Distributed Key Management for Secure Role Based Messaging

Secure Role Based Messaging (SRBM) augments messaging systems with role oriented communication in a secure manner. Role occupants can sign and decrypt messages on behalf of roles. This paper identifies the requirements of SRBM and recognises the need for: distributed key shares, fast membership revocation, mandatory security controls and detection of identity spoofing. A shared RSA scheme is constructed. RSA keys are shared and distributed to role occupants and role gate keepers. Role occupants and role gate keepers must cooperate together to use the key shares to sign and decrypt the messages. Role occupant signatures can be verified by an audit service. A SRBM system architecture is developed to show the security related performance of the proposed scheme, which also demonstrates the implementation of fast membership revocation, mandatory security control and prevention of spoofing. It is shown that the proposed scheme has successfully coupled distributed security with mandatory security controls to realize secure role based messaging

An example of proving UC-realization with formal methods

In the universal composability framework we consider ideal functionalities for secure messaging and signcryption. Using traditional formal methods techniques we show that the secure messaging functionality can be UC-realized by a hybrid protocol that uses the signcryption functionality and a public key infrastructure functionality. We also discuss that the signcryption functionality can be UC-realized by a secure signcryption scheme

An identity-based key infrastructure suitable for messaging applications

Abstract—Identity-based encryption (IBE) systems are relatively recently proposed; yet they are highly popular for messaging applications since they offer new features such as certificateless infrastructure and anonymous communication. In this paper, we intended to propose an IBE infrastructure for messaging applications. The proposed infrastructure requires one registration authority and at least one public key generator and they secret share the master secret key. In addition, the PKG also shares the same master secret with each user in the system in a different way. Therefore, the PKG will never be able to learn the private keys of users under non-collusion assumption. We discuss different aspects of the proposed infrastructure such as security, key revocation, uniqueness of the identities that constitute the main drawbacks of other IBE schemes. We demonstrate that our infrastructure solves many of these drawbacks under certain assumptions

Information technologies that facilitate care coordination: provider and patient perspectives

Health information technology is a core infrastructure for the chronic care model, integrated care, and other organized care delivery models. From the provider perspective, health information exchange (HIE) helps aggregate and share information about a patient or population from several sources. HIE technologies include direct messages, transfer of care, and event notification services. From the patient perspective, personal health records, secure messaging, text messages, and other mHealth applications may coordinate patients and providers. Patient-reported outcomes and social media technologies enable patients to share health information with many stakeholders, including providers, caregivers, and other patients. An information architecture that integrates personal health record and mHealth applications, with HIEs that combine the electronic health records of multiple healthcare systems will create a rich, dynamic ecosystem for patient collaboration