Carlos Serrão

Carlos Serrão
ISCTE-Instituto Universitário de Lisboa | ISCTE · Department of Information Science and Technology

PhD.

About

94
Publications
59,777
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
369
Citations
Introduction
Assistant Professor at ISCTE-IUL (Lisbon University Institute)/ISTA (School of Technology and Architecture)/DCTI, where I teach several subjects related to Information Systems, Information Security, IT/IS Project Management and Entrepreneurship. ADETTI-IUL Researcher and Project Manager working on research areas: - Distributed Systems, Applications and Information Security - Management and Protection of e-Intellectual Property and e-Contents - Web-based and Mobile-based Information Systems
Additional affiliations
January 2008 - April 2015
ISCTE-Instituto Universitário de Lisboa
Position
  • Research Assistant
January 2008 - present
ISCTE-Instituto Universitário de Lisboa
Position
  • Research Assistant
January 2007 - December 2007
University Pompeu Fabra
Position
  • PhD Student
Education
April 2004 - December 2008
September 2001 - December 2006
September 2001 - April 2004

Publications

Publications (94)
Chapter
Full-text available
This chapter presents a use case based on the development of an interactive, integrated and adaptable visiting system for complex buildings and surrounding grounds (smart places). The system features a mobile application that allows the user to access information from several smart places in a single application and an indoor location and tracking...
Preprint
Full-text available
The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of Distributed Denial of Service (DDoS) attacks that try to explore those security weaknesses. We design and implement...
Article
With thousands of mobile applications submitted to online application stores, the mobile application market has experienced significant growth. This growth is accompanied by an increase in malware presence. A possible solution would be to leverage those reports across all mobile ecosystems, creating a shared reputation system.
Conference Paper
In this work we propose an integrated system to manage and enhance the museums visiting experience for the general public, providing a more comfortable, intelligent and interactive way to visit multiple museums without the need for several mobile applications, whilst giving a tool to museum curators that allows them to easily manage and extend the...
Article
Full-text available
The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of Distributed Denial of Service (DDoS) attacks that try to explore those security weaknesses. We design and implement...
Chapter
Full-text available
Traffic management and car parking on modern cities continues to be a problem both for citizens and for city officials. The increasing number of vehicles flowing into the city drain the existing scarce parking resources, and the increase in time spent looking for a parking spot leads to more congestions, parasitic traffic, whilst augmenting fuel co...
Chapter
Full-text available
This chapter revises the most important aspects in how computing infrastructures should be configured and intelligently managed to fulfill the most notably security aspects required by Big Data applications. One of them is privacy. It is a pertinent aspect to be addressed because users share more and more personal data and content through their dev...
Chapter
Full-text available
This chapter revises the most important aspects in how computing infrastructures should be configured and intelligently managed to fulfill the most notably security aspects required by Big Data applications. One of them is privacy. It is a pertinent aspect to be addressed because users share more and more personal data and content through their dev...
Chapter
This chapter revises the most important aspects in how computing infrastructures should be configured and intelligently managed to fulfill the most notably security aspects required by Big Data applications. One of them is privacy. It is a pertinent aspect to be addressed because users share more and more personal data and content through their dev...
Conference Paper
Full-text available
Traffic management and car parking on modern cities continues to be a problem both for citizens and for city officials. The increasing number of vehicles flowing into the city drain the existing scarce parking resources, and the increase in time spent looking for a parking spot leads to more congestions, parasitic traffic, whilst augmenting fuel co...
Conference Paper
Full-text available
The pressure of traffic on modern cities keeps growing. More and more vehicles flow into the city draining the existing parking resources and increasing traffic congestions and fueling the pollution increase. In this paper we present a solution for a low-cost smart parking system and all the software and hardware components that were developed and...
Conference Paper
Full-text available
The pressure of traffic on modern cities keeps growing. More and more vehicles flow into the city draining the existing parking resources and increasing traffic congestions and fueling the pollution increase. In this paper we present a solution for a low-cost smart parking system and all the software and hardware components that were developed and...
Article
Health-related data include not only the patient’s personal information, but also specific information about the patient health problems, supplementary diagnostic examination results, and much more. All this information is extremely sensitive and should only be accessed by the proper entities and actors, for special specific purposes. Described her...
Conference Paper
Currently, web and mobile-based systems exchange information with other services, mostly through APIs that extend the functionality and enable multipart interoperable information exchange. Most of this is accomplished through the usage of RESTful APIs and data exchange that is conducted using JSON over the HTTP or HTTPS protocol. In the case of the...
Conference Paper
Nowadays, information security is an increasing concern in institutions and organizations. This concern is even greater in the finance sector, not only because the financial amount involved but also clients and organization's private and sensitive information. As a way to test security in infrastructures, networks, deployed web applications and man...
Chapter
Full-text available
This chapter revises the most important aspects in how computing infrastructures should be configured and intelligently managed to fulfill the most notably security aspects required by Big Data applications. One of them is privacy. It is a pertinent aspect to be addressed because users share more and more personal data and content through their dev...
Conference Paper
Organizations have become increasingly dependent on information systems to perform their business as usual activities. Moreover, organizations have seen increasing the number of cyber-attacks, namely: industrial espionage, confidential information leakage, digital theft or pure damage to corporate image and reputation. In order to try to mitigate t...
Conference Paper
Full-text available
New organizations wanting to surf the Cloud wave face one big challenge, which is how to evaluate how its business will be impacted. Currently, there is no mutually accepted methodology to allow the verification of this information, or to compare security between the organization’s systems before and after migrating their resources to a Cloud. In t...
Article
Full-text available
One of the first phases, and one of the most important ones, in a security assessment activity (either legitimate or not) consists in the information gathering about a specific target. Information gathering, also recognized as footprinting, is the process of collecting all accessible information about that specific target. In a security assessment,...
Article
Full-text available
Currently, a large number of near-the-shore activities (sports and leisure) with a huge set of practitioners (growing everyday) exist. Also, the number of commercial companies, such as sport schools, that explore such type of costal activities are also on the rising. These kind of coastal activities are dependent of a set of conditions (in particul...
Article
Full-text available
Currently, millions and millions of users are using online social networks to share their thoughts, experiences and content with online friends. Documents, videos, music and pictures are shared online, relying on the privacy and security controls offered by the social network platforms, with little control from the end user. This creates serious pr...
Article
Full-text available
Among Internet users, the social networks have gained a huge popularity. Millions of users are part of some online social network in order to share their own experiences and content with others. Documents, videos, music and pictures are among some of the most shared content types online, relying on the privacy and security controls that are offered...
Article
Much has been talked about security, and with the wide spread and adoption of Cloud computing, the talk has followed the buzz and put Cloud Security in the spotlights. Security guides for the Cloud has been published, but we understand that is still missing a practical assessment methodology that would allow organizations to quick understand how th...
Article
Full-text available
This article presents the development of a specific software system through the integration of several open source applications. This integration makes use of several synchronous Enterprise Application Integration (EAI) techniques that were grouped as a way to keep the applications the most independent possible. The integration process was conducte...
Conference Paper
There are currently some technological measures that are able to enforce appropriate rights management technologies. In the educational field, where exceptions to copyright law, “fair use” is the main doctrine these technologies are controversial and its application has to weight the complex and contradictory pros and cons of such solutions. In thi...
Article
The digital content industry is facing significant challenges. One of the most significant challenges is the Intellectual Property protection. This challenge has been addressed technologically by using Digital Rights Management (DRM) systems that on a first stage ensured the appropriate management over digital content.However, rights management sys...
Conference Paper
Portugal has recently deployed an important number of governmental services to the World Wide Web. Concurrently, major services in Universities, Health Care, and most Public entities are also following this trend. For 2011, the Portuguese government will take these measures even further in the scope of a technological upgrade plan for Portugal. Thi...
Article
The Internet has made possible the access to thousands of freely available music tracks under the Creative Commons or Public Domain licenses. This number keeps growing on a yearly basis. In practical terms, it is extremely difficult to browse this huge music collection, because it is widely dispersed throughout multiple websites. The work presented...
Article
Full-text available
m Abstract- The Internet, and in particular the World Wide Web, have become one of the most common communication mediums in the World. Millions of users connect everyday to different web-based applications to search for information, exchange messages, interact with each other, conduct business, pay taxes, perform financial operations and many more....
Article
Knowledge transmission and science communication is a core activity of overall high education institutions. However very complex legal, technical and socioeconomic aspects are commonly faced by educational institutions requiring identify and address what is Intellectual Property (IP), who can own the products of knowledge, and how to manage it. Aca...
Article
The production, distribution, and consumption of information goods have endured numerous challenges over the years. Most recently, the Internet and digital consumer technologies have severely disrupted established intellectual-property regimes, enabling the near costless reproduction and distribution of information commodities. In addition, sophist...
Chapter
Following the EU Information and Communication Technologies agenda, the Portuguese Government has started the creation of many applications, enabling electronic interaction between individuals, companies and the public administration – the e-Government. Due to the Internet open nature and the sensitivity of the data that those applications have to...
Conference Paper
Controlling Intellectual Property Rights (IPR) in the Digital World is a very hard challenge. The facility to create multiple bit-by-bit identical copies from original IPR works creates the opportunities for digital piracy. One of the most affected industries by this fact is the Music Industry. The Music Industry has supported huge losses during th...
Article
The digital networks have facilitated the digital content access and sharing. Although this creates the opportunities to a wider dissemination of information and knowledge, on the other hand it creates challenges on what concerns the protection and enforcement of Intellectual Property (IP). This is particular important on the IP management of digit...
Article
Full-text available
Consumers want to use their digital content in the same way they have always used analog content. Consumer associations and governments are starting to request and even impose interoperability between DRM vendors' products. Therefore, interoperability has become a hot topic among content creators and distributors. Digital music providers and even a...
Conference Paper
Key management is the set of techniques and procedures supporting the establishment and maintenance of keying relationships between authorized parties. DRM platforms are usually composed by a set of different functionalities and components that usually manage and exchange keying material in a secure way. This key material has to be properly and sec...
Chapter
— In a World where all forms of digital content are growing at an increasing rate, there are some issues that need to be addressed. Intellectual Property Rights (IPR) is one of the most crucial and important one. If in the analogue World the IPR issues are addressed in a fairly well manner, the same doesn’t apply to the digital one. Users are perma...
Chapter
Modern high-bandwidth and open networks are a good medium for digital content distribution. However, digital content distribution over open networks can raise an all set of different issues related to piracy and intellectual propriety infringements and circumventions. Therefore, in order to avoid and overcome such issues, a good content security me...
Chapter
One of the most important requirements in government websites is the security. The Data Protection Act, Human Rights Act and other legislation require that privacy is respected. Beyond this, Government websites must be secure to build trust and maintain the reputation of electronic government. This will be seriously damaged if websites are defaced,...
Chapter
The ability to create, write or compose a song is a gift or feature that not everyone has within him or herself. The results of that kind of ability are an asset that should somehow, due to their nature, be recorded and protected. That protection can be enabled by the enforcement of the author’s rights, safeguarding its works. How can this protecti...
Conference Paper
This paper presents part the work conducted on the 1ST FP6 MediaNet Integrated Project to implement a Media Center solution integrated in a home netwok environment. This Media Center solution - which was called MediaBox $allowed the user to access from his/her home to DRM-protected music from online digital music stores. The paper describes the spe...
Conference Paper
In the digital world protecting digital intellectual property is proving to be a hard task. Not only it is complex to provide robust and reliable mechanisms to prevent unauthorized content copying and utilization, but also it is complex to provide a mechanism for specifying and enforcing how content can and will be used. Rights expression languages...
Article
Full-text available
This paper proposes Zás, a novel, flexible, and expressive authorization mechanism for Java. Zás has been inspired by Ramnivas Laddad's proposal to modularize Java Authentication and Authorization Services (JAAS) using an Aspect-Oriented Programming (AOP) approach. Zás' aims are to be simultaneously very expressive, reusable, and easy to use and co...
Conference Paper
Full-text available
This paper proposes Zás, a novel, flexible, and expressive authorization mechanism for Java. Zás has been inspired by Ramnivas Laddad’s proposal to modularize Java Authentication and Authorization Services (JAAS) using an Aspect-Oriented Programming (AOP) approach. Zás’ aims are to be simultaneously very expressive, reusable, and easy to use and co...
Conference Paper
During the past few years the web has changed and something which has been developed primarily for desktop computers can now be accessed from everywhere using portable and mobile devices. However, these new devices have some serious limitations in terms of screen size and computational power, just to mention a few. In order to display web pages des...
Article
This paper describes the work performed by a number of companies and universities who have been working as a consortium under the umbrella of the European Union Framework Programme 5 (FP5), Information Society Technologies (IST) research program, in order to provide a set of Digital Rights Management (DRM) technologies and architectures, aiming at...
Article
The WCAM project aims to provide an integrated system for secure delivery of video surveillance data over a wireless network, while remaining scalable and robust to transmission errors. To achieve these goals, the content is encoded in Motion-JPEG2000 and streamed with a specific RTP protocol encapsulation to prevent the loss of packets containing...
Conference Paper
Full-text available
In a largely interconnected World, the Web- Services (WS) computing paradigm is gaining momentum. Most Web Services applications existing today are being developed in the E-Business or E-Commerce context, mainly for Enterprise Application Integration (EAI) (12). This paper describes a distributed architecture that largely uses WS technology to cont...
Conference Paper
This work would start by describing OpenSDRM an open-source framework developed for the IST project MOSES., OpenSDRM is used to control the multimedia content consumption in conjunction with the new IPMPX MPEG-4 proposed standard. This architecture, composed by several building blocks, protects the content flow from creation to final user consumpti...
Article
The image compression standard JPEG2000 brings not only powerful compression performance but also new functionality unavailable in previous standards (such as region of interest, scalability and random access to image data, through flexible code stream description of the image). ISO/IEC JTC1/SC29/WG1, which is the ISO Committee working group for JP...
Article
Open source software is becoming a major trend in the software industry. Operating systems (OS) , Internet servers and several other software applications are available under this licensing conditions. This article assesses the security of open source technology, namely the Linux OS. Since a growing number of critical enterprise information systems...
Conference Paper
Full-text available
Multimedia content e-commerce is one of the hottest topics in today's Internet. Since the MP3 format appeared, back in early 90's, digital music popularity has never stopped growing, increasing the number of the so-called P2P services for exchanging digital music and raising several issues in terms of Intellectual Propriety protection arising from...
Conference Paper
Full-text available
Open source software is becoming a major trend in the software industry. Operating systems (OS), Internet servers and several other software applications are available under this licensing conditions. This article assesses the security of open source technology, namely the Linux OS. Since a growing number of critical enterprise information systems...
Article
This paper describes a methodology for parallelize a JPEG2000 encoder through the usage of a Beowulf Cluster and an already existing open-source JPEG2000 encoding software. It starts by giving an overview of the technical architecture solution chosen for the image cluster, justifying the choices that were followed. Next, the coding algorithm is pre...
Article
Full-text available
In this paper a new approach to Intellectual Property Management and Protection (IPMP) of multimedia content streams is proposed. The innovative feature of the approach is that the protection procedure is associated, embedded and downloaded with the protected content that is "consumed" on standard terminals. Such an approach thus enables terminal i...
Conference Paper
Electronic trading of multimedia content faces today important challenges. One of the most important challenges refers to the lack of production methodologies with strong interactions with the current state of the art digital content protection tools. This paper proposes a methodology, especially useful in the field of still digital images that int...
Article
Full-text available
A expansão das mais recentes Tecnologias de Informação, designadamente as relacionadas com a comunicação e a apresentação de Informação, e a difusão dos computadores pessoais ligados à Internet tem vindo a permitir uma reformulação radical dos sistemas de divulgação de informação, mormente os sujeitos a grande volume de pesquisas. Um exemplo disso...
Conference Paper
Full-text available
Protection of Intellectual Proprietary Rights is currently one of the most important barriers to electronic commerce of digital contents over networks. Authors and content providers understand the immense advantages of the digital world but show some reserve. However, technologies and techniques to protect IPR in digital content exist, their deploy...
Article
Full-text available
A expansão das mais recentes Tecnologias de Informação, designadamente as relacionadas com a comunicação e a apresentação de Informação, e a difusão dos computadores pessoais ligados à Internet tem vindo a permitir uma reformulação radical dos sistemas de divulgação de dados, mormente os sujeitos a grande volume de pesquisas. Um exemplo disso foi a...