossa, kun lääkkeitä voidaan etsiä tietokannoista reseptin kirjoituksen yhteydessä.

ME - Mobile Electronic Personality

Digital services require personal information for a variety of reasons. Due to advances in communication technology, new types of services are evolving alongwith traditional Internet services. Due to the diversity of services, the traditional approaches to personal information handling designed for Internet services are inadequate. Therefore, new approaches are necessary. In this thesis, a solution where personal information is stored in and accessed from the user's mobile device is presented. This approach is called Mobile Electronic Personality (ME). The ME approach is compared to the existing approaches which rely on a database either at a service, a trusted third party or a client program. Various personal information properties are taken into account in the comparison of storage locations. The thesis presents both the internal and the communication architecture of the ME. The internal architecture defines how the information is stored in the mobile device. The communication architecture defines how the information can be accessed by different types of services from the ME. The use of the architecture is described for services in different environments. A simple ME based solution for the authentication of a user is defined. The authentication of service, which is required to protect the privacy of the users is also presented.

Automated monitoring of medical protocols: a secure and distributed architecture

The control of the right application of medical protocols is a key issue in hospital environments. For the automated monitoring of medical protocols, we need a domain-independent language for their representation and a fully, or semi, autonomous system that understands the protocols and supervises their application. In this paper we describe a specification language and a multi-agent system architecture for monitoring medical protocols. We model medical services in hospital environments as specialized domain agents and interpret a medical protocol as a negotiation process between agents. A medical service can be involved in multiple medical protocols, and so specialized domain agents are independent of negotiation processes and autonomous system agents perform monitoring tasks. We present the detailed architecture of the system agents and of an important domain agent, the database broker agent, that is responsible of obtaining relevant information about the clinical history of patients. We also describe how we tackle the problems of privacy, integrity and authentication during the process of exchanging information between agents.

Goya's artwork imaging with Terahertz waves

In this paper we use a Terahertz (THz) time-domain system to image and analyze the structure of an artwork attributed to the Spanish artist Goya painted in 1771. The THz images show features that cannot be seen with optical inspection and complement data obtained with X-ray imaging that provide evidence of its authenticity, which is validated by other independent studies. For instance, a feature with a strong resemblance with one of Goya"s known signatures is seen in the THz images. In particular, this paper demonstrates the potential of THz imaging as a complementary technique along with X-ray for the verification and authentication of artwork pieces through the detection of features that remain hidden to optical inspection.