A secure smart-card based authentication and key agreement scheme for telecare medicine information systems.

Science.gov (United States)

Lee, Tian-Fu; Liu, Chuan-Ming

2013-06-01

A smart-card based authentication scheme for telecare medicine information systems enables patients, doctors, nurses, health visitors and the medicine information systems to establish a secure communication platform through public networks. Zhu recently presented an improved authentication scheme in order to solve the weakness of the authentication scheme of Wei et al., where the off-line password guessing attacks cannot be resisted. This investigation indicates that the improved scheme of Zhu has some faults such that the authentication scheme cannot execute correctly and is vulnerable to the attack of parallel sessions. Additionally, an enhanced authentication scheme based on the scheme of Zhu is proposed. The enhanced scheme not only avoids the weakness in the original scheme, but also provides users' anonymity and authenticated key agreements for secure data communications.

A Secure and Efficient Certificateless Short Signature Scheme

Directory of Open Access Journals (Sweden)

Lin Cheng

2013-07-01

Full Text Available Certificateless public key cryptography combines advantage of traditional public key cryptography and identity-based public key cryptography as it avoids usage of certificates and resolves the key escrow problem. In 2007, Huang et al. classified adversaries against certificateless signatures according to their attack power into normal, strong and super adversaries (ordered by their attack power. In this paper, we propose a new certificateless short signature scheme and prove that it is secure against both of the super type I and the super type II adversaries. Our new scheme not only achieves the strongest security level but also has the shortest signature length (one group element. Compared with the other short certificateless signature schemes which have a similar security level, our new scheme has less operation cost.

A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS.

Science.gov (United States)

Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

2015-09-01

The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to

A secure user anonymity-preserving three-factor remote user authentication scheme for the telecare medicine information systems.

Science.gov (United States)

Das, Ashok Kumar

2015-03-01

Recent advanced technology enables the telecare medicine information system (TMIS) for the patients to gain the health monitoring facility at home and also to access medical services over the Internet of mobile networks. Several remote user authentication schemes have been proposed in the literature for TMIS. However, most of them are either insecure against various known attacks or they are inefficient. Recently, Tan proposed an efficient user anonymity preserving three-factor authentication scheme for TMIS. In this paper, we show that though Tan's scheme is efficient, it has several security drawbacks such as (1) it fails to provide proper authentication during the login phase, (2) it fails to provide correct updation of password and biometric of a user during the password and biometric update phase, and (3) it fails to protect against replay attack. In addition, Tan's scheme lacks the formal security analysis and verification. Later, Arshad and Nikooghadam also pointed out some security flaws in Tan's scheme and then presented an improvement on Tan's s scheme. However, we show that Arshad and Nikooghadam's scheme is still insecure against the privileged-insider attack through the stolen smart-card attack, and it also lacks the formal security analysis and verification. In order to withstand those security loopholes found in both Tan's scheme, and Arshad and Nikooghadam's scheme, we aim to propose an effective and more secure three-factor remote user authentication scheme for TMIS. Our scheme provides the user anonymity property. Through the rigorous informal and formal security analysis using random oracle models and the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, we show that our scheme is secure against various known attacks, including the replay and man-in-the-middle attacks. Furthermore, our scheme is also efficient as compared to other related schemes.

An efficient and provable secure revocable identity-based encryption scheme.

Directory of Open Access Journals (Sweden)

Changji Wang

Full Text Available Revocation functionality is necessary and crucial to identity-based cryptosystems. Revocable identity-based encryption (RIBE has attracted a lot of attention in recent years, many RIBE schemes have been proposed in the literature but shown to be either insecure or inefficient. In this paper, we propose a new scalable RIBE scheme with decryption key exposure resilience by combining Lewko and Waters' identity-based encryption scheme and complete subtree method, and prove our RIBE scheme to be semantically secure using dual system encryption methodology. Compared to existing scalable and semantically secure RIBE schemes, our proposed RIBE scheme is more efficient in term of ciphertext size, public parameters size and decryption cost at price of a little looser security reduction. To the best of our knowledge, this is the first construction of scalable and semantically secure RIBE scheme with constant size public system parameters.

Security problem on arbitrated quantum signature schemes

International Nuclear Information System (INIS)

Choi, Jeong Woon; Chang, Ku-Young; Hong, Dowon

2011-01-01

Many arbitrated quantum signature schemes implemented with the help of a trusted third party have been developed up to now. In order to guarantee unconditional security, most of them take advantage of the optimal quantum one-time encryption based on Pauli operators. However, in this paper we point out that the previous schemes provide security only against a total break attack and show in fact that there exists an existential forgery attack that can validly modify the transmitted pair of message and signature. In addition, we also provide a simple method to recover security against the proposed attack.

Security problem on arbitrated quantum signature schemes

Energy Technology Data Exchange (ETDEWEB)

Choi, Jeong Woon [Emerging Technology R and D Center, SK Telecom, Kyunggi 463-784 (Korea, Republic of); Chang, Ku-Young; Hong, Dowon [Cryptography Research Team, Electronics and Telecommunications Research Institute, Daejeon 305-700 (Korea, Republic of)

2011-12-15

Many arbitrated quantum signature schemes implemented with the help of a trusted third party have been developed up to now. In order to guarantee unconditional security, most of them take advantage of the optimal quantum one-time encryption based on Pauli operators. However, in this paper we point out that the previous schemes provide security only against a total break attack and show in fact that there exists an existential forgery attack that can validly modify the transmitted pair of message and signature. In addition, we also provide a simple method to recover security against the proposed attack.

Sensor data security level estimation scheme for wireless sensor networks.

Science.gov (United States)

Ramos, Alex; Filho, Raimir Holanda

2015-01-19

Due to their increasing dissemination, wireless sensor networks (WSNs) have become the target of more and more sophisticated attacks, even capable of circumventing both attack detection and prevention mechanisms. This may cause WSN users, who totally trust these security mechanisms, to think that a sensor reading is secure, even when an adversary has corrupted it. For that reason, a scheme capable of estimating the security level (SL) that these mechanisms provide to sensor data is needed, so that users can be aware of the actual security state of this data and can make better decisions on its use. However, existing security estimation schemes proposed for WSNs fully ignore detection mechanisms and analyze solely the security provided by prevention mechanisms. In this context, this work presents the sensor data security estimator (SDSE), a new comprehensive security estimation scheme for WSNs. SDSE is designed for estimating the sensor data security level based on security metrics that analyze both attack prevention and detection mechanisms. In order to validate our proposed scheme, we have carried out extensive simulations that show the high accuracy of SDSE estimates.

Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems.

Science.gov (United States)

Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Li, Xiong

2015-11-01

The E-health care systems employ IT infrastructure for maximizing health care resources utilization as well as providing flexible opportunities to the remote patient. Therefore, transmission of medical data over any public networks is necessary in health care system. Note that patient authentication including secure data transmission in e-health care system is critical issue. Although several user authentication schemes for accessing remote services are available, their security analysis show that none of them are free from relevant security attacks. We reviewed Das et al.'s scheme and demonstrated their scheme lacks proper protection against several security attacks such as user anonymity, off-line password guessing attack, smart card theft attack, user impersonation attack, server impersonation attack, session key discloser attack. In order to overcome the mentioned security pitfalls, this paper proposes an anonymity preserving remote patient authentication scheme usable in E-health care systems. We then validated the security of the proposed scheme using BAN logic that ensures secure mutual authentication and session key agreement. We also presented the experimental results of the proposed scheme using AVISPA software and the results ensure that our scheme is secure under OFMC and CL-AtSe models. Moreover, resilience of relevant security attacks has been proved through both formal and informal security analysis. The performance analysis and comparison with other schemes are also made, and it has been found that the proposed scheme overcomes the security drawbacks of the Das et al.'s scheme and additionally achieves extra security requirements.

Security of Linear Secret-Sharing Schemes Against Mass Surveillance

DEFF Research Database (Denmark)

Giacomelli, Irene; Olimid, Ruxandra; Ranellucci, Samuel

2015-01-01

by a proprietary code that the provider (“big brother”) could manipulate to covertly violate the privacy of the users (by implementing Algorithm-Substitution Attacks or ASAs). First, we formalize the security notion that expresses the goal of big brother and prove that for any linear secret-sharing scheme...... there exists an undetectable subversion of it that efficiently allows surveillance. Second, we formalize the security notion that assures that a sharing scheme is secure against ASAs and construct the first sharing scheme that meets this notion....

Distributed public key schemes secure against continual leakage

DEFF Research Database (Denmark)

Akavia, Adi; Goldwasser, Shafi; Hazay, Carmit

2012-01-01

-secure against continual memory leakage. Our DPKE scheme also implies a secure storage system on leaky devices, where a value s can be secretely stored on devices that continually leak information about their internal state to an external attacker. The devices go through a periodic refresh protocol......In this work we study distributed public key schemes secure against continual memory leakage. The secret key will be shared among two computing devices communicating over a public channel, and the decryption operation will be computed by a simple 2-party protocol between the devices. Similarly...... against continual memory leakage, under the Bilinear Decisional Diffie-Hellman and $2$-linear assumptions. Our schemes have the following properties: 1. Our DPKE and DIBE schemes tolerate leakage at all times, including during refresh. During refresh the tolerated leakage is a (1/2-o (1),1)-fraction...

Sensor Data Security Level Estimation Scheme for Wireless Sensor Networks

Science.gov (United States)

Ramos, Alex; Filho, Raimir Holanda

2015-01-01

Due to their increasing dissemination, wireless sensor networks (WSNs) have become the target of more and more sophisticated attacks, even capable of circumventing both attack detection and prevention mechanisms. This may cause WSN users, who totally trust these security mechanisms, to think that a sensor reading is secure, even when an adversary has corrupted it. For that reason, a scheme capable of estimating the security level (SL) that these mechanisms provide to sensor data is needed, so that users can be aware of the actual security state of this data and can make better decisions on its use. However, existing security estimation schemes proposed for WSNs fully ignore detection mechanisms and analyze solely the security provided by prevention mechanisms. In this context, this work presents the sensor data security estimator (SDSE), a new comprehensive security estimation scheme for WSNs. SDSE is designed for estimating the sensor data security level based on security metrics that analyze both attack prevention and detection mechanisms. In order to validate our proposed scheme, we have carried out extensive simulations that show the high accuracy of SDSE estimates. PMID:25608215

Sensor Data Security Level Estimation Scheme for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Alex Ramos

2015-01-01

Full Text Available Due to their increasing dissemination, wireless sensor networks (WSNs have become the target of more and more sophisticated attacks, even capable of circumventing both attack detection and prevention mechanisms. This may cause WSN users, who totally trust these security mechanisms, to think that a sensor reading is secure, even when an adversary has corrupted it. For that reason, a scheme capable of estimating the security level (SL that these mechanisms provide to sensor data is needed, so that users can be aware of the actual security state of this data and can make better decisions on its use. However, existing security estimation schemes proposed for WSNs fully ignore detection mechanisms and analyze solely the security provided by prevention mechanisms. In this context, this work presents the sensor data security estimator (SDSE, a new comprehensive security estimation scheme for WSNs. SDSE is designed for estimating the sensor data security level based on security metrics that analyze both attack prevention and detection mechanisms. In order to validate our proposed scheme, we have carried out extensive simulations that show the high accuracy of SDSE estimates.

A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system.

Science.gov (United States)

Das, Ashok Kumar

2015-03-01

An integrated EPR (Electronic Patient Record) information system of all the patients provides the medical institutions and the academia with most of the patients' information in details for them to make corrective decisions and clinical decisions in order to maintain and analyze patients' health. In such system, the illegal access must be restricted and the information from theft during transmission over the insecure Internet must be prevented. Lee et al. proposed an efficient password-based remote user authentication scheme using smart card for the integrated EPR information system. Their scheme is very efficient due to usage of one-way hash function and bitwise exclusive-or (XOR) operations. However, in this paper, we show that though their scheme is very efficient, their scheme has three security weaknesses such as (1) it has design flaws in password change phase, (2) it fails to protect privileged insider attack and (3) it lacks the formal security verification. We also find that another recently proposed Wen's scheme has the same security drawbacks as in Lee at al.'s scheme. In order to remedy these security weaknesses found in Lee et al.'s scheme and Wen's scheme, we propose a secure and efficient password-based remote user authentication scheme using smart cards for the integrated EPR information system. We show that our scheme is also efficient as compared to Lee et al.'s scheme and Wen's scheme as our scheme only uses one-way hash function and bitwise exclusive-or (XOR) operations. Through the security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks.

A robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

Science.gov (United States)

Wen, Fengtong

2013-12-01

User authentication plays an important role to protect resources or services from being accessed by unauthorized users. In a recent paper, Das et al. proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. This scheme uses three factors, e.g. biometrics, password, and smart card, to protect the security. It protects user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Das et al.'s scheme, and show that the scheme is in fact insecure against the replay attack, user impersonation attacks and off-line guessing attacks. Then, we also propose a robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Compared with the existing schemes, our protocol uses a different user authentication mechanism to resist replay attack. We show that our proposed scheme can provide stronger security than previous protocols. Furthermore, we demonstrate the validity of the proposed scheme through the BAN (Burrows, Abadi, and Needham) logic.

A secure communication scheme using projective chaos synchronization

International Nuclear Information System (INIS)

Li Zhigang; Xu Daolin

2004-01-01

Most secure communication schemes using chaotic dynamics are based on identical synchronization. In this paper, we show the possibility of secure communication using projective synchronization (PS). The unpredictability of the scaling factor in projective synchronization can additionally enhance the security of communication. It is also showed that the scaling factor can be employed to improve the robustness against noise contamination. The feasibility of the communication scheme in high-dimensional chaotic systems, such as the hyperchaotic Roessler system, is demonstrated. Numerical results show the success in transmitting a sound signal through chaotic systems

A Secure and Scalable Data Communication Scheme in Smart Grids

Directory of Open Access Journals (Sweden)

Chunqiang Hu

2018-01-01

Full Text Available The concept of smart grid gained tremendous attention among researchers and utility providers in recent years. How to establish a secure communication among smart meters, utility companies, and the service providers is a challenging issue. In this paper, we present a communication architecture for smart grids and propose a scheme to guarantee the security and privacy of data communications among smart meters, utility companies, and data repositories by employing decentralized attribute based encryption. The architecture is highly scalable, which employs an access control Linear Secret Sharing Scheme (LSSS matrix to achieve a role-based access control. The security analysis demonstrated that the scheme ensures security and privacy. The performance analysis shows that the scheme is efficient in terms of computational cost.

NFC Secure Payment and Verification Scheme with CS E-Ticket

Directory of Open Access Journals (Sweden)

Kai Fan

2017-01-01

Full Text Available As one of the most important techniques in IoT, NFC (Near Field Communication is more interesting than ever. NFC is a short-range, high-frequency communication technology well suited for electronic tickets, micropayment, and access control function, which is widely used in the financial industry, traffic transport, road ban control, and other fields. However, NFC is becoming increasingly popular in the relevant field, but its secure problems, such as man-in-the-middle-attack and brute force attack, have hindered its further development. To address the security problems and specific application scenarios, we propose a NFC mobile electronic ticket secure payment and verification scheme in the paper. The proposed scheme uses a CS E-Ticket and offline session key generation and distribution technology to prevent major attacks and increase the security of NFC. As a result, the proposed scheme can not only be a good alternative to mobile e-ticket system but also be used in many NFC fields. Furthermore, compared with other existing schemes, the proposed scheme provides a higher security.

A provably-secure ECC-based authentication scheme for wireless sensor networks.

Science.gov (United States)

Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

2014-11-06

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.

A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

Science.gov (United States)

Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

2014-01-01

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes. PMID:25384009

A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Junghyun Nam

2014-11-01

Full Text Available A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000. Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC, and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure schemes.

Tightly Secure Signatures From Lossy Identification Schemes

OpenAIRE

Abdalla , Michel; Fouque , Pierre-Alain; Lyubashevsky , Vadim; Tibouchi , Mehdi

2015-01-01

International audience; In this paper, we present three digital signature schemes with tight security reductions in the random oracle model. Our first signature scheme is a particularly efficient version of the short exponent discrete log-based scheme of Girault et al. (J Cryptol 19(4):463–487, 2006). Our scheme has a tight reduction to the decisional short discrete logarithm problem, while still maintaining the non-tight reduction to the computational version of the problem upon which the or...

A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system.

Science.gov (United States)

Lee, Tian-Fu; Chang, I-Pin; Lin, Tsung-Hung; Wang, Ching-Cheng

2013-06-01

The integrated EPR information system supports convenient and rapid e-medicine services. A secure and efficient authentication scheme for the integrated EPR information system provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Wu et al. proposed an efficient password-based user authentication scheme using smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various malicious attacks. However, their scheme is still vulnerable to lost smart card and stolen verifier attacks. This investigation discusses these weaknesses and proposes a secure and efficient authentication scheme for the integrated EPR information system as alternative. Compared with related approaches, the proposed scheme not only retains a lower computational cost and does not require verifier tables for storing users' secrets, but also solves the security problems in previous schemes and withstands possible attacks.

Security enhanced multi-factor biometric authentication scheme using bio-hash function.

Directory of Open Access Journals (Sweden)

Younsung Choi

Full Text Available With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An's scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user's ID during login. Cao and Ge improved upon Younghwa An's scheme, but various security problems remained. This study demonstrates that Cao and Ge's scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge's scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost.

Security enhanced multi-factor biometric authentication scheme using bio-hash function.

Science.gov (United States)

Choi, Younsung; Lee, Youngsook; Moon, Jongho; Won, Dongho

2017-01-01

With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An's scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user's ID during login. Cao and Ge improved upon Younghwa An's scheme, but various security problems remained. This study demonstrates that Cao and Ge's scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge's scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost.

Security enhanced multi-factor biometric authentication scheme using bio-hash function

Science.gov (United States)

Lee, Youngsook; Moon, Jongho

2017-01-01

With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An’s scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user’s ID during login. Cao and Ge improved upon Younghwa An’s scheme, but various security problems remained. This study demonstrates that Cao and Ge’s scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge’s scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost. PMID:28459867

Secret-Key-Aided Scheme for Securing Untrusted DF Relaying Networks

KAUST Repository

Shafie, Ahmed El

2017-06-12

This paper proposes a new scheme to secure the transmissions in an untrusted decode-and-forward (DF) relaying network. A legitimate source node, Alice, sends her data to a legitimate destination node, Bob, with the aid of an untrusted DF relay node, Charlie. To secure the transmissions from Charlie during relaying time slots, each data codeword is secured using a secret-key codeword that has been previously shared between Alice and Bob during the perfectly secured time slots (i.e., when the channel secrecy rate is positive). The secret-key bits exchanged between Alice and Bob are stored in a finite-length buffer and are used to secure data transmission whenever needed. We model the secret-key buffer as a queueing system and analyze its Markov chain. Our numerical results show the gains of our proposed scheme relative to benchmarks. Moreover, the proposed scheme achieves an upper bound on the secure throughput.

Secret-Key-Aided Scheme for Securing Untrusted DF Relaying Networks

KAUST Repository

Shafie, Ahmed El; Salem, Ahmed Sultan; Mabrouk, Asma; Tourki, Kamel; Al-Dhahir, Naofal

2017-01-01

This paper proposes a new scheme to secure the transmissions in an untrusted decode-and-forward (DF) relaying network. A legitimate source node, Alice, sends her data to a legitimate destination node, Bob, with the aid of an untrusted DF relay node, Charlie. To secure the transmissions from Charlie during relaying time slots, each data codeword is secured using a secret-key codeword that has been previously shared between Alice and Bob during the perfectly secured time slots (i.e., when the channel secrecy rate is positive). The secret-key bits exchanged between Alice and Bob are stored in a finite-length buffer and are used to secure data transmission whenever needed. We model the secret-key buffer as a queueing system and analyze its Markov chain. Our numerical results show the gains of our proposed scheme relative to benchmarks. Moreover, the proposed scheme achieves an upper bound on the secure throughput.

Securing health sensing using integrated circuit metric.

Science.gov (United States)

Tahir, Ruhma; Tahir, Hasan; McDonald-Maier, Klaus

2015-10-20

Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric) that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware "fingerprints". The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner.

A new chaotic secure communication scheme

International Nuclear Information System (INIS)

Hua Changchun; Yang Bo; Ouyang Gaoxiang; Guan Xinping

2005-01-01

A new chaotic secure communication scheme is constructed. Unified chaotic system is used to encrypt the emitted signal. Different from the existing chaotic secure communication methods, the useful information is embodied in the parameter of chaotic systems in this Letter. The receiver is designed which can succeed in recovering the former signal. Finally computer simulations are done to verify the proposed methods, and the results show that the obtained theoretic results are feasible and efficient

Secure networking quantum key distribution schemes with Greenberger-Horne-Zeilinger states

Energy Technology Data Exchange (ETDEWEB)

Guo, Ying; Shi, Ronghua [School of Information Science and Engineering, Central South University, Changsha 410083 (China); Zeng, Guihua [Department of Electronic Engineering, Shanghai Jiaotong University, Shanghai 200030 (China)], E-mail: sdguoying@gmail.com, E-mail: rhshi@mail.edu.com, E-mail: ghzeng@sjtu.edu.cn

2010-04-15

A novel approach to quantum cryptography to be called NQKD, networking quantum key distribution, has been developed for secure quantum communication schemes on the basis of the complementary relations of entanglement Greenberger-Horne-Zeilinger (GHZ) triplet states. One scheme distributes the private key among legal participants in a probabilistic manner, while another transmits the deterministic message with some certainty. Some decoy photons are employed for preventing a potential eavesdropper from attacking quantum channels. The present schemes are efficient as there exists an elegant method for key distributions. The security of the proposed schemes is exactly guaranteed by the entanglement of the GHZ quantum system, which is illustrated in security analysis.

Secure networking quantum key distribution schemes with Greenberger-Horne-Zeilinger states

International Nuclear Information System (INIS)

Guo, Ying; Shi, Ronghua; Zeng, Guihua

2010-01-01

A novel approach to quantum cryptography to be called NQKD, networking quantum key distribution, has been developed for secure quantum communication schemes on the basis of the complementary relations of entanglement Greenberger-Horne-Zeilinger (GHZ) triplet states. One scheme distributes the private key among legal participants in a probabilistic manner, while another transmits the deterministic message with some certainty. Some decoy photons are employed for preventing a potential eavesdropper from attacking quantum channels. The present schemes are efficient as there exists an elegant method for key distributions. The security of the proposed schemes is exactly guaranteed by the entanglement of the GHZ quantum system, which is illustrated in security analysis.

Secure and Efficient Anonymous Authentication Scheme in Global Mobility Networks

Directory of Open Access Journals (Sweden)

Jun-Sub Kim

2013-01-01

Full Text Available In 2012, Mun et al. pointed out that Wu et al.’s scheme failed to achieve user anonymity and perfect forward secrecy and disclosed the passwords of legitimate users. And they proposed a new enhancement for anonymous authentication scheme. However, their proposed scheme has vulnerabilities that are susceptible to replay attack and man-in-the-middle attack. It also incurs a high overhead in the database. In this paper, we examine the vulnerabilities in the existing schemes and the computational overhead incurred in the database. We then propose a secure and efficient anonymous authentication scheme for roaming service in global mobility network. Our proposed scheme is secure against various attacks, provides mutual authentication and session key establishment, and incurs less computational overhead in the database than Mun et al.'s scheme.

Semi-quantum Secure Direct Communication Scheme Based on Bell States

Science.gov (United States)

Xie, Chen; Li, Lvzhou; Situ, Haozhen; He, Jianhao

2018-06-01

Recently, the idea of semi-quantumness has been often used in designing quantum cryptographic schemes, which allows some of the participants of a quantum cryptographic scheme to remain classical. One of the reasons why this idea is popular is that it allows a quantum information processing task to be accomplished by using quantum resources as few as possible. In this paper, we extend the idea to quantum secure direct communication(QSDC) by proposing a semi-quantum secure direct communication scheme. In the scheme, the message sender, Alice, encodes each bit into a Bell state |φ+> = 1/{√2}(|00> +|11> ) or |{Ψ }+> = 1/{√ 2}(|01> +|10> ), and the message receiver, Bob, who is classical in the sense that he can either let the qubit he received reflect undisturbed, or measure the qubit in the computational basis |0>, |1> and then resend it in the state he found. Moreover, the security analysis of our scheme is also given.

On the security of pairing-free certificateless digital signature schemes using ECC

Directory of Open Access Journals (Sweden)

Namita Tiwari

2015-09-01

Full Text Available I cryptanalyze the pairing-free digital signature scheme of Islam et al. which is proven secure against “adaptive chosen message attacks”. I introduce this type of forgery to analyze their scheme. Furthermore, I comment on general security issues that should be considered when making improvements on their scheme. My security analysis is also applicable to other digital signatures designed in a similar manner.

The social security scheme in Thailand: what lessons can be drawn?

Science.gov (United States)

Tangcharoensathien, V; Supachutikul, A; Lertiendumrong, J

1999-04-01

The Social Security Scheme was launched in 1990, covering formal sector private employees for non-work related sickness, maternity and invalidity including cash benefits and funeral grants. The scheme is financed by tripartite contributions from government, employers and employees, each of 1.5% of payroll (total of 4.5%). The scheme decided to pay health care providers, whether public or private, on a flat rate capitation basis to cover both ambulatory and inpatient care. Registration of the insured with a contractor hospital was a necessary consequence of the chosen capitation payment system. The aim of this paper is to review the operation of the scheme, and to explore the implications of capitation payment and registration for utilisation levels and provider behaviour. A key weakness of the scheme's design is suggested to be the initial decision to give employers not employees the responsibility for choosing the registered hospitals. This was done for administrative reasons, but it contributed to low levels of use of the contractor hospitals. In addition, low levels of use were also probably the result of the potential for cream skimming, cost shifting from inpatient to ambulatory care and under-provision of patient care, though since monitoring mechanisms by the Social Security Office were weak, these effects are difficult to detect conclusively. Mechanisms to improve utilisation levels were gradually introduced, such as employee choice of registered hospitals and the formation of sub-contractor networks to improve access to care. A beneficial effect of the capitation payment system was that the Social Security Fund generated substantial reserves and expenditures on sickness benefits were well stabilised. The paper ends by recommending that future policy amendments should be guided by research and empirical findings and that tougher monitoring and enforcement of quality of care standards are required.

Improvement of a uniqueness-and-anonymity-preserving user authentication scheme for connected health care.

Science.gov (United States)

Xie, Qi; Liu, Wenhao; Wang, Shengbao; Han, Lidong; Hu, Bin; Wu, Ting

2014-09-01

Patient's privacy-preserving, security and mutual authentication between patient and the medical server are the important mechanism in connected health care applications, such as telecare medical information systems and personally controlled health records systems. In 2013, Wen showed that Das et al.'s scheme is vulnerable to the replay attack, user impersonation attacks and off-line guessing attacks, and then proposed an improved scheme using biometrics, password and smart card to overcome these weaknesses. However, we show that Wen's scheme is still vulnerable to off-line password guessing attacks, does not provide user's anonymity and perfect forward secrecy. Further, we propose an improved scheme to fix these weaknesses, and use the applied pi calculus based formal verification tool ProVerif to prove the security and authentication.

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

Science.gov (United States)

Jung, Jaewook; Kang, Dongwoo; Lee, Donghoon; Won, Dongho

2017-01-01

Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

Directory of Open Access Journals (Sweden)

Jaewook Jung

Full Text Available Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

Science.gov (United States)

Kang, Dongwoo; Lee, Donghoon; Won, Dongho

2017-01-01

Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency. PMID:28046075

Securing Health Sensing Using Integrated Circuit Metric

Science.gov (United States)

Tahir, Ruhma; Tahir, Hasan; McDonald-Maier, Klaus

2015-01-01

Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric) that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware “fingerprints”. The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner. PMID:26492250

Securing Health Sensing Using Integrated Circuit Metric

Directory of Open Access Journals (Sweden)

Ruhma Tahir

2015-10-01

Full Text Available Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware “fingerprints”. The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner.

Identity based Encryption and Biometric Authentication Scheme for Secure Data Access in Cloud Computing

DEFF Research Database (Denmark)

Cheng, Hongbing; Rong, Chunming; Tan, Zheng-Hua

2012-01-01

Cloud computing will be a main information infrastructure in the future; it consists of many large datacenters which are usually geographically distributed and heterogeneous. How to design a secure data access for cloud computing platform is a big challenge. In this paper, we propose a secure data...... access scheme based on identity-based encryption and biometric authentication for cloud computing. Firstly, we describe the security concern of cloud computing and then propose an integrated data access scheme for cloud computing, the procedure of the proposed scheme include parameter setup, key...... distribution, feature template creation, cloud data processing and secure data access control. Finally, we compare the proposed scheme with other schemes through comprehensive analysis and simulation. The results show that the proposed data access scheme is feasible and secure for cloud computing....

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

Science.gov (United States)

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-11

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

Science.gov (United States)

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-01

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

An Unequal Secure Encryption Scheme for H.264/AVC Video Compression Standard

Science.gov (United States)

Fan, Yibo; Wang, Jidong; Ikenaga, Takeshi; Tsunoo, Yukiyasu; Goto, Satoshi

H.264/AVC is the newest video coding standard. There are many new features in it which can be easily used for video encryption. In this paper, we propose a new scheme to do video encryption for H.264/AVC video compression standard. We define Unequal Secure Encryption (USE) as an approach that applies different encryption schemes (with different security strength) to different parts of compressed video data. This USE scheme includes two parts: video data classification and unequal secure video data encryption. Firstly, we classify the video data into two partitions: Important data partition and unimportant data partition. Important data partition has small size with high secure protection, while unimportant data partition has large size with low secure protection. Secondly, we use AES as a block cipher to encrypt the important data partition and use LEX as a stream cipher to encrypt the unimportant data partition. AES is the most widely used symmetric cryptography which can ensure high security. LEX is a new stream cipher which is based on AES and its computational cost is much lower than AES. In this way, our scheme can achieve both high security and low computational cost. Besides the USE scheme, we propose a low cost design of hybrid AES/LEX encryption module. Our experimental results show that the computational cost of the USE scheme is low (about 25% of naive encryption at Level 0 with VEA used). The hardware cost for hybrid AES/LEX module is 4678 Gates and the AES encryption throughput is about 50Mbps.

Physical Layer Secret-Key Generation Scheme for Transportation Security Sensor Network.

Science.gov (United States)

Yang, Bin; Zhang, Jianfeng

2017-06-28

Wireless Sensor Networks (WSNs) are widely used in different disciplines, including transportation systems, agriculture field environment monitoring, healthcare systems, and industrial monitoring. The security challenge of the wireless communication link between sensor nodes is critical in WSNs. In this paper, we propose a new physical layer secret-key generation scheme for transportation security sensor network. The scheme is based on the cooperation of all the sensor nodes, thus avoiding the key distribution process, which increases the security of the system. Different passive and active attack models are analyzed in this paper. We also prove that when the cooperative node number is large enough, even when the eavesdropper is equipped with multiple antennas, the secret-key is still secure. Numerical results are performed to show the efficiency of the proposed scheme.

On securing wireless sensor network--novel authentication scheme against DOS attacks.

Science.gov (United States)

Raja, K Nirmal; Beno, M Marsaline

2014-10-01

Wireless sensor networks are generally deployed for collecting data from various environments. Several applications specific sensor network cryptography algorithms have been proposed in research. However WSN's has many constrictions, including low computation capability, less memory, limited energy resources, vulnerability to physical capture, which enforce unique security challenges needs to make a lot of improvements. This paper presents a novel security mechanism and algorithm for wireless sensor network security and also an application of this algorithm. The proposed scheme is given to strong authentication against Denial of Service Attacks (DOS). The scheme is simulated using network simulator2 (NS2). Then this scheme is analyzed based on the network packet delivery ratio and found that throughput has improved.

BVS: A Lightweight Forward and Backward Secure Scheme for PMU Communications in Smart Grid

Directory of Open Access Journals (Sweden)

Wei Ren

2011-01-01

Full Text Available In smart grid, phaser measurement units (PMUs can upload readings to utility centers via supervisory control and data acquisition (SCADA or energy management system (EMS to enable intelligent controlling and scheduling. It is critical to maintain the secrecy of readings so as to protect customers' privacy, together with integrity and source authentication for the reliability and stability of power scheduling. In particular, appealing security scheme needs to perform well in PMUs that usually have computational resource constraints, thus designed security protocols have to remain lightweight in terms of computation and storage. In this paper, we propose a family of schemes to solve this problem. They are public key based scheme (PKS, password based scheme (PWS and billed value-based scheme (BVS. BVS can achieve forward and backward security and only relies on hash functions. Security analysis justifies that the proposed schemes, especially BVS, can attain the security goals with low computation and storage cost.

A light weight secure image encryption scheme based on chaos & DNA computing

Directory of Open Access Journals (Sweden)

Bhaskar Mondal

2017-10-01

Full Text Available This paper proposed a new light weight secure cryptographic scheme for secure image communication. In this scheme the plain image is permuted first using a sequence of pseudo random number (PRN and encrypted by DeoxyriboNucleic Acid (DNA computation. Two PRN sequences are generated by a Pseudo Random Number Generator (PRNG based on cross coupled chaotic logistic map using two sets of keys. The first PRN sequence is used for permuting the plain image whereas the second PRN sequence is used for generating random DNA sequence. The number of rounds of permutation and encryption may be variable to increase security. The scheme is proposed for gray label images but the scheme may be extended for color images and text data. Simulation results exhibit that the proposed scheme can defy any kind of attack.

Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

Directory of Open Access Journals (Sweden)

Youngsook Lee

2014-01-01

Full Text Available An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1 it fails to provide user anonymity against any third party as well as the foreign agent, (2 it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3 it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme.

Asynchronous error-correcting secure communication scheme based on fractional-order shifting chaotic system

Science.gov (United States)

Chao, Luo

2015-11-01

In this paper, a novel digital secure communication scheme is firstly proposed. Different from the usual secure communication schemes based on chaotic synchronization, the proposed scheme employs asynchronous communication which avoids the weakness of synchronous systems and is susceptible to environmental interference. Moreover, as to the transmission errors and data loss in the process of communication, the proposed scheme has the ability to be error-checking and error-correcting in real time. In order to guarantee security, the fractional-order complex chaotic system with the shifting of order is utilized to modulate the transmitted signal, which has high nonlinearity and complexity in both frequency and time domains. The corresponding numerical simulations demonstrate the effectiveness and feasibility of the scheme.

Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment

Directory of Open Access Journals (Sweden)

Yan Zhao

2018-01-01

Full Text Available The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, cloud computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can only be accessed conveniently by authorized users, many password and smart card based authentication schemes for multiserver architecture have been proposed. Recently, Truong et al. introduced an identity based user authentication scheme on elliptic curve cryptography in multiserver environment and claimed that their scheme is secure against popular attacks. However, in this paper, we point out that their scheme suffers from offline password guessing and impersonation attack and fails to achieve security requirements of this kind of authentication scheme. Moreover, we put forward a new scheme to conquer security pitfalls in the above scheme. Security analysis indicates that the proposed scheme can be free from well-known attacks. Performance discussion demonstrates that our scheme has advantages in terms of both security property and computation efficiency and thus is more desirable for practical applications in multiserver environment.

Chaos-based CAZAC scheme for secure transmission in OFDM-PON

Science.gov (United States)

Fu, Xiaosong; Bi, Meihua; Zhou, Xuefang; Yang, Guowei; Lu, Yang; Hu, Miao

2018-01-01

To effectively resist malicious eavesdropping and performance deterioration, a novel chaos-based secure transmission scheme is proposed to enhance the physical layer security and reduce peak-to-average power ratio (PAPR) in orthogonal frequency division multiplexing passive optical network (OFDM-PON). By the randomly extracting operation of common CAZAC values, the specially-designed constant amplitude zero autocorrelation (CAZAC) is created for system encryption and PAPR reduction enhancing the transmission security. This method is verified in {10-Gb/s encrypted OFDM-PON with 20-km fiber transmission. Results show that, compared to common OFDM-PON, our scheme achieves {3-dB PAPR reduction and {1-dB receiver sensitivity improvement.

A secure quantum group signature scheme based on Bell states

International Nuclear Information System (INIS)

Zhang Kejia; Song Tingting; Zuo Huijuan; Zhang Weiwei

2013-01-01

In this paper, we propose a new secure quantum group signature with Bell states, which may have applications in e-payment system, e-government, e-business, etc. Compared with the recent quantum group signature protocols, our scheme is focused on the most general situation in practice, i.e. only the arbitrator is trusted and no intermediate information needs to be stored in the signing phase to ensure the security. Furthermore, our scheme has achieved all the characteristics of group signature—anonymity, verifiability, traceability, unforgetability and undeniability, by using some current developed quantum and classical technologies. Finally, a feasible security analysis model for quantum group signature is presented. (paper)

Enhanced Security and Pairing-free Handover Authentication Scheme for Mobile Wireless Networks

Science.gov (United States)

Chen, Rui; Shu, Guangqiang; Chen, Peng; Zhang, Lijun

2017-10-01

With the widely deployment of mobile wireless networks, we aim to propose a secure and seamless handover authentication scheme that allows users to roam freely in wireless networks without worrying about security and privacy issues. Given the open characteristic of wireless networks, safety and efficiency should be considered seriously. Several previous protocols are designed based on a bilinear pairing mapping, which is time-consuming and inefficient work, as well as unsuitable for practical situations. To address these issues, we designed a new pairing-free handover authentication scheme for mobile wireless networks. This scheme is an effective improvement of the protocol by Xu et al., which is suffer from the mobile node impersonation attack. Security analysis and simulation experiment indicate that the proposed protocol has many excellent security properties when compared with other recent similar handover schemes, such as mutual authentication and resistance to known network threats, as well as requiring lower computation and communication cost.

ESS-FH: Enhanced Security Scheme for Fast Handover in Hierarchical Mobile IPv6

Science.gov (United States)

You, Ilsun; Lee, Jong-Hyouk; Sakurai, Kouichi; Hori, Yoshiaki

Fast Handover for Hierarchical Mobile IPv6 (F-HMIPv6) that combines advantages of Fast Handover for Mobile IPv6 (FMIPv6) and Hierarchical Mobile IPv6 (HMIPv6) achieves the superior performance in terms of handover latency and signaling overhead compared with previously developed mobility protocols. However, without being secured, F-HMIPv6 is vulnerable to various security threats. In 2007, Kang and Park proposed a security scheme, which is seamlessly integrated into F-HMIPv6. In this paper, we reveal that Kang-Park's scheme cannot defend against the Denial of Service (DoS) and redirect attacks while largely relying on the group key. Then, we propose an Enhanced Security Scheme for F-HMIPv6 (ESS-FH) that achieves the strong key exchange and the key independence as well as addresses the weaknesses of Kang-Park's scheme. More importantly, it enables fast handover between different MAP domains. The proposed scheme is formally verified based on BAN-logic, and its handover latency is analyzed and compared with that of Kang-Park's scheme.

Review analysis of properties for an ideal secure biometric template scheme

CSIR Research Space (South Africa)

Mzila, Phiwa

2016-02-01

Full Text Available privacy and system security. To mitigate this problem, various biometric protection techniques have been proposed. Most of these schemes aim to satisfy diversity, revocability, security and performance properties, as requirements for ideal secured...

Security enhanced anonymous multiserver authenticated key agreement scheme using smart cards and biometrics.

Science.gov (United States)

Choi, Younsung; Nam, Junghyun; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Won, Dongho

2014-01-01

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen's scheme.

Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

Directory of Open Access Journals (Sweden)

Younsung Choi

2014-01-01

Full Text Available An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

A Novel Secure Transmission Scheme in MIMO Two-Way Relay Channels with Physical Layer Approach

Directory of Open Access Journals (Sweden)

Qiao Liu

2017-01-01

Full Text Available Security issue has been considered as one of the most pivotal aspects for the fifth-generation mobile network (5G due to the increasing demands of security service as well as the growing occurrence of security threat. In this paper, instead of focusing on the security architecture in the upper layer, we investigate the secure transmission for a basic channel model in a heterogeneous network, that is, two-way relay channels. By exploiting the properties of the transmission medium in the physical layer, we propose a novel secure scheme for the aforementioned channel mode. With precoding design, the proposed scheme is able to achieve a high transmission efficiency as well as security. Two different approaches have been introduced: information theoretical approach and physical layer encryption approach. We show that our scheme is secure under three different adversarial models: (1 untrusted relay attack model, (2 trusted relay with eavesdropper attack model, and (3 untrusted relay with eavesdroppers attack model. We also derive the secrecy capacity of the two different approaches under the three attacks. Finally, we conduct three simulations of our proposed scheme. The simulation results agree with the theoretical analysis illustrating that our proposed scheme could achieve a better performance than the existing schemes.

Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards.

Science.gov (United States)

An, Younghwa

2012-01-01

Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das's authentication scheme, and we have shown that Das's authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das's authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

A Secure Trust Establishment Scheme for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Farruh Ishmanov

2014-01-01

Full Text Available Trust establishment is an important tool to improve cooperation and enhance security in wireless sensor networks. The core of trust establishment is trust estimation. If a trust estimation method is not robust against attack and misbehavior, the trust values produced will be meaningless, and system performance will be degraded. We present a novel trust estimation method that is robust against on-off attacks and persistent malicious behavior. Moreover, in order to aggregate recommendations securely, we propose using a modified one-step M-estimator scheme. The novelty of the proposed scheme arises from combining past misbehavior with current status in a comprehensive way. Specifically, we introduce an aggregated misbehavior component in trust estimation, which assists in detecting an on-off attack and persistent malicious behavior. In order to determine the current status of the node, we employ previous trust values and current measured misbehavior components. These components are combined to obtain a robust trust value. Theoretical analyses and evaluation results show that our scheme performs better than other trust schemes in terms of detecting an on-off attack and persistent misbehavior.

A Study on the Security Levels of Spread-Spectrum Embedding Schemes in the WOA Framework.

Science.gov (United States)

Wang, Yuan-Gen; Zhu, Guopu; Kwong, Sam; Shi, Yun-Qing

2017-08-23

Security analysis is a very important issue for digital watermarking. Several years ago, according to Kerckhoffs' principle, the famous four security levels, namely insecurity, key security, subspace security, and stego-security, were defined for spread-spectrum (SS) embedding schemes in the framework of watermarked-only attack. However, up to now there has been little application of the definition of these security levels to the theoretical analysis of the security of SS embedding schemes, due to the difficulty of the theoretical analysis. In this paper, based on the security definition, we present a theoretical analysis to evaluate the security levels of five typical SS embedding schemes, which are the classical SS, the improved SS (ISS), the circular extension of ISS, the nonrobust and robust natural watermarking, respectively. The theoretical analysis of these typical SS schemes are successfully performed by taking advantage of the convolution of probability distributions to derive the probabilistic models of watermarked signals. Moreover, simulations are conducted to illustrate and validate our theoretical analysis. We believe that the theoretical and practical analysis presented in this paper can bridge the gap between the definition of the four security levels and its application to the theoretical analysis of SS embedding schemes.

Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards

Directory of Open Access Journals (Sweden)

Younghwa An

2012-01-01

Full Text Available Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems.

Science.gov (United States)

Arshad, Hamed; Teymoori, Vahid; Nikooghadam, Morteza; Abbassi, Hassan

2015-08-01

Telecare medicine information systems (TMISs) aim to deliver appropriate healthcare services in an efficient and secure manner to patients. A secure mechanism for authentication and key agreement is required to provide proper security in these systems. Recently, Bin Muhaya demonstrated some security weaknesses of Zhu's authentication and key agreement scheme and proposed a security enhanced authentication and key agreement scheme for TMISs. However, we show that Bin Muhaya's scheme is vulnerable to off-line password guessing attacks and does not provide perfect forward secrecy. Furthermore, in order to overcome the mentioned weaknesses, we propose a new two-factor anonymous authentication and key agreement scheme using the elliptic curve cryptosystem. Security and performance analyses demonstrate that the proposed scheme not only overcomes the weaknesses of Bin Muhaya's scheme, but also is about 2.73 times faster than Bin Muhaya's scheme.

Security Analysis and Improvement of 'a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System'.

Directory of Open Access Journals (Sweden)

S K Hafizul Islam

Full Text Available Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.'s scheme for integrated electronic patient record (EPR information system, which has been analyzed in this study. We have found that Wen's scheme still has the following inefficiencies: (1 the correctness of identity and password are not verified during the login and password change phases; (2 it is vulnerable to impersonation attack and privileged-insider attack; (3 it is designed without the revocation of lost/stolen smart card; (4 the explicit key confirmation and the no key control properties are absent, and (5 user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature.

A privacy preserving secure and efficient authentication scheme for telecare medical information systems.

Science.gov (United States)

Mishra, Raghavendra; Barnwal, Amit Kumar

2015-05-01

The Telecare medical information system (TMIS) presents effective healthcare delivery services by employing information and communication technologies. The emerging privacy and security are always a matter of great concern in TMIS. Recently, Chen at al. presented a password based authentication schemes to address the privacy and security. Later on, it is proved insecure against various active and passive attacks. To erase the drawbacks of Chen et al.'s anonymous authentication scheme, several password based authentication schemes have been proposed using public key cryptosystem. However, most of them do not present pre-smart card authentication which leads to inefficient login and password change phases. To present an authentication scheme with pre-smart card authentication, we present an improved anonymous smart card based authentication scheme for TMIS. The proposed scheme protects user anonymity and satisfies all the desirable security attributes. Moreover, the proposed scheme presents efficient login and password change phases where incorrect input can be quickly detected and a user can freely change his password without server assistance. Moreover, we demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham) logic. The proposed scheme is also comparable in terms of computational overheads with relevant schemes.

Security analysis and improvements of arbitrated quantum signature schemes

International Nuclear Information System (INIS)

Zou Xiangfu; Qiu Daowen

2010-01-01

A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. For signing quantum messages, some arbitrated quantum signature (AQS) schemes have been proposed. It was claimed that these AQS schemes could guarantee unconditional security. However, we show that they can be repudiated by the receiver Bob. To conquer this shortcoming, we construct an AQS scheme using a public board. The AQS scheme not only avoids being disavowed by the receiver but also preserves all merits in the existing schemes. Furthermore, we discover that entanglement is not necessary while all these existing AQS schemes depend on entanglement. Therefore, we present another AQS scheme without utilizing entangled states in the signing phase and the verifying phase. This scheme has three advantages: it does not utilize entangled states and it preserves all merits in the existing schemes; the signature can avoid being disavowed by the receiver; and it provides a higher efficiency in transmission and reduces the complexity of implementation.

Secure privacy-preserving biometric authentication scheme for telecare medicine information systems.

Science.gov (United States)

Li, Xuelei; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

2014-11-01

Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges in healthcare information systems, where only authorized patients and doctors can employ telecare medicine facilities and access electronic medical records. Therefore, a secure authentication scheme is urgently required to achieve the goals of entity authentication, data confidentiality and privacy protection. This paper investigates a new biometric authentication with key agreement scheme, which focuses on patient privacy and medical data confidentiality in TMIS. The new scheme employs hash function, fuzzy extractor, nonce and authenticated Diffie-Hellman key agreement as primitives. It provides patient privacy protection, e.g., hiding identity from being theft and tracked by unauthorized participant, and preserving password and biometric template from being compromised by trustless servers. Moreover, key agreement supports secure transmission by symmetric encryption to protect patient's medical data from being leaked. Finally, the analysis shows that our proposal provides more security and privacy protection for TMIS.

On the security flaws in ID-based password authentication schemes for telecare medical information systems.

Science.gov (United States)

Mishra, Dheerendra

2015-01-01

Telecare medical information systems (TMIS) enable healthcare delivery services. However, access of these services via public channel raises security and privacy issues. In recent years, several smart card based authentication schemes have been introduced to ensure secure and authorized communication between remote entities over the public channel for the (TMIS). We analyze the security of some of the recently proposed authentication schemes of Lin, Xie et al., Cao and Zhai, and Wu and Xu's for TMIS. Unfortunately, we identify that these schemes failed to satisfy desirable security attributes. In this article we briefly discuss four dynamic ID-based authentication schemes and demonstrate their failure to satisfy desirable security attributes. The study is aimed to demonstrate how inefficient password change phase can lead to denial of server scenario for an authorized user, and how an inefficient login phase causes the communication and computational overhead and decrease the performance of the system. Moreover, we show the vulnerability of Cao and Zhai's scheme to known session specific temporary information attack, vulnerability of Wu and Xu's scheme to off-line password guessing attack, and vulnerability of Xie et al.'s scheme to untraceable on-line password guessing attack.

Security Analysis of a Remote User Authentication Scheme with Smart Cards

OpenAIRE

Kumar, Manoj

2007-01-01

Yoon et al. proposed a new efficient remote user authentication scheme using smart cards to solve the security problems of W. C. Ku and S. M. Chen scheme. This paper reviews Yoon et al. scheme and then proves that the password change phase of Yoon et al. scheme is still insecure. This paper also proves that the Yoon et al. is still vulnerable to parallel session attack.

Efficient Security Mechanisms for mHealth Applications Using Wireless Body Sensor Networks

Directory of Open Access Journals (Sweden)

Prasan Kumar Sahoo

2012-09-01

Full Text Available Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme.

Efficient Security Mechanisms for mHealth Applications Using Wireless Body Sensor Networks

Science.gov (United States)

Sahoo, Prasan Kumar

2012-01-01

Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN) for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth) applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme. PMID:23112734

Efficient security mechanisms for mHealth applications using wireless body sensor networks.

Science.gov (United States)

Sahoo, Prasan Kumar

2012-01-01

Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN) for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth) applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme.

An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems.

Science.gov (United States)

Chen, Hung-Ming; Lo, Jung-Wen; Yeh, Chang-Kuo

2012-12-01

The rapidly increased availability of always-on broadband telecommunication environments and lower-cost vital signs monitoring devices bring the advantages of telemedicine directly into the patient's home. Hence, the control of access to remote medical servers' resources has become a crucial challenge. A secure authentication scheme between the medical server and remote users is therefore needed to safeguard data integrity, confidentiality and to ensure availability. Recently, many authentication schemes that use low-cost mobile devices have been proposed to meet these requirements. In contrast to previous schemes, Khan et al. proposed a dynamic ID-based remote user authentication scheme that reduces computational complexity and includes features such as a provision for the revocation of lost or stolen smart cards and a time expiry check for the authentication process. However, Khan et al.'s scheme has some security drawbacks. To remedy theses, this study proposes an enhanced authentication scheme that overcomes the weaknesses inherent in Khan et al.'s scheme and demonstrated this scheme is more secure and robust for use in a telecare medical information system.

Exploring patient satisfaction levels, self-rated oral health status and associated variables among citizens covered for dental insurance through a National Social Security Scheme in India.

Science.gov (United States)

Singh, Abhinav; Purohit, Bharathi M

2017-06-01

To assess patient satisfaction, self-rated oral health and associated factors, including periodontal status and dental caries, among patients covered for dental insurance through a National Social Security Scheme in New Delhi, India. A total of 1,498 patients participated in the study. Satisfaction levels and self-rated oral-health scores were measured using a questionnaire comprising 12 closed-ended questions. Clinical data were collected using the Community Periodontal Index (CPI) and the decayed, missing and filled teeth (DMFT) index. Regression analysis was conducted to evaluate factors associated with dental caries, periodontal status and self-rated oral health. Areas of concern included poor cleanliness within the hospital, extensive delays for appointments, waiting time in hospital and inadequate interpersonal and communication skills among health-care professionals. Approximately 51% of the respondents rated their oral health as fair to poor. Younger age, no tobacco usage, good periodontal status and absence of dental caries were significantly associated with higher oral health satisfaction, with odds ratios of 3.94, 2.38, 2.58 and 2.09, respectively (P ≤ 0.001). The study indicates poor satisfaction levels with the current dental care system and a poor self-rated oral health status among the study population. Some specific areas of concern have been identified. These findings may facilitate restructuring of the existing dental services under the National Social Security Scheme towards creating a better patient care system. © 2017 FDI World Dental Federation.

Security Analysis and Improvement of ‘a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System’

Science.gov (United States)

Islam, SK Hafizul; Khan, Muhammad Khurram; Li, Xiong

2015-01-01

Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.’s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this study. We have found that Wen’s scheme still has the following inefficiencies: (1) the correctness of identity and password are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (3) it is designed without the revocation of lost/stolen smart card; (4) the explicit key confirmation and the no key control properties are absent, and (5) user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature. PMID:26263401

Efficient Secure and Privacy-Preserving Route Reporting Scheme for VANETs

Science.gov (United States)

Zhang, Yuanfei; Pei, Qianwen; Dai, Feifei; Zhang, Lei

2017-10-01

Vehicular ad-hoc network (VANET) is a core component of intelligent traffic management system which could provide various of applications such as accident prediction, route reporting, etc. Due to the problems caused by traffic congestion, route reporting becomes a prospective application which can help a driver to get optimal route to save her travel time. Before enjoying the convenience of route reporting, security and privacy-preserving issues need to be concerned. In this paper, we propose a new secure and privacy-preserving route reporting scheme for VANETs. In our scheme, only an authenticated vehicle can use the route reporting service provided by the traffic management center. Further, a vehicle may receive the response from the traffic management center with low latency and without violating the privacy of the vehicle. Experiment results show that our scheme is much more efficiency than the existing one.

Towards a security model for computational puzzle schemes

NARCIS (Netherlands)

Tang, Qiang; Jeckmans, Arjan

2011-01-01

In the literature, computational puzzle schemes have been considered as a useful tool for a number of applications, such as constructing timed cryptography, fighting junk emails, and protecting critical infrastructure from denial-of-service attacks. However, there is a lack of a general security

A Novel Deterministic Secure Quantum Communication Scheme with Einstein—Podolsky—Rosen Pairs and Single Photons

International Nuclear Information System (INIS)

Wang Chao; Liu Jian-Wei; Liu Xiao; Shang Tao

2013-01-01

A novel deterministic secure quantum communication (DSQC) scheme is presented based on Einstein-Podolsky-Rosen (EPR) pairs and single photons in this study. In this scheme, the secret message can be encoded directly on the first particles of the prepared Bell states by simple unitary operations and decoded by performing the Bell-basis measurement after the additional classic information is exchanged. In addition, the strategy with two-step transmission of quantum data blocks and the technique of decoy-particle checking both are exploited to guarantee the security of the communication. Compared with some previous DSQC schemes, this scheme not only has a higher resource capacity, intrinsic efficiency and total efficiency, but also is more realizable in practical applications. Security analysis shows that the proposed scheme is unconditionally secure against various attacks over an ideal quantum channel and still conditionally robust over a noisy and lossy quantum channel. (general)

A Secure Watermarking Scheme for Buyer-Seller Identification and Copyright Protection

Science.gov (United States)

Ahmed, Fawad; Sattar, Farook; Siyal, Mohammed Yakoob; Yu, Dan

2006-12-01

We propose a secure watermarking scheme that integrates watermarking with cryptography for addressing some important issues in copyright protection. We address three copyright protection issues—buyer-seller identification, copyright infringement, and ownership verification. By buyer-seller identification, we mean that a successful watermark extraction at the buyer's end will reveal the identities of the buyer and seller of the watermarked image. For copyright infringement, our proposed scheme enables the seller to identify the specific buyer from whom an illegal copy of the watermarked image has originated, and further prove this fact to a third party. For multiple ownership claims, our scheme enables a legal seller to claim his/her ownership in the court of law. We will show that the combination of cryptography with watermarking not only increases the security of the overall scheme, but it also enables to associate identities of buyer/seller with their respective watermarked images.

A New Quantum Secure Direct Communication Scheme with Authentication

International Nuclear Information System (INIS)

Dan, Liu; Chang-Xing, Pei; Dong-Xiao, Quan; Nan, Zhao

2010-01-01

A new quantum secure direct communication (QSDC) scheme with authentication is proposed based on polarized photons and EPR pairs. EPR pairs are used to transmit information, while polarized photons are used to detect Eve and their encoding bases are used to transmit authentication information. Alice and Bob have their own identity number which is shared by legal users only. The identity number is encoded on the bases of polarized photons and distilled if there is no Eve. Compared with other QSDC schemes with authentication, this new scheme is considerably easier and less expensive to implement in a practical setting

A Security Scheme of 5G Ultradense Network Based on the Implicit Certificate

Directory of Open Access Journals (Sweden)

Zhonglin Chen

2018-01-01

Full Text Available The ultradense network (UDN is one of the most promising technologies in the fifth generation (5G to address the network system capacity issue. It can enhance spatial reuse through the flexible, intensive deployment of small base stations. A universal 5G UDN architecture is necessary to realize the autonomous and dynamic deployment of small base stations. However, the security of the 5G UDN is still in its infancy, and the data communication security among the network entities is facing new challenges. In this paper, we proposed a new security based on implicit certificate (IC scheme; the scheme solves the security problem among the access points (APs in a dynamic APs group (APG and between the AP and user equipment (UE. We present each phase regarding how two network entities obtain the Elliptic Curve Qu-Vanstone (ECQV implicit certificate scheme, verify each other’s identity, and share keys in an UDN. Finally, we extensively analyze our lightweight security communication model in terms of security and performance. The simulation on network bandwidth evaluation is also conducted to prove the efficiency of the solution.

Stochastic Actuarial Modelling of a Defined-Benefit Social Security Pension Scheme: An Analytical Approach

OpenAIRE

Iyer, Subramaniam

2017-01-01

Among the systems in place in different countries for the protection of the population against the long-term contingencies of old-age (or retirement), disability and death (or survivorship), defined-benefit social security pension schemes, i.e. social insurance pension schemes, by far predominate, despite the recent trend towards defined-contribution arrangements in social security reforms. Actuarial valuations of these schemes, unlike other branches of insurance, continue to be carried out a...

Provably Secure Heterogeneous Access Control Scheme for Wireless Body Area Network.

Science.gov (United States)

Omala, Anyembe Andrew; Mbandu, Angolo Shem; Mutiria, Kamenyi Domenic; Jin, Chunhua; Li, Fagen

2018-04-28

Wireless body area network (WBAN) provides a medium through which physiological information could be harvested and transmitted to application provider (AP) in real time. Integrating WBAN in a heterogeneous Internet of Things (IoT) ecosystem would enable an AP to monitor patients from anywhere and at anytime. However, the IoT roadmap of interconnected 'Things' is still faced with many challenges. One of the challenges in healthcare is security and privacy of streamed medical data from heterogeneously networked devices. In this paper, we first propose a heterogeneous signcryption scheme where a sender is in a certificateless cryptographic (CLC) environment while a receiver is in identity-based cryptographic (IBC) environment. We then use this scheme to design a heterogeneous access control protocol. Formal security proof for indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model is presented. In comparison with some of the existing access control schemes, our scheme has lower computation and communication cost.

A secure effective dynamic group password-based authenticated key agreement scheme for the integrated EPR information system

Directory of Open Access Journals (Sweden)

Vanga Odelu

2016-01-01

Full Text Available With the rapid growth of the Internet, a lot of electronic patient records (EPRs have been developed for e-medicine systems. The security and privacy issues of EPRs are important for the patients in order to understand how the hospitals control the use of their personal information, such as name, address, e-mail, medical records, etc. of a particular patient. Recently, Lee et al. proposed a simple group password-based authenticated key agreement protocol for the integrated EPR information system (SGPAKE. However, in this paper, we show that Lee et al.’s protocol is vulnerable to the off-line weak password guessing attack and as a result, their scheme does not provide users’ privacy. To withstand this security weakness found in Lee et al.’s scheme, we aim to propose an effective dynamic group password-based authenticated key exchange scheme for the integrated EPR information system, which retains the original merits of Lee et al.’s scheme. Through the informal and formal security analysis, we show that our scheme provides users’ privacy, perfect forward security and known-key security, and also protects online and offline password guessing attacks. Furthermore, our scheme efficiently supports the dynamic group password-based authenticated key agreement for the integrated EPR information system. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications tool and show that our scheme is secure against passive and active attacks.

Simulation analysis of security performance of DPSKOCDMA network via virtual user scheme

Directory of Open Access Journals (Sweden)

Vishav Jyoti

2012-07-01

Full Text Available A novel technique to enhance the security of an optical code division multipleaccess (OCDMA system against eavesdropping is proposed. It has been observed that whena single user is active in the network, an eavesdropper can easily sift the data beingtransmitted without decoding. To increase the security, a virtual user scheme is proposed andsimulated on a differential phase shift keying (DPSK OCDMA system. By using the virtualuser scheme, the security of the DPSK-OCDMA system can be effectively improved and themultiple access interference, which is generally considered to be a limitation of the OCDMAsystem, is used to increase the confidentiality of the system.

An efficient deterministic secure quantum communication scheme based on cluster states and identity authentication

International Nuclear Information System (INIS)

Wen-Jie, Liu; Han-Wu, Chen; Zhi-Qiang, Li; Zhi-Hao, Liu; Wen-Bo, Hu; Ting-Huai, Ma

2009-01-01

A novel efficient deterministic secure quantum communication scheme based on four-qubit cluster states and single-photon identity authentication is proposed. In this scheme, the two authenticated users can transmit two bits of classical information per cluster state, and its efficiency of the quantum communication is 1/3, which is approximately 1.67 times that of the previous protocol presented by Wang et al [Chin. Phys. Lett. 23 (2006) 2658]. Security analysis shows the present scheme is secure against intercept-resend attack and the impersonator's attack. Furthermore, it is more economic with present-day techniques and easily processed by a one-way quantum computer. (general)

Security Scheme Based on Parameter Hiding Technic for Mobile Communication in a Secure Cyber World

Directory of Open Access Journals (Sweden)

Jong Hyuk Park

2016-10-01

Full Text Available Long Term Evolution (LTE and Long Term Evolution-Advanced (LTE-A support a better data transmission service than 3G dose and are globally commercialized technologies in a cyber world that is essential for constructing a future mobile environment, since network traffics have exponentially increased as people have started to use more than just one mobile device. However, when User Equipment (UE is executing initial attach processes to access LTE networks, there is a vulnerability in which identification parameters like International Mobile Subscriber Identity (IMSI and Radio Network Temporary Identities (RNTI are transmitted as plain texts. It can threat various services that are commercialized therewith in a cyber world. Therefore, a security scheme is proposed in this paper where identification parameters can be securely transmitted and hidden in four cases where initial attach occurs between UE and Mobility Management Entity (MME. The proposed security scheme not only supports encrypted transmission of identification parameters but also mutual authentication between Evolved Node B (eNB and MME to make a secure cyber world. Additionally, performance analysis results using an OPNET simulator showed the satisfaction of the average delay rate that is specified in LTE standards.

Password Authentication Scheme with Secured Login Interface

Directory of Open Access Journals (Sweden)

AKINWALE A. Taofiki

2009-12-01

Full Text Available This paper presents a novel solution to the age long problem of password security at input level. In our solution, each of the various characters from which a password could be composed is encoded with a random single digit integer and presented to the user via an input interface form. A legitimate user entering his password only needs to carefully study the sequence of code that describe his password, and then enter these code in place of his actual password characters. This approach does not require the input code to be hidden from anyone or converted to placeholder characters for security reasons. Our solution engine regenerates new code for each character each time the carriage return key is struck, producing a hardened password that is convincingly more secure than conventional password entry system against both online and offline attackers. Using empirical data and a prototype implementation of our scheme, we give evidence that our approach is viable in practice, in terms of ease of use, improved security, and performance.

Universal health coverage in Latin American countries: how to improve solidarity-based schemes.

Science.gov (United States)

Titelman, Daniel; Cetrángolo, Oscar; Acosta, Olga Lucía

2015-04-04

In this Health Policy we examine the association between the financing structure of health systems and universal health coverage. Latin American health systems encompass a wide range of financial sources, which translate into different solidarity-based schemes that combine contributory (payroll taxes) and non-contributory (general taxes) sources of financing. To move towards universal health coverage, solidarity-based schemes must heavily rely on countries' capacity to increase public expenditure in health. Improvement of solidarity-based schemes will need the expansion of mandatory universal insurance systems and strengthening of the public sector including increased fiscal expenditure. These actions demand a new model to integrate different sources of health-sector financing, including general tax revenue, social security contributions, and private expenditure. The extent of integration achieved among these sources will be the main determinant of solidarity and universal health coverage. The basic challenges for improvement of universal health coverage are not only to spend more on health, but also to reduce the proportion of out-of-pocket spending, which will need increased fiscal resources. Copyright © 2015 Elsevier Ltd. All rights reserved.

A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems.

Science.gov (United States)

Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao

2014-09-01

Telecare medicine information system (TMIS) is widely used for providing a convenient and efficient communicating platform between patients at home and physicians at medical centers or home health care (HHC) organizations. To ensure patient privacy, in 2013, Hao et al. proposed a chaotic map based authentication scheme with user anonymity for TMIS. Later, Lee showed that Hao et al.'s scheme is in no provision for providing fairness in session key establishment and gave an efficient user authentication and key agreement scheme using smart cards, in which only few hashing and Chebyshev chaotic map operations are required. In addition, Jiang et al. discussed that Hao et al.'s scheme can not resist stolen smart card attack and they further presented an improved scheme which attempts to repair the security pitfalls found in Hao et al.'s scheme. In this paper, we found that both Lee's and Jiang et al.'s authentication schemes have a serious security problem in that a registered user's secret parameters may be intentionally exposed to many non-registered users and this problem causing the service misuse attack. Therefore, we propose a slight modification on Lee's scheme to prevent the shortcomings. Compared with previous schemes, our improved scheme not only inherits the advantages of Lee's and Jiang et al.'s authentication schemes for TMIS but also remedies the serious security weakness of not being able to withstand service misuse attack.

An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system.

Science.gov (United States)

Das, Ashok Kumar; Bruhadeshwar, Bezawada

2013-10-01

Recently Lee and Liu proposed an efficient password based authentication and key agreement scheme using smart card for the telecare medicine information system [J. Med. Syst. (2013) 37:9933]. In this paper, we show that though their scheme is efficient, their scheme still has two security weaknesses such as (1) it has design flaws in authentication phase and (2) it has design flaws in password change phase. In order to withstand these flaws found in Lee-Liu's scheme, we propose an improvement of their scheme. Our improved scheme keeps also the original merits of Lee-Liu's scheme. We show that our scheme is efficient as compared to Lee-Liu's scheme. Further, through the security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against passive and active attacks.

An Efficient Secure Scheme Based on Hierarchical Topology in the Smart Home Environment

Directory of Open Access Journals (Sweden)

Mansik Kim

2017-08-01

Full Text Available As the Internet of Things (IoT has developed, the emerging sensor network (ESN that integrates emerging technologies, such as autonomous driving, cyber-physical systems, mobile nodes, and existing sensor networks has been in the limelight. Smart homes have been researched and developed by various companies and organizations. Emerging sensor networks have some issues of providing secure service according to a new environment, such as a smart home, and the problems of low power and low-computing capacity for the sensor that previous sensor networks were equipped with. This study classifies various sensors used in smart homes into three classes and contains the hierarchical topology for efficient communication. In addition, a scheme for establishing secure communication among sensors based on physical unclonable functions (PUFs that cannot be physically cloned is suggested in regard to the sensor’s low performance. In addition, we analyzed this scheme by conducting security and performance evaluations proving to constitute secure channels while consuming fewer resources. We believe that our scheme can provide secure communication by using fewer resources in a smart home environment in the future.

Patient-Controlled Attribute-Based Encryption for Secure Electronic Health Records System.

Science.gov (United States)

Eom, Jieun; Lee, Dong Hoon; Lee, Kwangsu

2016-12-01

In recent years, many countries have been trying to integrate electronic health data managed by each hospital to offer more efficient healthcare services. Since health data contain sensitive information of patients, there have been much research that present privacy preserving mechanisms. However, existing studies either require a patient to perform various steps to secure the data or restrict the patient to exerting control over the data. In this paper, we propose patient-controlled attribute-based encryption, which enables a patient (a data owner) to control access to the health data and reduces the operational burden for the patient, simultaneously. With our method, the patient has powerful control capability of his/her own health data in that he/she has the final say on the access with time limitation. In addition, our scheme provides emergency medical services which allow the emergency staffs to access the health data without the patient's permission only in the case of emergencies. We prove that our scheme is secure under cryptographic assumptions and analyze its efficiency from the patient's perspective.

Secure biometric image sensor and authentication scheme based on compressed sensing.

Science.gov (United States)

Suzuki, Hiroyuki; Suzuki, Masamichi; Urabe, Takuya; Obi, Takashi; Yamaguchi, Masahiro; Ohyama, Nagaaki

2013-11-20

It is important to ensure the security of biometric authentication information, because its leakage causes serious risks, such as replay attacks using the stolen biometric data, and also because it is almost impossible to replace raw biometric information. In this paper, we propose a secure biometric authentication scheme that protects such information by employing an optical data ciphering technique based on compressed sensing. The proposed scheme is based on two-factor authentication, the biometric information being supplemented by secret information that is used as a random seed for a cipher key. In this scheme, a biometric image is optically encrypted at the time of image capture, and a pair of restored biometric images for enrollment and verification are verified in the authentication server. If any of the biometric information is exposed to risk, it can be reenrolled by changing the secret information. Through numerical experiments, we confirm that finger vein images can be restored from the compressed sensing measurement data. We also present results that verify the accuracy of the scheme.

Building Secure Public Key Encryption Scheme from Hidden Field Equations

Directory of Open Access Journals (Sweden)

Yuan Ping

2017-01-01

Full Text Available Multivariate public key cryptography is a set of cryptographic schemes built from the NP-hardness of solving quadratic equations over finite fields, amongst which the hidden field equations (HFE family of schemes remain the most famous. However, the original HFE scheme was insecure, and the follow-up modifications were shown to be still vulnerable to attacks. In this paper, we propose a new variant of the HFE scheme by considering the special equation x2=x defined over the finite field F3 when x=0,1. We observe that the equation can be used to further destroy the special structure of the underlying central map of the HFE scheme. It is shown that the proposed public key encryption scheme is secure against known attacks including the MinRank attack, the algebraic attacks, and the linearization equations attacks. The proposal gains some advantages over the original HFE scheme with respect to the encryption speed and public key size.

Social security administration in India- study of provident funds and pension scheme

OpenAIRE

Rao, Madhava P

2005-01-01

Social Security is becoming a distinct part of social policy of India and the time has come to give a serious thought to ever increasing Social Security needs of the population. There are diversified views on extension of Social Security coverage. Some say it should be limited to only working population and to their families and while others say that the entire population should be covered under Social Security programmes. Social Security schemes further have been branched out as protective...

A Non-symmetric Digital Image Secure Communication Scheme Based on Generalized Chaos Synchronization System

International Nuclear Information System (INIS)

Zhang Xiaohong; Min Lequan

2005-01-01

Based on a generalized chaos synchronization system and a discrete Sinai map, a non-symmetric true color (RGB) digital image secure communication scheme is proposed. The scheme first changes an ordinary RGB digital image with 8 bits into unrecognizable disorder codes and then transforms the disorder codes into an RGB digital image with 16 bits for transmitting. A receiver uses a non-symmetric key to verify the authentication of the received data origin, and decrypts the ciphertext. The scheme can encrypt and decrypt most formatted digital RGB images recognized by computers, and recover the plaintext almost without any errors. The scheme is suitable to be applied in network image communications. The analysis of the key space, sensitivity of key parameters, and correlation of encrypted images imply that this scheme has sound security.

Design of a Secure Authentication and Key Agreement Scheme Preserving User Privacy Usable in Telecare Medicine Information Systems.

Science.gov (United States)

Arshad, Hamed; Rasoolzadegan, Abbas

2016-11-01

Authentication and key agreement schemes play a very important role in enhancing the level of security of telecare medicine information systems (TMISs). Recently, Amin and Biswas demonstrated that the authentication scheme proposed by Giri et al. is vulnerable to off-line password guessing attacks and privileged insider attacks and also does not provide user anonymity. They also proposed an improved authentication scheme, claiming that it resists various security attacks. However, this paper demonstrates that Amin and Biswas's scheme is defenseless against off-line password guessing attacks and replay attacks and also does not provide perfect forward secrecy. This paper also shows that Giri et al.'s scheme not only suffers from the weaknesses pointed out by Amin and Biswas, but it also is vulnerable to replay attacks and does not provide perfect forward secrecy. Moreover, this paper proposes a novel authentication and key agreement scheme to overcome the mentioned weaknesses. Security and performance analyses show that the proposed scheme not only overcomes the mentioned security weaknesses, but also is more efficient than the previous schemes.

An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System.

Science.gov (United States)

Li, Chun-Ta; Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

2017-06-23

In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients' physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu-Chung's scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP.

A Secure and Privacy-Preserving Navigation Scheme Using Spatial Crowdsourcing in Fog-Based VANETs

Science.gov (United States)

Wang, Lingling; Liu, Guozhu; Sun, Lijun

2017-01-01

Fog-based VANETs (Vehicular ad hoc networks) is a new paradigm of vehicular ad hoc networks with the advantages of both vehicular cloud and fog computing. Real-time navigation schemes based on fog-based VANETs can promote the scheme performance efficiently. In this paper, we propose a secure and privacy-preserving navigation scheme by using vehicular spatial crowdsourcing based on fog-based VANETs. Fog nodes are used to generate and release the crowdsourcing tasks, and cooperatively find the optimal route according to the real-time traffic information collected by vehicles in their coverage areas. Meanwhile, the vehicle performing the crowdsourcing task can get a reasonable reward. The querying vehicle can retrieve the navigation results from each fog node successively when entering its coverage area, and follow the optimal route to the next fog node until it reaches the desired destination. Our scheme fulfills the security and privacy requirements of authentication, confidentiality and conditional privacy preservation. Some cryptographic primitives, including the Elgamal encryption algorithm, AES, randomized anonymous credentials and group signatures, are adopted to achieve this goal. Finally, we analyze the security and the efficiency of the proposed scheme. PMID:28338620

A Secure and Privacy-Preserving Navigation Scheme Using Spatial Crowdsourcing in Fog-Based VANETs.

Science.gov (United States)

Wang, Lingling; Liu, Guozhu; Sun, Lijun

2017-03-24

Fog-based VANETs (Vehicular ad hoc networks) is a new paradigm of vehicular ad hoc networks with the advantages of both vehicular cloud and fog computing. Real-time navigation schemes based on fog-based VANETs can promote the scheme performance efficiently. In this paper, we propose a secure and privacy-preserving navigation scheme by using vehicular spatial crowdsourcing based on fog-based VANETs. Fog nodes are used to generate and release the crowdsourcing tasks, and cooperatively find the optimal route according to the real-time traffic information collected by vehicles in their coverage areas. Meanwhile, the vehicle performing the crowdsourcing task can get a reasonable reward. The querying vehicle can retrieve the navigation results from each fog node successively when entering its coverage area, and follow the optimal route to the next fog node until it reaches the desired destination. Our scheme fulfills the security and privacy requirements of authentication, confidentiality and conditional privacy preservation. Some cryptographic primitives, including the Elgamal encryption algorithm, AES, randomized anonymous credentials and group signatures, are adopted to achieve this goal. Finally, we analyze the security and the efficiency of the proposed scheme.

An Improved and Secure Biometric Authentication Scheme for Telecare Medicine Information Systems Based on Elliptic Curve Cryptography.

Science.gov (United States)

Chaudhry, Shehzad Ashraf; Mahmood, Khalid; Naqvi, Husnain; Khan, Muhammad Khurram

2015-11-01

Telecare medicine information system (TMIS) offers the patients convenient and expedite healthcare services remotely anywhere. Patient security and privacy has emerged as key issues during remote access because of underlying open architecture. An authentication scheme can verify patient's as well as TMIS server's legitimacy during remote healthcare services. To achieve security and privacy a number of authentication schemes have been proposed. Very recently Lu et al. (J. Med. Syst. 39(3):1-8, 2015) proposed a biometric based three factor authentication scheme for TMIS to confiscate the vulnerabilities of Arshad et al.'s (J. Med. Syst. 38(12):136, 2014) scheme. Further, they emphasized the robustness of their scheme against several attacks. However, in this paper we establish that Lu et al.'s scheme is vulnerable to numerous attacks including (1) Patient anonymity violation attack, (2) Patient impersonation attack, and (3) TMIS server impersonation attack. Furthermore, their scheme does not provide patient untraceability. We then, propose an improvement of Lu et al.'s scheme. We have analyzed the security of improved scheme using popular automated tool ProVerif. The proposed scheme while retaining the plusses of Lu et al.'s scheme is also robust against known attacks.

CERTIFICATE REVOCATION SCHEME BASED ON WEIGHTED VOTING GAME AND RATIONAL SECURE MULTIPARTY COMPUTING

Directory of Open Access Journals (Sweden)

N Aravinthan

2017-03-01

Full Text Available The Mobile Adhoc Network consists of deployed mobile nodes which lead to the frequent changes in network topology. Due to topology changes, required infrastructure is unavailable for communication. Moreover, malicious nodes present in MANET make use of this modification and can easily launch highly vulnerable attacks on the routing path of the network. Hence, Security issue such as removing misbehaving nodes is the primary issue in MANET. Effective certificate revocation scheme was introduced to identify and eliminate the node with malicious activities in the network based on the weighted voting game (ECR-WVG approach. In this approach, weights and quota were two factors, determined for an effective revocation of malicious nodes certificates. However, security during multiparty transmission was not taken into account in ECR-WVG. In Effective Certificate Revocation Scheme based on Weighted Voting Game and Rational Secure Multi-Party Computing (ECR-WVG-RSMPC method, rational secret sharing scheme is introduced along with ECR-WVG approach for securing multiparty transmission. Performance evaluation can be done between ECR-WVG and ECR-WVG-RSMPC in terms of false revocation, malicious node revocation, normalized time for revocation and revocation accuracy ratio.

Breaking a chaos-based secure communication scheme designed by an improved modulation method

Energy Technology Data Exchange (ETDEWEB)

Li Shujun [Department of Electronic Engineering, City University of Hong Kong, Kowloon, Hong Kong (China)]. E-mail: hooklee@mail.com; Alvarez, Gonzalo [Instituto de Fisica Aplicada, Consejo Superior de Investigaciones Cientificas, Serrano 144-28006 Madrid (Spain); Chen Guanrong [Department of Electronic Engineering, City University of Hong Kong, Kowloon, Hong Kong (China)

2005-07-01

Recently Bu and Wang [Bu S, Wang B-H. Chaos, Solitons and Fractals 2004;19(4):919-24] proposed a simple modulation method aiming to improve the security of chaos-based secure communications against return-map-based attacks. Soon this modulation method was independently cryptanalyzed by Chee et al. [Chee CY, Xu D, Bishop SR. Chaos, Solitons and Fractals 2004;21(5):1129-34], Wu et al. [Wu X, Hu H, Zhang B. Chaos, Solitons and Fractals 2004;22(2):367-73], and Alvarez et al. [Alvarez G, Montoya F, Romera M, Pastor G. Chaos, Solitons and Fractals, in press, arXiv:nlin/0406065] via different attacks. As an enhancement to the Bu-Wang method, an improving scheme was suggested by Wu et al. by removing the relationship between the modulating function and the zero-points. The present paper points out that the improved scheme proposed by Wu et al. is still insecure against a new attack. Compared with the existing attacks, the proposed attack is more powerful and can also break the original Bu-Wang scheme. Furthermore, it is pointed out that the security of the modulation-based schemes proposed by Wu et al. is not so satisfactory from a pure cryptographical point of view. The synchronization performance of this class of modulation-based schemes is also discussed.

Breaking a chaos-based secure communication scheme designed by an improved modulation method

International Nuclear Information System (INIS)

Li Shujun; Alvarez, Gonzalo; Chen Guanrong

2005-01-01

Recently Bu and Wang [Bu S, Wang B-H. Chaos, Solitons and Fractals 2004;19(4):919-24] proposed a simple modulation method aiming to improve the security of chaos-based secure communications against return-map-based attacks. Soon this modulation method was independently cryptanalyzed by Chee et al. [Chee CY, Xu D, Bishop SR. Chaos, Solitons and Fractals 2004;21(5):1129-34], Wu et al. [Wu X, Hu H, Zhang B. Chaos, Solitons and Fractals 2004;22(2):367-73], and Alvarez et al. [Alvarez G, Montoya F, Romera M, Pastor G. Chaos, Solitons and Fractals, in press, arXiv:nlin/0406065] via different attacks. As an enhancement to the Bu-Wang method, an improving scheme was suggested by Wu et al. by removing the relationship between the modulating function and the zero-points. The present paper points out that the improved scheme proposed by Wu et al. is still insecure against a new attack. Compared with the existing attacks, the proposed attack is more powerful and can also break the original Bu-Wang scheme. Furthermore, it is pointed out that the security of the modulation-based schemes proposed by Wu et al. is not so satisfactory from a pure cryptographical point of view. The synchronization performance of this class of modulation-based schemes is also discussed

Secure and Privacy-Preserving Body Sensor Data Collection and Query Scheme

Directory of Open Access Journals (Sweden)

Hui Zhu

2016-02-01

Full Text Available With the development of body sensor networks and the pervasiveness of smart phones, different types of personal data can be collected in real time by body sensors, and the potential value of massive personal data has attracted considerable interest recently. However, the privacy issues of sensitive personal data are still challenging today. Aiming at these challenges, in this paper, we focus on the threats from telemetry interface and present a secure and privacy-preserving body sensor data collection and query scheme, named SPCQ, for outsourced computing. In the proposed SPCQ scheme, users’ personal information is collected by body sensors in different types and converted into multi-dimension data, and each dimension is converted into the form of a number and uploaded to the cloud server, which provides a secure, efficient and accurate data query service, while the privacy of sensitive personal information and users’ query data is guaranteed. Specifically, based on an improved homomorphic encryption technology over composite order group, we propose a special weighted Euclidean distance contrast algorithm (WEDC for multi-dimension vectors over encrypted data. With the SPCQ scheme, the confidentiality of sensitive personal data, the privacy of data users’ queries and accurate query service can be achieved in the cloud server. Detailed analysis shows that SPCQ can resist various security threats from telemetry interface. In addition, we also implement SPCQ on an embedded device, smart phone and laptop with a real medical database, and extensive simulation results demonstrate that our proposed SPCQ scheme is highly efficient in terms of computation and communication costs.

Secure and Privacy-Preserving Body Sensor Data Collection and Query Scheme.

Science.gov (United States)

Zhu, Hui; Gao, Lijuan; Li, Hui

2016-02-01

With the development of body sensor networks and the pervasiveness of smart phones, different types of personal data can be collected in real time by body sensors, and the potential value of massive personal data has attracted considerable interest recently. However, the privacy issues of sensitive personal data are still challenging today. Aiming at these challenges, in this paper, we focus on the threats from telemetry interface and present a secure and privacy-preserving body sensor data collection and query scheme, named SPCQ, for outsourced computing. In the proposed SPCQ scheme, users' personal information is collected by body sensors in different types and converted into multi-dimension data, and each dimension is converted into the form of a number and uploaded to the cloud server, which provides a secure, efficient and accurate data query service, while the privacy of sensitive personal information and users' query data is guaranteed. Specifically, based on an improved homomorphic encryption technology over composite order group, we propose a special weighted Euclidean distance contrast algorithm (WEDC) for multi-dimension vectors over encrypted data. With the SPCQ scheme, the confidentiality of sensitive personal data, the privacy of data users' queries and accurate query service can be achieved in the cloud server. Detailed analysis shows that SPCQ can resist various security threats from telemetry interface. In addition, we also implement SPCQ on an embedded device, smart phone and laptop with a real medical database, and extensive simulation results demonstrate that our proposed SPCQ scheme is highly efficient in terms of computation and communication costs.

Attribute based encryption for secure sharing of E-health data

Science.gov (United States)

Charanya, R.; Nithya, S.; Manikandan, N.

2017-11-01

Distributed computing is one of the developing innovations in IT part and information security assumes a real part. It includes sending gathering of remote server and programming that permit the unified information and online access to PC administrations. Distributed computing depends on offering of asset among different clients are additionally progressively reallocated on interest. Cloud computing is a revolutionary computing paradigm which enables flexible, on-demand and low-cost usage of computing resources. The reasons for security and protection issues, which rise on the grounds that the health information possessed by distinctive clients are put away in some cloud servers rather than under their own particular control”z. To deal with security problems, various schemes based on the Attribute-Based Encryption have been proposed. In this paper, in order to make ehealth data’s more secure we use multi party in cloud computing system. Where the health data is encrypted using attributes and key policy. And the user with a particular attribute and key policy alone will be able to decrypt the health data after it is verified by “key distribution centre” and the “secure data distributor”. This technique can be used in medical field for secure storage of patient details and limiting to particular doctor access. To make data’s scalable secure we need to encrypt the health data before outsourcing.

Privacy-Preserving Self-Helped Medical Diagnosis Scheme Based on Secure Two-Party Computation in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Yi Sun

2014-01-01

Full Text Available With the continuing growth of wireless sensor networks in pervasive medical care, people pay more and more attention to privacy in medical monitoring, diagnosis, treatment, and patient care. On one hand, we expect the public health institutions to provide us with better service. On the other hand, we would not like to leak our personal health information to them. In order to balance this contradiction, in this paper we design a privacy-preserving self-helped medical diagnosis scheme based on secure two-party computation in wireless sensor networks so that patients can privately diagnose themselves by inputting a health card into a self-helped medical diagnosis ATM to obtain a diagnostic report just like drawing money from a bank ATM without revealing patients’ health information and doctors’ diagnostic skill. It makes secure self-helped disease diagnosis feasible and greatly benefits patients as well as relieving the heavy pressure of public health institutions.

Security analysis of a chaotic map-based authentication scheme for telecare medicine information systems.

Science.gov (United States)

Yau, Wei-Chuen; Phan, Raphael C-W

2013-12-01

Many authentication schemes have been proposed for telecare medicine information systems (TMIS) to ensure the privacy, integrity, and availability of patient records. These schemes are crucial for TMIS systems because otherwise patients' medical records become susceptible to tampering thus hampering diagnosis or private medical conditions of patients could be disclosed to parties who do not have a right to access such information. Very recently, Hao et al. proposed a chaotic map-based authentication scheme for telecare medicine information systems in a recent issue of Journal of Medical Systems. They claimed that the authentication scheme can withstand various attacks and it is secure to be used in TMIS. In this paper, we show that this authentication scheme is vulnerable to key-compromise impersonation attacks, off-line password guessing attacks upon compromising of a smart card, and parallel session attacks. We also exploit weaknesses in the password change phase of the scheme to mount a denial-of-service attack. Our results show that this scheme cannot be used to provide security in a telecare medicine information system.

Joint Schemes for Physical Layer Security and Error Correction

Science.gov (United States)

Adamo, Oluwayomi

2011-01-01

The major challenges facing resource constraint wireless devices are error resilience, security and speed. Three joint schemes are presented in this research which could be broadly divided into error correction based and cipher based. The error correction based ciphers take advantage of the properties of LDPC codes and Nordstrom Robinson code. A…

A SCHEME FOR TEMPLATE SECURITY AT FEATURE FUSION LEVEL IN MULTIMODAL BIOMETRIC SYSTEM

Directory of Open Access Journals (Sweden)

Arvind Selwal

2016-09-01

Full Text Available Biometric is the science of human recognition based upon using their biological, chemical or behavioural traits. These systems are used in many real life applications simply from biometric based attendance system to providing security at very sophisticated level. A biometric system deals with raw data captured using a sensor and feature template extracted from raw image. One of the challenges being faced by designers of these systems is to secure template data extracted from the biometric modalities of the user and protect the raw images. To minimize spoof attacks on biometric systems by unauthorised users one of the solutions is to use multi-biometric systems. Multi-modal biometric system works by using fusion technique to merge feature templates generated from different modalities of the human. In this work a new scheme is proposed to secure template during feature fusion level. Scheme is based on union operation of fuzzy relations of templates of modalities during fusion process of multimodal biometric systems. This approach serves dual purpose of feature fusion as well as transformation of templates into a single secured non invertible template. The proposed technique is cancelable and experimentally tested on a bimodal biometric system comprising of fingerprint and hand geometry. Developed scheme removes the problem of an attacker learning the original minutia position in fingerprint and various measurements of hand geometry. Given scheme provides improved performance of the system with reduction in false accept rate and improvement in genuine accept rate.

An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System

Science.gov (United States)

Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

2017-01-01

In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients’ physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu–Chung’s scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP. PMID:28644381

FPGA implementation cost and performance evaluation of IEEE 802.11 protocol encryption security schemes

Science.gov (United States)

Sklavos, N.; Selimis, G.; Koufopavlou, O.

2005-01-01

The explosive growth of internet and consumer demand for mobility has fuelled the exponential growth of wireless communications and networks. Mobile users want access to services and information, from both internet and personal devices, from a range of locations without the use of a cable medium. IEEE 802.11 is one of the most widely used wireless standards of our days. The amount of access and mobility into wireless networks requires a security infrastructure that protects communication within that network. The security of this protocol is based on the wired equivalent privacy (WEP) scheme. Currently, all the IEEE 802.11 market products support WEP. But recently, the 802.11i working group introduced the advanced encryption standard (AES), as the security scheme for the future IEEE 802.11 applications. In this paper, the hardware integrations of WEP and AES are studied. A field programmable gate array (FPGA) device has been used as the hardware implementation platform, for a fair comparison between the two security schemes. Measurements for the FPGA implementation cost, operating frequency, power consumption and performance are given.

FPGA implementation cost and performance evaluation of IEEE 802.11 protocol encryption security schemes

International Nuclear Information System (INIS)

Sklavos, N; Selimis, G; Koufopavlou, O

2005-01-01

The explosive growth of internet and consumer demand for mobility has fuelled the exponential growth of wireless communications and networks. Mobile users want access to services and information, from both internet and personal devices, from a range of locations without the use of a cable medium. IEEE 802.11 is one of the most widely used wireless standards of our days. The amount of access and mobility into wireless networks requires a security infrastructure that protects communication within that network. The security of this protocol is based on the wired equivalent privacy (WEP) scheme. Currently, all the IEEE 802.11 market products support WEP. But recently, the 802.11i working group introduced the advanced encryption standard (AES), as the security scheme for the future IEEE 802.11 applications. In this paper, the hardware integrations of WEP and AES are studied. A field programmable gate array (FPGA) device has been used as the hardware implementation platform, for a fair comparison between the two security schemes. Measurements for the FPGA implementation cost, operating frequency, power consumption and performance are given

Information Security Scheme Based on Computational Temporal Ghost Imaging.

Science.gov (United States)

Jiang, Shan; Wang, Yurong; Long, Tao; Meng, Xiangfeng; Yang, Xiulun; Shu, Rong; Sun, Baoqing

2017-08-09

An information security scheme based on computational temporal ghost imaging is proposed. A sequence of independent 2D random binary patterns are used as encryption key to multiply with the 1D data stream. The cipher text is obtained by summing the weighted encryption key. The decryption process can be realized by correlation measurement between the encrypted information and the encryption key. Due to the instinct high-level randomness of the key, the security of this method is greatly guaranteed. The feasibility of this method and robustness against both occlusion and additional noise attacks are discussed with simulation, respectively.

A security architecture for interconnecting health information systems.

Science.gov (United States)

Gritzalis, Dimitris; Lambrinoudakis, Costas

2004-03-31

Several hereditary and other chronic diseases necessitate continuous and complicated health care procedures, typically offered in different, often distant, health care units. Inevitably, the medical records of patients suffering from such diseases become complex, grow in size very fast and are scattered all over the units involved in the care process, hindering communication of information between health care professionals. Web-based electronic medical records have been recently proposed as the solution to the above problem, facilitating the interconnection of the health care units in the sense that health care professionals can now access the complete medical record of the patient, even if it is distributed in several remote units. However, by allowing users to access information from virtually anywhere, the universe of ineligible people who may attempt to harm the system is dramatically expanded, thus severely complicating the design and implementation of a secure environment. This paper presents a security architecture that has been mainly designed for providing authentication and authorization services in web-based distributed systems. The architecture has been based on a role-based access scheme and on the implementation of an intelligent security agent per site (i.e. health care unit). This intelligent security agent: (a). authenticates the users, local or remote, that can access the local resources; (b). assigns, through temporary certificates, access privileges to the authenticated users in accordance to their role; and (c). communicates to other sites (through the respective security agents) information about the local users that may need to access information stored in other sites, as well as about local resources that can be accessed remotely.

Secure Data Aggregation in Wireless Sensor Network-Fujisaki Okamoto(FO) Authentication Scheme against Sybil Attack.

Science.gov (United States)

Nirmal Raja, K; Maraline Beno, M

2017-07-01

In the wireless sensor network(WSN) security is a major issue. There are several network security schemes proposed in research. In the network, malicious nodes obstruct the performance of the network. The network can be vulnerable by Sybil attack. When a node illicitly assertions multiple identities or claims fake IDs, the WSN grieves from an attack named Sybil attack. This attack threatens wireless sensor network in data aggregation, synchronizing system, routing, fair resource allocation and misbehavior detection. Henceforth, the research is carried out to prevent the Sybil attack and increase the performance of the network. This paper presents the novel security mechanism and Fujisaki Okamoto algorithm and also application of the work. The Fujisaki-Okamoto (FO) algorithm is ID based cryptographic scheme and gives strong authentication against Sybil attack. By using Network simulator2 (NS2) the scheme is simulated. In this proposed scheme broadcasting key, time taken for different key sizes, energy consumption, Packet delivery ratio, Throughput were analyzed.

Unequal Probability Marking Approach to Enhance Security of Traceback Scheme in Tree-Based WSNs.

Science.gov (United States)

Huang, Changqin; Ma, Ming; Liu, Xiao; Liu, Anfeng; Zuo, Zhengbang

2017-06-17

Fog (from core to edge) computing is a newly emerging computing platform, which utilizes a large number of network devices at the edge of a network to provide ubiquitous computing, thus having great development potential. However, the issue of security poses an important challenge for fog computing. In particular, the Internet of Things (IoT) that constitutes the fog computing platform is crucial for preserving the security of a huge number of wireless sensors, which are vulnerable to attack. In this paper, a new unequal probability marking approach is proposed to enhance the security performance of logging and migration traceback (LM) schemes in tree-based wireless sensor networks (WSNs). The main contribution of this paper is to overcome the deficiency of the LM scheme that has a higher network lifetime and large storage space. In the unequal probability marking logging and migration (UPLM) scheme of this paper, different marking probabilities are adopted for different nodes according to their distances to the sink. A large marking probability is assigned to nodes in remote areas (areas at a long distance from the sink), while a small marking probability is applied to nodes in nearby area (areas at a short distance from the sink). This reduces the consumption of storage and energy in addition to enhancing the security performance, lifetime, and storage capacity. Marking information will be migrated to nodes at a longer distance from the sink for increasing the amount of stored marking information, thus enhancing the security performance in the process of migration. The experimental simulation shows that for general tree-based WSNs, the UPLM scheme proposed in this paper can store 1.12-1.28 times the amount of stored marking information that the equal probability marking approach achieves, and has 1.15-1.26 times the storage utilization efficiency compared with other schemes.

A Dual Key-Based Activation Scheme for Secure LoRaWAN

Directory of Open Access Journals (Sweden)

Jaehyu Kim

2017-01-01

Full Text Available With the advent of the Internet of Things (IoT era, we are experiencing rapid technological progress. Billions of devices are connected to each other, and our homes, cities, hospitals, and schools are getting smarter and smarter. However, to realize the IoT, several challenging issues such as connecting resource-constrained devices to the Internet must be resolved. Recently introduced Low Power Wide Area Network (LPWAN technologies have been devised to resolve this issue. Among many LPWAN candidates, the Long Range (LoRa is one of the most promising technologies. The Long Range Wide Area Network (LoRaWAN is a communication protocol for LoRa that provides basic security mechanisms. However, some security loopholes exist in LoRaWAN’s key update and session key generation. In this paper, we propose a dual key-based activation scheme for LoRaWAN. It resolves the problem of key updates not being fully supported. In addition, our scheme facilitates each layer in generating its own session key directly, which ensures the independence of all layers. Real-world experimental results compared with the original scheme show that the proposed scheme is totally feasible in terms of delay and battery consumption.

Reinforcement Learning Based Data Self-Destruction Scheme for Secured Data Management

Directory of Open Access Journals (Sweden)

Young Ki Kim

2018-04-01

Full Text Available As technologies and services that leverage cloud computing have evolved, the number of businesses and individuals who use them are increasing rapidly. In the course of using cloud services, as users store and use data that include personal information, research on privacy protection models to protect sensitive information in the cloud environment is becoming more important. As a solution to this problem, a self-destructing scheme has been proposed that prevents the decryption of encrypted user data after a certain period of time using a Distributed Hash Table (DHT network. However, the existing self-destructing scheme does not mention how to set the number of key shares and the threshold value considering the environment of the dynamic DHT network. This paper proposes a method to set the parameters to generate the key shares needed for the self-destructing scheme considering the availability and security of data. The proposed method defines state, action, and reward of the reinforcement learning model based on the similarity of the graph, and applies the self-destructing scheme process by updating the parameter based on the reinforcement learning model. Through the proposed technique, key sharing parameters can be set in consideration of data availability and security in dynamic DHT network environments.

The old age health security in rural China: where to go?

Science.gov (United States)

Dai, Baozhen

2015-11-04

The huge number of rural elders and the deepening health problems (e.g. growing threats of infectious diseases and chronic diseases etc.) place enormous pressure on old age health security in rural China. This study aims to provide information for policy-makers to develop effective measures for promoting rural elders' health care service access by examining the current developments and challenges confronted by the old age health security in rural China. Search resources are electronic databases, web pages of the National Bureau of Statistics of China and the National Health and Family Planning Commission of China on the internet, China Population and Employment Statistics Yearbook, China Civil Affairs' Statistical Yearbook and China Health Statistics Yearbooks etc. Articles were identified from Elsevier, Wiley, EBSCO, EMBASE, PubMed, SCI Expanded, ProQuest, and National Knowledge Infrastructure of China (CNKI) which is the most informative database in Chinese. Search terms were "rural", "China", "health security", "cooperative medical scheme", "social medical assistance", "medical insurance" or "community based medical insurance", "old", or "elder", "elderly", or "aged", "aging". Google scholar was searched with the same combination of keywords. The results showed that old age health security in rural China had expanded to all rural elders and substantially improved health care service utilization among rural elders. Increasing chronic disease prevalence rates, pressing public health issues, inefficient rural health care service provision system and lack of sufficient financing challenged the old age health security in rural China. Increasing funds from the central and regional governments for old age health security in rural China will contribute to reducing urban-rural disparities in provision of old age health security and increasing health equity among rural elders between different regions. Meanwhile, initiating provider payment reform may contribute to

A Secure Dynamic Identity and Chaotic Maps Based User Authentication and Key Agreement Scheme for e-Healthcare Systems.

Science.gov (United States)

Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao; Chen, Song-Jhih

2016-11-01

Secure user authentication schemes in many e-Healthcare applications try to prevent unauthorized users from intruding the e-Healthcare systems and a remote user and a medical server can establish session keys for securing the subsequent communications. However, many schemes does not mask the users' identity information while constructing a login session between two or more parties, even though personal privacy of users is a significant topic for e-Healthcare systems. In order to preserve personal privacy of users, dynamic identity based authentication schemes are hiding user's real identity during the process of network communications and only the medical server knows login user's identity. In addition, most of the existing dynamic identity based authentication schemes ignore the inputs verification during login condition and this flaw may subject to inefficiency in the case of incorrect inputs in the login phase. Regarding the use of secure authentication mechanisms for e-Healthcare systems, this paper presents a new dynamic identity and chaotic maps based authentication scheme and a secure data protection approach is employed in every session to prevent illegal intrusions. The proposed scheme can not only quickly detect incorrect inputs during the phases of login and password change but also can invalidate the future use of a lost/stolen smart card. Compared the functionality and efficiency with other authentication schemes recently, the proposed scheme satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for e-Healthcare systems.

A systematic approach for analysis and design of secure health information systems.

Science.gov (United States)

Blobel, B; Roger-France, F

2001-06-01

A toolset using object-oriented techniques including the nowadays popular unified modelling language (UML) approach has been developed to facilitate the different users' views for security analysis and design of health care information systems. Paradigm and concepts used are based on the component architecture of information systems and on a general layered security model. The toolset was developed in 1996/1997 within the ISHTAR project funded by the European Commission as well as through international standardisation activities. Analysing and systematising real health care scenarios, only six and nine use case types could be found in the health and the security-related view, respectively. By combining these use case types, the analysis and design of any thinkable system architecture can be simplified significantly. Based on generic schemes, the environment needed for both communication and application security can be established by appropriate sets of security services and mechanisms. Because of the importance and the basic character of electronic health care record (EHCR) systems, the understanding of the approach is facilitated by (incomplete) examples for this application.

Design of security scheme of the radiotherapy planning administration system based on the hospital information system

International Nuclear Information System (INIS)

Zhuang Yongzhi; Zhao Jinzao

2010-01-01

Objective: To design a security scheme of radiotherapy planning administration system. Methods: Power Builder 9i language was used to program the system through the model of client-server machine. Oracle 9i was used as the database server. Results In this system, user registration management, user login management, application-level functions of control, database access control, and audit trail were designed to provide system security. Conclusions: As a prototype for the security analysis and protection of this scheme provides security of the system, application system, important data and message, which ensures the system work normally. (authors)

Code-Hopping Based Transmission Scheme for Wireless Physical-Layer Security

Directory of Open Access Journals (Sweden)

Liuguo Yin

2018-01-01

Full Text Available Due to the broadcast and time-varying natures of wireless channels, traditional communication systems that provide data encryption at the application layer suffer many challenges such as error diffusion. In this paper, we propose a code-hopping based secrecy transmission scheme that uses dynamic nonsystematic low-density parity-check (LDPC codes and automatic repeat-request (ARQ mechanism to jointly encode and encrypt source messages at the physical layer. In this scheme, secret keys at the transmitter and the legitimate receiver are generated dynamically upon the source messages that have been transmitted successfully. During the transmission, each source message is jointly encoded and encrypted by a parity-check matrix, which is dynamically selected from a set of LDPC matrices based on the shared dynamic secret key. As for the eavesdropper (Eve, the uncorrectable decoding errors prevent her from generating the same secret key as the legitimate parties. Thus she cannot select the correct LDPC matrix to recover the source message. We demonstrate that our scheme can be compatible with traditional cryptosystems and enhance the security without sacrificing the error-correction performance. Numerical results show that the bit error rate (BER of Eve approaches 0.5 as the number of transmitted source messages increases and the security gap of the system is small.

Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce.

Science.gov (United States)

Mishra, Dheerendra; Mukhopadhyay, Sourav; Kumari, Saru; Khan, Muhammad Khurram; Chaturvedi, Ankita

2014-05-01

Telecare medicine information systems (TMIS) present the platform to deliver clinical service door to door. The technological advances in mobile computing are enhancing the quality of healthcare and a user can access these services using its mobile device. However, user and Telecare system communicate via public channels in these online services which increase the security risk. Therefore, it is required to ensure that only authorized user is accessing the system and user is interacting with the correct system. The mutual authentication provides the way to achieve this. Although existing schemes are either vulnerable to attacks or they have higher computational cost while an scalable authentication scheme for mobile devices should be secure and efficient. Recently, Awasthi and Srivastava presented a biometric based authentication scheme for TMIS with nonce. Their scheme only requires the computation of the hash and XOR functions.pagebreak Thus, this scheme fits for TMIS. However, we observe that Awasthi and Srivastava's scheme does not achieve efficient password change phase. Moreover, their scheme does not resist off-line password guessing attack. Further, we propose an improvement of Awasthi and Srivastava's scheme with the aim to remove the drawbacks of their scheme.

Efficient Attribute-Based Secure Data Sharing with Hidden Policies and Traceability in Mobile Health Networks

Directory of Open Access Journals (Sweden)

Changhee Hahn

2016-01-01

Full Text Available Mobile health (also written as mHealth provisions the practice of public health supported by mobile devices. mHealth systems let patients and healthcare providers collect and share sensitive information, such as electronic and personal health records (EHRs at any time, allowing more rapid convergence to optimal treatment. Key to achieving this is securely sharing data by providing enhanced access control and reliability. Typically, such sharing follows policies that depend on patient and physician preferences defined by a set of attributes. In mHealth systems, not only the data but also the policies for sharing it may be sensitive since they directly contain sensitive information which can reveal the underlying data protected by the policy. Also, since the policies usually incur linearly increasing communication costs, mHealth is inapplicable to resource-constrained environments. Lastly, access privileges may be publicly known to users, so a malicious user could illegally share his access privileges without the risk of being traced. In this paper, we propose an efficient attribute-based secure data sharing scheme in mHealth. The proposed scheme guarantees a hidden policy, constant-sized ciphertexts, and traces, with security analyses. The computation cost to the user is reduced by delegating approximately 50% of the decryption operations to the more powerful storage systems.

Key-Insulated Undetachable Digital Signature Scheme and Solution for Secure Mobile Agents in Electronic Commerce

Directory of Open Access Journals (Sweden)

Yang Shi

2016-01-01

Full Text Available Considering the security of both the customers’ hosts and the eShops’ servers, we introduce the idea of a key-insulated undetachable digital signature, enabling mobile agents to generate undetachable digital signatures on remote hosts with the key-insulated property of the original signer’s signing key. From the theoretical perspective, we provide the formal definition and security notion of a key-insulated undetachable digital signature. From the practical perspective, we propose a concrete scheme to secure mobile agents in electronic commerce. The scheme is mainly focused on protecting the signing key from leakage and preventing the misuse of the signature algorithm on malicious servers. Agents do not carry the signing key when they generate digital signatures on behalf of the original signer, so the key is protected on remote servers. Furthermore, if a hacker gains the signing key of the original signer, the hacker is still unable to forge a signature for any time period other than the key being accessed. In addition, the encrypted function is combined with the original signer’s requirement to prevent the misuse of signing algorithm. The scheme is constructed on gap Diffie–Hellman groups with provable security, and the performance testing indicates that the scheme is efficient.

A Fingerprint Encryption Scheme Based on Irreversible Function and Secure Authentication

Directory of Open Access Journals (Sweden)

Yijun Yang

2015-01-01

Full Text Available A fingerprint encryption scheme based on irreversible function has been designed in this paper. Since the fingerprint template includes almost the entire information of users’ fingerprints, the personal authentication can be determined only by the fingerprint features. This paper proposes an irreversible transforming function (using the improved SHA1 algorithm to transform the original minutiae which are extracted from the thinned fingerprint image. Then, Chinese remainder theorem is used to obtain the biokey from the integration of the transformed minutiae and the private key. The result shows that the scheme has better performance on security and efficiency comparing with other irreversible function schemes.

Quantum secure direct communication scheme using a W state and teleportation

International Nuclear Information System (INIS)

Cao Haijing; Song Heshan

2006-01-01

A theoretical scheme for quantum secure direct communication (QSDC) is proposed, where a three-qubit symmetric W state functions as a quantum channel. Two legitimate communicators can transmit their secret information by using quantum teleportation and local measurements

Security and privacy in electronic health records: a systematic literature review.

Science.gov (United States)

Fernández-Alemán, José Luis; Señor, Inmaculada Carrión; Lozoya, Pedro Ángel Oliver; Toval, Ambrosio

2013-06-01

To report the results of a systematic literature review concerning the security and privacy of electronic health record (EHR) systems. Original articles written in English found in MEDLINE, ACM Digital Library, Wiley InterScience, IEEE Digital Library, Science@Direct, MetaPress, ERIC, CINAHL and Trip Database. Only those articles dealing with the security and privacy of EHR systems. The extraction of 775 articles using a predefined search string, the outcome of which was reviewed by three authors and checked by a fourth. A total of 49 articles were selected, of which 26 used standards or regulations related to the privacy and security of EHR data. The most widely used regulations are the Health Insurance Portability and Accountability Act (HIPAA) and the European Data Protection Directive 95/46/EC. We found 23 articles that used symmetric key and/or asymmetric key schemes and 13 articles that employed the pseudo anonymity technique in EHR systems. A total of 11 articles propose the use of a digital signature scheme based on PKI (Public Key Infrastructure) and 13 articles propose a login/password (seven of them combined with a digital certificate or PIN) for authentication. The preferred access control model appears to be Role-Based Access Control (RBAC), since it is used in 27 studies. Ten of these studies discuss who should define the EHR systems' roles. Eleven studies discuss who should provide access to EHR data: patients or health entities. Sixteen of the articles reviewed indicate that it is necessary to override defined access policies in the case of an emergency. In 25 articles an audit-log of the system is produced. Only four studies mention that system users and/or health staff should be trained in security and privacy. Recent years have witnessed the design of standards and the promulgation of directives concerning security and privacy in EHR systems. However, more work should be done to adopt these regulations and to deploy secure EHR systems. Copyright

An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks.

Science.gov (United States)

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

2013-07-24

Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged.

A Novel Multiparty Quantum Secret Sharing Scheme of Secure Direct Communication Based on Bell States and Bell Measurements

International Nuclear Information System (INIS)

Shi Run-Hua; Huang Liu-Sheng; Yang Wei; Zhong Hong

2011-01-01

We present a novel quantum secret sharing scheme of secure direct communication and analyze its security. This scheme takes Einstein—Podolsky—Rosen (EPR) pairs in Bell states as quantum resources. In order to obtain the direct communication message, all agents only need to perform Bell measurements, not to perform any local unitary operation. The total efficiency in this scheme approaches 100% as the classical information exchanged is unnecessary except for the eavesdropping checks. (general)

A secure data outsourcing scheme based on Asmuth-Bloom secret sharing

Science.gov (United States)

Idris Muhammad, Yusuf; Kaiiali, Mustafa; Habbal, Adib; Wazan, A. S.; Sani Ilyasu, Auwal

2016-11-01

Data outsourcing is an emerging paradigm for data management in which a database is provided as a service by third-party service providers. One of the major benefits of offering database as a service is to provide organisations, which are unable to purchase expensive hardware and software to host their databases, with efficient data storage accessible online at a cheap rate. Despite that, several issues of data confidentiality, integrity, availability and efficient indexing of users' queries at the server side have to be addressed in the data outsourcing paradigm. Service providers have to guarantee that their clients' data are secured against internal (insider) and external attacks. This paper briefly analyses the existing indexing schemes in data outsourcing and highlights their advantages and disadvantages. Then, this paper proposes a secure data outsourcing scheme based on Asmuth-Bloom secret sharing which tries to address the issues in data outsourcing such as data confidentiality, availability and order preservation for efficient indexing.

Provable Secure and Efficient Digital Rights Management Authentication Scheme Using Smart Card Based on Elliptic Curve Cryptography

Directory of Open Access Journals (Sweden)

Yuanyuan Zhang

2015-01-01

Full Text Available Since the concept of ubiquitous computing is firstly proposed by Mark Weiser, its connotation has been extending and expanding by many scholars. In pervasive computing application environment, many kinds of small devices containing smart cart are used to communicate with others. In 2013, Yang et al. proposed an enhanced authentication scheme using smart card for digital rights management. They demonstrated that their scheme is secure enough. However, Mishra et al. pointed out that Yang et al.’s scheme suffers from the password guessing attack and the denial of service attack. Moreover, they also demonstrated that Yang et al.’s scheme is not efficient enough when the user inputs an incorrect password. In this paper, we analyze Yang et al.’s scheme again, and find that their scheme is vulnerable to the session key attack. And, there are some mistakes in their scheme. To surmount the weakness of Yang et al.’s scheme, we propose a more efficient and provable secure digital rights management authentication scheme using smart card based on elliptic curve cryptography.

An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Chun-Ta Li

2013-07-01

Full Text Available Wireless sensor networks (WSNs can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs. Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.’s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users’ attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.’s authentication scheme are left unchanged.

Health Security and Risk Aversion.

Science.gov (United States)

Herington, Jonathan

2016-09-01

Health security has become a popular way of justifying efforts to control catastrophic threats to public health. Unfortunately, there has been little analysis of the concept of health security, nor the relationship between health security and other potential aims of public health policy. In this paper I develop an account of health security as an aversion to risky policy options. I explore three reasons for thinking risk avoidance is a distinctly worthwhile aim of public health policy: (i) that security is intrinsically valuable, (ii) that it is necessary for social planning and (iii) that it is an appropriate response to decision-making in contexts of very limited information. Striking the right balance between securing and maximizing population health thus requires a substantive, and hitherto unrecognized, value judgment. Finally, I critically evaluate the current health security agenda in light of this new account of the concept and its relationship to the other aims of public health policy. © 2016 John Wiley & Sons Ltd.

Critical analysis of the Bennett-Riedel attack on secure cryptographic key distributions via the Kirchhoff-Law-Johnson-noise scheme.

Science.gov (United States)

Kish, Laszlo B; Abbott, Derek; Granqvist, Claes G

2013-01-01

Recently, Bennett and Riedel (BR) (http://arxiv.org/abs/1303.7435v1) argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN) classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive) attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional) security of the KLJN method has not been successfully challenged.

Patient Centeredness in Electronic Communication: Evaluation of Patient-to-Health Care Team Secure Messaging

Science.gov (United States)

Luger, Tana M; Volkman, Julie E; Rocheleau, Mary; Mueller, Nora; Barker, Anna M; Nazi, Kim M; Houston, Thomas K; Bokhour, Barbara G

2018-01-01

Background As information and communication technology is becoming more widely implemented across health care organizations, patient-provider email or asynchronous electronic secure messaging has the potential to support patient-centered communication. Within the medical home model of the Veterans Health Administration (VA), secure messaging is envisioned as a means to enhance access and strengthen the relationships between veterans and their health care team members. However, despite previous studies that have examined the content of electronic messages exchanged between patients and health care providers, less research has focused on the socioemotional aspects of the communication enacted through those messages. Objective Recognizing the potential of secure messaging to facilitate the goals of patient-centered care, the objectives of this analysis were to not only understand why patients and health care team members exchange secure messages but also to examine the socioemotional tone engendered in these messages. Methods We conducted a cross-sectional coding evaluation of a corpus of secure messages exchanged between patients and health care team members over 6 months at 8 VA facilities. We identified patients whose medical records showed secure messaging threads containing at least 2 messages and compiled a random sample of these threads. Drawing on previous literature regarding the analysis of asynchronous, patient-provider electronic communication, we developed a coding scheme comprising a series of a priori patient and health care team member codes. Three team members tested the scheme on a subset of the messages and then independently coded the sample of messaging threads. Results Of the 711 messages coded from the 384 messaging threads, 52.5% (373/711) were sent by patients and 47.5% (338/711) by health care team members. Patient and health care team member messages included logistical content (82.6%, 308/373 vs 89.1%, 301/338), were neutral in tone (70

A secure transmission scheme of streaming media based on the encrypted control message

Science.gov (United States)

Li, Bing; Jin, Zhigang; Shu, Yantai; Yu, Li

2007-09-01

As the use of streaming media applications increased dramatically in recent years, streaming media security becomes an important presumption, protecting the privacy. This paper proposes a new encryption scheme in view of characteristics of streaming media and the disadvantage of the living method: encrypt the control message in the streaming media with the high security lever and permute and confuse the data which is non control message according to the corresponding control message. Here the so-called control message refers to the key data of the streaming media, including the streaming media header and the header of the video frame, and the seed key. We encrypt the control message using the public key encryption algorithm which can provide high security lever, such as RSA. At the same time we make use of the seed key to generate key stream, from which the permutation list P responding to GOP (group of picture) is derived. The plain text of the non-control message XORs the key stream and gets the middle cipher text. And then obtained one is permutated according to P. In contrast the decryption process is the inverse process of the above. We have set up a testbed for the above scheme and found our scheme is six to eight times faster than the conventional method. It can be applied not only between PCs but also between handheld devices.

The nature of international health security.

Science.gov (United States)

Chiu, Ya-Wen; Weng, Yi-Hao; Su, Yi-Yuan; Huang, Ching-Yi; Chang, Ya-Chen; Kuo, Ken N

2009-01-01

Health issues occasionally intersect security issues. Health security has been viewed as an essential part of human security. Policymakers and health professionals, however, do not share a common definition of health security. This article aims to characterize the notions of health security in order to clarify what constitutes the nexus of health and security. The concept of health security has evolved over time so that it encompasses many entities. Analyzing the health reports of four multilateral organizations (the United Nations, World Health Organization, Asia-Pacific Economic Cooperation, and the European Union) produced eight categories of most significant relevance to contemporary health security, allowing comparison of the definitions. The four categories are: emerging diseases; global infectious disease; deliberate release of chemical and biological materials; violence, conflict, and humanitarian emergencies. Two other categories of common concern are natural disasters and environmental change, as well as chemical and radioactive accidents. The final two categories, food insecurity and poverty, are discussed less frequently. Nevertheless, food security is emerging as an increasingly important issue in public health. Health security is the first line of defence against health emergencies. As globalization brings more complexities, dealing with the increased scale and extent of health security will require greater international effort and political support.

Unconditionally Secure Credit/Debit Card Chip Scheme and Physical Unclonable Function

Science.gov (United States)

Kish, Laszlo B.; Entesari, Kamran; Granqvist, Claes-Göran; Kwan, Chiman

The statistical-physics-based Kirchhoff-law-Johnson-noise (KLJN) key exchange offers a new and simple unclonable system for credit/debit card chip authentication and payment. The key exchange, the authentication and the communication are unconditionally secure so that neither mathematics- nor statistics-based attacks are able to crack the scheme. The ohmic connection and the short wiring lengths between the chips in the card and the terminal constitute an ideal setting for the KLJN protocol, and even its simplest versions offer unprecedented security and privacy for credit/debit card chips and applications of physical unclonable functions (PUFs).

A Novel Security Scheme Based on Instant Encrypted Transmission for Internet of Things

Directory of Open Access Journals (Sweden)

Chen Wang

2018-01-01

Full Text Available Internet of Things (IoT is a research field that has been continuously developed and innovated in recent years and is also an important driving force for the improvement of people’s life in the future. There are lots of scenarios in IoT where we need to collaborate through devices to complete tasks; that is, a device sends data to other devices, and other devices operate on the aid of the data. These transmitted data are often users’ privacy data, such as medical data and grid data. We propose an instant encrypted transmission based security scheme for such scenarios in IoT. The analysis in this paper indicates that our scheme can guarantee the security of users’ data while ensuring rapid transmission and acquisition of instant IoT data.

Critical analysis of the Bennett-Riedel attack on secure cryptographic key distributions via the Kirchhoff-Law-Johnson-noise scheme.

Directory of Open Access Journals (Sweden)

Laszlo B Kish

Full Text Available Recently, Bennett and Riedel (BR (http://arxiv.org/abs/1303.7435v1 argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional security of the KLJN method has not been successfully challenged.

Security, insecurity and health.

Science.gov (United States)

Coupland, Robin

2007-03-01

An examination of the nexus of security, insecurity and health shows that security is a prerequisite for health. The many and varied ways that armed violence--including threats of armed violence--can affect people's health can be documented by formal studies; however, valuable data also exist in other reports, such as media reports. The health community needs to recognize that people's insecurity is a massive global health issue. The foreign policies of donor governments should incorporate recognition that documentation, analysis and publication of data describing the impact of insecurity on people's health can lead to the creation of policies to enhance people's security.

Security scheme in IMDD-OFDM-PON system with the chaotic pilot interval and scrambling

Science.gov (United States)

Chen, Qianghua; Bi, Meihua; Fu, Xiaosong; Lu, Yang; Zeng, Ran; Yang, Guowei; Yang, Xuelin; Xiao, Shilin

2018-01-01

In this paper, a random chaotic pilot interval and permutations scheme without any requirement of redundant sideband information is firstly proposed for the physical layer security-enhanced intensity modulation direct detection orthogonal frequency division multiplexing passive optical network (IMDD-OFDM-PON) system. With the help of the position feature of inserting the pilot, a simple logistic chaos map is used to generate the random pilot interval and scramble the chaotic subcarrier allocation of each column pilot data for improving the physical layer confidentiality. Due to the dynamic chaotic permutations of pilot data, the enhanced key space of ∼103303 is achieved in OFDM-PON. Moreover, the transmission experiment of 10-Gb/s 16-QAM encrypted OFDM data is successfully demonstrated over 20-km single-mode fiber, which indicates that the proposed scheme not only improves the system security, but also can achieve the same performance as in the common IMDD-OFDM-PON system without encryption scheme.

One health security: an important component of the global health security agenda.

Science.gov (United States)

Gronvall, Gigi; Boddie, Crystal; Knutsson, Rickard; Colby, Michelle

2014-01-01

The objectives of the Global Health Security Agenda (GHSA) will require not only a "One Health" approach to counter natural disease threats against humans, animals, and the environment, but also a security focus to counter deliberate threats to human, animal, and agricultural health and to nations' economies. We have termed this merged approach "One Health Security." It will require the integration of professionals with expertise in security, law enforcement, and intelligence to join the veterinary, agricultural, environmental, and human health experts essential to One Health and the GHSA. Working across such different professions, which occasionally have conflicting aims and different professional cultures, poses multiple challenges, but a multidisciplinary and multisectoral approach is necessary to prevent disease threats; detect them as early as possible (when responses are likely to be most effective); and, in the case of deliberate threats, find who may be responsible. This article describes 2 project areas that exemplify One Health Security that were presented at a workshop in January 2014: the US government and private industry efforts to reduce vulnerabilities to foreign animal diseases, especially foot-and-mouth disease; and AniBioThreat, an EU project to counter deliberate threats to agriculture by raising awareness and implementing prevention and response policies and practices.

Economic sustainability, water security and multi-level governance of local water schemes in Nepal

Directory of Open Access Journals (Sweden)

Emma Hakala

2017-07-01

Full Text Available This article explores the role of multi-level governance and power structures in local water security through a case study of the Nawalparasi district in Nepal. It focuses on economic sustainability as a measure to address water security, placing this thematic in the context of a complicated power structure consisting of local, district and national administration as well as external development cooperation actors. The study aims to find out whether efforts to improve the economic sustainability of water schemes have contributed to water security at the local level. In addition, it will consider the interactions between water security, power structures and local equality and justice. The research builds upon survey data from the Nepalese districts of Nawalparasi and Palpa, and a case study based on interviews and observation in Nawalparasi. The survey was performed in water schemes built within a Finnish development cooperation programme spanning from 1990 to 2004, allowing a consideration of the long-term sustainability of water management projects. This adds a crucial external influence into the intra-state power structures shaping water management in Nepal. The article thus provides an alternative perspective to cross-regional water security through a discussion combining transnational involvement with national and local points of view.

A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing.

Science.gov (United States)

Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

2017-07-24

With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient.

A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing

Science.gov (United States)

Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

2017-01-01

With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient. PMID:28737733

Patient Centeredness in Electronic Communication: Evaluation of Patient-to-Health Care Team Secure Messaging.

Science.gov (United States)

Hogan, Timothy P; Luger, Tana M; Volkman, Julie E; Rocheleau, Mary; Mueller, Nora; Barker, Anna M; Nazi, Kim M; Houston, Thomas K; Bokhour, Barbara G

2018-03-08

As information and communication technology is becoming more widely implemented across health care organizations, patient-provider email or asynchronous electronic secure messaging has the potential to support patient-centered communication. Within the medical home model of the Veterans Health Administration (VA), secure messaging is envisioned as a means to enhance access and strengthen the relationships between veterans and their health care team members. However, despite previous studies that have examined the content of electronic messages exchanged between patients and health care providers, less research has focused on the socioemotional aspects of the communication enacted through those messages. Recognizing the potential of secure messaging to facilitate the goals of patient-centered care, the objectives of this analysis were to not only understand why patients and health care team members exchange secure messages but also to examine the socioemotional tone engendered in these messages. We conducted a cross-sectional coding evaluation of a corpus of secure messages exchanged between patients and health care team members over 6 months at 8 VA facilities. We identified patients whose medical records showed secure messaging threads containing at least 2 messages and compiled a random sample of these threads. Drawing on previous literature regarding the analysis of asynchronous, patient-provider electronic communication, we developed a coding scheme comprising a series of a priori patient and health care team member codes. Three team members tested the scheme on a subset of the messages and then independently coded the sample of messaging threads. Of the 711 messages coded from the 384 messaging threads, 52.5% (373/711) were sent by patients and 47.5% (338/711) by health care team members. Patient and health care team member messages included logistical content (82.6%, 308/373 vs 89.1%, 301/338), were neutral in tone (70.2%, 262/373 vs 82.0%, 277/338), and

Strategic purchasing and health system efficiency: A comparison of two financing schemes in Thailand.

Science.gov (United States)

Patcharanarumol, Walaiporn; Panichkriangkrai, Warisa; Sommanuttaweechai, Angkana; Hanson, Kara; Wanwong, Yaowaluk; Tangcharoensathien, Viroj

2018-01-01

Strategic purchasing is an essential health financing function. This paper compares the strategic purchasing practices of Thailand's two tax-financed health insurance schemes, the Universal Coverage Scheme (UCS) and the Civil Servant Medical Benefit Scheme (CSMBS), and identifies factors contributing to successful universal health coverage outcomes by analysing the relationships between the purchaser and government, providers and members. The study uses a cross-sectional mixed-methods design, including document review and interviews with 56 key informants. The Comptroller General Department (CGD) of Ministry of Finance manages CSMBS as one among civil servant welfare programmes. Their purchasing is passive. Fee for service payment for outpatient care has resulted in rapid cost escalation and overspending of their annual budget. In contrast, National Health Security Office (NHSO) manages purchasing for UCS, which undertakes a range of strategic purchasing actions, including applying closed ended provider payment, promoting primary healthcare's gate keeping functions, exercising collective purchasing power and engaging views of members in decision making process. This difference in purchasing arrangements resulted in expenditure per CSMBS member being 4 times higher than UCS in 2014. The governance of the purchaser organization, the design of the purchasing arrangements including incentives and use of information, and the institutional capacities to implement purchasing functions are essential for effective strategic purchasing which can improve health system efficiency as a whole.

A Provably Secure Aggregate Signature Scheme for Healthcare Wireless Sensor Networks.

Science.gov (United States)

Shen, Limin; Ma, Jianfeng; Liu, Ximeng; Miao, Meixia

2016-11-01

Wireless sensor networks (WSNs) are being used in a wide range of applications for healthcare monitoring, like heart rate monitors and blood pressure monitors, which can minimize the need for healthcare professionals. In medical system, sensors on or in patients produce medical data which can be easily compromised by a vast of attacks. Although signature schemes can protect data authenticity and data integrity, when the number of users involved in the medical system becomes huge, the bandwidth and storage cost will rise sharply so that existing signature schemes are inapplicability for WSNs. In this paper, we propose an efficient aggregate signature scheme for healthcare WSNs according to an improved security model, which can combine multiple signatures into a single aggregate signature. The length of such an aggregate signature may be as long as that of an individual one, which can greatly decrease the bandwidth and storage cost for networks.

An adaptive chaos synchronization scheme applied to secure communication

International Nuclear Information System (INIS)

Feki, Moez

2003-01-01

This paper deals with the problem of synchronization of a class of continuous-time chaotic systems using the drive-response concept. An adaptive observer-based response system is designed to synchronize with a given chaotic drive system whose dynamical model is subjected to unknown parameters. Using the Lyapunov stability theory an adaptation law is derived to estimate the unknown parameters. We show that synchronization is achieved asymptotically. The approach is next applied to chaos-based secure communication. To demonstrate the efficiency of the proposed scheme numerical simulations are presented

A lightweight security scheme for wireless body area networks: design, energy evaluation and proposed microprocessor design.

Science.gov (United States)

Selimis, Georgios; Huang, Li; Massé, Fabien; Tsekoura, Ioanna; Ashouei, Maryam; Catthoor, Francky; Huisken, Jos; Stuyt, Jan; Dolmans, Guido; Penders, Julien; De Groot, Harmke

2011-10-01

In order for wireless body area networks to meet widespread adoption, a number of security implications must be explored to promote and maintain fundamental medical ethical principles and social expectations. As a result, integration of security functionality to sensor nodes is required. Integrating security functionality to a wireless sensor node increases the size of the stored software program in program memory, the required time that the sensor's microprocessor needs to process the data and the wireless network traffic which is exchanged among sensors. This security overhead has dominant impact on the energy dissipation which is strongly related to the lifetime of the sensor, a critical aspect in wireless sensor network (WSN) technology. Strict definition of the security functionality, complete hardware model (microprocessor and radio), WBAN topology and the structure of the medium access control (MAC) frame are required for an accurate estimation of the energy that security introduces into the WBAN. In this work, we define a lightweight security scheme for WBAN, we estimate the additional energy consumption that the security scheme introduces to WBAN based on commercial available off-the-shelf hardware components (microprocessor and radio), the network topology and the MAC frame. Furthermore, we propose a new microcontroller design in order to reduce the energy consumption of the system. Experimental results and comparisons with other works are given.

Robust anonymous authentication scheme for telecare medical information systems.

Science.gov (United States)

Xie, Qi; Zhang, Jun; Dong, Na

2013-04-01

Patient can obtain sorts of health-care delivery services via Telecare Medical Information Systems (TMIS). Authentication, security, patient's privacy protection and data confidentiality are important for patient or doctor accessing to Electronic Medical Records (EMR). In 2012, Chen et al. showed that Khan et al.'s dynamic ID-based authentication scheme has some weaknesses and proposed an improved scheme, and they claimed that their scheme is more suitable for TMIS. However, we show that Chen et al.'s scheme also has some weaknesses. In particular, Chen et al.'s scheme does not provide user's privacy protection and perfect forward secrecy, is vulnerable to off-line password guessing attack and impersonation attack once user's smart card is compromised. Further, we propose a secure anonymity authentication scheme to overcome their weaknesses even an adversary can know all information stored in smart card.

A Hybrid Secure Scheme for Wireless Sensor Networks against Timing Attacks Using Continuous-Time Markov Chain and Queueing Model.

Science.gov (United States)

Meng, Tianhui; Li, Xiaofan; Zhang, Sha; Zhao, Yubin

2016-09-28

Wireless sensor networks (WSNs) have recently gained popularity for a wide spectrum of applications. Monitoring tasks can be performed in various environments. This may be beneficial in many scenarios, but it certainly exhibits new challenges in terms of security due to increased data transmission over the wireless channel with potentially unknown threats. Among possible security issues are timing attacks, which are not prevented by traditional cryptographic security. Moreover, the limited energy and memory resources prohibit the use of complex security mechanisms in such systems. Therefore, balancing between security and the associated energy consumption becomes a crucial challenge. This paper proposes a secure scheme for WSNs while maintaining the requirement of the security-performance tradeoff. In order to proceed to a quantitative treatment of this problem, a hybrid continuous-time Markov chain (CTMC) and queueing model are put forward, and the tradeoff analysis of the security and performance attributes is carried out. By extending and transforming this model, the mean time to security attributes failure is evaluated. Through tradeoff analysis, we show that our scheme can enhance the security of WSNs, and the optimal rekeying rate of the performance and security tradeoff can be obtained.

Consolidating the social health insurance schemes in China: towards an equitable and efficient health system.

Science.gov (United States)

Meng, Qingyue; Fang, Hai; Liu, Xiaoyun; Yuan, Beibei; Xu, Jin

2015-10-10

Fragmentation in social health insurance schemes is an important factor for inequitable access to health care and financial protection for people covered by different health insurance schemes in China. To fulfil its commitment of universal health coverage by 2020, the Chinese Government needs to prioritise addressing this issue. After analysing the situation of fragmentation, this Review summarises efforts to consolidate health insurance schemes both in China and internationally. Rural migrants, elderly people, and those with non-communicable diseases in China will greatly benefit from consolidation of the existing health insurance schemes with extended funding pools, thereby narrowing the disparities among health insurance schemes in fund level and benefit package. Political commitments, institutional innovations, and a feasible implementation plan are the major elements needed for success in consolidation. Achievement of universal health coverage in China needs systemic strategies including consolidation of the social health insurance schemes. Copyright © 2015 Elsevier Ltd. All rights reserved.

Seluge++: a secure over-the-air programming scheme in wireless sensor networks.

Science.gov (United States)

Doroodgar, Farzan; Abdur Razzaque, Mohammad; Isnin, Ismail Fauzi

2014-03-11

Over-the-air dissemination of code updates in wireless sensor networks have been researchers' point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN) nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare). Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge.

Faithful One-way Trip Deterministic Secure Quantum Communication Scheme Against Collective Rotating Noise Based on Order Rearrangement of Photon Pairs

Science.gov (United States)

Yuan, Hao; Zhang, Qin; Hong, Liang; Yin, Wen-jie; Xu, Dong

2014-08-01

We present a novel scheme for deterministic secure quantum communication (DSQC) over collective rotating noisy channel. Four special two-qubit states are found can constitute a noise-free subspaces, and so are utilized as quantum information carriers. In this scheme, the information carriers transmite over the quantum channel only one time, which can effectively reduce the influence of other noise existing in quantum channel. The information receiver need only perform two single-photon collective measurements to decode the secret messages, which can make the present scheme more convenient in practical application. It will be showed that our scheme has a relatively high information capacity and intrisic efficiency. Foremostly, the decoy photon pair checking technique and the order rearrangement of photon pairs technique guarantee that the present scheme is unconditionally secure.

Bayelsa, in search of a sustainable health financing scheme ...

African Journals Online (AJOL)

Journal Home > Vol 23, No 1 (2017) > ... Background: A sustainable health care financing scheme has been difficult to ... These meagre allocations were because the same source that funds patient care services also funds health research, capital ... a sustainable health financing scheme will depend on a health system that ...

An Energy-Efficient Secure Routing and Key Management Scheme for Mobile Sinks in Wireless Sensor Networks Using Deployment Knowledge

Directory of Open Access Journals (Sweden)

Le Xuan Hung

2008-12-01

Full Text Available For many sensor network applications such as military or homeland security, it is essential for users (sinks to access the sensor network while they are moving. Sink mobility brings new challenges to secure routing in large-scale sensor networks. Previous studies on sink mobility have mainly focused on efficiency and effectiveness of data dissemination without security consideration. Also, studies and experiences have shown that considering security during design time is the best way to provide security for sensor network routing. This paper presents an energy-efficient secure routing and key management for mobile sinks in sensor networks, called SCODEplus. It is a significant extension of our previous study in five aspects: (1 Key management scheme and routing protocol are considered during design time to increase security and efficiency; (2 The network topology is organized in a hexagonal plane which supports more efficiency than previous square-grid topology; (3 The key management scheme can eliminate the impacts of node compromise attacks on links between non-compromised nodes; (4 Sensor node deployment is based on Gaussian distribution which is more realistic than uniform distribution; (5 No GPS or like is required to provide sensor node location information. Our security analysis demonstrates that the proposed scheme can defend against common attacks in sensor networks including node compromise attacks, replay attacks, selective forwarding attacks, sinkhole and wormhole, Sybil attacks, HELLO flood attacks. Both mathematical and simulation-based performance evaluation show that the SCODEplus significantly reduces the communication overhead, energy consumption, packet delivery latency while it always delivers more than 97 percent of packets successfully.

A two layer chaotic encryption scheme of secure image transmission for DCT precoded OFDM-VLC transmission

Science.gov (United States)

Wang, Zhongpeng; Chen, Fangni; Qiu, Weiwei; Chen, Shoufa; Ren, Dongxiao

2018-03-01

In this paper, a two-layer image encryption scheme for a discrete cosine transform (DCT) precoded orthogonal frequency division multiplexing (OFDM) visible light communication (VLC) system is proposed. Firstly, in the proposed scheme the transmitted image is first encrypted by a chaos scrambling sequence,which is generated from the hybrid 4-D hyper- and Arnold map in the upper-layer. After that, the encrypted image is converted into digital QAM modulation signal, which is re-encrypted by chaos scrambling sequence based on Arnold map in physical layer to further enhance the security of the transmitted image. Moreover, DCT precoding is employed to improve BER performance of the proposed system and reduce the PAPR of OFDM signal. The BER and PAPR performances of the proposed system are evaluated by simulation experiments. The experiment results show that the proposed two-layer chaos scrambling schemes achieve image secure transmission for image-based OFDM VLC. Furthermore, DCT precoding can reduce the PAPR and improve the BER performance of OFDM-based VLC.

Secure searching of biomarkers through hybrid homomorphic encryption scheme.

Science.gov (United States)

Kim, Miran; Song, Yongsoo; Cheon, Jung Hee

2017-07-26

As genome sequencing technology develops rapidly, there has lately been an increasing need to keep genomic data secure even when stored in the cloud and still used for research. We are interested in designing a protocol for the secure outsourcing matching problem on encrypted data. We propose an efficient method to securely search a matching position with the query data and extract some information at the position. After decryption, only a small amount of comparisons with the query information should be performed in plaintext state. We apply this method to find a set of biomarkers in encrypted genomes. The important feature of our method is to encode a genomic database as a single element of polynomial ring. Since our method requires a single homomorphic multiplication of hybrid scheme for query computation, it has the advantage over the previous methods in parameter size, computation complexity, and communication cost. In particular, the extraction procedure not only prevents leakage of database information that has not been queried by user but also reduces the communication cost by half. We evaluate the performance of our method and verify that the computation on large-scale personal data can be securely and practically outsourced to a cloud environment during data analysis. It takes about 3.9 s to search-and-extract the reference and alternate sequences at the queried position in a database of size 4M. Our solution for finding a set of biomarkers in DNA sequences shows the progress of cryptographic techniques in terms of their capability can support real-world genome data analysis in a cloud environment.

A Secure Scheme for Distributed Consensus Estimation against Data Falsification in Heterogeneous Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Shichao Mi

2016-02-01

Full Text Available Heterogeneous wireless sensor networks (HWSNs can achieve more tasks and prolong the network lifetime. However, they are vulnerable to attacks from the environment or malicious nodes. This paper is concerned with the issues of a consensus secure scheme in HWSNs consisting of two types of sensor nodes. Sensor nodes (SNs have more computation power, while relay nodes (RNs with low power can only transmit information for sensor nodes. To address the security issues of distributed estimation in HWSNs, we apply the heterogeneity of responsibilities between the two types of sensors and then propose a parameter adjusted-based consensus scheme (PACS to mitigate the effect of the malicious node. Finally, the convergence property is proven to be guaranteed, and the simulation results validate the effectiveness and efficiency of PACS.

Verifier-based three-party authentication schemes using extended chaotic maps for data exchange in telecare medicine information systems.

Science.gov (United States)

Lee, Tian-Fu

2014-12-01

Telecare medicine information systems provide a communicating platform for accessing remote medical resources through public networks, and help health care workers and medical personnel to rapidly making correct clinical decisions and treatments. An authentication scheme for data exchange in telecare medicine information systems enables legal users in hospitals and medical institutes to establish a secure channel and exchange electronic medical records or electronic health records securely and efficiently. This investigation develops an efficient and secure verified-based three-party authentication scheme by using extended chaotic maps for data exchange in telecare medicine information systems. The proposed scheme does not require server's public keys and avoids time-consuming modular exponential computations and scalar multiplications on elliptic curve used in previous related approaches. Additionally, the proposed scheme is proven secure in the random oracle model, and realizes the lower bounds of messages and rounds in communications. Compared to related verified-based approaches, the proposed scheme not only possesses higher security, but also has lower computational cost and fewer transmissions. Copyright © 2014 Elsevier Ireland Ltd. All rights reserved.

Secure and Efficient Access Control Scheme for Wireless Sensor Networks in the Cross-Domain Context of the IoT

Directory of Open Access Journals (Sweden)

Ming Luo

2018-01-01

Full Text Available Nowadays wireless sensor network (WSN is increasingly being used in the Internet of Things (IoT for data collection, and design of an access control scheme that allows an Internet user as part of IoT to access the WSN becomes a hot topic. A lot of access control schemes have been proposed for the WSNs in the context of the IoT. Nevertheless, almost all of these schemes assume that communication nodes in different network domains share common system parameters, which is not suitable for cross-domain IoT environment in practical situations. To solve this shortcoming, we propose a more secure and efficient access control scheme for wireless sensor networks in the cross-domain context of the Internet of Things, which allows an Internet user in a certificateless cryptography (CLC environment to communicate with a sensor node in an identity-based cryptography (IBC environment with different system parameters. Moreover, our proposed scheme achieves known session-specific temporary information security (KSSTIS that most of access control schemes cannot satisfy. Performance analysis is given to show that our scheme is well suited for wireless sensor networks in the cross-domain context of the IoT.

Health security as a public health concept: a critical analysis.

Science.gov (United States)

Aldis, William

2008-11-01

There is growing acceptance of the concept of health security. However, there are various and incompatible definitions, incomplete elaboration of the concept of health security in public health operational terms, and insufficient reconciliation of the health security concept with community-based primary health care. More important, there are major differences in understanding and use of the concept in different settings. Policymakers in industrialized countries emphasize protection of their populations especially against external threats, for example terrorism and pandemics; while health workers and policymakers in developing countries and within the United Nations system understand the term in a broader public health context. Indeed, the concept is used inconsistently within the UN agencies themselves, for example the World Health Organization's restrictive use of the term 'global health security'. Divergent understandings of 'health security' by WHO's member states, coupled with fears of hidden national security agendas, are leading to a breakdown of mechanisms for global cooperation such as the International Health Regulations. Some developing countries are beginning to doubt that internationally shared health surveillance data is used in their best interests. Resolution of these incompatible understandings is a global priority.

Global Health Security

Centers for Disease Control (CDC) Podcasts

2017-09-21

Dr. Jordan Tappero, a CDC senior advisor on global health, discusses the state of global health security.  Created: 9/21/2017 by National Center for Emerging and Zoonotic Infectious Diseases (NCEZID), Center for Global Health (CGH).   Date Released: 9/21/2017.

Dynamic Group Management Scheme for Sustainable and Secure Information Sensing in IoT

Directory of Open Access Journals (Sweden)

Hyungjoo Kim

2016-10-01

Full Text Available The services provided to users in the environment associated with the Internet of Things (hereinafter referred to as IoT begin with the information collected from sensors. It is imperative to transmit high-quality sensor data for providing better services. It is also required to collect data only from those authenticated sensors. Moreover, it is imperative to collect high-quality data on a sustainable and continuous basis in order to provide services anytime and anywhere in the IoT environment. Therefore, high-quality, authenticated sensor networks should be constructed. The most prominent routing protocol to enhance the energy consumption efficiency for the sustainable data collection in a sensor network is the LEACH routing protocol. The LEACH routing protocol transmits sensor data by measuring the energy of sensors and allocating sensor groups dynamically. However, these sensor networks have vulnerabilities such as key leakage, eavesdropping, replay attack and relay attack, given the nature of wireless network communication. A large number of security techniques have been studied in order to solve these vulnerabilities. Nonetheless, these studies still cannot support the dynamic sensor group allocation of the LEACH routing protocol. Furthermore, they are not suitable for the sensor nodes whose hardware computing ability and energy resources are limited. Therefore, this paper proposed a group sensor communication protocol that utilizes only the four fundamental arithmetic operations and logical operation for the sensor node authentication and secure data transmission. Through the security analysis, this paper verified that the proposed scheme was secure to the vulnerabilities resulting from the nature of wireless network communication. Moreover, this paper verified through the performance analysis that the proposed scheme could be utilized efficiently.

A secure communication scheme based generalized function projective synchronization of a new 5D hyperchaotic system

International Nuclear Information System (INIS)

Wu, Xiangjun; Fu, Zhengye; Kurths, Jürgen

2015-01-01

In this paper, a new five-dimensional hyperchaotic system is proposed based on the Lü hyperchaotic system. Some of its basic dynamical properties, such as equilibria, Lyapunov exponents, bifurcations and various attractors are investigated. Furthermore, a new secure communication scheme based on generalized function projective synchronization (GFPS) of this hyperchaotic system with an uncertain parameter is presented. The communication scheme is composed of the modulation, the chaotic receiver, the chaotic transmitter and the demodulation. The modulation mechanism is to modulate the message signal into the system parameter. Then the chaotic signals are sent to the receiver via a public channel. In the receiver end, by designing the controllers and the parameter update rule, GFPS between the transmitter and receiver systems is achieved and the unknown parameter is estimated simultaneously. The message signal can be finally recovered by the identified parameter and the corresponding demodulation method. There is no any limitation on the message size. Numerical simulations are performed to show the validity and feasibility of the presented secure communication scheme. (paper)

Security Techniques for the Electronic Health Records.

Science.gov (United States)

Kruse, Clemens Scott; Smith, Brenna; Vanderlinden, Hannah; Nealand, Alexandra

2017-08-01

The privacy of patients and the security of their information is the most imperative barrier to entry when considering the adoption of electronic health records in the healthcare industry. Considering current legal regulations, this review seeks to analyze and discuss prominent security techniques for healthcare organizations seeking to adopt a secure electronic health records system. Additionally, the researchers sought to establish a foundation for further research for security in the healthcare industry. The researchers utilized the Texas State University Library to gain access to three online databases: PubMed (MEDLINE), CINAHL, and ProQuest Nursing and Allied Health Source. These sources were used to conduct searches on literature concerning security of electronic health records containing several inclusion and exclusion criteria. Researchers collected and analyzed 25 journals and reviews discussing security of electronic health records, 20 of which mentioned specific security methods and techniques. The most frequently mentioned security measures and techniques are categorized into three themes: administrative, physical, and technical safeguards. The sensitive nature of the information contained within electronic health records has prompted the need for advanced security techniques that are able to put these worries at ease. It is imperative for security techniques to cover the vast threats that are present across the three pillars of healthcare.

Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks.

Science.gov (United States)

Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

2017-03-21

At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al's method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration.

Watermarking security

CERN Document Server

Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

2016-01-01

This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

Can conditional cash transfers improve the uptake of nutrition interventions and household food security? Evidence from Odisha's Mamata scheme.

Directory of Open Access Journals (Sweden)

Kalyani Raghunathan

Full Text Available There is considerable global evidence on the effectiveness of cash transfers in improving health and nutrition outcomes; however, the evidence from South Asia, particularly India, is limited. In the context of India where more than a third of children are undernourished, and where there is considerable under-utilization of health and nutrition interventions, it is opportune to investigate the impact of cash transfer programs on the use of interventions. We study one conditional cash transfer program, Mamata scheme, implemented in the state of Odisha, in India that targeted pregnant and lactating women. Using survey data on 1161 households from three districts in the state of Odisha, we examine the effect of the scheme on eight outcomes: 1 pregnancy registration; 2 receipt of antenatal services; 3 receipt of iron and folic acid (IFA tablets; 4 exposure to counseling during pregnancy; 5 exposure to postnatal counseling; 6 exclusive breastfeeding; 7 full immunization; and 8 household food security. We conduct regression analyses and correct for endogeneity using nearest-neighbor matching and inverse-probability weighting models. We find that the receipt of payments from the Mamata scheme is associated with a 5 percentage point (pp increase in the likelihood of receiving antenatal services, a 10 pp increase in the likelihood of receiving IFA tablets, and a decline of 0.84 on the Household Food Insecurity Access Scale. These results provide the first quantitative estimates of effects associated with the Mamata scheme, which can inform the design of government policies related to conditional cash transfers.

Secure Authentication and Prescription Safety Protocol for Telecare Health Services Using Ubiquitous IoT

Directory of Open Access Journals (Sweden)

Zahid Mahmood

2017-10-01

Full Text Available Internet-of-Things (IoT include a large number of devices that can communicate across different networks. Cyber-Physical Systems (CPS also includes a number of devices connected to the internet where wearable devices are also included. Both systems enable researchers to develop healthcare systems with additional intelligence as well as prediction capabilities both for lifestyle and in hospitals. It offers as much persistence as a platform to ubiquitous healthcare by using wearable sensors to transfer the information over servers, smartphones, and other smart devices in the Telecare Medical Information System (TMIS. Security is a challenging issue in TMIS, and resourceful access to health care services requires user verification and confidentiality. Existing schemes lack in ensuring reliable prescription safety along with authentication. This research presents a Secure Authentication and Prescription Safety (SAPS protocol to ensure secure communication between the patient, doctor/nurse, and the trusted server. The proposed procedure relies upon the efficient elliptic curve cryptosystem which can generate a symmetric secure key to ensure secure data exchange between patients and physicians after successful authentication of participants individually. A trusted server is involved for mutual authentication between parties and then generates a common key after completing the validation process. Moreover, the scheme is verified by doing formal modeling using Rubin Logic and validated using simulations in NS-2.35. We have analyzed the SAPS against security attacks, and then performance analysis is elucidated. Results prove the dominance of SAPS over preliminaries regarding mutual authentication, message integrity, freshness, and session key management and attack prevention.

Public Health Crisis in War and Conflict - Health Security in Aggregate.

Science.gov (United States)

Quinn, John; Zelený, Tomáš; Subramaniam, Rammika; Bencko, Vladimír

2017-03-01

Public health status of populations is multifactorial and besides other factors it is linked to war and conflict. Public health crisis can erupt when states go to war or are invaded; health security may be reduced for affected populations. This study reviews in aggregate multiple indices of human security, human development and legitimacy of the state in order to describe a predictable global health portrait. Paradigm shift of large global powers to that non-state actors and proxies impact regional influence through scaled conflict and present major global health challenges for policy makers. Small scale conflict with large scale violence threatens health security for at-risk populations. The paper concludes that health security is directly proportional to state security. Copyright© by the National Institute of Public Health, Prague 2017

Improving computer security by health smart card.

Science.gov (United States)

Nisand, Gabriel; Allaert, François-André; Brézillon, Régine; Isphording, Wilhem; Roeslin, Norbert

2003-01-01

The University hospitals of Strasbourg have worked for several years on the computer security of the medical data and have of this fact be the first to use the Health Care Professional Smart Card (CPS). This new tool must provide security to the information processing systems and especially to the medical data exchanges between the partners who collaborate to the care of the Beyond the purely data-processing aspects of the functions of safety offered by the CPS, safety depends above all on the practices on the users, their knowledge concerning the legislation, the risks and the stakes, of their adhesion to the procedures and protections installations. The aim of this study is to evaluate this level of knowledge, the practices and the feelings of the users concerning the computer security of the medical data, to check the relevance of the step taken, and if required, to try to improve it. The survey by questionnaires involved 648 users. The practices of users in terms of data security are clearly improved by the implementation of the security server and the use of the CPS system, but security breaches due to bad practices are not however completely eliminated. That confirms that is illusory to believe that data security is first and foremost a technical issue. Technical measures are of course indispensable, but the greatest efforts are required after their implementation and consist in making the key players [2], i.e. users, aware and responsible. However, it must be stressed that the user-friendliness of the security interface has a major effect on the results observed. For instance, it is highly probable that the bad practices continued or introduced upon the implementation of the security server and CPS scheme are due to the complicated nature or functional defects of the proposed solution, which must therefore be improved. Besides, this is only the pilot phase and card holders can be expected to become more responsible as time goes by, along with the gradual

A privacy authentication scheme based on cloud for medical environment.

Science.gov (United States)

Chen, Chin-Ling; Yang, Tsai-Tung; Chiang, Mao-Lun; Shih, Tzay-Farn

2014-11-01

With the rapid development of the information technology, the health care technologies already became matured. Such as electronic medical records that can be easily stored. However, how to get medical resources more convenient is currently concerning issue. In spite of many literatures discussed about medical systems, these literatures should face many security challenges. The most important issue is patients' privacy. Therefore, we propose a privacy authentication scheme based on cloud environment. In our scheme, we use mobile device's characteristics, allowing peoples to use medical resources on the cloud environment to find medical advice conveniently. The digital signature is used to ensure the security of the medical information that is certified by the medical department in our proposed scheme.

Alternative health insurance schemes

DEFF Research Database (Denmark)

Keiding, Hans; Hansen, Bodil O.

2002-01-01

In this paper, we present a simple model of health insurance with asymmetric information, where we compare two alternative ways of organizing the insurance market. Either as a competitive insurance market, where some risks remain uninsured, or as a compulsory scheme, where however, the level...... competitive insurance; this situation turns out to be at least as good as either of the alternatives...

Risk factors for oral diseases among workers with and without dental insurance in a national social security scheme in India.

Science.gov (United States)

Singh, Abhinav; Purohit, Bharathi M; Masih, Nitin; Kahndelwal, Praveen Kumar

2014-04-01

The target population for this cross sectional study comprises subjects with and without social security in a national social security scheme. The study aimed to compare and assess the risk factors for oral diseases among insured (organised sector) and non-insured workers (unorganised sector) in New Delhi, India. The sample comprised a total of 2,752 subjects. Of these, 960 workers belonged to the formal or organised sector with a social security and dental health insurance and 1,792 had no social security or dental insurance from the informal or unorganised sector. Significant differences were noted between the two groups for literacy levels, between-meal sugar consumption, tobacco-related habits and utilisation of dental care. Bleeding/calculus and periodontal pockets were present among 25% and 65.4% of insured workers, respectively. Similarly, 13.6% and 84.5% of non-insured workers had bleeding/calculus and periodontal pockets, respectively. The mean DMFT (decayed, missing, filled teeth) value among the insured workers and non-insured workers was 3.27 ± 1.98 and 3.75 ± 1.80, respectively. The association between absence of health insurance and dental caries was evident with an odds ratio (OR) of 1.94. Subjects with below graduate education were more prone to dental caries (OR = 1.62). Subjects who cleaned their teeth two or more times a day were less likely to have dental caries (OR = 1.47). Utilisation of dental care was inversely related to dental caries (OR = 1.25). The major risk factors for oral diseases in both the groups with similar socio-economic status were the lack of social security and health insurance, low literacy levels, high tobacco consumption and low levels of dental care utilisation. © 2013 FDI World Dental Federation.

Efficient Anonymous Authenticated Key Agreement Scheme for Wireless Body Area Networks

Directory of Open Access Journals (Sweden)

Tong Li

2017-01-01

Full Text Available Wireless body area networks (WBANs are widely used in telemedicine, which can be utilized for real-time patients monitoring and home health-care. The sensor nodes in WBANs collect the client’s physiological data and transmit it to the medical center. However, the clients’ personal information is sensitive and there are many security threats in the extra-body communication. Therefore, the security and privacy of client’s physiological data need to be ensured. Many authentication protocols for WBANs have been proposed in recent years. However, the existing protocols fail to consider the key update phase. In this paper, we propose an efficient authenticated key agreement scheme for WBANs and add the key update phase to enhance the security of the proposed scheme. In addition, session keys are generated during the registration phase and kept secretly, thus reducing computation cost in the authentication phase. The performance analysis demonstrates that our scheme is more efficient than the currently popular related schemes.

Cancelable remote quantum fingerprint templates protection scheme

International Nuclear Information System (INIS)

Liao Qin; Guo Ying; Huang Duan

2017-01-01

With the increasing popularity of fingerprint identification technology, its security and privacy have been paid much attention. Only the security and privacy of biological information are insured, the biological technology can be better accepted and used by the public. In this paper, we propose a novel quantum bit (qbit)-based scheme to solve the security and privacy problem existing in the traditional fingerprint identification system. By exploiting the properties of quantm mechanics, our proposed scheme, cancelable remote quantum fingerprint templates protection scheme, can achieve the unconditional security guaranteed in an information-theoretical sense. Moreover, this novel quantum scheme can invalidate most of the attacks aimed at the fingerprint identification system. In addition, the proposed scheme is applicable to the requirement of remote communication with no need to worry about its security and privacy during the transmission. This is an absolute advantage when comparing with other traditional methods. Security analysis shows that the proposed scheme can effectively ensure the communication security and the privacy of users’ information for the fingerprint identification. (paper)

Design of Secure and Lightweight Authentication Protocol for Wearable Devices Environment.

Science.gov (United States)

Das, Ashok Kumar; Wazid, Mohammad; Kumar, Neeraj; Khan, Muhammad Khurram; Choo, Kim-Kwang Raymond; Park, YoungHo

2017-09-18

Wearable devices are used in various applications to collect information including step information, sleeping cycles, workout statistics, and health related information. Due to the nature and richness of the data collected by such devices, it is important to ensure the security of the collected data. This paper presents a new lightweight authentication scheme suitable for wearable device deployment. The scheme allows a user to mutually authenticate his/her wearable device(s) and the mobile terminal (e.g., Android and iOS device) and establish a session key among these devices (worn and carried by the same user) for secure communication between the wearable device and the mobile terminal. The security of the proposed scheme is then demonstrated through the broadly-accepted Real-Or-Random model, as well as using the popular formal security verification tool, known as the Automated Validation of Internet Security Protocols and Applications (AVISPA). Finally, we present a comparative summary of the proposed scheme in terms of the overheads such as computation and communication costs, security and functionality features of the proposed scheme and related schemes, and also the evaluation findings from the NS2 simulation.

PKI-based secure mobile access to electronic health services and data.

Science.gov (United States)

Kambourakis, G; Maglogiannis, I; Rouskas, A

2005-01-01

Recent research works examine the potential employment of public-key cryptography schemes in e-health environments. In such systems, where a Public Key Infrastructure (PKI) is established beforehand, Attribute Certificates (ACs) and public key enabled protocols like TLS, can provide the appropriate mechanisms to effectively support authentication, authorization and confidentiality services. In other words, mutual trust and secure communications between all the stakeholders, namely physicians, patients and e-health service providers, can be successfully established and maintained. Furthermore, as the recently introduced mobile devices with access to computer-based patient record systems are expanding, the need of physicians and nurses to interact increasingly with such systems arises. Considering public key infrastructure requirements for mobile online health networks, this paper discusses the potential use of Attribute Certificates (ACs) in an anticipated trust model. Typical trust interactions among doctors, patients and e-health providers are presented, indicating that resourceful security mechanisms and trust control can be obtained and implemented. The application of attribute certificates to support medical mobile service provision along with the utilization of the de-facto TLS protocol to offer competent confidentiality and authorization services is also presented and evaluated through experimentation, using both the 802.11 WLAN and General Packet Radio Service (GPRS) networks.

Security analysis and improvement of a privacy authentication scheme for telecare medical information systems.

Science.gov (United States)

Wu, Fan; Xu, Lili

2013-08-01

Nowadays, patients can gain many kinds of medical service on line via Telecare Medical Information Systems(TMIS) due to the fast development of computer technology. So security of communication through network between the users and the server is very significant. Authentication plays an important part to protect information from being attacked by malicious attackers. Recently, Jiang et al. proposed a privacy enhanced scheme for TMIS using smart cards and claimed their scheme was better than Chen et al.'s. However, we have showed that Jiang et al.'s scheme has the weakness of ID uselessness and is vulnerable to off-line password guessing attack and user impersonation attack if an attacker compromises the legal user's smart card. Also, it can't resist DoS attack in two cases: after a successful impersonation attack and wrong password input in Password change phase. Then we propose an improved mutual authentication scheme used for a telecare medical information system. Remote monitoring, checking patients' past medical history record and medical consultant can be applied in the system where information transmits via Internet. Finally, our analysis indicates that the suggested scheme overcomes the disadvantages of Jiang et al.'s scheme and is practical for TMIS.

Three-pass protocol scheme for bitmap image security by using vernam cipher algorithm

Science.gov (United States)

Rachmawati, D.; Budiman, M. A.; Aulya, L.

2018-02-01

Confidentiality, integrity, and efficiency are the crucial aspects of data security. Among the other digital data, image data is too prone to abuse of operation like duplication, modification, etc. There are some data security techniques, one of them is cryptography. The security of Vernam Cipher cryptography algorithm is very dependent on the key exchange process. If the key is leaked, security of this algorithm will collapse. Therefore, a method that minimizes key leakage during the exchange of messages is required. The method which is used, is known as Three-Pass Protocol. This protocol enables message delivery process without the key exchange. Therefore, the sending messages process can reach the receiver safely without fear of key leakage. The system is built by using Java programming language. The materials which are used for system testing are image in size 200×200 pixel, 300×300 pixel, 500×500 pixel, 800×800 pixel and 1000×1000 pixel. The result of experiments showed that Vernam Cipher algorithm in Three-Pass Protocol scheme could restore the original image.

INFORMATION FROM THE CERN HEALTH INSURANCE SCHEME

CERN Document Server

Tel : 7-3635

2002-01-01

Please note that, from 1 July 2002, the tariff agreement between CERN and the Hôpital de la Tour will no longer be in force. As a result the members of the CERN Health Insurance Scheme will no longer obtain a 5% discount for quick payment of bills. More information on the termination of the agreement and the implications for our Health Insurance Scheme will be provided in the next issue of the CHIS Bull', due for publication in the first half of July. It will be sent to your home address, so, if you have moved recently, please check that your divisional secretariat has your current address. Tel.: 73635 The Organization's Health Insurance Scheme (CHIS) has launched its own Web pages, located on the Website of the Social & Statutory Conditions Group of HR Division (HR-SOC). The address is short and easy-to-remember www.cern.ch/chis The pages currently available concentrate on providing basic information. Over the coming months it is planned to fill out the details and introduce new topics. Please give us ...

Relaxing Chosen-Ciphertext Security

DEFF Research Database (Denmark)

Canetti, Ran; Krawczyk, Hugo; Nielsen, Jesper Buus

2003-01-01

Security against adaptive chosen ciphertext attacks (or, CCA security) has been accepted as the standard requirement from encryption schemes that need to withstand active attacks. In particular, it is regarded as the appropriate security notion for encryption schemes used as components within...... general protocols and applications. Indeed, CCA security was shown to suffice in a large variety of contexts. However, CCA security often appears to be somewhat too strong: there exist encryption schemes (some of which come up naturally in practice) that are not CCA secure, but seem sufficiently secure...... “for most practical purposes.” We propose a relaxed variant of CCA security, called Replayable CCA (RCCA) security. RCCA security accepts as secure the non-CCA (yet arguably secure) schemes mentioned above; furthermore, it suffices for most existing applications of CCA security. We provide three...

Outcome-based health equity across different social health insurance schemes for the elderly in China.

Science.gov (United States)

Liu, Xiaoting; Wong, Hung; Liu, Kai

2016-01-14

Against the achievement of nearly universal coverage for social health insurance for the elderly in China, a problem of inequity among different insurance schemes on health outcomes is still a big challenge for the health care system. Whether various health insurance schemes have divergent effects on health outcome is still a puzzle. Empirical evidence will be investigated in this study. This study employs a nationally representative survey database, the National Survey of the Aged Population in Urban/Rural China, to compare the changes of health outcomes among the elderly before and after the reform. A one-way ANOVA is utilized to detect disparities in health care expenditures and health status among different health insurance schemes. Multiple Linear Regression is applied later to examine the further effects of different insurance plans on health outcomes while controlling for other social determinants. The one-way ANOVA result illustrates that although the gaps in insurance reimbursements between the Urban Employee Basic Medical Insurance (UEBMI) and the other schemes, the New Rural Cooperative Medical Scheme (NCMS) and Urban Residents Basic Medical Insurance (URBMI) decreased, out-of-pocket spending accounts for a larger proportion of total health care expenditures, and the disparities among different insurances enlarged. Results of the Multiple Linear Regression suggest that UEBMI participants have better self-reported health status, physical functions and psychological wellbeing than URBMI and NCMS participants, and those uninsured. URBMI participants report better self-reported health than NCMS ones and uninsured people, while having worse psychological wellbeing compared with their NCMS counterparts. This research contributes to a transformation in health insurance studies from an emphasis on the opportunity-oriented health equity measured by coverage and healthcare accessibility to concern with outcome-based equity composed of health expenditure and health

Emerging Security Mechanisms for Medical Cyber Physical Systems.

Science.gov (United States)

Kocabas, Ovunc; Soyata, Tolga; Aktas, Mehmet K

2016-01-01

The following decade will witness a surge in remote health-monitoring systems that are based on body-worn monitoring devices. These Medical Cyber Physical Systems (MCPS) will be capable of transmitting the acquired data to a private or public cloud for storage and processing. Machine learning algorithms running in the cloud and processing this data can provide decision support to healthcare professionals. There is no doubt that the security and privacy of the medical data is one of the most important concerns in designing an MCPS. In this paper, we depict the general architecture of an MCPS consisting of four layers: data acquisition, data aggregation, cloud processing, and action. Due to the differences in hardware and communication capabilities of each layer, different encryption schemes must be used to guarantee data privacy within that layer. We survey conventional and emerging encryption schemes based on their ability to provide secure storage, data sharing, and secure computation. Our detailed experimental evaluation of each scheme shows that while the emerging encryption schemes enable exciting new features such as secure sharing and secure computation, they introduce several orders-of-magnitude computational and storage overhead. We conclude our paper by outlining future research directions to improve the usability of the emerging encryption schemes in an MCPS.

Communication security in open health care networks.

Science.gov (United States)

Blobel, B; Pharow, P; Engel, K; Spiegel, V; Krohn, R

1999-01-01

Fulfilling the shared care paradigm, health care networks providing open systems' interoperability in health care are needed. Such communicating and co-operating health information systems, dealing with sensitive personal medical information across organisational, regional, national or even international boundaries, require appropriate security solutions. Based on the generic security model, within the European MEDSEC project an open approach for secure EDI like HL7, EDIFACT, XDT or XML has been developed. The consideration includes both securing the message in an unsecure network and the transport of the unprotected information via secure channels (SSL, TLS etc.). Regarding EDI, an open and widely usable security solution has been specified and practically implemented for the examples of secure mailing and secure file transfer (FTP) via wrapping the sensitive information expressed by the corresponding protocols. The results are currently prepared for standardisation.

Health care professionals’ perception of security of personal health devices

Directory of Open Access Journals (Sweden)

Ondiege B

2017-04-01

Full Text Available Brian Ondiege, Malcolm Clarke Department of Computer Science, College of Engineering, Design and Physical Sciences, Brunel University London, UK Abstract: With the rapid advances in the capabilities of telehealth devices and their increasing connection to the Internet, security is becoming an issue of major concern. Therefore, the perceptions of the health care professionals regarding security are of interest, as the patients trust them to make informed decisions on issues concerning their privacy, data, and health. Eight health care professionals were interviewed to determine their perceptions and knowledge of security in health care. The research further examines one specific aspect of security which is considered of significant concern: the authenticity of a device being from the actual manufacturer and not a counterfeit. This research proposes device registration together with digital signatures and one-time passwords to address the issue of counterfeit remote patient-monitoring devices and identify and authenticate the user of the device. Keywords: telehealth security, health care professionals’ perception, personal health device, authentication

Social Protection Schemes in Pakistan: assessment of existing programs

Directory of Open Access Journals (Sweden)

Yu ShuHong

2017-07-01

Full Text Available Social protection is regarded as a basic human right guaranteed in several International Covenants and Treaties. The Constitution of Pakistan exclusively stipulates the provision of social security for all citizens of the country. The aim of the study is to explore and evaluate the social protection schemes with regards to its coverage, scope and outreach. The country has number of social security schemes that are being carried out by provincial and federal governments for the welfare of workers like old age benefits, disablement, health and medical facilities. However, these schemes have failed to extend their benefits to home based, part-time, temporary or contract and agricultural workers. This paper attempts to highlight the shortcomings of existing social protection programs that are obstructing their benefit distribution and limiting their outreach. It underlines the challenges faced by the implementing agencies. This paper also suggests some improvements in the structural design of social security mechanism with special focus on the scope, coverage, outreach and effective delivery mechanism. Since, the proper allocation of resources and effective implementation of these schemes can ensure the assistance and welfare of the targeted population.

Robust and efficient biometrics based password authentication scheme for telecare medicine information systems using extended chaotic maps.

Science.gov (United States)

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Xie, Dong; Yang, Yixian

2015-06-01

The Telecare Medicine Information Systems (TMISs) provide an efficient communicating platform supporting the patients access health-care delivery services via internet or mobile networks. Authentication becomes an essential need when a remote patient logins into the telecare server. Recently, many extended chaotic maps based authentication schemes using smart cards for TMISs have been proposed. Li et al. proposed a secure smart cards based authentication scheme for TMISs using extended chaotic maps based on Lee's and Jiang et al.'s scheme. In this study, we show that Li et al.'s scheme has still some weaknesses such as violation the session key security, vulnerability to user impersonation attack and lack of local verification. To conquer these flaws, we propose a chaotic maps and smart cards based password authentication scheme by applying biometrics technique and hash function operations. Through the informal and formal security analyses, we demonstrate that our scheme is resilient possible known attacks including the attacks found in Li et al.'s scheme. As compared with the previous authentication schemes, the proposed scheme is more secure and efficient and hence more practical for telemedical environments.

Utilization of health-care schemes: A ground reality of Indian scenario

Directory of Open Access Journals (Sweden)

Aditi Sharma

2018-01-01

Full Text Available Health-care system in a society must be built around the term of equity so that each individual should have equal opportunities for maintaining good health, but human societies are characterized by unevenness at every aspect, and it has even not spared the health-care system. Despite great improvements in the oral health status of population across the world, health problems continue to be a major public health concern. India's health system faces the ongoing challenge of responding to the needs of the most disadvantaged groups of the society. Thus, to reduce inequalities in health and ensuring equity in oral health care, India as one of the developing countries in the world have taken steps at center as well as state level to bridge the gap between poor and rich in terms of health care. These schemes are built to touch the lives of the remotest people in the country. The government is boosting its strategies and augmenting its reach mechanisms to ensure that not a soul is dispossessed of any benefits, which arise from the virtue of this scheme. The present review concludes that though these schemes appear to be pro-poor and are inclusive of disadvantaged minorities, the scheme suffers from adverse selection. These schemes have the potential to play an important role in India's move toward universal health coverage.

Quantum attack-resistent certificateless multi-receiver signcryption scheme.

Directory of Open Access Journals (Sweden)

Huixian Li

Full Text Available The existing certificateless signcryption schemes were designed mainly based on the traditional public key cryptography, in which the security relies on the hard problems, such as factor decomposition and discrete logarithm. However, these problems will be easily solved by the quantum computing. So the existing certificateless signcryption schemes are vulnerable to the quantum attack. Multivariate public key cryptography (MPKC, which can resist the quantum attack, is one of the alternative solutions to guarantee the security of communications in the post-quantum age. Motivated by these concerns, we proposed a new construction of the certificateless multi-receiver signcryption scheme (CLMSC based on MPKC. The new scheme inherits the security of MPKC, which can withstand the quantum attack. Multivariate quadratic polynomial operations, which have lower computation complexity than bilinear pairing operations, are employed in signcrypting a message for a certain number of receivers in our scheme. Security analysis shows that our scheme is a secure MPKC-based scheme. We proved its security under the hardness of the Multivariate Quadratic (MQ problem and its unforgeability under the Isomorphism of Polynomials (IP assumption in the random oracle model. The analysis results show that our scheme also has the security properties of non-repudiation, perfect forward secrecy, perfect backward secrecy and public verifiability. Compared with the existing schemes in terms of computation complexity and ciphertext length, our scheme is more efficient, which makes it suitable for terminals with low computation capacity like smart cards.

An Arbitrated Quantum Signature Scheme without Entanglement*

International Nuclear Information System (INIS)

Li Hui-Ran; Luo Ming-Xing; Peng Dai-Yuan; Wang Xiao-Jun

2017-01-01

Several quantum signature schemes are recently proposed to realize secure signatures of quantum or classical messages. Arbitrated quantum signature as one nontrivial scheme has attracted great interests because of its usefulness and efficiency. Unfortunately, previous schemes cannot against Trojan horse attack and DoS attack and lack of the unforgeability and the non-repudiation. In this paper, we propose an improved arbitrated quantum signature to address these secure issues with the honesty arbitrator. Our scheme takes use of qubit states not entanglements. More importantly, the qubit scheme can achieve the unforgeability and the non-repudiation. Our scheme is also secure for other known quantum attacks . (paper)

Rural health prepayment schemes in China: towards a more active role for government.

Science.gov (United States)

Bloom, G; Shenglan, T

1999-04-01

A large majority of China's rural population were members of health prepayment schemes in the 1970's. Most of these schemes collapsed during the transition to a market economy. Some localities subsequently reestablished schemes. In early 1997 a new government policy identified health prepayment as a major potential source of rural health finance. This paper draws on the experience of existing schemes to explore how government can support implementation of this policy. The decision to support the establishment of health prepayment schemes is part of the government's effort to establish new sources of finance for social services. It believes that individuals are more likely to accept voluntary contributions to a prepayment scheme than tax increases. The voluntary nature of the contributions limits the possibilities for risk-sharing and redistribution between rich and poor. This underlines the need for the government to fund a substantial share of health expenditure out of general revenues, particularly in poor localities. The paper notes that many successful prepayment schemes depend on close supervision by local political leaders. It argues that the national programme will have to translate these measures into a regulatory system which defines the responsibilities of scheme management bodies and local governments. A number of prepayment schemes have collapsed because members did not feel they got value for money. Local health bureaux will have to cooperate with prepayment schemes to ensure that health facilities provide good quality services at a reasonable cost. Users' representatives can also monitor performance. The paper concludes that government needs to clarify the relationship between health prepayment schemes and other actors in rural localities in order to increase the chance that schemes will become a major source rural health finance.

A Certificate Authority (CA-based cryptographic solution for HIPAA privacy/security regulations

Directory of Open Access Journals (Sweden)

Sangram Ray

2014-07-01

Full Text Available The Health Insurance Portability and Accountability Act (HIPAA passed by the US Congress establishes a number of privacy/security regulations for e-healthcare systems. These regulations support patients’ medical privacy and secure exchange of PHI (protected health information among medical practitioners. Three existing HIPAA-based schemes have been studied but appear to be ineffective as patients’ PHI is stored in smartcards. Moreover, carrying a smartcard during a treatment session and accessing PHI from different locations results in restrictions. In addition, authentication of the smartcard presenter would not be possible if the PIN is compromised. In this context, we propose an MCS (medical center server should be located at each hospital and accessed via the Internet for secure handling of patients’ PHI. All entities of the proposed e-health system register online with the MCS, and each entity negotiates a contributory registration key, where public-key certificates issued and maintained by CAs are used for authentication. Prior to a treatment session, a doctor negotiates a secret session key with MCS and uploads/retrieves patients’ PHI securely. The proposed scheme has five phases, which have been implemented in a secure manner for supporting HIPAA privacy/security regulations. Finally, the security aspects, computation and communication costs of the scheme are analyzed and compared with existing methods that display satisfactory performance.

Design of the national health security preparedness index.

Science.gov (United States)

Uzun Jacobson, Evin; Inglesby, Tom; Khan, Ali S; Rajotte, James C; Burhans, Robert L; Slemp, Catherine C; Links, Jonathan M

2014-01-01

The importance of health security in the United States has been highlighted by recent emergencies such as the H1N1 influenza pandemic, Superstorm Sandy, and the Boston Marathon bombing. The nation's health security remains a high priority today, with federal, state, territorial, tribal, and local governments, as well as nongovernment organizations and the private sector, engaging in activities that prevent, protect, mitigate, respond to, and recover from health threats. The Association of State and Territorial Health Officials (ASTHO), through a cooperative agreement with the Centers for Disease Control and Prevention (CDC) Office of Public Health Preparedness and Response (OPHPR), led an effort to create an annual measure of health security preparedness at the national level. The collaborative released the National Health Security Preparedness Index (NHSPI(™)) in December 2013 and provided composite results for the 50 states and for the nation as a whole. The Index results represent current levels of health security preparedness in a consistent format and provide actionable information to drive decision making for continuous improvement of the nation's health security. The overall 2013 National Index result was 7.2 on the reported base-10 scale, with areas of greater strength in the domains of health surveillance, incident and information management, and countermeasure management. The strength of the Index relies on the interdependencies of the many elements in health security preparedness, making the sum greater than its parts. Moving forward, additional health security-related disciplines and measures will be included alongside continued validation efforts.

[Extension of health coverage and community based health insurance schemes in Africa: Myths and realities].

Science.gov (United States)

Boidin, B

2015-02-01

This article tackles the perspectives and limits of the extension of health coverage based on community based health insurance schemes in Africa. Despite their strong potential contribution to the extension of health coverage, their weaknesses challenge their ability to play an important role in this extension. Three limits are distinguished: financial fragility; insufficient adaptation to characteristics and needs of poor people; organizational and institutional failures. Therefore lessons can be learnt from the limits of the institutionalization of community based health insurance schemes. At first, community based health insurance schemes are to be considered as a transitional but insufficient solution. There is also a stronger role to be played by public actors in improving financial support, strengthening health services and coordinating coverage programs.

An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Chenyu Wang

2017-12-01

Full Text Available As an essential part of Internet of Things (IoT, wireless sensor networks (WSNs have touched every aspect of our lives, such as health monitoring, environmental monitoring and traffic monitoring. However, due to its openness, wireless sensor networks are vulnerable to various security threats. User authentication, as the first fundamental step to protect systems from various attacks, has attracted much attention. Numerous user authentication protocols armed with formal proof are springing up. Recently, two biometric-based schemes were proposed with confidence to be resistant to the known attacks including offline dictionary attack, impersonation attack and so on. However, after a scrutinization of these two schemes, we found them not secure enough as claimed, and then demonstrated that these schemes suffer from various attacks, such as offline dictionary attack, impersonation attack, no user anonymity, no forward secrecy, etc. Furthermore, we proposed an enhanced scheme to overcome the identified weaknesses, and proved its security via Burrows–Abadi–Needham (BAN logic and the heuristic analysis. Finally, we compared our scheme with other related schemes, and the results showed the superiority of our scheme.

An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks.

Science.gov (United States)

Wang, Chenyu; Xu, Guoai; Sun, Jing

2017-12-19

As an essential part of Internet of Things (IoT), wireless sensor networks (WSNs) have touched every aspect of our lives, such as health monitoring, environmental monitoring and traffic monitoring. However, due to its openness, wireless sensor networks are vulnerable to various security threats. User authentication, as the first fundamental step to protect systems from various attacks, has attracted much attention. Numerous user authentication protocols armed with formal proof are springing up. Recently, two biometric-based schemes were proposed with confidence to be resistant to the known attacks including offline dictionary attack, impersonation attack and so on. However, after a scrutinization of these two schemes, we found them not secure enough as claimed, and then demonstrated that these schemes suffer from various attacks, such as offline dictionary attack, impersonation attack, no user anonymity, no forward secrecy, etc. Furthermore, we proposed an enhanced scheme to overcome the identified weaknesses, and proved its security via Burrows-Abadi-Needham (BAN) logic and the heuristic analysis. Finally, we compared our scheme with other related schemes, and the results showed the superiority of our scheme.

Personal health record systems and their security protection.

Science.gov (United States)

Win, Khin Than; Susilo, Willy; Mu, Yi

2006-08-01

The objective of this study is to analyze the security protection of personal health record systems. To achieve this we have investigated different personal health record systems, their security functions, and security issues. We have noted that current security mechanisms are not adequate and we have proposed some security mechanisms to tackle these problems.

Federal Funding for Health Security in FY2017.

Science.gov (United States)

Boddie, Crystal; Watson, Matthew; Sell, Tara Kirk

2016-01-01

This latest article in the Federal Funding for Health Security series assesses FY2017 US government funding in 5 domains critical to strengthening health security: biosecurity, radiological and nuclear security, chemical security, pandemic influenza and emerging infectious disease, and multiple-hazard and general preparedness.

Secure Testing for Genetic Diseases on Encrypted Genomes with Homomorphic Encryption Scheme

Directory of Open Access Journals (Sweden)

Tan Ping Zhou

2018-01-01

Full Text Available The decline in genome sequencing costs has widened the population that can afford its cost and has also raised concerns about genetic privacy. Kim et al. present a practical solution to the scenario of secure searching of gene data on a semitrusted business cloud. However, there are three errors in their scheme. We have made three improvements to solve these three errors. (1 They truncate the variation encodings of gene to 21 bits, which causes LPCE error and more than 5% of the entries in the database cannot be queried integrally. We decompose these large encodings by 44 bits and deal with the components, respectively, to avoid LPCE error. (2 We abandon the hash function used in Kim’s scheme, which may cause HCE error with a probability of 2-22 and decompose the position encoding of gene into three parts with the basis 211 to avoid HCE error. (3 We analyze the relationship between the parameters and the CCE error and specify the condition that parameters need to satisfy to avoid the CCE error. Experiments show that our scheme can search all entries, and the probability of searching error is reduced to less than 2-37.4.

A robust anonymous biometric-based remote user authentication scheme using smart cards

Directory of Open Access Journals (Sweden)

Ashok Kumar Das

2015-04-01

Full Text Available Several biometric-based remote user authentication schemes using smart cards have been proposed in the literature in order to improve the security weaknesses in user authentication system. In 2012, An proposed an enhanced biometric-based remote user authentication scheme using smart cards. It was claimed that the proposed scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server. In this paper, we first analyze the security of An’s scheme and we show that this scheme has three serious security flaws in the design of the scheme: (i flaw in user’s biometric verification during the login phase, (ii flaw in user’s password verification during the login and authentication phases, and (iii flaw in user’s password change locally at any time by the user. Due to these security flaws, An’s scheme cannot support mutual authentication between the user and the server. Further, we show that An’s scheme cannot prevent insider attack. In order to remedy the security weaknesses found in An’s scheme, we propose a new robust and secure anonymous biometric-based remote user authentication scheme using smart cards. Through the informal and formal security analysis, we show that our scheme is secure against all possible known attacks including the attacks found in An’s scheme. The simulation results of our scheme using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications tool ensure that our scheme is secure against passive and active attacks. In addition, our scheme is also comparable in terms of the communication and computational overheads with An’s scheme and other related existing schemes. As a result, our scheme is more appropriate for practical applications compared to other approaches.

Indian community health insurance schemes provide partial protection against catastrophic health expenditure

Directory of Open Access Journals (Sweden)

Ranson Kent

2007-03-01

Full Text Available Abstract Background More than 72% of health expenditure in India is financed by individual households at the time of illness through out-of-pocket payments. This is a highly regressive way of financing health care and sometimes leads to impoverishment. Health insurance is recommended as a measure to protect households from such catastrophic health expenditure (CHE. We studied two Indian community health insurance (CHI schemes, ACCORD and SEWA, to determine whether insured households are protected from CHE. Methods ACCORD provides health insurance cover for the indigenous population, living in Gudalur, Tamil Nadu. SEWA provides insurance cover for self employed women in the state of Gujarat. Both cover hospitalisation expenses, but only upto a maximum limit of US$23 and US$45, respectively. We reviewed the insurance claims registers in both schemes and identified patients who were hospitalised during the period 01/04/2003 to 31/03/2004. Details of their diagnoses, places and costs of treatment and self-reported annual incomes were obtained. There is no single definition of CHE and none of these have been validated. For this research, we used the following definition; "annual hospital expenditure greater than 10% of annual income," to identify those who experienced CHE. Results There were a total of 683 and 3152 hospital admissions at ACCORD and SEWA, respectively. In the absence of the CHI scheme, all of the patients at ACCORD and SEWA would have had to pay OOP for their hospitalisation. With the CHI scheme, 67% and 34% of patients did not have to make any out-of-pocket (OOP payment for their hospital expenses at ACCORD and SEWA, respectively. Both CHI schemes halved the number of households that would have experienced CHE by covering hospital costs. However, despite this, 4% and 23% of households with admissions still experienced CHE at ACCORD and SEWA, respectively. This was related to the following conditions: low annual income, benefit

Health worker preferences for performance-based payment schemes in a rural health district in Burkina Faso

Directory of Open Access Journals (Sweden)

Maurice Yé

2016-01-01

Full Text Available Background: One promising way to improve the motivation of healthcare providers and the quality of healthcare services is performance-based incentives (PBIs also referred as performance-based financing. Our study aims to explore healthcare providers’ preferences for an incentive scheme based on local resources, which aimed at improving the quality of maternal and child health care in the Nouna Health District. Design: A qualitative and quantitative survey was carried out in 2010 involving 94 healthcare providers within 34 health facilities. In addition, in-depth interviews involving a total of 33 key informants were conducted at health facility levels. Results: Overall, 85% of health workers were in favour of an incentive scheme based on the health district's own financial resources (95% CI: [71.91; 88.08]. Most health workers (95 and 96% expressed a preference for financial incentives (95% CI: [66.64; 85.36] and team-based incentives (95% CI: [67.78; 86.22], respectively. The suggested performance indicators were those linked to antenatal care services, prevention of mother-to-child human immunodeficiency virus transmission, neonatal care, and immunization. Conclusions: The early involvement of health workers and other stakeholders in designing an incentive scheme proved to be valuable. It ensured their effective participation in the process and overall acceptance of the scheme at the end. This study is an important contribution towards the designing of effective PBI schemes.

A security scheme of SMS system

Science.gov (United States)

Zhang, Fangzhou; Yang, Hong-Wei; Song, Chuck

2005-02-01

With the prosperous development and the use of SMS, more and more important information need to be transferred through the wireless and mobile networks by the users. But in the GSM/GPRS network, the SMS messages are transferred in text mode through the signaling channel and there is no integrality for SMS messages. Because of the speciality of the mobile communications, the security of signaling channel is very weak. So we need to improve and enhance the security and integrality of SMS. At present, developed investigation based on SMS security is still incomplete. The key distribution and management is not perfect to meet the usability in a wide area. This paper introduces a high-level security method to solve this problem. We design the Secure SMS of GSM/GPRS in order to improve the security of the important information that need to be transferred by the mobile networks. Using this method, we can improve the usability of E-payment and other mobile electronic commerce.

An adaptive secret key-directed cryptographic scheme for secure transmission in wireless sensor networks

International Nuclear Information System (INIS)

Muhammad, K.; Jan, Z.; Khan, Z

2015-01-01

Wireless Sensor Networks (WSNs) are memory and bandwidth limited networks whose main goals are to maximize the network lifetime and minimize the energy consumption and transmission cost. To achieve these goals, different techniques of compression and clustering have been used. However, security is an open and major issue in WSNs for which different approaches are used, both in centralized and distributed WSNs' environments. This paper presents an adaptive cryptographic scheme for secure transmission of various sensitive parameters, sensed by wireless sensors to the fusion center for further processing in WSNs such as military networks. The proposed method encrypts the sensitive captured data of sensor nodes using various encryption procedures (bitxor operation, bits shuffling, and secret key based encryption) and then sends it to the fusion center. At the fusion center, the received encrypted data is decrypted for taking further necessary actions. The experimental results with complexity analysis, validate the effectiveness and feasibility of the proposed method in terms of security in WSNs. (author)

Correct mutual information, quantum bit error rate and secure transmission efficiency in Wojcik's eavesdropping scheme on ping-pong protocol

OpenAIRE

Zhang, Zhanjun

2004-01-01

Comment: The wrong mutual information, quantum bit error rate and secure transmission efficiency in Wojcik's eavesdropping scheme [PRL90(03)157901]on ping-pong protocol have been pointed out and corrected

Commission on Social Security

CERN Multimedia

Staff Association

2010-01-01

A commission studying past, present, and future social stakes ! For many years we have been hearing about the problems of funding of health insurance benefits in our different Member States. At CERN we are not totally immune from this problem.  To start with, let us recall that we have a mutual-benefit scheme which covers everyone for the consequences of the uncertainties in life (illness and accidents). The rules of our scheme are established by CERN in the framework of a sub-group of the Standing Concertation Committee, the CERN Health Insurance Scheme Board (CHISB), which is also in charge of managing the scheme.  The work of the “ProtSoc” (Protection Sociale – Social Security) commission, as we like to call it at the Staff Association, is to help your representatives on the CHISB, by preparing together with them the subjects and positions to be put forward and defended. This commission, which groups together the staff delegates who wish to invest their ...

HEALTH INSURANCE RULES OF THE CERN HEALTH INSURANCE SCHEME

CERN Multimedia

Division HR

2000-01-01

A new document which groups together the general principles, the contributions, benefits, reimbursement procedures and other information making up the Rules of the CERN Health Insurance Scheme has been established. It was approved by the Director-General on 7th July 2000 and is being distributed to all contributing members of the Scheme. It has been dispatched by internal mail to members of the personnel and by postal mail to pensioners. These Rules will enter into force on 1st September 2000. Please make sure that you have received your copy. Should this not be the case, an additional copy may be obtained by telephoning 78003

Health Insurance Rules of the CERN Health Insurance scheme

CERN Multimedia

Division HR

2000-01-01

A new document which groups together the general principles, the contributions, benefits, reimbursement procedures and other information making up the Rules of the CERN Health Insurance Scheme has been established. It was approved by the Director-General on 7th July 2000 and is being distributed to all contributing members of the Scheme. It has been dispatched by internal mail to members of the personnel and by postal mail to pensioners. These Rules will enter into force on 1st September 2000. Please make sure that you have received your copy. Should this not be the case, an additional copy may be obtained by telephoning 78003.

The Politico-Economic Challenges of Ghana’s National Health Insurance Scheme Implementation

OpenAIRE

Adam Fusheini

2016-01-01

Background National/social health insurance schemes have increasingly been seen in many low- and middle-income countries (LMICs) as a vehicle to universal health coverage (UHC) and a viable alternative funding mechanism for the health sector. Several countries, including Ghana, have thus introduced and implemented mandatory national health insurance schemes (NHIS) as part of reform efforts towards increasing access to health services. Ghana passed mandatory national health insurance (NHI)...

Efficient Hybrid Watermarking Scheme for Security and Transmission Bit Rate Enhancement of 3D Color-Plus-Depth Video Communication

Science.gov (United States)

El-Shafai, W.; El-Rabaie, S.; El-Halawany, M.; Abd El-Samie, F. E.

2018-03-01

Three-Dimensional Video-plus-Depth (3DV + D) comprises diverse video streams captured by different cameras around an object. Therefore, there is a great need to fulfill efficient compression to transmit and store the 3DV + D content in compressed form to attain future resource bounds whilst preserving a decisive reception quality. Also, the security of the transmitted 3DV + D is a critical issue for protecting its copyright content. This paper proposes an efficient hybrid watermarking scheme for securing the 3DV + D transmission, which is the homomorphic transform based Singular Value Decomposition (SVD) in Discrete Wavelet Transform (DWT) domain. The objective of the proposed watermarking scheme is to increase the immunity of the watermarked 3DV + D to attacks and achieve adequate perceptual quality. Moreover, the proposed watermarking scheme reduces the transmission-bandwidth requirements for transmitting the color-plus-depth 3DV over limited-bandwidth wireless networks through embedding the depth frames into the color frames of the transmitted 3DV + D. Thus, it saves the transmission bit rate and subsequently it enhances the channel bandwidth-efficiency. The performance of the proposed watermarking scheme is compared with those of the state-of-the-art hybrid watermarking schemes. The comparisons depend on both the subjective visual results and the objective results; the Peak Signal-to-Noise Ratio (PSNR) of the watermarked frames and the Normalized Correlation (NC) of the extracted watermark frames. Extensive simulation results on standard 3DV + D sequences have been conducted in the presence of attacks. The obtained results confirm that the proposed hybrid watermarking scheme is robust in the presence of attacks. It achieves not only very good perceptual quality with appreciated PSNR values and saving in the transmission bit rate, but also high correlation coefficient values in the presence of attacks compared to the existing hybrid watermarking schemes.

Analysis of Program Obfuscation Schemes with Variable Encoding Technique

Science.gov (United States)

Fukushima, Kazuhide; Kiyomoto, Shinsaku; Tanaka, Toshiaki; Sakurai, Kouichi

Program analysis techniques have improved steadily over the past several decades, and software obfuscation schemes have come to be used in many commercial programs. A software obfuscation scheme transforms an original program or a binary file into an obfuscated program that is more complicated and difficult to analyze, while preserving its functionality. However, the security of obfuscation schemes has not been properly evaluated. In this paper, we analyze obfuscation schemes in order to clarify the advantages of our scheme, the XOR-encoding scheme. First, we more clearly define five types of attack models that we defined previously, and define quantitative resistance to these attacks. Then, we compare the security, functionality and efficiency of three obfuscation schemes with encoding variables: (1) Sato et al.'s scheme with linear transformation, (2) our previous scheme with affine transformation, and (3) the XOR-encoding scheme. We show that the XOR-encoding scheme is superior with regard to the following two points: (1) the XOR-encoding scheme is more secure against a data-dependency attack and a brute force attack than our previous scheme, and is as secure against an information-collecting attack and an inverse transformation attack as our previous scheme, (2) the XOR-encoding scheme does not restrict the calculable ranges of programs and the loss of efficiency is less than in our previous scheme.

Urban environment and health: food security.

Science.gov (United States)

Galal, Osman; Corroon, Meghan; Tirado, Cristina

2010-07-01

The authors examine the impact of urbanization on food security and human health in the Middle East. Within-urban-population disparities in food security represent one of the most dramatic indicators of economic and health disparities. These disparities are reflected in a double burden of health outcomes: increasing levels of chronic disease as well as growing numbers of undernourished among the urban poor. These require further comprehensive solutions. Some of the factors leading to food insecurity are an overdependence on purchased food commodities, lack of sufficient livelihoods, rapid reductions in peripheral agricultural land, and adverse impacts of climate change. The Food and Agriculture Organization of the United Nations (FAO) Food Security Framework is used to examine and compare 2 cities in the Middle East: Amman, Jordan, and Manama, Bahrain.

Secure and Privacy-Preserving Data Sharing and Collaboration in Mobile Healthcare Social Networks of Smart Cities

Directory of Open Access Journals (Sweden)

Qinlong Huang

2017-01-01

Full Text Available Mobile healthcare social networks (MHSN integrated with connected medical sensors and cloud-based health data storage provide preventive and curative health services in smart cities. The fusion of social data together with real-time health data facilitates a novel paradigm of healthcare big data analysis. However, the collaboration of healthcare and social network service providers may pose a series of security and privacy issues. In this paper, we propose a secure health and social data sharing and collaboration scheme in MHSN. To preserve the data privacy, we realize secure and fine-grained health data and social data sharing with attribute-based encryption and identity-based broadcast encryption techniques, respectively, which allows patients to share their private personal data securely. In order to achieve enhanced data collaboration, we allow the healthcare analyzers to access both the reencrypted health data and the social data with authorization from the data owner based on proxy reencryption. Specifically, most of the health data encryption and decryption computations are outsourced from resource-constrained mobile devices to a health cloud, and the decryption of the healthcare analyzer incurs a low cost. The security and performance analysis results show the security and efficiency of our scheme.

Quantum Communication Scheme Using Non-symmetric Quantum Channel

International Nuclear Information System (INIS)

Cao Haijing; Chen Zhonghua; Song Heshan

2008-01-01

A theoretical quantum communication scheme based on entanglement swapping and superdense coding is proposed with a 3-dimensional Bell state and 2-dimensional Bell state function as quantum channel. quantum key distribution and quantum secure direct communication can be simultaneously accomplished in the scheme. The scheme is secure and has high source capacity. At last, we generalize the quantum communication scheme to d-dimensional quantum channel

The Design and Analysis of a Secure Personal Healthcare System Based on Certificates

Directory of Open Access Journals (Sweden)

Jungho Kang

2016-11-01

Full Text Available Due to the development of information technology (IT, it has been applied to various fields such as the smart home, medicine, healthcare, and the smart car. For these fields, IT has been providing continuous prevention and management, including health conditions beyond the mere prevention of disease, improving the quality of life. e-Healthcare is a health management and medical service to provide prevention, diagnosis, treatment, and the follow-up management of diseases at any time and place in connection with information communication technology, without requiring patients to visit hospitals. However, e-Healthcare has been exposed to eavesdropping, manipulation, and the forgery of information that is personal, biological, medical, etc., and is a security threat from malicious attackers. This study suggests a security service model to exchange personal health records (PHRs for e-Healthcare environments. To be specific, this study suggests a scheme in which communicators are able to securely authorize and establish security channels by constituting the infrastructure each organization relies on. In addition, the possibility of establishing a security service model is indicated by suggesting an e-Healthcare system for a secure e-Healthcare environment as a secure personal health record system. This is anticipated to provide securer communication in e-Healthcare environments in the future through the scheme suggested in this study.

Novel security enhancement technique against eavesdropper for OCDMA system using 2-D modulation format with code switching scheme

Science.gov (United States)

Singh, Simranjit; Kaur, Ramandeep; Singh, Amanvir; Kaler, R. S.

2015-03-01

In this paper, security of the spectrally encoded-optical code division multiplexed access (OCDMA) system is enhanced by using 2-D (orthogonal) modulation technique. This is an effective approach for simultaneous improvement of the system capacity and security. Also, the results show that the hybrid modulation technique proved to be a better option to enhance the data confidentiality at higher data rates using minimum utilization of bandwidth in a multiuser environment. Further, the proposed system performance is compared with the current state-of-the-art OCDMA schemes.

Quantum signature scheme based on a quantum search algorithm

International Nuclear Information System (INIS)

Yoon, Chun Seok; Kang, Min Sung; Lim, Jong In; Yang, Hyung Jin

2015-01-01

We present a quantum signature scheme based on a two-qubit quantum search algorithm. For secure transmission of signatures, we use a quantum search algorithm that has not been used in previous quantum signature schemes. A two-step protocol secures the quantum channel, and a trusted center guarantees non-repudiation that is similar to other quantum signature schemes. We discuss the security of our protocol. (paper)

Awareness and Coverage of the National Health Insurance Scheme ...

African Journals Online (AJOL)

Sub- national levels possess a high degree of autonomy in a number of sectors including health. It is important to assess the level of coverage of the scheme among the formal sector workers in Nigeria as a proxy to gauge the extent of coverage of the scheme and derive suitable lessons that could be used in its expansion.

An improved biometrics-based remote user authentication scheme with user anonymity.

Science.gov (United States)

Khan, Muhammad Khurram; Kumari, Saru

2013-01-01

The authors review the biometrics-based user authentication scheme proposed by An in 2012. The authors show that there exist loopholes in the scheme which are detrimental for its security. Therefore the authors propose an improved scheme eradicating the flaws of An's scheme. Then a detailed security analysis of the proposed scheme is presented followed by its efficiency comparison. The proposed scheme not only withstands security problems found in An's scheme but also provides some extra features with mere addition of only two hash operations. The proposed scheme allows user to freely change his password and also provides user anonymity with untraceability.

Perspectives of frontline health workers on Ghana's National Health Insurance Scheme before and after community engagement interventions

NARCIS (Netherlands)

Alhassan, Robert Kaba; Nketiah-Amponsah, Edward; Spieker, Nicole; Arhinful, Daniel Kojo; Rinke de Wit, Tobias F.

2016-01-01

Barely a decade after introduction of Ghana's National Health Insurance Scheme (NHIS), significant successes have been recorded in universal access to basic healthcare services. However, sustainability of the scheme is increasingly threatened by concerns on quality of health service delivery in

Participation in the National Health Insurance Scheme Among ...

African Journals Online (AJOL)

Background: The National Health Insurance Scheme was established under Act 35 of 1999 by the Federal Government of Nigeria and is aimed at providing easy access to health care for all Nigerians at an affordable cost through various prepayment systems. It is totally committed to achieving universal coverage and ...

On distributed key distribution centers and unconditionally secure proactive verifiable secret sharing schemes based on general access structure

NARCIS (Netherlands)

Nikov, V.S.; Nikova, S.I.; Preneel, B.; Vandewalle, J.; Menezes, A.; Sarkar, P.

2002-01-01

A Key Distribution Center of a network is a server enabling private communications within groups of users. A Distributed Key Distribution Center is a set of servers that jointly realizes a Key Distribution Center. In this paper we build a robust Distributed Key Distribution Center Scheme secure

A Survey of Authentication Schemes in Telecare Medicine Information Systems.

Science.gov (United States)

Aslam, Muhammad Umair; Derhab, Abdelouahid; Saleem, Kashif; Abbas, Haider; Orgun, Mehmet; Iqbal, Waseem; Aslam, Baber

2017-01-01

E-Healthcare is an emerging field that provides mobility to its users. The protected health information of the users are stored at a remote server (Telecare Medical Information System) and can be accessed by the users at anytime. Many authentication protocols have been proposed to ensure the secure authenticated access to the Telecare Medical Information System. These protocols are designed to provide certain properties such as: anonymity, untraceability, unlinkability, privacy, confidentiality, availability and integrity. They also aim to build a key exchange mechanism, which provides security against some attacks such as: identity theft, password guessing, denial of service, impersonation and insider attacks. This paper reviews these proposed authentication protocols and discusses their strengths and weaknesses in terms of ensured security and privacy properties, and computation cost. The schemes are divided in three broad categories of one-factor, two-factor and three-factor authentication schemes. Inter-category and intra-category comparison has been performed for these schemes and based on the derived results we propose future directions and recommendations that can be very helpful to the researchers who work on the design and implementation of authentication protocols.

Predictors of Availing Maternal Health Schemes: A community based study in Gujarat, India

Directory of Open Access Journals (Sweden)

Kranti Suresh Vora

2014-06-01

Full Text Available Background: India continues to face challenges in improving key maternal health indicators with about 1/3rd of global maternal deaths happening in India. Utilization of health care services is an important issue in India with significant proportion of home deliveries and majority of mothers not receiving adequate antenatal care. Mortality among poor rural women is the highest with lowest utilization. To make maternal healthcare more equitable, numerous schemes such as Janani Suraksha Yojana, Chiranjeevi Yojana, Kasturba Poshan Sahay Yojana have been introduced. Studies suggest that utilization of such schemes by target population is low and there is a need to understand factors affecting maternal health care utilization in the context of these schemes. Current community based study was done in rural Gujarat to understand characteristics of women who utilize such schemes and predictors of utilization. Methodology: Data collection was done in two districts of Gujarat from June to August, 2013 as a pilot phase of MATIND project. Community based cross-sectional study included 827 households and socio-demographic details of 1454 women of 15-49 years age groups were collected. 265 mothers, who had delivered after 1st January, 2013 are included in the regression analyses. The data analysis carried out with R version 3.0.1 software.  Results: The analysis indicates socioeconomic variables such as caste, maternal variables such as education and health system variables such as use of government facility are important predictors of maternal health scheme utilization. Results suggest that socioeconomic and health system factors are the best predictors for availing scheme. Conclusion: Health system variables along with individual level variables are important predictors for availing maternal health schemes. The study indicates the need to examine all levels of predictors for utilizing government health schemes to maximize the benefit for underserved

Prevalence of antibiotic resistance in adult septic patients of H. Adam Malik central general hospital, Medan under Indonesia’s mandatory health scheme

Science.gov (United States)

Tillasman, N. S.; Saragih, R. H.; Umar, N.

2018-03-01

Sepsis is a severe bacterial infection whose treatment still varies in preference. However, for more than 60 years, antibiotics have been regarded as the panacea, as long as they are used wisely and timely. Antibiotic resistance has escalated in recent years, resulting in an accelerating global health security emergency, that is rapidly outpacing available treatment options. In January 2014, the new mandatory health insurance scheme (JKN) was introduced, whose treatments must comply with National Formulary (FORNAS) policy. We aimed to systematically review the prevalence of antibiotic resistance to FORNAS policy’s preferential treatments in adult septic patients who had been in the non-surgical wards. Based on an overall view, 76 out of 90 kinds of antibiotics which had undergone antibiotic susceptibility test (AST) had alarming resistance rate and preferential antibiotics in the current JKN scheme may have become ineffective.

High security chaotic multiple access scheme for visible light communication systems with advanced encryption standard interleaving

Science.gov (United States)

Qiu, Junchao; Zhang, Lin; Li, Diyang; Liu, Xingcheng

2016-06-01

Chaotic sequences can be applied to realize multiple user access and improve the system security for a visible light communication (VLC) system. However, since the map patterns of chaotic sequences are usually well known, eavesdroppers can possibly derive the key parameters of chaotic sequences and subsequently retrieve the information. We design an advanced encryption standard (AES) interleaving aided multiple user access scheme to enhance the security of a chaotic code division multiple access-based visible light communication (C-CDMA-VLC) system. We propose to spread the information with chaotic sequences, and then the spread information is interleaved by an AES algorithm and transmitted over VLC channels. Since the computation complexity of performing inverse operations to deinterleave the information is high, the eavesdroppers in a high speed VLC system cannot retrieve the information in real time; thus, the system security will be enhanced. Moreover, we build a mathematical model for the AES-aided VLC system and derive the theoretical information leakage to analyze the system security. The simulations are performed over VLC channels, and the results demonstrate the effectiveness and high security of our presented AES interleaving aided chaotic CDMA-VLC system.

An efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems.

Science.gov (United States)

Lee, Tian-Fu

2013-12-01

A smartcard-based authentication and key agreement scheme for telecare medicine information systems enables patients, doctors, nurses and health visitors to use smartcards for secure login to medical information systems. Authorized users can then efficiently access remote services provided by the medicine information systems through public networks. Guo and Chang recently improved the efficiency of a smartcard authentication and key agreement scheme by using chaotic maps. Later, Hao et al. reported that the scheme developed by Guo and Chang had two weaknesses: inability to provide anonymity and inefficient double secrets. Therefore, Hao et al. proposed an authentication scheme for telecare medicine information systems that solved these weaknesses and improved performance. However, a limitation in both schemes is their violation of the contributory property of key agreements. This investigation discusses these weaknesses and proposes a new smartcard-based authentication and key agreement scheme that uses chaotic maps for telecare medicine information systems. Compared to conventional schemes, the proposed scheme provides fewer weaknesses, better security, and more efficiency.

Security protection of DICOM medical images using dual-layer reversible watermarking with tamper detection capability.

Science.gov (United States)

Tan, Chun Kiat; Ng, Jason Changwei; Xu, Xiaotian; Poh, Chueh Loo; Guan, Yong Liang; Sheah, Kenneth

2011-06-01

Teleradiology applications and universal availability of patient records using web-based technology are rapidly gaining importance. Consequently, digital medical image security has become an important issue when images and their pertinent patient information are transmitted across public networks, such as the Internet. Health mandates such as the Health Insurance Portability and Accountability Act require healthcare providers to adhere to security measures in order to protect sensitive patient information. This paper presents a fully reversible, dual-layer watermarking scheme with tamper detection capability for medical images. The scheme utilizes concepts of public-key cryptography and reversible data-hiding technique. The scheme was tested using medical images in DICOM format. The results show that the scheme is able to ensure image authenticity and integrity, and to locate tampered regions in the images.

Dropping out of Ethiopia’s Community Based Health Insurance scheme

NARCIS (Netherlands)

A.D. Mebratie (Anagaw); R.A. Sparrow (Robert); Z.Y. Debebe (Zelalem); G. Alemu (Getnet ); A.S. Bedi (Arjun Singh)

2014-01-01

textabstractLow contract renewal rates have been identified as one of the challenges facing the development of community based health insurance schemes (CBHI). This paper uses longitudinal household survey data to examine dropout in the case of Ethiopia’s pilot CBHI scheme, which saw enrolment

A security-awareness virtual machine management scheme based on Chinese wall policy in cloud computing.

Science.gov (United States)

Yu, Si; Gui, Xiaolin; Lin, Jiancai; Tian, Feng; Zhao, Jianqiang; Dai, Min

2014-01-01

Cloud computing gets increasing attention for its capacity to leverage developers from infrastructure management tasks. However, recent works reveal that side channel attacks can lead to privacy leakage in the cloud. Enhancing isolation between users is an effective solution to eliminate the attack. In this paper, to eliminate side channel attacks, we investigate the isolation enhancement scheme from the aspect of virtual machine (VM) management. The security-awareness VMs management scheme (SVMS), a VMs isolation enhancement scheme to defend against side channel attacks, is proposed. First, we use the aggressive conflict of interest relation (ACIR) and aggressive in ally with relation (AIAR) to describe user constraint relations. Second, based on the Chinese wall policy, we put forward four isolation rules. Third, the VMs placement and migration algorithms are designed to enforce VMs isolation between the conflict users. Finally, based on the normal distribution, we conduct a series of experiments to evaluate SVMS. The experimental results show that SVMS is efficient in guaranteeing isolation between VMs owned by conflict users, while the resource utilization rate decreases but not by much.

The role of the health physicist in nuclear security.

Science.gov (United States)

Waller, Edward J; van Maanen, Jim

2015-04-01

Health physics is a recognized safety function in the holistic context of the protection of workers, members of the public, and the environment against the hazardous effects of ionizing radiation, often generically designated as radiation protection. The role of the health physicist as protector dates back to the Manhattan Project. Nuclear security is the prevention and detection of, and response to, criminal or intentional unauthorized acts involving or directed at nuclear material, other radioactive material, associated facilities, or associated activities. Its importance has become more visible and pronounced in the post 9/11 environment, and it has a shared purpose with health physics in the context of protection of workers, members of the public, and the environment. However, the duties and responsibilities of the health physicist in the nuclear security domain are neither clearly defined nor recognized, while a fundamental understanding of nuclear phenomena in general, nuclear or other radioactive material specifically, and the potential hazards related to them is required for threat assessment, protection, and risk management. Furthermore, given the unique skills and attributes of professional health physicists, it is argued that the role of the health physicist should encompass all aspects of nuclear security, ranging from input in the development to implementation and execution of an efficient and effective nuclear security regime. As such, health physicists should transcend their current typical role as consultants in nuclear security issues and become fully integrated and recognized experts in the nuclear security domain and decision making process. Issues regarding the security clearances of health physics personnel and the possibility of insider threats must be addressed in the same manner as for other trusted individuals; however, the net gain from recognizing and integrating health physics expertise in all levels of a nuclear security regime far

Nonlinear secret image sharing scheme.

Science.gov (United States)

Shin, Sang-Ho; Lee, Gil-Je; Yoo, Kee-Young

2014-01-01

Over the past decade, most of secret image sharing schemes have been proposed by using Shamir's technique. It is based on a linear combination polynomial arithmetic. Although Shamir's technique based secret image sharing schemes are efficient and scalable for various environments, there exists a security threat such as Tompa-Woll attack. Renvall and Ding proposed a new secret sharing technique based on nonlinear combination polynomial arithmetic in order to solve this threat. It is hard to apply to the secret image sharing. In this paper, we propose a (t, n)-threshold nonlinear secret image sharing scheme with steganography concept. In order to achieve a suitable and secure secret image sharing scheme, we adapt a modified LSB embedding technique with XOR Boolean algebra operation, define a new variable m, and change a range of prime p in sharing procedure. In order to evaluate efficiency and security of proposed scheme, we use the embedding capacity and PSNR. As a result of it, average value of PSNR and embedding capacity are 44.78 (dB) and 1.74t⌈log2 m⌉ bit-per-pixel (bpp), respectively.

Dynamic Symmetric Key Mobile Commerce Scheme Based on Self-Verified Mechanism

Directory of Open Access Journals (Sweden)

Jiachen Yang

2014-01-01

Full Text Available In terms of the security and efficiency of mobile e-commerce, the authors summarized the advantages and disadvantages of several related schemes, especially the self-verified mobile payment scheme based on the elliptic curve cryptosystem (ECC and then proposed a new type of dynamic symmetric key mobile commerce scheme based on self-verified mechanism. The authors analyzed the basic algorithm based on self-verified mechanisms and detailed the complete transaction process of the proposed scheme. The authors analyzed the payment scheme based on the security and high efficiency index. The analysis shows that the proposed scheme not only meets the high efficiency of mobile electronic payment premise, but also takes the security into account. The user confirmation mechanism at the end of the proposed scheme further strengthens the security of the proposed scheme. In brief, the proposed scheme is more efficient and practical than most of the existing schemes.

An Improved Biometrics-Based Remote User Authentication Scheme with User Anonymity

Directory of Open Access Journals (Sweden)

Muhammad Khurram Khan

2013-01-01

Full Text Available The authors review the biometrics-based user authentication scheme proposed by An in 2012. The authors show that there exist loopholes in the scheme which are detrimental for its security. Therefore the authors propose an improved scheme eradicating the flaws of An’s scheme. Then a detailed security analysis of the proposed scheme is presented followed by its efficiency comparison. The proposed scheme not only withstands security problems found in An’s scheme but also provides some extra features with mere addition of only two hash operations. The proposed scheme allows user to freely change his password and also provides user anonymity with untraceability.

A Multiserver Biometric Authentication Scheme for TMIS using Elliptic Curve Cryptography.

Science.gov (United States)

Chaudhry, Shehzad Ashraf; Khan, Muhammad Tawab; Khan, Muhammad Khurram; Shon, Taeshik

2016-11-01

Recently several authentication schemes are proposed for telecare medicine information system (TMIS). Many of such schemes are proved to have weaknesses against known attacks. Furthermore, numerous such schemes cannot be used in real time scenarios. Because they assume a single server for authentication across the globe. Very recently, Amin et al. (J. Med. Syst. 39(11):180, 2015) designed an authentication scheme for secure communication between a patient and a medical practitioner using a trusted central medical server. They claimed their scheme to extend all security requirements and emphasized the efficiency of their scheme. However, the analysis in this article proves that the scheme designed by Amin et al. is vulnerable to stolen smart card and stolen verifier attacks. Furthermore, their scheme is having scalability issues along with inefficient password change and password recovery phases. Then we propose an improved scheme. The proposed scheme is more practical, secure and lightweight than Amin et al.'s scheme. The security of proposed scheme is proved using the popular automated tool ProVerif.

A group signature scheme based on quantum teleportation

International Nuclear Information System (INIS)

Wen Xiaojun; Tian Yuan; Ji Liping; Niu Xiamu

2010-01-01

In this paper, we present a group signature scheme using quantum teleportation. Different from classical group signature and current quantum signature schemes, which could only deliver either group signature or unconditional security, our scheme guarantees both by adopting quantum key preparation, quantum encryption algorithm and quantum teleportation. Security analysis proved that our scheme has the characteristics of group signature, non-counterfeit, non-disavowal, blindness and traceability. Our quantum group signature scheme has a foreseeable application in the e-payment system, e-government, e-business, etc.

A group signature scheme based on quantum teleportation

Energy Technology Data Exchange (ETDEWEB)

Wen Xiaojun; Tian Yuan; Ji Liping; Niu Xiamu, E-mail: wxjun36@gmail.co [Information Countermeasure Technique Research Institute, Harbin Institute of Technology, Harbin 150001 (China)

2010-05-01

In this paper, we present a group signature scheme using quantum teleportation. Different from classical group signature and current quantum signature schemes, which could only deliver either group signature or unconditional security, our scheme guarantees both by adopting quantum key preparation, quantum encryption algorithm and quantum teleportation. Security analysis proved that our scheme has the characteristics of group signature, non-counterfeit, non-disavowal, blindness and traceability. Our quantum group signature scheme has a foreseeable application in the e-payment system, e-government, e-business, etc.

[Universalization of health or of social security?].

Science.gov (United States)

Levy-Algazi, Santiago

2011-01-01

This article presents an analysis of the architecture of Mexico's health system based on the main economic problem, failing to achieve a GDP growth rate to increase real wages and give workers in formal employment coverage social security. This analysis describes the relationship between social security of the population and employment status of it (either formal or informal employment) and the impact that this situation poses to our health system. Also, it ends with a reform proposal that will give all workers the same social rights, ie to grant universal social security.

Security and privacy issues of personal health.

Science.gov (United States)

Blobel, Bernd; Pharow, Peter

2007-01-01

While health systems in developed countries and increasingly also in developing countries are moving from organisation-centred to person-centred health service delivery, the supporting communication and information technology is faced with new risks regarding security and privacy of stakeholders involved. The comprehensively distributed environment puts special burden on guaranteeing communication security services, but even more on guaranteeing application security services dealing with privilege management, access control and audit regarding social implication and connected sensitivity of personal information recorded, processed, communicated and stored in an even internationally distributed environment.

Certificateless Key-Insulated Generalized Signcryption Scheme without Bilinear Pairings

Directory of Open Access Journals (Sweden)

Caixue Zhou

2017-01-01

Full Text Available Generalized signcryption (GSC can be applied as an encryption scheme, a signature scheme, or a signcryption scheme with only one algorithm and one key pair. A key-insulated mechanism can resolve the private key exposure problem. To ensure the security of cloud storage, we introduce the key-insulated mechanism into GSC and propose a concrete scheme without bilinear pairings in the certificateless cryptosystem setting. We provide a formal definition and a security model of certificateless key-insulated GSC. Then, we prove that our scheme is confidential under the computational Diffie-Hellman (CDH assumption and unforgeable under the elliptic curve discrete logarithm (EC-DL assumption. Our scheme also supports both random-access key update and secure key update. Finally, we evaluate the efficiency of our scheme and demonstrate that it is highly efficient. Thus, our scheme is more suitable for users who communicate with the cloud using mobile devices.

Privacy and Security in Mobile Health (mHealth) Research.

Science.gov (United States)

Arora, Shifali; Yttri, Jennifer; Nilse, Wendy

2014-01-01

Research on the use of mobile technologies for alcohol use problems is a developing field. Rapid technological advances in mobile health (or mHealth) research generate both opportunities and challenges, including how to create scalable systems capable of collecting unprecedented amounts of data and conducting interventions-some in real time-while at the same time protecting the privacy and safety of research participants. Although the research literature in this area is sparse, lessons can be borrowed from other communities, such as cybersecurity or Internet security, which offer many techniques to reduce the potential risk of data breaches or tampering in mHealth. More research into measures to minimize risk to privacy and security effectively in mHealth is needed. Even so, progress in mHealth research should not stop while the field waits for perfect solutions.

Model-based security analysis of the German health card architecture.

Science.gov (United States)

Jürjens, J; Rumm, R

2008-01-01

Health-care information systems are particularly security-critical. In order to make these applications secure, the security analysis has to be an integral part of the system design and IT management process for such systems. This work presents the experiences and results from the security analysis of the system architecture of the German Health Card, by making use of an approach to model-based security engineering that is based on the UML extension UMLsec. The focus lies on the security mechanisms and security policies of the smart-card-based architecture which were analyzed using the UMLsec method and tools. Main results of the paper include a report on the employment of the UMLsec method in an industrial health information systems context as well as indications of its benefits and limitations. In particular, two potential security weaknesses were detected and countermeasures discussed. The results indicate that it can be feasible to apply a model-based security analysis using UMLsec to an industrial health information system like the German Health Card architecture, and that doing so can have concrete benefits (such as discovering potential weaknesses, and an increased confidence that no further vulnerabilities of the kind that were considered are present).

Health Information Security in Hospitals: the Application of Security Safeguards.

Science.gov (United States)

Mehraeen, Esmaeil; Ayatollahi, Haleh; Ahmadi, Maryam

2016-02-01

A hospital information system has potentials to improve the accessibility of clinical information and the quality of health care. However, the use of this system has resulted in new challenges, such as concerns over health information security. This paper aims to assess the status of information security in terms of administrative, technical and physical safeguards in the university hospitals. This was a survey study in which the participants were information technology (IT) managers (n=36) who worked in the hospitals affiliated to the top ranked medical universities (university A and university B). Data were collected using a questionnaire. The content validity of the questionnaire was examined by the experts and the reliability of the questionnaire was determined using Cronbach's coefficient alpha (α=0.75). The results showed that the administrative safeguards were arranged at a medium level. In terms of the technical safeguards and the physical safeguards, the IT managers rated them at a strong level. According to the results, among three types of security safeguards, the administrative safeguards were assessed at the medium level. To improve it, developing security policies, implementing access control models and training users are recommended.

eHealth in Belgium, a new "secure" federal network: role of patients, health professions and social security services.

Science.gov (United States)

France, Francis Roger

2011-02-01

eHealth platform is the official federal network in Belgium (created by law on 21 August 2008) devoted to a secure exchange of health data in many types of applications, such as health care purposes, simplification of administrative procedures and contribution to health policy. It implies a controlled access to decentralized databases and uses encrypted personal data. The national identification number has been chosen in order to authenticate the requester, the patient, and the receiver of information exchange. Authorizations have to be respected in order to obtain personal health data. Several questions are raised about its security: the lack of mandatory request for systematic journaling on accesses to the electronic patient record as well as the absence of explicit procedures for sanctions in case of unauthorized access, the new role of social security administration in managing security where a eHealth manager can be both judge and party (in the function of trusted third party for health data encryption and of a required lawyer for texts proposed by physicians to the Commission for the protection of private life). Another critic concerns the number of physicians in minority and the absence of patients' delegates in the eHealth Board. At a time when the patient is becoming a partner in the care team, should not he be the gate-keeper for the access to his own health record? How could networks help him to get the appropriate knowledge to contribute to care and to write his testament of life? Recent laws (on private life, patient rights and euthanasia) have contributed to a behavioural change in citizens and physician attitudes. Recommendations are made in order to improve the acceptability of eHealth platform. Copyright © 2010 Elsevier Ireland Ltd. All rights reserved.

Knowledge and uptake of community-based health insurance scheme among residents of Olowora, Lagos

Directory of Open Access Journals (Sweden)

O A Ibukun

2013-01-01

Full Text Available Background and Objective: The informal sector population in developing nations has low health coverage from Community Based Health Insurance (CBHI and problems such as limited awareness about the potential impact of prepayment health financing and the limited resources to finance health care can impede success. This study assessed the community based health insurance scheme uptake and determinants in Olowora, Lagos State. Methods: This was a descriptive cross sectional study carried out in July 2010 in all households of 12 out of 41 streets in Olowora,by multistage sampling. Four hundred and sixteen interviewer-administered questionnaires were completed and returned. Analysis was by Epi- info version 3.5.1 software. Results: Although 75.5% of respondents were aware of the Community Health Insurance scheme at Olowora, just about half (49.5% of them had good knowledge of the scheme. A substantial proportion (44.2% of respondents did not believe in contributing money for illness yet to come, and majority (72.3% of such respondents prefers payment for health care when ill. While about half (53% of respondentshad enrolled into the community health insurance scheme, 45.6% of those who had not enrolled were not aware of the scheme. Lack of money was the main reason (51.5% why some enrollees had defaulted. Conclusion: The study identified information gaps and poor understanding of the scheme as well as poverty as factors that have negatively affected uptake. The scheme management has to re-evaluate its sensitization programmes, and also strengthen marketing strategies with special emphasis on the poor.

A chaotic modified-DFT encryption scheme for physical layer security and PAPR reduction in OFDM-PON

Science.gov (United States)

Fu, Xiaosong; Bi, Meihua; Zhou, Xuefang; Yang, Guowei; Li, Qiliang; Zhou, Zhao; Yang, Xuelin

2018-05-01

This letter proposes a modified discrete Fourier transform (DFT) encryption scheme with multi-dimensional chaos for the physical layer security and peak-to-average power ratio (PAPR) reduction in orthogonal frequency division multiplexing passive optical network (OFDM-PON) system. This multiple-fold encryption algorithm is mainly composed by using the column vectors permutation and the random phase encryption in the standard DFT matrix, which can create ∼10551 key space. The transmission of ∼10 Gb/s encrypted OFDM signal is verified over 20-km standard single mode fiber (SMF). Moreover, experimental results show that, the proposed scheme can achieve ∼2.6-dB PAPR reduction and ∼1-dB improvement of receiver sensitivity if compared with the common OFDM-PON.

Security Concerns in Android mHealth Apps.

Science.gov (United States)

He, Dongjing; Naveed, Muhammad; Gunter, Carl A; Nahrstedt, Klara

2014-01-01

Mobile Health (mHealth) applications lie outside of regulatory protection such as HIPAA, which requires a baseline of privacy and security protections appropriate to sensitive medical data. However, mHealth apps, particularly those in the app stores for iOS and Android, are increasingly handling sensitive data for both professionals and patients. This paper presents a series of three studies of the mHealth apps in Google Play that show that mHealth apps make widespread use of unsecured Internet communications and third party servers. Both of these practices would be considered problematic under HIPAA, suggesting that increased use of mHealth apps could lead to less secure treatment of health data unless mHealth vendors make improvements in the way they communicate and store data.

Towards Symbolic Encryption Schemes

DEFF Research Database (Denmark)

Ahmed, Naveed; Jensen, Christian D.; Zenner, Erik

2012-01-01

, namely an authenticated encryption scheme that is secure under chosen ciphertext attack. Therefore, many reasonable encryption schemes, such as AES in the CBC or CFB mode, are not among the implementation options. In this paper, we report new attacks on CBC and CFB based implementations of the well......Symbolic encryption, in the style of Dolev-Yao models, is ubiquitous in formal security models. In its common use, encryption on a whole message is specified as a single monolithic block. From a cryptographic perspective, however, this may require a resource-intensive cryptographic algorithm......-known Needham-Schroeder and Denning-Sacco protocols. To avoid such problems, we advocate the use of refined notions of symbolic encryption that have natural correspondence to standard cryptographic encryption schemes....

Adverse selection in a voluntary Rural Mutual Health Care health insurance scheme in China.

Science.gov (United States)

Wang, Hong; Zhang, Licheng; Yip, Winnie; Hsiao, William

2006-09-01

This study examines adverse selection in a subsidized voluntary health insurance scheme, the Rural Mutual Health Care (RMHC) scheme, in a poor rural area of China. The study was made possible by a unique longitudinal data set: the total sample includes 3492 rural residents from 1020 households. Logistic regression was employed for the data analysis. The results show that although this subsidized scheme achieved a considerable high enrollment rate of 71% of rural residents, adverse selection still exists. In general, individuals with worse health status are more likely to enroll in RMHC than individuals with better health status. Although the household is set as the enrollment unit for the RMHC for the purpose of reducing adverse selection, nearly 1/3 of enrolled households are actually only partially enrolled. Furthermore, we found that adverse selection mainly occurs in partially enrolled households. The non-enrolled individuals in partially enrolled households have the best health status, while the enrolled individuals in partially enrolled households have the worst health status. Pre-RMHC, medical expenditure for enrolled individuals in partially enrolled households was 206.6 yuan per capita per year, which is 1.7 times as much as the pre-RMHC medical expenditure for non-enrolled individuals in partially enrolled households. The study also reveals that the pre-enrolled medical expenditure per capita per year of enrolled individuals was 9.6% higher than the pre-enrolled medical expenditure of all residents, including both enrolled and non-enrolled individuals. In conclusion, although the subsidized RMHC scheme reached a very high enrollment rate and the household is set as the enrollment unit for the purpose of reducing adverse selection, adverse selection still exists, especially within partially enrolled households. Voluntary RMHC will not be financially sustainable if the adverse selection is not fully taken into account.

The Politico-Economic Challenges of Ghana's National Health Insurance Scheme Implementation.

Science.gov (United States)

Fusheini, Adam

2016-04-27

National/social health insurance schemes have increasingly been seen in many low- and middle-income countries (LMICs) as a vehicle to universal health coverage (UHC) and a viable alternative funding mechanism for the health sector. Several countries, including Ghana, have thus introduced and implemented mandatory national health insurance schemes (NHIS) as part of reform efforts towards increasing access to health services. Ghana passed mandatory national health insurance (NHI) legislation (ACT 650) in 2003 and commenced nationwide implementation in 2004. Several peer review studies and other research reports have since assessed the performance of the scheme with positive rating while challenges also noted. This paper contributes to the literature on economic and political implementation challenges based on empirical evidence from the perspectives of the different category of actors and institutions involved in the process. Qualitative in-depth interviews were held with 33 different category of participants in four selected district mutual health insurance schemes in Southern (two) and Northern (two) Ghana. This was to ascertain their views regarding the main challenges in the implementation process. The participants were selected through purposeful sampling, stakeholder mapping, and snowballing. Data was analysed using thematic grouping procedure. Participants identified political issues of over politicisation and political interference as main challenges. The main economic issues participants identified included low premiums or contributions; broad exemptions, poor gatekeeper enforcement system; and culture of curative and hospital-centric care. The study establishes that political and economic factors have influenced the implementation process and the degree to which the policy has been implemented as intended. Thus, we conclude that there is a synergy between implementation and politics; and achieving UHC under the NHIS requires political stewardship. Political

Quantum Distributed Ballot Scheme Based on Greenberger-Home-Zeilinger State

International Nuclear Information System (INIS)

Shi Ronghua; Wu Ying; Guo Ying; Zeng Guihua

2010-01-01

Motivated by the complementary relations of the Greenherger-Horne-Zeilinger (GHZ) entangled triplet-particle states, a novel way of realizing quantum distributed ballot scheme is proposed. The ballot information is encoded by local operations performed on the particles of entangled GHZ triplet states, which ensures the security of the present scheme. In order to guarantee the security of this scheme, the checking phase is designed in detail on the basis of the entangled GHZ triplet state. The analysis shows the security of the proposed scheme. (general)

A Novel Texture-Quantization-Based Reversible Multiple Watermarking Scheme Applied to Health Information System.

Science.gov (United States)

Turuk, Mousami; Dhande, Ashwin

2018-04-01

The recent innovations in information and communication technologies have appreciably changed the panorama of health information system (HIS). These advances provide new means to process, handle, and share medical images and also augment the medical image security issues in terms of confidentiality, reliability, and integrity. Digital watermarking has emerged as new era that offers acceptable solutions to the security issues in HIS. Texture is a significant feature to detect the embedding sites in an image, which further leads to substantial improvement in the robustness. However, considering the perspective of digital watermarking, this feature has received meager attention in the reported literature. This paper exploits the texture property of an image and presents a novel hybrid texture-quantization-based approach for reversible multiple watermarking. The watermarked image quality has been accessed by peak signal to noise ratio (PSNR), structural similarity measure (SSIM), and universal image quality index (UIQI), and the obtained results are superior to the state-of-the-art methods. The algorithm has been evaluated on a variety of medical imaging modalities (CT, MRA, MRI, US) and robustness has been verified, considering various image processing attacks including JPEG compression. The proposed scheme offers additional security using repetitive embedding of BCH encoded watermarks and ADM encrypted ECG signal. Experimental results achieved a maximum of 22,616 bits hiding capacity with PSNR of 53.64 dB.

A Novel Image Encryption Scheme Based on Clifford Attractor and Noisy Logistic Map for Secure Transferring Images in Navy

Directory of Open Access Journals (Sweden)

Mohadeseh Kanafchian

2017-04-01

In this paper, we first give a brief introduction into chaotic image encryption and then we investigate some important properties and behaviour of the logistic map. The logistic map, aperiodic trajectory, or random-like fluctuation, could not be obtained with some choice of initial condition. Therefore, a noisy logistic map with an additive system noise is introduced. The proposed scheme is based on the extended map of the Clifford strange attractor, where each dimension has a specific role in the encryption process. Two dimensions are used for pixel permutation and the third dimension is used for pixel diffusion. In order to optimize the Clifford encryption system we increase the space key by using the noisy logistic map and a novel encryption scheme based on the Clifford attractor and the noisy logistic map for secure transfer images is proposed. This algorithm consists of two parts: the noisy logistic map shuffle of the pixel position and the pixel value. We use times for shuffling the pixel position and value then we generate the new pixel position and value by the Clifford system. To illustrate the efficiency of the proposed scheme, various types of security analysis are tested. It can be concluded that the proposed image encryption system is a suitable choice for practical applications.

Security Concerns in Android mHealth Apps

Science.gov (United States)

He, Dongjing; Naveed, Muhammad; Gunter, Carl A.; Nahrstedt, Klara

2014-01-01

Mobile Health (mHealth) applications lie outside of regulatory protection such as HIPAA, which requires a baseline of privacy and security protections appropriate to sensitive medical data. However, mHealth apps, particularly those in the app stores for iOS and Android, are increasingly handling sensitive data for both professionals and patients. This paper presents a series of three studies of the mHealth apps in Google Play that show that mHealth apps make widespread use of unsecured Internet communications and third party servers. Both of these practices would be considered problematic under HIPAA, suggesting that increased use of mHealth apps could lead to less secure treatment of health data unless mHealth vendors make improvements in the way they communicate and store data. PMID:25954370

Two-Factor User Authentication with Key Agreement Scheme Based on Elliptic Curve Cryptosystem

Directory of Open Access Journals (Sweden)

Juan Qu

2014-01-01

Full Text Available A password authentication scheme using smart card is called two-factor authentication scheme. Two-factor authentication scheme is the most accepted and commonly used mechanism that provides the authorized users a secure and efficient method for accessing resources over insecure communication channel. Up to now, various two-factor user authentication schemes have been proposed. However, most of them are vulnerable to smart card loss attack, offline password guessing attack, impersonation attack, and so on. In this paper, we design a password remote user authentication with key agreement scheme using elliptic curve cryptosystem. Security analysis shows that the proposed scheme has high level of security. Moreover, the proposed scheme is more practical and secure in contrast to some related schemes.

Strengthening global health security by embedding the International Health Regulations requirements into national health systems.

Science.gov (United States)

Kluge, Hans; Martín-Moreno, Jose Maria; Emiroglu, Nedret; Rodier, Guenael; Kelley, Edward; Vujnovic, Melitta; Permanand, Govin

2018-01-01

The International Health Regulations (IHR) 2005, as the overarching instrument for global health security, are designed to prevent and cope with major international public health threats. But poor implementation in countries hampers their effectiveness. In the wake of a number of major international health crises, such as the 2014 Ebola and 2016 Zika outbreaks, and the findings of a number of high-level assessments of the global response to these crises, it has become clear that there is a need for more joined-up thinking between health system strengthening activities and health security efforts for prevention, alert and response. WHO is working directly with its Member States to promote this approach, more specifically around how to better embed the IHR (2005) core capacities into the main health system functions. This paper looks at how and where the intersections between the IHR and the health system can be best leveraged towards developing greater health system resilience. This merging of approaches is a key component in pursuit of Universal Health Coverage and strengthened global health security as two mutually reinforcing agendas.

Robust and Efficient Authentication Scheme for Session Initiation Protocol

Directory of Open Access Journals (Sweden)

Yanrong Lu

2015-01-01

Full Text Available The session initiation protocol (SIP is a powerful application-layer protocol which is used as a signaling one for establishing, modifying, and terminating sessions among participants. Authentication is becoming an increasingly crucial issue when a user asks to access SIP services. Hitherto, many authentication schemes have been proposed to enhance the security of SIP. In 2014, Arshad and Nikooghadam proposed an enhanced authentication and key agreement scheme for SIP and claimed that their scheme could withstand various attacks. However, in this paper, we show that Arshad and Nikooghadam’s authentication scheme is still susceptible to key-compromise impersonation and trace attacks and does not provide proper mutual authentication. To conquer the flaws, we propose a secure and efficient ECC-based authentication scheme for SIP. Through the informal and formal security analyses, we demonstrate that our scheme is resilient to possible known attacks including the attacks found in Arshad et al.’s scheme. In addition, the performance analysis shows that our scheme has similar or better efficiency in comparison with other existing ECC-based authentication schemes for SIP.

Cryptanalyzing an improved security modulated chaotic encryption scheme using ciphertext absolute value

International Nuclear Information System (INIS)

Alvarez, G.; Montoya, F.; Romera, M.; Pastor, G.

2005-01-01

This paper describes the security weakness of a recently proposed improved chaotic encryption method based on the modulation of a signal generated by a chaotic system with an appropriately chosen scalar signal. The aim of the improvement is to avoid the breaking of chaotic encryption schemes by means of the return map attack introduced by Perez and Cerdeira. A method of attack based on taking the absolute value of the ciphertext is presented, that allows for the cancellation of the modulation scalar signal and the determination of some system parameters that play the role of system key. The proposed improved method is shown to be compromised without any knowledge of the chaotic system parameter values and even without knowing the transmitter structure

Securing optical code-division multiple-access networks with a postswitching coding scheme of signature reconfiguration

Science.gov (United States)

Huang, Jen-Fa; Meng, Sheng-Hui; Lin, Ying-Chen

2014-11-01

The optical code-division multiple-access (OCDMA) technique is considered a good candidate for providing optical layer security. An enhanced OCDMA network security mechanism with a pseudonoise (PN) random digital signals type of maximal-length sequence (M-sequence) code switching to protect against eavesdropping is presented. Signature codes unique to individual OCDMA-network users are reconfigured according to the register state of the controlling electrical shift registers. Examples of signature reconfiguration following state switching of the controlling shift register for both the network user and the eavesdropper are numerically illustrated. Dynamically changing the PN state of the shift register to reconfigure the user signature sequence is shown; this hinders eavesdroppers' efforts to decode correct data sequences. The proposed scheme increases the probability of eavesdroppers committing errors in decoding and thereby substantially enhances the degree of an OCDMA network's confidentiality.

The pharmaceuticalisation of security: Molecular biomedicine, antiviral stockpiles, and global health security.

Science.gov (United States)

Elbe, Stefan

2014-12-01

Pharmaceuticals are now critical to the security of populations. Antivirals, antibiotics, next-generation vaccines, and antitoxins are just some of the new 'medical countermeasures' that governments are stockpiling in order to defend their populations against the threat of pandemics and bioterrorism. How has security policy come to be so deeply imbricated with pharmaceutical logics and solutions? This article captures, maps, and analyses the 'pharmaceuticalisation' of security. Through an in-depth analysis of the prominent antiviral medication Tamiflu , it shows that this pharmaceutical turn in security policy is intimately bound up with the rise of a molecular vision of life promulgated by the biomedical sciences. Caught in the crosshairs of powerful commercial, political, and regulatory pressures, governments are embracing a molecular biomedicine promising to secure populations pharmaceutically in the twenty-first century. If that is true, then the established disciplinary view of health as a predominantly secondary matter of 'low' international politics is mistaken. On the contrary, the social forces of health and biomedicine are powerful enough to influence the core practices of international politics - even those of security. For a discipline long accustomed to studying macrolevel processes and systemic structures, it is in the end also our knowledge of the minute morass of molecules that shapes international relations.

Enhanced ID-Based Authentication Scheme Using OTP in Smart Grid AMI Environment

Directory of Open Access Journals (Sweden)

Sang-Soo Yeo

2014-01-01

Full Text Available This paper presents the vulnerabilities analyses of KL scheme which is an ID-based authentication scheme for AMI network attached SCADA in smart grid and proposes a security-enhanced authentication scheme which satisfies forward secrecy as well as security requirements introduced in KL scheme and also other existing schemes. The proposed scheme uses MDMS which is the supervising system located in an electrical company as a time-synchronizing server in order to synchronize smart devices at home and conducts authentication between smart meter and smart devices using a new secret value generated by an OTP generator every session. The proposed scheme has forward secrecy, so it increases overall security, but its communication and computation overhead reduce its performance slightly, comparing the existing schemes. Nonetheless, hardware specification and communication bandwidth of smart devices will have better conditions continuously, so the proposed scheme would be a good choice for secure AMI environment.

Analysis and improvement for the performance of Baptista's cryptographic scheme

International Nuclear Information System (INIS)

Wei Jun; Liao Xiaofeng; Wong, K.W.; Zhou Tsing; Deng Yigui

2006-01-01

Based on Baptista's chaotic cryptosystem, we propose a secure and robust chaotic cryptographic scheme after investigating the problems found in this cryptosystem as well as its variants. In this proposed scheme, a subkey array generated from the key and the plaintext is adopted to enhance the security. Some methods are introduced to increase the efficiency. Theoretical analyses and numerical simulations indicate that the proposed scheme is secure and efficient for practical use

Determinants of enrollment of informal sector workers in cooperative based health scheme in Bangladesh

Science.gov (United States)

Sarker, Abdur Razzaque; Sultana, Marufa; Mahumud, Rashidul Alam; Ahmed, Sayem; Islam, Ziaul; Morton, Alec; Khan, Jahangir A. M.

2017-01-01

Background Providing access to affordable health care for the informal sector remains a considerable challenge for low income countries striving to make progress towards universal health coverage. The objective of the study is to identify the factors shaping the decision to enroll in a cooperative based health scheme for informal workers in Bangladesh and also help to identify the features of informal workers without health schemes and their likelihood of being insured. Methods Data were derived from a cross-sectional in-house survey within the catchment area of a cooperative based health scheme in Bangladesh during April–June 2014, covering a total of 784 households (458 members and 326 non-members). Multivariate logistic regression model was used to identify factors associated with cooperative based health scheme and explanatory variables. Findings This study found that a number of factors were significant determinants of health scheme participation including sex of household head, household composition, occupational category as well as involvement social financial safety net programs. Conclusion Findings from this study can be suggestive for policy-makers interested in scaling up health insurance for informal workers in Bangladesh. Shared funding from this large informal sector can generate new resources for healthcare, which is in line with the healthcare financing strategy of Bangladesh as well as the recommendation of the World Health Organization for developing social health insurance as part of the path to Universal Health Coverage. PMID:28750052

Determinants of enrollment of informal sector workers in cooperative based health scheme in Bangladesh.

Directory of Open Access Journals (Sweden)

Abdur Razzaque Sarker

Full Text Available Providing access to affordable health care for the informal sector remains a considerable challenge for low income countries striving to make progress towards universal health coverage. The objective of the study is to identify the factors shaping the decision to enroll in a cooperative based health scheme for informal workers in Bangladesh and also help to identify the features of informal workers without health schemes and their likelihood of being insured.Data were derived from a cross-sectional in-house survey within the catchment area of a cooperative based health scheme in Bangladesh during April-June 2014, covering a total of 784 households (458 members and 326 non-members. Multivariate logistic regression model was used to identify factors associated with cooperative based health scheme and explanatory variables.This study found that a number of factors were significant determinants of health scheme participation including sex of household head, household composition, occupational category as well as involvement social financial safety net programs.Findings from this study can be suggestive for policy-makers interested in scaling up health insurance for informal workers in Bangladesh. Shared funding from this large informal sector can generate new resources for healthcare, which is in line with the healthcare financing strategy of Bangladesh as well as the recommendation of the World Health Organization for developing social health insurance as part of the path to Universal Health Coverage.

A Trust-Based Secure Routing Scheme Using the Traceback Approach for Energy-Harvesting Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Jiawei Tang

2018-03-01

Full Text Available The Internet of things (IoT is composed of billions of sensing devices that are subject to threats stemming from increasing reliance on communications technologies. A Trust-Based Secure Routing (TBSR scheme using the traceback approach is proposed to improve the security of data routing and maximize the use of available energy in Energy-Harvesting Wireless Sensor Networks (EHWSNs. The main contributions of a TBSR are (a the source nodes send data and notification to sinks through disjoint paths, separately; in such a mechanism, the data and notification can be verified independently to ensure their security. (b Furthermore, the data and notification adopt a dynamic probability of marking and logging approach during the routing. Therefore, when attacked, the network will adopt the traceback approach to locate and clear malicious nodes to ensure security. The probability of marking is determined based on the level of battery remaining; when nodes harvest more energy, the probability of marking is higher, which can improve network security. Because if the probability of marking is higher, the number of marked nodes on the data packet routing path will be more, and the sink will be more likely to trace back the data packet routing path and find malicious nodes according to this notification. When data packets are routed again, they tend to bypass these malicious nodes, which make the success rate of routing higher and lead to improved network security. When the battery level is low, the probability of marking will be decreased, which is able to save energy. For logging, when the battery level is high, the network adopts a larger probability of marking and smaller probability of logging to transmit notification to the sink, which can reserve enough storage space to meet the storage demand for the period of the battery on low level; when the battery level is low, increasing the probability of logging can reduce energy consumption. After the level of

A Trust-Based Secure Routing Scheme Using the Traceback Approach for Energy-Harvesting Wireless Sensor Networks.

Science.gov (United States)

Tang, Jiawei; Liu, Anfeng; Zhang, Jian; Xiong, Neal N; Zeng, Zhiwen; Wang, Tian

2018-03-01

The Internet of things (IoT) is composed of billions of sensing devices that are subject to threats stemming from increasing reliance on communications technologies. A Trust-Based Secure Routing (TBSR) scheme using the traceback approach is proposed to improve the security of data routing and maximize the use of available energy in Energy-Harvesting Wireless Sensor Networks (EHWSNs). The main contributions of a TBSR are (a) the source nodes send data and notification to sinks through disjoint paths, separately; in such a mechanism, the data and notification can be verified independently to ensure their security. (b) Furthermore, the data and notification adopt a dynamic probability of marking and logging approach during the routing. Therefore, when attacked, the network will adopt the traceback approach to locate and clear malicious nodes to ensure security. The probability of marking is determined based on the level of battery remaining; when nodes harvest more energy, the probability of marking is higher, which can improve network security. Because if the probability of marking is higher, the number of marked nodes on the data packet routing path will be more, and the sink will be more likely to trace back the data packet routing path and find malicious nodes according to this notification. When data packets are routed again, they tend to bypass these malicious nodes, which make the success rate of routing higher and lead to improved network security. When the battery level is low, the probability of marking will be decreased, which is able to save energy. For logging, when the battery level is high, the network adopts a larger probability of marking and smaller probability of logging to transmit notification to the sink, which can reserve enough storage space to meet the storage demand for the period of the battery on low level; when the battery level is low, increasing the probability of logging can reduce energy consumption. After the level of battery

Effectiveness Of Security Controls On Electronic Health Records

Directory of Open Access Journals (Sweden)

Everleen Wanyonyi

2017-12-01

Full Text Available Electronic Health Record EHR systems enhance efficiency and effectiveness in handling patients information in healthcare. This study focused on the EHR security by initially establishing the nature of threats affecting the system and reviewing the implemented security safeguards. The study was done at a referral hospital level 6 government facility in Kenya. Purposive sampling was used to select a sample of 196 out of 385 staff and a questionnaire designed for qualitative data collection. Data was analyzed using SPSS software. Correlations and binary logistic regression were obtained. Binary Logistic Regression BLR was used to establish the effect of the safeguards predictors on EHR security. It was established that physical security contributes more to the security of an information system than administrative controls and technical controls in that order. BLR helped in predicting effective safeguards to control EHR security threats in limited resourced public health facilities.

How do patients and providers react to different incentives in the Chinese multiple health security systems?

Science.gov (United States)

Zhang, Chun-Yu; Hashimoto, Hideki

2015-03-05

China has achieved universal health insurance coverage. This study examined how patients and hospitals react to the different designs of the plans and to monitoring of patients by the local authority in the Chinese multiple health security schemes. The sample for analysis consisted of 1006 orthopedic inpatients who were admitted between January and December 2011 at a tertiary teaching hospital located in Beijing. We conducted general linear regression analyses to investigate whether medical expenditure and length of stay differed according to the different incentives. Patients under plans with lower copayment rates consumed significantly more medication compared with those under plans with higher copayment rates. Under plans with an annual ceiling for insurance coverage, patients spent significantly more in the second half of the year than in the first half of the year. The length of stay was shorter among patients when there were government monitoring and a penalty to the hospital service provider. Our results indicate that the different designs and monitoring of the health security systems in China cause opportunistic behavior by patients and providers. Reformation is necessary to reduce those incentives, and improve equity and efficiency in healthcare use.

Three-factor anonymous authentication and key agreement scheme for Telecare Medicine Information Systems.

Science.gov (United States)

Arshad, Hamed; Nikooghadam, Morteza

2014-12-01

Nowadays, with comprehensive employment of the internet, healthcare delivery services is provided remotely by telecare medicine information systems (TMISs). A secure mechanism for authentication and key agreement is one of the most important security requirements for TMISs. Recently, Tan proposed a user anonymity preserving three-factor authentication scheme for TMIS. The present paper shows that Tan's scheme is vulnerable to replay attacks and Denial-of-Service attacks. In order to overcome these security flaws, a new and efficient three-factor anonymous authentication and key agreement scheme for TMIS is proposed. Security and performance analysis shows superiority of the proposed scheme in comparison with previously proposed schemes that are related to security of TMISs.

The Best Laid Plans: Access to the Rajiv Aarogyasri community health insurance scheme of Andhra Pradesh

Directory of Open Access Journals (Sweden)

H. Narasimhan

2014-05-01

Full Text Available This paper is a qualitative assessment of a public health insurance scheme in the state of Andhra Pradesh, south India, called the Rajiv Aarogyasri Community Health Insurance Scheme (or Aarogyasri, using the case-study method. Focusing on inpatient hospital care and especially on surgical treatments leaves the scheme wanting in meeting the health care needs of and addressing the impoverishing health expenditure incurred by the poor, especially those living in rural areas. Though well-intentioned, people from vulnerable sections of society may find the scheme ultimately unhelpful for their needs. Through an in-depth qualitative approach, the paper highlights not just financial difficulties but also the non-financial barriers to accessing health care, despite the existence of a scheme such as Aarogyasri. Narrative evidence from poor households offers powerful insights into why even the most innovative state health insurance schemes may not achieve their goals and systemic corrections needed to address barriers to health care.

Exclusion from the Health Insurance Scheme

CERN Multimedia

2003-01-01

A CERN pensioner, member of the Organization's Health Insurance Scheme (CHIS), recently provided fake documents in support of claims for medical expenses, in order to receive unjustified reimbursement from the CHIS. The Administrator of the CHIS, UNIQA, suspected a case of fraud: Accordingly, an investigation and interview of the person concerned was carried out and brought the Organization to the conclusion that fraud had actually taken place. Consequently and in accordance with Article VIII 3.12 of the CHIS Rules, it was decided to exclude this member permanently from the CHIS. The Organization takes the opportunity to remind Scheme members that any fraud or attempt to fraud established within the framework of the CHIS exposes them to: - disciplinary action, according to the Staff Rules and Regulations, for CERN members of the personnel; - definitive exclusion from the CHIS for members affiliated on a voluntary basis. Human Resources Division Tel. 73635

An enhanced biometric authentication scheme for telecare medicine information systems with nonce using chaotic hash function.

Science.gov (United States)

Das, Ashok Kumar; Goswami, Adrijit

2014-06-01

Recently, Awasthi and Srivastava proposed a novel biometric remote user authentication scheme for the telecare medicine information system (TMIS) with nonce. Their scheme is very efficient as it is based on efficient chaotic one-way hash function and bitwise XOR operations. In this paper, we first analyze Awasthi-Srivastava's scheme and then show that their scheme has several drawbacks: (1) incorrect password change phase, (2) fails to preserve user anonymity property, (3) fails to establish a secret session key beween a legal user and the server, (4) fails to protect strong replay attack, and (5) lacks rigorous formal security analysis. We then a propose a novel and secure biometric-based remote user authentication scheme in order to withstand the security flaw found in Awasthi-Srivastava's scheme and enhance the features required for an idle user authentication scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks, including the replay and man-in-the-middle attacks. Our scheme is also efficient as compared to Awasthi-Srivastava's scheme.

An improved anonymous authentication scheme for roaming in ubiquitous networks.

Science.gov (United States)

Lee, Hakjun; Lee, Donghoon; Moon, Jongho; Jung, Jaewook; Kang, Dongwoo; Kim, Hyoungshick; Won, Dongho

2018-01-01

With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people's lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.'s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al's scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments.

An improved anonymous authentication scheme for roaming in ubiquitous networks.

Directory of Open Access Journals (Sweden)

Hakjun Lee

Full Text Available With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people's lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.'s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al's scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments.

Applying a Space-Based Security Recovery Scheme for Critical Homeland Security Cyberinfrastructure Utilizing the NASA Tracking and Data Relay (TDRS) Based Space Network

Science.gov (United States)

Shaw, Harry C.; McLaughlin, Brian; Stocklin, Frank; Fortin, Andre; Israel, David; Dissanayake, Asoka; Gilliand, Denise; LaFontaine, Richard; Broomandan, Richard; Hyunh, Nancy

2015-01-01

Protection of the national infrastructure is a high priority for cybersecurity of the homeland. Critical infrastructure such as the national power grid, commercial financial networks, and communications networks have been successfully invaded and re-invaded from foreign and domestic attackers. The ability to re-establish authentication and confidentiality of the network participants via secure channels that have not been compromised would be an important countermeasure to compromise of our critical network infrastructure. This paper describes a concept of operations by which the NASA Tracking and Data Relay (TDRS) constellation of spacecraft in conjunction with the White Sands Complex (WSC) Ground Station host a security recovery system for re-establishing secure network communications in the event of a national or regional cyberattack. Users would perform security and network restoral functions via a Broadcast Satellite Service (BSS) from the TDRS constellation. The BSS enrollment only requires that each network location have a receive antenna and satellite receiver. This would be no more complex than setting up a DIRECTTV-like receiver at each network location with separate network connectivity. A GEO BSS would allow a mass re-enrollment of network nodes (up to nationwide) simultaneously depending upon downlink characteristics. This paper details the spectrum requirements, link budget, notional assets and communications requirements for the scheme. It describes the architecture of such a system and the manner in which it leverages off of the existing secure infrastructure which is already in place and managed by the NASAGSFC Space Network Project.

Global agenda, local health: including concepts of health security in preparedness programs at the jurisdictional level.

Science.gov (United States)

Eby, Chas

2014-01-01

The Global Health Security Agenda's objectives contain components that could help health departments address emerging public health challenges that threaten the population. As part of the agenda, partner countries with advanced public health systems will support the development of infrastructure in stakeholder health departments. To facilitate this process and augment local programs, state and local health departments may want to include concepts of health security in their public health preparedness offices in order to simultaneously build capacity. Health security programs developed by public health departments should complete projects that are closely aligned with the objectives outlined in the global agenda and that facilitate the completion of current preparedness grant requirements. This article identifies objectives and proposes tactical local projects that run parallel to the 9 primary objectives of the Global Health Security Agenda. Executing concurrent projects at the international and local levels in preparedness offices will accelerate the completion of these objectives and help prevent disease epidemics, detect health threats, and respond to public health emergencies. Additionally, future funding tied or related to health security may become more accessible to state and local health departments that have achieved these objectives.

Protecting the Privacy and Security of Your Health Information

Science.gov (United States)

... can be used and shared with others. The Security Rule sets rules for how your health information must be kept secure with administrative, technical, and physical safeguards. You may have additional protections and health information rights under your State's laws. ...

Improving Biometric-Based Authentication Schemes with Smart Card Revocation/Reissue for Wireless Sensor Networks.

Science.gov (United States)

Moon, Jongho; Lee, Donghoon; Lee, Youngsook; Won, Dongho

2017-04-25

User authentication in wireless sensor networks is more difficult than in traditional networks owing to sensor network characteristics such as unreliable communication, limited resources, and unattended operation. For these reasons, various authentication schemes have been proposed to provide secure and efficient communication. In 2016, Park et al. proposed a secure biometric-based authentication scheme with smart card revocation/reissue for wireless sensor networks. However, we found that their scheme was still insecure against impersonation attack, and had a problem in the smart card revocation/reissue phase. In this paper, we show how an adversary can impersonate a legitimate user or sensor node, illegal smart card revocation/reissue and prove that Park et al.'s scheme fails to provide revocation/reissue. In addition, we propose an enhanced scheme that provides efficiency, as well as anonymity and security. Finally, we provide security and performance analysis between previous schemes and the proposed scheme, and provide formal analysis based on the random oracle model. The results prove that the proposed scheme can solve the weaknesses of impersonation attack and other security flaws in the security analysis section. Furthermore, performance analysis shows that the computational cost is lower than the previous scheme.

A New Privacy-Preserving Handover Authentication Scheme for Wireless Networks.

Science.gov (United States)

Wang, Changji; Yuan, Yuan; Wu, Jiayuan

2017-06-20

Handover authentication is a critical issue in wireless networks, which is being used to ensure mobile nodes wander over multiple access points securely and seamlessly. A variety of handover authentication schemes for wireless networks have been proposed in the literature. Unfortunately, existing handover authentication schemes are vulnerable to a few security attacks, or incur high communication and computation costs. Recently, He et al. proposed a handover authentication scheme PairHand and claimed it can resist various attacks without rigorous security proofs. In this paper, we show that PairHand does not meet forward secrecy and strong anonymity. More seriously, it is vulnerable to key compromise attack, where an adversary can recover the private key of any mobile node. Then, we propose a new efficient and provably secure handover authentication scheme for wireless networks based on elliptic curve cryptography. Compared with existing schemes, our proposed scheme can resist key compromise attack, and achieves forward secrecy and strong anonymity. Moreover, it is more efficient in terms of computation and communication.

Social Security and Fighting Poverty in Tunisia

Directory of Open Access Journals (Sweden)

Hasna Khemili

2018-02-01

Full Text Available The objective of this study was to examine the role of social security in fighting poverty in Metlaoui, Tunisia, using survey data collected between July 2012 and January 2014, covering 200 poor households. We used questionnaire data, which gave a thorough analysis of the reactions, behavior, and strategies adopted by poor households as a result of various forms of risk. Social security has an effect on a number of different areas, including health, education, housing, and income. Our methodology explored both complete and partial risk-sharing, to investigate the impact of social security schemes on the strategies adopted by households to cope with economic shocks. The estimation results of different models showed that social security could help social security-covered households choose less costly strategies to cope with risks. However, the role of social security remains insufficient, given that covered households had less confidence in its services and they adopted strategies of self-insurance or income smoothing. Overall, the results showed that social security plays an important role in Metlaoui, but it remains insufficient, especially for households that are not covered by social security and are suffering from heavy health expenditures.

Security for decentralized health information systems.

Science.gov (United States)

Bleumer, G

1994-02-01

Health care information systems must reflect at least two basic characteristics of the health care community: the increasing mobility of patients and the personal liability of everyone giving medical treatment. Open distributed information systems bear the potential to reflect these requirements. But the market for open information systems and operating systems hardly provides secure products today. This 'missing link' is approached by the prototype SECURE Talk that provides secure transmission and archiving of files on top of an existing operating system. Its services may be utilized by existing medical applications. SECURE Talk demonstrates secure communication utilizing only standard hardware. Its message is that cryptography (and in particular asymmetric cryptography) is practical for many medical applications even if implemented in software. All mechanisms are software implemented in order to be executable on standard-hardware. One can investigate more or less decentralized forms of public key management and the performance of many different cryptographic mechanisms. That of, e.g. hybrid encryption and decryption (RSA+DES-PCBC) is about 300 kbit/s. That of signing and verifying is approximately the same using RSA with a DES hash function. The internal speed, without disk accesses etc., is about 1.1 Mbit/s. (Apple Quadra 950 (MC 68040, 33 MHz, RAM: 20 MB, 80 ns. Length of RSA modulus is 512 bit).

The Politico-Economic Challenges of Ghana’s National Health Insurance Scheme Implementation

Directory of Open Access Journals (Sweden)

Adam Fusheini

2016-09-01

Full Text Available Background National/social health insurance schemes have increasingly been seen in many low- and middle-income countries (LMICs as a vehicle to universal health coverage (UHC and a viable alternative funding mechanism for the health sector. Several countries, including Ghana, have thus introduced and implemented mandatory national health insurance schemes (NHIS as part of reform efforts towards increasing access to health services. Ghana passed mandatory national health insurance (NHI legislation (ACT 650 in 2003 and commenced nationwide implementation in 2004. Several peer review studies and other research reports have since assessed the performance of the scheme with positive rating while challenges also noted. This paper contributes to the literature on economic and political implementation challenges based on empirical evidence from the perspectives of the different category of actors and institutions involved in the process. Methods Qualitative in-depth interviews were held with 33 different category of participants in four selected district mutual health insurance schemes in Southern (two and Northern (two Ghana. This was to ascertain their views regarding the main challenges in the implementation process. The participants were selected through purposeful sampling, stakeholder mapping, and snowballing. Data was analysed using thematic grouping procedure. Results Participants identified political issues of over politicisation and political interference as main challenges. The main economic issues participants identified included low premiums or contributions; broad exemptions, poor gatekeeper enforcement system; and culture of curative and hospital-centric care. Conclusion The study establishes that political and economic factors have influenced the implementation process and the degree to which the policy has been implemented as intended. Thus, we conclude that there is a synergy between implementation and politics; and achieving UHC under

Symmetric weak ternary quantum homomorphic encryption schemes

Science.gov (United States)

Wang, Yuqi; She, Kun; Luo, Qingbin; Yang, Fan; Zhao, Chao

2016-03-01

Based on a ternary quantum logic circuit, four symmetric weak ternary quantum homomorphic encryption (QHE) schemes were proposed. First, for a one-qutrit rotation gate, a QHE scheme was constructed. Second, in view of the synthesis of a general 3 × 3 unitary transformation, another one-qutrit QHE scheme was proposed. Third, according to the one-qutrit scheme, the two-qutrit QHE scheme about generalized controlled X (GCX(m,n)) gate was constructed and further generalized to the n-qutrit unitary matrix case. Finally, the security of these schemes was analyzed in two respects. It can be concluded that the attacker can correctly guess the encryption key with a maximum probability pk = 1/33n, thus it can better protect the privacy of users’ data. Moreover, these schemes can be well integrated into the future quantum remote server architecture, and thus the computational security of the users’ private quantum information can be well protected in a distributed computing environment.

Deducing trapdoor primitives in public key encryption schemes

Science.gov (United States)

Pandey, Chandra

2005-03-01

Semantic security of public key encryption schemes is often interchangeable with the art of building trapdoors. In the frame of reference of Random Oracle methodology, the "Key Privacy" and "Anonymity" has often been discussed. However to a certain degree the security of most public key encryption schemes is required to be analyzed with formal proofs using one-way functions. This paper evaluates the design of El Gamal and RSA based schemes and attempts to parallelize the trapdoor primitives used in the computation of the cipher text, thereby magnifying the decryption error δp in the above schemes.

Security Attacks and Solutions in Electronic Health (E-health) Systems.

Science.gov (United States)

Zeadally, Sherali; Isaac, Jesús Téllez; Baig, Zubair

2016-12-01

For centuries, healthcare has been a basic service provided by many governments to their citizens. Over the past few decades, we have witnessed a significant transformation in the quality of healthcare services provided by healthcare organizations and professionals. Recent advances have led to the emergence of Electronic Health (E-health), largely made possible by the massive deployment and adoption of information and communication technologies (ICTs). However, cybercriminals and attackers are exploiting vulnerabilities associated primarily with ICTs, causing data breaches of patients' confidential digital health information records. Here, we review recent security attacks reported for E-healthcare and discuss the solutions proposed to mitigate them. We also identify security challenges that must be addressed by E-health system designers and implementers in the future, to respond to threats that could arise as E-health systems become integrated with technologies such as cloud computing, the Internet of Things, and smart cities.

A Component-Based Approach for Securing Indoor Home Care Applications.

Science.gov (United States)

Agirre, Aitor; Armentia, Aintzane; Estévez, Elisabet; Marcos, Marga

2017-12-26

eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT) in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history), any security threat would damage the public's confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events) as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home.

Simplified Threshold RSA with Adaptive and Proactive Security

DEFF Research Database (Denmark)

Almansa Guerra, Jesus Fernando; Damgård, Ivan Bjerre; Nielsen, Jesper Buus

2006-01-01

We present the currently simplest, most efficient, optimally resilient, adaptively secure, and proactive threshold RSA scheme. A main technical contribution is a new rewinding strategy for analysing threshold signature schemes. This new rewinding strategy allows to prove adaptive security...... of a proactive threshold signature scheme which was previously assumed to be only statically secure. As a separate contribution we prove that our protocol is secure in the UC framework....

Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme.

Directory of Open Access Journals (Sweden)

Chengqi Wang

Full Text Available With the security requirements of networks, biometrics authenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.'s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks.

Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme

Science.gov (United States)

Wang, Chengqi; Zhang, Xiao; Zheng, Zhiming

2016-01-01

With the security requirements of networks, biometrics authenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.’s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks. PMID:26866606

Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme.

Science.gov (United States)

Wang, Chengqi; Zhang, Xiao; Zheng, Zhiming

2016-01-01

With the security requirements of networks, biometrics authenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.'s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks.

Utilization and perception of Community Health Insurance Scheme ...

African Journals Online (AJOL)

Shell in collaboration with four communities in Obio-Akpor LGA, Port Harcourt, started a Community Health Insurance Scheme in February 2010. An evaluation of enrollees' utilization and perception of the services provided was done. Methodology: Quantitative data were collected by the use of structured interviewer ...

An improved anonymous authentication scheme for roaming in ubiquitous networks

Science.gov (United States)

Lee, Hakjun; Lee, Donghoon; Moon, Jongho; Jung, Jaewook; Kang, Dongwoo; Kim, Hyoungshick

2018-01-01

With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people’s lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.’s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al’s scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments. PMID:29505575

Global health security and the International Health Regulations

Directory of Open Access Journals (Sweden)

Oliva Otavio

2010-12-01

Full Text Available Abstract Global nuclear proliferation, bioterrorism, and emerging infections have challenged national capacities to achieve and maintain global security. Over the last century, emerging infectious disease threats resulted in the development of the preliminary versions of the International Health Regulations (IHR of the World Health Organization (WHO. The current HR(2005 contain major differences compared to earlier versions, including: substantial shifts from containment at the border to containment at the source of the event; shifts from a rather small disease list (smallpox, plague, cholera, and yellow fever required to be reported, to all public health threats; and shifts from preset measures to tailored responses with more flexibility to deal with the local situations on the ground. The new IHR(2005 call for accountability. They also call for strengthened national capacity for surveillance and control; prevention, alert, and response to international public health emergencies beyond the traditional short list of required reporting; global partnership and collaboration; and human rights, obligations, accountability, and procedures of monitoring. Under these evolved regulations, as well as other measures, such as the Revolving Fund for vaccine procurement of the Pan American Health Organization (PAHO, global health security could be maintained in the response to urban yellow fever in Paraguay in 2008 and the influenza (H1N1 pandemic of 2009-2010.

An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks

Science.gov (United States)

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

2016-01-01

WSNs (Wireless sensor networks) are nowadays viewed as a vital portion of the IoTs (Internet of Things). Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement) enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas’s currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham) logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications) to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs. PMID:27338382

An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks.

Science.gov (United States)

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

2016-06-08

WSNs (Wireless sensor networks) are nowadays viewed as a vital portion of the IoTs (Internet of Things). Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement) enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas's currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham) logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications) to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs.

An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Yanrong Lu

2016-06-01

Full Text Available WSNs (Wireless sensor networks are nowadays viewed as a vital portion of the IoTs (Internet of Things. Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas’s currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs.

Butterfly Encryption Scheme for Resource-Constrained Wireless Networks

Directory of Open Access Journals (Sweden)

Raghav V. Sampangi

2015-09-01

Full Text Available Resource-constrained wireless networks are emerging networks such as Radio Frequency Identification (RFID and Wireless Body Area Networks (WBAN that might have restrictions on the available resources and the computations that can be performed. These emerging technologies are increasing in popularity, particularly in defence, anti-counterfeiting, logistics and medical applications, and in consumer applications with growing popularity of the Internet of Things. With communication over wireless channels, it is essential to focus attention on securing data. In this paper, we present an encryption scheme called Butterfly encryption scheme. We first discuss a seed update mechanism for pseudorandom number generators (PRNG, and employ this technique to generate keys and authentication parameters for resource-constrained wireless networks. Our scheme is lightweight, as in it requires less resource when implemented and offers high security through increased unpredictability, owing to continuously changing parameters. Our work focuses on accomplishing high security through simplicity and reuse. We evaluate our encryption scheme using simulation, key similarity assessment, key sequence randomness assessment, protocol analysis and security analysis.

Butterfly Encryption Scheme for Resource-Constrained Wireless Networks.

Science.gov (United States)

Sampangi, Raghav V; Sampalli, Srinivas

2015-09-15

Resource-constrained wireless networks are emerging networks such as Radio Frequency Identification (RFID) and Wireless Body Area Networks (WBAN) that might have restrictions on the available resources and the computations that can be performed. These emerging technologies are increasing in popularity, particularly in defence, anti-counterfeiting, logistics and medical applications, and in consumer applications with growing popularity of the Internet of Things. With communication over wireless channels, it is essential to focus attention on securing data. In this paper, we present an encryption scheme called Butterfly encryption scheme. We first discuss a seed update mechanism for pseudorandom number generators (PRNG), and employ this technique to generate keys and authentication parameters for resource-constrained wireless networks. Our scheme is lightweight, as in it requires less resource when implemented and offers high security through increased unpredictability, owing to continuously changing parameters. Our work focuses on accomplishing high security through simplicity and reuse. We evaluate our encryption scheme using simulation, key similarity assessment, key sequence randomness assessment, protocol analysis and security analysis.

Facilitating Secure Sharing of Personal Health Data in the Cloud.

Science.gov (United States)

Thilakanathan, Danan; Calvo, Rafael A; Chen, Shiping; Nepal, Surya; Glozier, Nick

2016-05-27

Internet-based applications are providing new ways of promoting health and reducing the cost of care. Although data can be kept encrypted in servers, the user does not have the ability to decide whom the data are shared with. Technically this is linked to the problem of who owns the data encryption keys required to decrypt the data. Currently, cloud service providers, rather than users, have full rights to the key. In practical terms this makes the users lose full control over their data. Trust and uptake of these applications can be increased by allowing patients to feel in control of their data, generally stored in cloud-based services. This paper addresses this security challenge by providing the user a way of controlling encryption keys independently of the cloud service provider. We provide a secure and usable system that enables a patient to share health information with doctors and specialists. We contribute a secure protocol for patients to share their data with doctors and others on the cloud while keeping complete ownership. We developed a simple, stereotypical health application and carried out security tests, performance tests, and usability tests with both students and doctors (N=15). We developed the health application as an app for Android mobile phones. We carried out the usability tests on potential participants and medical professionals. Of 20 participants, 14 (70%) either agreed or strongly agreed that they felt safer using our system. Using mixed methods, we show that participants agreed that privacy and security of health data are important and that our system addresses these issues. We presented a security protocol that enables patients to securely share their eHealth data with doctors and nurses and developed a secure and usable system that enables patients to share mental health information with doctors.

Fuzzy assessment of health information system users' security awareness.

Science.gov (United States)

Aydın, Özlem Müge; Chouseinoglou, Oumout

2013-12-01

Health information systems (HIS) are a specific area of information systems (IS), where critical patient data is stored and quality health service is only realized with the correct use and efficient dissemination of this data to health workers. Therefore, a balance needs to be established between the levels of security and flow of information on HIS. Instead of implementing higher levels and further mechanisms of control to increase the security of HIS, it is preferable to deal with the arguably weakest link on HIS chain with respect to security: HIS users. In order to provide solutions and approaches for transforming users to the first line of defense in HIS but also to employ capable and appropriate candidates from the pool of newly graduated students, it is important to assess and evaluate the security awareness levels and characteristics of these existing and future users. This study aims to provide a new perspective to understand the phenomenon of security awareness of HIS users with the use of fuzzy analysis, and to assess the present situation of current and future HIS users of a leading medical and educational institution of Turkey, with respect to their security characteristics based on four different security scales. The results of the fuzzy analysis, the guide on how to implement this fuzzy analysis to any health institution and how to read and interpret these results, together with the possible implications of these results to the organization are provided.

Efficient and Anonymous Authentication Scheme for Wireless Body Area Networks.

Science.gov (United States)

Wu, Libing; Zhang, Yubo; Li, Li; Shen, Jian

2016-06-01

As a significant part of the Internet of Things (IoT), Wireless Body Area Network (WBAN) has attract much attention in this years. In WBANs, sensors placed in or around the human body collect the sensitive data of the body and transmit it through an open wireless channel in which the messages may be intercepted, modified, etc. Recently, Wang et al. presented a new anonymous authentication scheme for WBANs and claimed that their scheme can solve the security problems in the previous schemes. Unfortunately, we demonstrate that their scheme cannot withstand impersonation attack. Either an adversary or a malicious legal client could impersonate another legal client to the application provider. In this paper, we give the detailed weakness analysis of Wang et al.'s scheme at first. Then we present a novel anonymous authentication scheme for WBANs and prove that it's secure under a random oracle model. At last, we demonstrate that our presented anonymous authentication scheme for WBANs is more suitable for practical application than Wang et al.'s scheme due to better security and performance. Compared with Wang et al.'s scheme, the computation cost of our scheme in WBANs has reduced by about 31.58%.

An Efficient Homomorphic Aggregate Signature Scheme Based on Lattice

Directory of Open Access Journals (Sweden)

Zhengjun Jing

2014-01-01

Full Text Available Homomorphic aggregate signature (HAS is a linearly homomorphic signature (LHS for multiple users, which can be applied for a variety of purposes, such as multi-source network coding and sensor data aggregation. In order to design an efficient postquantum secure HAS scheme, we borrow the idea of the lattice-based LHS scheme over binary field in the single-user case, and develop it into a new lattice-based HAS scheme in this paper. The security of the proposed scheme is proved by showing a reduction to the single-user case and the signature length remains invariant. Compared with the existing lattice-based homomorphic aggregate signature scheme, our new scheme enjoys shorter signature length and high efficiency.

Development of Cyber Security Scheme for Nuclear Power Plant

Energy Technology Data Exchange (ETDEWEB)

Hong, S. B.; Choi, Y. S.; Cho, J. W. (and others)

2009-12-15

Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures.

Development of Cyber Security Scheme for Nuclear Power Plant

International Nuclear Information System (INIS)

Hong, S. B.; Choi, Y. S.; Cho, J. W.

2009-12-01

Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures

An Efficient V2I Authentication Scheme for VANETs

Directory of Open Access Journals (Sweden)

Yousheng Zhou

2018-01-01

Full Text Available The advent of intelligent transportation system has a crucial impact on the traffic safety and efficiency. To cope with security issues such as spoofing attack and forgery attack, many authentication schemes for vehicular ad hoc networks (VANETs have been developed, which are based on the hypothesis that secret keys are kept perfectly secure. However, key exposure is inevitable on account of the openness of VANET environment. To address this problem, key insulation is introduced in our proposed scheme. With a helper device, vehicles could periodically update their own secret keys. In this way, the forward and backward secrecy has been achieved. In addition, the elliptic curve operations have been integrated to improve the performance. The random oracle model is adopted to prove the security of the proposed scheme, and the experiment has been conducted to demonstrate the comparison between our scheme and the existing similar schemes.

Shared Electronic Health Record Systems: Key Legal and Security Challenges.

Science.gov (United States)

Christiansen, Ellen K; Skipenes, Eva; Hausken, Marie F; Skeie, Svein; Østbye, Truls; Iversen, Marjolein M

2017-11-01

Use of shared electronic health records opens a whole range of new possibilities for flexible and fruitful cooperation among health personnel in different health institutions, to the benefit of the patients. There are, however, unsolved legal and security challenges. The overall aim of this article is to highlight legal and security challenges that should be considered before using shared electronic cooperation platforms and health record systems to avoid legal and security "surprises" subsequent to the implementation. Practical lessons learned from the use of a web-based ulcer record system involving patients, community nurses, GPs, and hospital nurses and doctors in specialist health care are used to illustrate challenges we faced. Discussion of possible legal and security challenges is critical for successful implementation of shared electronic collaboration systems. Key challenges include (1) allocation of responsibility, (2) documentation routines, (3) and integrated or federated access control. We discuss and suggest how challenges of legal and security aspects can be handled. This discussion may be useful for both current and future users, as well as policy makers.

Health of children and young people in secure settings

OpenAIRE

Mooney, Ann; Statham, J.; Storey, P.

2007-01-01

This small-scale descriptive study was commissioned by the Children and Young People's Public Health team within the Department of Health, in partnership with Offender Health, in order to inform preparation and implementation of an Offender Health Strategy document for children and young people. The overall aim was to review what is currently known about healthcare for children and young people in the secure estate, covering all three types of settings (Young Offender Institution, Secure Trai...

Wireless security in mobile health.

Science.gov (United States)

Osunmuyiwa, Olufolabi; Ulusoy, Ali Hakan

2012-12-01

Mobile health (m-health) is an extremely broad term that embraces mobile communication in the health sector and data packaging. The four broad categories of wireless networks are wireless personal area network, wireless metropolitan area network, wireless wide area network, and wireless local area network. Wireless local area network is the most notable of the wireless networking tools obtainable in the health sector. Transfer of delicate and critical information on radio frequencies should be secure, and the right to use must be meticulous. This article covers the business opportunities in m-health, threats faced by wireless networks in hospitals, and methods of mitigating these threats.

Theory and Practice of a Leakage Resilient Masking Scheme

DEFF Research Database (Denmark)

Balasch, Josep; Faust, Sebastian; Gierlichs, Benedikt

2012-01-01

A recent trend in cryptography is to formally prove the leakage resilience of cryptographic implementations – that is, one formally shows that a scheme remains provably secure even in the presence of side channel leakage. Although many of the proposed schemes are secure in a surprisingly strong m...

Perception of security by health workforce at workplace in Nepal.

Science.gov (United States)

Prajapati, R; Baral, B; Karki, K B; Neupane, M

2013-05-01

In Nepal, the relationship of health worker and patient or community people is now deteriorating and the security and safety of health worker is becoming emerging issues. The poor relationship between community people and health worker is hampering the health service especially in rural setting. This study was aimed at finding the security perception and situation of health workforce in Nepal. A cross-sectional descriptive study was conducted using both quantitative and qualitative methods. Out of 404 sample health institutions, 747 health workforce from 375 health institutions were interviewed (workplace. Mostly, doctors felt insecure at their workplace 24 (30%) and argued with service users , 26 (32.50%). Feeling of security was highest in central region 160 (83.30%). Nationwide, 121 (16%) of health workers faced some level of arguments with service users, which was highest in Tarai 64 (18.08%). Of the total harassment, both gender based and sexual harassment was higher among female health workers [20 (62.5%) and 13 (56.5%) respectively]. Only, 230 (30.7%) of health workers who suffered from workplace accidents got compensation and treatment. Higher proportions of health workers feel insecurity at workplace whereas provision of compensation was minimal. There is a need of strict implementation of Security of the Health Workers and Health Organizations Act, 2066 (2009) for effective health service delivery.

A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

Science.gov (United States)

Chang, Ya-Fen; Yu, Shih-Hui; Shiao, Ding-Rui

2013-04-01

Connected health care provides new opportunities for improving financial and clinical performance. Many connected health care applications such as telecare medicine information system, personally controlled health records system, and patient monitoring have been proposed. Correct and quality care is the goal of connected heath care, and user authentication can ensure the legality of patients. After reviewing authentication schemes for connected health care applications, we find that many of them cannot protect patient privacy such that others can trace users/patients by the transmitted data. And the verification tokens used by these authentication schemes to authenticate users or servers are only password, smart card and RFID tag. Actually, these verification tokens are not unique and easy to copy. On the other hand, biometric characteristics, such as iris, face, voiceprint, fingerprint and so on, are unique, easy to be verified, and hard to be copied. In this paper, a biometrics-based user authentication scheme will be proposed to ensure uniqueness and anonymity at the same time. With the proposed scheme, only the legal user/patient himself/herself can access the remote server, and no one can trace him/her according to transmitted data.

National Disability Insurance Scheme, health, hospitals and adults with intellectual disability.

Science.gov (United States)

Wallace, Robyn A

2018-03-01

Preventable poor health outcomes for adults with intellectual disability in health settings have been known about for years. Subsequent analysis and the sorts of reasonable adjustments required in health and disability support settings to address these health gaps are well described, but have not really been embedded in practice in any significant way in either setting. As far as health is concerned, implementation of the National Disability Insurance Scheme (NDIS, the Scheme) affords an opportunity to recognise individual needs of people with intellectual disability to provide reasonable and necessary functional support for access to mainstream health services, to build capacity of mainstream health providers to supply services and to increase individual capacity to access services. Together these strands have potential to transform health outcomes. Success of the Scheme, however, rests on as yet incompletely defined operational interaction between NDIS and mainstream health services and inherently involves the disability sector. This interaction is especially relevant for adults with intellectual disability, known high users of hospitals and for whom hospital outcomes are particularly poor and preventable. Keys to better hospital outcomes are first, the receiving of quality person-centred healthcare from physicians and hospitals taking into account significance of intellectual disability and second, formulation of organised quality functional supports during hospitalisation. Achieving these require sophisticated engagement between consumers, the National Disability Insurance Agency, Commonwealth, State and Territory government leaders, senior hospital and disability administrators, NDIS service providers and clinicians and involves cross fertilisation of values, sharing of operational policies and procedures, determination of boundaries of fiscal responsibility for functional supports in hospital. © 2018 Royal Australasian College of Physicians.

Secure Biometric E-Voting Scheme

Science.gov (United States)

Ahmed, Taha Kh.; Aborizka, Mohamed

The implementation of the e-voting becomes more substantial with the rapid increase of e-government development. The recent growth in communications and cryptographic techniques facilitate the implementation of e-voting. Many countries introduced e-voting systems; unfortunately most of these systems are not fully functional. In this paper we will present an e-voting scheme that covers most of the e-voting requirements, smart card and biometric recognition technology were implemented to guarantee voter's privacy and authentication.

Low enrolment in Ugandan Community Health Insurance Schemes: underlying causes and policy implications

Directory of Open Access Journals (Sweden)

Criel Bart

2007-07-01

Full Text Available Abstract Background Despite the promotion of Community Health Insurance (CHI in Uganda in the second half of the 90's, mainly under the impetus of external aid organisations, overall membership has remained low. Today, some 30,000 persons are enrolled in about a dozen different schemes located in Central and Southern Uganda. Moreover, most of these schemes were created some 10 years ago but since then, only one or two new schemes have been launched. The dynamic of CHI has apparently come to a halt. Methods A case study evaluation was carried out on two selected CHI schemes: the Ishaka and the Save for Health Uganda (SHU schemes. The objective of this evaluation was to explore the reasons for the limited success of CHI. The evaluation involved review of the schemes' records, key informant interviews and exit polls with both insured and non-insured patients. Results Our research points to a series of not mutually exclusive explanations for this under-achievement at both the demand and the supply side of health care delivery. On the demand side, the following elements have been identified: lack of basic information on the scheme's design and operation, limited understanding of the principles underlying CHI, limited community involvement and lack of trust in the management of the schemes, and, last but not least, problems in people's ability to pay the insurance premiums. On the supply-side, we have identified the following explanations: limited interest and knowledge of health care providers and managers of CHI, and the absence of a coherent policy framework for the development of CHI. Conclusion The policy implications of this study refer to the need for the government to provide the necessary legislative, technical and regulative support to CHI development. The main policy challenge however is the need to reconcile the government of Uganda's interest in promoting CHI with the current policy of abolition of user fees in public facilities.

On Secure NOMA Systems with Transmit Antenna Selection Schemes

KAUST Repository

Lei, Hongjiang; Zhang, Jianming; Park, Kihong; Xu, Peng; Ansari, Imran Shafique; Pan, Gaofeng; Alomair, Basel; Alouini, Mohamed-Slim

2017-01-01

This paper investigates the secrecy performance of a two-user downlink non-orthogonal multiple access systems. Both single-input and single-output and multiple-input and singleoutput systems with different transmit antenna selection (TAS) strategies are considered. Depending on whether the base station has the global channel state information of both the main and wiretap channels, the exact closed-form expressions for the secrecy outage probability (SOP) with suboptimal antenna selection and optimal antenna selection schemes are obtained and compared with the traditional space-time transmission scheme. To obtain further insights, the asymptotic analysis of the SOP in high average channel power gains regime is presented and it is found that the secrecy diversity order for all the TAS schemes with fixed power allocation is zero. Furthermore, an effective power allocation scheme is proposed to obtain the nonzero diversity order with all the TAS schemes. Monte-Carlo simulations are performed to verify the proposed analytical results.

On Secure NOMA Systems with Transmit Antenna Selection Schemes

KAUST Repository

Lei, Hongjiang

2017-08-09

This paper investigates the secrecy performance of a two-user downlink non-orthogonal multiple access systems. Both single-input and single-output and multiple-input and singleoutput systems with different transmit antenna selection (TAS) strategies are considered. Depending on whether the base station has the global channel state information of both the main and wiretap channels, the exact closed-form expressions for the secrecy outage probability (SOP) with suboptimal antenna selection and optimal antenna selection schemes are obtained and compared with the traditional space-time transmission scheme. To obtain further insights, the asymptotic analysis of the SOP in high average channel power gains regime is presented and it is found that the secrecy diversity order for all the TAS schemes with fixed power allocation is zero. Furthermore, an effective power allocation scheme is proposed to obtain the nonzero diversity order with all the TAS schemes. Monte-Carlo simulations are performed to verify the proposed analytical results.

Novel Threshold Changeable Secret Sharing Schemes Based on Polynomial Interpolation.

Science.gov (United States)

Yuan, Lifeng; Li, Mingchu; Guo, Cheng; Choo, Kim-Kwang Raymond; Ren, Yizhi

2016-01-01

After any distribution of secret sharing shadows in a threshold changeable secret sharing scheme, the threshold may need to be adjusted to deal with changes in the security policy and adversary structure. For example, when employees leave the organization, it is not realistic to expect departing employees to ensure the security of their secret shadows. Therefore, in 2012, Zhang et al. proposed (t → t', n) and ({t1, t2,⋯, tN}, n) threshold changeable secret sharing schemes. However, their schemes suffer from a number of limitations such as strict limit on the threshold values, large storage space requirement for secret shadows, and significant computation for constructing and recovering polynomials. To address these limitations, we propose two improved dealer-free threshold changeable secret sharing schemes. In our schemes, we construct polynomials to update secret shadows, and use two-variable one-way function to resist collusion attacks and secure the information stored by the combiner. We then demonstrate our schemes can adjust the threshold safely.

A Regev-Type Fully Homomorphic Encryption Scheme Using Modulus Switching

Science.gov (United States)

Chen, Zhigang; Wang, Jian; Song, Xinxia

2014-01-01

A critical challenge in a fully homomorphic encryption (FHE) scheme is to manage noise. Modulus switching technique is currently the most efficient noise management technique. When using the modulus switching technique to design and implement a FHE scheme, how to choose concrete parameters is an important step, but to our best knowledge, this step has drawn very little attention to the existing FHE researches in the literature. The contributions of this paper are twofold. On one hand, we propose a function of the lower bound of dimension value in the switching techniques depending on the LWE specific security levels. On the other hand, as a case study, we modify the Brakerski FHE scheme (in Crypto 2012) by using the modulus switching technique. We recommend concrete parameter values of our proposed scheme and provide security analysis. Our result shows that the modified FHE scheme is more efficient than the original Brakerski scheme in the same security level. PMID:25093212

Renewing membership in three community-based health insurance schemes in rural India

NARCIS (Netherlands)

P. Panda (Pradeep); A. Chakraborty (Arpita); W.A. Raza (Wameq); A.S. Bedi (Arjun Singh)

2015-01-01

textabstractLow renewal rate is a key challenge facing the sustainability of Community-based Health Insurance (CBHI) schemes. While there is a large literature on initial enrolment into such schemes, there is limited evidence on the factors that impede renewal. This paper uses longitudinal data to

Disease Recording Systems and Herd Health Schemes for Production Diseases

Directory of Open Access Journals (Sweden)

Østerås O

2001-03-01

Full Text Available Disease recording of cattle is compulsory in Sweden and Norway. Sweden and Denmark also have mandatory disease recording for swine, whereas Finland and Norway only have compulsory recording of infectious diseases. Both compulsory and voluntary systems are databased, the first ones developed in the 1970's. Disease recording at pig slaughtering is somewhat older. The veterinary practitioner, and often also the farmer, can report treated cases as well as fertility disturbances to the systems. Disease recording at slaughter is carried out by veterinarians and inspection officers. The databases are handled by the veterinary authorities or the agricultural organisations in each country. Costs are defrayed by the authorities and/or the agricultural industry. The farmers receive periodic reports. Data are stored for three to ten years, often longer. Affiliation to animal health schemes for cattle or swine is voluntary. In Sweden and Denmark (cattle they are run within the scope of government regulations. Affiliation to animal health programmes may also be demanded by organisations within the agricultural industry. These organisations are also responsible for the administration of the programmes. Costs to take part in herd health schemes are covered by the farmers themselves. In certain cases, grants are received from agricultural organisations, authorities, or the European Union. Recording of diseases and the format of animal health schemes in the Nordic countries are described here in order to illustrate the possibilities to compare data between countries.

Implementation of RSA 2048-bit and AES 256-bit with Digital Signature for Secure Electronic Health Record Application

Directory of Open Access Journals (Sweden)

Mohamad Ali Sadikin

2016-10-01

Full Text Available This research addresses the implementation of encryption and digital signature technique for electronic health record to prevent cybercrime such as robbery, modification and unauthorised access. In this research, RSA 2048-bit algorithm, AES 256-bit and SHA 256 will be implemented in Java programming language. Secure Electronic Health Record Information (SEHR application design is intended to combine given services, such as confidentiality, integrity, authentication, and nonrepudiation. Cryptography is used to ensure the file records and electronic documents for detailed information on the medical past, present and future forecasts that have been given only to the intended patients. The document will be encrypted using an encryption algorithm based on NIST Standard. In the application, there are two schemes, namely the protection and verification scheme. This research uses black-box testing and whitebox testing to test the software input, output, and code without testing the process and design that occurs in the system.We demonstrated the implementation of cryptography in SEHR. The implementation of encryption and digital signature in this research can prevent archive thievery.

Development of an Internet Security Policy for health care establishments.

Science.gov (United States)

Ilioudis, C; Pangalos, G

2000-01-01

The Internet provides unprecedented opportunities for interaction and data sharing among health care providers, patients and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality and integrity of information. This paper defines the basic security requirements that must be addressed in order to use the Internet to safely transmit patient and/or other sensitive Health Care information. It describes a suitable Internet Security Policy for Health Care Establishments and provides the set of technical measures that are needed for its implementation. The proposed security policy and technical approaches have been based on an extensive study of the related recommendations from the security and standard groups both in EU amid USA and our related work and experience. The results have been utilized in the framework of the Intranet Health Clinic project, where the use of the Internet for the transmission of sensitive Health Care information is of vital importance.