Ricardo Gomes

@ipleiria.pt

Informatics Engineering Department
School of Technology and Management - Polytechnic Institute of Leiria

Ricardo Gomes


                              Download Compact PDF  
https://researchid.co/ricardo.p.gomes
Ricardo Gomes is a Invited Adjunct Professor at of Computers Engineering Dept., School of Technology and Management, Polytechnic of Leiria. He graduated from Polytechnic of Leiria in Computers Engineering and holds an M.Sc. in Computers Engineering from Polytechnic of Leiria. He has worked in the IT field outside of academia for 20 years. His research interests are cybersecurity, cloud infrastructure, and the development of frameworks and methodologies.

EDUCATION

Specialist Title in Informatics Sciences from the Polytechnic Institute of Leiria
MSc in Computer Engineering from the Polytechnic Institute of Leiria
Bs in Informatics Engineering from the Polytechnic Institute of Leiria

RESEARCH INTERESTS

Cloud Computing, Cybersecurity, Software Development, Data Sciences
11

Scopus Publications

315

Scholar Citations

6

Scholar h-index

5

Scholar i10-index

Scopus Publications

  • Using Secure Multi-Party Computation to Create Clinical Trial Cohorts
    Rafael Borges, Bruno Ferreira, Carlos Machado Antunes, Marisa Maximiano, Ricardo Gomes, Vítor Távora, Manuel Dias, Ricardo Correia Bezerra, Patrício Domingues
    Journal of Cybersecurity and Privacy, 2026
    The increasing volume of digital medical data offers substantial research opportunities, though its complete utilization is hindered by ongoing privacy and security obstacles. This proof-of-concept study explores and confirms the viability of using Secure Multi-Party Computation (SMPC) to ensure protection and integrity of sensitive patient data, allowing the construction of clinical trial cohorts. Our findings reveal that SMPC facilitates collaborative data analysis on distributed, private datasets with negligible computational costs and optimized data partition sizes. The established architecture incorporates patient information via a blockchain-based decentralized healthcare platform and employs the MPyC library in Python for secure computations on Fast Healthcare Interoperability Resources (FHIR)-format data. The outcomes affirm SMPC’s capacity to maintain patient privacy during cohort formation, with minimal overhead. It illustrates the potential of SMPC-based methodologies to expand access to medical research data. A key contribution of this work is eliminating the need for complex cryptographic key management while maintaining patient privacy, illustrating the potential of SMPC-based methodologies to expand access to medical research data by reducing implementation barriers.
  • Architecture for Health Private Data Sharing using Blockchain
    Frederico Carvalho, Marisa Maximiano, Ricardo Gomes, Vítor Távora, Manuel Dias, Ricardo Correia Bezerra
    Procedia Computer Science, 2025
    Increasing demand in innovative healthcare systems, as well as information management, enforces institutions and private consortiums to enroll in decentralized solutions that preserve patient’s sensitive information, and give capability of revoking and grating access to specific entities that request patient data. With blockchain emerging technology these solutions can be achieved allowing a more user-centric control of their own data. Furthermore, the need to conceal information and disabling data mining algorithm from agglomerating patient’s data and correlate them to their corresponding healthcare providers. This is crucial to maintain several privacy issues introduced by third parties accessing patient data without the patient’s explicit consent and applying those algorithms to perform clinical studies. This paper proposes an architectural approach at solving the problem of privacy preserving data sharing agreements between patients and healthcare providers, using blockchain, smart contracts and zero-knowledge proofs.
  • Can Secure MultiParty Computation be Used to Create Clinical Trial Cohorts based on Blockchain Notarized Private Patient Data?
    Bruno Ferreira, Rafael Borges, Carlos Machado Antunes, Marisa Maximiano, Ricardo Gomes, Vítor Távora, Manuel Dias, Ricardo Correia Bezerra
    Procedia Computer Science, 2025
    Healthcare faces some challenges regarding its privacy-preserving collaboration about the sharing of patients’ data, since healthcare providers and researchers need to guarantee that they can securely analyze patients’ data without revealing sensitive information, guaranteeing compliance with the privacy regulations. Nowadays, with the large amounts of stored healthcare data, the use of technology that can facilitate joint calculations on data, especially when obtaining informed consent by the patient can create some investigation opportunities. Therefore, finding a way to allow researchers to perform secure analyses across multiple parties while maintaining patient privacy is mandatory. Secure MultiParty Computation (SMPC) is a cryptographic technology that allows multiple parties to collaboratively compute functions using their private data while preserving confidentiality. In this work it is analyzed the use of SMPC in enhancing data sharing, collaboration, and privacy in a healthcare case study, which has allowed us to identify that SMPC is a valuable approach for handling large amounts of sensitive patient data. The principal outcome of this study is an architectural proposal using SMPC in creating clinical trial cohorts based on queries performed on confidential health records. This approach requires the overcoming of the challenge on multi-entity collaboration but can guarantee the preservation of patient privacy and health data confidentiality.
  • Using Homomorphic Encryption to Create Clinical Trial Cohorts based on Blockchain Notarized Private Patient Data
    Diogo Cardoso, Matilde Anastácio, Carlos Machado Antunes, Marisa Maximiano, Ricardo Gomes, Vítor Távora, Manuel Dias, Ricardo Correia Bezerra
    Procedia Computer Science, 2025
    In recent years, the volume of medical data generated has increased exponentially, presenting vast opportunities for advancements in healthcare mainly related to data protection and data sharing amongst institutions. In this article we will propose a solution that addresses both of those topics by leveraging blockchain technology. Additionally, the proposed solution seeks to empower patients by granting them greater control over their own data, in contrast to the current situation where data is owned by institutions. This, in turn, is expected to make participation in clinical study cohorts more appealing to patients since they can be confident that no meaningful data can be shared or accessed without their explicit consent, and in some scenarios also protecting their identity. The healthcare sector stands to benefit as more patients become interested in participating in clinical study cohorts, which may lead to faster and more precise treatment procedures.
  • Using LLMs to bridge the gap between consumers and Blockchain on a Agro-food traceability platform: An architectural proposal
    Diogo Santos, Filipa Gonçalves, Gonçalo Reis, Miguel Santos, Miguel Saraiva, Pedro Durães, Marisa Maximiano, Ricardo Gomes, Vítor Távora, Orlando Remédios
    Procedia Computer Science, 2025
    This paper explores architectural options for enhancing farm-to-fork traceability in the agro-food industry through the integration of blockchain, Web technologies, and Large Language Models (LLMs). Our primary objective is to propose an innovative architectural approach that addresses the challenges of implementing comprehensive traceability systems while improving consumer engagement. We examine various technological components, including blockchain, LLMs, and Web technologies. By leveraging LLMs enhanced with Retrieval-Augmented Generation (RAG) and Reasoning and Acting (ReAct) frameworks, we seek to simplify user interactions with the traceability system, making complex supply chain data more accessible and understandable to consumers. This approach to farm-to-fork traceability has the potential to significantly enhance transparency, food safety, and consumer trust in the agro-food sector.
  • LLM Based Chatbot for Farm-to-Fork Blockchain Traceability Platform
    José Benzinho, João Ferreira, Joel Batista, Leandro Pereira, Marisa Maximiano, Vítor Távora, Ricardo Gomes, Orlando Remédios
    Applied Sciences Switzerland, 2024
    Blockchain technology has been used with great effect in farm-to-fork traceability projects. However, this technology has a steep learning curve when it comes to its user interface. To minimize this difficulty, we created a solution based on a Large Language Model (LLM) conversational agent. Our implementation, starting with an existing knowledge base that is prepared and processed with an embedding model to be stored in a vector database, follows a Retrieval-Augmented Generation (RAG) approach. Other non-textual media like images and videos are aggregated with the embeddings to enrich the user experience. User queries are combined with a proximity search in the vector database and feed into an LLM that considers the conversation history with the user in its replies. Given the asynchronous nature of these models, we implemented a similarly asynchronous scheme using Server-Sent Events that deliver the models’ replies to a UI that supports multimodal media types such as images and videos by providing the visualization of these resources. The end solution allows users to interact with advanced technologies using a natural language interface; this in turn empowers food traceability projects to overcome their natural difficulty in engaging early adopters.
  • INFORMATION SECURITY AND CYBERSECURITY ASSESSMENT IN SME – AN IMPLEMENTATION METHODOLOGY
    Journal of Global Business and Technology, 2023
  • A methodology for mapping cybersecurity standards into governance guidelines for SME in Portugal
    Bruno Azinheira, Mário Antunes, Marisa Maximiano, Ricardo Gomes
    Procedia Computer Science, 2023
    The digitalization of companies and the implantation of Industry 4.0 concepts are emerging and challenging for micro and Small and Medium Enterprises (SME). The benefits are evident for the companies, as their business processes become simplified, and the internationalization and global market penetration turn out to be improved. However, information security and cybersecurity concerns have been raised on SME, as best practices and regulations compliance should be applied. The wide set of these regulations and their broad scope has put constraints on their overall direct mapping and adoption into SME. This paper describes an original methodology to map the Roadmap for Minimum Cybersecurity Capabilities (RMCSC) delivered by the Portuguese Cybersecurity Centre, into the well-adopted international information security ISO 27001:2013 standard. The proposed mapping is oriented toward the characteristics of SME and allows these companies to assess their cybersecurity risk to further mitigate potential identified flaws. The main deliverable of this paper is the developed methodology, which correlates the actions of the cybersecurity capabilities roadmap and the security controls enclosed in the ISO 27001:2013 standard. A questionnaire was developed to support the cybersecurity risk self-diagnosis, and the actions were justified and detailed in this paper. Further developments include the submission of the questionnaire to a case study of SME in the centre region of Portugal.
  • A Client-Centered Information Security and Cybersecurity Auditing Framework
    Mário Antunes, Marisa Maximiano, Ricardo Gomes
    Applied Sciences Switzerland, 2022
    Information security and cybersecurity management play a key role in modern enterprises. There is a plethora of standards, frameworks, and tools, ISO 27000 and the NIST Cybersecurity Framework being two relevant families of international Information Security Management Standards (ISMSs). Globally, these standards are implemented by dedicated tools to collect and further analyze the information security auditing that is carried out in an enterprise. The overall goal of the auditing is to evaluate and mitigate the information security risk. The risk assessment is grounded by auditing processes, which examine and assess a list of predefined controls in a wide variety of subjects regarding cybersecurity and information security. For each control, a checklist of actions is applied and a set of corrective measures is proposed, in order to mitigate the flaws and to increase the level of compliance with the standard being used. The auditing process can apply different ISMSs in the same time frame. However, as these processes are time-consuming, involve on-site interventions, and imply specialized consulting teams, the methodology usually adopted by enterprises consists of applying a single ISMS and its existing tools and frameworks. This strategy brings overall less flexibility and diversity to the auditing process and, consequently, to the assessment results of the audited enterprise. In a broad sense, the auditing needs of Small and Medium-sized Enterprises (SMEs) are different from large companies and do not fit with all the existing ISMSs’ frameworks, that is a set of controls of a particular ISMS is not suitable to be applied in an auditing process, in an SME. In this paper, we propose a generic and client-centered web-integrated cybersecurity auditing information system. The proposed system can be widely used in a myriad of auditing processes, as it is flexible and it can load a set of predefined controls’ checklist assessment and their corresponding mitigation tasks’ list. It was designed to meet both SMEs’ and large enterprises’ requirements and stores auditing and intervention-related data in a relational database. The information system was tested within an ISO 27001:2013 information security auditing project, in which fifty SMEs participated. The overall architecture and design are depicted and the global results are detailed in this paper.
  • Information Security and Cybersecurity Management: A Case Study with SMEs in Portugal
    Mário Antunes, Marisa Maximiano, Ricardo Gomes, Daniel Pinto
    Journal of Cybersecurity and Privacy, 2021
    Information security plays a key role in enterprises management, as it deals with the confidentiality, privacy, integrity, and availability of one of their most valuable resources: data and information. Small and Medium-sized enterprises (SME) are seen as a blind spot in information security and cybersecurity management, which is mainly due to their size, regional and familiar scope, and financial resources. This paper presents an information security and cybersecurity management project, in which a methodology based on the well-known ISO-27001:2013 standard was designed and implemented in fifty SMEs that were located in the center region of Portugal. The project was conducted by a business association located at the center of Portugal and mainly participated by SMEs. The Polytechnic of Leiria and an IT auditing/consulting team were the other two entities that participated on the project. The characterisation of the participating enterprises, the ISO-27001:2013 based methodology developed and implemented in SMEs, as well as the results obtained in this case study, are depicted and analysed in the paper. The attained results show a clear benefit to the audited and intervened SMEs, being mainly attested by the increasing of their information security management robustness and collaborators’ cyberawareness.
  • A Customizable Web Platform to Manage Standards Compliance of Information Security and Cybersecurity Auditing
    Mário Antunes, Marisa Maximiano, Ricardo Gomes
    Procedia Computer Science, 2021

RECENT SCHOLAR PUBLICATIONS

  • Automating and hardening blockchain nodes in a decentralized healthcare platform for enhanced security and efficiency
    RP Oliveira, R Camarada, M Maximiano, R Gomes, V Távora, M Dias, ...
    Procedia Computer Science 278, 1390-1397 , 2026
    2026
  • Compute-to-Data Federated Learning Approach on a Blockchain Notarized Health Platform
    A Ruiz, G Rodrigues, M Maximiano, R Gomes, V Távora, M Dias, ...
    Procedia Computer Science 278, 1358-1365 , 2026
    2026
  • Evaluating Model Context Protocol in the context of a Conversational Agent supporting an Agro-Food Blockchain Logistics Platform
    A Fernandes, L Oliveira, CM Antunes, M Maximiano, R Gomes, V Távora, ...
    Procedia Computer Science 278, 742-750 , 2026
    2026
  • Supply chain traceability by recording EPCIS data on Hyperledger Fabric
    B Neto, J Febra, P Durães, P Domingues, CM Antunes, M Maximiano, ...
    Procedia Computer Science 278, 709-716 , 2026
    2026
  • Threat Modeling a Solution Integrating Blockchain and Artificial Intelligence for Agro-Food Traceability
    A Guerra, H Lemos, P Domingues, CM Antunes, M Maximiano, R Gomes, ...
    Procedia Computer Science 278, 717-724 , 2026
    2026
  • LINDDUN based Threat Modeling of a Healthcare Distributed Ledger Platform
    D Dinis, J Oliveira, M Maximiano, R Gomes, V Távora, M Dias, ...
    Procedia Computer Science 278, 1366-1373 , 2026
    2026
  • Using Secure Multi-Party Computation to Create Clinical Trial Cohorts
    R Borges, B Ferreira, CM Antunes, M Maximiano, R Gomes, V Távora, ...
    Journal of Cybersecurity and Privacy 6 (1), 2 , 2025
    2025
    Citations: 3
  • Integration of Citizen’s Card Digital Authentication in Hyperledger
    CM Antunes, M Maximiano, V Távora, R Gomes, M Dias, R Correia
    Journal of Digital Media & Interaction 8 (19), 66-86 , 2025
    2025
  • Threat Modeling a Health Web3 DApp
    R Gomes, D Dinis, J Oliveira, M Maximiano, V Távora, CM Antunes, ...
    Journal of Digital Media & Interaction 8 (19), 46-65 , 2025
    2025
  • Threat Modeling a Health Web3 DApp
    D Dinis, J Oliveira, M Maximiano, V Távora, R Gomes, CM Antunes, ...
    Book of the Extend Abstracts of the International Conference on, 26 , 2025
    2025
  • Integration of Citizen’s Card Digital Authentication in Hyperledger
    M Maximiano, V Távora, R Gomes, CM Antunes, M Dias, R Correia
    Book of the Extend Abstracts of the International Conference on, 28 , 2025
    2025
  • Using Homomorphic Encryption to Create Clinical Trial Cohorts based on Blockchain Notarized Private Patient Data
    D Cardoso, M Anastácio, CM Antunes, M Maximiano, R Gomes, V Távora, ...
    Procedia Computer Science 256, 988-995 , 2025
    2025
    Citations: 3
  • Architecture for Health Private Data Sharing using Blockchain
    F Carvalho, M Maximiano, R Gomes, V Távora, M Dias, RC Bezerra
    Procedia Computer Science 256, 909-917 , 2025
    2025
    Citations: 2
  • Can Secure MultiParty Computation be Used to Create Clinical Trial Cohorts based on Blockchain Notarized Private Patient Data?
    B Ferreira, R Borges, CM Antunes, M Maximiano, R Gomes, V Távora, ...
    Procedia Computer Science 256, 996-1002 , 2025
    2025
    Citations: 2
  • Using LLMs to bridge the gap between consumers and Blockchain on a Agro-food traceability platform: an architectural proposal
    D Santos, F Gonçalves, G Reis, M Santos, M Saraiva, P Durães, ...
    Procedia Computer Science 256, 319-326 , 2025
    2025
    Citations: 5
  • LLM Based Chatbot for Farm-to-Fork Blockchain Traceability Platform
    J Benzinho, J Ferreira, J Batista, L Pereira, M Maximiano, V Távora, ...
    Applied Sciences 14 (19), 8856 , 2024
    2024
    Citations: 25
  • INFORMATION SECURITY AND CYBERSECURITY ASSESSMENT IN SME-AN IMPLEMENTATION METHODOLOGY.
    B Azinheira, M Antunes, M Maximiano, RP Gomes
    Journal of Global Business & Technology 19 (1) , 2023
    2023
    Citations: 6
  • A methodology for mapping cybersecurity standards into governance guidelines for SME in Portugal
    B Azinheira, M Antunes, M Maximiano, R Gomes
    Procedia Computer Science 219, 121-128 , 2023
    2023
    Citations: 15
  • A Client-Centered Information Security and Cybersecurity Auditing Framework
    M Antunes, M Maximiano, R Gomes
    Applied Sciences 12 (9), 4102 , 2022
    2022
    Citations: 49
  • Acknowledgment to Reviewers of Journal of Cybersecurity and Privacy in 2021
    A Tonacci, K Perumalla, A Rahmati, K Shaukat, A Melis, K Demertzis, ...
    2022

MOST CITED SCHOLAR PUBLICATIONS

  • Information Security and Cybersecurity Management: A Case Study with SMEs in Portugal
    M Antunes, M Maximiano, R Gomes, D Pinto
    Journal of Cybersecurity and Privacy 1 (2), 219-238 , 2021
    2021
    Citations: 164
  • A Client-Centered Information Security and Cybersecurity Auditing Framework
    M Antunes, M Maximiano, R Gomes
    Applied Sciences 12 (9), 4102 , 2022
    2022
    Citations: 49
  • A Customizable Web Platform to Manage Standards Compliance of Information Security and Cybersecurity Auditing
    M Antunes, M Maximiano, R Gomes
    Procedia Computer Science 196, 36-43 , 2022
    2022
    Citations: 41
  • LLM Based Chatbot for Farm-to-Fork Blockchain Traceability Platform
    J Benzinho, J Ferreira, J Batista, L Pereira, M Maximiano, V Távora, ...
    Applied Sciences 14 (19), 8856 , 2024
    2024
    Citations: 25
  • A methodology for mapping cybersecurity standards into governance guidelines for SME in Portugal
    B Azinheira, M Antunes, M Maximiano, R Gomes
    Procedia Computer Science 219, 121-128 , 2023
    2023
    Citations: 15
  • INFORMATION SECURITY AND CYBERSECURITY ASSESSMENT IN SME-AN IMPLEMENTATION METHODOLOGY.
    B Azinheira, M Antunes, M Maximiano, RP Gomes
    Journal of Global Business & Technology 19 (1) , 2023
    2023
    Citations: 6
  • Using LLMs to bridge the gap between consumers and Blockchain on a Agro-food traceability platform: an architectural proposal
    D Santos, F Gonçalves, G Reis, M Santos, M Saraiva, P Durães, ...
    Procedia Computer Science 256, 319-326 , 2025
    2025
    Citations: 5
  • Using Secure Multi-Party Computation to Create Clinical Trial Cohorts
    R Borges, B Ferreira, CM Antunes, M Maximiano, R Gomes, V Távora, ...
    Journal of Cybersecurity and Privacy 6 (1), 2 , 2025
    2025
    Citations: 3
  • Using Homomorphic Encryption to Create Clinical Trial Cohorts based on Blockchain Notarized Private Patient Data
    D Cardoso, M Anastácio, CM Antunes, M Maximiano, R Gomes, V Távora, ...
    Procedia Computer Science 256, 988-995 , 2025
    2025
    Citations: 3
  • Architecture for Health Private Data Sharing using Blockchain
    F Carvalho, M Maximiano, R Gomes, V Távora, M Dias, RC Bezerra
    Procedia Computer Science 256, 909-917 , 2025
    2025
    Citations: 2
  • Can Secure MultiParty Computation be Used to Create Clinical Trial Cohorts based on Blockchain Notarized Private Patient Data?
    B Ferreira, R Borges, CM Antunes, M Maximiano, R Gomes, V Távora, ...
    Procedia Computer Science 256, 996-1002 , 2025
    2025
    Citations: 2
  • Automating and hardening blockchain nodes in a decentralized healthcare platform for enhanced security and efficiency
    RP Oliveira, R Camarada, M Maximiano, R Gomes, V Távora, M Dias, ...
    Procedia Computer Science 278, 1390-1397 , 2026
    2026
  • Compute-to-Data Federated Learning Approach on a Blockchain Notarized Health Platform
    A Ruiz, G Rodrigues, M Maximiano, R Gomes, V Távora, M Dias, ...
    Procedia Computer Science 278, 1358-1365 , 2026
    2026
  • Evaluating Model Context Protocol in the context of a Conversational Agent supporting an Agro-Food Blockchain Logistics Platform
    A Fernandes, L Oliveira, CM Antunes, M Maximiano, R Gomes, V Távora, ...
    Procedia Computer Science 278, 742-750 , 2026
    2026
  • Supply chain traceability by recording EPCIS data on Hyperledger Fabric
    B Neto, J Febra, P Durães, P Domingues, CM Antunes, M Maximiano, ...
    Procedia Computer Science 278, 709-716 , 2026
    2026
  • Threat Modeling a Solution Integrating Blockchain and Artificial Intelligence for Agro-Food Traceability
    A Guerra, H Lemos, P Domingues, CM Antunes, M Maximiano, R Gomes, ...
    Procedia Computer Science 278, 717-724 , 2026
    2026
  • LINDDUN based Threat Modeling of a Healthcare Distributed Ledger Platform
    D Dinis, J Oliveira, M Maximiano, R Gomes, V Távora, M Dias, ...
    Procedia Computer Science 278, 1366-1373 , 2026
    2026
  • Integration of Citizen’s Card Digital Authentication in Hyperledger
    CM Antunes, M Maximiano, V Távora, R Gomes, M Dias, R Correia
    Journal of Digital Media & Interaction 8 (19), 66-86 , 2025
    2025
  • Threat Modeling a Health Web3 DApp
    R Gomes, D Dinis, J Oliveira, M Maximiano, V Távora, CM Antunes, ...
    Journal of Digital Media & Interaction 8 (19), 46-65 , 2025
    2025
  • Threat Modeling a Health Web3 DApp
    D Dinis, J Oliveira, M Maximiano, V Távora, R Gomes, CM Antunes, ...
    Book of the Extend Abstracts of the International Conference on, 26 , 2025
    2025