378 research outputs found
Enhancing Confidentiality and Privacy Preservation in e-Health to Enhanced Security
Electronic health (e-health) system use is growing, which has improved healthcare services significantly but has created questions about the privacy and security of sensitive medical data. This research suggests a novel strategy to overcome these difficulties and strengthen the security of e-health systems while maintaining the privacy and confidentiality of patient data by utilising machine learning techniques. The security layers of e-health systems are strengthened by the comprehensive framework we propose in this paper, which incorporates cutting-edge machine learning algorithms. The suggested framework includes data encryption, access control, and anomaly detection as its three main elements. First, to prevent unauthorised access during transmission and storage, patient data is secured using cutting-edge encryption technologies. Second, to make sure that only authorised staff can access sensitive medical records, access control mechanisms are strengthened using machine learning models that examine user behaviour patterns. This research's inclusion of machine learning-based anomaly detection is its most inventive feature. The technology may identify variations from typical data access and usage patterns, thereby quickly spotting potential security breaches or unauthorised activity, by training models on past e-health data. This proactive strategy improves the system's capacity to successfully address new threats. Extensive experiments were carried out employing a broad dataset made up of real-world e-health scenarios to verify the efficacy of the suggested approach. The findings showed a marked improvement in the protection of confidentiality and privacy, along with a considerable decline in security breaches and unauthorised access events
SoK: A Systematic Review of TEE Usage for Developing Trusted Applications
Trusted Execution Environments (TEEs) are a feature of modern central
processing units (CPUs) that aim to provide a high assurance, isolated
environment in which to run workloads that demand both confidentiality and
integrity. Hardware and software components in the CPU isolate workloads,
commonly referred to as Trusted Applications (TAs), from the main operating
system (OS). This article aims to analyse the TEE ecosystem, determine its
usability, and suggest improvements where necessary to make adoption easier. To
better understand TEE usage, we gathered academic and practical examples from a
total of 223 references. We summarise the literature and provide a publication
timeline, along with insights into the evolution of TEE research and
deployment. We categorise TAs into major groups and analyse the tools available
to developers. Lastly, we evaluate trusted container projects, test
performance, and identify the requirements for migrating applications inside
them.Comment: In The 18th International Conference on Availability, Reliability and
Security (ARES 2023), August 29 -- September 01, 2023, Benevento, Italy. 15
page
Glimmers: Resolving the Privacy/Trust Quagmire
Many successful services rely on trustworthy contributions from users. To
establish that trust, such services often require access to privacy-sensitive
information from users, thus creating a conflict between privacy and trust.
Although it is likely impractical to expect both absolute privacy and
trustworthiness at the same time, we argue that the current state of things,
where individual privacy is usually sacrificed at the altar of trustworthy
services, can be improved with a pragmatic , which allows
services to validate user contributions in a trustworthy way without forfeiting
user privacy. We describe how trustworthy hardware such as Intel's SGX can be
used client-side -- in contrast to much recent work exploring SGX in cloud
services -- to realize the Glimmer architecture, and demonstrate how this
realization is able to resolve the tension between privacy and trust in a
variety of cases
Using Trusted Execution Environments for Secure Stream Processing of Medical Data
Processing sensitive data, such as those produced by body sensors, on
third-party untrusted clouds is particularly challenging without compromising
the privacy of the users generating it. Typically, these sensors generate large
quantities of continuous data in a streaming fashion. Such vast amount of data
must be processed efficiently and securely, even under strong adversarial
models. The recent introduction in the mass-market of consumer-grade processors
with Trusted Execution Environments (TEEs), such as Intel SGX, paves the way to
implement solutions that overcome less flexible approaches, such as those atop
homomorphic encryption. We present a secure streaming processing system built
on top of Intel SGX to showcase the viability of this approach with a system
specifically fitted for medical data. We design and fully implement a prototype
system that we evaluate with several realistic datasets. Our experimental
results show that the proposed system achieves modest overhead compared to
vanilla Spark while offering additional protection guarantees under powerful
attackers and threat models.Comment: 19th International Conference on Distributed Applications and
Interoperable System
- …