Search results for: confidentiality
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 146

Search results for: confidentiality

146 Best Practices to Enhance Patient Security and Confidentiality When Using E-Health in South Africa

Authors: Lethola Tshikose, Munyaradzi Katurura

Abstract:

Information and Communication Technology (ICT) plays a critical role in improving daily healthcare processes. The South African healthcare organizations have adopted Information Systems to integrate their patient records. This has made it much easier for healthcare organizations because patient information can now be accessible at any time. The primary purpose of this research study was to investigate the best practices that can be applied to enhance patient security and confidentiality when using e-health systems in South Africa. Security and confidentiality are critical in healthcare organizations as they ensure safety in EHRs. The research study used an inductive research approach that included a thorough literature review; therefore, no data was collected. The research paper’s scope included patient data and possible security threats associated with healthcare systems. According to the study, South African healthcare organizations discovered various patient data security and confidentiality issues. The study also revealed that when it comes to handling patient data, health professionals sometimes make mistakes. Some may not be computer literate, which posed issues and caused data to be tempered with. The research paper recommends that healthcare organizations ensure that security measures are adequately supported and promoted by their IT department. This will ensure that adequate resources are distributed to keep patient data secure and confidential. Healthcare organizations must correctly use standards set up by IT specialists to solve patient data security and confidentiality issues. Healthcare organizations must make sure that their organizational structures are adaptable to improve security and confidentiality.

Keywords: E-health, EHR, security, confidentiality, healthcare

Procedia PDF Downloads 59
145 Secure Transfer of Medical Images Using Hybrid Encryption Authentication, Confidentiality, Integrity

Authors: Boukhatem Mohammed Belkaid, Lahdir Mourad

Abstract:

In this paper, we propose a new encryption system for security issues medical images. The hybrid encryption scheme is based on AES and RSA algorithms to validate the three security services are authentication, integrity, and confidentiality. Privacy is ensured by AES, authenticity is ensured by the RSA algorithm. Integrity is assured by the basic function of the correlation between adjacent pixels. Our system generates a unique password every new session of encryption, that will be used to encrypt each frame of the medical image basis to strengthen and ensure his safety. Several metrics have been used for various tests of our analysis. For the integrity test, we noticed the efficiencies of our system and how the imprint cryptographic changes at reception if a change affects the image in the transmission channel.

Keywords: AES, RSA, integrity, confidentiality, authentication, medical images, encryption, decryption, key, correlation

Procedia PDF Downloads 540
144 Towards a Secure Storage in Cloud Computing

Authors: Mohamed Elkholy, Ahmed Elfatatry

Abstract:

Cloud computing has emerged as a flexible computing paradigm that reshaped the Information Technology map. However, cloud computing brought about a number of security challenges as a result of the physical distribution of computational resources and the limited control that users have over the physical storage. This situation raises many security challenges for data integrity and confidentiality as well as authentication and access control. This work proposes a security mechanism for data integrity that allows a data owner to be aware of any modification that takes place to his data. The data integrity mechanism is integrated with an extended Kerberos authentication that ensures authorized access control. The proposed mechanism protects data confidentiality even if data are stored on an untrusted storage. The proposed mechanism has been evaluated against different types of attacks and proved its efficiency to protect cloud data storage from different malicious attacks.

Keywords: access control, data integrity, data confidentiality, Kerberos authentication, cloud security

Procedia PDF Downloads 335
143 The Problem of Reconciling the Principle of Confidentiality in Foreign Investment Arbitration with the Public Interest

Authors: Bárbara Magalhães Bravo, Cláudia Figueiras

Abstract:

The economical globalization through the liberalization of the markets and capitals boosted the economical development of the nations and the needs for sorting out the disputes arising from the foreign investment. The arbitration, for all the inherent advantages, such as swiftness, arbitrators’ specialise skills and impartiality sets a pacifier tool for the interest in account. Safeguarded the public interest, we face the problem of the confidentiality in the arbitration. The urgent development of impelling mechanisms concerning transparency, guaranty and protection of the interest in account, reveals itself urgent. Through a bibliography review, we will dense the state of art, by going through the several solutions concerning, and pointing out the most suitable. Through the jurisprudential analysis we will point out the solution for the conflict confidentiality/public interest. The transparency, inextricable from the public interest, imposes the arbitration process can be open to all citizens. Transparency rules have been considered at the UNCITRAL in attempting to conciliate the necessity of publicity and the public interest, however still insufficient. The arbitration of foreign investment carries consequences to the citizens of the State. Articulating mechanisms between the arbitral procedures secrecy and the public interest should be adopted. The arbitration of foreign investment, being a tertius genius between the international arbitration and the administrative arbitration would claim its own regulation in each and every States where the confidentiality rules and its exceptions could be identified. One should enquiry where the limit of the citizens’ individual rights protection and the public interest should give way to the principle of transparency

Keywords: arbitration, foreign investment, transparency, confidenciality, International Centre for Settlement of Investment Disputes UNCITRAL

Procedia PDF Downloads 214
142 Adaptation of Research Methodology in a Culture: A Reflection from Bangladesh

Authors: Umme Habiba Jasmine, Mzikazi Nduna

Abstract:

Due to the dearth of exploratory research in Bangladesh on parenting practices and transmission thereof, there is a lack of information on culture-sensitive methodology in studying this topic. This paper aims to share some methodological reflections from the research field, which will address this knowledge gap. Eleven dyads of biological mothers and maternal grandmothers of school-going children constituted the sample, and a female fieldworker conducted one-to-one, semi-structured, in-depth interviews with them. The participants were recruited through purposive sampling through a representative of a cooperative society in Mirpur area in Bangladesh. Four dyads of the sample outside that eleven dyads were discarded because of the unavailability of the other participant of the dyads or unsuitability for an in-depth interview. The sample recruitment strategy of approaching mothers without their known reference body had to be discarded because of existing social insecurity in Dhaka city. To meet the cultural demand of the research field the researcher had to change in the research plan and comply with the cultural tradition of mutual entertainment with food while conducting interviews which helped in engaging in positive interaction. Also, the researcher had to compromise the strict confidentiality to a collectivistic sense of confidentiality of the in-depth interview sessions. This study suggests future researchers to investigate Bangladeshi traditional practices and accommodate the applicable ones in their research plan for qualitative studies, especially the Bengali tradition of hospitality and shared confidentiality for building rapport and for proper access to the targeted information and research participants. Sample recruitment should always accompany a well-accepted reference person in the targeted research field.

Keywords: confidentiality, culture-sensitive, ethics, parenting practices, sampling

Procedia PDF Downloads 109
141 Secure Transfer of Medical Images Using Hybrid Encryption

Authors: Boukhatem Mohamed Belkaid, Lahdi Mourad

Abstract:

In this paper, we propose a new encryption system for security issues medical images. The hybrid encryption scheme is based on AES and RSA algorithms to validate the three security services are authentication, integrity, and confidentiality. Privacy is ensured by AES, authenticity is ensured by the RSA algorithm. Integrity is assured by the basic function of the correlation between adjacent pixels. Our system generates a unique password every new session of encryption, that will be used to encrypt each frame of the medical image basis to strengthen and ensure his safety. Several metrics have been used for various tests of our analysis. For the integrity test, we noticed the efficiencies of our system and how the imprint cryptographic changes at reception if a change affects the image in the transmission channel.

Keywords: AES, RSA, integrity, confidentiality, authentication, medical images, encryption, decryption, key, correlation

Procedia PDF Downloads 443
140 A Contribution to Blockchain Privacy

Authors: Malika Yaici, Feriel Lalaoui, Lydia Belhoul

Abstract:

As a new distributed point-to-point (P2P) technology, blockchain has become a very broad field of research, addressing various challenges, including privacy preserving, as is the case in all other technologies. In this work, a study of the existing solutions to the problems related to private life in general and in blockchains in particular is performed. User anonymity and transaction confidentiality are the two main challenges to the protection of privacy in blockchains. Mixing mechanisms and cryptographic solutions respond to this problem but remain subject to attacks and suffer from shortcomings. Taking into account these imperfections and the synthesis of our study, we present a mixing model without trusted third parties, based on group signatures, allowing reinforcing the anonymity of the users, the confidentiality of the transactions, with minimal turnaround time and without mixing costs.

Keywords: anonymity, blockchain, mixing coins, privacy

Procedia PDF Downloads 12
139 New Security Approach of Confidential Resources in Hybrid Clouds

Authors: Haythem Yahyaoui, Samir Moalla, Mounir Bouden, Skander ghorbel

Abstract:

Nowadays, Cloud environments are becoming a need for companies, this new technology gives the opportunities to access to the data anywhere and anytime, also an optimized and secured access to the resources and gives more security for the data which stored in the platform, however, some companies do not trust Cloud providers, in their point of view, providers can access and modify some confidential data such as bank accounts, many works have been done in this context, they conclude that encryption methods realized by providers ensure the confidentiality, although, they forgot that Cloud providers can decrypt the confidential resources. The best solution here is to apply some modifications on the data before sending them to the Cloud in the objective to make them unreadable. This work aims on enhancing the quality of service of providers and improving the trust of the customers.

Keywords: cloud, confidentiality, cryptography, security issues, trust issues

Procedia PDF Downloads 378
138 MSG Image Encryption Based on AES and RSA Algorithms "MSG Image Security"

Authors: Boukhatem Mohammed Belkaid, Lahdir Mourad

Abstract:

In this paper, we propose a new encryption system for security issues meteorological images from Meteosat Second Generation (MSG), which generates 12 images every 15 minutes. The hybrid encryption scheme is based on AES and RSA algorithms to validate the three security services are authentication, integrity and confidentiality. Privacy is ensured by AES, authenticity is ensured by the RSA algorithm. Integrity is assured by the basic function of the correlation between adjacent pixels. Our system generates a unique password every 15 minutes that will be used to encrypt each frame of the MSG meteorological basis to strengthen and ensure his safety. Several metrics have been used for various tests of our analysis. For the integrity test, we noticed the efficiencies of our system and how the imprint cryptographic changes at reception if a change affects the image in the transmission channel.

Keywords: AES, RSA, integrity, confidentiality, authentication, satellite MSG, encryption, decryption, key, correlation

Procedia PDF Downloads 383
137 Software Quality Assurance in Network Security using Cryptographic Techniques

Authors: Sidra Shabbir, Ayesha Manzoor, Mehreen Sirshar

Abstract:

The use of the network communication has imposed serious threats to the security of assets over the network. Network security is getting more prone to active and passive attacks which may result in serious consequences to data integrity, confidentiality and availability. Various cryptographic techniques have been proposed in the past few years to combat with the concerned problem by ensuring quality but in order to have a fully secured network; a framework of new cryptosystem was needed. This paper discusses certain cryptographic techniques which have shown far better improvement in the network security with enhanced quality assurance. The scope of this research paper is to cover the security pitfalls in the current systems and their possible solutions based on the new cryptosystems. The development of new cryptosystem framework has paved a new way to the widespread network communications with enhanced quality in network security.

Keywords: cryptography, network security, encryption, decryption, integrity, confidentiality, security algorithms, elliptic curve cryptography

Procedia PDF Downloads 733
136 Data Confidentiality in Public Cloud: A Method for Inclusion of ID-PKC Schemes in OpenStack Cloud

Authors: N. Nalini, Bhanu Prakash Gopularam

Abstract:

The term data security refers to the degree of resistance or protection given to information from unintended or unauthorized access. The core principles of information security are the confidentiality, integrity and availability, also referred as CIA triad. Cloud computing services are classified as SaaS, IaaS and PaaS services. With cloud adoption the confidential enterprise data are moved from organization premises to untrusted public network and due to this the attack surface has increased manifold. Several cloud computing platforms like OpenStack, Eucalyptus, Amazon EC2 offer users to build and configure public, hybrid and private clouds. While the traditional encryption based on PKI infrastructure still works in cloud scenario, the management of public-private keys and trust certificates is difficult. The Identity based Public Key Cryptography (also referred as ID-PKC) overcomes this problem by using publicly identifiable information for generating the keys and works well with decentralized systems. The users can exchange information securely without having to manage any trust information. Another advantage is that access control (role based access control policy) information can be embedded into data unlike in PKI where it is handled by separate component or system. In OpenStack cloud platform the keystone service acts as identity service for authentication and authorization and has support for public key infrastructure for auto services. In this paper, we explain OpenStack security architecture and evaluate the PKI infrastructure piece for data confidentiality. We provide method to integrate ID-PKC schemes for securing data while in transit and stored and explain the key measures for safe guarding data against security attacks. The proposed approach uses JPBC crypto library for key-pair generation based on IEEE P1636.3 standard and secure communication to other cloud services.

Keywords: data confidentiality, identity based cryptography, secure communication, open stack key stone, token scoping

Procedia PDF Downloads 384
135 Official Secrecy and Confidentiality in Tax Administration and Its Impact on Right to Access Information: Nigerian Perspectives

Authors: Kareem Adedokun

Abstract:

Official secrecy is one of the colonial vestiges which upholds non – disclosure of essential information for public consumption. Information, though an indispensable tool in tax administration, is not to be divulged by any person in an official duty of the revenue agency. As a matter o fact, the Federal Inland Revenue Service (Establishment) Act, 2007 emphasizes secrecy and confidentiality in dealing with tax payer’s document, information, returns and assessment in a manner reminiscent of protecting tax payer’s privacy in all situations. It is so serious that any violation attracts criminal sanction. However, Nigeria, being a democratic and egalitarian state recently enacted Freedom of Information Act which heralded in openness in governance and takes away the confidentialities associated with official secrets Laws. Official secrecy no doubts contradicts the philosophy of freedom of information but maintaining a proper balance between protected rights of tax payers and public interest which revenue agency upholds is an uphill task. Adopting the Doctrinal method, therefore, the author of this paper probes into the real nature of the relationship between taxpayers and Revenue Agencies. It also interfaces official secrecy with the doctrine of Freedom of Information and consequently queries the retention of non – disclosure clause under Federal Inland Revenue Service (Establishment) Act (FIRSEA) 2007. The paper finds among others that non – disclosure provision in tax statutes particularly as provided for in FIRSEA is not absolute; so also is the constitutional rights and freedom of information and unless the non – disclosure clause finds justification under any recognized exemption provided under the Freedom of Information Act, its retention is antithesis to democratic ethos and beliefs as it may hinder public interest and public order.

Keywords: confidentiality, information, official secrecy, tax administration

Procedia PDF Downloads 341
134 Runtime Monitoring Using Policy-Based Approach to Control Information Flow for Mobile Apps

Authors: Mohamed Sarrab, Hadj Bourdoucen

Abstract:

Mobile applications are verified to check the correctness or evaluated to check the performance with respect to specific security properties such as availability, integrity, and confidentiality. Where they are made available to the end users of the mobile application is achievable only to a limited degree using software engineering static verification techniques. The more sensitive the information, such as credit card data, personal medical information or personal emails being processed by mobile application, the more important it is to ensure the confidentiality of this information. Monitoring non-trusted mobile application during execution in an environment where sensitive information is present is difficult and unnerving. The paper addresses the issue of monitoring and controlling the flow of confidential information during non-trusted mobile application execution. The approach concentrates on providing a dynamic and usable information security solution by interacting with the mobile users during the run-time of mobile application in response to information flow events.

Keywords: mobile application, run-time verification, usable security, direct information flow

Procedia PDF Downloads 381
133 Robust and Dedicated Hybrid Cloud Approach for Secure Authorized Deduplication

Authors: Aishwarya Shekhar, Himanshu Sharma

Abstract:

Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data, and has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. In this process, duplicate data is expunged, leaving only one copy means single instance of the data to be accumulated. Though, indexing of each and every data is still maintained. Data deduplication is an approach for minimizing the part of storage space an organization required to retain its data. In most of the company, the storage systems carry identical copies of numerous pieces of data. Deduplication terminates these additional copies by saving just one copy of the data and exchanging the other copies with pointers that assist back to the primary copy. To ignore this duplication of the data and to preserve the confidentiality in the cloud here we are applying the concept of hybrid nature of cloud. A hybrid cloud is a fusion of minimally one public and private cloud. As a proof of concept, we implement a java code which provides security as well as removes all types of duplicated data from the cloud.

Keywords: confidentiality, deduplication, data compression, hybridity of cloud

Procedia PDF Downloads 383
132 Securing Internet of Things Devices in Healthcare industry: An Investigation into Efficient and Effective Authorization Procedures

Authors: Maruf Farhan, Abdul Salih, Sikandar Ali Tahir

Abstract:

Protecting patient information's confidentiality is paramount considering the widespread use of Internet of Things (IoT) gadgets in medical settings. This study's subjects are decentralized identifiers (DIDs) and verifiable credentials (VCs) in conjunction with an OAuth-based authorization framework, as they are the key to protecting IoT healthcare devices. DIDs enable autonomous authentication and trust formation between IoT devices and other entities. To authorize users and enforce access controls based on verified claims, VCs offer a secure and adaptable solution. Through the proposed method, medical facilities can improve the privacy and security of their IoT devices while streamlining access control administration. A Smart pill dispenser in a hospital setting is used to illustrate the advantages of this method. The findings demonstrate the value of DIDs, VCs, and OAuth-based delegation in protecting the IoT devices. Improved processes for authorizing and controlling access to IoT devices are possible thanks to the research findings, which also help ensure patient confidentiality in the healthcare sector.

Keywords: Iot, DID, authorization, verifiable credentials

Procedia PDF Downloads 76
131 A Review of Encryption Algorithms Used in Cloud Computing

Authors: Derick M. Rakgoale, Topside E. Mathonsi, Vusumuzi Malele

Abstract:

Cloud computing offers distributed online and on-demand computational services from anywhere in the world. Cloud computing services have grown immensely over the past years, especially in the past year due to the Coronavirus pandemic. Cloud computing has changed the working environment and introduced work from work phenomenon, which enabled the adoption of technologies to fulfill the new workings, including cloud services offerings. The increased cloud computing adoption has come with new challenges regarding data privacy and its integrity in the cloud environment. Previously advanced encryption algorithms failed to reduce the memory space required for cloud computing performance, thus increasing the computational cost. This paper reviews the existing encryption algorithms used in cloud computing. In the future, artificial neural networks (ANN) algorithm design will be presented as a security solution to ensure data integrity, confidentiality, privacy, and availability of user data in cloud computing. Moreover, MATLAB will be used to evaluate the proposed solution, and simulation results will be presented.

Keywords: cloud computing, data integrity, confidentiality, privacy, availability

Procedia PDF Downloads 135
130 Survey of Access Controls in Cloud Computing

Authors: Monirah Alkathiry, Hanan Aljarwan

Abstract:

Cloud computing is one of the most significant technologies that the world deals with, in different sectors with different purposes and capabilities. The cloud faces various challenges in securing data from unauthorized access or modification. Consequently, security risks and levels have greatly increased. Therefore, cloud service providers (CSPs) and users need secure mechanisms that ensure that data are kept secret and safe from any disclosures or exploits. For this reason, CSPs need a number of techniques and technologies to manage and secure access to the cloud services to achieve security goals, such as confidentiality, integrity, identity access management (IAM), etc. Therefore, this paper will review and explore various access controls implemented in a cloud environment that achieve different security purposes. The methodology followed in this survey was conducting an assessment, evaluation, and comparison between those access controls mechanisms and technologies based on different factors, such as the security goals it achieves, usability, and cost-effectiveness. This assessment resulted in the fact that the technology used in an access control affects the security goals it achieves as well as there is no one access control method that achieves all security goals. Consequently, such a comparison would help decision-makers to choose properly the access controls that meet their requirements.

Keywords: access controls, cloud computing, confidentiality, identity and access management

Procedia PDF Downloads 132
129 Investigating Message Timing Side Channel Attacks on Networks on Chip with Ring Topology

Authors: Mark Davey

Abstract:

Communications on a Network on Chip (NoC) produce timing information, i.e., network injection delays, packet traversal times, throughput metrics, and other attributes relating to the traffic being sent across the chip. The security requirements of a platform encompass each node to operate with confidentiality, integrity, and availability (ISO 27001). Inherently, a shared NoC interconnect is exposed to analysis of timing patterns created by contention for the network components, i.e., links and switches/routers. This phenomenon is defined as information leakage, which represents a ‘side channel’ of sensitive information that can be correlated to platform activity. The key algorithm presented in this paper evaluates how an adversary can control two platform neighbouring nodes of a target node to obtain sensitive information about communication with the target node. The actual information obtained is the period value of a periodic task communication. This enacts a breach of the expected confidentiality of a node operating in a multiprocessor platform. An experimental investigation of the side channel is undertaken to judge the level and significance of inferred information produced by access times to the NoC. Results are presented with a series of expanding task set scenarios to evaluate the efficacy of the side channel detection algorithm as the network load increases.

Keywords: embedded systems, multiprocessor, network on chip, side channel

Procedia PDF Downloads 71
128 Comparison of Automated Zone Design Census Output Areas with Existing Output Areas in South Africa

Authors: T. Mokhele, O. Mutanga, F. Ahmed

Abstract:

South Africa is one of the few countries that have stopped using the same Enumeration Areas (EAs) for census enumeration and dissemination. The advantage of this change is that confidentiality issue could be addressed for census dissemination as the design of geographic unit for collection is mainly to ensure that this unit is covered by one enumerator. The objective of this paper was to evaluate the performance of automated zone design output areas against non-zone design developed geographies using the 2001 census data, and 2011 census to some extent, as the main input. The comparison of the Automated Zone-design Tool (AZTool) census output areas with the Small Area Layers (SALs) and SubPlaces based on confidentiality limit, population distribution, and degree of homogeneity, as well as shape compactness, was undertaken. Further, SPSS was employed for validation of the AZTool output results. The results showed that AZTool developed output areas out-perform the existing official SAL and SubPlaces with regard to minimum population threshold, population distribution and to some extent to homogeneity. Therefore, it was concluded that AZTool program provides a new alternative to the creation of optimised census output areas for dissemination of population census data in South Africa.

Keywords: AZTool, enumeration areas, small areal layers, South Africa

Procedia PDF Downloads 184
127 Comparison of Authentication Methods in Internet of Things Technology

Authors: Hafizah Che Hasan, Fateen Nazwa Yusof, Maslina Daud

Abstract:

Internet of Things (IoT) is a powerful industry system, which end-devices are interconnected and automated, allowing the devices to analyze data and execute actions based on the analysis. The IoT technology leverages the technology of Radio-Frequency Identification (RFID) and Wireless Sensor Network (WSN), including mobile and sensor. These technologies contribute to the evolution of IoT. However, due to more devices are connected each other in the Internet, and data from various sources exchanged between things, confidentiality of the data becomes a major concern. This paper focuses on one of the major challenges in IoT; authentication, in order to preserve data integrity and confidentiality are in place. A few solutions are reviewed based on papers from the last few years. One of the proposed solutions is securing the communication between IoT devices and cloud servers with Elliptic Curve Cryptograhpy (ECC) based mutual authentication protocol. This solution focuses on Hyper Text Transfer Protocol (HTTP) cookies as security parameter.  Next proposed solution is using keyed-hash scheme protocol to enable IoT devices to authenticate each other without the presence of a central control server. Another proposed solution uses Physical Unclonable Function (PUF) based mutual authentication protocol. It emphasizes on tamper resistant and resource-efficient technology, which equals a 3-way handshake security protocol.

Keywords: Internet of Things (IoT), authentication, PUF ECC, keyed-hash scheme protocol

Procedia PDF Downloads 264
126 Variance-Aware Routing and Authentication Scheme for Harvesting Data in Cloud-Centric Wireless Sensor Networks

Authors: Olakanmi Oladayo Olufemi, Bamifewe Olusegun James, Badmus Yaya Opeyemi, Adegoke Kayode

Abstract:

The wireless sensor network (WSN) has made a significant contribution to the emergence of various intelligent services or cloud-based applications. Most of the time, these data are stored on a cloud platform for efficient management and sharing among different services or users. However, the sensitivity of the data makes them prone to various confidentiality and performance-related attacks during and after harvesting. Various security schemes have been developed to ensure the integrity and confidentiality of the WSNs' data. However, their specificity towards particular attacks and the resource constraint and heterogeneity of WSNs make most of these schemes imperfect. In this paper, we propose a secure variance-aware routing and authentication scheme with two-tier verification to collect, share, and manage WSN data. The scheme is capable of classifying WSN into different subnets, detecting any attempt of wormhole and black hole attack during harvesting, and enforcing access control on the harvested data stored in the cloud. The results of the analysis showed that the proposed scheme has more security functionalities than other related schemes, solves most of the WSNs and cloud security issues, prevents wormhole and black hole attacks, identifies the attackers during data harvesting, and enforces access control on the harvested data stored in the cloud at low computational, storage, and communication overheads.

Keywords: data block, heterogeneous IoT network, data harvesting, wormhole attack, blackhole attack access control

Procedia PDF Downloads 84
125 A Framework for Secure Information Flow Analysis in Web Applications

Authors: Ralph Adaimy, Wassim El-Hajj, Ghassen Ben Brahim, Hazem Hajj, Haidar Safa

Abstract:

Huge amounts of data and personal information are being sent to and retrieved from web applications on daily basis. Every application has its own confidentiality and integrity policies. Violating these policies can have broad negative impact on the involved company’s financial status, while enforcing them is very hard even for the developers with good security background. In this paper, we propose a framework that enforces security-by-construction in web applications. Minimal developer effort is required, in a sense that the developer only needs to annotate database attributes by a security class. The web application code is then converted into an intermediary representation, called Extended Program Dependence Graph (EPDG). Using the EPDG, the provided annotations are propagated to the application code and run against generic security enforcement rules that were carefully designed to detect insecure information flows as early as they occur. As a result, any violation in the data’s confidentiality or integrity policies is reported. As a proof of concept, two PHP web applications, Hotel Reservation and Auction, were used for testing and validation. The proposed system was able to catch all the existing insecure information flows at their source. Moreover and to highlight the simplicity of the suggested approaches vs. existing approaches, two professional web developers assessed the annotation tasks needed in the presented case studies and provided a very positive feedback on the simplicity of the annotation task.

Keywords: web applications security, secure information flow, program dependence graph, database annotation

Procedia PDF Downloads 471
124 A Proposal to Tackle Security Challenges of Distributed Systems in the Healthcare Sector

Authors: Ang Chia Hong, Julian Khoo Xubin, Burra Venkata Durga Kumar

Abstract:

Distributed systems offer many benefits to the healthcare industry. From big data analysis to business intelligence, the increased computational power and efficiency from distributed systems serve as an invaluable resource in the healthcare sector to utilize. However, as the usage of these distributed systems increases, many issues arise. The main focus of this paper will be on security issues. Many security issues stem from distributed systems in the healthcare industry, particularly information security. The data of people is especially sensitive in the healthcare industry. If important information gets leaked (Eg. IC, credit card number, address, etc.), a person’s identity, financial status, and safety might get compromised. This results in the responsible organization losing a lot of money in compensating these people and even more resources expended trying to fix the fault. Therefore, a framework for a blockchain-based healthcare data management system for healthcare was proposed. In this framework, the usage of a blockchain network is explored to store the encryption key of the patient’s data. As for the actual data, it is encrypted and its encrypted data, called ciphertext, is stored in a cloud storage platform. Furthermore, there are some issues that have to be emphasized and tackled for future improvements, such as a multi-user scheme that could be proposed, authentication issues that have to be tackled or migrating the backend processes into the blockchain network. Due to the nature of blockchain technology, the data will be tamper-proof, and its read-only function can only be accessed by authorized users such as doctors and nurses. This guarantees the confidentiality and immutability of the patient’s data.

Keywords: distributed, healthcare, efficiency, security, blockchain, confidentiality and immutability

Procedia PDF Downloads 184
123 A Cross-Sectional Study Assessing Communication Practices among Doctors at a University Hospital in Pakistan

Authors: Muhammad Waqas Baqai, Noman Shahzad, Rehman Alvi

Abstract:

Communication among health care givers is the essence of quality patient care and any compromise results in errors and inefficiency leading to cumbersome outcomes. The use of smartphone among health professionals has increased tremendously. Almost every health professional carries it and majority of them uses a third party communication software called whatsApp for work related communications. It gives instant access to the person responsible for any particular query and therefore helps in efficient and timely decision making. It is also an easy way of sharing medical documents, multimedia and provides platform for consensual decision making through group discussions. However clinical communication through whatsApp has some demerits too including reduction in verbal communication, worsening professional relations, unprofessional behavior, risk of confidentiality breach and threats from cyber-attacks. On the other hand the traditional pager device being used in many health care systems is a unidirectional communication that lacks the ability to convey any information other than the number to which the receiver has to respond. Our study focused on these two widely used modalities of communication among doctors of the largest tertiary care center of Pakistan i.e. The Aga Khan University Hospital. Our aim was to note which modality is considered better and has fewer threats to medical data. Approval from ethical review committee of the institute was taken prior to conduction of this study. We submitted an online survey form to all the interns and residents working at our institute and collected their response in a month’s time. 162 submissions were recorded and analyzed using descriptive statistics. Only 20% of them were comfortable with using pagers exclusively, 52% with whatsApp and 28% with both. 65% think that whatsApp is time-saving and quicker than pager. 54% of them considered whatsApp to be causing nuisance from work related notifications in their off-work hours. 60% think that they are more likely to miss information through pager system because of the unidirectional nature. Almost all (96%) of residents and interns found whatsApp to be useful in terms of saving information for future reference. For urgent issues, majority (70%) preferred pager over whatsApp and also pager was considered more valid in terms of hospital policies and legal issues. Among major advantages of whatsApp as listed by them were; easy mass communication, sharing of clinical pictures, universal access and no need of carrying additional device. However the major drawback of using whatsApp for clinical communication that everyone shared was threat to patients’ confidentiality as clinicians usually share pictures of wounds, clinical documents etc. Lastly we asked them if they think there is a need of a separate application for instant communication dedicated to clinical communication only and 90% responded positively. Therefore, we concluded that both modalities have their merits and demerits but the greatest drawback with whatsApp is the risk of breach in patients’ confidentiality and off-work disturbance. Hence, we recommend a more secure, institute-run application for all intra hospital communications where they can share documents, pictures etc. easily under a controlled environment.

Keywords: WhatsApp, pager, clinical communication, confidentiality

Procedia PDF Downloads 146
122 Intrusion Detection in Cloud Computing Using Machine Learning

Authors: Faiza Babur Khan, Sohail Asghar

Abstract:

With an emergence of distributed environment, cloud computing is proving to be the most stimulating computing paradigm shift in computer technology, resulting in spectacular expansion in IT industry. Many companies have augmented their technical infrastructure by adopting cloud resource sharing architecture. Cloud computing has opened doors to unlimited opportunities from application to platform availability, expandable storage and provision of computing environment. However, from a security viewpoint, an added risk level is introduced from clouds, weakening the protection mechanisms, and hardening the availability of privacy, data security and on demand service. Issues of trust, confidentiality, and integrity are elevated due to multitenant resource sharing architecture of cloud. Trust or reliability of cloud refers to its capability of providing the needed services precisely and unfailingly. Confidentiality is the ability of the architecture to ensure authorization of the relevant party to access its private data. It also guarantees integrity to protect the data from being fabricated by an unauthorized user. So in order to assure provision of secured cloud, a roadmap or model is obligatory to analyze a security problem, design mitigation strategies, and evaluate solutions. The aim of the paper is twofold; first to enlighten the factors which make cloud security critical along with alleviation strategies and secondly to propose an intrusion detection model that identifies the attackers in a preventive way using machine learning Random Forest classifier with an accuracy of 99.8%. This model uses less number of features. A comparison with other classifiers is also presented.

Keywords: cloud security, threats, machine learning, random forest, classification

Procedia PDF Downloads 320
121 Security of Database Using Chaotic Systems

Authors: Eman W. Boghdady, A. R. Shehata, M. A. Azem

Abstract:

Database (DB) security demands permitting authorized users and prohibiting non-authorized users and intruders actions on the DB and the objects inside it. Organizations that are running successfully demand the confidentiality of their DBs. They do not allow the unauthorized access to their data/information. They also demand the assurance that their data is protected against any malicious or accidental modification. DB protection and confidentiality are the security concerns. There are four types of controls to obtain the DB protection, those include: access control, information flow control, inference control, and cryptographic. The cryptographic control is considered as the backbone for DB security, it secures the DB by encryption during storage and communications. Current cryptographic techniques are classified into two types: traditional classical cryptography using standard algorithms (DES, AES, IDEA, etc.) and chaos cryptography using continuous (Chau, Rossler, Lorenz, etc.) or discreet (Logistics, Henon, etc.) algorithms. The important characteristics of chaos are its extreme sensitivity to initial conditions of the system. In this paper, DB-security systems based on chaotic algorithms are described. The Pseudo Random Numbers Generators (PRNGs) from the different chaotic algorithms are implemented using Matlab and their statistical properties are evaluated using NIST and other statistical test-suits. Then, these algorithms are used to secure conventional DB (plaintext), where the statistical properties of the ciphertext are also tested. To increase the complexity of the PRNGs and to let pass all the NIST statistical tests, we propose two hybrid PRNGs: one based on two chaotic Logistic maps and another based on two chaotic Henon maps, where each chaotic algorithm is running side-by-side and starting from random independent initial conditions and parameters (encryption keys). The resulted hybrid PRNGs passed the NIST statistical test suit.

Keywords: algorithms and data structure, DB security, encryption, chaotic algorithms, Matlab, NIST

Procedia PDF Downloads 265
120 Evolutional Substitution Cipher on Chaotic Attractor

Authors: Adda Ali-Pacha, Naima Hadj-Said

Abstract:

Nowadays, the security of information is primarily founded on the calculation of algorithms that confidentiality depend on the number of bits necessary to define a cryptographic key. In this work, we introduce a new chaotic cryptosystem that we call evolutional substitution cipher on a chaotic attractor. In this research paper, we take the Henon attractor. The evolutional substitution cipher on Henon attractor is based on the principle of monoalphabetic cipher and it associates the plaintext at a succession of real numbers calculated from the attractor equations.

Keywords: cryptography, substitution cipher, chaos theory, Henon attractor, evolutional substitution cipher

Procedia PDF Downloads 430
119 Security Architecture for Cloud Networking: A Survey

Authors: Vishnu Pratap Singh Kirar

Abstract:

In the cloud computing hierarchy IaaS is the lowest layer, all other layers are built over it. Thus it is the most important layer of cloud and requisite more importance. Along with advantages IaaS faces some serious security related issue. Mainly Security focuses on Integrity, confidentiality and availability. Cloud computing facilitate to share the resources inside as well as outside of the cloud. On the other hand, cloud still not in the state to provide surety to 100% data security. Cloud provider must ensure that end user/client get a Quality of Service. In this report we describe possible aspects of cloud related security.

Keywords: cloud computing, cloud networking, IaaS, PaaS, SaaS, cloud security

Procedia PDF Downloads 531
118 Development of a Secured Telemedical System Using Biometric Feature

Authors: O. Iyare, A. H. Afolayan, O. T. Oluwadare, B. K. Alese

Abstract:

Access to advanced medical services has been one of the medical challenges faced by our present society especially in distant geographical locations which may be inaccessible. Then the need for telemedicine arises through which live videos of a doctor can be streamed to a patient located anywhere in the world at any time. Patients’ medical records contain very sensitive information which should not be made accessible to unauthorized people in order to protect privacy, integrity and confidentiality. This research work focuses on a more robust security measure which is biometric (fingerprint) as a form of access control to data of patients by the medical specialist/practitioner.

Keywords: biometrics, telemedicine, privacy, patient information

Procedia PDF Downloads 289
117 Efficient Signcryption Scheme with Provable Security for Smart Card

Authors: Jayaprakash Kar, Daniyal M. Alghazzawi

Abstract:

The article proposes a novel construction of signcryption scheme with provable security which is most suited to implement on smart card. It is secure in random oracle model and the security relies on Decisional Bilinear Diffie-Hellmann Problem. The proposed scheme is secure against adaptive chosen ciphertext attack (indistiguishbility) and adaptive chosen message attack (unforgebility). Also, it is inspired by zero-knowledge proof. The two most important security goals for smart card are Confidentiality and authenticity. These functions are performed in one logical step in low computational cost.

Keywords: random oracle, provable security, unforgebility, smart card

Procedia PDF Downloads 593