Abstract. 1. Introduction

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Abstract. 1. Introduction"

Transcription

1 보안공학연구논문지 Journal of Security Engineering Vol.12, No.2 (2015), pp Abstract E-health is the delivery of health information, for health professionals and health consumers, through the internet. Nowadays internet-based system deployment is used in medical field due to advantages it has to offer. All the information like patient test results, diagnosis and others are stored in the database. In this paper we discuss the e-health data management system and proposed a security mechanism on how to secure the retrieving of the data in the database. Here proposed a scheme to authenticate the users and give them the right to access base on ser, role, session, permission, constraints and tasks. Keywords: E-health, medical records, cryptography, database 1. Introduction E-health is the transfer of health resources and health care by electronic means. E-health is the delivery of health information, for health professionals and health consumers, through the Internet and telecommunications. Delivery of e-health using the power of IT to improve public health services, example through the education and training of health workers[1]. The patient-oriented medical data management service platform is a healthcare service platform that matches the Health Care 3.0 era to meet the needs of the construction of smart healthcare service platform. The platform comprehensively performs to cover both health data of the hospital or clinic and user health related data measured using smart device like sleep, emotion, exercise, food, and movement data. Further, it can cover to provide health information not only to their own medical staff and specific hospital information system under the patient s consent but also to patients and general users[1][2]. When utilizing personalized patient centered healthcare service platform, the view point of the medical service is extended from the medical center to a living area such as a home, fitness center, or business center. It can reduce repeated visits to the hospital and save in national healthcare costs. Therefore, personal healthcare service platform to support the whole management of personal health data using the smart mobile devices is Received(January 04, 2015), Review request(january 05, 2015), Review Result(1st: January 20, 2015, 2nd: March 02, 2015) Accepted(Aril 10, 2015), Publish(Aril 30, 2015) ISSN: JSE Copyright 2015 SERSC 181

2 necessary to customize day life healthcare. A key challenge that attends the adoption of electronic health information networks is therefore to ensure that the principle of consent is meaningfully respected and enforced in electronic contexts. The medical information is stored in the database for future referral of the patient health status or health history. The records can be used in the future medical diagnosis of the patient. The previous findings can be used to trace up the history of the health status and medication that the patient have been through. In this way the Physician has the guide in his/her medical analysis. If not secured the Bad guy can modify the medical record of the patient and this will lead to wrong diagnosis[3]. Medical records are very important information that if sabotage can threat the patient health findings. For example, the intruder or Bad guy have a bad intention to the patient, so one way to execute his plan is to access the medical records of the patient and modify it, replacing the previous or existing findings/records of the patient with the different information that could harm the patient if the Physician administers the modified diagnosis. By modifying the records of the patient, the Bad guy can trick the Physician by putting different diagnosis[4]. Who are the authorized users who can access the medical records of the patient? These people are the Physician, Nurse, Secretaries, System Administrator and Database Administrator. How to implement the security system on the records? Basically the database where the medical information is being stored needed to be secured. In this paper, we tackle the security implementation in the database where the medical records are being stored. The content of the paper are as follows: Section 2, the Background, here we discussed the related information about the medical records and the background technology. Section 3, discuss the security threats. Section 4 is the proposed security mechanism. And the last section is the conclusion. 2. Background In recent years, the rapid improvement in technology has been influential in designing the healthcare system. Consequently, many researchers are focusing in u-healthcare system development. The u-healthcare system application and devices were given much attention to provide ubiquity in healthcare services. Now a day, the used of the internet is very essential in our daily transactions. Almost everything rely on the use of the internet, like business, education, security and others are using internet as the main medium to deliver information. Now, medical field is also adopting the use of IT. We used internet-based because this is the best way to deploy the system which can be access anytime, anywhere via internet. This practice is very helpful for the Physician to access the previous medical history of the patient that they are handling. In this case they have the background, and this could help them in their analysis[5]. 182 Copyright 2015 SERSC

3 보안공학연구논문지 Journal of Security Engineering Vol.12, No.2 (2015) The rapid expansion of wireless technology has led to the possibility of widespread untethered medical and health monitoring. The use of wireless technology, promises benefits in terms of replacing cabling, greater flexibility in equipment placement, wider access to patient data patient mobility in hospital and possibly home monitoring allowing earlier patient release. There will also be opportunities for the emerging monitoring and alerting applications such as remote patient monitoring and automatic drug delivery. Since these medical records is stored in the database and can be access through internet, distance and time is not a consideration. 2.1 E-health Data Management architecture [Fig. 1] E-Health Data Management overview [Fig. 1] illustrates the E-Health Data Management overview which gives access to both patients and the physician. The information can be access through PC, mobile phone and other internet enabled devices via internet. When a user proxy database is created, metadata for the proxy tables is imported automatically from the remote location that contains the actual tables. This metadata is then used to create proxy tables within the proxy database to make more secured database back-up. 2.2 Entities Doctor: has access to the data of his own patients, but not to the patients of another doctor. Nurse: has access to the patient information of patients she is responsible for. Secretary: has access to (for example) insurance information, or name and home address, of the patients of all doctors within the department. General User: has the access to the medical record of the patient for research or other purposes. ISSN: JSE Copyright 2015 SERSC 183

4 Patient: has the access to his/her own personal medical records. System Administrator: responsible for taking care of the operation and/or maintenance of the system. The system administrator has access to all physical machines. He should not have access to any patient information. Database Administrator: administers and maintains the database itself and therefore has access to the database. In a system where the database is in the hospital, this person may be the same as the system administrator. He should not have access to any patient information. Hacker: tries to hack into the system in any way possible. 2.3 Role-based Access control This kind of access to the e-health information is based on the role. Every user is given the right to access the database. However, there are restrictions based on their roles that are programmed already. In this way, the inadvertently or deliberately having access to information they are not supposed to can be controlled. In this paper we conceptualized the secured data management for electronic health records through role-based access control. 3. Security Threats E-health security is about stopping people inadvertently or deliberately having access to information they are not supposed to, whereas safety is about whether a person can be harmed because information is wrong, or not delivered, or delivered to the wrong person[6]. The security threats is on the data server side and the on the access on the user side. Data warehouse Threats l DB/network threats This is very important that the network is secure. Any activity concerning internet access is vulnerable to network attacks. Though, when we look at the e-health systems, the network security does not require a big attention, but privacy thus. A number of approaches have been developed to provide the level of safeguarding for network security that is required in which the database needs to be secured. l DOS attack A denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users. Perpetrators of DoS attacks typically target sites or services hosted on gateways, and even root 184 Copyright 2015 SERSC

5 name servers. l Unauthorized access 보안공학연구논문지 Journal of Security Engineering Vol.12, No.2 (2015) Unauthorized access generally refers to the viewing or possession of something without legal authority. For example, in the context of medical records privacy, it means the inappropriate review or viewing of patient medical information without a direct need for diagnosis, treatment, or other lawful use. User Access Threats l Threats of privacy, secrecy, confidentiality and availability. l Wireless threats Access to internet is anywhere because of wireless technology. The details of the potential vulnerabilities are eavesdropping, denial of service, database security, network security, data protection, privacy protection, authentication, unauthorized access, message forgery, and virus attack. As examining security threats in u-healthcare service, it is necessary to construct a security model including risk assessment, accountability and policy enforcement. In risk assessment, the information asset can be a registry and repository, where the information of patient health is stored, it is guaranteed for data confidentiality, integrity, and availability. In addition, the patient safety is always the first to privacy is a primary principle of providing health information. The requester who try to access to the health information must be identified in order to determine the responsibility to impart information. In particular, a history of access control events with respect to the information must be sure to perform a security audit logs should be left. The domains which share information of each other have to agree with cross identification, authentication, and security audit level[7]. [Fig 2] Security Threats overview ISSN: JSE Copyright 2015 SERSC 185

6 4. Security Mechanisms Applying the use of cryptographic scheme is very important, since the direct access in e-health records is very crucial and need to be taken care of. 4.1 Digital Signatures To ensure that no one know the content of the message sent from database to the user, that is no modification done, digital signatures can be a good security. This will allow authentication for both sides of the communication. Digital signatures reduce amount of computation involved unlike public cryptography that computationally intensive. Digital signatures depend on hash functions. The size of the output depends on the algorithm, typically between 100 and 200 bits. It is difficult to forge; it s like a human fingerprint. Digital Signature computed this way: 4.2 Certificates Public key certificate is digitally signed statement by a trusted entity. Certificate Authority (CA) is a trusted entity, the certificate is signed by the CA s private key and certificates bind an identifier to a public key. The identifier can be a person, organization, address or an IP address. The widely used public key certificate today is X.509 standard. X.509 is being used by several protocols, including Privacy Extended Mail, Secure Socket Layer, Secure HTTP, and Public Key Cryptography Standard. 4.3 Hash Functions, Message Digest and Message Authentication Codes Hash functions and message digest is a one-way hash function. The output of this function is random, with approximately half bits set to the opposite values of the other half. Changing one bit of an input should result in a completely different output. It is very hard to find the message that produces the same output that is what makes hash function secure. A hash function takes a variable-size input and produces a fixed-sized output. Given this fact it is clear that there is infinity of messages that, when hashed, could produce the same output. If the size is too small, then it will be easy to try all the possible values that will produce an output. Suppose the size is 32 bits, this means that one would need to try approximately 232 different messages to produce a particular output. This means that there would be 232 different guesses of message in order to find the right one to produce the same output. 186 Copyright 2015 SERSC

7 보안공학연구논문지 Journal of Security Engineering Vol.12, No.2 (2015) The most commonly used hash functions are the Secure Hash Algorithm (SHA-1) and MD5 (Message Digest), which have an output of 128 bit or more. In this paper, we use the combination of the above mentioned cryptographic schemes. 5. Security Architecture The objective is to reduce the complexity and effort required to manage the authorization. This paper makes a security mechanism based on User, Role, Session, Permission, Constraints and Tasks. [Fig 3] Flow of the proposed security [Fig. 3] illustrates the flow of how the user accesses the medical records of the patient and the process of the authentication. For example, physician can access this kind of information and the nurses can only access limited information. The physician access rights are depending on the patient s key. Patients key signify the patients identity and the physician that is allowed to access the patient s information. This physician could be the one who is treating the patient and of course the nurse in charge. At start the User access the system by logging in with the username and password. This means that before the User can log-in in the system, he/she must register first in the system. In the registration process, this is the time where all the information about the User is being stored in the system. The User information is stored in different table separate from the patient s information. This means that during the registration process, the restriction and the access rights on the user are already set. So every time they access the system, the database automatically return the only possible data that they can access. Plus of course, to verify the identity on the user, there is a secret key that need to be used to authenticate. When the entity sends a query message, the database will send the ciphertext to the User. This ciphertext was encrypted by the patient private key. The message is decrypted through the patient private key. The patient private key was pre-assigned, which was randomly generated when the patient account was created. The User ISSN: JSE Copyright 2015 SERSC 187

8 Public key was pre-assigned through certified authority (CA). As you can see, the User that want to access the data will have to undergo two authentication processes, first the use of the username and password to access the system and next is the use of the key to decrypt the encrypted information. 6. Conclusion There is a need to secure the e-health information of the patient. The use of Internet technologies for remote access to medical records is undoubtedly a convenient way of sharing patient information within and between healthcare facilities. The security measures, in our opinion, are adequate for permitting access only to authorized users without compromising the confidentiality of medical records. In this paper we proposed a design of secure e-health data management system. In order to have verify the user and give them the right permission to access the records, used the two authentication method. First is the permission to access the system then the permission to access the medical records. The restrictions on the access of the medical records are based on the specified role of the user. References [1] M. S. Shin, H. S. Jeon, Y. W. Ju, B. J. Lee, and S.-P. Jeong, Constructing RBAC Based Security Model in u-healthcare Service Platform, The Scientific World Journal, (2015), Volume 2015 pp. 1-13, [2] S. Mohammed, J. Fiaidhi, Ubiquitous Health and Medical Informatics: The Ubiquity 2.0 Trend and Beyond, Medical Information Science Reference, (2010) ISBN [3] Y. Gelogo and S. W. Park, A Study on Secure Electronic Medical DB System in Hospital Environment. International Journal of Bio-Science and Bio-Technology, (2013), Vol. 5, No. 3, [4] E. Lastdrager, Securing Patient Information in Medical Databases, MS Thesis, (2011) [5] T. D. Gunter, and N. P. Terry, 2005 The Emergence of National Electronic Health Record Architectures in the United States and Australia: Models, Costs, and Questions, Journal of Medical Internet Research, (2005), Vol 7, No 1 (2005) [6] S. Silverstein, 2009 a pivotal year in healthcare IT (2009), Drexel University. Retrieved 2014/8/27 [7] L. Dunlop, Electronic Health Records: Interoperability Challenges and Patient's Right for Privacy, Journal of Computer and Technology. (2007), Vol. 2 (Spring 20017) 188 Copyright 2015 SERSC

9 보안공학연구논문지 Journal of Security Engineering Vol.12, No.2 (2015) Authors Yvette E. Gelogo 2010 : Western Visayas College of Science and Technology, Philippines (BS Information Technology) 2012 : Hannam University, Korea (MS Multimedia Engineering) Present : Catholic University of Daegu, Korea (PhD in Computer Information and Communication Engineering) Research interests : Software Engineering, Mobile Computing, Ubiquitous Learning, Embedded System Design, Ubiquitous Healthcare System Development, Information Security. Haeng-Kon Kim : Chungang University, B.S. degree in Computer Science : Chungang University, M.S. degree in Software Engineering : Chungang University, Ph.D. degree in software Engineering : NASA, Research Staff : Korea Telecommunication Research Center, Full-time Employment Research Staff : Bell Lab., Research Staff : Central Michigan University, Visiting Professor : Catholic University of Daegu, Associate Professor present : Catholic University of Daegu, Professor Others: Vice-President of Engineering College ( ); Editor, KIPS (Korea Information Processing Society); Editor, KISS (Korea Information Science Society); Member, IEEE on Software Engineering; President, SERSC (Science and Engineering Research Support Society) Research interests : Component Based Software Engineering, Object-oriented software Engineering, Software Reuse, User Interface Design, CASE, Software Re-engineering, Tools and Methodologies ISSN: JSE Copyright 2015 SERSC 189

10 190 Copyright 2015 SERSC

A Study on Secure Electronic Medical DB System in Hospital Environment

A Study on Secure Electronic Medical DB System in Hospital Environment A Study on Secure Electronic Medical DB System in Hospital Environment Yvette E. Gelogo 1 and Sungwon Park 2 * 1 Catholic University of Daegu, Daegu, Korea 2 Department of Nursing, Hannam University, 133

More information

Is your data safe out there? -A white Paper on Online Security

Is your data safe out there? -A white Paper on Online Security Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects

More information

Journal of Electronic Banking Systems

Journal of Electronic Banking Systems Journal of Electronic Banking Systems Vol. 2015 (2015), Article ID 614386, 44 minipages. DOI:10.5171/2015.614386 www.ibimapublishing.com Copyright 2015. Khaled Ahmed Nagaty. Distributed under Creative

More information

A Review on Mobile Services Secure Mobility Platform

A Review on Mobile Services Secure Mobility Platform 보안공학연구논문지 Journal of Security Engineering Vol.12, No.5 (2015), pp.525-532 http://dx.doi.org/10.14257/jse.2015.10.09 A Review on Mobile Services Secure Mobility Platform Regin Joy Conejar 1), Haeng-KonKim

More information

Access Control patient centric selective sharing Emergency Access Information Exchange

Access Control patient centric selective sharing Emergency Access Information Exchange Electronic Health Record Software Required Security Features and Recommendations for Technical Specifications of Single Source Contracts and RFI for the Behavioral Health Information Technology Grant Scope:

More information

Next Generation Cloud Computing Issues and Solutions

Next Generation Cloud Computing Issues and Solutions Next Generation Cloud Computing Issues and Solutions Jeon SeungHwan 1, Yvette E. Gelogo 1 and Byungjoo Park 1 * 1 Department of Multimedia Engineering, Hannam University 133 Ojeong-dong, Daeduk-gu, Daejeon,

More information

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Using etoken for SSL Web Authentication. SSL V3.0 Overview Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents

More information

OpenHRE Security Architecture. (DRAFT v0.5)

OpenHRE Security Architecture. (DRAFT v0.5) OpenHRE Security Architecture (DRAFT v0.5) Table of Contents Introduction -----------------------------------------------------------------------------------------------------------------------2 Assumptions----------------------------------------------------------------------------------------------------------------------2

More information

Single Sign-On Secure Authentication Password Mechanism

Single Sign-On Secure Authentication Password Mechanism Single Sign-On Secure Authentication Password Mechanism Deepali M. Devkate, N.D.Kale ME Student, Department of CE, PVPIT, Bavdhan, SavitribaiPhule University Pune, Maharashtra,India. Assistant Professor,

More information

The Benefits of SSL Content Inspection ABSTRACT

The Benefits of SSL Content Inspection ABSTRACT The Benefits of SSL Content Inspection ABSTRACT SSL encryption is the de-facto encryption technology for delivering secure Web browsing and the benefits it provides is driving the levels of SSL traffic

More information

Securing Data Storage in Cloud Computing

Securing Data Storage in Cloud Computing 보안공학연구논문지 (Journal of Security Engineering), 제 9권 제 3호 2012년 6월 Securing Data Storage in Cloud Computing Hyun-Suk Yu 1), Yvette E. Gelogo 2), Kyung Jung Kim 3) Abstract Cloud computing is a new computing

More information

SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTING SECURITY ENVIRONMENT

SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTING SECURITY ENVIRONMENT SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTING SECURITY ENVIRONMENT K.karthika 1, M. Daya kanimozhi Rani 2 1 K.karthika, Assistant professor, Department of IT, Adhiyamaan College of Engineering, Hosur

More information

86 Int. J. Engineering Systems Modelling and Simulation, Vol. 6, Nos. 1/2, 2014

86 Int. J. Engineering Systems Modelling and Simulation, Vol. 6, Nos. 1/2, 2014 86 Int. J. Engineering Systems Modelling and Simulation, Vol. 6, Nos. 1/2, 2014 Dual server-based secure data-storage system for cloud storage Woong Go ISAA Lab, Department of Information Security Engineering,

More information

Threats and Security Analysis for Enhanced Secure Neighbor Discovery Protocol (SEND) of IPv6 NDP Security

Threats and Security Analysis for Enhanced Secure Neighbor Discovery Protocol (SEND) of IPv6 NDP Security Threats and Security Analysis for Enhanced Secure Neighbor Discovery Protocol (SEND) of IPv6 NDP Security Yvette E. Gelogo 1, Ronnie D. Caytiles 1 and Byungjoo Park 1 * 1Multimedia Engineering Department,

More information

A Survey on Security Threats and Security Technology Analysis for Secured Cloud Services

A Survey on Security Threats and Security Technology Analysis for Secured Cloud Services , pp.21-30 http://dx.doi.org/10.14257/ijsia.2013.7.6.03 A Survey on Security Threats and Security Technology Analysis for Secured Cloud Services Changsoo Lee 1, Daewon Jung 2 and Keunwang Lee 3 1 Dept.

More information

Enterprise Resource Planning System Deployment on Mobile Cloud Computing

Enterprise Resource Planning System Deployment on Mobile Cloud Computing Asia-pacific Journal of Multimedia Services Convergence with Art, Humanities and Sociology Vol.3, No.1 (2013), pp. 1-8 http://dx.doi.org/10.14257/ajmscahs.2013.06.02 Enterprise Resource Planning System

More information

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon 1 Common security requirements Basic security tools Secret-key cryptography Public-key cryptography Example Online shopping with Amazon 2 Alice credit card # is xxxx Internet What could the hacker possibly

More information

Oracle WebCenter Content

Oracle WebCenter Content Oracle WebCenter Content 21 CFR Part 11 Certification Kim Hutchings US Data Management Phone: 888-231-0816 Email: khutchings@usdatamanagement.com Introduction In May 2011, US Data Management (USDM) was

More information

Data Storage Security in Cloud Computing

Data Storage Security in Cloud Computing Data Storage Security in Cloud Computing Prashant M. Patil Asst. Professor. ASM s, Institute of Management & Computer Studies (IMCOST), Thane (w), India E_mail: prashantpatil11@rediffmail.com ABSTRACT

More information

Sync Security and Privacy Brief

Sync Security and Privacy Brief Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical

More information

The Elements of Cryptography

The Elements of Cryptography The Elements of Cryptography (March 30, 2016) Abdou Illia Spring 2016 Learning Objectives Discuss Cryptography Terminology Discuss Symmetric Key Encryption Discuss Asymmetric Key Encryption Distinguish

More information

Module 7 Security CS655! 7-1!

Module 7 Security CS655! 7-1! Module 7 Security CS655! 7-1! Issues Separation of! Security policies! Precise definition of which entities in the system can take what actions! Security mechanism! Means of enforcing that policy! Distributed

More information

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER With technology everywhere we look, the technical safeguards required by HIPAA are extremely important in ensuring that our information

More information

Chapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Chapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All

More information

Economic and Social Council

Economic and Social Council UNITED NATIONS E Economic and Social Council Distr. GENERAL ECE/TRANS/WP.30/AC.2/2008/2 21 November 2007 Original: ENGLISH ECONOMIC COMMISSION FOR EUROPE Administrative Committee for the TIR Convention,

More information

Enterprise Security Critical Standards Summary

Enterprise Security Critical Standards Summary Enterprise Security Critical Standards Summary The following is a summary of key points in the Orange County Government Board of County Commissioners (OCGBCC) security standards. It is necessary for vendors

More information

A Robust Multimedia Contents Distribution over IP based Mobile Networks

A Robust Multimedia Contents Distribution over IP based Mobile Networks , pp. 283-288 http://dx.doi.org/10.14257/ijseia.2015.9.9.24 A Robust Multimedia Contents Distribution over IP based Mobile Networks Ronnie D. Caytiles, Seungyong Shin and Byungjoo Park * Multimedia Engineering

More information

A Proxy-Based Data Security Solution in Mobile Cloud

A Proxy-Based Data Security Solution in Mobile Cloud , pp. 77-84 http://dx.doi.org/10.14257/ijsia.2015.9.5.08 A Proxy-Based Data Security Solution in Mobile Cloud Xiaojun Yu 1,2 and Qiaoyan Wen 1 1 State Key Laboratory of Networking and Switching Technology,

More information

Thick Client Application Security

Thick Client Application Security Thick Client Application Security Arindam Mandal (arindam.mandal@paladion.net) (http://www.paladion.net) January 2005 This paper discusses the critical vulnerabilities and corresponding risks in a two

More information

A Study on User Access Control Method using Multi-Factor Authentication for EDMS

A Study on User Access Control Method using Multi-Factor Authentication for EDMS , pp.327-334 http://dx.doi.org/10.14257/ijsia.2013.7.6.33 A Study on User Access Control Method using Multi-Factor Authentication for EDMS Keunwang Lee 1* 1 Dept.of Multimedia Science, Chungwoon University

More information

Secure Data transfer in Cloud Storage Systems using Dynamic Tokens.

Secure Data transfer in Cloud Storage Systems using Dynamic Tokens. Secure Data transfer in Cloud Storage Systems using Dynamic Tokens. P.Srinivas *,K. Rajesh Kumar # M.Tech Student (CSE), Assoc. Professor *Department of Computer Science (CSE), Swarnandhra College of Engineering

More information

Study on the Vulnerability Level of Physical Security And Application of the IP-Based Devices

Study on the Vulnerability Level of Physical Security And Application of the IP-Based Devices , pp. 63-68 http://dx.doi.org/10.14257/ijsh.2015.9.10.07 Study on the Vulnerability Level of Physical Security And Application of the IP-Based Devices Kwang-Hyuk Park 1, Il-Kyeun Ra 2 and Chang-Soo Kim

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Computer System Management: Hosting Servers, Miscellaneous

Computer System Management: Hosting Servers, Miscellaneous Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh Logistics Any doubts on project/hypo explanation

More information

Learning Objectives. attacks. 2. Describe the common security practices of businesses of

Learning Objectives. attacks. 2. Describe the common security practices of businesses of E-Commerce Security Learning Objectives 1. Document the trends in computer and network security attacks. 2. Describe the common security practices of businesses of all sizes. 3. Understand the basic elements

More information

A Study on Design of Health Device for U-Health System

A Study on Design of Health Device for U-Health System , pp.79-86 http://dx.doi.org/10.14257/ijbsbt.2015.7.2.08 A Study on Design of Health Device for U-Health System Am-Suk Oh Dept. of Media Engineering, Tongmyong University, Busan, Korea asoh@tu.ac.kr Abstract

More information

Security Digital Certificate Manager

Security Digital Certificate Manager System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure

More information

Snow Agent System Pilot Deployment version

Snow Agent System Pilot Deployment version Pilot Deployment version Security policy Revision: 1.0 Authors: Per Atle Bakkevoll, Johan Gustav Bellika, Lars, Taridzo Chomutare Page 1 of 8 Date of issue 03.07.2009 Revision history: Issue Details Who

More information

Efficient Integrity Checking Technique for Securing Client Data in Cloud Computing

Efficient Integrity Checking Technique for Securing Client Data in Cloud Computing International Journal of Electrical & Computer Sciences IJECS-IJENS Vol: 11 No: 05 41 Efficient Integrity Checking Technique for Securing Client Data in Cloud Computing Abstract-- It has been widely observed

More information

Application of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card

Application of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card Application of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card C. Koner, Member, IACSIT, C. T. Bhunia, Sr. Member, IEEE and U. Maulik, Sr. Member, IEEE

More information

Chapter 17. Transport-Level Security

Chapter 17. Transport-Level Security Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics

More information

Chapter 1: Introduction

Chapter 1: Introduction Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure

More information

Wireless LANs and Healthcare: Understanding Security to Ensure Compliance with HIPAA

Wireless LANs and Healthcare: Understanding Security to Ensure Compliance with HIPAA : Understanding Security to Ensure Compliance with HIPAA Healthcare is a natural environment for wireless LAN solutions. With a large mobile population of doctors, nurses, physician s assistants and other

More information

CSE/EE 461 Lecture 23

CSE/EE 461 Lecture 23 CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data

More information

Information Security

Information Security Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked

More information

Cloud Computing Security Issues and Access Control Solutions

Cloud Computing Security Issues and Access Control Solutions 보안공학연구논문지 (Journal of Security Engineering), 제 9권 제 2호 2012년 4월 Cloud Computing Security Issues and Access Control Solutions Young-Gi Min 1), Hyo-Jin Shin 2), Young-Hwan Bang 3) Abstract Cloud computing

More information

SECURITY STORAGE MODEL OF DATA IN CLOUD Sonia Arora 1 Pawan Luthra 2 1,2 Department of Computer Science & Engineering, SBSSTC

SECURITY STORAGE MODEL OF DATA IN CLOUD Sonia Arora 1 Pawan Luthra 2 1,2 Department of Computer Science & Engineering, SBSSTC SECURITY STORAGE MODEL OF DATA IN CLOUD Sonia Arora 1 Pawan Luthra 2 1,2 Department of Computer Science & Engineering, SBSSTC Ferozepur, Punjab, India Email: 1 soniaarora141@gmail.com, 2 pawanluthra81@gmail.com

More information

Session Initiation Protocol Attacks and Challenges

Session Initiation Protocol Attacks and Challenges 2012 IACSIT Hong Kong Conferences IPCSIT vol. 29 (2012) (2012) IACSIT Press, Singapore Session Initiation Protocol Attacks and Challenges Hassan Keshavarz +, Mohammad Reza Jabbarpour Sattari and Rafidah

More information

Complying with PCI Data Security

Complying with PCI Data Security Complying with PCI Data Security Solution BRIEF Retailers, financial institutions, data processors, and any other vendors that manage credit card holder data today must adhere to strict policies for ensuring

More information

Application Design and Development

Application Design and Development C H A P T E R9 Application Design and Development Practice Exercises 9.1 What is the main reason why servlets give better performance than programs that use the common gateway interface (CGI), even though

More information

Analysis of Information Security Management Systems at 5 Domestic Hospitals with More than 500 Beds

Analysis of Information Security Management Systems at 5 Domestic Hospitals with More than 500 Beds Original Article Healthc Inform Res. 2010 June;16(2):89-99. pissn 2093-3681 eissn 2093-369X Analysis of Information Security Management Systems at 5 Domestic Hospitals with More than 500 Beds Woo-Sung

More information

Monalisa P. Kini, Kavita V. Sonawane, Shamsuddin S. Khan

Monalisa P. Kini, Kavita V. Sonawane, Shamsuddin S. Khan International Journal of Scientific & Engineering Research, Volume 5, Issue 7, July-2014 1410 Secured Authentication Using Mobile Phone as Security Token Monalisa P. Kini, Kavita V. Sonawane, Shamsuddin

More information

Device-based Secure Data Management Scheme in a Smart Home

Device-based Secure Data Management Scheme in a Smart Home Int'l Conf. Security and Management SAM'15 231 Device-based Secure Data Management Scheme in a Smart Home Ho-Seok Ryu 1, and Jin Kwak 2 1 ISAA Lab., Department of Computer Engineering, Ajou University,

More information

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Overview of CSS SSL. SSL Cryptography Overview CHAPTER CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

More information

Compter Networks Chapter 9: Network Security

Compter Networks Chapter 9: Network Security Goals of this chapter Compter Networks Chapter 9: Network Security Give a brief glimpse of security in communication networks Basic goals and mechanisms Holger Karl Slide set: Günter Schäfer, TU Ilmenau

More information

Information Security Basic Concepts

Information Security Basic Concepts Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,

More information

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN) MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

More information

CRYPTOGRAPHY AS A SERVICE

CRYPTOGRAPHY AS A SERVICE CRYPTOGRAPHY AS A SERVICE Peter Robinson RSA, The Security Division of EMC Session ID: ADS R01 Session Classification: Advanced Introduction Deploying cryptographic keys to end points such as smart phones,

More information

Security Measures of Personal Information of Smart Home PC

Security Measures of Personal Information of Smart Home PC , pp.227-236 http://dx.doi.org/10.14257/ijsh.2013.7.6.22 Security Measures of Personal Information of Smart Home PC Mi-Sook Seo 1 and Dea-Woo Park 2 1, 2 Department of Integrative Engineering, Hoseo Graduate

More information

Neutralus Certification Practices Statement

Neutralus Certification Practices Statement Neutralus Certification Practices Statement Version 2.8 April, 2013 INDEX INDEX...1 1.0 INTRODUCTION...3 1.1 Overview...3 1.2 Policy Identification...3 1.3 Community & Applicability...3 1.4 Contact Details...3

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

Secure Your Source Code and Digital Assets

Secure Your Source Code and Digital Assets Hosted PRESENTS... Secure Your Source Code and Digital Assets - World's 1st Hosted SCM Solution Studies show that companies of all sizes have begun adopting SaaS (Software as a Service) solutions in a

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information

SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER

SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER Mrs. P.Venkateswari Assistant Professor / CSE Erode Sengunthar Engineering College, Thudupathi ABSTRACT Nowadays Communication

More information

Top Ten Security and Privacy Challenges for Big Data and Smartgrids. Arnab Roy Fujitsu Laboratories of America

Top Ten Security and Privacy Challenges for Big Data and Smartgrids. Arnab Roy Fujitsu Laboratories of America 1 Top Ten Security and Privacy Challenges for Big Data and Smartgrids Arnab Roy Fujitsu Laboratories of America 2 User Roles and Security Concerns [SKCP11] Users and Security Concerns [SKCP10] Utilities:

More information

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate

More information

DIGITAL RIGHTS MANAGEMENT SYSTEM FOR MULTIMEDIA FILES

DIGITAL RIGHTS MANAGEMENT SYSTEM FOR MULTIMEDIA FILES DIGITAL RIGHTS MANAGEMENT SYSTEM FOR MULTIMEDIA FILES Saiprasad Dhumal * Prof. K.K. Joshi Prof Sowmiya Raksha VJTI, Mumbai. VJTI, Mumbai VJTI, Mumbai. Abstract piracy of digital content is a one of the

More information

CPSC 467: Cryptography and Computer Security

CPSC 467: Cryptography and Computer Security CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 1 September 2, 2015 CPSC 467, Lecture 1 1/13 Protecting Information Information security Security principles Crypto as a security

More information

Chapter 7: Network security

Chapter 7: Network security Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport

More information

LBSEC. http://www.liveboxcloud.com

LBSEC. http://www.liveboxcloud.com 2014 LBSEC http://www.liveboxcloud.com LiveBox Srl does not release declarations or guarantee regarding this documentation and its use and declines any expressed or implied commercial or suitability guarantee

More information

Chapter 10. Cloud Security Mechanisms

Chapter 10. Cloud Security Mechanisms Chapter 10. Cloud Security Mechanisms 10.1 Encryption 10.2 Hashing 10.3 Digital Signature 10.4 Public Key Infrastructure (PKI) 10.5 Identity and Access Management (IAM) 10.6 Single Sign-On (SSO) 10.7 Cloud-Based

More information

An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography

An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography ROMANIAN JOURNAL OF INFORMATION SCIENCE AND TECHNOLOGY Volume 16, Number 4, 2013, 324 335 An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography

More information

A Layered Signcryption Model for Secure Cloud System Communication

A Layered Signcryption Model for Secure Cloud System Communication Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 4, Issue. 6, June 2015, pg.1086

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Secure Sockets Layer (SSL) is an application-layer protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through

More information

Modern Accounting Information System Security (AISS) Research Based on IT Technology

Modern Accounting Information System Security (AISS) Research Based on IT Technology , pp.163-170 http://dx.doi.org/10.14257/astl.2016. Modern Accounting Information System Security (AISS) Research Based on IT Technology Jiamin Fang and Liqing Shu Accounting Branch, Jilin Business and

More information

Secure Web Access Solution

Secure Web Access Solution Secure Web Access Solution I. CONTENTS II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. E-CODE SECURE WEB ACCESS SOLUTION... 3 OVERVIEW... 3 PKI SECURE WEB ACCESS... 4 Description...

More information

Savitribai Phule Pune University

Savitribai Phule Pune University Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter

More information

Enhance data security of private cloud using encryption scheme with RBAC

Enhance data security of private cloud using encryption scheme with RBAC Enhance data security of private cloud using encryption scheme with RBAC Dimpi Rani 1, Rajiv Kumar Ranjan 2 M.Tech (CSE) Student, Arni University, Indora, Kangra, India 1 Assistant Professor, Dept. of

More information

E-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc.

E-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc. Copyright 2007 Pearson Education, Inc. Slide 5-1 E-commerce business. technology. society. Second Edition Kenneth C. Laudon Carol Guercio Traver Copyright 2007 Pearson Education, Inc. Slide 5-2 Chapter

More information

What is network security?

What is network security? Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application

More information

Xerox DocuShare Security Features. Security White Paper

Xerox DocuShare Security Features. Security White Paper Xerox DocuShare Security Features Security White Paper Xerox DocuShare Security Features Businesses are increasingly concerned with protecting the security of their networks. Any application added to a

More information

IBM. Integrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise. zenterprise System. SC Level 01b

IBM. Integrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise. zenterprise System. SC Level 01b IBM zenterprise System Integrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise SC28-6927-01 IBM zenterprise System Integrating the Hardware Management Console

More information

Mobile Application for Secure Healthcare System

Mobile Application for Secure Healthcare System Mobile Application for Secure Healthcare System SABINA YESMIN KTH Information and Communication Technology Master of Science Thesis Stockholm, Sweden 2013 TRITA-ICT-EX-2013:78 Abstract Usage of mobile

More information

Development of Object-Oriented Analysis and Design Methodology for Secure Web Applications

Development of Object-Oriented Analysis and Design Methodology for Secure Web Applications , pp.71-80 http://dx.doi.org/10.14257/ijsia.2014.8.1.07 Development of Object-Oriented Analysis and Design Methodology for Secure Web Applications Kyung-Soo Joo 1 and Jung-Woong Woo 2 1 Department of Computer

More information

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise

More information

A Study of Key management Protocol for Secure Communication in Personal Cloud Environment

A Study of Key management Protocol for Secure Communication in Personal Cloud Environment , pp.51-58 http://dx.doi.org/10.14257/ijsia.2014.8.4.05 A Study of Key management Protocol for Secure Communication in Personal Cloud Environment ByungWook Jin 1 and Keun-Wang Lee 2,* 1 Dept. of Computer

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)

More information

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui School of Engineering and Computer Science Te Kura Mātai Pūkaha, Pūrorohiko PO Box 600 Wellington New Zealand Tel: +64 4 463

More information

Development of Integrated Management System based on Mobile and Cloud Service for Preventing Various Hazards

Development of Integrated Management System based on Mobile and Cloud Service for Preventing Various Hazards , pp. 143-150 http://dx.doi.org/10.14257/ijseia.2015.9.7.15 Development of Integrated Management System based on Mobile and Cloud Service for Preventing Various Hazards Ryu HyunKi 1, Yeo ChangSub 1, Jeonghyun

More information

Cloud-based Distribute Processing of User-Customized Mobile Interface in U-Sensor Network Environment

Cloud-based Distribute Processing of User-Customized Mobile Interface in U-Sensor Network Environment , pp.18-22 http://dx.doi.org/10.14257/astl.2013.42.05 Cloud-based Distribute Processing of User-Customized Mobile Interface in U-Sensor Network Environment Changhee Cho 1, Sanghyun Park 2, Jadhav Yogiraj

More information

A Study on IP Exposure Notification System for IoT Devices Using IP Search Engine Shodan

A Study on IP Exposure Notification System for IoT Devices Using IP Search Engine Shodan , pp.61-66 http://dx.doi.org/10.14257/ijmue.2015.10.12.07 A Study on IP Exposure Notification System for IoT Devices Using IP Search Engine Shodan Yun-Seong Ko 1, Il-Kyeun Ra 2 and Chang-Soo Kim 1* 1 Department

More information

DKIM Enabled Two Factor Authenticated Secure Mail Client

DKIM Enabled Two Factor Authenticated Secure Mail Client DKIM Enabled Two Factor Authenticated Secure Mail Client Saritha P, Nitty Sarah Alex M.Tech Student[Software Engineering], New Horizon College of Engineering, Bangalore, India Sr. Asst Prof, Department

More information

Cryptography and Network Security Sixth Edition by William Stallings

Cryptography and Network Security Sixth Edition by William Stallings Cryptography and Network Security Sixth Edition by William Stallings Chapter 1 Overview The combination of space, time, and strength that must be considered as the basic elements of this theory of defense

More information

A Study of the Design of Wireless Medical Sensor Network based u- Healthcare System

A Study of the Design of Wireless Medical Sensor Network based u- Healthcare System , pp.91-96 http://dx.doi.org/10.14257/ijbsbt.2014.6.3.11 A Study of the Design of Wireless Medical Sensor Network based u- Healthcare System Ronnie D. Caytiles and Sungwon Park 1* 1 Hannam University 133

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information

Secure Authentication of Distributed Networks by Single Sign-On Mechanism

Secure Authentication of Distributed Networks by Single Sign-On Mechanism Secure Authentication of Distributed Networks by Single Sign-On Mechanism Swati Sinha 1, Prof. Sheerin Zadoo 2 P.G.Student, Department of Computer Application, TOCE, Bangalore, Karnataka, India 1 Asst.Professor,

More information

AN ENHANCED ATTRIBUTE BASED ENCRYPTION WITH MULTI PARTIES ACCESS IN CLOUD AREA

AN ENHANCED ATTRIBUTE BASED ENCRYPTION WITH MULTI PARTIES ACCESS IN CLOUD AREA Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 1, January 2014,

More information

VPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu

VPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining

More information