Rights management technologies: A good choice for securing electronic healthrecords?

Advances in healthcare IT bring new concerns with respect to privacy and security. Security critical patient data no longer resides on mainframes physically isolated within an organization, where physical security measures can be taken to defend the data and the system. Modern solutions are heading towards open, interconnected environments where storage outsourcing and operations on untrusted servers happen frequently. In order to allow secure sharing of health records between different healthcare providers, Rights Management Techniques facilitating a datacentric protection model can be employed: data is cryptographically protected and allowed to be outsourced or even freely float on the network. Rather than relying on different networks to provide confidentiality, integrity and authenticity, data is protected at the end points of the communication. In this paper we compare Enterprise/Digital Rights Management with traditional security techniques and discuss how Rights Management can be applied to secure Electronic Health Records

Privacy-preserving architecture for forensic image recognition

Forensic image recognition is an important tool in many areas of law enforcement where an agency wants to prosecute possessors of illegal images. The recognition of illegal images that might have undergone human imperceptible changes (e.g., a JPEG-recompression) is commonly done by computing a perceptual image hash function of a given image and then matching this hash with perceptual hash values in a database of previously collected illegal images. To prevent privacy violation, agencies should only learn about images that have been reliably detected as illegal and nothing else. In this work, we argue that the prevalent presence of separate departments in such agencies can be used to enforce the need-to-know principle by separating duties among them. This enables us to construct the first practically efficient architecture to perform forensic image recognition in a privacy-preserving manner. By deriving unique cryptographic keys directly from the images, we can encrypt all sensitive data and ensure that only illegal images can be recovered by the law enforcement agency while all other information remains protected

JPEG steganography with particle swarm optimization accelerated by AVX

Digital steganography aims at hiding secret messages in digital data transmitted over insecure channels. The JPEG format is prevalent in digital communication, and images are often used as cover objects in digital steganography. Optimization methods can improve the properties of images with embedded secret but introduce additional computational complexity to their processing. AVX instructions available in modern CPUs are, in this work, used to accelerate data parallel operations that are part of image steganography with advanced optimizations.Web of Science328art. no. e544

Detecting Malicious Code by Model Checking

Abstract. The ease of compiling malicious code from source code in higher programming languages has increased the volatility of malicious programs: The first appearance of a new worm in the wild is usually followed by modified versions in quick succession. As demonstrated by Christodorescu and Jha, however, classical detection software relies on static patterns, and is easily outsmarted. In this paper, we present a flexible method to detect malicious code patterns in executables by model checking. While model checking was originally developed to verify the correctness of systems against specifications, we argue that it lends itself equally well to the specification of malicious code patterns. To this end, we introduce the specification language CTPL (Computation Tree Predicate Logic) which extends the well-known logic CTL, and describe an efficient model checking algorithm. Our practical experiments demonstrate that we are able to detect a large number of worm variants with a single specification. Key words: Model Checking, Malware Detection.

LiDAR mapping of tidal marshes for ecogeomorphological modelling in the TIDE project

The European research project TIDE (Tidal Inlets Dynamics and Environment) is developing and validating coupled models describing the morphological, biological and ecological evolution of tidal environments. The interactions between the physical and biological processes occurring in these regions requires that the system be studied as a whole rather than as separate parts. Extensive use of remote sensing including LiDAR is being made to provide validation data for the modelling. This paper describes the different uses of LiDAR within the project and their relevance to the TIDE science objectives. LiDAR data have been acquired from three different environments, the Venice Lagoon in Italy, Morecambe Bay in England, and the Eden estuary in Scotland. LiDAR accuracy at each site has been evaluated using ground reference data acquired with differential GPS. A semi-automatic technique has been developed to extract tidal channel networks from LiDAR data either used alone or fused with aerial photography. While the resulting networks may require some correction, the procedure does allow network extraction over large areas using objective criteria and reduces fieldwork requirements. The networks extracted may subsequently be used in geomorphological analyses, for example to describe the drainage patterns induced by networks and to examine the rate of change of networks. Estimation of the heights of the low and sparse vegetation on marshes is being investigated by analysis of the statistical distribution of the measured LiDAR heights. Species having different mean heights may be separated using the first-order moments of the height distribution

Proofs of the undecidability of stegananalysis techniques

Steganalysis comprises a set of techniques that strive to find concealed information within diverse types of digital media. On the contrary, Steganography involves a group of methods that, by manipulation of a cover object, aims to hide information to make it imperceptible. Current Steganalysis techniques suffer from a certain degree of failure in the detection of a payload and, frequently, the impossibility to discover if a media hides some information. In this chapter, we prove that the detection of hidden material within a media, or a Steganalysis procedure, is an undecidable problem. Our proof comprises two sets of tests: first, we demonstrate the undecidability by the principle of Diagonalization of Cantor, and second, we applied a reduction technique based on the undecidability of malware detection. For this part, we outline the hypothesis that there exists a similitude between Steganography techniques and the generation of an innocuous computer virus. Both demonstrations proved that Steganalysis procedures are undecidable problems

A Block Oriented Fingerprinting Scheme in Relational Database

The need for protecting rights over relational data is of ever increasing concern. There have recently been some pioneering works in this area. In this paper, we propose an effective fingerprinting scheme based on the idea of block method in the area of multimedia fingerprinting. The scheme ensures that certain bit positions of the data contain specific values. The bit positions are determined by the keys known only to the owner of the data and different buyers of the database have different bit positions and different specific values for those bit positions. The detection of the fingerprint can be completed even with a small subset of a marked relation in case that the sample contains the fingerprint. Our extensive analysis shows that the proposed scheme is robust against various forms of attacks, including adding, deleting, shuffling or modifying tuples or attributes and colluding with other recipients of a relation, and ensures the integrity of relation at the same time. ? Springer-Verlag Berlin Heidelberg 2005.EI

Electromagnetic Transmission of Intellectual Property Data to Protect FPGA Designs

International audienceOver the past 10 years, the designers of intellectual properties(IP) have faced increasing threats including cloning, counterfeiting, andreverse-engineering. This is now a critical issue for the microelectronicsindustry. The design of a secure, efficient, lightweight protection scheme fordesign data is a serious challenge for the hardware security community. In thiscontext, this chapter presents two ultra-lightweight transmitters using sidechannel leakage based on electromagnetic emanation to send embedded IPidentity discreetly and quickl