51 research outputs found
Anonymization of Event Logs for Network Security Monitoring
A managed security service provider (MSSP) must collect security event logs from
their customers’ network for monitoring and cybersecurity protection. These logs
need to be processed by the MSSP before displaying it to the security operation
center (SOC) analysts. The employees generate event logs during their working hours
at the customers’ site. One challenge is that collected event logs consist of personally
identifiable information (PII) data; visible in clear text to the SOC analysts or any
user with access to the SIEM platform.
We explore how pseudonymization can be applied to security event logs to help
protect individuals’ identities from the SOC analysts while preserving data utility
when possible. We compare the impact of using different pseudonymization functions
on sensitive information or PII. Non-deterministic methods provide higher level of
privacy but reduced utility of the data.
Our contribution in this thesis is threefold. First, we study available architectures
with different threat models, including their strengths and weaknesses. Second, we
study pseudonymization functions and their application to PII fields; we benchmark
them individually, as well as in our experimental platform. Last, we obtain valuable
feedbacks and lessons from SOC analysts based on their experience.
Existing works[43, 44, 48, 39] are generally restricting to the anonymization of
the IP traces, which is only one part of the SOC analysts’ investigation of PCAP
files inspection. In one of the closest work[47], the authors provide useful, practical
anonymization methods for the IP addresses, ports, and raw logs
Routes for breaching and protecting genetic privacy
We are entering the era of ubiquitous genetic information for research,
clinical care, and personal curiosity. Sharing these datasets is vital for
rapid progress in understanding the genetic basis of human diseases. However,
one growing concern is the ability to protect the genetic privacy of the data
originators. Here, we technically map threats to genetic privacy and discuss
potential mitigation strategies for privacy-preserving dissemination of genetic
data.Comment: Draft for comment
An architecture for secure data management in medical research and aided diagnosis
Programa Oficial de Doutoramento en TecnoloxÃas da Información e as Comunicacións. 5032V01[Resumo] O Regulamento Xeral de Proteccion de Datos (GDPR) implantouse o 25 de maio de 2018 e considerase o desenvolvemento mais importante na regulacion da privacidade de datos dos ultimos 20 anos. As multas fortes definense por violar esas regras e non e algo que os centros sanitarios poidan permitirse ignorar. O obxectivo principal desta tese e estudar e proponer unha capa segura/integracion para os curadores de datos sanitarios, onde: a conectividade entre sistemas illados (localizacions), a unificacion de rexistros nunha vision centrada no paciente e a comparticion de datos coa aprobacion do consentimento sexan as pedras angulares de a arquitectura controlar a sua identidade, os perfis de privacidade e as subvencions de acceso. Ten como obxectivo minimizar o medo a responsabilidade legal ao compartir os rexistros medicos mediante o uso da anonimizacion e facendo que os pacientes sexan responsables de protexer os seus propios rexistros medicos, pero preservando a calidade do tratamento do paciente. A nosa hipotese principal e: os conceptos Distributed Ledger e Self-Sovereign Identity son unha simbiose natural para resolver os retos do GDPR no contexto da saude? Requirense solucions para que os medicos e investigadores poidan manter os seus fluxos de traballo de colaboracion sen comprometer as regulacions.
A arquitectura proposta logra eses obxectivos nun ambiente descentralizado adoptando perfis de privacidade de datos illados.[Resumen] El Reglamento General de Proteccion de Datos (GDPR) se implemento el 25 de mayo de 2018 y se considera el desarrollo mas importante en la regulacion de privacidad de datos en los ultimos 20 anos. Las fuertes multas estan definidas por violar esas reglas y no es algo que los centros de salud puedan darse el lujo de ignorar. El objetivo principal de esta tesis es estudiar y proponer una capa segura/de integración para curadores de datos de atencion medica, donde: la conectividad entre sistemas aislados (ubicaciones), la unificacion de registros en una vista centrada en el paciente y el intercambio de datos con la aprobacion del consentimiento son los pilares de la arquitectura propuesta. Esta propuesta otorga al titular de los datos un rol central, que le permite controlar su identidad, perfiles de privacidad y permisos de acceso. Su objetivo es minimizar el temor a la responsabilidad legal al compartir registros medicos utilizando el anonimato y haciendo que los pacientes sean responsables de proteger sus propios registros medicos, preservando al mismo tiempo la calidad del tratamiento del paciente. Nuestra hipotesis principal es: .son los conceptos de libro mayor distribuido e identidad autosuficiente una simbiosis natural para resolver los desafios del RGPD en el contexto de la atencion medica? Se requieren soluciones para que los medicos y los investigadores puedan mantener sus flujos de trabajo de colaboracion sin comprometer las regulaciones.
La arquitectura propuesta logra esos objetivos en un entorno descentralizado mediante la adopcion de perfiles de privacidad de datos aislados.[Abstract] The General Data Protection Regulation (GDPR) was implemented on 25 May 2018 and is considered the most important development in data privacy regulation in the last 20 years. Heavy fines are defined for violating those rules and is not something that healthcare centers can afford to ignore. The main goal of this thesis is to study and propose a secure/integration layer for healthcare data curators, where: connectivity between isolated systems (locations), unification of records in a patientcentric view and data sharing with consent approval are the cornerstones of the proposed architecture. This proposal empowers the data subject with a central role, which allows to control their identity, privacy profiles and access grants. It aims to minimize the fear of legal liability when sharing medical records by using anonymisation and making patients responsible for securing their own medical records, yet preserving the patient’s quality of treatment. Our main hypothesis is: are the Distributed Ledger and Self-Sovereign Identity concepts a natural symbiosis to solve the GDPR challenges in the context of healthcare? Solutions are required so that clinicians and researchers can maintain their collaboration workflows without compromising regulations. The proposed architecture accomplishes those objectives in a decentralized environment by adopting isolated data privacy profiles
On the Use of XML in Medical Imaging Web-Based Applications
The rapid growth of digital technology in medical fields over recent years has increased the need for applications able to manage patient medical records, imaging data, and chart information. Web-based applications are implemented with the purpose to link digital databases, storage and transmission protocols, management of large volumes of data and security concepts, allowing the possibility to read, analyze, and even diagnose remotely from the medical center where the information was acquired. The objective of this paper is to analyze the use of the Extensible Markup Language (XML) language in web-based applications that aid in diagnosis or treatment of patients, considering how this protocol allows indexing and exchanging the huge amount of information associated with each medical case. The purpose of this paper is to point out the main advantages and drawbacks of the XML technology in order to provide key ideas for future web-based applicationsPeer ReviewedPostprint (author's final draft
Towards Privacy-, Budget-, and Deadline-Aware Service Optimization for Large Medical Image Processing across Hybrid Clouds
Efficiently processing medical images, such as whole slide images in digital
pathology, is essential for timely diagnosing high-risk diseases. However, this
demands advanced computing infrastructure, e.g., GPU servers for deep learning
inferencing, and local processing is time-consuming and costly. Besides,
privacy concerns further complicate the employment of remote cloud
infrastructures. While previous research has explored privacy and
security-aware workflow scheduling in hybrid clouds for distributed processing,
privacy-preserving data splitting, optimizing the service allocation of
outsourcing computation on split data to the cloud, and privacy evaluation for
large medical images still need to be addressed. This study focuses on
tailoring a virtual infrastructure within a hybrid cloud environment and
scheduling the image processing services while preserving privacy. We aim to
minimize the use of untrusted nodes, lower monetary costs, and reduce execution
time under privacy, budget, and deadline requirements. We consider a two-phase
solution and develop 1) a privacy-preserving data splitting algorithm and 2) a
greedy Pareto front-based algorithm for optimizing the service allocation. We
conducted experiments with real and simulated data to validate and compare our
method with a baseline. The results show that our privacy mechanism design
outperforms the baseline regarding the average lower band on individual privacy
and information gain for privacy evaluation. In addition, our approach can
obtain various Pareto optimal-based allocations with users' preferences on the
maximum number of untrusted nodes, budget, and time threshold. Our solutions
often dominate the baseline's solution and are superior on a tight budget.
Specifically, our approach has been ahead of baseline, up to 85.2% and 6.8% in
terms of the total financial and time costs, respectively
Privacy-preserving efficient searchable encryption
Data storage and computation outsourcing to third-party managed data centers,
in environments such as Cloud Computing, is increasingly being adopted
by individuals, organizations, and governments. However, as cloud-based outsourcing
models expand to society-critical data and services, the lack of effective
and independent control over security and privacy conditions in such settings
presents significant challenges.
An interesting solution to these issues is to perform computations on encrypted
data, directly in the outsourcing servers. Such an approach benefits
from not requiring major data transfers and decryptions, increasing performance
and scalability of operations. Searching operations, an important application
case when cloud-backed repositories increase in number and size, are good examples
where security, efficiency, and precision are relevant requisites. Yet existing
proposals for searching encrypted data are still limited from multiple perspectives,
including usability, query expressiveness, and client-side performance and
scalability.
This thesis focuses on the design and evaluation of mechanisms for searching
encrypted data with improved efficiency, scalability, and usability. There are
two particular concerns addressed in the thesis: on one hand, the thesis aims at
supporting multiple media formats, especially text, images, and multimodal data
(i.e. data with multiple media formats simultaneously); on the other hand the
thesis addresses client-side overhead, and how it can be minimized in order to
support client applications executing in both high-performance desktop devices
and resource-constrained mobile devices.
From the research performed to address these issues, three core contributions
were developed and are presented in the thesis: (i) CloudCryptoSearch, a middleware
system for storing and searching text documents with privacy guarantees,
while supporting multiple modes of deployment (user device, local proxy, or computational cloud) and exploring different tradeoffs between security, usability, and performance; (ii) a novel framework for efficiently searching encrypted images
based on IES-CBIR, an Image Encryption Scheme with Content-Based Image
Retrieval properties that we also propose and evaluate; (iii) MIE, a Multimodal
Indexable Encryption distributed middleware that allows storing, sharing, and
searching encrypted multimodal data while minimizing client-side overhead and
supporting both desktop and mobile devices
SoK: Demystifying Privacy Enhancing Technologies Through the Lens of Software Developers
In the absence of data protection measures, software applications lead to
privacy breaches, posing threats to end-users and software organisations.
Privacy Enhancing Technologies (PETs) are technical measures that protect
personal data, thus minimising such privacy breaches. However, for software
applications to deliver data protection using PETs, software developers should
actively and correctly incorporate PETs into the software they develop.
Therefore, to uncover ways to encourage and support developers to embed PETs
into software, this Systematic Literature Review (SLR) analyses 39 empirical
studies on developers' privacy practices. It reports the usage of six PETs in
software application scenarios. Then, it discusses challenges developers face
when integrating PETs into software, ranging from intrinsic challenges, such as
the unawareness of PETs, to extrinsic challenges, such as the increased
development cost. Next, the SLR presents the existing solutions to address
these challenges, along with the limitations of the solutions. Further, it
outlines future research avenues to better understand PETs from a developer
perspective and minimise the challenges developers face when incorporating PETs
into software
MetodologÃa integral de protección de datos electrónicos médicos, aplicado al almacenamiento, acceso y análisis forense de las historias clÃnicas en Colombia
La Historia ClÃnica tiene unas caracterÃsticas especiales que requieren un manejo diferente desde el punto de vista de la seguridad informática. Dadas las condiciones que anteceden para mantener su integridad, además de cumplir con la normatividad propia de cada paÃs, se hace conveniente la transformación de la forma tradicional mediante manuscritos, a la utilización de las tecnologÃas de información. Con esta evolución, los incidentes de seguridad cibernética en un sector tan crÃtico como este, tienen un gran impacto en la sociedad, considerando que la información de la historia clÃnica podrÃa ser usada de manera inadecuada, permitiendo el robo de identidad, ingreso no autorizado, daño de la información u alteración de los datos del paciente. Aplicando la Resolución Colombiana 1995 de 1999 [1], se desprende que la información del paciente debe registrarse cronológicamente, de la misma manera que los actos médicos, procedimientos ejecutados por el equipo de médico o cualquiera intervenga en su atención, a lo largo de los planteamientos hechos, los sistemas de salud se van volviendo cada vez más vulnerables a incidentes de seguridad informática, en consecuencia a la automatización, las tecnologÃas de información, los volúmenes de información y la conexión con los pacientes; Al mismo tiempo la inclusión de la seguridad en los sistemas de información de salud no es una prioridad. El resultado de esta investigación es una metodologÃa integral que permita asegurar la accesibilidad al sistema, garantizar la integridad de los datos, además de la posibilidad de realizar un análisis forense en caso de ser vulnerado, al mismo tiempo logrando mitigar las causas, generando alertas, y factores por los cuales los datos electrónicos médicos en historias clÃnicas no logran ser protegidos.The Clinical History has some special characteristics that require different management from the point of view of computer security. Given the above conditions to maintain its integrity, in addition for complying with the regulations of each country, it is convenient to modify the traditional form by means of manuscripts, to the use of information technologies. With this evolution, the incidents of cybersecurity in a sector as critical as this one, have a great impact on society, such as information on history. Damage to information or alteration of patient data. Applying Colombian Resolution 1995 of 1999 [1], it follows that patient information must correspond chronologically, in the same way as medical acts, procedures performed by the doctor's team or any intervention in their care, throughout the given the facts, health systems are becoming increasingly vulnerable to computer security, automation, information technology, information and connection with patients; At the same time, the inclusion of security in health information systems is not a priority. The result of this research is a comprehensive methodology that allows accessibility in the system, the integrity of the data, the possibility of carrying out an analysis in the case of vulnerability, the same time in which mitigation of the causes is being achieved, generating alerts, electronic data in clinics cannot be protecte
- …