Secure Management of Personal Health Records by Applying Attribute-Based Encryption

The confidentiality of personal health records is a major problem when patients use commercial Web-based systems to store their health data. Traditional access control mechanisms, such as Role-Based Access Control, have several limitations with respect to enforcing access control policies and ensuring data confidentiality. In particular, the data has to be stored on a central server locked by the access control mechanism, and the data owner loses control on the data from the moment when the data is sent to the requester. Therefore, these mechanisms do not fulfil the requirements of data outsourcing scenarios where the third party storing the data should not have access to the plain data, and it is not trusted to enforce access control policies. In this paper, we describe a new approach which enables secure storage and controlled sharing of patient’s health records in the aforementioned scenarios. A new variant of a ciphertext-policy attribute-based encryption scheme is proposed to enforce patient/organizational access control policies such that everyone can download the encrypted data but only authorized users from the social domain (e.g. family, friends, or fellow patients) or authorized users from the professional\ud domain (e.g. doctors or nurses) are allowed to decrypt it

Secure Communication using Identity Based Encryption

Secured communication has been widely deployed to guarantee confidentiality and\ud integrity of connections over untrusted networks, e.g., the Internet. Although\ud secure connections are designed to prevent attacks on the connection, they hide\ud attacks inside the channel from being analyzed by Intrusion Detection Systems\ud (IDS). Furthermore, secure connections require a certain key exchange at the\ud initialization phase, which is prone to Man-In-The-Middle (MITM) attacks. In this paper, we present a new method to secure connection which enables Intrusion Detection and overcomes the problem of MITM attacks. We propose to apply Identity Based Encryption (IBE) to secure a communication channel. The key escrow property of IBE is used to recover the decryption key, decrypt network traffic on the fly, and scan for malicious content. As the public key can be generated based on the identity of the connected server and its exchange is not necessary, MITM attacks are not easy to be carried out any more. A prototype of a modified TLS scheme is implemented and proved with a simple client-server application. Based on this prototype, a new IDS sensor is developed to be capable of identifying IBE encrypted secure traffic on the fly. A deployment architecture of the IBE sensor in a company network is proposed. Finally, we show the applicability by a practical experiment and some preliminary performance measurements

An Identity-Based Group Signature with Membership Revocation in the Standard Model

Group signatures allow group members to sign an arbitrary number\ud of messages on behalf of the group without revealing their\ud identity. Under certain circumstances the group manager holding a\ud tracing key can reveal the identity of the signer from the\ud signature. Practical group signature schemes should support\ud membership revocation where the revoked member loses the\ud capability to sign a message on behalf of the group without\ud influencing the other non-revoked members. A model known as\ud \emph{verifier-local revocation} supports membership revocation.\ud In this model the trusted revocation authority sends revocation\ud messages to the verifiers and there is no need for the trusted\ud revocation authority to contact non-revoked members to update\ud their secret keys. Previous constructions of verifier-local\ud revocation group signature schemes either have a security proof in the\ud random oracle model or are non-identity based. A security proof\ud in the random oracle model is only a heuristic proof and\ud non-identity-based group signature suffer from standard Public Key\ud Infrastructure (PKI) problems, i.e. the group public key is not\ud derived from the group identity and therefore has to be certified.\ud \ud \ud In this work we construct the first verifier-local revocation group\ud signature scheme which is identity-based and which has a security proof in the standard model. In\ud particular, we give a formal security model for the proposed\ud scheme and prove that the scheme has the\ud property of selfless-anonymity under the decision Linear (DLIN)\ud assumption and it is fully-traceable under the\ud Computation Diffie-Hellman (CDH) assumption. The proposed scheme is based on prime order bilinear\ud groups

A Type-and-Identity-based Proxy Re-Encryption Scheme and its Application in Healthcare

Proxy re-encryption is a cryptographic primitive developed to delegate the decryption right from one party (the delegator) to another (the delegatee). In a proxy re-encryption scheme, the delegator assigns a key to a proxy to re-encrypt all messages encrypted with his public key such that the re-encrypted ciphertexts can be decrypted with the delegatee’s private key. We propose a type-and-identity-based proxy re-encryption scheme based on the Boneh-Franklin Identity Based Encryption (IBE) scheme. In our scheme, the delegator can categorize messages into different types and delegate the decryption right of each type to the delegatee through a proxy. Our scheme enables the delegator to provide the proxy fine-grained re-encryption capability. As an application, we propose a fine-grained Personal Health Record (PHR) disclosure scheme for healthcare service by applying the proposed scheme

Public-Key Encryption with Delegated Search

In public-key setting, Alice encrypts email with public key of Bob, so that only Bob will be able to learn contents of email. Consider scenario when computer of Alice is infected and unbeknown to Alice it also embeds malware into message. Bob's company, Carol, cannot scan his email for malicious content as it is encrypted so burden is on Bob to do scan. This is not efficient. We construct mechanism that enables Bob to provide trapdoors to Carol such that Carol, given encrypted data and malware signature, is able to check whether encrypted data contains malware signature, without decrypting it. We refer to this mechanism as Public-Key Encryption with Delegated Search SPKE.\ud \ud We formalize SPKE and give construction based on ElGamal public-key encryption (PKE). proposed scheme has ciphertexts which are both searchable and decryptable. This property of scheme is crucial since entity can search entire content of message, in contrast to existing searchable public-key encryption schemes where search is done only in metadata part. We prove in standard model that scheme is ciphertext indistinguishable and trapdoor indistinguishable under Symmetric External Diffie-Hellman (sxdh) assumption. We prove also ciphertext one-wayness of scheme under modified Computational Diffie-Hellman (mcdh) assumption. We show that our PKEDS scheme can be used in different applications such as detecting encrypted malwares and forwarding encrypted emails

Usar la lengua en la escuela.

La meta del proceso de aprendizaje de la lectura y la escritura en un sentido amplio es la participación activa de los nuevos miembros en las prácticas letradas de su comunidad. Dado que lo que se busca es pericia en determinadas prácticas, el mejor camino para alcanzarla es por medio de la inmersión en versiones auténticas de esas prácticas, en las cuales el uso de la lengua y de los textos responde a propósitos que van más allá de la enseñanza de la lectura y la escritura. Una vez discutidas las evidencias empíricas que apoyan esta propuesta, se presentará un enfoque transversal de la lectura y la escritura. Según este enfoque, la formación de miembros activos de la cultura escrita ha de realizarse no solamente desde la clase de lengua sino desde otras disciplinas curriculares no lingüísticas. A diferencia de lo que sucede en el área de lengua, en la cual hay que tratar de que se cree la necesidad para que tenga sentido introducir diversos tipos de texto, en las otras áreas curriculares se trata de crear los textos para responder a necesidades que ya existen. En las áreas no lingüísticas es donde hay más posibilidades de utilizar con sentido textos auténticos con diversas finalidades. La propuesta de transversalidad ha encontrado escollos importantes para atender los requerimientos de diversidad y autenticidad de los textos, la interacción entre lengua oral y escrita y el intercambio entre pares, entre ellos, el uso exclusivo de libros de texto, la dificultad de encarar en las aulas un trabajo diversificado y la fragmentación de responsabilidades. Estos escollos reflejan los cambios cruciales que esta propuesta implica y algunos aspectos de nuestra cultura escolar que convendría superar si se quiere formar lectores comprensivos y críticos, ciudadanos hábiles en el manejo de la información escrita

Privacy and security in e-health applications

The introduction of e-Health and extramural applications in the personal healthcare domain has raised serious concerns about security and privacy of health data. Novel digital technologies require other security approaches in addition to the traditional "purely physical" approach. Furthermore, privacy is becoming an increasing concern in domains that deal with sensitive information such as healthcare, which cannot absorb the costs of security abuses in the system. Once sensitive information about an individual's health is uncovered and social damage is done, there is no way to revoke the information or to restitute the individual. Therefore, in addition to legal means, it is very important to provide and enforce privacy and security in healthcare by technological means. In this chapter, the authors analyze privacy and security requirements in healthcare, explain their importance and review both classical and novel security technologies that could fulfill these requirements

An encryption scheme for a secure policy updating

Ciphertext policy attribute based encryption is an encryption technique where the data is encrypted according to an access policy over attributes. Users who have a secret key associated with a set of attributes which satisfy the access policy can decrypt the encrypted data. However, one of the drawbacks of the CP-ABE is that it does not support updating access control policies without decrypting the encrypted data. We present a new variant of the CP-ABE scheme called ciphertext policy attribute based proxy re-encryption (CP-ABPRE). The proposed scheme allows to update the access control policy of the encrypted data without decrypting the ciphertext. The scheme uses a semitrusted entity called proxy to re-encrypt the encrypted data according to a new access control policy such that only users who satisfy the new policy can decrypt the data. The construction of our scheme is based on prime order bilinear groups. We give a formal definition for semantic security and provide a security proof in the generic group model

Ciphertext-Policy Attribute-Based Encryption and Re-Encryption

A ciphertext-policy attribute-based encryption system, comprising a re-encrypter (9) for cryptographically transforming a first ciphertext (CTp1) associated with a first access policy (P1) into a second ciphertext (CTP2) associated with a second access policy (P2) by means of a re-encryption key (RK). The system further comprises a re-encryption key generator (7) for generating the re-encryption key (RK), wherein the re-encryption key (RK) enables the re-encrypter (9) to cryptographically transform the first ciphertext (CTP1) associated with the first access policy (P1) into the second ciphertext (CTP2) associated with the second access policy (P2). Said re-encryption key generator (7) comprises a subsystem for encrypting a value derived from a pseudorandom number, thereby generating a further ciphertext associated with the second access policy (P2)