431 research outputs found
Interleaving Command Sequences: a Threat to Secure Smartcard Interoperability
The increasingly widespread use of smartcards for a variety of sensitive
applications, including digital signatures, creates the need to ensure and
possibly certify the secure interoperability of these devices. Standard
certification criteria, in particular the Common Criteria, define security
requirements but do not sufficiently address the problem of interoperability.
Here we consider the interoperability problem which arises when various
applications interact with different smartcards through a middleware. In such a
situation it is possible that a smartcard of type S receives commands that were
supposed to be executed on a different smartcard of type S'. Such "external
commands" can interleave with the commands that were supposed to be executed on
S. We experimentally demonstrate this problem with a Common Criteria certified
digital signature process on a commercially available smartcard. Importantly,
in some of these cases the digital signature processes terminate without
generating an error message or warning to the user.Comment: 6 pages; published in the 10th WSEAS International Conference on
Information Security and Privacy (ISP 2011
The DECIDE Project: Designing and Implementing a Prototype Service for Supporting Early Diagnosis of Alzheimer's Disease
This paper will present the design and implementation challenges of the innovative DECIDE service, to support research and early diagnosis of Alzheimerâs and other neurodegenerative diseases. DECIDE service, which is based on a Grid eInfrastructure, offers a set of tools providing quantitative measurements, to help researchers and clinicians make more informed diagnosis. As the service specifically targets the clinical community, it differs significantly from other initiatives since it needs to comply with the requirements imposed by the clinical routine in terms of accuracy, robustness, ease of use, data handling policies, adherence to clinical praxis. Moreover, sustainability aspects will also be discussed, since DECIDE aims to propose such service as a reference at European level, possibly extending it to other pathologies. We will then summarize the main results obtained to date, and the possible future developments
Authentication of professionals in the RTS e-Health system
This paper describes the design and implementation of a PKI-based e-Health authentication architecture. This architecture was developed to authenticate e-Health Professionals accessing RTS (Rede TelemĂĄtica da SaĂșde), a regional platform for sharing clinical data among a set of affiliated health institutions. The architecture had to accommodate specific RTS requirements, namely the security of Professionals' credentials, the mobility of Professionals, and the scalability to accommodate new health institutions. The adopted solution uses short lived certificates and cross-certification agreements between RTS and e-Health institutions for authenticating Professionals accessing the RTS. These certificates carry as well the Professional's role at their home institution for role-based authorization. Trust agreements between health institutions and RTS are necessary in order to make the certificates recognized by the RTS. As a proof of concept, a prototype was implemented with Windows technology. The presented authentication architecture is intended to be applied to other medical telematic systems
Cooperating broadcast and cellular conditional access system for digital television
This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.The lack of interoperability between PayâTV service providers and a horizontally integrated business transaction model have compromised the competition in the PayâTV market. In addition, the lack of interactivity with customers has resulted in high churn rate and improper security measures have contributed into considerable business loss. These issues are the main cause of high operational costs and subscription fees in the PayâTV systems.
This paper presents a novel endâtoâend system architecture for PayâTV systems cooperating mobile and broadcasting technologies. It provides a costâeffective, scalable, dynamic and secure access control mechanism supporting converged services and new business opportunities in PayâTV systems. It enhances interactivity, security and potentially reduces customer attrition and operational cost. In this platform, service providers can effectively interact with their customers, personalise their services and adopt appropriate security measures. It breaks up the rigid relationship between a viewer and setâtop box as imposed by traditional conditional access systems, thus, a viewer can fully enjoy his entitlements via an arbitrary setâtop box.
Having thoroughly considered stateâofâtheâart technologies currently being used across the world, the thesis highlights novel use cases and presents the full design and implementation aspects of the system. The design section is enriched by providing possible security structures supported thereby. A business collaboration structure is proposed, followed by a reference model for implementing the system. Finally, the security architectures are analysed to propose the best architecture on the basis of security, complexity and setâtop box production cost criteria
- âŠ