Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records

Size: px
Start display at page:

Download "Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records"

Transcription

1 Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records Melissa Chase (MSR) Joint work with Josh Benaloh, Kristin Lauter, and Eric Horvitz

2 Medical Records Traditionally, health providers kept paper files Transferring data very cumbersome Visiting a new doctor requires paperwork Emergency care often cannot access record

3 Electronic Medical Records Movement to: Digitize records Make accessible to network of providers Patients records will be accessible to any provider who treats them Advantages Better care Reduce costs President Obama: all medical records computerized within 5 years ARR Act: $19 billion

4 Privacy concerns Also dangerous Much easier to steal digital records Much easier to attack remotely accessible system Large system is very vulnerable to abuse ARR Act: Specific objectives: Secure communications Ensure appropriate authorization Encryption

5 Privacy Concerns Why are we concerned about privacy? Want patients to be honest Discrimination Insurance Employment Social stigma (friends/coworkers) Medical Identity Theft

6 Standard Approach to Security: Provider Managed + Access Control Patient Bob patient records Doctor Alice Upload health info Health Record Server Permission? s Log File Must Audit Logs Sensitive information Celebrity records

7 Privacy Concerns Wide access All or nothing permissions Even more in large network scenario Roughly 150 people have access to a patient s record in a hospitalization Patient Controlled Record grant access only to appropriate part of record allow patient to identify providers who treat him

8 Privacy Concerns Wide access All or nothing permissions Even more in large network scenario Roughly 150 people have access to a patient s record in a hospitalization Access control Theft Attack Patient must trust owner/administrator of data for physical and electronic security For privacy (Insider attacks)

9 Create Account Upload health info Search record Patient Bob New Approach: Encryption Health Record Server Bob s record Permission s

10 Using Cryptography Who holds the key? Server Key can be stolen/compromised along with data Third party Somewhat more secure How to maintain functionality? Patient? What we will look at

11 Using Cryptography Must have key backup Hide from server = hides from hackers, thieves, etc Patient Bob Create Account Upload health info Bob s record Search record Health Record Server Permission s

12 Search Search record record Create Account Upload health info Search record Patient Bob Doctor Alice Using Cryptography Pharmacist Charles How do we allow patient to grant partial access? Health Record Server Bob s record Permission s Upload health info Upload health info Grant Grant partial partial access access

13 How to grant partial access? Two approaches Hierarchical record sharing: Patient Controlled Encryption [BCHL09] Assumes hierarchical health record Based on standard, efficient primitives (hash functions, block ciphers) Also consider how to incorporate searchability Re encryption based sharing: Functional Re Encryption [CCV12] Easier to revoke users / add revocation date Easier key management More complex constructions Based on bilinear pairing

14 Hierarchical Record Sharing Joint work with Eric Horvitz, Kristin Lauter, and Josh Benaloh

15 Hierarchical Record Sharing Grant partial access Assumption on types of delegation Arrange the record in a hierarchy Allowable delegations: rights to a category

16 Ex: Hierarchical Health Records Give Doctor access to entire record

17 Ex: Hierarchical Health Records Give Doctor access to entire record Give Exercise info to cousin

18 Ex: Hierarchical Health Records Give Doctor access to entire record Give Exercise info to cousin

19 Ex: Hierarchical Health Records Give Doctor access to entire record Give Exercise info to cousin Give Eyeglass Prescription to Retailer

20 Ex: Hierarchical Health Records Give Doctor access to entire record Give Exercise info to cousin Give Eyeglass Prescription to Retailer

21 Ex: Hierarchical Health Records Give Doctor access to entire record Give Exercise info to cousin Give Eyeglass Prescription to Retailer Give Dental Information and Allergies and Medications to Dentist

22 Ex: Hierarchical Health Records Give Doctor access to entire record Give Exercise info to cousin Give Eyeglass Prescription to Retailer Give Dental Information and Allergies and Medications to Dentist

23 Security Hierarchical Encryption Symmetric Key [AT83, S88, ] Public Key: HIBE[GS02, ] only have access if an appropriate key was given KeyDer KeyDer

24 Patient Controlled Encryption Create Account Patient Bob Upload health info Search record Health Record Server Bob s record Permission s

25 Patient Controlled Encryption Create Account Patient Bob Upload health info Search record Doctor Alice Health Record Server Bob s record Permission s Upload health info Upload health info

26 Patient Controlled Encryption Grant Grant partial partial access access Pharmacist Charles Search Search record record Create Account Patient Bob Upload health info Search record Doctor Alice Health Record Server Bob s record Permission s Upload health info Upload health info

27 Patient Controlled Encryption

28 Re Encryption based Sharing Joint work with Nishanth Chandran and Vinod Vaikuntanathan

29 An example: Cloud storage for patient health records Bob s health record Doctor Medications Medications Cardiology Pharmacist X Rays Research Center Sister Patient Bob Access

30 Encrypted Cloud Storage Encrypt files Medications Bob s health record Medications Cardiology Doctor Pharmacist X Rays Research Center Sister Patient Bob Access

31 Encrypted Cloud Storage Encrypt files Medications Bob s health record Medications Cardiology Doctor Pharmacist X Rays Research Center Sister Patient Bob Access

32 Encrypted Cloud Storage Encrypt files Medications Bob s health record Medications Cardiology Doctor Pharmacist X Rays Research Center Patient Bob Access Sister How to implement access policy??

33 Access control for encrypted data How can we implement access control when data is encrypted? Our goal: Allow server to perform access control on encrypted data Server will: take files encrypted for Bob transform them into files encrypted for appropriate recipient without decrypting anything. Server cannot decrypt!

34 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record Medications Cardiology Doctor Pharmacist X Rays Research Center Patient Bob Generate policy token Access token Sister

35 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record Medications Cardiology X Rays token token token Doctor Pharmacist Research Center Patient Bob Generate policy token Access token Sister

36 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record Medications Cardiology X Rays token token token Correct recipients retrieve and decrypt Doctor Pharmacist Research Center Patient Bob Generate policy token Access token Sister

37 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record Medications Cardiology X Rays token token token Correct recipients retrieve and decrypt Doctor Pharmacist Research Center Patient Bob Generate policy token Access Sister Server can: Transform encrypted files into files readable by appropriate recipients Cannot decrypt or read token any files (Strong notion of security vs collusion, etc)

38 Private Access Control Want private cloud, where sensitive data is hidden even from cloud operator Previous scenario: server can implement policy but cannot decrypt any ciphertexts But sometimes the policy itself is private! E.g.: Whether patient has chosen to participate in research project for mental health records May want to give access to one family member without revealing that fact to others Question: Can we allow the same functionality, but without revealing the policy, even to the cloud provider?

39 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record Medications Cardiology X Rays token token token Correct recipients retrieve and decrypt Doctor Pharmacist Research Center Patient Bob Generate policy token Access token Sister

40 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record + Medications + Cardiology X Rays + token token token Correct recipients retrieve and decrypt Doctor Pharmacist Research Center Patient Bob Generate policy token Access token Sister

41 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record + Medications + Cardiology X Rays + token token token Correct recipients retrieve and decrypt Doctor Pharmacist Research Center Patient Bob Generate policy token Access token Sister

42 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record + Medications + Cardiology X Rays + token token token Correct recipients retrieve and decrypt Doctor Pharmacist Research Center Patient Bob Generate policy token Access Sister Server can: Transform encrypted files into files readable by appropriate recipients Cannot decrypt or read token any files Cannot learn anything about policy (Strong notion of security vs collusion, etc)

43 Constructions Private access control on encrypted data Hides policy and tags For very simple policies Construction based on pairings Relatively mild assumptions about pairing curves Can also achieve more efficient constructions where and tags are not hidden Fairly general formulas Similar to work on outsourcing ABE decryption [GHW 2011]

44 Advantages Private data is hidden from server: Security against server compromise, theft, untrusted operators, etc As secure as patient downloading, decrypting, re encrypting Even if server colludes with recipients Patient only online to set/change policy Access control is invisible to recipients Decryptor s efficiency independent of policy is hidden from recipients Revocation is invisible for recipients

45 Conclusions and Future Work

46 Open Issues Additional privacy concerns Key backup Identification Usability?

47 Conclusions Electronic Medical Records present risks to privacy Access control is not sufficient Encryption + Patient Control is the right approach 2 approaches for partial access when files are encrypted Hierarchical sharing Re encryption based sharing

48 Questions

49

50

Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records

Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records Josh Benaloh, Melissa Chase, Eric Horvitz, and Kristin Lauter Microsoft Research Redmond, WA, USA {benaloh,melissac,horvitz,klauter}@microsoft.com

More information

Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records

Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records Josh Benaloh, Melissa Chase, Eric Horvitz, and Kristin Lauter Microsoft Research Redmond, WA, USA {benaloh,melissac,horvitz,klauter}@microsoft.com

More information

Security System in Cloud Computing for Medical Data Usage

Security System in Cloud Computing for Medical Data Usage , pp.27-31 http://dx.doi.org/10.14257/astl.2013.38.06 Security System in Cloud Computing for Medical Data Usage Maya Louk 1, Hyotaek Lim 2, Hoon Jae Lee 3 1 Department of Ubiquitous IT, Graduate School

More information

EFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE

EFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE EFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE Reshma Mary Abraham and P. Sriramya Computer Science Engineering, Saveetha University, Chennai, India E-Mail: reshmamaryabraham@gmail.com

More information

A NOVEL APPROACH FOR MULTI-KEYWORD SEARCH WITH ANONYMOUS ID ASSIGNMENT OVER ENCRYPTED CLOUD DATA

A NOVEL APPROACH FOR MULTI-KEYWORD SEARCH WITH ANONYMOUS ID ASSIGNMENT OVER ENCRYPTED CLOUD DATA A NOVEL APPROACH FOR MULTI-KEYWORD SEARCH WITH ANONYMOUS ID ASSIGNMENT OVER ENCRYPTED CLOUD DATA U.Pandi Priya 1, R.Padma Priya 2 1 Research Scholar, Department of Computer Science and Information Technology,

More information

NEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA

NEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA THE PUBLISHING HOUSE PROCEEDINGS OF THE ROMANIAN ACADEMY, Series A, OF THE ROMANIAN ACADEMY Volume 14, Number 1/2013, pp. 72 77 NEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA Laurenţiu BURDUŞEL Politehnica

More information

CLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE RE-ENCRYPTION

CLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE RE-ENCRYPTION CLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE RE-ENCRYPTION Chandrala DN 1, Kulkarni Varsha 2 1 Chandrala DN, M.tech IV sem,department of CS&E, SVCE, Bangalore 2 Kulkarni Varsha, Asst. Prof.

More information

A Survey of Cloud Storage Security Research. Mar Kheng Kok Nanyang Polytechnic mar_kheng_kok@nyp.gov.sg

A Survey of Cloud Storage Security Research. Mar Kheng Kok Nanyang Polytechnic mar_kheng_kok@nyp.gov.sg A Survey of Cloud Storage Security Research Mar Kheng Kok Nanyang Polytechnic mar_kheng_kok@nyp.gov.sg Presentation Outline Security concerns of cloud storage Data confidentiality in the cloud Data availability/integrity

More information

Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment

Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment Chih Hung Wang Computer Science and Information Engineering National Chiayi University Chiayi City 60004,

More information

CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 1 January 9, 2012 CPSC 467b, Lecture 1 1/22 Course Overview Symmetric Cryptography CPSC 467b, Lecture 1 2/22 Course Overview CPSC

More information

Sharing Of Multi Owner Data in Dynamic Groups Securely In Cloud Environment

Sharing Of Multi Owner Data in Dynamic Groups Securely In Cloud Environment Sharing Of Multi Owner Data in Dynamic Groups Securely In Cloud Environment Deepa Noorandevarmath 1, Rameshkumar H.K 2, C M Parameshwarappa 3 1 PG Student, Dept of CS&E, STJIT, Ranebennur. Karnataka, India

More information

Privacy Patterns in Public Clouds

Privacy Patterns in Public Clouds Privacy Patterns in Public Clouds Sashank Dara Security Technologies Group, Cisco Systems, Bangalore email: krishna.sashank@gmail.com January 25, 2014 Abstract Internet users typically consume a wide range

More information

Privacy and Verifiability for Data Storage in Cloud Computing. Melek Ӧnen August 17, 2015 IFIP Summer School, Edinburgh

Privacy and Verifiability for Data Storage in Cloud Computing. Melek Ӧnen August 17, 2015 IFIP Summer School, Edinburgh Privacy and Verifiability for Data Storage in Cloud Computing Melek Ӧnen August 17, 2015 IFIP Summer School, Edinburgh Cloud Computing Outsourcing storage & computation High availability No IT maintenance

More information

Multi Layered Securing of Health Records using Public and Private Model in Cloud

Multi Layered Securing of Health Records using Public and Private Model in Cloud pp 97 102 Krishi Sanskriti Publications http://www.krishisanskriti.org/acsit.html Multi Layered Securing of Health Records using Public and Private Model in Cloud Vijay J 1, Anitha C.L 2 1 P.G.Student,

More information

An Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud

An Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud An Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud Sanjay Madria Professor and Site Director for NSF I/UCRC Center on Net-Centric Software and Systems Missouri University

More information

Database Security. The Need for Database Security

Database Security. The Need for Database Security Database Security Public domain NASA image L-1957-00989 of people working with an IBM type 704 electronic data processing machine. 1 The Need for Database Security Because databases play such an important

More information

SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS

SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS Abstract: The Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential

More information

Network Security Protocols

Network Security Protocols Network Security Protocols EE657 Parallel Processing Fall 2000 Peachawat Peachavanish Level of Implementation Internet Layer Security Ex. IP Security Protocol (IPSEC) Host-to-Host Basis, No Packets Discrimination

More information

7 Key Management and PKIs

7 Key Management and PKIs CA4005: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 7 Key Management and PKIs 7.1 Key Management Key Management For any use of cryptography, keys must be handled correctly. Symmetric keys must be kept secret.

More information

AN ENHANCED ATTRIBUTE BASED ENCRYPTION WITH MULTI PARTIES ACCESS IN CLOUD AREA

AN ENHANCED ATTRIBUTE BASED ENCRYPTION WITH MULTI PARTIES ACCESS IN CLOUD AREA Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 1, January 2014,

More information

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure) Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.

More information

TELE 301 Network Management. Lecture 18: Network Security

TELE 301 Network Management. Lecture 18: Network Security TELE 301 Network Management Lecture 18: Network Security Haibo Zhang Computer Science, University of Otago TELE301 Lecture 18: Network Security 1 Security of Networks Security is something that is not

More information

Cryptanalysis of Cloud based computing

Cryptanalysis of Cloud based computing Cryptanalysis of Cloud based computing COMP 4109 Elom Tsiagbey Overview Introduction Recent threats to cloud computing Key Management models Conclusion Proposed key management model What is Cloud Computing?

More information

Secure Sharing of Health Records in Cloud Using ABE

Secure Sharing of Health Records in Cloud Using ABE Secure Sharing of Health Records in Cloud Using ABE Nithya.E, TousifAhamed Nadaf Abstract In recent years, Personal health record (PHR) has emerged as a patient-centric model of health information exchange.

More information

What Are Certificates?

What Are Certificates? The Essentials Series: Code-Signing Certificates What Are Certificates? sponsored by by Don Jones W hat Are Certificates?... 1 Digital Certificates and Asymmetric Encryption... 1 Certificates as a Form

More information

WHITE PAPER www.tresorit.com

WHITE PAPER www.tresorit.com WHITE PAPER tresor [tʀeˈzoːɐ ] noun (German) 1. lockable, armoured cabinet THE CLOUD IS UNTRUSTED The cloud has huge potential when it comes to storing, sharing and exchanging files, but the security provided

More information

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467a: Cryptography and Computer Security Notes 1 (rev. 1) Professor M. J. Fischer September 3, 2008 1 Course Overview Lecture Notes 1 This course is

More information

ADVANCE SECURITY TO CLOUD DATA STORAGE

ADVANCE SECURITY TO CLOUD DATA STORAGE Journal homepage: www.mjret.in ADVANCE SECURITY TO CLOUD DATA STORAGE ISSN:2348-6953 Yogesh Bhapkar, Mitali Patil, Kishor Kale,Rakesh Gaikwad ISB&M, SOT, Pune, India Abstract: Cloud Computing is the next

More information

Expert Reference Series of White Papers. Fundamentals of the PKI Infrastructure

Expert Reference Series of White Papers. Fundamentals of the PKI Infrastructure Expert Reference Series of White Papers Fundamentals of the PKI Infrastructure 1-800-COURSES www.globalknowledge.com Fundamentals of the PKI Infrastructure Boris Gigovic, Global Knowledge Instructor, CEI,

More information

Monitoring Data Integrity while using TPA in Cloud Environment

Monitoring Data Integrity while using TPA in Cloud Environment Monitoring Data Integrity while using TPA in Cloud Environment Jaspreet Kaur, Jasmeet Singh Abstract Cloud Computing is the arising technology that delivers software, platform and infrastructure as a service

More information

Secure cloud access system using JAR ABSTRACT:

Secure cloud access system using JAR ABSTRACT: Secure cloud access system using JAR ABSTRACT: Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that

More information

Data management using Virtualization in Cloud Computing

Data management using Virtualization in Cloud Computing Data management using Virtualization in Cloud Computing A.S.R. Krishna Kanth M.Tech (CST), Department of Computer Science & Systems Engineering, Andhra University, India. M.Sitha Ram Research Scholar Department

More information

Secure Collaborative Privacy In Cloud Data With Advanced Symmetric Key Block Algorithm

Secure Collaborative Privacy In Cloud Data With Advanced Symmetric Key Block Algorithm Secure Collaborative Privacy In Cloud Data With Advanced Symmetric Key Block Algorithm Twinkle Graf.F 1, Mrs.Prema.P 2 1 (M.E- CSE, Dhanalakshmi College of Engineering, Chennai, India) 2 (Asst. Professor

More information

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui School of Engineering and Computer Science Te Kura Mātai Pūkaha, Pūrorohiko PO Box 600 Wellington New Zealand Tel: +64 4 463

More information

Sheltered Multi-Owner Data distribution For vibrant Groups in the Cloud

Sheltered Multi-Owner Data distribution For vibrant Groups in the Cloud Sheltered Multi-Owner Data distribution For vibrant Groups in the Cloud I.sriram murthy 1 N.Jagajeevan 2 II M-Tech student Assistant.Professor Department of computer science & Engineering Department of

More information

Role Based Encryption with Efficient Access Control in Cloud Storage

Role Based Encryption with Efficient Access Control in Cloud Storage Role Based Encryption with Efficient Access Control in Cloud Storage G. V. Bandewar 1, R. H. Borhade 2 1 Department of Information Technology, Sinhgad Technical Education Society s SKNCOE, Pune, India

More information

Princeton University Computer Science COS 432: Information Security (Fall 2013)

Princeton University Computer Science COS 432: Information Security (Fall 2013) Princeton University Computer Science COS 432: Information Security (Fall 2013) This test has 13 questions worth a total of 50 points. That s a lot of questions. Work through the ones you re comfortable

More information

The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems

The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems Becky Cutler Rebecca.cutler@tufts.edu Mentor: Professor Chris Gregg Abstract Modern day authentication systems

More information

CONTROLLING DATA IN THE CLOUD: OUTSOURCING COMPUTATION WITHOUT OUTSOURCING CONTROL

CONTROLLING DATA IN THE CLOUD: OUTSOURCING COMPUTATION WITHOUT OUTSOURCING CONTROL CONTROLLING DATA IN THE CLOUD: OUTSOURCING COMPUTATION WITHOUT OUTSOURCING CONTROL Paper By: Chow, R; Golle, P; Jakobsson, M; Shai, E; Staddon, J From PARC & Masuoka, R And Mollina From Fujitsu Laboratories

More information

Categorical Heuristic for Attribute Based Encryption in the Cloud Server

Categorical Heuristic for Attribute Based Encryption in the Cloud Server Categorical Heuristic for Attribute Based Encryption in the Cloud Server R. Brindha 1, R. Rajagopal 2 1( M.E, Dept of CSE, Vivekanandha Institutes of Engineering and Technology for Women, Tiruchengode,

More information

SECURE RE-ENCRYPTION IN UNRELIABLE CLOUD USINGSYNCHRONOUS CLOCK

SECURE RE-ENCRYPTION IN UNRELIABLE CLOUD USINGSYNCHRONOUS CLOCK International Journal of Advance Research In Science And Engineering IJARSE, Vol. No.4, Issue No.01, January 2015 http:// SECURE RE-ENCRYPTION IN UNRELIABLE CLOUD USINGSYNCHRONOUS CLOCK Arudra Gopala Rao

More information

A Secure Decentralized Access Control Scheme for Data stored in Clouds

A Secure Decentralized Access Control Scheme for Data stored in Clouds A Secure Decentralized Access Control Scheme for Data stored in Clouds Priyanka Palekar 1, Abhijeet Bharate 2, Nisar Anjum 3 1 SKNSITS, University of Pune 2 SKNSITS, University of Pune 3 SKNSITS, University

More information

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon 1 Common security requirements Basic security tools Secret-key cryptography Public-key cryptography Example Online shopping with Amazon 2 Alice credit card # is xxxx Internet What could the hacker possibly

More information

Authentication Types. Password-based Authentication. Off-Line Password Guessing

Authentication Types. Password-based Authentication. Off-Line Password Guessing Authentication Types Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4:

More information

Decentralized Access Control Schemes for Data Storage on Cloud

Decentralized Access Control Schemes for Data Storage on Cloud Computer Science and Engineering 2016, 6(1): 1-6 DOI: 10.5923/j.computer.20160601.01 Decentralized Access Control Schemes for Data Storage on Cloud Shraddha V. Mokle *, Nuzhat F. Shaikh Department of Computer

More information

Keywords: Authentication, Third party audit, cloud storage, cloud service provider, Access control.

Keywords: Authentication, Third party audit, cloud storage, cloud service provider, Access control. Volume 5, Issue 3, March 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Identity Based

More information

AN EFFICIENT AUDIT SERVICE OUTSOURCING FOR DATA IN TEGRITY IN CLOUDS

AN EFFICIENT AUDIT SERVICE OUTSOURCING FOR DATA IN TEGRITY IN CLOUDS AN EFFICIENT AUDIT SERVICE OUTSOURCING FOR DATA IN TEGRITY IN CLOUDS Mrs.K.Saranya, M.E.,(CSE), Jay Shriram Group of Institutions, Tirupur. Saranya17113@gmail.com Dr.S.Rajalakshmi, Associate Professor/CSE,

More information

COSC 472 Network Security

COSC 472 Network Security COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html

More information

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography Kommunikationssysteme (KSy) - Block 8 Secure Network Communication Part II II Public Key Cryptography Dr. Andreas Steffen 2000-2001 A. Steffen, 28.03.2001, KSy_RSA.ppt 1 Secure Key Distribution Problem

More information

2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries

2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application

More information

Secure Data Management Scheme using One-Time Trapdoor on Cloud Storage Environment

Secure Data Management Scheme using One-Time Trapdoor on Cloud Storage Environment , pp.257-272 http://dx.doi.org/10.14257/ijsia.2014.8.1.24 Secure Data Management Scheme using One-Time Trapdoor on Cloud Storage Environment Sun-Ho Lee and Im-Yeong Lee 1 Department of Computer Software

More information

Security and accounting for Storage Service Provider

Security and accounting for Storage Service Provider Security and accounting for Storage Service Provider Yongdae Kim Collaborators: N. Hopper, J. Weissman, A. Chandra Students: V. Kher, I. Osipkov, S. Hong, J. Kim University of Minnesota Supported by DISC,

More information

Information Security

Information Security Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked

More information

Dispatch: A Unique Email Security Solution

Dispatch: A Unique Email Security Solution Dispatch: A Unique Email Security Solution 720 836 1222 sales / support sales@absio.com email www.absio.com web 8740 Lucent Boulevard, Ste 101 Highlands Ranch, CO, 80129 1 110-WP005-1 Organizations use

More information

CS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University

CS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University CS377: Database Systems Data Security and Privacy Li Xiong Department of Mathematics and Computer Science Emory University 1 Principles of Data Security CIA Confidentiality Triad Prevent the disclosure

More information

Associate Prof. Dr. Victor Onomza Waziri

Associate Prof. Dr. Victor Onomza Waziri BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,

More information

Secure Computation Martin Beck

Secure Computation Martin Beck Institute of Systems Architecture, Chair of Privacy and Data Security Secure Computation Martin Beck Dresden, 05.02.2015 Index Homomorphic Encryption The Cloud problem (overview & example) System properties

More information

A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA

A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA Mr.Mahesh S.Giri Department of Computer Science & Engineering Technocrats Institute of Technology Bhopal, India

More information

An Enhanced Security Enabled Sharing of Protected Cloud Storage Services by Trapdoor Commitment Based on RSA Signature Assumption

An Enhanced Security Enabled Sharing of Protected Cloud Storage Services by Trapdoor Commitment Based on RSA Signature Assumption Bonfring International Journal of Research in Communication Engineering, Vol. 2, No. 3, September 2012 1 An Enhanced Security Enabled Sharing of Protected Cloud Storage Services by Trapdoor Commitment

More information

Verifiable Outsourced Computations Outsourcing Computations to Untrusted Servers

Verifiable Outsourced Computations Outsourcing Computations to Untrusted Servers Outsourcing Computations to Untrusted Servers Security of Symmetric Ciphers in Network Protocols ICMS, May 26, 2015, Edinburgh Problem Motivation Problem Motivation Problem Motivation Problem Motivation

More information

White Paper: Multi-Factor Authentication Platform

White Paper: Multi-Factor Authentication Platform White Paper: Multi-Factor Authentication Platform Version: 1.4 Updated: 29/10/13 Contents: About zero knowledge proof authentication protocols: 3 About Pairing-Based Cryptography (PBC) 4 Putting it all

More information

Secure Cross Border File Protection & Sharing for Enterprise Product Brief CRYPTOMILL INC

Secure Cross Border File Protection & Sharing for Enterprise Product Brief CRYPTOMILL INC C NNECTED Circles of Trust Secure Cross Border File Protection & Sharing for Enterprise Product Brief www.cryptomill.com product overview OVERVIEW Connected Circles of Trust is an endpoint data security

More information

Comments on "public integrity auditing for dynamic data sharing with multi-user modification"

Comments on public integrity auditing for dynamic data sharing with multi-user modification University of Wollongong Research Online Faculty of Engineering and Information Sciences - Papers Faculty of Engineering and Information Sciences 2016 Comments on "public integrity auditing for dynamic

More information

Scalable and secure sharing of data in cloud computing using attribute based encryption

Scalable and secure sharing of data in cloud computing using attribute based encryption Volume :2, Issue :4, 416-420 April 2015 www.allsubjectjournal.com e-issn: 2349-4182 p-issn: 2349-5979 Impact Factor: 3.762 Ghodake Shubhangi Joshi Priyanka Khobragade Pranjali Chandak Manjiri Scalable

More information

Providing Access Permissions to Legitimate Users by Using Attribute Based Encryption Techniques In Cloud

Providing Access Permissions to Legitimate Users by Using Attribute Based Encryption Techniques In Cloud Providing Access Permissions to Legitimate Users by Using Attribute Based Encryption Techniques In Cloud R.Udhayakumar 1, M. Jawahar 2, I.Ramasamy 3 PG Student, Dept. Of CSE,KSR Institute For Engineering

More information

Message Authentication Codes

Message Authentication Codes 2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,

More information

CRYPTOGRAPHY AS A SERVICE

CRYPTOGRAPHY AS A SERVICE CRYPTOGRAPHY AS A SERVICE Peter Robinson RSA, The Security Division of EMC Session ID: ADS R01 Session Classification: Advanced Introduction Deploying cryptographic keys to end points such as smart phones,

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

A Review on the State-of-the-Art Privacy Preserving Approaches in the e-health Clouds

A Review on the State-of-the-Art Privacy Preserving Approaches in the e-health Clouds > REPLACE THIS LINE WITH YOUR PAPER IDENTIFICATION NUMBER (DOUBLE-CLICK HERE TO EDIT) < 1 A Review on the State-of-the-Art Privacy Preserving Approaches in the e-health Clouds Assad Abbas, Samee U. Khan,

More information

EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY

EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY Siliveru Ashok kumar* S.G. Nawaz ## and M.Harathi # * Student of M.Tech, Sri Krishna Devaraya Engineering College, Gooty # Department

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Data Security Using Reliable Re-Encryption in Unreliable Cloud

Data Security Using Reliable Re-Encryption in Unreliable Cloud ISSN (Online): 2277-5420 www.ijcsn.org Data Security Using Reliable Re-Encryption in Unreliable Cloud 328 1 Ajinkya Adhau, 2 Payal Bobade, 3 Priyanka Zilpe, 4 Yashodhara Fulmali 1, 2, 3, 4 Student, Department

More information

Cloud Computing. servers. Cloud is a phrase that resembles the sharing process. Basically Cloud

Cloud Computing. servers. Cloud is a phrase that resembles the sharing process. Basically Cloud Khalid Al Alshaykh 10/12/14 COM 416 Dr. Maladi Cloud Computing Is it secure? Cloud Computing depends on sharing computing resources without using local servers. Cloud is a phrase that resembles the sharing

More information

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such

More information

ITAR Compliance Best Practices Guide

ITAR Compliance Best Practices Guide ITAR Compliance Best Practices Guide 1 Table of Contents Executive Summary & Overview 3 Data Security Best Practices 4 About Aurora 10 2 Executive Summary & Overview: International Traffic in Arms Regulations

More information

AB 1149 Compliance: Data Security Best Practices

AB 1149 Compliance: Data Security Best Practices AB 1149 Compliance: Data Security Best Practices 1 Table of Contents Executive Summary & Overview 3 Data Security Best Practices 4 About Aurora 10 2 Executive Summary & Overview: AB 1149 is a new California

More information

Lecture 17: Re-encryption

Lecture 17: Re-encryption 600.641 Special Topics in Theoretical Cryptography April 2, 2007 Instructor: Susan Hohenberger Lecture 17: Re-encryption Scribe: Zachary Scott Today s lecture was given by Matt Green. 1 Motivation Proxy

More information

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies 1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?

More information

SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD

SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD S.REVATHI B.HASEENA M.NOORUL IZZATH PG Student PG Student PG Student II- ME CSE II- ME CSE II- ME CSE Al-Ameen Engineering

More information

Keywords : audit, cloud, integrity, station to station protocol, SHA-2, third party auditor, XOR. GJCST-B Classification : C.2.4, H.2.

Keywords : audit, cloud, integrity, station to station protocol, SHA-2, third party auditor, XOR. GJCST-B Classification : C.2.4, H.2. Global Journal of Computer Science and Technology Cloud and Distributed Volume 13 Issue 3 Version 1.0 Year 2013 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals

More information

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0 Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust

More information

CSE/EE 461 Lecture 23

CSE/EE 461 Lecture 23 CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data

More information

A Comprehensive Data Forwarding Technique under Cloud with Dynamic Notification

A Comprehensive Data Forwarding Technique under Cloud with Dynamic Notification Research Journal of Applied Sciences, Engineering and Technology 7(14): 2946-2953, 2014 ISSN: 2040-7459; e-issn: 2040-7467 Maxwell Scientific Organization, 2014 Submitted: July 7, 2013 Accepted: August

More information

Cryptographic process for Cyber Safeguard by using PGP

Cryptographic process for Cyber Safeguard by using PGP Cryptographic process for Cyber Safeguard by using PGP Bharatratna P. Gaikwad 1 Department of Computer Science and IT, Dr. Babasaheb Ambedkar Marathwada University Aurangabad, India 1 ABSTRACT: Data security

More information

CRYPTOGRAPHIC SECURE CLOUD STORAGE MODEL WITH ANONYMOUS AUTHENTICATION AND AUTOMATIC FILE RECOVERY

CRYPTOGRAPHIC SECURE CLOUD STORAGE MODEL WITH ANONYMOUS AUTHENTICATION AND AUTOMATIC FILE RECOVERY SOWMIYA MURTHY: CRYPTOGRAPHIC SECURE CLOUD STORAGE MODEL WITH ANONYMOUS AUTHENTICATION AND AUTOMATIC FILE RECOVERY CRYPTOGRAPHIC SECURE CLOUD STORAGE MODEL WITH ANONYMOUS AUTHENTICATION AND AUTOMATIC FILE

More information

Sync Security and Privacy Brief

Sync Security and Privacy Brief Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical

More information

Secure Multi Authority Cloud Storage Based on CP- ABE and Data Access Control

Secure Multi Authority Cloud Storage Based on CP- ABE and Data Access Control Secure Multi Authority Cloud Storage Based on CP- ABE and Data Access Control Shivarathri Ravinder M. Tech Student, Dept. of CSE, CMR College of Engineering and Technology, Kandlakoya Village, Medchal

More information

Security in Android apps

Security in Android apps Security in Android apps Falco Peijnenburg (3749002) August 16, 2013 Abstract Apps can be released on the Google Play store through the Google Developer Console. The Google Play store only allows apps

More information

Cryptography for the Cloud

Cryptography for the Cloud Cryptography for the Cloud ENS - CNRS - INRIA Cyber-Sécurité - SPECIF CNAM, Paris, France - November 7th, 2014 The Cloud Introduction 2 Access from Anywhere Introduction 3 Available for Everything One

More information

Security Solutions for HIPAA Compliance Issues 1

Security Solutions for HIPAA Compliance Issues 1 :6B)73 6HFXULW\6ROXWLRQVIRU +,3$$&RPSOLDQFH +RZ:6B)73&DQ+HOS +,3$$7KH+HDOWK,QVXUDQFH3RUWDELOLW\DQG $FFRXQWDELOLW\$FWRIZDVHQDFWHGWR HVWDEOLVKJXLGHOLQHVZLWKLQWKHKHDOWKFDUHLQGXVWU\ WRHQVXUHWKHSULYDF\RISDWLHQWVDQGWKHSK\VLFDO

More information

IGI Portal architecture and interaction with a CA- online

IGI Portal architecture and interaction with a CA- online IGI Portal architecture and interaction with a CA- online Abstract In the framework of the Italian Grid Infrastructure, we are designing a web portal for the grid and cloud services provisioning. In following

More information

WHITE PAPER NEXSAN TRANSPORTER PRODUCT SECURITY AN IN-DEPTH REVIEW

WHITE PAPER NEXSAN TRANSPORTER PRODUCT SECURITY AN IN-DEPTH REVIEW NEXSAN TRANSPORTER PRODUCT SECURITY AN IN-DEPTH REVIEW INTRODUCTION As businesses adopt new technologies that touch or leverage critical company data, maintaining the highest level of security is their

More information

GoldKey Product Info. Do not leave your Information Assets at risk Read On... Detailed Product Catalogue for GoldKey

GoldKey Product Info. Do not leave your Information Assets at risk Read On... Detailed Product Catalogue for GoldKey GoldKey Product Info Detailed Product Catalogue for GoldKey Do not leave your Information Assets at risk Read On... GoldKey: Reinventing the Security Strategy The Changing Landscape of Data Security With

More information

Distributed Attribute Based Encryption for Patient Health Record Security under Clouds

Distributed Attribute Based Encryption for Patient Health Record Security under Clouds Distributed Attribute Based Encryption for Patient Health Record Security under Clouds SHILPA ELSA ABRAHAM II ME (CSE) Nandha Engineering College Erode Abstract-Patient Health Records (PHR) is maintained

More information

Highly Secure Data Sharing in Cloud Storage using Key-Pair Cryptosystem

Highly Secure Data Sharing in Cloud Storage using Key-Pair Cryptosystem Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 4, Issue. 10, October 2015,

More information

Access Control patient centric selective sharing Emergency Access Information Exchange

Access Control patient centric selective sharing Emergency Access Information Exchange Electronic Health Record Software Required Security Features and Recommendations for Technical Specifications of Single Source Contracts and RFI for the Behavioral Health Information Technology Grant Scope:

More information

Deploying EFS: Part 1

Deploying EFS: Part 1 Security Watch Deploying EFS: Part 1 John Morello By now, everyone has heard reports about personal or sensitive data being lost because of laptop theft or misplacement. Laptops go missing on a regular

More information

Tutorial 3. June 8, 2015

Tutorial 3. June 8, 2015 Tutorial 3 June 8, 2015 I. Basic Notions 1. Multiple-choice (Review Questions Chapter 6, 8 and 11) 2. Answers by a small paragraph (Chapter 2: viruses: MBR, rootkits, ) Multiple choice X. Which is the

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information