Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records
|
|
- Annabella Banks
- 8 years ago
- Views:
Transcription
1 Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records Melissa Chase (MSR) Joint work with Josh Benaloh, Kristin Lauter, and Eric Horvitz
2 Medical Records Traditionally, health providers kept paper files Transferring data very cumbersome Visiting a new doctor requires paperwork Emergency care often cannot access record
3 Electronic Medical Records Movement to: Digitize records Make accessible to network of providers Patients records will be accessible to any provider who treats them Advantages Better care Reduce costs President Obama: all medical records computerized within 5 years ARR Act: $19 billion
4 Privacy concerns Also dangerous Much easier to steal digital records Much easier to attack remotely accessible system Large system is very vulnerable to abuse ARR Act: Specific objectives: Secure communications Ensure appropriate authorization Encryption
5 Privacy Concerns Why are we concerned about privacy? Want patients to be honest Discrimination Insurance Employment Social stigma (friends/coworkers) Medical Identity Theft
6 Standard Approach to Security: Provider Managed + Access Control Patient Bob patient records Doctor Alice Upload health info Health Record Server Permission? s Log File Must Audit Logs Sensitive information Celebrity records
7 Privacy Concerns Wide access All or nothing permissions Even more in large network scenario Roughly 150 people have access to a patient s record in a hospitalization Patient Controlled Record grant access only to appropriate part of record allow patient to identify providers who treat him
8 Privacy Concerns Wide access All or nothing permissions Even more in large network scenario Roughly 150 people have access to a patient s record in a hospitalization Access control Theft Attack Patient must trust owner/administrator of data for physical and electronic security For privacy (Insider attacks)
9 Create Account Upload health info Search record Patient Bob New Approach: Encryption Health Record Server Bob s record Permission s
10 Using Cryptography Who holds the key? Server Key can be stolen/compromised along with data Third party Somewhat more secure How to maintain functionality? Patient? What we will look at
11 Using Cryptography Must have key backup Hide from server = hides from hackers, thieves, etc Patient Bob Create Account Upload health info Bob s record Search record Health Record Server Permission s
12 Search Search record record Create Account Upload health info Search record Patient Bob Doctor Alice Using Cryptography Pharmacist Charles How do we allow patient to grant partial access? Health Record Server Bob s record Permission s Upload health info Upload health info Grant Grant partial partial access access
13 How to grant partial access? Two approaches Hierarchical record sharing: Patient Controlled Encryption [BCHL09] Assumes hierarchical health record Based on standard, efficient primitives (hash functions, block ciphers) Also consider how to incorporate searchability Re encryption based sharing: Functional Re Encryption [CCV12] Easier to revoke users / add revocation date Easier key management More complex constructions Based on bilinear pairing
14 Hierarchical Record Sharing Joint work with Eric Horvitz, Kristin Lauter, and Josh Benaloh
15 Hierarchical Record Sharing Grant partial access Assumption on types of delegation Arrange the record in a hierarchy Allowable delegations: rights to a category
16 Ex: Hierarchical Health Records Give Doctor access to entire record
17 Ex: Hierarchical Health Records Give Doctor access to entire record Give Exercise info to cousin
18 Ex: Hierarchical Health Records Give Doctor access to entire record Give Exercise info to cousin
19 Ex: Hierarchical Health Records Give Doctor access to entire record Give Exercise info to cousin Give Eyeglass Prescription to Retailer
20 Ex: Hierarchical Health Records Give Doctor access to entire record Give Exercise info to cousin Give Eyeglass Prescription to Retailer
21 Ex: Hierarchical Health Records Give Doctor access to entire record Give Exercise info to cousin Give Eyeglass Prescription to Retailer Give Dental Information and Allergies and Medications to Dentist
22 Ex: Hierarchical Health Records Give Doctor access to entire record Give Exercise info to cousin Give Eyeglass Prescription to Retailer Give Dental Information and Allergies and Medications to Dentist
23 Security Hierarchical Encryption Symmetric Key [AT83, S88, ] Public Key: HIBE[GS02, ] only have access if an appropriate key was given KeyDer KeyDer
24 Patient Controlled Encryption Create Account Patient Bob Upload health info Search record Health Record Server Bob s record Permission s
25 Patient Controlled Encryption Create Account Patient Bob Upload health info Search record Doctor Alice Health Record Server Bob s record Permission s Upload health info Upload health info
26 Patient Controlled Encryption Grant Grant partial partial access access Pharmacist Charles Search Search record record Create Account Patient Bob Upload health info Search record Doctor Alice Health Record Server Bob s record Permission s Upload health info Upload health info
27 Patient Controlled Encryption
28 Re Encryption based Sharing Joint work with Nishanth Chandran and Vinod Vaikuntanathan
29 An example: Cloud storage for patient health records Bob s health record Doctor Medications Medications Cardiology Pharmacist X Rays Research Center Sister Patient Bob Access
30 Encrypted Cloud Storage Encrypt files Medications Bob s health record Medications Cardiology Doctor Pharmacist X Rays Research Center Sister Patient Bob Access
31 Encrypted Cloud Storage Encrypt files Medications Bob s health record Medications Cardiology Doctor Pharmacist X Rays Research Center Sister Patient Bob Access
32 Encrypted Cloud Storage Encrypt files Medications Bob s health record Medications Cardiology Doctor Pharmacist X Rays Research Center Patient Bob Access Sister How to implement access policy??
33 Access control for encrypted data How can we implement access control when data is encrypted? Our goal: Allow server to perform access control on encrypted data Server will: take files encrypted for Bob transform them into files encrypted for appropriate recipient without decrypting anything. Server cannot decrypt!
34 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record Medications Cardiology Doctor Pharmacist X Rays Research Center Patient Bob Generate policy token Access token Sister
35 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record Medications Cardiology X Rays token token token Doctor Pharmacist Research Center Patient Bob Generate policy token Access token Sister
36 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record Medications Cardiology X Rays token token token Correct recipients retrieve and decrypt Doctor Pharmacist Research Center Patient Bob Generate policy token Access token Sister
37 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record Medications Cardiology X Rays token token token Correct recipients retrieve and decrypt Doctor Pharmacist Research Center Patient Bob Generate policy token Access Sister Server can: Transform encrypted files into files readable by appropriate recipients Cannot decrypt or read token any files (Strong notion of security vs collusion, etc)
38 Private Access Control Want private cloud, where sensitive data is hidden even from cloud operator Previous scenario: server can implement policy but cannot decrypt any ciphertexts But sometimes the policy itself is private! E.g.: Whether patient has chosen to participate in research project for mental health records May want to give access to one family member without revealing that fact to others Question: Can we allow the same functionality, but without revealing the policy, even to the cloud provider?
39 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record Medications Cardiology X Rays token token token Correct recipients retrieve and decrypt Doctor Pharmacist Research Center Patient Bob Generate policy token Access token Sister
40 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record + Medications + Cardiology X Rays + token token token Correct recipients retrieve and decrypt Doctor Pharmacist Research Center Patient Bob Generate policy token Access token Sister
41 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record + Medications + Cardiology X Rays + token token token Correct recipients retrieve and decrypt Doctor Pharmacist Research Center Patient Bob Generate policy token Access token Sister
42 Access control for encrypted data: Our approach Encrypt files Medications Bob s health record + Medications + Cardiology X Rays + token token token Correct recipients retrieve and decrypt Doctor Pharmacist Research Center Patient Bob Generate policy token Access Sister Server can: Transform encrypted files into files readable by appropriate recipients Cannot decrypt or read token any files Cannot learn anything about policy (Strong notion of security vs collusion, etc)
43 Constructions Private access control on encrypted data Hides policy and tags For very simple policies Construction based on pairings Relatively mild assumptions about pairing curves Can also achieve more efficient constructions where and tags are not hidden Fairly general formulas Similar to work on outsourcing ABE decryption [GHW 2011]
44 Advantages Private data is hidden from server: Security against server compromise, theft, untrusted operators, etc As secure as patient downloading, decrypting, re encrypting Even if server colludes with recipients Patient only online to set/change policy Access control is invisible to recipients Decryptor s efficiency independent of policy is hidden from recipients Revocation is invisible for recipients
45 Conclusions and Future Work
46 Open Issues Additional privacy concerns Key backup Identification Usability?
47 Conclusions Electronic Medical Records present risks to privacy Access control is not sufficient Encryption + Patient Control is the right approach 2 approaches for partial access when files are encrypted Hierarchical sharing Re encryption based sharing
48 Questions
49
50
Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records
Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records Josh Benaloh, Melissa Chase, Eric Horvitz, and Kristin Lauter Microsoft Research Redmond, WA, USA {benaloh,melissac,horvitz,klauter}@microsoft.com
More informationPatient Controlled Encryption: Ensuring Privacy of Electronic Medical Records
Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records Josh Benaloh, Melissa Chase, Eric Horvitz, and Kristin Lauter Microsoft Research Redmond, WA, USA {benaloh,melissac,horvitz,klauter}@microsoft.com
More informationSecurity System in Cloud Computing for Medical Data Usage
, pp.27-31 http://dx.doi.org/10.14257/astl.2013.38.06 Security System in Cloud Computing for Medical Data Usage Maya Louk 1, Hyotaek Lim 2, Hoon Jae Lee 3 1 Department of Ubiquitous IT, Graduate School
More informationEFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE
EFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE Reshma Mary Abraham and P. Sriramya Computer Science Engineering, Saveetha University, Chennai, India E-Mail: reshmamaryabraham@gmail.com
More informationA NOVEL APPROACH FOR MULTI-KEYWORD SEARCH WITH ANONYMOUS ID ASSIGNMENT OVER ENCRYPTED CLOUD DATA
A NOVEL APPROACH FOR MULTI-KEYWORD SEARCH WITH ANONYMOUS ID ASSIGNMENT OVER ENCRYPTED CLOUD DATA U.Pandi Priya 1, R.Padma Priya 2 1 Research Scholar, Department of Computer Science and Information Technology,
More informationNEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA
THE PUBLISHING HOUSE PROCEEDINGS OF THE ROMANIAN ACADEMY, Series A, OF THE ROMANIAN ACADEMY Volume 14, Number 1/2013, pp. 72 77 NEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA Laurenţiu BURDUŞEL Politehnica
More informationSecure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment
Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment Chih Hung Wang Computer Science and Information Engineering National Chiayi University Chiayi City 60004,
More informationA Survey of Cloud Storage Security Research. Mar Kheng Kok Nanyang Polytechnic mar_kheng_kok@nyp.gov.sg
A Survey of Cloud Storage Security Research Mar Kheng Kok Nanyang Polytechnic mar_kheng_kok@nyp.gov.sg Presentation Outline Security concerns of cloud storage Data confidentiality in the cloud Data availability/integrity
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 1 January 9, 2012 CPSC 467b, Lecture 1 1/22 Course Overview Symmetric Cryptography CPSC 467b, Lecture 1 2/22 Course Overview CPSC
More informationSharing Of Multi Owner Data in Dynamic Groups Securely In Cloud Environment
Sharing Of Multi Owner Data in Dynamic Groups Securely In Cloud Environment Deepa Noorandevarmath 1, Rameshkumar H.K 2, C M Parameshwarappa 3 1 PG Student, Dept of CS&E, STJIT, Ranebennur. Karnataka, India
More informationCLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE RE-ENCRYPTION
CLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE RE-ENCRYPTION Chandrala DN 1, Kulkarni Varsha 2 1 Chandrala DN, M.tech IV sem,department of CS&E, SVCE, Bangalore 2 Kulkarni Varsha, Asst. Prof.
More informationPrivacy and Verifiability for Data Storage in Cloud Computing. Melek Ӧnen August 17, 2015 IFIP Summer School, Edinburgh
Privacy and Verifiability for Data Storage in Cloud Computing Melek Ӧnen August 17, 2015 IFIP Summer School, Edinburgh Cloud Computing Outsourcing storage & computation High availability No IT maintenance
More informationMulti Layered Securing of Health Records using Public and Private Model in Cloud
pp 97 102 Krishi Sanskriti Publications http://www.krishisanskriti.org/acsit.html Multi Layered Securing of Health Records using Public and Private Model in Cloud Vijay J 1, Anitha C.L 2 1 P.G.Student,
More informationAn Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud
An Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud Sanjay Madria Professor and Site Director for NSF I/UCRC Center on Net-Centric Software and Systems Missouri University
More informationPrivacy Patterns in Public Clouds
Privacy Patterns in Public Clouds Sashank Dara Security Technologies Group, Cisco Systems, Bangalore email: krishna.sashank@gmail.com January 25, 2014 Abstract Internet users typically consume a wide range
More informationSECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS
SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS Abstract: The Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential
More informationNetwork Security Protocols
Network Security Protocols EE657 Parallel Processing Fall 2000 Peachawat Peachavanish Level of Implementation Internet Layer Security Ex. IP Security Protocol (IPSEC) Host-to-Host Basis, No Packets Discrimination
More information7 Key Management and PKIs
CA4005: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 7 Key Management and PKIs 7.1 Key Management Key Management For any use of cryptography, keys must be handled correctly. Symmetric keys must be kept secret.
More informationAN ENHANCED ATTRIBUTE BASED ENCRYPTION WITH MULTI PARTIES ACCESS IN CLOUD AREA
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 1, January 2014,
More informationConnected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)
Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.
More informationDatabase Security. The Need for Database Security
Database Security Public domain NASA image L-1957-00989 of people working with an IBM type 704 electronic data processing machine. 1 The Need for Database Security Because databases play such an important
More informationTELE 301 Network Management. Lecture 18: Network Security
TELE 301 Network Management Lecture 18: Network Security Haibo Zhang Computer Science, University of Otago TELE301 Lecture 18: Network Security 1 Security of Networks Security is something that is not
More informationCryptanalysis of Cloud based computing
Cryptanalysis of Cloud based computing COMP 4109 Elom Tsiagbey Overview Introduction Recent threats to cloud computing Key Management models Conclusion Proposed key management model What is Cloud Computing?
More informationSecure Sharing of Health Records in Cloud Using ABE
Secure Sharing of Health Records in Cloud Using ABE Nithya.E, TousifAhamed Nadaf Abstract In recent years, Personal health record (PHR) has emerged as a patient-centric model of health information exchange.
More informationYALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467a: Cryptography and Computer Security Notes 1 (rev. 1) Professor M. J. Fischer September 3, 2008 1 Course Overview Lecture Notes 1 This course is
More informationADVANCE SECURITY TO CLOUD DATA STORAGE
Journal homepage: www.mjret.in ADVANCE SECURITY TO CLOUD DATA STORAGE ISSN:2348-6953 Yogesh Bhapkar, Mitali Patil, Kishor Kale,Rakesh Gaikwad ISB&M, SOT, Pune, India Abstract: Cloud Computing is the next
More informationSecure cloud access system using JAR ABSTRACT:
Secure cloud access system using JAR ABSTRACT: Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that
More informationData management using Virtualization in Cloud Computing
Data management using Virtualization in Cloud Computing A.S.R. Krishna Kanth M.Tech (CST), Department of Computer Science & Systems Engineering, Andhra University, India. M.Sitha Ram Research Scholar Department
More informationMonitoring Data Integrity while using TPA in Cloud Environment
Monitoring Data Integrity while using TPA in Cloud Environment Jaspreet Kaur, Jasmeet Singh Abstract Cloud Computing is the arising technology that delivers software, platform and infrastructure as a service
More informationSecure Collaborative Privacy In Cloud Data With Advanced Symmetric Key Block Algorithm
Secure Collaborative Privacy In Cloud Data With Advanced Symmetric Key Block Algorithm Twinkle Graf.F 1, Mrs.Prema.P 2 1 (M.E- CSE, Dhanalakshmi College of Engineering, Chennai, India) 2 (Asst. Professor
More informationWhat Are Certificates?
The Essentials Series: Code-Signing Certificates What Are Certificates? sponsored by by Don Jones W hat Are Certificates?... 1 Digital Certificates and Asymmetric Encryption... 1 Certificates as a Form
More informationWHITE PAPER www.tresorit.com
WHITE PAPER tresor [tʀeˈzoːɐ ] noun (German) 1. lockable, armoured cabinet THE CLOUD IS UNTRUSTED The cloud has huge potential when it comes to storing, sharing and exchanging files, but the security provided
More informationThe Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems
The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems Becky Cutler Rebecca.cutler@tufts.edu Mentor: Professor Chris Gregg Abstract Modern day authentication systems
More informationCONTROLLING DATA IN THE CLOUD: OUTSOURCING COMPUTATION WITHOUT OUTSOURCING CONTROL
CONTROLLING DATA IN THE CLOUD: OUTSOURCING COMPUTATION WITHOUT OUTSOURCING CONTROL Paper By: Chow, R; Golle, P; Jakobsson, M; Shai, E; Staddon, J From PARC & Masuoka, R And Mollina From Fujitsu Laboratories
More informationExpert Reference Series of White Papers. Fundamentals of the PKI Infrastructure
Expert Reference Series of White Papers Fundamentals of the PKI Infrastructure 1-800-COURSES www.globalknowledge.com Fundamentals of the PKI Infrastructure Boris Gigovic, Global Knowledge Instructor, CEI,
More informationCategorical Heuristic for Attribute Based Encryption in the Cloud Server
Categorical Heuristic for Attribute Based Encryption in the Cloud Server R. Brindha 1, R. Rajagopal 2 1( M.E, Dept of CSE, Vivekanandha Institutes of Engineering and Technology for Women, Tiruchengode,
More informationAuthentication Types. Password-based Authentication. Off-Line Password Guessing
Authentication Types Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4:
More informationCommon security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon
1 Common security requirements Basic security tools Secret-key cryptography Public-key cryptography Example Online shopping with Amazon 2 Alice credit card # is xxxx Internet What could the hacker possibly
More informationVICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui
VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui School of Engineering and Computer Science Te Kura Mātai Pūkaha, Pūrorohiko PO Box 600 Wellington New Zealand Tel: +64 4 463
More informationSheltered Multi-Owner Data distribution For vibrant Groups in the Cloud
Sheltered Multi-Owner Data distribution For vibrant Groups in the Cloud I.sriram murthy 1 N.Jagajeevan 2 II M-Tech student Assistant.Professor Department of computer science & Engineering Department of
More informationA Secure Decentralized Access Control Scheme for Data stored in Clouds
A Secure Decentralized Access Control Scheme for Data stored in Clouds Priyanka Palekar 1, Abhijeet Bharate 2, Nisar Anjum 3 1 SKNSITS, University of Pune 2 SKNSITS, University of Pune 3 SKNSITS, University
More informationPrinceton University Computer Science COS 432: Information Security (Fall 2013)
Princeton University Computer Science COS 432: Information Security (Fall 2013) This test has 13 questions worth a total of 50 points. That s a lot of questions. Work through the ones you re comfortable
More informationRole Based Encryption with Efficient Access Control in Cloud Storage
Role Based Encryption with Efficient Access Control in Cloud Storage G. V. Bandewar 1, R. H. Borhade 2 1 Department of Information Technology, Sinhgad Technical Education Society s SKNCOE, Pune, India
More informationDecentralized Access Control Schemes for Data Storage on Cloud
Computer Science and Engineering 2016, 6(1): 1-6 DOI: 10.5923/j.computer.20160601.01 Decentralized Access Control Schemes for Data Storage on Cloud Shraddha V. Mokle *, Nuzhat F. Shaikh Department of Computer
More informationAN EFFICIENT AUDIT SERVICE OUTSOURCING FOR DATA IN TEGRITY IN CLOUDS
AN EFFICIENT AUDIT SERVICE OUTSOURCING FOR DATA IN TEGRITY IN CLOUDS Mrs.K.Saranya, M.E.,(CSE), Jay Shriram Group of Institutions, Tirupur. Saranya17113@gmail.com Dr.S.Rajalakshmi, Associate Professor/CSE,
More informationKeywords: Authentication, Third party audit, cloud storage, cloud service provider, Access control.
Volume 5, Issue 3, March 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Identity Based
More informationSecure Network Communication Part II II Public Key Cryptography. Public Key Cryptography
Kommunikationssysteme (KSy) - Block 8 Secure Network Communication Part II II Public Key Cryptography Dr. Andreas Steffen 2000-2001 A. Steffen, 28.03.2001, KSy_RSA.ppt 1 Secure Key Distribution Problem
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More information2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries
Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application
More informationSecure Data Management Scheme using One-Time Trapdoor on Cloud Storage Environment
, pp.257-272 http://dx.doi.org/10.14257/ijsia.2014.8.1.24 Secure Data Management Scheme using One-Time Trapdoor on Cloud Storage Environment Sun-Ho Lee and Im-Yeong Lee 1 Department of Computer Software
More informationHow To Use Pretty Good Privacy (Pgp) For A Secure Communication
Cryptographic process for Cyber Safeguard by using PGP Bharatratna P. Gaikwad 1 Department of Computer Science and IT, Dr. Babasaheb Ambedkar Marathwada University Aurangabad, India 1 ABSTRACT: Data security
More informationAssociate Prof. Dr. Victor Onomza Waziri
BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,
More informationSecure Computation Martin Beck
Institute of Systems Architecture, Chair of Privacy and Data Security Secure Computation Martin Beck Dresden, 05.02.2015 Index Homomorphic Encryption The Cloud problem (overview & example) System properties
More informationA Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA
A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA Mr.Mahesh S.Giri Department of Computer Science & Engineering Technocrats Institute of Technology Bhopal, India
More informationAn Enhanced Security Enabled Sharing of Protected Cloud Storage Services by Trapdoor Commitment Based on RSA Signature Assumption
Bonfring International Journal of Research in Communication Engineering, Vol. 2, No. 3, September 2012 1 An Enhanced Security Enabled Sharing of Protected Cloud Storage Services by Trapdoor Commitment
More informationVerifiable Outsourced Computations Outsourcing Computations to Untrusted Servers
Outsourcing Computations to Untrusted Servers Security of Symmetric Ciphers in Network Protocols ICMS, May 26, 2015, Edinburgh Problem Motivation Problem Motivation Problem Motivation Problem Motivation
More informationSECURE RE-ENCRYPTION IN UNRELIABLE CLOUD USINGSYNCHRONOUS CLOCK
International Journal of Advance Research In Science And Engineering IJARSE, Vol. No.4, Issue No.01, January 2015 http:// SECURE RE-ENCRYPTION IN UNRELIABLE CLOUD USINGSYNCHRONOUS CLOCK Arudra Gopala Rao
More informationWhite Paper: Multi-Factor Authentication Platform
White Paper: Multi-Factor Authentication Platform Version: 1.4 Updated: 29/10/13 Contents: About zero knowledge proof authentication protocols: 3 About Pairing-Based Cryptography (PBC) 4 Putting it all
More informationSecure Cross Border File Protection & Sharing for Enterprise Product Brief CRYPTOMILL INC
C NNECTED Circles of Trust Secure Cross Border File Protection & Sharing for Enterprise Product Brief www.cryptomill.com product overview OVERVIEW Connected Circles of Trust is an endpoint data security
More informationComments on "public integrity auditing for dynamic data sharing with multi-user modification"
University of Wollongong Research Online Faculty of Engineering and Information Sciences - Papers Faculty of Engineering and Information Sciences 2016 Comments on "public integrity auditing for dynamic
More informationA Review on the State-of-the-Art Privacy Preserving Approaches in the e-health Clouds
> REPLACE THIS LINE WITH YOUR PAPER IDENTIFICATION NUMBER (DOUBLE-CLICK HERE TO EDIT) < 1 A Review on the State-of-the-Art Privacy Preserving Approaches in the e-health Clouds Assad Abbas, Samee U. Khan,
More informationMessage Authentication Codes
2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,
More informationCRYPTOGRAPHY AS A SERVICE
CRYPTOGRAPHY AS A SERVICE Peter Robinson RSA, The Security Division of EMC Session ID: ADS R01 Session Classification: Advanced Introduction Deploying cryptographic keys to end points such as smart phones,
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationEFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY
EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY Siliveru Ashok kumar* S.G. Nawaz ## and M.Harathi # * Student of M.Tech, Sri Krishna Devaraya Engineering College, Gooty # Department
More informationSecurity and accounting for Storage Service Provider
Security and accounting for Storage Service Provider Yongdae Kim Collaborators: N. Hopper, J. Weissman, A. Chandra Students: V. Kher, I. Osipkov, S. Hong, J. Kim University of Minnesota Supported by DISC,
More informationCloud Computing. servers. Cloud is a phrase that resembles the sharing process. Basically Cloud
Khalid Al Alshaykh 10/12/14 COM 416 Dr. Maladi Cloud Computing Is it secure? Cloud Computing depends on sharing computing resources without using local servers. Cloud is a phrase that resembles the sharing
More informationnwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.
CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationEntrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0
Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust
More information1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies
1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?
More informationKeywords : audit, cloud, integrity, station to station protocol, SHA-2, third party auditor, XOR. GJCST-B Classification : C.2.4, H.2.
Global Journal of Computer Science and Technology Cloud and Distributed Volume 13 Issue 3 Version 1.0 Year 2013 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals
More informationSECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD
SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD S.REVATHI B.HASEENA M.NOORUL IZZATH PG Student PG Student PG Student II- ME CSE II- ME CSE II- ME CSE Al-Ameen Engineering
More informationGoldKey Product Info. Do not leave your Information Assets at risk Read On... Detailed Product Catalogue for GoldKey
GoldKey Product Info Detailed Product Catalogue for GoldKey Do not leave your Information Assets at risk Read On... GoldKey: Reinventing the Security Strategy The Changing Landscape of Data Security With
More informationDispatch: A Unique Email Security Solution
Dispatch: A Unique Email Security Solution 720 836 1222 sales / support sales@absio.com email www.absio.com web 8740 Lucent Boulevard, Ste 101 Highlands Ranch, CO, 80129 1 110-WP005-1 Organizations use
More informationCS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University
CS377: Database Systems Data Security and Privacy Li Xiong Department of Mathematics and Computer Science Emory University 1 Principles of Data Security CIA Confidentiality Triad Prevent the disclosure
More informationCRYPTOGRAPHIC SECURE CLOUD STORAGE MODEL WITH ANONYMOUS AUTHENTICATION AND AUTOMATIC FILE RECOVERY
SOWMIYA MURTHY: CRYPTOGRAPHIC SECURE CLOUD STORAGE MODEL WITH ANONYMOUS AUTHENTICATION AND AUTOMATIC FILE RECOVERY CRYPTOGRAPHIC SECURE CLOUD STORAGE MODEL WITH ANONYMOUS AUTHENTICATION AND AUTOMATIC FILE
More informationA Comprehensive Data Forwarding Technique under Cloud with Dynamic Notification
Research Journal of Applied Sciences, Engineering and Technology 7(14): 2946-2953, 2014 ISSN: 2040-7459; e-issn: 2040-7467 Maxwell Scientific Organization, 2014 Submitted: July 7, 2013 Accepted: August
More informationLecture 17: Re-encryption
600.641 Special Topics in Theoretical Cryptography April 2, 2007 Instructor: Susan Hohenberger Lecture 17: Re-encryption Scribe: Zachary Scott Today s lecture was given by Matt Green. 1 Motivation Proxy
More informationSecure Multi Authority Cloud Storage Based on CP- ABE and Data Access Control
Secure Multi Authority Cloud Storage Based on CP- ABE and Data Access Control Shivarathri Ravinder M. Tech Student, Dept. of CSE, CMR College of Engineering and Technology, Kandlakoya Village, Medchal
More informationIGI Portal architecture and interaction with a CA- online
IGI Portal architecture and interaction with a CA- online Abstract In the framework of the Italian Grid Infrastructure, we are designing a web portal for the grid and cloud services provisioning. In following
More informationCryptography for the Cloud
Cryptography for the Cloud ENS - CNRS - INRIA Cyber-Sécurité - SPECIF CNAM, Paris, France - November 7th, 2014 The Cloud Introduction 2 Access from Anywhere Introduction 3 Available for Everything One
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationWhy Johnny Can't Encrypt: A Usability Study of PGP
Why Johnny Can't Encrypt: A Usability Study of PGP Jan Sousedek Technische Universität Berlin, Germany Erasmus program Summer semester 2008 Seminar: Internet Security jan.sousedek@seznam.cz Abstract Interfaces
More informationHighly Secure Data Sharing in Cloud Storage using Key-Pair Cryptosystem
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 4, Issue. 10, October 2015,
More informationAccess Control patient centric selective sharing Emergency Access Information Exchange
Electronic Health Record Software Required Security Features and Recommendations for Technical Specifications of Single Source Contracts and RFI for the Behavioral Health Information Technology Grant Scope:
More informationTutorial 3. June 8, 2015
Tutorial 3 June 8, 2015 I. Basic Notions 1. Multiple-choice (Review Questions Chapter 6, 8 and 11) 2. Answers by a small paragraph (Chapter 2: viruses: MBR, rootkits, ) Multiple choice X. Which is the
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationHomomorphic encryption and emerging technologies COSC412
Homomorphic encryption and emerging technologies COSC412 Learning objectives Describe useful work that can be done on encrypted data Appreciate the overall way in which an example homomorphic encryption
More informationDigital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University
Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate
More informationModule 7 Security CS655! 7-1!
Module 7 Security CS655! 7-1! Issues Separation of! Security policies! Precise definition of which entities in the system can take what actions! Security mechanism! Means of enforcing that policy! Distributed
More informationScalable and secure sharing of data in cloud computing using attribute based encryption
Volume :2, Issue :4, 416-420 April 2015 www.allsubjectjournal.com e-issn: 2349-4182 p-issn: 2349-5979 Impact Factor: 3.762 Ghodake Shubhangi Joshi Priyanka Khobragade Pranjali Chandak Manjiri Scalable
More informationMulti-User Searchable Encryption in the Cloud. Cédric Van Rompay, Refik Molva, and Melek Önen ISC 2015 September 10, 2015 Trondheim, Norway
Multi-User Searchable Encryption in the Cloud Cédric Van Rompay, Refik Molva, and Melek Önen ISC 2015 th September 10, 2015 Trondheim, Norway Outline Searchable Encryption Multi-User Scenarios State of
More informationAttribute Based Encryption with Privacy Preserving In Clouds
Attribute Based Encryption with Privacy Preserving In Clouds M. Suriyapriya 1, A. Joicy 2 PG Scholar 1 Assistant Professor CSE Department 2 St.Joseph College of Engineering Sriperumbudur, Chennai-602105
More informationProviding Access Permissions to Legitimate Users by Using Attribute Based Encryption Techniques In Cloud
Providing Access Permissions to Legitimate Users by Using Attribute Based Encryption Techniques In Cloud R.Udhayakumar 1, M. Jawahar 2, I.Ramasamy 3 PG Student, Dept. Of CSE,KSR Institute For Engineering
More informationDATA SECURITY HACKS, HIPAA AND HUMAN RISKS
DATA SECURITY HACKS, HIPAA AND HUMAN RISKS MSCPA HEALTH CARE SERVICES SEMINAR Ken Miller, CPA, CIA, CRMA, CHC, CISA Senior Manager, Healthcare HORNE LLP September 25, 2015 AGENDA 2015 The Year of the Healthcare
More informationCNT5410 - Computer and Network Security Review/Wrapup
CNT5410 - Computer and Network Security Review/Wrapup Professor Kevin Butler Fall 2015 Review What did we talk about this semester? Cryptography secret vs public-key key exchange (Diffie-Hellman) symmetric
More informationTufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao Guocui.gao@tufts.
Tufts University Department of Computer Science COMP 116 Introduction to Computer Security Fall 2014 Final Project Investigating Security Issues in Cloud Computing Guocui Gao Guocui.gao@tufts.edu Mentor:
More informationSecurity of Cloud Storage: - Deduplication vs. Privacy
Security of Cloud Storage: - Deduplication vs. Privacy Benny Pinkas - Bar Ilan University Shai Halevi, Danny Harnik, Alexandra Shulman-Peleg - IBM Research Haifa 1 Remote storage and security Easy to encrypt
More information