Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
CURRICULUM VITAE
Ana Margarida Leite de Almeida Ferreira
June 2020
ÍNDICE
I. PERSONAL DATA ............................................................................................ 5
II. CURRICULAR SYNTHESIS ................................................................................ 7
III. ACADEMIC EDUCATION ................................................................................. 9
IV. SCIENTIFIC ACTIVITY .................................................................................... 11
A. SCIENTIFIC PRODUCTION .................................................................................................. 12
B. INSERTION IN THE SCIENTIFIC COMMUNITY .................................................................... 22
C. ACTIVITY IN SCIENTIFIC PROJECTS .................................................................................... 30
V. PEDAGOGICAL ACTIVITY .............................................................................. 36
A. LECTURING ACTIVITY......................................................................................................... 37
B. PEDAGOGICAL MATERIAL ................................................................................................. 38
C. SUPERVISION ACTIVITIES .................................................................................................. 40
VI. EMPLOYMENT .............................................................................................. 44
A. EMPLOYMENT ................................................................................................................... 45
B. PRODUCT DEVELOPMENT ................................................................................................. 47
C. OTHERS ............................................................................................................................. 48
VII. CONTINUOUS EDUCATION .......................................................................... 49
A. NON-ACADEMIC EDUCATION ........................................................................................... 50
B. TECHNICAL PROFICIENCY .................................................................................................. 53
C. LANGUAGES ...................................................................................................................... 53
VIII. OTHER INFORMATION ................................................................................. 54
4
I. PERSONAL DATA
I. PERSONAL DATA
6
NAME Ana Margarida Leite de Almeida Ferreira
NATIONALITY Portuguese
EMAIL [email protected]
WEBPAGE http://users.med.up.pt/amlaf/
PROFESSIONAL ACTIVITY IT Specialist
Faculty of Medicine, University of Porto
PROFESSIONAL ADDRESS Faculdade de Medicina, Universidade do Porto.
Rua Dr. Plácido da Costa, s/n, 4200 - 319 Porto,
Portugal
Tel: (+351) 22 042 6964
Ext: 26964
II. CURRICULAR SYNTHESIS
II. CURRICULAR SYNTHESIS
8
Ana is currently a full-time researcher, for the next five years (01/2017 - 12/2021), within
a self-proposed project, entitled “TagUBig-Taming your Big data” and accepted for
funding in the ambit of Programa Investigador FCT 2015 – Starting Grant (Portuguese
Science Foundation).
She is an IT specialist at the Informatics’ Service, at the Faculty of Medicine, University
of Porto, Portugal, since 2004 (currently on a no paid leave).
Ana is a member of the Centre for Health Technologies and Services’ Research
(CINTESIS) from the University of Porto, since 2007, and has successfully participated as
a researcher in: 3 internationally funded projects (2 European and the other from
Luxembourg), 5 projects funded by the Portuguese Science Foundation (FCT) and 6 other
national projects funded by other entities. She is the author of 100 scientific
publications (50 as a first author), 81 of which are indexed in Thomson Reuters and/or
Scopus databases, with an ISI h-index of 9 and a SCOPUS h-index of 13.
Ana has a Post-doc from the SnT – Interdisciplinary Centre for Security, Reliability and
Trust, at the University of Luxembourg, within the research project entitled: Socio-
Technical Aspects in Security and Trust (STAST), from FNR - Fondation Nationale de
Rechérche, since 2015, a joint supervision PhD in Computer Science from the
Universities of Porto (Faculty of Science) and Kent, UK, since 2010, and detains an MSc
in Information Security, with Distinction, from Royal Holloway, University of London,
UK, since 2002.
She is currently responsible for 2 curricular units of the Health Data Science (HEADS)
Doctoral Program at the Faculty of Medicine, University of Porto. She has experience in
teaching various medical informatics’ subjects to undergraduate and postgraduate
students from the Medicine course, at the same University, where she has created the
module of information security for healthcare systems, together with the corresponding
materials, which is being taught there since 2003.
She obtained 8 scholarships to support her academic education (5 for the PhD, 1 for the
Post-doc and 2 for participation in USA conferences), 1 distinction and 11 prizes: (1) a
Best Student Paper Award – HEALTHINF2019, (2) a Best communication award at 4th IPLeiria
Int Health Congress 2018, (3) a Best poster award at ICEIS2018, (4) SPAIC – ASTRAZENECA 2017
– FRASIS – Monitorização da função respiratória na asma utilizando os sensores integrados do
smartphone, (5) & (6) two Best paper awards at ICISSP2019 and Human Computer Interaction
International 2015, (7) an honourable mention of the prize Ensaio CNPD2012, (8) the 1st place
in the Fraunhofer Portugal Challenge: “Research for Practical Use”, PhD category, in October
2010, (9) the prize Fernandes Costa with "ICU: Informação Clínica do Utente", in 2005, (10) the
prize "Hospital do Futuro", for the best e-government initiative in Healthcare, in 2004/2005,
and (11) “Jorge Manuel de Jesus Rodrigues”. Pharmaceutical and chemical products’
wholesalers. Best student of the area of Informatics’ at Oliveira Martins High School. Academic
year of 1992/93.
Also, Ana is a CISSP - Certified Information Systems Security Professional, since 2004,
and a HCISPP – Healthcare Information Security and Privacy Practicioner, since 2018.
III. ACADEMIC EDUCATION
III. ACADEMIC EDUCATION
10
Nov2012 - Fev2015 Post-doc position as a research associate at the Interdisciplinary Centre for Security, Reliability and Trust – SnT, University of Luxembourg, in the STAST – Socio-Technical Aspects of Security and Trust, project funded by FNR – Fonds National de la Recherche du Luxembourg. Member and collaborator of COSA – Institute of Cognitive Science and Assessment Group, at the same University.
2006 – 2010 PhD in Computer Science, joint supervision between the Universities of Porto (Portugal) and Kent (UK), with the thesis entitled: Modelling Access Control for Healthcare Information systems: how to control access through policies, human processes and legislation.
2001 – 2002 MSc in Information Security, at Royal Holloway, University of London, UK. Dissertation entitled: Electronic Patient Record Security. (with Distinction).
1994 – 1998 Licenciatura (similar to BSc) in Computer Science, Faculty of Science, University of Porto. Training project entitled: Development of graphical interfaces for the Web. Biostatistics’ module from the subject of Introduction to Medicine, from the Medicine course at Faculty of Medicine, University of Porto.
1993 – 1994 12th year – subjects: Mathematics, Physics and Descriptive Geometry at Secondary School Alexandre Herculano, Porto, Portugal.
1989 – 1993 11th Year – domain of informatics at Secondary School Oliveira
Martins, Porto, Portugal.
IV. SCIENTIFIC ACTIVITY
IV. SCIENTIFIC ACTIVITY
12
A. SCIENTIFIC PRODUCTION
This section presents a complete list of publications for Ana Ferreira, organized by: (1) list of
publications indexed in THOMSON REUTERS and/or SCOPUS, each with the number of citations and
impact factor, if applicable; and (2) list of non-indexed publications. All publications are ordered
chronologically, according to the type of publication (i.e., journal, conference proceedings, book
chapter and poster).
1. METRICS OF CITATIONS - ISI, SCOPUS AND GOOGLE SCHOLAR
- THOMSON REUTERS (http://www.researcherid.com/rid/H-8666-2013) (16/06/2020)
IV. SCIENTIFIC ACTIVITY
13
SCOPUS (Author ID: 56213849200) (16/06/2020)
- GOOGLE SCHOLAR (https://scholar.google.pt/citations?user=xDSzrhcAAAAJ&hl=en) (16/06/2020)
IV. SCIENTIFIC ACTIVITY
14
2. PUBLICATIONS INDEXED IN THOMSON REUTERS AND/OR SCOPUS, WITH
CITATIONS
Journals
1. Teles, S., Napolskij, M. S., Paúl, C., Ferreira, A., & Seeher, K. (2020). Training and support for
caregivers of people with dementia: The process of culturally adapting the World Health
Organization iSupport programme to Portugal. Dementia, 147130122091033.
doi:10.1177/1471301220910333. [SCOPUS][ISI][IF:2.238]
2. Teles, S., Zincke, R., Napolskij, M., Ferreira, A., Paúl, C. iSupport-Portugal: Adapting an
evidence-based online intervention for dementia caregivers to a different culture.
Alzheimer’s & Dementia. [IF: 14.423] (Abstract) (In Press).
3. Teles, S., Ferreira, A., Seeher, K., Fréel, S. & Paúl, C. (2020). Online training and support
program (iSupport) for informal dementia caregivers: protocol for an intervention study in
Portugal. BMC Geriatrics 20 (1), 10. doi:10.1186/s12877-019-1364-z.
[SCOPUS:2][ISI:3][IF:2.02]
4. Pedro Moura, Paulo Fazendeiro, Pedro Inácio, Pedro Vieira-Marques, Ana Ferreira.
Assessing Access Control Risk for mHealth: A Delphi Study to Categorize Security of Health
Data and Provide Risk Assessment for Mobile Apps. Journal of Healthcare Engineering
2020(1): 1-14. [SCOPUS][ISI][IF:1.295]
5. Teles, S., Sousa, R. T., Abrantes, D., Bertel, D., Ferreira, A., and Paúl, C. (2019). Bridging the
gap between technology and older adults: insights from a collaborative workshop on R&D
methodologies for Ambient Assisted Living solutions. Journal of Reliable Intelligent
Environments, 5 (4), 195–207. [SCOPUS]
6. Ferreira A, Teles S and Vieira-Marques P. SoTRAACE for smart security in Ambient Assisted Living. Journal of Ambient Intelligence and Smart Environments, vol. 11, no. 4, pp. 323-334. IOS Press. 2019. [SCOPUS:2][ISI] [IF:1.186]
7. Ferreira A; Teles S. Persuasion: How phishing emails can influence users and bypass security measures. International Journal of Human Computer Studies, 2019. 125, pp. 19-31. [SCOPUS:5[ISI:2][IF: 2.006]
8. Teles S., Ferreira A., Bertel, D., & Sousa, R.T. (2019). Market implementation and end users’
adoption of Ambient Assisted Living solutions: a literature review. BMC Health Services
Research 2019 13(Suppl 5):5. ISSN: 1753-6561. [IF:1.932] (Abstract)
9. Sa-Sousa, A; Fonseca, JA; Pereira, AM; Ferreira, A; Arrobas, A; et al. The Portuguese Severe Asthma Registry: Development, Features, and Data Sharing
Policies. Biomed Research International, 2018. DOI: 10.1155/2018/1495039. [ISI] [SCOPUS:1][IF: 2.197]
10. Jácome, Cristina; Ferreira, A; et al. MINSPIRERS – Feasibility of a mobile application to measure and improve adherence to inhaled controller medications among adolescents and adults with persistent asthma: Protocol for a multicentre observational study. Rev Port Imunoalergologia, 2018. 26(1): 47-61. [SCOPUS:3]
11. Mariana Couto, Rute Almeida, Cristina Jácome, Luís Conceição, Ana Ferreira, Pedro Marques, Ana Almeida, Rita Amaral, Ana Sá -Sousa, Constantino Martins, Tiago Jacinto, Mariana Pereira, Bernardo Pinho, Pedro Pereira Rodrigues, Alberto Freitas, Goreti Marreiros, Altamiro Costa Pereira, Susana Caldas Fonseca. FRASIS – Respiratory function monitoring in asthma using embedded smartphone sensors. Rev Port Imunoalergologia, 2018. 26 (4): 273-283. [SCOPUS:2]
IV. SCIENTIFIC ACTIVITY
15
12. Soraia Teles, Ana Ferreira, Pedro Vieira-Marques, Diotima Bertel, Constança Paúl, Andrea Ch. Kofler. Trust Requirements for the Uptake of Ambient Assisted Living Digital Advisory Services. BMC Health Research Services, 2018. 18(2): 684. [IF: 1.932] (Abstract)
13. Ricardo J Cruz-Correia, Isabel Boldt, Luis Lapão, Cátia Santos-Pereira, Pedro P Rodrigues, Ana M Ferreira and Alberto Freitas. Analysis of the quality of Hospital Information Systems audit trails. BMC Medical Informatics and Decision Making, 2013. 13: 84. DOI: 10.1186/1472-6947-13-84. [ISI:11][SCOPUS:14][IF: 2.067]
14. Ferreira A, Antunes L, Chadwick D, Cruz-Correia R. Grounding Information Security in Healthcare. International Journal of Medical Informatics, 2010. 79(4): 268-283. DOI: 10.1016/j.ijmedinf.2010.01.009. [ISI:13][SCOPUS:14][IF: 3.210]
15. Cruz-Correia RJ, Vieira-Marques PM, Ferreira AM, Almeida FC, Wyatt JC, Costa-Pereira AM. Reviewing the integration of patient data: how systems are evolving in practice to meet patient needs. BMC Medical Informatics and Decision Making, 2007. 7(1): p. 14. DOI: 10.1186/1472-6947-7-14. [ISI:39][SCOPUS:54][IF: 2.067]
16. Cruz-Correia R, Vieira-Marques P, Costa P, Ferreira A, Oliveira-Palhares E, Araújo F, Costa-Pereira A. Integration of Hospital data using Agent Technologies – a case study. AICommunications special issue of ECAI, 2005. 18(3): 191-200. [ISI:46][SCOPUS:58] [IF:0.765]
17. Ferreira A, Cruz-Correia R, and Costa-Pereira A. Teaching information security to medical students. Technology and Health Care. 2005. 13(5): 389-90. [SCOPUS] [IF:0.787]
Protocols (repeated from the list above)
18. Cristina Jácome, Rui Guedes, Rute Almeida, João Fonseca Teixeira, Bernardo Pinho, Pedro Vieira-Marques, Rita Vilaça, José Fernandes, Ana Ferreira, Mariana Couto, Tiago Jacinto, Altamiro da Costa Pereira, João Almeida Fonseca. Protocolo de um estudo observacional multicêntrico, mINSPIRERS - Estudo da exequibilidade de uma aplicação móvel para medição e melhoria da adesão à medicação inalada de controlo em adolescentes e adultos com asma persistente. Revista Portuguesa de Imunoalergologia. 2018. [SCOPUS]
Proceedings of international conferences and book chapters
19. Ana Ferreira, Soraia Teles, Rui Chilro, Milaysis Sosa-Napolskij. Netphishing: network and
linguistic analysis of phishing email subject lines. ICEIS2020 – 22nd International Conference
on Enterprise Information Systems. 2020. (In Press).
20. Ana Ferreira. GDPR: What’s in a year (and a half)? ICEIS2020 – 22nd International Conference
on Enterprise Information Systems. 2020. (In Press).
21. Rafael Almeida, Pedro Vieira-Marques, Ana Ferreira. Patients to mobilize their data: secure
and flexible mHealth delegation. ICISSP2020 – 6th International Conference on Informations
Systems Security and Privacy. 2020. 552-560. [SCOPUS]
22. Dayana Spagnuelo, Ana Ferreira and Gabriele Lenzini. Transparency Enhancing Tools and
the GDPR: Do they Match? Springer 2020 (In Press) (Book Chapter).
23. Teles S., Paúl C., Ferreira A.M. (2020) Internet Use Among Informal Caregivers of People
with Dementia: Results of an Online Survey. In: García-Alonso J., Fonseca C. (eds)
Gerontechnology. IWoG 2019. Communications in Computer and Information Science, vol
1185 CCIS, 44-55. Springer, Cham. [SCOPUS] (Book Chapter)
IV. SCIENTIFIC ACTIVITY
16
24. Muchagata J., Vieira-Marques P., Teles S., Abrantes D., Ferreira A. (2020) Secure
Visualization When Using Mobile Applications for Dementia Scenarios. In: Ahram T.,
Karwowski W., Pickl S., Taiar R. (eds) Human Systems Engineering and Design II. IHSED 2019.
Advances in Intelligent Systems and Computing, vol 1026, 318-324. Springer, Cham.
[SCOPUS]
25. Ferreira A., Almeida R., Muchagata J. (2020) How Secure Is Your Mobile Health?. In:
Henriques J., Neves N., de Carvalho P. (eds) XV Mediterranean Conference on Medical and
Biological Engineering and Computing – MEDICON 2019. MEDICON 2019. IFMBE
Proceedings, vol 76: 1377-1385. Springer, Cham. [SCOPUS]
26. Ana Ferreira, Pedro Vieira-Marques, Rute Almeida, José Fernandes and João Fonseca. How
inspiring is your app: a usability take on an app for asthma medication adherence. 11th
International Conference on e-Health. 2019. pp. 225-229. [SCOPUS]
27. Joana Muchagata, Pedro Vieira-Marques and Ana Ferreira. mHealth Applications: can
User-adaptive Visualization and Context Affect the Perception of
Security and Privacy? 21st international Conference on Enterprise Information Systems –
ICEIS2019. pp. 444-451. [SCOPUS]
28. Joana Muchagata and Ana Ferreira. Visual Schedule: a Mobile Application
for Autistic Children - Preliminary Study. 21st international Conference on Enterprise
Information Systems – ICEIS2019. pp. 452-459. [SCOPUS:1]
29. Dayana Spagnuelo, Ana Ferreira and Gabriele Lenzini. Accomplishing Transparency within
the General Data Protection Regulation. ICISSP2019 - 5th International Conference on
Information Systems Security and Privacy. Pp 114-125. [SCOPUS] Best Paper Award.
30. Joana Muchagata and Ana Ferreira. Mobile apps for people with dementia: Are they
compliant with the general data protection regulation (GDPR)? HEALTHINF2019 - 12th
International Joint Conference on Biomedical Engineering Systems and Technologies. Pp 68-
77. [SCOPUS:1]
31. Sandra Reis, Ana Ferreira, Pedro Marques and Ricardo Cruz-Correia. Usability study of a tool
for patients’ access control to their health data. HEALTHINF2019 - 12th International Joint
Conference on Biomedical Engineering Systems and Technologies. Pp. 94-102. [SCOPUS]
Best Student Paper Award.
32. Ana Ferreira and Joana Muchagata. TagUBig-Taming Your Big Data. Proceedings of the 52nd International Carnahan Conference on Security Technology, ICCST 2018. Pp. 222-226. [ISI] [SCOPUS]
33. Joana Muchagata and Ana Ferreira. Translating GDPR into the mHealth practice. Proceedings of the 52nd International Carnahan Conference on Security Technology, ICCST 2018. Pp. 232-236. [ISI] [SCOPUS:1]
34. Ana Ferreira. Why ransomware needs a human touch. Proceedings of the 52nd International Carnahan Conference on Security Technology, ICCST 2018. Pp. 237-241. [ISI] [SCOPUS:2]
35. Reis, Sandra; Ferreira, Ana; Vieira-Marques, Pedro; et al. Do patients want to know who
accesses their personal health information?: A questionnaire to university students. Iberian
Conference on Information Systems and Technologies, CISTI 2018. Pp. 1-6. [ISI] [SCOPUS:1]
36. Joana Muchagata and Ana Ferreira. How can visualization affect security? 20th International Conference on Enterprise Information Systems. 2018. 2: 503-510. [SCOPUS:6]. Best Poster Award.
IV. SCIENTIFIC ACTIVITY
17
37. Ana Ferreira and Pedro Marques. Phishing through time: a ten year story based on abstracts. 4th International Conference on Information Systems Security and Privacy. 2018. Vol. 1, 225-232. [SCOPUS:3]
38. Cristina Jácome, Rute Almeida, João Pedro Teixeira, Pedro Vieira-Marques, Rita Vilaça, José Manuel Fernandes, Ana Ferreira and João Almeida Fonseca. INSPIRERS: AN APP TO MEASURE AND IMPROVE ADHERENCE TO INHALED TREATMENT. 9th International Conference on eHealth. 2017. 135-139. [SCOPUS:7]
39. Pedro Moura, Paulo Fazendeiro, Pedro Marques, Ana Ferreira. SoTRAACE - Socio-technical risk-adaptable access control model. Proceedings of the 51st IEEE Carnahan Conference on Security Technology (ICCST). 2017. Pp. 1-6. [ISI:4] [SCOPUS:8]
40. Ana Ferreira and Rui Chilro. What to phish in a subject? Financial Cryptography and Data Security - 10323 LNCS. 2017. 597-609. [SCOPUS:2]
41. Ana Ferreira and Gabriele Lenzini. Comparing and Integrating Break-the-Glass and Delegation in Role-based Access Control for Healthcare. ICISSP2016 - 2nd International Conference on Information Systems Security and Privacy. 1: 63-73. [SCOPUS]
42. Ana Ferreira. Persuasion in Scams. Understanding Social Engineering Based Scams. Markus Jakobsson, PhD (Editor). ISBN 978-1-4939-6457-4, 2016. 29-47. [SCOPUS:11] (Book Chapter)
43. Ana Ferreira, Jean-Louis Huynen, Gabriele Lenzini and Vincent Koenig. In Cyber-Space noone can hear you S-CREAM: A Root Cause Analysis of Technique for Socio-Technical Attacks. 11th Workshop on Security and Trust Management (ESORICS 2015). 9331: 255-264. [ISI:1] [SCOPUS:3].
44. Ana Ferreira and Gabriele Lenzini. An Analysis of Social Engineering Principles in Effective Phishing. 5th Workshop on Socio-Technical Aspects in Security and Trust within the 28th IEEE Computer Security Foundations Symposium (CSF). 2015. 9-16. [ISI:11] [SCOPUS:17]
45. Ana Ferreira, Lynne Coventry and Gabriele Lenzini. Principles of Persuasion in Social Engineering and their Use in Phishing. 17th International Conference on Human Computer Interaction. 2015. 9190: 36-47. [SCOPUS:21]
46. Ana Ferreira, Jean-Louis Huynen, Gabriele Lenzini, Vincent Koenig, Salvador Rivas. Do Graphical Cues Effectively Inform Users? A Socio-technical Security Study in Accessing WiFi Networks. 17th International Conference on Human Computer Interaction. 2015. 9190: 323-334. [SCOPUS:4]. Best paper award.
47. Ana Ferreira and Gabriele Lenzini. Can transparency enhancing tools support patient’s accessing electronic health records? 3rd World Conference on Information Systems and Technologies. Advances in Intelligent Systems and Computing, 2015. 353: 1121-1132. [ISI:1] [SCOPUS:1]
48. Ana Ferreira, Jean-Louis Huynen, Vincent Koenig and Gabriele Lenzini. Socio-technical Security Analysis of Wireless Hotspots. 16th International Conference on Human-Computer Interaction – HCII2014. Human Aspects of Information Security, Privacy and Trust. Lecture Notes in Computer Science, 2014. 8533: 306-317. [SCOPUS:8]
49. Ana Ferreira, Jean-Louis Huynen, Vincent Koenig and Gabriele Lenzini. A Conceptual Framework to Study Socio-Technical Security. 16th International Conference on Human-Computer Interaction – HCII2014. Human Aspects of Information Security, Privacy and Trust. Lecture Notes in Computer Science, 2014. 8533: 318-329. [SCOPUS:8]
50. Ana Ferreira, Gabriele Lenzini, Cátia Santos-Pereira, Alexandre B. Augusto, Manuel E. Correia. Envisioning secure and usable access control for patients. IEEE 3rd International Conference on Serious Games and Applications for Health, 2014. 1-8. [SCOPUS:2]
51. Ana Ferreira, Jean-Louis Huynen, Vincent Koenig, Gabriele Lenzini and Salvador Rivas. Socio-Technical Study on the effect of Trust and Context when choosing Wifi names. 9th Workshop on Security and Trust Management (ESORICS 2013). Lecture Notes in Computer Science, 2013. 8203: 131-143. [ISI:6][SCOPUS:10]
IV. SCIENTIFIC ACTIVITY
18
52. Ana Ferreira, Rosario Giustolisi, Jean-Louis Huynen, Vincent Koenig, Gabriele Lenzini. Studies in Socio-Technical Security Analysis: Authentication of Identities with TLS Certificates. 3rd IEEE International Symposium on Trust and Identity in Mobile Internet, Computing and Communications (TRUSTID2013), 2013. 1553:1558. [ISI:3] [SCOPUS:7]
53. Ferreira A, Farinha P, Santos-Pereira C, Cruz-Correia R, Rodrigues P, Costa-Pereira A, Orvalho V. Log analysis of human computer interactions regarding break the glass accesses. In Proceedings of the 15th International Conference on Enterprise Information Systems, 2013. 3: 46-53. [ISI:2] [SCOPUS:1]
54. Santos-Pereira, Cátia, Augusto, Alexandre, Correia, Manuel, Ferreira, Ana, Cruz-Correia, Ricardo. A Mobile Based Authorization Mechanism for Patient Managed Role Based Access Control. Information Technology in Bio and Medical Informatics, Lecture Notes in Computer Science, 2012. 7451: 54-68. [SCOPUS:11]
55. Cátia Santos-Pereira, Luis Antunes, Ricardo Cruz-Correia, and Ana Ferreira. One way to patient empowerment - A proposal for an authorization model. In proceedings of the International Conference on Health Informatics, 2012. pp. 249-255. [SCOPUS:3]
56. Ferreira A, Cruz-Correia R, Marta Brito, Antunes L. Usable access control policy and model for healthcare. Proceedings of the 24th IEEE Symposium on Computer-Based Medical Systems, 2011. Pp.1-6. [ISI] [SCOPUS:9]
57. Ferreira A, Cruz-Correia R, Antunes L. Usability of authentication and access control: a case study in healthcare. Proceedings of the 45th IEEE Carnahan Conference on Security Technology, 2011. 1-7. [ISI] [SCOPUS:4]
58. Carla Pereira, Ana Ferreira. Luis Antunes. Evaluation of a teleradiology system: impact and user satisfaction. Proceedings of the International Conference on Health Informatics, 2011. 295-302. [ISI] [SCOPUS]
59. Pereira C, Oliveira C, Vilaça C, Ferreira A. Protection of clinical data: comparison of European with American legislation and respective technological applicability. Proceedings of the International Conference on Health Informatics, 2011. 567-570. [ISI] [SCOPUS:2]
60. Ana Ferreira, Ricardo Correia, David Chadwick, Henrique Santos, Rui Gomes, Diogo Reis, Luis Antunes. Password sharing and how to reduce it. Certification and Security in Health-Related Web Applications: Concepts and Solutions. Dr. Ioannis Apostolakis, Anargyros Chryssanthou, Dr. Iraklis Varlamis (Editors). ISBN 978-1616928957, 2011. 243-263. [SCOPUS:2] (Book Chapter)
61. Ferreira A, Cruz-Correia R, Chadwick D, Antunes L. Access control in healthcare: the methodology from legislation to practice. Proceedings of the 13th MEDINFO Congress. IOS Press, 2010. 160: 666-70. [ISI:3] [SCOPUS:5]
62. Farinha P, Cruz-Correia R, Antunes L, Filipe Almeida, Ferreira A. From legislation to practice: a case study of break the glass in healthcare. Proceedings of the International Conference on Health Informatics, 2010. 114-120. [ISI:1] [SCOPUS:1]
63. Ana Ferreira, David Chadwick, Gansen Zao, Pedro Farinha, Ricardo Correia, Rui Chilro, Luis Antunes. How to securely break into RBAC: the BTG-RBAC model. Proceedings from 25th Annual Computer Security Applications Conference - ACSAC2009, Dez 2009. 23-31. DOI: 10.1109/acsac.2009.12. [ISI:37] [SCOPUS:82]
64. Ana Ferreira, Luís Barreto, Pedro Brandão, Ricardo Correia, Susana Sargento, Luís Antunes. Chapter II: Accessing an existing virtual electronic patient record with a secure wireless architecture. Phillip Olla, Joseph Tan (Editors). Mobile Health Solutions for Biomedical Applications. Medical Information Science Reference. ISBN 978-1605663326, Mar 2009. 24-45. [SCOPUS] (Book Chapter)
65. Ana Ferreira, Ricardo Correia, David Chadwick, Luis Antunes. Improving the implementation of access control in EMR. Proceedings of the 42nd IEEE International Carnahan Conference on Security Technology, 2008. 47-50. [ISI:17] [SCOPUS:7]
IV. SCIENTIFIC ACTIVITY
19
66. Ferreira A, Antunes L, Pinho C, Sá C, Mendes E, Santos E, Silva F, Sousa F, Gomes F, Abreu F, Mota F, Aguiar F, Faria F, Macedo F, Martins S, Cruz-Correia R. Who should access electronic patient records. Proceedings of the International Conference on Health Informatics, 2008. 182-185. [ISI] [SCOPUS]
67. Ana Ferreira, Ricardo Cruz-Correia, Luís Antunes, David Chadwick. Chapter III: Security of Electronic Medical Records. Handbook of Research on Distributed Medical Informatics and E-Health. A. Lazakidou, K. Siassiakos (Editors). Medical Information Science Reference. ISBN 978-1-60566-002-8, Aug 2008. 30-47. [SCOPUS:1] (Book Chapter)
68. Ferreira A, Correia A, Silva A, Corte A, Pinto A, Saavedra A, Pereira AL, Pereira AF, Cruz-Correia R, Antunes LF. Why facilitate patient access to medical records. Studies in Health Technologies and Informatics. IOS Press, 2007. 127: 77-90. [ISI:30] [SCOPUS:37]
69. Ferreira A, Cruz-Correia R, Antunes LF, Chadwick D. Access Control: how can it improve patients' healthcare? Studies in Health Technologies and Informatics. IOS Press. 2007. 127: 65-76. [ISI:22] [SCOPUS:28]
70. Ana M. Ferreira, Ricardo Cruz-Correia, Altamiro Costa-Pereira. Why teach computer security to medical students? Studies in Health Technologies and Informatics. IOS Press, 2007. 129: 1469-1470. [ISI:1] [SCOPUS:1]
71. Cristina Costa-Santos, Ana Coutinho, Ricardo Cruz-Correia, Ana Ferreira, Altamiro Costa-Pereira. E-learning at porto faculty of medicine. a case study for the subject 'introduction to medicine'. Studies in Health Technologies and Informatics. IOS Press, 2007. 129: 1366-1371. [ISI:4] [SCOPUS:6]
72. Ana Ferreira, David Chadwick, Luís Antunes. Modelling access control for healthcare information systems: how to control access through policies, human processes and legislation. Proceedings of the 5th Doctoral Consortium – DCEIS, 2007. 3-13. [SCOPUS:2]
73. Ferreira A, Barreto L, Brandão P, Cruz-Correia R, Sargento S, Antunes L. A secure wireless architecture to access a virtual electronic patient record. IEEE Pervasive Health Conference and Workshops, 2006. 1-8. [SCOPUS:3]
74. Cruz-Correia R, Vieira-Marques P, Ferreira A, Oliveira-Palhares E, Costa P, Costa-Pereira A. Monitoring the integration of hospital information systems: how it may ensure and improve the quality of data. Stud Health Technol Inform IOS Press 2006. 121: p. 176-82. [ISI:11] [SCOPUS:16]
75. Ricardo Correia, Pedro Marques, Ana Ferreira, Ernesto Palhares, Pedro Costa, Fernando Araújo. Automatic detection of patient data inconsistencies on integrated Health Information Systems. Actas da 1ª Conferência Ibérica de sistemas e Tecnologia de Informação, 2006. 1: 689-696. [ISI] [SCOPUS]
76. Pedro Farinha, Ana Ferreira, Ricardo Correia. Web.care - management of resources and access to multicentric clinical studies online. Actas da 1ª Conferência Ibérica de sistemas e Tecnologia de Informação, 2006. 1: 631-640. [ISI] [SCOPUS:4]
77. Vieira-Marques P, Cruz-Correia R., Costa P., Palhares E., Ferreira A., Costa-Pereira A. MAID – Multi Agent for the Integration of Data. Actas da 1ª Conferência Ibérica de sistemas e Tecnologia de Informação, 2006. 1: 603-614. [ISI:3] [SCOPUS:3]
78. Ferreira A, Cruz-Correia R, Antunes L, Farinha P, Oliveira-Palhares E, Chadwick D W, Costa-Pereira A. How to break access control in a controlled manner? Proceedings of the 19th IEEE Symposium on Computer-Based Medical Systems, 2006. 847-851. [ISI:57] [SCOPUS:84]
79. Ferreira A, Oliveira-Palhares E, Correia R, Costa-Pereira A. From a wired to a wireless secure EPR: Can we re-use existing security solutions. Proceedings of the 39th IEEE International Carnahan Conference on Security Technology, 2005. 39: 93-6. [ISI] [SCOPUS]
80. Ferreira A, Cruz-Correia R, and Costa-Pereira A. Securing a web-based EPR: An approach to secure a centralized EPR within a hospital. In Proceedings of the 6th International Conference on Enterprise Information Systems, 2004. 3: 54-9. [SCOPUS:8]
IV. SCIENTIFIC ACTIVITY
20
81. Ferreira A, Cruz-Correia R, Antunes L, Palhares E, Marques P, Costa P, Costa-Pereira A. Integrity for Electronic Patient Record Reports. Proceedings of the 17th IEEE Symposium on Computer-Based Medical Systems, 2004. 4-9. [ISI:5] [SCOPUS:16]
82. Ana Ferreira, Simon Shiu, Adrian Baldwin. Towards Accountability for Electronic Patient Records. 16th IEEE Symposium Proceedings on Computer-Based Medical Systems (CBMS2003), 2003. 189-94. [ISI:6] [SCOPUS:17]
3. NON-INDEXED PUBLICATIONS
Journals
1. Sá-Couto, Carla; Ferreira, Ana Margarida; Almeida, Diana; Nicolau, Abel; Vieira-Marques,
Pedro. Evaluation of skills acquisition using a new low-cost tool for CPR self-training. Porto
Biomedical Journal, 2018. 3(1): p e8.
Journal abstracts
1. Carla Sá-Couto, Pedro Vieira-Marques, Abel Nicolau, Diana Almeida, Ana Ferreira. CPR
Personal Trainer: a low-cost for CPR self-training. Advances in Simulation. 2017. 2(Suppl
1):A4. Pages 2-3.
Abstracts accepted for presentation and discussion (no publication)
2. Jácome C, Guedes R, Almeida R, Fonseca Teixeira J, Vieira-Marques P, Pinho B, Fernandes JM; Ferreira, A; Almeida Fonseca J. InspirerMundi: an app to measure and improve adherence to inhaled medication. 9th International Primary Care Respiratory Group (IPCRG) World Conference. 2018.
3. Almeida D, Nicolau A, Ferreira A, Monteiro LP, Vieira-Marques P, Sá-Couto CD.
Development and evaluation of a new scoring and feedback system for a low-cost CPR
training tool. SESAM – Society in Europe for Simulation Applied to Medicine. 2016
4. Ana Ferreira, Markus Jakobsson, Damon McCoy, Elaine Shi, Youngsam Park, Ting-Fang Yen and Arthur Jakobsson. Trends in social-engineering: how to detect and quantify persuasion. RSAConference 2016 – SessionID – HUM-W02, San Francisco, February 2016.
Proceedings of international and national conferences
1. Nicolau A, Vieira-Marques P, Monteiro LP, Ferreira A, Sá-Couto. Development of a Cardiopulmonary Resuscitation Personal Trainer. IJUP – 9th Meeting for Young Researchers at University of Porto, 2016.
2. Ana Ferreira, Rosario Giustolisi, Jean-Louis Huynen and Gabriele Lenzini. On tools for socio-technical security analysis. Grande Region Security and Reliability Day, 2013.
3. Santos-Pereira C, Cruz-Correia R, Ferreira A. Providing for patient empowerment. Customizable access control models for patients: a systematic review. Proceedings of MEDINFOR II – “A medicina na era da informação”. 2011.
4. Rui Chilro, Ana Ferreira, Bruno Oliveira, Ricardo Morla. Contact times in the Message Ferry Delay Tolerant Network. DSIE’11 – 6th Doctoral Symposium on Informatics Engineering, 2011.
5. Cruz-Correia Ricardo, Vieira-Marques Pedro, Ferreira Ana, Almeida Filipa, Wyatt Jeremy and Costa-Pereira Altamiro. Projects Integrating Information Systems Are Going Regional - a Systematic Review. Studies in Health Technologies and Informatics. IOS Press, 2007. 129: 2064-2066.
IV. SCIENTIFIC ACTIVITY
21
6. Ferreira A, Correia R, Antunes L, Oliveira-Palhares E, Farinha P, Costa-Pereira A. How to start modelling access control in a healthcare organization. Proceedings of the 10th International Symposium for Health Information Management Research, 2005.
7. Ferreira A, Cruz-Correia R, Costa-Pereira A. The Creation of a Secure Web-Based EPR. Technology and health care - official journal of the European Society for Engineering and Medicine: Proceedings of MedNet Eighth World Congress on the Internet in Medicine, 2003. 11(5): 390-9.
8. Ana Ferreira, Simon Shiu, Adrian Baldwin. Towards Secure Electronic Patient Records. MEDINF2003. 5(3): 341-344.
9. Correia R, Marques P, Ferreira A, Vieira P, Bernardes J, Costa-Pereira A. Acquisition, processing and storage of vital signals in an electronic patient record system. Proceedings of MEDNET2001.
10. Teixeira-Pinto A, Ferreira A, Parry G, Costa-Pereira A. Estatística Médica na WEB: um manual para uso de estudantes, investigadores e profissionais de Saúde. Actas da 1ª Conferência sobre redes de computadores, 1998. 9-10.
Posters (no publication)
11. Active visualization to assist and improve online accessibility and privacy in AAL solutions.
AAL Forum 2018.
12. Bridging the gap between technology and older adults: insights from a workshop conduct at the AAL Forum 2017. AAL Forum 2018.
13. Ana Ferreira, Rosario Giustolisi, Jean-Louis Huynen, Vincent Koenig, Gabriele Lenzini, Sjouke Mauw, Peter Y. A. Ryan. Socio-Technical Analysis of Security (STAST). SnT – Partnership Day, 2013.
14. Chuva MT, Fernandes MT, Correia C, Barbosa L, Silva MJ, Gomes MJ, Moreira MM, Gomes
MM, Vinhas MS, Dias M, Moreira M, Ferreira A. Atitudes e opiniões de profissionais de
saúde e doentes quanto à utilização de computadores em cuidados primários – Revisão
sistemática. IX Jornadas Científicas dos Estudantes de Medicina. Faculdade de Medicina da
Universidade do Porto. 2006.
IV. SCIENTIFIC ACTIVITY
22
B. INSERTION IN THE SCIENTIFIC COMMUNITY
This section presents the oral communications both in international seminars/workshops (by
invitation) and conferences. It also describes the participations as a jury in academic defenses, the
obtained prizes, distinctions, scholarship awards, as well as the participation in technical
committees of international conferences and membership of research units.
1. EUROPEAN EXPERT EVALUATOR – European Commission
1. H2020-SU-ICT-2019
2. H2020-SU-DS-2019
3. H2020-OnlineSecurityPrize-2017
4. H2020-SU-ICT-2018
5. Secure Society Calls evaluation - Oct 2017
2. INVITED SPEAKER
International seminars and workshops
1. 10th Edition of Fraunhofer Portugal Challenge. Closing event and Awards ceremony. October 2019.
2. 1ª Conferência eCuidHaMUs. Escola Superior de Saúde da Universidade de Aveiro. June 2019
3. ISG - Royal Holloway, University of London. July 2015.
4. BlueSky Conference – FET–EYE conference for young researchers. June 2014.
5. Lab@Surfing – FET–EYE conference for young researchers. February 2014.
6. SOUPS – Symposium on Usable Privacy and Security (Lightning talk). July 2013.
7. SRM Seminar. SnT, University of Luxembourg. April 2012.
8. ISG Group Seminars. Royal Holloway, University of London. December 2008.
9. 1st Information Security Group Alumni Reunion Conference. Royal Holloway, University of London. July 2008.
10. (ISC)2 London – Scholarship award. PhD presentation. October 2007.
11. (ISC)2 London – Scholarship award. PhD presentation. May 2006.
12. Security and access control in healthcare. Philips Research Eindhoven. June 2005.
National seminars
1. Proteção de dados – Comissões de Ética e Investigação em Saúde – impacto das alterações na lei e desafios para o futuro. 2019. MEDCIDS – Faculdade de Medicina do Porto.
2. Segurança em Investigação de Saúde. Seminário do curso MIMED, 2019.
3. Segurança em Investigação Clínica e Regulamento Geral de Proteção de dados. Escola de Verão, 2019. MEDCIDS – Faculdade de Medicina do Porto.
IV. SCIENTIFIC ACTIVITY
23
4. How to elaborate a H2020 proposal in Biotechnology? GPPQ. CINTESIS, Faculty of Medicine, University of Porto. 2018.
5. TagUBig-Taming Your Big Data. GMEPE-PAHCE 2018 Conference. CINTESIS. March 2018.
6. Interact with (the) Security. 9º Simposium Master in Medical Informatics, MEDCIDS, Faculty of Medicine, University of Porto. September 2016.
7. Break security to improve security. Conference on informatics’ security. Business Science School of Valença. March 2011.
8. Security in Programming. Master in Medical Informatics, Biostatistics and Medical Informatics (currently CIDES), Faculty of Medicine, University of Porto. March 2010.
9. PhD research work presentation. Workshop Grounded Theory Methodology, Prof. Antony Bryant. University Fernando Pessoa. June 2009.
10. Information Security. Workshop on access control in healthcare. Master in Medical Informatics, Biostatistics and Medical Informatics (currently CIDES), Faculty of Medicine, University of Porto. May 2009.
11. Information Security – Integration in healthcare. National Administration Institute (INA). 2007
12. Information Security. National Administration Institute (INA). 2006
13. Security in Healthcare. Master in Informatics, Computer Science Department, Faculty of Science, University of Porto. 2006.
3. ORAL COMMUNICATIONS AT INTERNATIONAL CONFERENCES
1. ICISSP2020 Patients to mobilize their data: secure and flexible mHealth delegation. February 2020.
2. MEDICON2019 How secure is your mobile health? Portugal. September 2019
3. eHEALTH2019 How inspiring is your app: a usability take on an app for astHma medication adherence. Portugal. July 2019
4. IEEE CARNAHAN2018 Translating GDPR into the mHealth Practice
5. TagUBig – Taming Your Big Data
6. Why ransomware needs a human touch. Canada. October 2018.
7. TA2017 What to phish in a subject? Malta. April 2017.
8. WORLDCIST2015 Can transparency enhancing tools support patient’s accessing electronic health records? Ponta Delgada, Azores, Portugal. April 2015.
9. IEEE SEGAH2014 Envisioning secure and usable access control for patients. Rio de Janeiro, Brazil. May 2014.
10. SOUPS2013 Designing defenses against socio-technical attacks. Newcastle, UK. July 2013.
11. ICEIS2013 Log analysis of human computer interactions regarding break the glass accesses. Angers, France. July 2013.
12. IEEE CARNAHAN2011 Usability of authentication and access control: a case study in healthcare. Barcelona, Spain. October 2011.
IV. SCIENTIFIC ACTIVITY
24
13. ACSAC2009 How to securely break into RBAC: the BTG-RBAC model. Honolulu, Hawaii. December 2009.
14. IEEE CARNAHAN2008 Improving the implementation of access control to electronic medical records. Prague, Czech Republic. October 2008.
15. HEALTHINF2008 Who should access electronic patient records. Funchal, Portugal. January 2008.
16. ICMCC2007 Why facilitate patient access to medical records. Empowering the patient. Amesterdam, Holand. June 2007.
17. ICMCC2007 Access Control: how can it improve patients' healthcare? Empowering the patient. Amesterdam, Holand. June 2007.
18. DCEIS2007 Modelling access control for healthcare information systems: how to control access through policies, human processes and legislation. Funchal, Portugal. June 2007.
19. IEEE CBMS2006 How to break access control in a controlled manner? Salt Lake City, USA. June 2006.
20. IEEE PervasiveHealth2006 A secure wireless architecture to access a virtual electronic patient record. Innsbruck, Austria. November 2006.
21. IEEE CARNAHAN2005 From a wired to a wireless secure EPR: Can we re-use existing security solutions? Las Palmas de Gran Canaria, Spain. October 2005.
22. MedNet2005 Teaching information security to medical students. Prague, Czech Republic. December 2005.
23. IEEE CBMS2004 Integrity for Electronic Patient Record Reports. Bethesda, Maryland, USA. June 2004.
24. ICEIS2004 Securing a web-based EPR: An approach to secure a centralized EPR within a hospital. Porto, Portugal. April 2004.
25. MedNet2003 The Creation of a Secure Web-Based EPR. Geneva, Switzerland. December 2003.
26. MEDINF2003 Towards Secure Electronic Patient Records. Craiova, Romania. October 2003.
4. ACADEMIC JURIES
External
1. INSTITUTION: Faculty of Science, University of Porto
NAME: Ana Cristina de Melo Carvalho
PROGRAM: Mini viva (not final defence) - PhD in Computer Science
TITLE: Privacy Enhancing Technologies: Collection and Management of Online Consent Request.
DATE: December 2019
IV. SCIENTIFIC ACTIVITY
25
2. INSTITUTION: Faculty of Science, University of Lisbon
NAME: Diogo Marques
PROGRAM: Mini viva (not final defence) - PhD in Informatics Engineering
TITLE: The social insider threat to end users of smartphones.
DATE: June 2017 and July 2018
3. INSTITUTION: Faculty of Medicine, University of Porto
NAME: Ricardo Jorge Tomé Rodrigues Pires
PROGRAM: Master in Medical Informatics
TITLE: mHealth: O impacto da nova diretiva Europeia de Proteção de Dados, caso de uso e avaliação.
DATE: December 2016
4. INSTITUIÇÃO: Universidade do Porto – Faculdade de Ciências
NOME: João Sá
PROGRAM: MSc in Computer Science
TÍTULO: View and Verify Access Control Policies
DATE: December 2015
5. INSTITUTION: University of Minho
NAME: Vítor Júlio da Silva Sá
PROGRAM: PhD
TITLE: Gestual Dynamic with skin conductivity – a multimodal approach for biometrics authentication
DATE: April 2014
6. INSTITUTION: Faculty of Medicine, University of Porto
NAME: Ricardo Filipe Sousa Santos
PROGRAM: Master in Medical Informatics
TITLE: Securing a Health Information System with a Government issued Digital Identification Card
DATE: March 2010
Internal
1. INSTITUTION: Faculty of Medicine, University of Porto
NAME: Ana Cláudia de Loureiro e Nogueira
PROGRAM: Master in Medical Informatics
TITLE: Validação da identificação de utentes num integrador de mensagens HL7 para monitorização e portabilidade de dados na área da saúde.
IV. SCIENTIFIC ACTIVITY
26
DATE: December 2019
Supervisor
1. INSTITUTION: Faculty of Medicine, University of Porto
NAME: Ana Sofia da Silva Maria
PROGRAM: Master in Medical Informatics
TITLE: Comparação do controlo de acesso em instituições de saúde privadas e públicas da região Norte
DATE: December 2017
2. INSTITUTION: Faculty of Medicine, University of Porto
NAME: Cátia Andreia Santos Pereira
PROGRAM: Master in Medical Informatics
TITLE: One way to patient empowerment. A proposal for an authorisation model
DATE: March 2012
3. INSTITUTION: Faculty of Medicine, University of Porto
NAME: Carla Marina Ventura Pereira
PROGRAM: Master in Medical Informatics
TITLE: Evaluation of a teleradiology system: impact and user satisfaction
DATE: March 2011
Co-supervisor
1. INSTITUTION: Faculty of Medicine, University of Porto
NAME: Pedro Ferreira Farinha Silva
PROGRAM: Master
TITLE: From legislation to practice: a use-case of break-the-glass
DATE: October 2010
5. OTHER JURIES
1. 2nd Vogal suplente for the job application of an administrative assistant to the Informatics’ Service at Faculty of Medicine, University of Porto. November 2005.
IV. SCIENTIFIC ACTIVITY
27
6. PRIZES AND DISTINCTIONS
1. Best Paper Award. ICISSP 2019.
2. Best Student Paper Award. HEALTHINF 2019.
3. Best communication award at 4th IPLeiria Int Health Congress 2018.
4. Best poster award at ICEIS2018.
5. SPAIC – ASTRAZENECA 2017 – FRASIS – Monitorização da função respiratória na asma utilizando os sensores integrados do smartphone.
6. Best paper award at the 17th International Conference on Human Computer Interaction. 2015.
7. Honourable mention. Controlo de acesso à informação de saúde. Da legislação à prática: um caso de estudo do Break-The-Glass. Master student’s work. European for Data Protection Day. Assembleia da República. 2013.
8. 1st prize: Fraunhofer Portugal Challenge – “Research of practical utility”, category: PhD. October 2010. Value: 3000€.
9. Prize “Hospital do Futuro”, category: E-Health – Best initiative of e-government in healthcare. Cruz-Correia R, Vieira-Marques P, Costa P, Ferreira A, Oliveira-Palhares E, Costa-Pereira A. Project "ICU: Informação Clínica do Utente". 2004/2005.
10. Prize “Fernandes Costa”. Informatics’ Institute from the Ministry of Finance. Project "ICU: Informação Clínica do Utente". 2005.
11. Distinction. MSC in Information Security, Royal Holloway, University of London, UK. 2002.
12. Prize “Jorge Manuel de Jesus Rodrigues”. Pharmaceutical and chemical products’ wholesalers. Best student of the area of Informatics’ at Oliveira Martins High School. Academic year of 1992/93.
7. SCHOLARSHIPS
1. Post-doctoral. SnT - Interdisciplinary Center for Security, Reliability and Trust, University of Luxembourg (from November 2012 until February 2015). Position: Research Associate.
2. Program to help execute the PhD thesis. Human Resources Advanced Education. Foundation for the Science and Technology - Portugal. December 2010. Value: 750€.
3. (ISC)2 Scholarship Award 2008. PhD Scholarship in Information Security. Duration: 12 months. Value: US$12,500.
4. Scholarship from Calouste Gulbenkian Foundation in Portugal. PhD project abroad. Duration: 10 months (from January until November 2008). Monthly value: 1.073,00€; fees: 4.600,00€.
5. (ISC)2 Scholarship Award 2007. PhD Scholarship in Information Security. Duration: 12 months. Value: US$12,500.
6. (ISC)2 Scholarship Award 2006. PhD Scholarship in Information Security. Duration: 12 months. Value: US$12,500.
7. Scholarship to participate in USA conferences. Luso-American Foundation (FLAD). Oral communication of a scientific paper. Conference: CBMS2006. Value: 1000€.
IV. SCIENTIFIC ACTIVITY
28
8. Scholarship to participate in USA conferences. Luso-American Foundation (FLAD). Oral communication of a scientific paper. Conference: CBMS2004. Value: 900€.
8. EDITOR
1. Lead Guest Editor of Special Issue – Emerging Security Approaches in Healthcare. Journal of Healthcare Engineering, 2017/2018.
9. COMMITTEES OF INTERNATIONAL CONFERENCES
1. Member of Scientific Committee - Annual Privacy Forum (AFP) 2020
2. Member of Scientific Committee - Medinfo2019
3. Member of Scientific Committee - GMEPE-PAHCE 2019
4. Member of Scientific Committee - GMEPE-PAHCE 2018
5. Member of Program Committee – Targeted Attacks 2018 – Workshop from the Financial Cryptography 2018.
6. Member of Scientific Committee – MEDINFOR IV – A medicina na era da informação. Nov 2017.
7. Chair of the Special Track - ST12: Security and privacy in healthcare IT. CBMS – 27th IEEE International Symposium on Computer Based Medical Systems, 2014.
8. Member of the Technical Committee of the Special Track - ST12: Security and privacy in healthcare IT. CBMS – 26th IEEE International Symposium on Computer Based Medical Systems, 2013.
9. Member of the Technical Committee of the Workshop Security and Privacy for Mobile Health Care, 2006.
10. WORKSHOP ORGANISER
1. Forum AAL 2017 – organiser of the workshop 12 entitled: How to make the process of UD
easier in ALL projects: increasing adoption through UCD.
11. REVIEW OF SCIENTIFIC PAPERS
• Reviewer of the World Journal of Computer Application and Technology since June 2015
1. IJMI – International Journal of Medical Informatics (2017): 1
2. Journal BIT – Behaviour and Information Technology (2015): 1
3. IEEE Journal of Biomedical and Health Informatics (2015): 1
4. Journal BMC Medical Informatics and Decision Making (2014): 1
5. CBMS2014 - International Symposium on Computer-Based Medical Systems: 2
6. Journal BIT – Behaviour and Information Technology (2013 and 2014): 4
IV. SCIENTIFIC ACTIVITY
29
7. CBMS2013 – International Symposium on Computer-Based Medical Systems: 2
8. IEEE HEALTHCOM2013 – Int. Conf. on e-Health Networking Application & Services: 1
12. MEMBER OF RESEARCH UNITS AND LABS
1. CINTESIS – Center for Health Technology and Services Research. [FCT, SAU-Norte 753], Research Unit from the Faculty of Medicine, University of Porto. Since 2007.
2. SnT – Interdisciplinary Centre for Security, Reliability and Trust. University of Luxembourg. From November 2012 until February 2015.
3. COSA - Institute of Cognitive Science and Assessment. University of Luxembourg. From November 2012 until February 2015.
4. HP Labs Bristol. UK. From September 2002 until May 2003.
13. ARTICLES IN NON-SCIENTIFIC MAGAZINES
1. Is my smartwatch sharing too much? Active Advice Hub. http://www.activeadvice.eu/news. March 2018.
2. Business email compromise (BEC) attack trends report. AGARI. January 2018.
3. Fraunhofer Prize for the PhD student at FCUP. Merit - UPORTO ALUMNI – “Revista dos Antigos Estudantes da Universidade do Porto”, Nº 12, II Série. December 2010, p43.
4. Jumping from Academy to the Market by hitchhiking the practice of Fraunhofer. “Jornal de Negócios”. Research. Sep 2010, p16.
5. Human touch for Healthcare. SC Magazine: For IT Security Professionals. Oct 2007, p78.
6. (ISC)2 scholarship winner aims to please users. InfosecurityToday. Volume 3, Issue 4. July-
August 2006. 6 Pages.
IV. SCIENTIFIC ACTIVITY
30
C. ACTIVITY IN SCIENTIFIC PROJECTS
This section shows the successful participation in European, International and National research
projects, as well as recently accepted proposals.
1. EUROPEAN PROJECT
NAME: Trusted Architecture for Securely Shared Services (TAS3), FP7
DURATION: 4 years (from January 2008 until December 2011)
TOTAL BUDGET: 13.200.000€
BUDGET EC: 9.400.000€
ID: FP7 IP 216287 TAS3
POSITION: Research Trainee (full-time). From September until December 2008
PLACE: Centre for International ePortfolio Development, School of Education, University of Nottingham (partner)
WEBPAGE: http://vds1628.sivit.org/tas3/
2. FNR PROJECT – FONDATION NATIONALE DE RECHÉRCHE, LUXEMBOURG
NAME: Socio-Technical Aspects in Security and Trust (STAST)
DURATION: 3 years (From May 2012 until May 2015)
TOTAL BUDGET: 1 132 124€
BUDGET FNR: 765 000€
ID: I2R-APS-PFN-11STAS
POSITION: Post-doc. Research Associate (full-time). Duration: 2 years and 4 months. From November 2012 until February 2015.
PLACE: SnT – Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg
WEBPAGE: http://www.fnr.lu/en/Research-Programmes/Funding-by-Call-
Type/Projects/Socio-Technical-Analysis-of-Security-and-Trust-STAST
IV. SCIENTIFIC ACTIVITY
31
2. FCT PROJECTS – FUNDAÇÃO PARA A CIÊNCIA E TECNOLOGIA
1. NAME: mINSPIRERS—mHealth para medição e melhoria da adesão à medicação nas doenças respiratórias obstrutivas crónicas—generalização e avaliação de tecnologias de gamificação, suporte por pares e processamento avançado de imagem
DURATION: 36 months. Started: July 2018
ID: [POCI-01-0145-FEDER-029130]
POSITION: Researcher
INSTITUTIONS: CINTESIS – FMUP
2. NAME: Decision Support Solutions for Independent Living using an Intelligent AAL Product and Service Cloud
DURATION: 28 months. Started: January 2017
TOTAL BUDGET: 92.054,10€
ID: [AAL/0007/2015]
POSITION: Researcher
INSTITUTIONS: CINTESIS – FMUP
3. NAME: OFELIA – Open Federated Environments Leveraging Identity and Authorisation
DURATION: 3 years. Started: April 2010 (concluded)
TOTAL BUDGET: 120.000€
ID: [PTDC/EIA-EIA/104328/2008]
POSITION: Researcher (Master, 30% of the time, with CORE CV)
INSTITUTIONS: INESC (CRACS), Associação OpenID Portugal, CINTESIS, University of Minho (Centro Algoritmi)
WEBPAGE: https://www.fct.pt/apoios/projectos/consulta/vglobal_
projecto.phtml.en?idProjecto=104328&idElemConcurso=2769
4. NAME: OPTIM – Optimizing Information Systems for Healthcare: Improving Graphical User Interface and Storage Management Trough Machine Learning Techniques on User Logs Data
DURATION: 33 months. Started: May 2010 (concluded)
TOTAL BUDGET: 86.481€
ID: [PTDC/EIA-EIA/099920/2008]
POSITION: Researcher (Master, 5% of the time)
INSTITUTIONS: CINTESIS and University of Dundee
WEBPAGE: http://www.fct.pt/apoios/projectos/consulta/vglobal_
projecto?idProjecto=99920&idElemConcurso=2769
IV. SCIENTIFIC ACTIVITY
32
5. NAME: SAHIB – Enhancing multi-institutional health data availability through multi-agent systems
DURATION: 3 years and 6 months. Started: March 2010 (concluded)
TOTAL BUDGET: 87.107€
ID: [PTDC/EIA-EIA/105352/2008].
POSITION: Researcher (Master, 10% of the time)
INSTITUTIONS: CINTESIS, University “Autónoma” of Barcelona, Dublin Institute of
Technology, University of Dundee
WEBPAGE: http://www.fct.pt/apoios/projectos/consulta/vglobal_
projecto?idProjecto=105352&idElemConcurso=2769
4. OTHER PROJECTS
1. NAME: AIRDOC - “Aplicação móvel Inteligente para suporte individualizado e monitorização da função e sons Respiratórios de Doentes Obstrutivos Crónicos
FUNDING: FCT and NORTE2020
ID: NORTE-01-0247-FEDER-033275
DURATION: 3 years. Started: September 2018
POSITION: Researcher
INSTITUTIONS: CINTESIS, ISEP, MEDIDA
2. NAME: NanoSTIMA – Macro-to-Nano Human Sensing: Towards Integrated Multimodal Health Monitoring and Analytics
FUNDING: CCRN – Comissão de Coordenação da Região Norte
ID: NORTE-01-0145-FEDER-000016
DURATION: 3 years. Concluded.
TOTAL BUDGET: 6.137.187,90€
POSITION: Researcher – Leader of WP 3.2
INSTITUTIONS: INESC TEC, FMUP, IT, Univ. de Trás os Montes e Alto Douro
3. NAME: Healthcare Anywhere (HCA) – Interoperability between clinical systems
FUNDING: QRen – projects I&DT Enterprises in co-promotion
DURATION: 2 years. Started: August 2010 (concluded)
TOTAL BUDGET: 357.220€ (First) + 54.689€ (CINTESIS)
POSITION: Collaborator
IV. SCIENTIFIC ACTIVITY
33
INSTITUTIONS: First Solutions, S.A. and CINTESIS
WEBPAGE: http://projectos.adi.pt/actions/project?
id=C16/2009/5391&search=global&actionbean=actions/project
4. NAME: HSJ.ICU – Patient’s Clinical Information In use since 2003
FUNDING: Hospital S. João
POSITION: Research Trainee (full-time). From May 2003 until April 2004
INSTITUTION: Biostatistics and Medical Informatics (currently CIDES), Faculty of Medicine, University of Porto
TASKS: design and implementation of digital signatures of patient reports (around 3.000.000), as well as an authentication and access control system for 2300 registered users; 1525 reports are daily accessed with a mean of 1674 sessions.
5. NAME: “Prontuário Terapêutico”
FUNDING: Infarmed
YEAR: 2001 (concluded)
POSITION: Research Trainee (full-time). 1999-2001
INSTITUTION: Biostatistics and Medical Informatics (currently CIDES), Faculty of Medicine, University of Porto
6. NAME: Intercare – Integrated system of medical care applied to the cardiotocography and electrocardiography
FUNDING: Support to the development of Technological Competencies in PME (Small and Medium Enterprises). P0014/II/IC-PME/S from PME. 2000
POSITION: Research Trainee (full-time). 1998-2001
INSTITUTION: Biostatistics and Medical Informatics (currently CIDES), Faculty of Medicine, University of Porto
WEBPAGE: http://www.adi.pt/sectores%20de%20actividade/projectos/intercare.htm
5. SUPERVISION OF RESEARCH TRAINEES
NAME: Joana Muchagata WP TITLE: Security visualization (Since May 2018) PROJECT: TagUBig – Taming Your Big Data SUPERVISOR: Ana Margarida Leite de Almeida Ferreira
NAME: Diogo Abrantes WP TITLE: Usability (since April 2018) PROJECT: AAL SUPERVISOR: Ana Margarida Leite de Almeida Ferreira
IV. SCIENTIFIC ACTIVITY
34
NAME: Pedro Moura WP TITLE: User Centric aggregation IdM (concluded) PROJECT: NanoSTIMA MILESTONE: RL3 – WP2-M1 SUPERVISOR: Ana Margarida Leite de Almeida Ferreira NAME: Joana Muchagata WP TITLE: Socio-technical security frameworks (concluded) PROJECT: NanoSTIMA MILESTONE: RL3 – WP2-M2 SUPERVISOR: Ana Margarida Leite de Almeida Ferreira
6. ACCEPTED PROPOSALS
1. NAME: TYPAMED - Transparent Yet Private Access to Medical Data
PROGRAM: PhD Proposal
FUNDING: FNR – AFR - PhD (Aides à Formation-Rechérche, Luxembourg)
STATUS: Accepted in June 2014
DATE: December 2014 (to start)
ID: PhD 2014-1; ID: 7842804
POSITION: Co-supervisor
INSTITUTIONS: SNT & LCSB – University of Luxembourg; CINTESIS at University of Porto; and LabSec - University Federal of Santa Catarina, Brazil
OBJECTIVE: study access control models and mechanisms to solve main conflicts between transparency and privacy of patient’s medical data
2. NAME: PRIVGRID - Privacy-dependable Smart-Grid Infrastructure
PLACE: FET-EYE – BLueSky conference
BUDGET: 375€
DATE: June 2014
OBJECTIVE: 1st stage of a proposal for the call FET-OPEN
3. NAME: HATOR – Health aT yOur caRe
PLACE: FET-EYE – LabSurfing@Brussels
BUDGET: 300€
DATE: February 2014
OBJECTIVE: 1st stage of a proposal for the call FET-OPEN
IV. SCIENTIFIC ACTIVITY
35
6. SUPERVISION OF RESEARCH TRAINEES
NAME: Joana Muchagata WP TITLE: Security visualization (Concluded 2019) PROJECT: TagUBig – Taming Your Big Data SUPERVISOR: Ana Margarida Leite de Almeida Ferreira
NAME: Diogo Abrantes WP TITLE: Usability (Concluded 2018) PROJECT: AAL SUPERVISOR: Ana Margarida Leite de Almeida Ferreira NAME: Pedro Moura WP TITLE: User Centric aggregation IdM (Concluded - 2017) PROJECT: NanoSTIMA MILESTONE: RL3 – WP2-M1 SUPERVISOR: Ana Margarida Leite de Almeida Ferreira NAME: Joana Muchagata WP TITLE: Socio-technical security frameworks (Concluded - 2017) PROJECT: NanoSTIMA MILESTONE: RL3 – WP2-M2 SUPERVISOR: Ana Margarida Leite de Almeida Ferreira
36
V. PEDAGOGICAL ACTIVITY
V. PEDAGOGICAL ACTIVITY
37
A. LECTURING ACTIVITY
This section presents the lecturing activity performed for undergraduate and postgraduate courses,
at Faculty of Medicine, University of Porto, and also at other teaching institutions.
1. DOCTORAL PROGRAM IN HEALTH DATA SCIENCE (HEADS)
• Responsible for two subjects: HI.PRESENT and HI.MANAGE.
• Lecturer of HI.PRESENT.
2. INTEGRATED MASTER IN MEDICINE
1. Theoretical lecture in information security for healthcare systems. Subject of Introduction to Medicine from the Medicine course, Faculty of Medicine, University of Porto. Academic years: from 2007/2008 until 2011/2012.
3. MEDICINE COURSE
1. Theoretical lecture in information security for healthcare systems. Subject of Introduction to Medicine from the Medicine course, Faculty of Medicine, University of Porto. Academic years: from 2003/2004 until 2006/2007.
2. Theoretical-practical lectures. Subject of Introduction to Medicine from the Medicine and Medical Dental courses, Faculties of Medicine and Dental Medicine, University of Porto. Academic years: 2003/2004 and 2004/2005.
4. TEACHING POSTGRADUATE COURSES
1. Break security to improve security. Conference in Information Security. Superior School of Business Sciences, Valença, Portugal. March 2011.
2. Security in Programming. Master course in Medical Informatics at Biostatistics and Medical Informatics’ Department (currently CIDES), Faculty of Medicine, University of Porto. March 2010.
3. Information Security. Workshop on Access Control to Healthcare Information Systems. Master course in Medical Informatics at Biostatistics and Medical Informatics’ Department (currently CIDES), Faculty of Medicine, University of Porto. May 2009.
4. Security in Healthcare. MSc in Informatics, Department of Computer Science, Faculty of Science, University of Porto. 2006.
5. TEACHING IN OTHER COURSES
1. Information Security – Integration in Healthcare. INA – National Institute for Public Administration. 2007.
2. Information Security – Integration in Healthcare. INA – National Institute for Public Administration. 2006.
V. PEDAGOGICAL ACTIVITY
38
B. PEDAGOGICAL MATERIAL
This section lists the creation of course modules, pedagogical material, and the management and
configuration of online platforms to support student’s study and course material.
1. COURSE CREATION – FACULTY OF MEDICINE, UNIVERSITY OF PORTO
1. Creation of the module of Information Security in Healthcare. Introduction to Medicine from the Medicine course, Faculty of Medicine, University of Porto. This module is being maintained and taught since 2003.
2. Creation and maintenance of pedagogical material regarding databases and information security. Introduction to Medicine from the Medicine course, Faculty of Medicine, University of Porto. Academic years: 2003/2004 and 2004/2005.
Summer School Courses
1. Ferreira A, et al. Information Security in Healthcare. Duration: 12h. Summer School 2010. Biostatistics and Medical Informatics’ Department (currently CIDES), Faculty of Medicine, University of Porto. Coordination, organization and lecturing.
2. Strübing J., Ferreira A. Qualitative Analysis and Grounded Theory. Summer School 2009. Biostatistics and Medical Informatics’ Department (currently CIDES), Faculty of Medicine, University of Porto. Coordination and organization.
2. CREATION OF ONLINE TOOLS FOR LECTURING
- Creation of Web based Graphical Interfaces for an online tutorial in Biostatistics. Introduction to Medicine from the Medicine course, Faculty of Medicine, University of Porto. 1998.
3. CREATION AND MANAGEMENT OF E-LEARNING PLATFORMS
1. Creation and management of a Moodle instance to support lectures with their teaching activity, students’ work correction and online testing. From 2005 until 2012.
2. Creation and management of a Moodle instance to support study activities for the students’ commissions from various academic years. From 2008 until 2012.
4. PEDAGOGICAL PUBLICATIONS
1. Ana M. Ferreira, Ricardo Cruz-Correia, Altamiro Costa-Pereira. Why teach computer security to medical students? Proceedings of the 12th MEDINFO Congress. IOS Press, 2007. 129: 1469-1470.
2. Cristina Costa-Santos, Ana Coutinho, Ricardo Cruz-Correia, Ana Ferreira, Altamiro Costa-Pereira. E-learning at Porto Faculty of Medicine: a case study of blended-learning. Proceedings of the 12th MEDINFO Congress. IOS Press, 2007. 129: 1366-1371.
V. PEDAGOGICAL ACTIVITY
39
3. Ferreira A, Cruz-Correia R, and Costa-Pereira A. Teaching information security to medical students. Technology and health care - official journal of the European Society for Engineering and Medicine: Proceedings of the 10th World Congress on the Internet in Medicine, 2005. 13(5): 389-90.
4. Teixeira-Pinto A, Ferreira A, Parry G, Costa-Pereira A. Estatística Médica na WEB. Actas da 1ª Conferência sobre redes de computadores, 1998. 9-10.
5. FOCUS GROUPS
- Organisation and moderation of 7 focus groups to healthcare professionals, in the ambit of PhD and Master’s courses.
V. PEDAGOGICAL ACTIVITY
40
C. SUPERVISION ACTIVITIES
This section describes supervision activities ordered by PhD, Master and Undergraduate projects,
together with their associated publications.
1. PhD COURSES
FACULTY OF ENGINEERING - UNIVERSITY OF PORTO
NAME: Cátia Andreia Santos Pereira Augusto
TITLE: A mobile based authorization mechanism for patients to access and manage their electronic health records
COURSE: PhD – Doctoral Programme
SUPERVISOR: Ricardo João Cruz Correia
CO-SUPERVISORS: Luís Filipe Antunes and Ana Ferreira
STARTING YEAR: 2015 (in course)
NAME: Abel Nicolau
TITLE: Development and validation of a low-cost tool for CRP Self-Training
COURSE: Mestrado integrado in Biomedical Engineering
SUPERVISOR: Carla Sá Couto
CO-SUPERVISORS: Pedro Marques e Ana Ferreira
YEAR OF CONCLUSION: 2018
SNT at the UNIVERSITY OF LUXEMBOURG
NAME: Dayana Pierina Brustolin Spagnuelo
TITLE: Defining, Measuring, and Enabling Transparency for Electronic Medical Systems
COURSE: PhD – Doctoral Programme
SUPERVISOR: Peter Y. Ryan
CO-SUPERVISORS: Ana Ferreira, Gabriele Lenzini and Jean Martina
YEAR OF CONCLUSION: 2018
COLLABORATIONS: LCSB (Luxembourg Centre for Systems Biomedicine) – University of Luxembourg and LabSec - Federal University of Santa Catarina
V. PEDAGOGICAL ACTIVITY
41
NAME: Jean-Louis Huynen
TITLE: Socio-Technical Aspects of Security
COURSE: PhD – Doctoral Programme
SUPERVISOR: Peter Y. Ryan
CO-SUPERVISORS: Gabriele Lenzini, Ana Ferreira and Vincent Koenig
YEAR OF CONCLUSION: 2016
COLLABORATIONS: COSA - The Institute of Cognitive Science and Assessment, University of Luxembourg
MEDCIDS, FACULDADE DE MEDICINA, UP - 3º CICLO DE ESTUDOS – PDICSS –
Doctoral Program in Clinical and Health Services Research
NAME: Soraia Teles
TITLE: Internet-based support and training for informal caregivers
of people living with dementia
PROGRAMA: PhD – Programa Doutoral (Started in 2017 - in course)
ORIENTADOR: Constança Paúl
CO-ORIENTADORES: Ana Ferreira
2. MASTER COURSES - UNIVERSITY OF BEIRA INTERIOR
NAME: Pedro Moura
TITLE: Security issues in mobile access to Portuguese electronic health records
COURSE: Master in Informatics Engineering
SUPERVISOR: Paulo Fazendeiro
CO-SUPERVISOR: Ana Margarida Leite de Almeida Ferreira
YEAR OF CONCLUSION: 2018
FINAL CLASSIFICATION: 18 out of 20
3. MASTER COURSES - CIDES, FACULTY OF MEDICINE, UNIVERSITY OF PORTO
NAME: Sandra Ribeiro
TITLE: A prototype to promote patient empowerment using audit trails
COURSE: Master in Medical Informatics
SUPERVISOR: Ricardo Correia
CO-SUPERVISORS: Ana Margarida Leite de Almeida Ferreira and Pedro Vieira Marques
YEAR OF CONCLUSION: 2018
FINAL CLASSIFICATION: 19 out of 20
V. PEDAGOGICAL ACTIVITY
42
NAME: Ana Sofia da Silva Maria
TITLE: Comparação do controlo de acesso em instituições de saúde privadas e públicas da região Norte
COURSE: Master in Medical Informatics
SUPERVISOR: Ana Margarida Leite de Almeida Ferreira
YEAR OF CONCLUSION: 2017
FINAL CLASSIFICATION: 17 out of 20
NAME: Diana Filipa Sousa Almeida
TITLE: Evaluation of a new scoring and feedback system for a low-cost CPR training tool
COURSE: Master in Medical Informatics
SUPERVISOR: Carla Sá Couto
CO-SUPERVISORS: Pedro Vieira Marques, Ana Margarida Leite de Almeida Ferreira
YEAR OF CONCLUSION: 2016
FINAL CLASSIFICATION: 17 out of 20
NAME: Cátia Andreia Santos Pereira
TITLE: One way to patient empowerment a proposal for an authorization model
COURSE: Master in Medical Informatics
SUPERVISOR: Ana Margarida Leite de Almeida Ferreira
CO-SUPERVISORS: Ricardo João Cruz Correia
YEAR OF CONCLUSION: 2012
FINAL CLASSIFICATION: 17 out of 20
NAME: Carla Marina Ventura Pereira
TITLE: Evaluation of a teleradiology system: impact and user satisfaction
COURSE: Master in Medical Informatics
SUPERVISOR: Ana Margarida Leite de Almeida Ferreira
CO-SUPERVISORS: Mário Monteiro, Escola Superior de Tecnologia da Saúde de Coimbra
YEAR OF CONCLUSION: 2011
FINAL CLASSIFICATION: 18 out of 20
NAME: Pedro Ferreira Farinha Silva
TITLE: Access control to healthcare information. From legislation to practice: a use-case of Break-The-Glass
COURSE: Master in Medical Informatics
V. PEDAGOGICAL ACTIVITY
43
SUPERVISOR: Luís Filipe Antunes
CO-SUPERVISORS: Ana Margarida Leite de Almeida Ferreira
YEAR OF CONCLUSION: 2010
FINAL CLASSIFICATION: 19 out of 20
PRIZE: this work received an honourable mention in the competition “Prémio Ensaio CNPD – Comissão Nacional de Proteção de Dados, 2012”
4. UNDERGRADUATE COURSES - CIDES, FACULTY OF MEDICINE, UNIVERSITY
OF PORTO
Supervision of undergraduate projects of first year students from the Medicine course
1. The Access to Medical Records: a systematic review. Group 2. 2005. (concluded)
2. Electronic Patient Records. Who can access what? Group 8. 2005. (concluded)
3. Impact of the use of computers in the performance of healthcare professionals in primary healthcare – Systematic Review. Group 4. 2004. (concluded)
4. Attitudes and opinions of healthcare professionals and patients regarding the use of computers – Systematic Review. Group 13. 2004. (concluded)
5. Security in healthcare information systems – Medical perspective. Class 9, Group 1. 2003. (concluded)
6. Security in healthcare information systems of the Obstetrics department of Hospital S. João - Nurses perspective. Class 23, Group 1. 2003. (concluded)
7. Security in healthcare information systems. Opinions and beliefs of Medical students. Class 23, Group 2. 2003. (concluded)
8. Security in healthcare information systems. What do medical doctors think? Class 24, Group 1. 2003. (concluded)
9. Ethics allied to the confidentiality of patient medical records. Class 24 – Group 2. 2003. (concluded)
VI. EMPLOYMENT
VI. EMPLOYMENT
45
A. EMPLOYMENT
This section introduces employment, tool development and other relevant activities.
SINCE JANUARY 2017
Currently a researcher at Programa Investigador FCT 2015 – Starting Grant, within a
self-proposed project, entitled “TagUBig-Taming your Big data”.
Main research Question: Can individuals use their BiDa (personal Big Data) to control and
improve transparency, privacy and usability, when interacting with an application?
Objective: To develop an access control decision model which automatically learns from an
individual's BiDa and from social and technical context at that moment the request is made, and
decides what is the most transparent, secure, private and usable way to display it to the user.
SINCE OCTOBER 2004 (currently with a no paid leave)
Informatics’ Service, Faculty of Medicine, University of Porto
IT Specialist, Grade 1, Level 3. Tasks include (but are not exclusive): supporting the teaching, research and administrative environment, network and information systems’ installation, configuration, development, implementation and management, helpdesk to students, academic and administrative staff, backup performance and management as well as development and implementation of access control policies, database creation and administration, e-learning configuration and support as well as wireless networks configuration and management.
APRIL 2004 – OCTOBER 2004
Informatics’ Service, Faculty of Medicine, University of Porto
Training for IT Specialist position, Grade 1, Level 2. Technical report entitled: Implementation of an access control policy.
MAY 2003 – APRIL 2004
SBIM (currently CIDES), Faculty of Medicine, University of Porto
Research Trainee in Electronic Health Records.
SEPTEMBER 2002 – APRIL 2003
Trusted Systems Laboratory, Hewlett Packard, Bristol, UK
Research Trainee. Development of a prototype to use secure hardware to protect electronic patient records. An NHS use-case was presented to the NHS Information Authority and produced 2 scientific papers published in international conferences. Publications number 39 (indexed) and 7 (non-indexed) in this CV.
VI. EMPLOYMENT
46
1999 – 2001
SBIM (currently CIDES), Faculty of Medicine, University of Porto
Research Trainee. Project Intercare (Integrated Healthcare System). Implementation of a prototype for telemedicine.
1998 – 1999
SBIM (currently CIDES), Faculty of Medicine, University of Porto
BSc trainee. Development of dynamic graphical interfaces for an online biostatistics’ tutorial (e-learning).
VI. EMPLOYMENT
47
B. PRODUCT DEVELOPMENT This section describes the creation and implementation of 6 tools that were developed in the ambit
of academic, scientific and professional activities.
1. In 2009 – Implementation of BTG-RBAC model. This tool is working at Hospital S. João - Porto, Portugal, since 2004.
Publications: Ana Ferreira, David Chadwick, Gansen Zao, Pedro Farinha, Ricardo Correia, Rui Chilro, Luis Antunes. How to securely break into RBAC: the BTG-RBAC model. Proceedings from 25th Annual Computer Security Applications Conference - ACSAC2009, 2009. 23-31.
Ferreira A, Cruz-Correia R, Antunes L, Farinha P, Oliveira-Palhares E, Chadwick D W, Costa-Pereira A. How to break access control in a controlled manner? Proceedings of the 19th IEEE Symposium on Computer-Based Medical Systems, 2006. 847-851.
2. In 2008 – Implementation of a Break-The-Glass demo at PERMIS platform, as specified in technical annex of the European project TAS3, FP7 - TAS3.
3. In 2006 – Implementation of a tool to manage access control to a virtual electronic patient record, at Hospital S. João - Porto, Portugal, since 2004, and is based on RBAC.
Publication: Pedro Farinha, Ana Ferreira, Ricardo Correia. Web.care - gestão de acessos e recursos para estudos clínicos multicêntricos on-line. Actas da 1ª Conferência Ibérica de sistemas e Tecnologia de Informação, 2006. 1: 631-640.
4. In 2004 – Implementation of a tool to perform digital signatures to electronic patient reports. This tool is working at Hospital S. João - Porto, Portugal, since 2004, and uses GnuPG.
Publication: Ferreira A, Cruz-Correia R, Antunes L, Palhares E, Marques P, Costa P, Costa-Pereira A. Integrity for Electronic Patient Record Reports. Proceedings of the 17th IEEE Symposium on Computer-Based Medical Systems, 2004. 4-9.
5. In 2003 and 2004 – Development of all the database infrastructure to store patient reports that are generated from various hospital departments. This tool is working at Hospital S. João - Porto, Portugal, since 2004.
6. In 2003 – Implementation of a prototype of an access control model to electronic patient records at the HSA – Hardware Secure Appliance, da Hewlett Packard, for storage, auditing and detection of unauthorised accesses. HPLabs, Bristol, UK.
Publications: Ana Ferreira, Simon Shiu, Adrian Baldwin. Towards Accountability for Electronic Patient Records. 16th IEEE Symposium Proceedings on Computer-Based Medical Systems (CBMS2003), 2003. 189-94.
Ana Ferreira, Simon Shiu, Adrian Baldwin. Towards Secure Electronic Patient Records. MEDINF2003. 5(3): 341-344.
VI. EMPLOYMENT
48
C. OTHERS
1. Participation in the security working group for the Electronic Health Record (RSE). National Commissions for the RSE. 2010 and 2011.
2. Organization (2006) and member of the jury (2008), of the First Lego League Competition (http://www.firstlegoleague.org/). University of Kent. UK.
3. Organization and participation in the event InfoSecurity2003, at Hewlet Packard stand to show a demo regarding Identity-based encryption. HP Labs Bristol, UK. April 2003.
VII. CONTINUOUS EDUCATION
VII. CONTINUOUS EDUCATION
50
A. NON-ACADEMIC EDUCATION
This section presents courses that were attended as part of professional education. These are
chronologically ordered.
2018
- NetSci Porto 2018: Porto Winter School on Network Science. Duration: 21h
- EAIA 2018: Advanced School on Data Science for Big Data. Duration: 32h
- HCISPP Certification – Healthcare Information Security and Privacy Practicioner. (ISC)2 - The International Information Systems Security Certification Consortium, Inc.
2017
- HCISPP - HealthCare Information Security and Privacy Practitioner - Online course.
Duration: 25h
- UX Foundations Workshop. EDIT – Disruptive Digital Education. Duration: 16h.
2014
- Supervision of PhD candidates. Seminar by Kate Exley. University of Luxembourg. Duration: 3h.
2013
- Introduction to R. University of Luxembourg
- AFR Networking Day. “Chambre de Commerce”. Luxembourg.
- FNR Media Training. “Chambre de Commerce”. Luxembourg.
2012
- Organizational Processes for Supporting Sustainable Security. Dagstuhl Seminar 12501. Schloss Dagstuhl, Wadern Germany.
2011
- State of the Art of Information Technology in Healthcare: Perspectives and Evolution. University Fernando Pessoa. 2011. Duration: 2h.
2009
- Introduction to Biostatistics with SPSS. Summer School 2009. CIDES. Faculty of Medicine, University of Porto. Duration: 20h.
2008
- Interpretative Methods: The making of qualitative data and analysis. ECPR Summer School in Methods and Techniques. Duration: 40h.
- NVivo7 – The use of Informatics in the analysis of qualitative data. University Fernando Pessoa. Duration: 6h.
VII. CONTINUOUS EDUCATION
51
2007
- Advanced Security Implementation. RUMOS. Duration: 30h
- VPN implementation techniques. IGAP. Duration: 12h
- Introduction to Focus Groups. 1 Day course in Social Research. University of Surrey. Duration: 8h.
- Creation of Computer Security Incident Response Teams (CSIRTs). CERT.PT. Duration: 14h.
- The informatics’ shock in healthcare. “Centro de Cultura e Congressos da Secção Regional do Norte da Ordem dos Médicos”. Duration: 2h.
- E-learning – creation of an on-line course (MOODLE). IRICUP. Duration: 4h.
- Surveys. IRICUP. Duration: 1h.
2006
- STMS skills programme at Kent University: Getting started on the literature; Start Writing; An Introduction to use Endnote 9 for reference management; Interview Techniques; Nuts and Bolts; Assertiveness Training; Writing clearly; Guided Tour of a Thesis; Skills Audit; The Bigger Picture; Drop in Session; Publication Process Part I and II. Education courses as part of the PhD.
2005
- E321 - Virtual Private Networks (VPN). IRICUP and RUMOS. Duration: 12h.
- Oracle Database 10g: Advanced PL/SQL. ORACLE University. Duration: 12h.
- Building HL7 Solutions with Microsoft BizTalk Server. Microsoft Portugal.
- Management of Patient’s Clinical Information. Interface, “Jornadas Saúde”. Culturgest.
- Security of Patient’s Clinical Data. Interface, “Jornadas Saúde”. “Quinta das Lágrimas”.
2004
- Introduction to Database Architecture and Application Server ORACLE 10G. ORACLE Education. Duration: 24h.
- CISSP Certification - Certified Information Systems Security Professional. (ISC)2 - The International Information Systems Security Certification Consortium, Inc.
- Associate of (ISC)2 – Passed CISSP exam.
- Wireless LAN’s – wireless network equipment configuration and access control implementation, vulnerabilities and good security practice. Duration: 40h.
- CISSP exam revision - Royal Holloway, University of London. UK.
2003
- High Tech Crime. The British Computer Society – BCS. Bristol Branch. DC Andy Joyce. Avon and Somerset Constabulary. Duration: 1h.
2002
- Hacking Overview & Introduction to CheckPoint Firewall-1 NG. Royal Holloway, University of London, UK. Education courses as part of the MSc.
VII. CONTINUOUS EDUCATION
52
2000
- Implementing a Database Design on Microsoft SQLServer 7.0. Microsoft Official Curriculum Course Certification. Duration: 30h.
1993-1998
- English. British Council. Porto.
VII. CONTINUOUS EDUCATION
B. TECHNICAL PROFICIENCY
Programming PHP, Python, C, SQL, PL/SQL, HTML, JavaScript, VBScript, TCL/TK, Assembly, Pascal, COBOL, .NET. Basic knowledge of Java and C#.
Database systems Oracle RDBMS, SQLServer and MYSQL (configuration, administration and usage).
Management of identities Active Directory, Oracle Internet Directory, LDAP, OpenLDAP, Radiator/Radius and Kerberos (configuration, administration and usage).
Operating systems Linux (RedHat, CentOs and Ubuntu) and Windows NT/2000/XP/Vista/7 (configuration, administration and usage).
Web technologies Technologies ASP and CGI.
Others GnuPG, UML and Microsoft Office tools.
C. LANGUAGES
PORTUGUESE Native speaker
ENGLISH Excellent – written and spoken
CPE – Certificate of Proficiency in English, university of Cambridge Examinations, December 1998
FCE – First Certificate in English, university of Cambridge Examinations, June 1995
FRENCH Very good - written and spoken
French (Prolingua - Formation Carte Blanche. Français à orientation proféssionnelle. Level B2.2)
SPANISH Conversational
GERMAN Basic knowledge
Introductory course - 10h
VIII. OTHER INFORMATION
55
This section presents information regarding courses, hobbies and interests outside the professional and academic activities.
ART
- Origami folding and participation in workshops (Flower Origami 2010 and Christmas Origami 2010) and meetings, with some original works on sale at (http://etsy.com/shop/Anorigana/).
- Voice workshop – A voz assim e assado. António Miguel Trigueiro. EMAAG. Portugal. 2009.
- Winner of Gran Premio in Veneza in Musica, with the choir EVPM - Ensemble Vocal Pro Musica. Venice, Italy. September 2007.
- Dramatic Expression – Level I. APCC – Porto, Portugal. Duration: 21h. 2001.
- Piano degree from Porto’s Music Conservatory, Portugal. Between December 1991 and July 2000.
- Piano Masterclass, as a participant. Jorge Moyano. Porto’s Music Conservatory. 2000.
- Piano Masterclass, as a participant. Luíz Moura Castro. Vilar do Paraíso Music Academy. Portugal. 2000.
- Vocal Direction Masterclass, as a participant. Eugenia Vacarescu Necula. International Music Courses in Porto. Porto’s Music Conservatory. Portugal. 1999.
- Seminar on interpretation and pianistic techniques, as a listener. Carlos Cebro. Academia de Música de S. João da Madeira. Portugal. 1997.
- Porto School of Jazz, Portugal. Piano, 1987-1991.
- Ruvina School of Music, Porto, Portugal. Organ, 1986-1987.
SPORTS
- Amateur runner since May 2014.
- Swimming at competition level, “Futebol Clube do Porto”, Portugal. 1985-1987.
OTHERS
- Basic First-Aid course.
- Clean driving license.