Book

Adaptive Cryptographic Access Control

DOI: 10.1007/978-1-4419-6655-1 Publisher: Springer, ISBN: 978-0-387-77265-3
Source: DBLP
0 Bookmarks
 · 
55 Views
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: EHR technology has come into widespread use and has attracted attention in healthcare institutions as well as in research. Cloud services are used to build efficient EHR systems and obtain the greatest benefits of EHR implementation. Many issues relating to building an ideal EHR system in the cloud, especially the tradeoff between flexibility and security, have recently surfaced. The privacy of patient records in cloud platforms is still a point of contention. In this research, we are going to improve the management of access control by restricting participants' access through the use of distinct encrypted parameters for each participant in the cloud-based database. Also, we implement and improve an existing secure index search algorithm to enhance the efficiency of information control and flow through a cloud-based EHR system. At the final stage, we contribute to the design of reliable, flexible and secure access control, enabling quick access to EHR information.
    Conference proceedings: ... Annual International Conference of the IEEE Engineering in Medicine and Biology Society. IEEE Engineering in Medicine and Biology Society. Conference 07/2013; 2013:4191-4194.
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Nowadays, cryptographic devices are widely used, so how to assess the security of them becomes a pivotal issue. There are two conventional ways to do this, by analyzing the underlying cryptographic protocols or by estimating if the devices meet standards such as FIPS 140-2 or Common Criteria Standard Documents. However, neither of them provides a comprehensive view of the security of the devices. In this paper, we first propose a bottom-up method to prove the UC (Universally Composable) security of the cryptographic devices composed by hardware, software and protocols, and give a general security framework of them. Base on the framework, we present a method that describes the local physical security of cryptographic SoC hardware as UC security. Then we establish the equivalence of software codes and the real-world models in the condition of “Exactly Realize”, which illustrate the UC security of software. Besides, we propose methods to construct UC secure cryptographic modules from UC secure cryptographic SoC and a further method to construct UC secure cryptographic devices. Furthermore, based on the idea of bottom-up, we can develop new UC secure cryptographic devices which are more powerful by the combination of the existed UC secure cryptographic devices.
    Information Security Practice and Experience - 7th International Conference, ISPEC 2011, Guangzhou, China, May 30 - June 1, 2011. Proceedings; 01/2011