A P2P Optimistic Fair Exchange (OFE) Scheme For Personal Health Records Using Blockchain Technology

In today’s digital world, it is common to exchange sensitive data between different parties. There are many examples of sensitive data or documents that require a digital exchange, such as banking information, insurance data, health records. In many cases, the exchange exists between unknown and untrusted parties. Therefore, it is essential to execute the data exchange over a fair non-repudiation protocol. In digital communication, non-repudiation is undeniable evidence of one’s responsibility regarding the validity of any data he shares/receives. Usually, this is achieved by the use of a cryptographic digital signature. In this case, the parties cannot deny the authenticity of their digital signature. The protocol satisfies the fairness property if and only if it does not give the sender any advantages over the receiver or vice versa, at any step during the exchange process. Combining fair exchange and non-repudiation for digital exchange is critical in many applications and can be acquired with or without the involvement of any trusted third party (TTP). However, without the involvement of TTP, fairness becomes probabilistic, and the involvement of TTP can cause significant dependency on the third party. Therefore, a peer-to-peer (P2P) (aka offline) fair non-repudiation protocol that does not require a trusted third-party is desirable in many applications. Blockchain is designed in such a way that the network can handle the trustless environment and deliver the correct result. Thus, if the exchanges are done leveraging Blockchain, it will ensure true fairness, and at the same time, none of the participants have to deal with the trust issue. In this thesis we propose a P2P fair non-repudiation data exchange scheme by leveraging Blockchain and distributed ledger technology. The scheme combines on-chain and off-chain communication patterns to enable the exchange of personal health records between patients and healthcare providers. We provide an informal reasoning of the proposed scheme. Moreover, we propose a design and implementation agnostic to existing Blockchain platforms to enable unbiased evaluation of the proposed scheme. Finally, we make a comparative analysis of the result derived from our approach with the existing one

JXTA security in basic peer operations

Open Access Documen

Enhanced Version Control for Unconventional Applications

The Extensible Markup Language (XML) is widely used to store, retrieve, and share digital documents. Recently, a form of Version Control System has been applied to the language, resulting in Version-Aware XML allowing for enhanced portability and scalability. While Version Control Systems are able to keep track of changes made to documents, we think that there is untapped potential in the technology. In this dissertation, we present novel ways of using Version Control System to enhance the security and performance of existing applications. We present a framework to maintain integrity in offline XML documents and provide non-repudiation security features that are independent of central certificate repositories. In addition, we use Version Control information to enhance the performance of Automated Policy Enforcement eXchange framework (APEX), an existing document security framework developed by Hewlett-Packard (HP) Labs. Finally, we present an interactive and scalable visualization framework to represent Version-Aware-related data that helps users visualize and understand version control data, delete specific revisions of a document, and access a comprehensive overview of the entire versioning history

Introducing new technology into italian certified electronic mail: a proposal

Over the last decade, an increasing number of Certified E-Mail systems (CEM) have been implemented in Europe and worldwide, but their diffusion and validity are mainly restricted in a national arena. Despite the effort of European Union (EU) that recently defined a specification for guaranteeing interoperability of CEM systems between Member States, its adoption has not be not yet fuelled, mainly since any CEM system receives a legal value by its State legislation. It is difficult to extend the legal value of CEM security mechanisms, e.g. receipts with timestamps which are considered evidences and legal proofs in disputes that may arise from different Parties inside a State, unless a common political and legal agreement will be created. At this aim, recently EU introduce the new Regulation on Electronic Identification and Trust Services (eIDAS), to address this issue. We believe that the first step for encouraging a more large adoption between communities is to implement CEMs using standard worldwide recognized solutions.In this paper we propose a technical evolution of the Italian CEM, called Posta Elettronica Certificata (PEC) moving from a close mechanisms to the adoption of a more standardized, distributed solution, based on DNS Security Extensions (DNSSec). This proposal would have a minimal impact on the legislation, restricted to the annex that defines PEC technical rules.

Secure Dynamic Cloud-based Collaboration with Hierarchical Access

In recent years, the Cloud has emerged as an attractive way of hosting and delivering services over the Internet. This has resulted in a renewed focus on information security in the case where data is stored in the virtual space of the cloud and is not physically accessible to the customer. Through this thesis the boundaries of securing data in a cloud context, while retaining the benefits of the cloud, are explored. The thesis addresses the increasing security concerns of migrating to the cloud andutilising it for data storage.The research of this thesis is divided into three separate areas: securing data in an untrusted cloud environment, ensuring data access control in the cloud, and securing data outside the cloud in the user's environment. Each area is addressed by separate conceptual designs. Together these comprise a secure dynamic cloud-based collaboration environment with hierarchical access. To further validate the conceptual designs, proof of concept prototypes have been constructed.The conceptual designs have been devised by exploring and extending the boundaries of existing secure data-storage schemes, and then combining these with well-known security principles and cutting-edge research within the field of cryptography. The results of this thesis are feasible conceptual designs for a cloud-based dynamic collaboration environment. The conceptual designs address the challenges of secure cloud-based storage and allow the benefits of cloud-based storage to be utilised. Furthermore, this thesis provides a solid foundation for further work within this field

A policy-based containerized filter for secure information sharing in organizational environments

In organizational environments, sensitive information is unintentionally exposed and sent to the cloud without encryption by insiders that even were previously informed about cloud risks. To mitigate the effects of this information privacy paradox, we propose the design, development and implementation of SecFilter, a security filter that enables organizations to implement security policies for information sharing. SecFilter automatically performs the following tasks: (a) intercepts files before sending them to the cloud; (b) searches for sensitive criteria in the context and content of the intercepted files by using mining techniques; (c) calculates the risk level for each identified criterion; (d) assigns a security level to each file based on the detected risk in its content and context; and (e) encrypts each file by using a multi-level security engine, based on digital envelopes from symmetric encryption, attribute-based encryption and digital signatures to guarantee the security services of confidentiality, integrity and authentication on each file at the same time that access control mechanisms are enforced before sending the secured file versions to cloud storage. A prototype of SecFilter was implemented for a real-world file sharing application that has been deployed on a private cloud. Fine-tuning of SecFilter components is described and a case study has been conducted based on document sharing of a well-known repository (MedLine corpus). The experimental evaluation revealed the feasibility and efficiency of applying a security filter to share information in organizational environmentsThis work has been partially supported by the Spanish “Ministerio de Economia y Competitividad” under the project grant TIN2016-79637-P “Towards Unification of HPC and Big Dataparadigms”

Towards the definition of a quality model for mail servers

The paper presents an approach for building a Mail Server Quality Model, based on the ISO/IEC software quality standard. We start by defining the mail system domain to be used as general framework and the relevant technologies involved. Then a general overview of the ISO/IEC standard is given. The basic steps, the relevant considerations and criteria used to select the appropriated subcharacteristics and quality attributes are also presented. The selected attributes are categorized under the six ISO/IEC quality characteristics conforming the model. Finally some case studies requirements and two commercial mail server tools are used to evaluate the model.Postprint (published version