Privacy Enhanced Access Control by Means of Policy Blinding

Traditional techniques of enforcing an access control policy\ud rely on an honest reference monitor to enforce the policy. However, for\ud applications where the resources are sensitive, the access control policy\ud might also be sensitive. As a result, an honest-but-curious reference monitor would glean some interesting information from the requests that it\ud processes. For example if a requestor in a role psychiatrist is granted access to a document, the patient associated with that document probably\ud has a psychiatric problem. The patient would consider this sensitive in-\ud formation, and she might prefer the honest-but-curious reference monitor\ud to remain oblivious of her mental problem.\ud We present a high level framework for querying and enforcing a role\ud based access control policy that identifies where sensitive information\ud might be disclosed. We then propose a construction which enforces a\ud role based access control policy cryptographically, in such a way that the\ud reference monitor learns as little as possible about the policy. (The reference monitor only learns something from repeated queries). We prove\ud the security of our scheme showing that it works in theory, but that it\ud has a practical drawback. However, the practical drawback is common\ud to all cryptographically enforced access policy schemes. We identify several approaches to mitigate the drawback and conclude by arguing that\ud there is an underlying fundamental problem that cannot be solved. We\ud also show why attribute based encryption techniques do not not solve the\ud problem of enforcing policy by an honest but curious reference monitor

Mediated Ciphertext-Policy Attribute-Based Encryption and its Application (extended version)

In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user secret key is associated with a set of attributes, and the ciphertext is associated with an access policy over attributes. The user can decrypt the ciphertext if and only if the attribute set of his secret key satisfies the access policy specified in the ciphertext. Several CP-ABE schemes have been proposed, however, some practical problems, such as attribute revocation, still needs to be addressed. In this paper, we propose a mediated Ciphertext-Policy Attribute-Based Encryption (mCP-ABE) which extends CP-ABE with instantaneous attribute revocation. Furthermore, we demonstrate how to apply the proposed mCP-ABE scheme to securely manage Personal Health Records (PHRs)

Galois geometries and applications

Proceedings of the international conference Galois geometries and applications, Ghent, Belgium, May 25-29, 200

Reducing the environmental impact of surgery on a global scale: systematic review and co-prioritization with healthcare workers in 132 countries

Background Healthcare cannot achieve net-zero carbon without addressing operating theatres. The aim of this study was to prioritize feasible interventions to reduce the environmental impact of operating theatres. Methods This study adopted a four-phase Delphi consensus co-prioritization methodology. In phase 1, a systematic review of published interventions and global consultation of perioperative healthcare professionals were used to longlist interventions. In phase 2, iterative thematic analysis consolidated comparable interventions into a shortlist. In phase 3, the shortlist was co-prioritized based on patient and clinician views on acceptability, feasibility, and safety. In phase 4, ranked lists of interventions were presented by their relevance to high-income countries and low–middle-income countries. Results In phase 1, 43 interventions were identified, which had low uptake in practice according to 3042 professionals globally. In phase 2, a shortlist of 15 intervention domains was generated. In phase 3, interventions were deemed acceptable for more than 90 per cent of patients except for reducing general anaesthesia (84 per cent) and re-sterilization of ‘single-use’ consumables (86 per cent). In phase 4, the top three shortlisted interventions for high-income countries were: introducing recycling; reducing use of anaesthetic gases; and appropriate clinical waste processing. In phase 4, the top three shortlisted interventions for low–middle-income countries were: introducing reusable surgical devices; reducing use of consumables; and reducing the use of general anaesthesia. Conclusion This is a step toward environmentally sustainable operating environments with actionable interventions applicable to both high– and low–middle–income countries

On proactive secret sharing schemes

This paper investigates the security of Proactive Secret Sharing Schemes. We start with revision of the mobile adversary model of Herzberg’s et al. imposing less restriction to the adversary. We first investigate the approach of using commitment to 0 in the renewal phase in order to renew the player’s shares. In the considered model some well known computationally secure protocols (which use this approach) turns out to be vulnerable to a specific attack. We show that this type of attack is applicable also in the unconditional case. Then we extend the attack of D’Arco and Stinson to non-symmetric polynomials, which is applicable even in the mobile adversary model of Herzberg et al. Next the conditions for the security of a proactive scheme using this approach are shown. We also investigate another approach to add proactivity, namely using re-sharing instead of commitment to 0. Two protocols using this approach are described and it is shown that both are not secure against a mobile adversary. The main contribution of the paper is to show specific weaknesses, when a mobile adversary is considered

Using normal bases for compact hardware implementations of the AES S-box

The substitution box (S-box) of the Advanced Encryption Standard (AES) is based on the multiplicative inversion \inverse(x) = x^{-1} in GF(256) and followed by an affine transformation in GF(2). The S-box is the most expansive building block of any hardware implementation of the AES, and the multiplicative inversion is the most costly step of the S-box transformation. There exist many publications about hardware implementations of the S-box and the smallest known implementations are based on normal bases. In this paper, we introduce a new method to implement the multiplicative inversion over GF(256) based on normal bases that have not been considered before in the context of AES implementations