User-Oriented Authorization in Collaborative Environments

Access rights for collaborative systems tend to be rather complex, leading to difficulties in the presentation and manipulation of access policies at the user interface level. We confront a theoretical access rights model with the results of a field study which investigates how users specify access policies. Our findings suggest that our theoretical model addresses most of the issues raised by the field study, when the required functionality can be presented in an appropriate user interface

SoNeUCONADM: the administrative model for SoNeUCONABC usage control model

The popularity of Web Based Social Networks (WBSNs) encourages their enhancement. Many WBSN data is considered personal data and access control management plays a key role in this regard. The point is not only to manage access control but to determine how administration should be performed. Based on SoNeUCONABC, an expressive usage control model that allows fine-grained access control management, this paper presents SoNeUCONADM, the complementary administrative model. Based on a pair of related and popular administrative models, the evaluation proves the completeness of SoNeUCONADM

Establishing Situational Awareness for Securing Healthcare Patient Records

The healthcare sector is an appealing target to attackers due to the high value of patient data on the black market. Patient data can be profitable to illegal actors either through direct sale or extortion by ransom. Additionally, employees present a persistent threat as they are able to access the data of almost any patient without reprimand. Without proactive monitoring of audit records, data breaches go undetected and employee behaviour is not deterred. In 2016, 450 data breaches occurred affecting more than 27 million patient records. 26.8% of these breaches were due to hacking and ransomware. In May 2017, a global ransomware campaign adversely affected approximately 48 UK hospitals. Response to this attack, named WannaCry, resulted in hospital networks being taken offline, and non-emergency patients being refused care. Hospitals must maintain patient trust and ensure that the information security principles of Integrity, Availability and Confidentiality are applied to Electronic Patient Record EPR data. With over 83% of hospitals adopting EPRs, access to healthcare data needs to be monitored proactively for malicious activity. Therefore, this paper presents research towards a system that uses advanced data analytics techniques to profile user’s behaviour in order to identify patterns and anomalies. Visualisation techniques are then applied to highlight these anomalies to aid the situational awareness of patient privacy officers within healthcare infrastructures

Actas de la XIII Reunión Española sobre Criptología y Seguridad de la Información RECSI XIII : Alicante, 2-5 de septiembre de 2014

Si tuviéramos que elegir un conjunto de palabras clave para definir la sociedad actual, sin duda el término información sería uno de los más representativos. Vivimos en un mundo caracterizado por un continuo flujo de información en el que las Tecnologías de la Información y Comunicación (TIC) y las Redes Sociales desempeñan un papel relevante. En la Sociedad de la Información se generan gran variedad de datos en formato digital, siendo la protección de los mismos frente a accesos y usos no autorizados el objetivo principal de lo que conocemos como Seguridad de la Información. Si bien la Criptología es una herramienta tecnológica básica, dedicada al desarrollo y análisis de sistemas y protocolos que garanticen la seguridad de los datos, el espectro de tecnologías que intervienen en la protección de la información es amplio y abarca diferentes disciplinas. Una de las características de esta ciencia es su rápida y constante evolución, motivada en parte por los continuos avances que se producen en el terreno de la computación, especialmente en las últimas décadas. Sistemas, protocolos y herramientas en general considerados seguros en la actualidad dejarán de serlo en un futuro más o menos cercano, lo que hace imprescindible el desarrollo de nuevas herramientas que garanticen, de forma eficiente, los necesarios niveles de seguridad. La Reunión Española sobre Criptología y Seguridad de la Información (RECSI) es el congreso científico español de referencia en el ámbito de la Criptología y la Seguridad en las TIC, en el que se dan cita periódicamente los principales investigadores españoles y de otras nacionalidades en esta disciplina, con el fin de compartir los resultados más recientes de su investigación. Del 2 al 5 de septiembre de 2014 se celebrará la decimotercera edición en la ciudad de Alicante, organizada por el grupo de Criptología y Seguridad Computacional de la Universidad de Alicante. Las anteriores ediciones tuvieron lugar en Palma de Mallorca (1991), Madrid (1992), Barcelona (1994), Valladolid (1996), Torremolinos (1998), Santa Cruz de Tenerife (2000), Oviedo (2002), Leganés (2004), Barcelona (2006), Salamanca (2008), Tarragona (2010) y San Sebastián (2012)

A Machine Learning Framework for Securing Patient Records

This research concerns the detection of abnormal data usage and unauthorised access in large-scale critical networks, specifically healthcare infrastructures. The focus of this research is safeguarding Electronic Patient Record (EPR)systems in particular. Privacy is a primary concern amongst patients due to the rising adoption of EPR systems. There is growing evidence to suggest that patients may withhold information from healthcare providers due to lack of Trust in the security of EPRs. Yet, patient record data must be available to healthcare providers at the point of care. Roles within healthcare organisations are dynamic and relying on access control is not sufficient. Access to EPR is often heavily audited within healthcare infrastructures. However, this data is regularly left untouched in a data silo and only ever accessed on an ad hoc basis. In addition, external threats need to be identified, such as phishing or social engineering techniques to acquire a clinician’s logon credentials. Without proactive monitoring of audit records, data breaches may go undetected. This thesis proposes a novel machine learning framework using a density-based local outlier detection model, in addition to employing a Human-in-the-Loop Machine Learning (HILML) approach. The density-based outlier detection model enables patterns in EPR data to be extracted to profile user behaviour and device interactions in order to detect and visualise anomalous activities. Employing a HILML model ensures that inappropriate activity is investigated and the data analytics is continuously improving. The novel framework is able to detect 156 anomalous behaviours in an unlabelled dataset of 1,007,727 audit logs