21,264 research outputs found
A Privacy Preserving Framework for RFID Based Healthcare Systems
RFID (Radio Frequency IDentification) is anticipated to be a core technology that will be used in many practical applications of our life in near future. It has received considerable attention within the healthcare for almost a decade now. The technology’s promise to efficiently track hospital supplies, medical equipment, medications and patients is an attractive proposition to the healthcare industry. However, the prospect of wide spread use of RFID tags in the healthcare area has also triggered discussions regarding privacy, particularly because RFID data in transit may easily be intercepted and can be send to track its user (owner). In a nutshell, this technology has not really seen its true potential in healthcare industry since privacy concerns raised by the tag bearers are not properly addressed by existing identification techniques. There are two major types of privacy preservation techniques that are required in an RFID based healthcare system—(1) a privacy preserving authentication protocol is required while sensing RFID tags for different identification and monitoring purposes, and (2) a privacy preserving access control mechanism is required to restrict unauthorized access of private information while providing healthcare services using the tag ID. In this paper, we propose a framework (PriSens-HSAC) that makes an effort to address the above mentioned two privacy issues. To the best of our knowledge, it is the first framework to provide increased privacy in RFID based healthcare systems, using RFID authentication along with access control technique
Key exchange with the help of a public ledger
Blockchains and other public ledger structures promise a new way to create
globally consistent event logs and other records. We make use of this
consistency property to detect and prevent man-in-the-middle attacks in a key
exchange such as Diffie-Hellman or ECDH. Essentially, the MitM attack creates
an inconsistency in the world views of the two honest parties, and they can
detect it with the help of the ledger. Thus, there is no need for prior
knowledge or trusted third parties apart from the distributed ledger. To
prevent impersonation attacks, we require user interaction. It appears that, in
some applications, the required user interaction is reduced in comparison to
other user-assisted key-exchange protocols
Privacy protocols
Security protocols enable secure communication over insecure channels.
Privacy protocols enable private interactions over secure channels. Security
protocols set up secure channels using cryptographic primitives. Privacy
protocols set up private channels using secure channels. But just like some
security protocols can be broken without breaking the underlying cryptography,
some privacy protocols can be broken without breaking the underlying security.
Such privacy attacks have been used to leverage e-commerce against targeted
advertising from the outset; but their depth and scope became apparent only
with the overwhelming advent of influence campaigns in politics. The blurred
boundaries between privacy protocols and privacy attacks present a new
challenge for protocol analysis. Covert channels turn out to be concealed not
only below overt channels, but also above: subversions, and the level-below
attacks are supplemented by sublimations and the level-above attacks.Comment: 38 pages, 6 figure
On the Relationship between Strand Spaces and Multi-Agent Systems
Strand spaces are a popular framework for the analysis of security protocols.
Strand spaces have some similarities to a formalism used successfully to model
protocols for distributed systems, namely multi-agent systems. We explore the
exact relationship between these two frameworks here. It turns out that a key
difference is the handling of agents, which are unspecified in strand spaces
and explicit in multi-agent systems. We provide a family of translations from
strand spaces to multi-agent systems parameterized by the choice of agents in
the strand space. We also show that not every multi-agent system of interest
can be expressed as a strand space. This reveals a lack of expressiveness in
the strand-space framework that can be characterized by our translation. To
highlight this lack of expressiveness, we show one simple way in which strand
spaces can be extended to model more systems.Comment: A preliminary version of this paper appears in the Proceedings of the
8th ACM Conference on Computer and Communications Security,200
IPv6 Network Mobility
Network Authentication, Authorization, and Accounting has
been used since before the days of the Internet as we know it
today. Authentication asks the question, “Who or what are
you?” Authorization asks, “What are you allowed to do?” And fi nally,
accounting wants to know, “What did you do?” These fundamental
security building blocks are being used in expanded ways today. The
fi rst part of this two-part series focused on the overall concepts of
AAA, the elements involved in AAA communications, and highlevel
approaches to achieving specifi c AAA goals. It was published in
IPJ Volume 10, No. 1[0]. This second part of the series discusses the
protocols involved, specifi c applications of AAA, and considerations
for the future of AAA
Real-time cross-layer design for large-scale flood detection and attack trace-back mechanism in IEEE 802.11 wireless mesh networks
IEEE 802.11 WMN is an emerging next generation low-cost multi-hop wireless broadband provisioning technology. It has the capability of integrating wired and wireless networks such as LANs, IEEE 802.11 WLANs, IEEE 802.16 WMANs, and sensor networks. This kind of integration: large-scale coverage, decentralised and multi-hop architecture, multi-radios, multi-channel assignments, ad hoc connectivity support the maximum freedom of users to join or leave the network from anywhere and at anytime has made the situation far more complex. As a result broadband resources are exposed to various kinds of security attacks, particularly DoS attacks
- …