WorldWideScience

Sample records for public key privacy

  1. Privacy and Publicity

    DEFF Research Database (Denmark)

    2013-01-01

    An account and critical discussion of the European Court of Human Right's approach to the balancing of protecting publicity and privacy......An account and critical discussion of the European Court of Human Right's approach to the balancing of protecting publicity and privacy...

  2. Privacy and Publicity

    DEFF Research Database (Denmark)

    Schaumburg-Müller, Sten

    2013-01-01

    An account and critical discussion of the European Court of Human Right's approach to the balancing of protecting publicity and privacy......An account and critical discussion of the European Court of Human Right's approach to the balancing of protecting publicity and privacy...

  3. A new two-round dynamic authenticated contributory group key agreement protocol using elliptic curve Diffie–Hellman with privacy preserving public key infrastructure

    Indian Academy of Sciences (India)

    Vankamamidi S Naresh; Nistala V E S Murthy

    2015-10-01

    In this paper a new two-round authenticated contributory group key agreement based on Elliptic Curve Diffie–Hellman protocol with Privacy Preserving Public Key Infrastructure (PP-PKI) is introduced and is extended to a dynamic authenticated contributory group key agreement with join and leave protocols for dynamic groups. The proposed protocol provides such security attributes as forward secrecy, backward secrecy, and defense against man in the middle (MITM) and Unknown keyshare security attacks and also authentication along with privacy preserving attributes like anonymity, traceability and unlinkability. In the end, they are compared with other popular Diffie–Hellman and Elliptic Curve Diffie–Hellman based group key agreement protocols and the results are found to be satisfactory.

  4. Public privacy: Reciprocity and Silence

    Directory of Open Access Journals (Sweden)

    Jenny Kennedy

    2014-10-01

    Full Text Available In his 1958 poem 'Dedication to my Wife' TS Eliot proclaims "these are private words addressed to you in public". Simultaneously written for his wife, Valerie Fletcher, and to the implied you of a discourse network, Eliot's poem helps to illustrate the narrative voices and silences that are constitutive of an intimate public sphere. This paper situates reciprocity as a condition of possibility for public privacy. It shows how reciprocity is enabled by systems of code operating through material and symbolic registers. Code promises to control communication, to produce neutral, systemic forms of meaning. Yet such automation is challenged by uneven and fragmented patterns of reciprocity. Moreover, examining the media of public privacy reveals historical trajectories important for understanding contemporary socio­technical platforms of reciprocity. To explore the implicit requirement of reciprocity in publicly private practices, three sites of communication are investigated framed by a media archaeology perspective: postal networks, the mail­art project PostSecret and the anonymous zine 'You'.

  5. 75 FR 28051 - Public Workshop: Pieces of Privacy

    Science.gov (United States)

    2010-05-19

    ... SECURITY Office of the Secretary Public Workshop: Pieces of Privacy AGENCY: Privacy Office, DHS. ACTION: Notice announcing public workshop. SUMMARY: The Department of Homeland Security Privacy Office will host a public workshop, ``Pieces of Privacy.'' DATES: The workshop will be held on June 10, 2010, from 8...

  6. Public Key Cryptography.

    Science.gov (United States)

    Tapson, Frank

    1996-01-01

    Describes public key cryptography, also known as RSA, which is a system using two keys, one used to put a message into cipher and another used to decipher the message. Presents examples using small prime numbers. (MKR)

  7. An Inexpensive Device for Teaching Public Key Encryption

    Science.gov (United States)

    Pendegraft, Norman

    2009-01-01

    An inexpensive device to assist in teaching the main ideas of Public Key encryption and its use in class to illustrate the operation of public key encryption is described. It illustrates that there are two keys, and is particularly useful for illustrating that privacy is achieved by using the public key. Initial data from in class use seem to…

  8. 基于公开密钥算法的移动位置隐私保护%Protecting mobile location privacy based on public-key cryptographic algorithm

    Institute of Scientific and Technical Information of China (English)

    陈渝文; 李晓宇

    2016-01-01

    为保证位置信息查询服务的安全性和保密性,提出基于公开密钥算法的移动位置隐私保护方法.引入混淆服务器,用地理位置信息服务器的公有密钥加密用户发出的查询,经过混淆服务器转发给地理位置信息服务器.由于查询经过加密,所以混淆服务器不知道用户查询的内容和当前的位置信息,地理位置信息服务器知道有用户查询,但不知道用户的实体信息.实验结果表明,该方法能够以很小代价更好地保护用户的位置隐私.%To ensure the security and confidentiality of location based services,a mobile location privacy protection method based on public-key cryptography was presented.A confusion server was introduced.Queries issued by the users were encrypted with the public key of location information server,which were forwarded by the confusion server to location information server.The method can protect user's location privacy,because the query is encrypted,the confusion server does not know the contents of the user's query and the current location information.Location information server only knows the query,but does not know user's entity information.The experimental results show that the method can protect the user's location privacy better with marginal cost.

  9. "I am Spartacus":Privacy Enhancing Technologies, Collaborative Obfuscation and Privacy as a Public Good

    OpenAIRE

    Kwecka, Z.; Buchanan, W.; Schafer, B; Rauhofer, J.

    2014-01-01

    The paper introduces an approach to privacy enhancing technologies that sees privacy not merely as an individual right, but as a public good. This idea finds its correspondence in our approach to privacy protection through obfuscation, where everybody in a group takes a small privacy risk to protect the anonymity of fellow group members. We show how these ideas can be computationally realised in an Investigative Data Acquisition Platform (IDAP). IDAP is an efficient symmetric Private Informat...

  10. Privacy with Public Access: Digital Memorials on QR Codes

    DEFF Research Database (Denmark)

    Gotved, Stine

    2015-01-01

    takes the departure in gravestones with QR-codes; objects at once physical and digital, underhandedly putting presumably private content within public reach. A plethora of issues of privacy and publicness are at play within the study's two connected but rather different empirical spaces: the physical...... in the borderland between private and public is exemplified, and with the presentation, we are ensuring a continued discussion on privacy as well as legacy in our digital society....

  11. Public key cryptosystem and a key exchange protocol using tools of non-abelian group

    Directory of Open Access Journals (Sweden)

    H. K. Pathak,

    2010-07-01

    Full Text Available Public Key Cryptosystems assure privacy as well as integrity of the transactions between two parties. The sizes of the keys play an important role. The larger the key the harder is to crack a block ofencrypted data. We propose a new public key cryptosystem and a Key Exchange Protocol based on the generalization of discrete logarithm problem using Non-abelian group of block upper triangular matrices of higher order. The proposed cryptosystem is efficient in producing keys of large sizes without the need of large primes. The security of both the systems relies on the difficulty of discrete logarithms over finite fields.

  12. Automated secured cost effective key refreshing technique to enhance WiMAX privacy key management

    Science.gov (United States)

    Sridevi, B.; Sivaranjani, S.; Rajaram, S.

    2013-01-01

    In all walks of life the way of communication is transformed by the rapid growth of wireless communication and its pervasive use. A wireless network which is fixed and richer in bandwidth is specified as IEEE 802.16, promoted and launched by an industrial forum is termed as Worldwide Interoperability for Microwave Access (WiMAX). This technology enables seamless delivery of wireless broadband service for fixed and/or mobile users. The obscurity is the long delay which occurs during the handoff management in every network. Mobile WiMAX employs an authenticated key management protocol as a part of handoff management in which the Base Station (BS) controls the distribution of keying material to the Mobile Station (MS). The protocol employed is Privacy Key Management Version 2- Extensible Authentication Protocol (PKMV2-EAP) which is responsible for the normal and periodical authorization of MSs, reauthorization as well as key refreshing. Authorization key (AK) and Traffic Encryption key (TEK) plays a vital role in key exchange. When the lifetime of key expires, MS has to request for a new key to BS which in turn leads to repetition of authorization, authentication as well as key exchange. To avoid service interruption during reauthorization , two active keys are transmitted at the same time by BS to MS. The consequences of existing work are hefty amount of bandwidth utilization, time consumption and large storage. It is also endured by Man in the Middle attack and Impersonation due to lack of security in key exchange. This paper designs an automatic mutual refreshing of keys to minimize bandwidth utilization, key storage and time consumption by proposing Previous key and Iteration based Key Refreshing Function (PKIBKRF). By integrating PKIBKRF in key generation, the simulation results indicate that 21.8% of the bandwidth and storage of keys are reduced and PKMV2 mutual authentication time is reduced by 66.67%. The proposed work is simulated with Qualnet model and

  13. Privacy with Public Access: Digital Memorials on QR Codes

    DEFF Research Database (Denmark)

    Gotved, Stine

    2015-01-01

    Digital memorials are part of a bigger picture of changing rituals for mourning, remembrance, and legacy. However, the focus of this presentation is how digital memorials perforate the (already uneasy) distinction between private and public, both in physical and emotional space. The ongoing study...... takes the departure in gravestones with QR-codes; objects at once physical and digital, underhandedly putting presumably private content within public reach. A plethora of issues of privacy and publicness are at play within the study's two connected but rather different empirical spaces: the physical...

  14. Quantum Public-Key Cryptosystem

    Science.gov (United States)

    Luo, Ming-Xing; Chen, Xiu-Bo; Yun, Deng; Yang, Yi-Xian

    2012-03-01

    Quantum one-way functions play a fundamental role in cryptography because of its necessity for the secure encryption schemes taking into account the quantum computer. In this paper our purpose is to establish a theoretical framework for a candidate of the quantum one-way functions and quantum trapdoor functions based on one-parameter unitary groups. The dynamics of parameterized unitary groups ensure the one-wayness and quantum undistinguishability in different levels, and the physical feasibility are derived from the simultaneous approximation of its infinitesimal generators. Moreover, these special functions are used to construct new cryptosystems-the quantum public-key cryptosystems for encrypting both the classical and quantum information.

  15. Applied public-key steganography

    Science.gov (United States)

    Guillon, Pierre; Furon, Teddy; Duhamel, Pierre

    2002-04-01

    We consider the problem of hiding information in a steganographic framework, i.e. embedding a binary message within an apparently innocuous content, in order to establish a suspicion-free digital communication channel. The adversary is passive as no intentional attack is foreseen. The only threat is that she discovers the presence of a hidden communication. The main goal of this article is to find if the Scalar Costa Scheme, a recently published embedding method exploiting side information at the encoder, is suitable for that framework. We justify its use assessing its security level with respect to the Cachin's criterion. We derive a public-key stego-system following the ideas of R. Anderson and P. Petitcolas. This technique is eventually applied to PCM audio contents. Experimental performances are detailed in terms of bit-rate and Kullback-Leibler distance.

  16. Ethics, privacy and the legal framework governing medical data: opportunities or threats for biomedical and public health research?

    Science.gov (United States)

    Coppieters, Yves; Levêque, Alain

    2013-06-21

    Privacy is an important concern in any research programme that deals with personal medical data. In recent years, ethics and privacy have become key considerations when conducting any form of scientific research that involves personal data. These issues are now addressed in healthcare professional training programmes. Indeed, ethics, legal frameworks and privacy are often the subject of much confusion in discussions among healthcare professionals. They tend to group these different concepts under the same heading and delegate responsibility for "ethical" approval of their research programmes to ethics committees. Public health researchers therefore need to ask questions about how changes to legal frameworks and ethical codes governing privacy in the use of personal medical data are to be applied in practice. What types of data do these laws and codes cover? Who is involved? What restrictions and requirements apply to any research programme that involves medical data?

  17. Privacy for Key-Trees with Adaptive Adversaries

    NARCIS (Netherlands)

    Beye, M.; Veugen, P.J.M.

    2011-01-01

    Hash-lock authentication protocols for Radio Frequency IDentification (RFID) tags incur heavy search on the server. Key-trees have been proposed as a way to reduce search times, but because partial keys in such trees are shared, key compromise affects several tags. Butty´an [3] and Beye and Veugen [

  18. Quantum Key Distribution Protocol with Private-Public Key

    OpenAIRE

    Serna, Eduin H.

    2009-01-01

    A quantum cryptographic protocol based in public key cryptography combinations and private key cryptography is presented. Unlike the BB84 protocol [1] and its many variants [2,3] two quantum channels are used. The present research does not make reconciliation mechanisms of information to derive the key. A three related system of key distribution are described.

  19. Public trust and privacy in shared electronic health records.

    Science.gov (United States)

    Rynning, Elisabeth

    2007-07-01

    The development of information and communication technology in health care, also called eHealth, is expected to improve patient safety and facilitate more efficient use of limited resources. The introduction of electronic health records (EHRs) can make possible immediate, even automatic transfer of patient data, for health care as well as other purposes, across any kind of institutional, regional or national border. Data can thus be shared and used more effectively for quality assurance, disease surveillance, public health monitoring and research. eHealth may also facilitate patient access to health information and medical treatment, and is seen as an effective tool for patient empowerment. At the same time, eHealth solutions may jeopardize both patient safety and patients' rights, unless carefully designed and used with discretion. The success of EHR systems will depend on public trust in their compatibility with fundamental rights, such as privacy and confidentiality. Shared European EHR systems require interoperability not only with regard to technological and semantic standards, but also concerning legal, social and cultural aspects. Since the area of privacy and medical confidentiality is far from harmonized across Europe, we are faced with a diversity that will make fully shared EHR systems a considerable challenge.

  20. Secure Cloud StorageForPrivacy-Preserving Public Audit

    Directory of Open Access Journals (Sweden)

    ShekhAhamadhusen D.

    2014-04-01

    Full Text Available In Cloud Environment, using cloud storage service, users can remotely store their data and enjoy the on-demand high-quality applications and services from a shared pool of configurable computing resources, without the burden of local data storage and maintenance. However, the fact that users no longer have physical possession of the outsourced data makes the data integrity protection in cloud computing a formidable task, especially for users with constrained computing resources. Moreover, users should be able to just use the cloud storage as if it is local, without worrying about the need to verify its integrity. Thus, enabling public auditability for cloud storage is of critical importance so that users can resort to a third-party auditor (TPA to check the integrity of outsourced data and be worry free. To securely introduce an effective TPA, the auditing process should bring in no new vulnerabilities toward user data privacy, and introduce no additional online burden to user. In this paper, we propose a secure cloud storage system supporting privacy-preserving public auditing. We further extend our result to enable the TPA to perform audits for multiple users simultaneously and efficiently. Extensive security and performance analysis show the proposed schemes are provably secure and highly efficient.

  1. 77 FR 31371 - Public Workshop: Privacy Compliance Workshop

    Science.gov (United States)

    2012-05-25

    ... compliance fundamentals, privacy and data security, and the privacy compliance life cycle. A learning lunch..., with both the training rooms and restrooms situated on the ground floor. Mary Ellen Callahan,...

  2. A threshold key escrow scheme based on public key cryptosystem

    Institute of Scientific and Technical Information of China (English)

    2001-01-01

    In key escrow field it is important to solve the problem thatuser's secret key completely depends on the trusted escrow agency. In 1995, some methods of solving the problem were presented. But these methods are no better than that of directly using threshold cryptography. In this paper, we present a common pattern of threshold key escrow scheme based on public key cryptosystem, and a detailed design based on the improved RSA algorithm is given. The above problem is solved by this scheme.

  3. Secure Internet Voting System based on Public Key Kerberos

    Directory of Open Access Journals (Sweden)

    Hussein Khalid Abd-Alrazzq

    2012-03-01

    Full Text Available Electronic voting system is an important tool which allows voters to vote over the Internet without the geographical restrictions with considers important criteria in evaluating electronic voting schemes such as the mobility, democracy, and privacy. In this paper secure remote voting system has been presented. The proposed system uses public key Kerberos which is another form of traditional Kerberos as infrastructure deal with voters. The public key is used in all steps of Kerberos (not only in initial. The proposed system utilizes the advantages of threshold cryptography to prevent anyone to decrypt or sign the ballot alone without agreement all authorities, and use threshold blind signature to prevent discovers the vote or the identity of voter and protect the content of the ballot during casting and provide verifiable and discourages ballot buying.

  4. An investigation of DUA caching strategies for public key certificates

    Energy Technology Data Exchange (ETDEWEB)

    Cheung, T.C.

    1993-11-01

    Internet Privacy Enhanced Mail (PEM) provides security services to users of Internet electronic mail. PEM is designed with the intention that it will eventually obtain public key certificates from the X.500 directory service. However, such a capability is not present in most PEM implementations today. While the prevalent PEM implementation uses a public key certificate-based strategy, certificates are mostly distributed via e-mail exchanges, which raises several security and performance issues. In this thesis research, we changed the reference PEM implementation to make use of the X.500 directory service instead of local databases for public key certificate management. The thesis discusses some problems with using the X.500 directory service, explores the relevant issues, and develops an approach to address them. The approach makes use of a memory cache to store public key certificates. We implemented a centralized cache server and addressed the denial-of-service security problem that is present in the server. In designing the cache, we investigated several cache management strategies. One result of our study is that the use of a cache significantly improves performance. Our research also indicates that security incurs extra performance cost. Different cache replacement algorithms do not seem to yield significant performance differences, while delaying dirty-writes to the backing store does improve performance over immediate writes.

  5. Privacy Protection for Telecare Medicine Information Systems Using a Chaotic Map-Based Three-Factor Authenticated Key Agreement Scheme.

    Science.gov (United States)

    Zhang, Liping; Zhu, Shaohui; Tang, Shanyu

    2017-03-01

    Telecare medicine information systems (TMIS) provide flexible and convenient e-health care. However, the medical records transmitted in TMIS are exposed to unsecured public networks, so TMIS are more vulnerable to various types of security threats and attacks. To provide privacy protection for TMIS, a secure and efficient authenticated key agreement scheme is urgently needed to protect the sensitive medical data. Recently, Mishra et al. proposed a biometrics-based authenticated key agreement scheme for TMIS by using hash function and nonce, they claimed that their scheme could eliminate the security weaknesses of Yan et al.'s scheme and provide dynamic identity protection and user anonymity. In this paper, however, we demonstrate that Mishra et al.'s scheme suffers from replay attacks, man-in-the-middle attacks and fails to provide perfect forward secrecy. To overcome the weaknesses of Mishra et al.'s scheme, we then propose a three-factor authenticated key agreement scheme to enable the patient to enjoy the remote healthcare services via TMIS with privacy protection. The chaotic map-based cryptography is employed in the proposed scheme to achieve a delicate balance of security and performance. Security analysis demonstrates that the proposed scheme resists various attacks and provides several attractive security properties. Performance evaluation shows that the proposed scheme increases efficiency in comparison with other related schemes.

  6. Public-Key Encryption with Delegated Search

    NARCIS (Netherlands)

    Ibraimi, Luan; Nikova, Svetla; Hartel, Pieter; Jonker, Willem

    2011-01-01

    In public-key setting, Alice encrypts email with public key of Bob, so that only Bob will be able to learn contents of email. Consider scenario when computer of Alice is infected and unbeknown to Alice it also embeds malware into message. Bob's company, Carol, cannot scan his email for mali

  7. Certificateless Public Auditing with Privacy Preserving for Cloud-Assisted Wireless Body Area Networks

    Directory of Open Access Journals (Sweden)

    Baoyuan Kang

    2017-01-01

    Full Text Available With cloud computing being integrated with wireless body area networks, the digital ecosystem called cloud-assisted WBAN was proposed. In cloud-assisted medical systems, the integrity of the stored data is important. Recently, based on certificateless public key cryptography, He et al. proposed a certificateless public auditing scheme for cloud-assisted WBANs. But He et al.’s scheme is not a scheme with privacy preserving. After many checks on some of the same data blocks, the auditor can derive these data blocks. In this paper, we propose a certificateless public auditing scheme with privacy preserving for cloud-assisted WBANs. In the proof phase of the proposed scheme, the proof information is protected from being directly exposed to the auditor. So, the curious auditor could not derive the data blocks. We also prove that the proposed scheme is secure in the random oracle model under the assumption that the Diffie-Hellman problem is hard, and we give a comparison of the proposed scheme with He et al.’s scheme in terms of security and computation cost.

  8. Public opinion about the importance of privacy in biobank research.

    Science.gov (United States)

    Kaufman, David J; Murphy-Bollinger, Juli; Scott, Joan; Hudson, Kathy L

    2009-11-01

    Concerns about privacy may deter people from participating in genetic research. Recruitment and retention of biobank participants requires understanding the nature and magnitude of these concerns. Potential participants in a proposed biobank were asked about their willingness to participate, their privacy concerns, informed consent, and data sharing. A representative survey of 4659 U.S. adults was conducted. Ninety percent of respondents would be concerned about privacy, 56% would be concerned about researchers having their information, and 37% would worry that study data could be used against them. However, 60% would participate in the biobank if asked. Nearly half (48%) would prefer to provide consent once for all research approved by an oversight panel, whereas 42% would prefer to provide consent for each project separately. Although 92% would allow academic researchers to use study data, 80% and 75%, respectively, would grant access to government and industry researchers. Concern about privacy was related to lower willingness to participate only when respondents were told that they would receive $50 for participation and would not receive individual research results back. Among respondents who were told that they would receive $200 or individual research results, privacy concerns were not related to willingness. Survey respondents valued both privacy and participation in biomedical research. Despite pervasive privacy concerns, 60% would participate in a biobank. Assuring research participants that their privacy will be protected to the best of researchers' abilities may increase participants' acceptance of consent for broad research uses of biobank data by a wide range of researchers.

  9. The perceived impact of location privacy: A web-based survey of public health perspectives and requirements in the UK and Canada

    Directory of Open Access Journals (Sweden)

    Boulos Maged

    2008-05-01

    Full Text Available Abstract Background The "place-consciousness" of public health professionals is on the rise as spatial analyses and Geographic Information Systems (GIS are rapidly becoming key components of their toolbox. However, "place" is most useful at its most precise, granular scale – which increases identification risks, thereby clashing with privacy issues. This paper describes the views and requirements of public health professionals in Canada and the UK on privacy issues and spatial data, as collected through a web-based survey. Methods Perceptions on the impact of privacy were collected through a web-based survey administered between November 2006 and January 2007. The survey targeted government, non-government and academic GIS labs and research groups involved in public health, as well as public health units (Canada, ministries, and observatories (UK. Potential participants were invited to participate through personally addressed, standardised emails. Results Of 112 invitees in Canada and 75 in the UK, 66 and 28 participated in the survey, respectively. The completion proportion for Canada was 91%, and 86% for the UK. No response differences were observed between the two countries. Ninety three percent of participants indicated a requirement for personally identifiable data (PID in their public health activities, including geographic information. Privacy was identified as an obstacle to public health practice by 71% of respondents. The overall self-rated median score for knowledge of privacy legislation and policies was 7 out of 10. Those who rated their knowledge of privacy as high (at the median or above also rated it significantly more severe as an obstacle to research (P Conclusion The clash between PID requirements – including granular geography – and limitations imposed by privacy and its associated bureaucracy require immediate attention and solutions, particularly given the increasing utilisation of GIS in public health. Solutions

  10. Quantum walk public-key cryptographic system

    Science.gov (United States)

    Vlachou, C.; Rodrigues, J.; Mateus, P.; Paunković, N.; Souto, A.

    2015-12-01

    Quantum Cryptography is a rapidly developing field of research that benefits from the properties of Quantum Mechanics in performing cryptographic tasks. Quantum walks are a powerful model for quantum computation and very promising for quantum information processing. In this paper, we present a quantum public-key cryptographic system based on quantum walks. In particular, in the proposed protocol the public-key is given by a quantum state generated by performing a quantum walk. We show that the protocol is secure and analyze the complexity of public key generation and encryption/decryption procedures.

  11. An Internet Key Exchange Protocol Based on Public Key Infrastructure

    Institute of Scientific and Technical Information of China (English)

    朱建明; 马建峰

    2004-01-01

    Internet key exchange (IKE) is an automated key exchange mechanism that is used to facilitate the transfer of IPSec security associations (SAs). Public key infrastructure (PKI) is considered as a key element for providing security to new distributed communication networks and services. In this paper, we concentrate on the properties of the protocol of Phase 1 IKE. After investigating IKE protocol and PKI technology, we combine IKE protocol and PKI and present an implementation scheme of the IKE based on PKI. Then, we give a logic analysis of the proposed protocol with the BAN-logic and discuss the security of the protocol. The result indicates that the protocol is correct and satisfies the security requirements of Internet key exchange.

  12. Security analysis of public key watermarking schemes

    Science.gov (United States)

    Craver, Scott A.; Katzenbeisser, Stefan

    2001-12-01

    Traditional watermarking systems require the complete disclosure of the watermarking key in the watermark verification process. In most systems an attacker is able to remove the watermark completely once the key is known, thus subverting the intention of copyright protection. To cope with this problem, public-key watermarking schemes were proposed that allow asymmetric watermark detection. Whereas a public key is used to insert watermarks in digital objects, the marks can be verified with a private key. Knowledge of this private key does not allow piracy. We describe two public-key watermarking schemes which are similar in spirit to zero-knowledge proofs. The key idea of one system is to verify a watermark in a blinded version of the document, where the scrambling is determined by the private key. A probabilistic protocol is constructed that allows public watermark detection with probability of 1/2; by iteration, the verifier can get any degree of certainty that the watermark is present. The second system is based on watermark attacks, using controlled counterfeiting to conceal real watermark data safely amid data useless to an attacker.

  13. Quantum walks public key cryptographic system

    OpenAIRE

    Vlachou, C; Rodrigues, J.; Mateus, P.; Paunković, N.; Souto, A.

    2016-01-01

    Quantum Cryptography is a rapidly developing field of research that benefits from the properties of Quantum Mechanics in performing cryptographic tasks. Quantum walks are a powerful model for quantum computation and very promising for quantum information processing. In this paper, we present a quantum public-key cryptographic system based on quantum walks. In particular, in the proposed protocol the public key is given by a quantum state generated by performing a quantum walk. We show that th...

  14. Mathematical Background of Public Key Cryptography

    DEFF Research Database (Denmark)

    Frey, Gerhard; Lange, Tanja

    2005-01-01

    The two main systems used for public key cryptography are RSA and protocols based on the discrete logarithm problem in some cyclic group. We focus on the latter problem and state cryptographic protocols and mathematical background material.......The two main systems used for public key cryptography are RSA and protocols based on the discrete logarithm problem in some cyclic group. We focus on the latter problem and state cryptographic protocols and mathematical background material....

  15. A String-Based Public Key Cryptosystem

    CERN Document Server

    Andrecut, M

    2014-01-01

    Traditional public key cryptography is based on number theory, and suffers from problems such as dealing with very large numbers and large prime numbers, making key creation cumbersome. Here, we propose a new public key cryptosystem based on strings only, which avoids the difficulties of the traditional number theory approach. The security mechanism for generating public and secret keys is ensured by a recursive encoding mechanism embedded in a quasi-commutative-random function, resulted from the composition of a quasi-commutative function with a pseudo-random function. Due to the inherent construction algorithm of the the proposed cryptosystem, the resulted mathematical inversion problem is likely to be harder than the classical discrete logarithm or integer factorization problems. Furthermore, the proposed cryptosystem is immune against the known quantum algorithm attacks.

  16. The Private Lives of Public Officials: Can the Right of Privacy Survive the First Amendment?

    Science.gov (United States)

    McKerns, Joseph P.

    The right of privacy versus the public's right to know as protected by the First Amendment is discussed in this paper. A formula is suggested based on Alexander Meiklejohn's interpretation that information about any individual, either a public official or a private person, would be protected as part of the public domain of knowledge if it is…

  17. Quantum attacks on public-key cryptosystems

    CERN Document Server

    Yan, Song Y

    2013-01-01

    The cryptosystems based on the Integer Factorization Problem (IFP), the Discrete Logarithm Problem (DLP) and the Elliptic Curve Discrete Logarithm Problem (ECDLP) are essentially the only three types of practical public-key cryptosystems in use. The security of these cryptosystems relies heavily on these three infeasible problems, as no polynomial-time algorithms exist for them so far. However, polynomial-time quantum algorithms for IFP, DLP and ECDLP do exist, provided that a practical quantum computer exists.Quantum Attacks on Public-Key Cryptosystems presemts almost all?known quantum comput

  18. Applying Evolutionary Algorithm to Public Key Cryptosystems

    Institute of Scientific and Technical Information of China (English)

    Tu Hang; Li Li; Wu Tao-jun; Li Yuan- xiang

    2003-01-01

    A best algorithm generated scheme is proposed in the paper by making use of the thought of evolutionary algorithm, which can generate dynamically the best algorithm of generating primes in RSA cryptography under different conditions. Taking into account the factors of time, space and security integrated, this scheme possessed strong practicability. The paper also proposed a model of multi degree parallel evolutionary algorithrn to evaluate synthetically the efficiency and security of the public key cryptography. The model con tributes to designing public key cryptography system too.

  19. Dynamic Threshold Public-Key Encryption

    OpenAIRE

    Delerablée, Cécile; Pointcheval, David

    2008-01-01

    The original publication is available at www.springerlink.com; International audience; This paper deals with threshold public-key encryption which allows a pool of players to decrypt a ciphertext if a given threshold of authorized players cooperate. We generalize this primitive to the dynamic setting, where any user can dynamically join the system, as a possible recipient; the sender can dynamically choose the authorized set of recipients, for each ciphertext; and the sender can dynamically s...

  20. Patients’ attitudes towards privacy in a Nepalese public hospital: a cross-sectional survey

    Directory of Open Access Journals (Sweden)

    Moore Malcolm

    2013-01-01

    Full Text Available Abstract Background Many people in western countries assume that privacy and confidentiality are features of most medical consultations. However, in many developing countries consultations take place in a public setting where privacy is extremely limited. This is often said to be culturally acceptable but there is little research to determine if this is true. This research sought to determine the attitudes of patients in eastern Nepal towards privacy in consultations. A structured survey was administered to a sample of patients attending an outpatients department in eastern Nepal. It asked patients about their attitudes towards physical privacy and confidentiality of information. Findings The majority of patients (58% stated that they were not comfortable having other patients in the same room. A similar percentage (53% did not want other patients to know their medical information but more patients were happy for nurses and other health staff to know (81%. Females and younger patients were more concerned to have privacy. Conclusion The results challenge the conventional beliefs about patients’ privacy concerns in Nepal. They suggest that consideration should be given to re-organising existing outpatient facilities and planning future facilities to enable more privacy. The study has implications for other countries where similar conditions prevail. There is a need for more comprehensive research exploring this issue.

  1. Walled Gardens: Privacy within Public Leisure Space Online and Offline

    NARCIS (Netherlands)

    P.A. Arora (Payal)

    2012-01-01

    textabstractAbstract Social network sites are the new urban parks where people congregate, socialize and exercise leisure. Its web architectures however are being walled in, dictated by market systems and State ideologies. These cyber-enclosures are justified along the lines of privacy that garners

  2. Public key cryptography from weaker assumptions

    DEFF Research Database (Denmark)

    Zottarel, Angela

    This dissertation is focused on the construction of public key cryptographic primitives and on the relative security analysis in a meaningful theoretic model. This work takes two orthogonal directions. In the first part, we study cryptographic constructions preserving their security properties also...

  3. Number Theory and Public-Key Cryptography.

    Science.gov (United States)

    Lefton, Phyllis

    1991-01-01

    Described are activities in the study of techniques used to conceal the meanings of messages and data. Some background information and two BASIC programs that illustrate the algorithms used in a new cryptographic system called "public-key cryptography" are included. (CW)

  4. MOBILE PAYMENTMETHODBASED ON PUBLIC-KEY CRYPTOGRAPHY

    Directory of Open Access Journals (Sweden)

    Adnan A. Hnaif

    2015-03-01

    Full Text Available Mobile payment is defined as mobile money, which is considered as an attractive alternative for cash, cheque, or credit. In this paper we propose a new secure mobile paymentmethod. This method is summarized in three processes: firstly, the authentication process, which involves the authentication phases for the applied customers. Secondly, the member recognition process which tests and ensures the customer membership by the market server. Finally, payment processwhich will be done by ciphering the customer information using public-key encryption cryptosystem (RSA, to be submitted over an insecure network to the market server. Actually, this mobile payment methodis more efficient than otherpayment methods since the customer can pay from his/her own mobilephone without any extra cost and effort. The RSA public-key encryption system ensures the security of the proposed method. However, to prevent a brute force attack, the choice of the key size becomes crucial.

  5. Privacy After Snowden: Theoretical Developments and Public Opinion Perceptions of Privacy in Slovenia (Zasebnost po Snowdnu: novejša pojmovanja zasebnosti in odnos javnosti do le-te v Sloveniji

    Directory of Open Access Journals (Sweden)

    Aleš Završnik

    2014-10-01

    Full Text Available The article analyses recent theorizing of privacy arising from new technologies that allow constant and ubiquitous monitoring of our communication and movement. The theoretical part analyses Helen Nissenbaum’s theory of contextual integrity of privacy and pluralistic understanding of privacy by Daniel Solove. The empirical part presents the results of an online survey on the Slovenian public perceptions of privacy that includes questions on types and frequency of victimizations relating to the right to privacy; self-reported privacy violations; concern for the protection of one’s own privacy; perception of primary privacy offenders; the value of privacy; attitude towards data retention in public telecommunication networks; and acquaintance with the Information Commissioner of RS. Despite growing distrust of large internet corporations and – after Edward Snowden’s revelations – Intelligence agencies, the findings indicate a low degree of awareness and care for the protection of personal data.

  6. Ethics in public health research: privacy and public health at risk: public health confidentiality in the digital age.

    Science.gov (United States)

    Myers, Julie; Frieden, Thomas R; Bherwani, Kamal M; Henning, Kelly J

    2008-05-01

    Public health agencies increasingly use electronic means to acquire, use, maintain, and store personal health information. Electronic data formats can improve performance of core public health functions, but potentially threaten privacy because they can be easily duplicated and transmitted to unauthorized people. Although such security breaches do occur, electronic data can be better secured than paper records, because authentication, authorization, auditing, and accountability can be facilitated. Public health professionals should collaborate with law and information technology colleagues to assess possible threats, implement updated policies, train staff, and develop preventive engineering measures to protect information. Tightened physical and electronic controls can prevent misuse of data, minimize the risk of security breaches, and help maintain the reputation and integrity of public health agencies.

  7. 77 FR 22326 - Privacy Act of 1974, as Amended by Public Law 100-503; Notice of a Computer Matching Program

    Science.gov (United States)

    2012-04-13

    ... HUMAN SERVICES Administration for Children and Families Privacy Act of 1974, as Amended by Public Law... 1974, as amended by Public Law 100-503. SUMMARY: In compliance with the Privacy Act of 1974, as amended by Public Law 100-503, the Computer Matching and Privacy Protection Act of 1988, ACF is publishing...

  8. Privacy, security, and the public health researcher in the era of electronic health record research.

    Science.gov (United States)

    Goldstein, Neal D; Sarwate, Anand D

    2016-01-01

    Health data derived from electronic health records are increasingly utilized in large-scale population health analyses. Going hand in hand with this increase in data is an increasing number of data breaches. Ensuring privacy and security of these data is a shared responsibility between the public health researcher, collaborators, and their institutions. In this article, we review the requirements of data privacy and security and discuss epidemiologic implications of emerging technologies from the computer science community that can be used for health data. In order to ensure that our needs as researchers are captured in these technologies, we must engage in the dialogue surrounding the development of these tools.

  9. A New Public-Key Encryption Scheme

    Institute of Scientific and Technical Information of China (English)

    Hai-Bo Tian; Xi Sun; Yu-Min Wang

    2007-01-01

    This paper proposes a new public-key encryption scheme which removes one element from the public-key tuple of the original Cramer-Shoup scheme.As a result, a ciphertext is not a quadruple but a triple at the cost of a strong assumption,the third version of knowledge of exponent assumption (KEA3).Under assumptions of KEA3, a decision Diffie-Hellman (DDH) and a variant of target collision resistance (TCRv), the new scheme is proved secure against indistinguishable adaptive chosen ciphertext attack (IND-CCA2).This scheme is as efficient as Damgard ElGamal (DEG) scheme when it makes use of a well-known algorithm for product of exponentiations.The DEG scheme is recently proved IND-CCA1 secure by Bellare and Palacio in ASIACRYPT 2004 under another strong assumption.In addition to our IND-CCA2 secured scheme, we also believe that the security proof procedure itself provides a well insight for ElGamal-based encryption schemes which are secure in real world.

  10. KeyChains: A Decentralized Public-Key Infrastructure

    Science.gov (United States)

    2006-03-02

    exposed. This problem is easily solved in KeyChains, taking inspiration from existing techniques: certificate expiration, revocation lists and online...the peer. The peer maintains an access control list indicating what operations (key storage, key retrieval, and peer management) are permitted to a...2002, Norfolk, VA, September 2002. [9] http://www.umiacs.umd.edu/˜mmarsh/ CODEX /. [10] A. Datta, M. Hauswirth, and K. Aberer. Beyond ”web of trust

  11. Policymaking to preserve privacy in disclosure of public health data: a suggested framework.

    Science.gov (United States)

    Mizani, Mehrdad A; Baykal, Nazife

    2015-03-01

    Health organisations in Turkey gather a vast amount of valuable individual data that can be used for public health purposes. The organisations use rigid methods to remove some useful details from the data while publishing the rest of the data in a highly aggregated form, mostly because of privacy concerns and lack of standardised policies. This action leads to information loss and bias affecting public health research. Hence, organisations need dynamic policies and well-defined procedures rather than a specific algorithm to protect the privacy of individual data. To address this need, we developed a framework for the systematic application of anonymity methods while reducing and objectively reporting the information loss without leaking confidentiality. This framework acts as a roadmap for policymaking by providing high-level pseudo-policies with semitechnical guidelines in addition to some sample scenarios suitable for policymakers, public health programme managers and legislators.

  12. Low-Power Public Key Cryptography

    Energy Technology Data Exchange (ETDEWEB)

    BEAVER,CHERYL L.; DRAELOS,TIMOTHY J.; HAMILTON,VICTORIA A.; SCHROEPPEL,RICHARD C.; GONZALES,RITA A.; MILLER,RUSSELL D.; THOMAS,EDWARD V.

    2000-11-01

    This report presents research on public key, digital signature algorithms for cryptographic authentication in low-powered, low-computation environments. We assessed algorithms for suitability based on their signature size, and computation and storage requirements. We evaluated a variety of general purpose and special purpose computing platforms to address issues such as memory, voltage requirements, and special functionality for low-powered applications. In addition, we examined custom design platforms. We found that a custom design offers the most flexibility and can be optimized for specific algorithms. Furthermore, the entire platform can exist on a single Application Specific Integrated Circuit (ASIC) or can be integrated with commercially available components to produce the desired computing platform.

  13. The Privacy Attitude Questionnaire (PAQ): Initial Development and Validation

    OpenAIRE

    Chignell, Mark H; Quan-Haase, Anabel; Gwizdka, Jacek

    2003-01-01

    Privacy has been identified as a key issue in a variety of domains, including electronic commerce and public policy. While there are many discussions of privacy issues from a legal and policy perspective, there is little information on the structure of privacy as a psychometric construct. Our goal is to develop a method for measuring attitudes towards privacy that can guide the design and personalization of services. This paper reports on the development of an initial version of the PAQ. Four...

  14. Unconditionally-secure and reusable public-key authentication

    CERN Document Server

    Ioannou, Lawrence M

    2011-01-01

    We present a quantum-public-key identification protocol and show that it is secure against a computationally-unbounded adversary. This demonstrates for the first time that unconditionally-secure and reusable public-key authentication is possible in principle with (pure-state) public keys.

  15. Weak-Keys in Public Key Cryptosystems Based on Discrete Logarithms

    Institute of Scientific and Technical Information of China (English)

    TAI Suiyan; LUO Ping; PENG Xiaoning; WANG Daoshun

    2005-01-01

    The discrete logarithm method is the foundation of many public key algorithms. However, one type of key, defined as a weak-key, reduces the security of public key cryptosystems based on the discrete logarithm method. The weak-key occurs if the public key is a factor or multiple of the primitive element, in which case the user's private key is not needed but can be obtained based on the character of the public key. An algorithm is presented that can easily test whether there is a weak-key in the cryptosystem. An example is given to show that an attack can be completed for the Elgamal digital signature if a weak-key exists, therefore validating the danger of weak-keys. Methods are given to prevent the generation of these weak-keys.

  16. Mobile Interfaces in Public Spaces Locational Privacy, Control, and Urban Sociability

    CERN Document Server

    Silva, Adriana de Souza e

    2012-01-01

    Mobile phones are no longer what they used to be. Not only can users connect to the Internet anywhere and anytime, they can also use their devices to map their precise geographic coordinates -- and access location-specific information like restaurant reviews, historical information, and locations of other people nearby. The proliferation of location-aware mobile technologies calls for a new understanding of how we define public spaces, how we deal with locational privacy, and how networks of power are developed today. In Mobile Interfaces in Public Spaces, Adriana de Souza E. Silva and Jordan

  17. One-way quantum identity authentication based on public key

    Institute of Scientific and Technical Information of China (English)

    ZHANG XingLan

    2009-01-01

    Based on public key, a quantum identity authenticated (QIA) system is proposed without quantum entanglement. The public key acts as the authentication key of a user. Following the idea of the classical public key infrastructure (PKI), a trusted center of authentication (CA) is involved. The user selects a public key randomly and CA generates a private key for the user according to his public key. When it is necessary to perform QIA, the user sends a sequence of single photons encoded with its private key and a message to CA. According to the corresponding secret key kept by CA, CA performs the unitary operations on the single photon sequence. At last, the receiver can judge whether the user is an impersonator.

  18. Efficient Authenticated Key Agreement Protocol Using Self-Certified Public Keys from Pairings

    Institute of Scientific and Technical Information of China (English)

    SHAO Zu-hua

    2005-01-01

    An efficient authenticated key agreement protocol is proposed, which makes use of bilinear pairings and selfcertified public keys. Its security is based on the security assumptions of the bilinear Diffie-Hellman problem and the computational Diffie-Hellman problem. Users can choose their private keys independently. The public keys and identities of users can be verified implicitly when the session key being generating in a logically single step. A trusted Key Generation Center is no longer required as in the ID-based authenticated key agreement protocols. Compared with existing authenticated key agreement protocols from pairings, the new proposed protocol is more efficient and secure.

  19. Teaching Information Privacy in Marketing Courses: Key Educational Issues for Principles of Marketing and Elective Marketing Courses

    Science.gov (United States)

    Peltier, James W.; Milne, George R.; Phelps, Joseph E.; Barrett, Jennifer T.

    2010-01-01

    An "information privacy gap" exists in marketing education, with little research addressing the state of information privacy and how appropriate privacy strategies and tactics should be communicated to students. The primary purpose of this article is to provide educators an understanding of information privacy and how they can incorporate this…

  20. Teaching Information Privacy in Marketing Courses: Key Educational Issues for Principles of Marketing and Elective Marketing Courses

    Science.gov (United States)

    Peltier, James W.; Milne, George R.; Phelps, Joseph E.; Barrett, Jennifer T.

    2010-01-01

    An "information privacy gap" exists in marketing education, with little research addressing the state of information privacy and how appropriate privacy strategies and tactics should be communicated to students. The primary purpose of this article is to provide educators an understanding of information privacy and how they can incorporate this…

  1. Securing U-Healthcare Sensor Networks using Public Key Based Scheme

    CERN Document Server

    Haque, Md Mokammel; Hong, Choong Seon

    2008-01-01

    Recent emergence of electronic culture uplifts healthcare facilities to a new era with the aid of wireless sensor network (WSN) technology. Due to the sensitiveness of medical data, austere privacy and security are inevitable for all parts of healthcare systems. However, the constantly evolving nature and constrained resources of sensors in WSN inflict unavailability of a lucid line of defense to ensure perfect security. In order to provide holistic security, protections must be incorporated in every component of healthcare sensor networks. This paper proposes an efficient security scheme for healthcare applications of WSN which uses the notion of public key cryptosystem. Our entire security scheme comprises basically of two parts; a key handshaking scheme based on simple linear operations and the derivation of decryption key by a receiver node for a particular sender in the network. Our architecture allows both base station to node or node to base station secure communications, and node-to-node secure commun...

  2. Security Notions for Quantum Public-Key Cryptography

    OpenAIRE

    Koshiba, Takeshi

    2007-01-01

    It is well known that Shor's quantum algorithm for integer factorization can break down the RSA public-key cryptosystem, which is widely used in many cryptographic applications. Thus, public-key cryptosystems in the quantum computational setting are longed for cryptology. In order to define the security notions of public-key cryptosystems, we have to model the power of the sender, receiver, adversary and channel. While we may consider a setting where quantum computers are available only to ad...

  3. Public health - threats, concerns and key actions

    DEFF Research Database (Denmark)

    Czeskleba-Dupont, Rolf

    Public health is discussed departing from priorities related to the precautionary principle with special reference to air pollution from wood burning in individual stoves and the susceptibility of vulnerable groups, i.a. people with genetic predispositions for a lack of detoxifying capacity....

  4. Public health - threats, concerns and key actions

    DEFF Research Database (Denmark)

    Czeskleba-Dupont, Rolf

    Public health is discussed departing from priorities related to the precautionary principle with special reference to air pollution from wood burning in individual stoves and the susceptibility of vulnerable groups, i.a. people with genetic predispositions for a lack of detoxifying capacity....

  5. Security Notions for Quantum Public-Key Cryptography

    CERN Document Server

    Koshiba, T

    2007-01-01

    It is well known that Shor's quantum algorithm for integer factorization can break down the RSA public-key cryptosystem, which is widely used in many cryptographic applications. Thus, public-key cryptosystems in the quantum computational setting are longed for cryptology. In order to define the security notions of public-key cryptosystems, we have to model the power of the sender, receiver, adversary and channel. While we may consider a setting where quantum computers are available only to adversaries, we generally discuss what are the right security notions for (quantum) public-key cryptosystems in the quantum computational setting. Moreover, we consider the security of quantum public-key cryptosystems known so far.

  6. Using routinely collected health data for surveillance, quality improvement and research: Framework and key questions to assess ethics, privacy and data access

    Directory of Open Access Journals (Sweden)

    Simon de Lusignan

    2016-01-01

    Full Text Available Background The use of health data for public health, surveillance, quality improvement and research is crucial to improve health systems and health care. However, bodies responsible for privacy and ethics often limit access to routinely collected health data. Ethical approvals, issues around protecting privacy and data access are often dealt with by different layers of regulations, making approval processes appear disjointed.Objective To create a comprehensive framework for defining the ethical and privacy status of a project and for providing guidance on data access.Method The framework comprises principles and related questions. The core of the framework will be built using standard terminology definitions such as ethics-related controlled vocabularies and regional directives. It is built in this way to reduce ambiguity between different definitions. The framework is extensible: principles can be retired or added to, as can their related questions. Responses to these questions should allow data processors to define ethical issues, privacy risk and other unintended consequences.Results The framework contains three steps: (1 identifying possible ethical and privacy principles relevant to the project; (2 providing ethics and privacy guidance questions that inform the type of approval needed; and (3 assessing case-specific ethics and privacy issues. The outputs from this process should inform whether the balance between public interests and privacy breach and any ethical considerations are tipped in favour of societal benefits. If they are then this should be the basis on which data access is permitted. Tightly linking ethical principles to governance and data access may help maintain public trust.

  7. Distributed public key schemes secure against continual leakage

    DEFF Research Database (Denmark)

    Akavia, Adi; Goldwasser, Shafi; Hazay, Carmit

    2012-01-01

    In this work we study distributed public key schemes secure against continual memory leakage. The secret key will be shared among two computing devices communicating over a public channel, and the decryption operation will be computed by a simple 2-party protocol between the devices. Similarly...... the value of the respective function on the internal state of the respective device (namely, on its secret share, internal randomness, and results of intermediate computations). We present distributed public key encryption (DPKE) and distributed identity based encryption (DIBE) schemes that are secure...

  8. Public-key cryptography based on bounded quantum reference frames

    OpenAIRE

    Ioannou, Lawrence M.; Mosca, Michele

    2009-01-01

    We demonstrate that the framework of bounded quantum reference frames has application to building quantum-public-key cryptographic protocols and proving their security. Thus, the framework we introduce can be seen as a public-key analogue of the framework of Bartlett et al. (Phys. Rev. A 70, 032307), where a private shared reference frame is shown to have cryptographic application. The protocol we present in this paper is an identification scheme, which, like a digital signature scheme, is a ...

  9. A Secure Public-key Image Authentication Plan

    Institute of Scientific and Technical Information of China (English)

    YANG Qing; CHEN Ke-fei

    2005-01-01

    Digital watermark can be used for image ownership verification or authentication. In this paper, we propose a new image authentication plan concentrating on its security performance. Digital watermark is first turbo coded, scaled and then processed in wavelet domain. To enhance security level, public key cryptosystem is utilized to replace traditional watermark key. Simulation results are finally given by experiment.

  10. A Survey of Key Technology of Network Public Opinion Analysis

    Directory of Open Access Journals (Sweden)

    Li Su Ying

    2016-01-01

    Full Text Available The internet has become an important base for internet users to make comments because of its interactivity and fast dissemination. The outbreak of internet public opinion has become a major risk for network information security. Domestic and foreign researchers had carried out extensive and in-depth study on public opinion. Fruitful results have achieved in the basic theory research and emergency handling and other aspects of public opinion. But research on the public opinion in China is still in the initial stage, the key technology of the public opinion analysis is still as a starting point for in-depth study and discussion.

  11. Privacy Preserving Data Publishing: A Classification Perspective

    Directory of Open Access Journals (Sweden)

    A N K Zaman

    2014-09-01

    Full Text Available The concept of privacy is expressed as release of information in a controlled way. Privacy could also be defined as privacy decides what type of personal information should be released and which group or person can access and use it. Privacy Preserving Data Publishing (PPDP is a way to allow one to share anonymous data to ensure protection against identity disclosure of an individual. Data anonymization is a technique for PPDP, which makes sure the published data, is practically useful for processing (mining while preserving individuals sensitive information. Most works reported in literature on privacy preserving data publishing for classification task handle numerical data. However, most real life data contains both numerical and non-numerical data. Another shortcoming is that use of distributed model called Secure Multiparty Computation (SMC. For this research, a centralized model is used for independent data publication by a single data owner. The key challenge for PPDP is to ensure privacy as well as to keep the data usable for research. Differential privacy is a technique that ensures the highest level of privacy for a record owner while providing actual information of the data set. The aim of this research is to develop a framework that satisfies differential privacy standards and to ensure maximum data usability for a classification tasks such as patient data classification in terms of blood pressure.

  12. A public-key cryptosystem for quantum message transmission

    Science.gov (United States)

    Yang, Li

    2005-01-01

    We present a quantum public-key cryptography protocol for quantum message transmission. The private key of this protocol includes three classical matrices: a generator matrix of a Goppa code, an invertible matrix and a permutation matrix. The public key is product of these three matrices. The encryption and decryption algorithms are merely quantum computations related with the transformations between bases of the quantum registers. The security of this protocol is based on the hypothesis that there is no effective algorithm of NP-complete problem.

  13. Efficient secure-channel free public key encryption with keyword search for EMRs in cloud storage.

    Science.gov (United States)

    Guo, Lifeng; Yau, Wei-Chuen

    2015-02-01

    Searchable encryption is an important cryptographic primitive that enables privacy-preserving keyword search on encrypted electronic medical records (EMRs) in cloud storage. Efficiency of such searchable encryption in a medical cloud storage system is very crucial as it involves client platforms such as smartphones or tablets that only have constrained computing power and resources. In this paper, we propose an efficient secure-channel free public key encryption with keyword search (SCF-PEKS) scheme that is proven secure in the standard model. We show that our SCF-PEKS scheme is not only secure against chosen keyword and ciphertext attacks (IND-SCF-CKCA), but also secure against keyword guessing attacks (IND-KGA). Furthermore, our proposed scheme is more efficient than other recent SCF-PEKS schemes in the literature.

  14. LPKI - A Lightweight Public Key Infrastructure for the Mobile Environments

    CERN Document Server

    Toorani, Mohsen; 10.1109/ICCS.2008.4737164

    2010-01-01

    The non-repudiation as an essential requirement of many applications can be provided by the asymmetric key model. With the evolution of new applications such as mobile commerce, it is essential to provide secure and efficient solutions for the mobile environments. The traditional public key cryptography involves huge computational costs and is not so suitable for the resource-constrained platforms. The elliptic curve-based approaches as the newer solutions require certain considerations that are not taken into account in the traditional public key infrastructures. The main contribution of this paper is to introduce a Lightweight Public Key Infrastructure (LPKI) for the constrained platforms such as mobile phones. It takes advantages of elliptic curve cryptography and signcryption to decrease the computational costs and communication overheads, and adapting to the constraints. All the computational costs of required validations can be eliminated from end-entities by introduction of a validation authority to th...

  15. Market Reactions to Publicly Announced Privacy and Security Breaches Suffered by Companies Listed on the United States Stock Exchanges: A Comparative Empirical Investigation

    Science.gov (United States)

    Coronado, Adolfo S.

    2012-01-01

    Using a sample of security and privacy breaches the present research examines the comparative announcement impact between the two types of events. The first part of the dissertation analyzes the impact of publicly announced security and privacy breaches on abnormal stock returns, the change in firm risk, and abnormal trading volume are measured.…

  16. Public key infrastructure building trusted applications and web services

    CERN Document Server

    Vacca, John R

    2004-01-01

    OVERVIEW OF PKI TECHNOLOGYPublic Key Infrastructures (PKIs): What Are They?Type of Certificate Authorities (CAS) ServicesPKI StandardsTypes of Vendor and Third-Party CA SystemsProtecting Private KeysCA System AttacksStolen Private Keys: What Can Be Done?Certificate Practice StatementsPKI ReadinessANALYZING AND DESIGNING PUBLIC KEY INFRASTRUCTURESPKI Design IssuesCost Justification and ConsiderationPKI Standards Design IssuesPKI Architectural Design ConsiderationsIMPLEMENTING PKIRequirementsImplementation ScheduleImplementation CostsPKI PerformanceMANAGING PKIRequesting a CertificateObtaining a

  17. A Public Key Block Cipher Based on Multivariate Quadratic Quasigroups

    CERN Document Server

    Gligoroski, Danilo; Knapskog, Svein Johan

    2008-01-01

    We have designed a new class of public key algorithms based on quasigroup string transformations using a specific class of quasigroups called multivariate quadratic quasigroups (MQQ). Our public key algorithm is a bijective mapping, it does not perform message expansions and can be used both for encryption and signatures. The public key consist of n quadratic polynomials with n variables where n=140, 160, ... . A particular characteristic of our public key algorithm is that it is very fast and highly parallelizable. More concretely, it has the speed of a typical modern symmetric block cipher - the reason for the phrase "A Public Key Block Cipher" in the title of this paper. Namely the reference C code for the 160-bit variant of the algorithm performs decryption in less than 11,000 cycles (on Intel Core 2 Duo -- using only one processor core), and around 6,000 cycles using two CPU cores and OpenMP 2.0 library. However, implemented in Xilinx Virtex-5 FPGA that is running on 249.4 MHz it achieves decryption thro...

  18. Modeling, Simulation and Analysis of Public Key Infrastructure

    Science.gov (United States)

    Liu, Yuan-Kwei; Tuey, Richard; Ma, Paul (Technical Monitor)

    1998-01-01

    Security is an essential part of network communication. The advances in cryptography have provided solutions to many of the network security requirements. Public Key Infrastructure (PKI) is the foundation of the cryptography applications. The main objective of this research is to design a model to simulate a reliable, scalable, manageable, and high-performance public key infrastructure. We build a model to simulate the NASA public key infrastructure by using SimProcess and MatLab Software. The simulation is from top level all the way down to the computation needed for encryption, decryption, digital signature, and secure web server. The application of secure web server could be utilized in wireless communications. The results of the simulation are analyzed and confirmed by using queueing theory.

  19. [Screening on key techniques used for surveillance and disposal of public health emergencies].

    Science.gov (United States)

    Zhu, Q R; Yang, L; Ma, H Y; Xie, W Q; Cong, L M; Xu, L W

    2017-06-10

    Objective: To explore the key techniques used for surveillance and disposal of infectious diseases, food poisoning and hospital infection to improve the ability of surveillance and disposal on public health emergency. Methods: Framework on surveillance and disposal of infectious diseases, food poisoning and hospital infection was set up, based on literature review and expert group discussion. Delphi method and technique for order preference by similarity to ideal solution comprehensive evaluation method were used for ordering preference by similarity, to screen key techniques set for surveillance and disposal of the above said events. Results: Framework to be used for selecting key techniques was designed, based on the classification of emergency events, processing cycle of emergency events and level of techniques. Twenty six public health experts were selected for a 2-round consultation, with their authority as 0.796. Ten key techniques with important significance for surveillance and disposal of infectious diseases, food poisoning and hospital infection were selected from each event. Among these key techniques, the early-warning system was recognized as the key technique, important for the surveillance and disposal of all three emergency events. Items as technology used for unknown pathogenic microorganism detection, personal protection, gene sequencing and tracing technology, microorganism molecular typing technology, nucleic acid detection technology etc. were the key techniques and need to develop for the surveillance and disposal of infectious diseases and iatrogenic infection. Data regarding key technologies on security and privacy, early warning and forecasting, field rapid detection were sorted out that all in need to improve the surveillance programs on disposal of infectious diseases and food poisoning. Data exchange appeared another key technique on infectious diseases, with toxin detection and other 5 techniques the key techniques for food poisoning

  20. SPEED AND SECURITY ENHANCEMENT THROUGH PUBLIC KEY CRYPTOGRAPHY

    Directory of Open Access Journals (Sweden)

    J.SAIGEETHA

    2010-08-01

    Full Text Available It is true that the transfer of data is essential in the fast developing world. It is equally true that the transfer of data tobe taken place with much security by not giving groom to the intruders. This paper presents the analysis of the security of information with enhanced the speed of encryption and decryption process. This process uses public key cryptography via RSA algorithm with some modification. There are two keys used in RSA algorithm foreffectiveness in the aspect of security one being the public key used for all and the other being the secret key. The implementation is done in the JAVA language and crypt analysis is performed to check the level of protection and speed .

  1. Public Key Infrastructure Increment 2 (PKI Inc 2)

    Science.gov (United States)

    2016-03-01

    Public Key Infrastructure (PKI) is a critical enabling technology for Information Assurance (IA) services to support seamless secure information flows...resources. 6. Integrity of software used within or transmitted over DoD networks (i.e. mobile code,) and the provision of security services within the...Operational Capability IP - Internet Protocol IT - Information Technology KPP - Key Performance Parameter $M - Millions of Dollars MAIS - Major

  2. Quantum key distribution with delayed privacy amplification and its application to the security proof of a two-way deterministic protocol

    OpenAIRE

    Chau, HF; Fung, CHF; X.; Ma; Cai, QY

    2012-01-01

    Privacy amplification (PA) is an essential postprocessing step in quantum key distribution (QKD) for removing any information an eavesdropper may have on the final secret key. In this paper, we consider delaying PA of the final key after its use in one-time pad encryption and prove its security. We prove that the security and the key generation rate are not affected by delaying PA. Delaying PA has two applications: it serves as a tool for significantly simplifying the security proof of QKD wi...

  3. The digital divide in public e-health: barriers to accessibility and privacy in state health department websites.

    Science.gov (United States)

    West, Darrell M; Miller, Edward Alan

    2006-08-01

    State health departments have placed a tremendous amount of information, data, and services online in recent years. With the significant increase in online resources at official health sites, though, have come questions concerning equity of access and the confidentiality of electronic medical materials. This paper reports on an examination of public health department websites maintained by the 50 state governments. Using a content analysis of health department sites undertaken each year from 2000 to 2005, we investigate several dimensions of accessibility and privacy: readability levels, disability access, non-English accessibility, and the presence of privacy and security statements. We argue that although progress has been made at improving the accessibility and confidentiality of health department electronic resources, there remains much work to be done to ensure quality access for all Americans in the area of public e-health.

  4. Public-key Encryption with Registered Keyword Search

    NARCIS (Netherlands)

    Tang, Qiang; Chen, Liqun

    Public-key Encryption with Keyword Search (PEKS) enables a server to test whether a tag from a sender and a trapdoor from a receiver contain the same keyword. In this paper, we highlight some potential security concern, i.e. a curious server is able to answer whether any selected keyword is

  5. Cryptanalysis on a finite automaton public key cryptosystem

    Institute of Scientific and Technical Information of China (English)

    戴大为; 吴逵; 张焕国

    1996-01-01

    An attack algorithm is proposed on a finite automaton public key cryptosystem.It is proved that this attack can break FAPKCO in polynomial time.The basic idea can be used in principle to attack other FAPKCs.Therefore,while designing an FAPKC,it must be taken into account whether it is secure or not under this kind of attack.

  6. Public Key Cryptography Based on Ergodic Matrices over Finite Field

    Institute of Scientific and Technical Information of China (English)

    PEI Shihui; ZHAO Hongwei; ZHAO Yongzhe

    2006-01-01

    A new public key encryption scheme is proposed in this paper, which is based on a hard problem over ergodic matrices. The security of this scheme is equal to the MQ-problem: multivariate quadratic equations over finite fields. This problem has been shown to be NP-complete and can' be solved with polynomial time algorithm.

  7. Trellis-coded quantization for public-key steganography

    CERN Document Server

    Guelvouit, Gaëtan Le

    2008-01-01

    This paper deals with public-key steganography in the presence of a passive warden. The aim is to hide secret messages within cover-documents without making the warden suspicious, and without any preliminar secret key sharing. Whereas a practical attempt has been already done to provide a solution to this problem, it suffers of poor flexibility (since embedding and decoding steps highly depend on cover-signals statistics) and of little capacity compared to recent data hiding techniques. Using the same framework, this paper explores the use of trellis-coded quantization techniques (TCQ and turbo TCQ) to design a more efficient public-key scheme. Experiments on audio signals show great improvements considering Cachin's security criterion.

  8. Little Dragon Two: An efficient Multivariate Public Key Cryptosystem

    Directory of Open Access Journals (Sweden)

    Rajesh P Singh

    2010-04-01

    Full Text Available In 1998 [8], Patarin proposed an efficient cryptosystem called Little Dragon which was a variant a variant of Matsumoto Imai cryptosystem C*. However Patarin latter found that Little Dragon cryptosystem is not secure [8], [3]. In this paper we propose a cryptosystem Little Dragon Two which is as efficient as Little Dragon cryptosystem but secure against all the known attacks. Like Little Dragon cryptosystem the public key of Little Dragon Two is mixed type that is quadratic in plaintext and cipher text variables. So the public key size of Little Dragon Two is equal to Little Dragon Cryptosystem. Ourpublic key algorithm is bijective and can be used for both encryption and signatures

  9. A New Factorization Method to Factorize RSA Public Key Encryption

    Directory of Open Access Journals (Sweden)

    Bhagvant Ram Ambedkar

    2011-11-01

    Full Text Available The security of public key encryption such as RSA scheme relied on the integer factoring problem. The security of RSA algorithm is based on positive integer N, because each transmitting node generates pair of keys such as public and private. Encryption and decryption of any message depends on N. Where, N is the product of two prime numbers and pair of key generation is dependent on these prime numbers. The factorization of N is very intricate. In this paper a New Factorization method is proposed to obtain the factor of positive integer N. The proposed work focuses on factorization of all trivial and nontrivial integer numbers and requires fewer steps for factorization process of RSA modulus N. The New Factorization method is based on Pollard rho factorization method. Experimental results shown that factorization speed is fast as compare existing methods.

  10. ε-inclusion: privacy preserving re-publication of dynamic datasets

    Institute of Scientific and Technical Information of China (English)

    Qiong WEI; Yan-sheng LU; Lei ZOU

    2008-01-01

    This paper presents a novel privacy principle,ε-inclusion,for re-publishing sensitive dynamic datasets,ε-inclusion releases all the quasi-identifier values directly and uses permutation-based method and substitution to anonymize the microdata.Combined with generalization-based methods,ε-inclusion protects privacy and captures a large amount of correlation in the microdata.We develop an effective algorithm for computing anonymized tables that obey the ε-inclusion privacy requirement.Extensive experiments confirm that our solution allows significantly more effective data analysis than generalization-based methods.

  11. 'Vulgar publicity' and the problems of privacy in Margaret Oliphant's 'Salem Chapel'

    NARCIS (Netherlands)

    T. MacDonald

    2011-01-01

    This article examines Margaret Oliphant's Salem Chapel (1863), the author's only foray into the sensation genre. It argues that the novel's focus on the dangers of gossip and public exposure reveals Oliphant's fraught relationship with sensationalism. Two key characters represent sensational readers

  12. Privacy encounters in Teledialogue

    DEFF Research Database (Denmark)

    Andersen, Lars Bo; Bøge, Ask Risom; Danholt, Peter

    2016-01-01

    Privacy is a major concern when new technologies are introduced between public authorities and private citizens. What is meant by privacy, however, is often unclear and contested. Accordingly, this article utilises grounded theory to study privacy empirically in the research and design project...... Teledialogue aimed at introducing new ways for public case managers and placed children to communicate through IT. The resulting argument is that privacy can be understood as an encounter, that is, as something that arises between implicated actors and entails some degree of friction and negotiation....... An argument which is further qualified through the philosophy of Gilles Deleuze. The article opens with a review of privacy literature before continuing to present privacy as an encounter with five different foci: what technologies bring into the encounter; who is related to privacy by implication; what...

  13. BangA: An Efficient and Flexible Generalization-Based Algorithm for Privacy Preserving Data Publication

    Directory of Open Access Journals (Sweden)

    Adeel Anjum

    2017-01-01

    Full Text Available Privacy-Preserving Data Publishing (PPDP has become a critical issue for companies and organizations that would release their data. k-Anonymization was proposed as a first generalization model to guarantee against identity disclosure of individual records in a data set. Point access methods (PAMs are not well studied for the problem of data anonymization. In this article, we propose yet another approximation algorithm for anonymization, coined BangA, that combines useful features from Point Access Methods (PAMs and clustering. Hence, it achieves fast computation and scalability as a PAM, and very high quality thanks to its density-based clustering step. Extensive experiments show the efficiency and effectiveness of our approach. Furthermore, we provide guidelines for extending BangA to achieve a relaxed form of differential privacy which provides stronger privacy guarantees as compared to traditional privacy definitions.

  14. Quantum Hash function and its application to privacy amplification in quantum key distribution, pseudo-random number generation and image encryption.

    Science.gov (United States)

    Yang, Yu-Guang; Xu, Peng; Yang, Rui; Zhou, Yi-Hua; Shi, Wei-Min

    2016-01-29

    Quantum information and quantum computation have achieved a huge success during the last years. In this paper, we investigate the capability of quantum Hash function, which can be constructed by subtly modifying quantum walks, a famous quantum computation model. It is found that quantum Hash function can act as a hash function for the privacy amplification process of quantum key distribution systems with higher security. As a byproduct, quantum Hash function can also be used for pseudo-random number generation due to its inherent chaotic dynamics. Further we discuss the application of quantum Hash function to image encryption and propose a novel image encryption algorithm. Numerical simulations and performance comparisons show that quantum Hash function is eligible for privacy amplification in quantum key distribution, pseudo-random number generation and image encryption in terms of various hash tests and randomness tests. It extends the scope of application of quantum computation and quantum information.

  15. Quantum Hash function and its application to privacy amplification in quantum key distribution, pseudo-random number generation and image encryption

    Science.gov (United States)

    Yang, Yu-Guang; Xu, Peng; Yang, Rui; Zhou, Yi-Hua; Shi, Wei-Min

    2016-01-01

    Quantum information and quantum computation have achieved a huge success during the last years. In this paper, we investigate the capability of quantum Hash function, which can be constructed by subtly modifying quantum walks, a famous quantum computation model. It is found that quantum Hash function can act as a hash function for the privacy amplification process of quantum key distribution systems with higher security. As a byproduct, quantum Hash function can also be used for pseudo-random number generation due to its inherent chaotic dynamics. Further we discuss the application of quantum Hash function to image encryption and propose a novel image encryption algorithm. Numerical simulations and performance comparisons show that quantum Hash function is eligible for privacy amplification in quantum key distribution, pseudo-random number generation and image encryption in terms of various hash tests and randomness tests. It extends the scope of application of quantum computation and quantum information.

  16. Quantum Hash function and its application to privacy amplification in quantum key distribution, pseudo-random number generation and image encryption

    Science.gov (United States)

    Yang, Yu-Guang; Xu, Peng; Yang, Rui; Zhou, Yi-Hua; Shi, Wei-Min

    2016-01-01

    Quantum information and quantum computation have achieved a huge success during the last years. In this paper, we investigate the capability of quantum Hash function, which can be constructed by subtly modifying quantum walks, a famous quantum computation model. It is found that quantum Hash function can act as a hash function for the privacy amplification process of quantum key distribution systems with higher security. As a byproduct, quantum Hash function can also be used for pseudo-random number generation due to its inherent chaotic dynamics. Further we discuss the application of quantum Hash function to image encryption and propose a novel image encryption algorithm. Numerical simulations and performance comparisons show that quantum Hash function is eligible for privacy amplification in quantum key distribution, pseudo-random number generation and image encryption in terms of various hash tests and randomness tests. It extends the scope of application of quantum computation and quantum information. PMID:26823196

  17. Efficient quantum secure communication with a publicly known key

    Institute of Scientific and Technical Information of China (English)

    Li Chun-Yan; Li Xi-Han; Deng Fu-Guo; Zhou Hong-Yu

    2008-01-01

    This paper presents a simple way for an eavesdropper to eavesdrop freely the secret message in the experimental realization of quantum communication protocol proposed by Beige et al (2002 Acta Phys. Pol. A 101 357). Moreover, it introduces an efficient quantum secure communication protocol based on a publicly known key with decoy photons and two biased bases by modifying the original protocol. The total efficiency of this new protocol is double that of the original one. With a low noise quantum channel, this protocol can be used for transmitting a secret message. At present, this protocol is good for generating a private key efficiently.

  18. An application of different dioids in public key cryptography

    Energy Technology Data Exchange (ETDEWEB)

    Durcheva, Mariana I., E-mail: mdurcheva66@gmail.com [Technical University of Sofia, Faculty of Applied Mathematics and Informatics, 8 Kliment Ohridski St., Sofia 1000 (Bulgaria)

    2014-11-18

    Dioids provide a natural framework for analyzing a broad class of discrete event dynamical systems such as the design and analysis of bus and railway timetables, scheduling of high-throughput industrial processes, solution of combinatorial optimization problems, the analysis and improvement of flow systems in communication networks. They have appeared in several branches of mathematics such as functional analysis, optimization, stochastic systems and dynamic programming, tropical geometry, fuzzy logic. In this paper we show how to involve dioids in public key cryptography. The main goal is to create key – exchange protocols based on dioids. Additionally the digital signature scheme is presented.

  19. New Public Key Cryptosystems from Combinatorial Group Theory

    Institute of Scientific and Technical Information of China (English)

    TANG Xueming; WANG Xiaofei; HONG Fan; CUI Guohua

    2006-01-01

    External direct product of some low layer groups such as braid groups and general Artin groups, with a kind of special group action on it, provides a secure cryptographic computation platform, which can keep secure in the quantum computing epoch. Three hard problems on this new platform, Subgroup Root Problem, Multi-variant Subgroup Root Problem and Subgroup Action Problem are presented and well analyzed, which all have no relations with conjugacy. New secure public key encryption system and key agreement protocol are designed based on these hard problems. The new cryptosystems can be implemented in a general group environment other than in braid or Artin groups.

  20. Key-phrase based classification of public health web pages.

    Science.gov (United States)

    Dolamic, Ljiljana; Boyer, Célia

    2013-01-01

    This paper describes and evaluates the public health web pages classification model based on key phrase extraction and matching. Easily extendible both in terms of new classes as well as the new language this method proves to be a good solution for text classification faced with the total lack of training data. To evaluate the proposed solution we have used a small collection of public health related web pages created by a double blind manual classification. Our experiments have shown that by choosing the adequate threshold value the desired value for either precision or recall can be achieved.

  1. Review of Lattice-based Public key Cryptography(Russian)

    OpenAIRE

    Usatyuk, V. S.

    2010-01-01

    This article presets a review of the achievements rapidly developing field of cryptography - public-key cryptography based on the lattice theory. Paper contains the necessary basic concepts and the major problems of the lattice theory, as well as together with the description on the benefits of this cryptography class - the properties of the reliability to quantum computers and full homomorphism, the shortcomings of specific implementations.

  2. Noncoherent capacity of secret-key agreement with public discussion

    KAUST Repository

    Agrawal, Anurag

    2011-09-01

    We study the noncoherent capacity of secret-key agreement with public discussion over independent identically distributed (i.i.d.) Rayleigh fading wireless channels, where neither the sender nor the receivers have access to instantaneous channel state information (CSI). We present two results. At high signal-to-noise ratio (SNR), the secret-key capacity is bounded in SNR, regardless of the number of antennas at each terminal. Second, for a system with a single antenna at both the legitimate and the eavesdropper terminals and an arbitrary number of transmit antennas, the secret-key capacity-achieving input distribution is discrete, with a finite number of mass points. Numerically we observe that at low SNR, the capacity achieving distribution has two mass points with one of them at the origin. © 2011 IEEE.

  3. Lower and Upper Bounds for Deniable Public-Key Encryption

    DEFF Research Database (Denmark)

    Bendlin, Rikke; Nielsen, Jesper Buus; Nordholt, Peter Sebastian

    2011-01-01

    the parties to change their internal state to make it look like a given ciphertext decrypts to a message different from what it really decrypts to. Deniable encryption was in this way introduced to allow to deny a message exchange and hence combat coercion. Depending on which parties can be coerced......, the security level, the flavor and the number of rounds of the cryptosystem, it is possible to define a number of notions of deniable encryption. In this paper we prove that there does not exist any non-interactive receiver-deniable cryptosystem with better than polynomial security. This also shows...... that it is impossible to construct a non-interactive bi-deniable public-key encryption scheme with better than polynomial security. Specifically, we give an explicit bound relating the security of the scheme to how efficient the scheme is in terms of key size. Our impossibility result establishes a lower bound...

  4. Error-correcting pairs for a public-key cryptosystem

    Science.gov (United States)

    Pellikaan, Ruud; Márquez-Corbella, Irene

    2017-06-01

    Code-based Cryptography (CBC) is a powerful and promising alternative for quantum resistant cryptography. Indeed, together with lattice-based cryptography, multivariate cryptography and hash-based cryptography are the principal available techniques for post-quantum cryptography. CBC was first introduced by McEliece where he designed one of the most efficient Public-Key encryption schemes with exceptionally strong security guarantees and other desirable properties that still resist to attacks based on Quantum Fourier Transform and Amplitude Amplification. The original proposal, which remains unbroken, was based on binary Goppa codes. Later, several families of codes have been proposed in order to reduce the key size. Some of these alternatives have already been broken. One of the main requirements of a code-based cryptosystem is having high performance t-bounded decoding algorithms which is achieved in the case the code has a t-error-correcting pair (ECP). Indeed, those McEliece schemes that use GRS codes, BCH, Goppa and algebraic geometry codes are in fact using an error-correcting pair as a secret key. That is, the security of these Public-Key Cryptosystems is not only based on the inherent intractability of bounded distance decoding but also on the assumption that it is difficult to retrieve efficiently an error-correcting pair. In this paper, the class of codes with a t-ECP is proposed for the McEliece cryptosystem. Moreover, we study the hardness of distinguishing arbitrary codes from those having a t-error correcting pair.

  5. Is Privacy Reserved for Adults? Children's Rights at the Public Library.

    Science.gov (United States)

    Hildebrand, Janet

    1991-01-01

    Argues that the library has a responsibility to provide access to materials and ensure absolute privacy for children in the same manner as it does for adults. Attention this issue has received is discussed and policies formed at the Contra Costa County Library in California are described. Sources for further reading and listening are suggested.…

  6. Public Auditing with Privacy Protection in a Multi-User Model of Cloud-Assisted Body Sensor Networks.

    Science.gov (United States)

    Li, Song; Cui, Jie; Zhong, Hong; Liu, Lu

    2017-05-05

    Wireless Body Sensor Networks (WBSNs) are gaining importance in the era of the Internet of Things (IoT). The modern medical system is a particular area where the WBSN techniques are being increasingly adopted for various fundamental operations. Despite such increasing deployments of WBSNs, issues such as the infancy in the size, capabilities and limited data processing capacities of the sensor devices restrain their adoption in resource-demanding applications. Though providing computing and storage supplements from cloud servers can potentially enrich the capabilities of the WBSNs devices, data security is one of the prevailing issues that affects the reliability of cloud-assisted services. Sensitive applications such as modern medical systems demand assurance of the privacy of the users' medical records stored in distant cloud servers. Since it is economically impossible to set up private cloud servers for every client, auditing data security managed in the remote servers has necessarily become an integral requirement of WBSNs' applications relying on public cloud servers. To this end, this paper proposes a novel certificateless public auditing scheme with integrated privacy protection. The multi-user model in our scheme supports groups of users to store and share data, thus exhibiting the potential for WBSNs' deployments within community environments. Furthermore, our scheme enriches user experiences by offering public verifiability, forward security mechanisms and revocation of illegal group members. Experimental evaluations demonstrate the security effectiveness of our proposed scheme under the Random Oracle Model (ROM) by outperforming existing cloud-assisted WBSN models.

  7. 75 FR 20364 - Public Buildings Service; Key Largo Beacon Annex Site; Key Largo, FL; Transfer of Property

    Science.gov (United States)

    2010-04-19

    ... From the Federal Register Online via the Government Publishing Office GENERAL SERVICES ADMINISTRATION Public Buildings Service; Key Largo Beacon Annex Site; Key Largo, FL; Transfer of Property..., identified as Key Largo Beacon Annex Site, Key Largo, FL to the U.S. Fish and Wildlife Service, Department...

  8. Privacy Expectations in Online Contexts

    Science.gov (United States)

    Pure, Rebekah Abigail

    2013-01-01

    Advances in digital networked communication technology over the last two decades have brought the issue of personal privacy into sharper focus within contemporary public discourse. In this dissertation, I explain the Fourth Amendment and the role that privacy expectations play in the constitutional protection of personal privacy generally, and…

  9. Advertising and Invasion of Privacy.

    Science.gov (United States)

    Rohrer, Daniel Morgan

    The right of privacy as it relates to advertising and the use of a person's name or likeness is discussed in this paper. After an introduction that traces some of the history of invasion of privacy in court decisions, the paper examines cases involving issues such as public figures and newsworthy items, right of privacy waived, right of privacy…

  10. Privacy Expectations in Online Contexts

    Science.gov (United States)

    Pure, Rebekah Abigail

    2013-01-01

    Advances in digital networked communication technology over the last two decades have brought the issue of personal privacy into sharper focus within contemporary public discourse. In this dissertation, I explain the Fourth Amendment and the role that privacy expectations play in the constitutional protection of personal privacy generally, and…

  11. Towards Public Key Infrastructure less authentication in Session Initiation Protocol

    Directory of Open Access Journals (Sweden)

    Md. Sarwar Morshed

    2010-01-01

    Full Text Available The Session Initiation Protocol (SIP has become the most predominant protocol for Voice over Internet Protocol (VoIP signaling. Security of SIP is an important consideration for VoIP communication as the traffic is transmitted over the insecure IP network. And the authentication process in SIP ranges from pre-shared secret based solutions to Public Key Infrastructure (PKI based solution. However, due to the limitations in PKI based solutions, some PKI less authentications mechanisms are proposed. This paper aims to present an overview of different authentication methods used in or together with SIP. We start by highlighting the security issues in SIP in the context of VoIP communication. Then we illustrate the current activities regarding the SIP authentication mechanisms including the recent developments in the research community and standardization efforts within the Internet Engineering Task Force (IETF. Finally we analyze the security aspects of these approaches.

  12. Towards Public Key Infrastructure less authentication in Session Initiation Protocol

    CERN Document Server

    Hasib, Abdullah Al; Morshed, Md Sarwar

    2010-01-01

    The Session Initiation Protocol (SIP) has become the most predominant protocol for Voice over Internet Protocol (VoIP) signaling. Security of SIP is an important consideration for VoIP communication as the traffic is transmitted over the insecure IP network. And the authentication process in SIP ranges from pre-shared secret based solutions to Public Key Infrastructure (PKI) based solution. However, due to the limitations in PKI based solutions, some PKI less authentications mechanisms are proposed. This paper aims to present an overview of different authentication methods used in or together with SIP. We start by highlighting the security issues in SIP in the context of VoIP communication. Then we illustrate the current activities regarding the SIP authentication mechanisms including the recent developments in the research community and standardization efforts within the Internet Engineering Task Force (IETF). Finally we analyze the security aspects of these approaches.

  13. A Trusted Centralized Public Key to Secure Border Gateway Protocol

    Directory of Open Access Journals (Sweden)

    Divan Raimagia

    2012-06-01

    Full Text Available The Secure Border Gateway Protocol (S-BGP is used when two different Autonomous System communicate with each other and upon reception of UPDATE from neighbor Autonomous System. A core layer Router in single Autonomous System called BGP speaker first verifies the receiving update and signs the full path with own digital signature and send it to neighbor AS. In Real scenario so many ASes and Routers communicate to each other. So due to several digital signatures mandates, large storage require in router as well as high processor overhead and more time require for sign generation and verification in S-BGP. In this paper, we propose a new approach that less burden on BGP Speaker for verify and generate number of digital signatures using Autonomous System makes trusted through KDC server. The Central KDC Server will send master certificate to validate autonomous system. In this environment each BGP speaker verify only one sign on each update and verify path only between itself and neighbor router. After verification of UPDATE, each BGP speaker sign full path encrypt routing table with neighbor’s public key,

  14. Virtual microscopy and public-key cryptography for Internet telepathology.

    Science.gov (United States)

    Strauss, J S; Felten, C L; Okada, D H; Marchevsky, A M

    1999-01-01

    The Internet is a potentially inexpensive, widely available medium for telepathology, but there are concerns about its reliability and security. Using a digital camera, 41 photomicrographs of transbronchial biopsies, at x 100 optical magnification, were captured and digitized at 2700 x 3400 pixel, 24 bit/pixel resolution. The image files were saved in JPEG format at medium compression, attached to text files with patient information, encrypted for security in the S/MIME format using a digital signature and digital envelope, and transmitted by email. Received email files were decrypted automatically and the images viewed with standard software. Telepathology diagnoses were compared with original interpretations. The images averaged 810 kByte in size. The encryption and decryption did not cause significant delays in overall transmission time and, together with transmission, did not produce noticeable image degradation. The received image files could be viewed in a manner that simulated light microscopy. There was agreement between telepathology and original diagnoses in 92% of the cases. All the discrepancies were due to inadequate area selection because the pathological features of interest were present in histological levels other than those photographed. The use of high-resolution digital photomicrography, the Internet and public-key cryptography offers an effective and relatively inexpensive method of telepathology consultation. The method is best suited for the diagnosis of small biopsy specimens that require the transmission of only a few digital images that represent the majority of the biopsy materials.

  15. 基于共享密钥的RFID认证协议%RFID Authentication Protocol Based on Public Crypto Key

    Institute of Scientific and Technical Information of China (English)

    冯军; 潘郁

    2012-01-01

    Aiming at the problems presently existing in security of the radio frequency identification (RFID) technology, the RFID security protocol is designed by adopting Hash function and public crypto key. The security and privacy issues existing in practical applications of RFID are analyzed, and the RFID authentication protocol based on NTRU public key crypto graphy system and Hash function is proposed. By adopting NTRU public key crypto system, the shared key is generated, and the shared key is conducted with Hash operation by using Hash function, and the information security of RFID is guaranteed. The theoretical analysis shows that this protocol can effectively protect the information from the secure attacks, e.g. , divulging, disguising and position tracking, etc.%针对目前无线射频识别(RHD)技术在安全性方面存在的问题,采用散列函数和共享密钥设计了RFID安全协议.分析了RFID在实际应用中存在的安全和隐私问题,提出了一种基于数论研究单元(NTRU)公钥密码系统和Hashh函数的RFID认证协议.该协议利用NTRU公钥密码系统产生系统的共享公钥,并运用Hash函数对共享公钥进行Hash运算,保证了RFID系统信息安全性.理论分析表明,该协议能有效地防止消息泄漏、伪装、定位跟踪等安全攻击.

  16. Disseminated Public-Key Management and Certificate Generation Scheme for MANET

    Directory of Open Access Journals (Sweden)

    Sanjay Kumar Chowlam

    2011-07-01

    Full Text Available In this paper, we first discuss the predominant assail abilities in the mobile ad hoc networks, which have made it much easier to prone to attacks than the traditional wired network. Then we discuss the basic operations of our public-key management scheme: creation of public (and private keys, issuing public-key certificates, storage of certificates, and key authentication by the nodes themselves without the control of any principal authority. More over the public key management scheme serves as an underlying mechanism for both key distribution and establishing security relationships between nodes.

  17. Bit-oriented quantum public-key encryption based on quantum perfect encryption

    Science.gov (United States)

    Wu, Chenmiao; Yang, Li

    2016-08-01

    A bit-oriented quantum public-key encryption scheme is presented. We use Boolean functions as private-key and randomly changed pairs of quantum state and classical string as public-keys. Following the concept of quantum perfect encryption, we prepare the public-key with Hadamard transformation and Pauli transformation. The quantum part of public-keys is various with different classical strings. In contrast to the typical classical public-key scheme, one private-key in our scheme corresponds to an exponential number of public-keys. We investigate attack to the private-key and prove that the public-key is a totally mixed state. So the adversary cannot acquire any information about private-key from measurement of the public-key. Then, the attack to encryption is analyzed. Since the trace distance between two different ciphertexts is zero, the adversary cannot distinguish between the two ciphertext states and also obtains nothing about plaintext and private-key. Thus, we have the conclusion that the proposed scheme is information-theoretically secure under an attack of the private-key and encryption.

  18. Information privacy fundamentals for librarians and information professionals

    CERN Document Server

    Givens, Cherie L

    2014-01-01

    This book introduces library and information professionals to information privacy, provides an overview of information privacy in the library and information science context, U.S. privacy laws by sector, information privacy policy, and key considerations when planning and creating a privacy program.

  19. Public assessment of new surveillance-oriented security technologies: Beyond the trade-off between privacy and security.

    Science.gov (United States)

    Pavone, Vincenzo; Esposti, Sara Degli

    2012-07-01

    As surveillance-oriented security technologies (SOSTs) are considered security enhancing but also privacy infringing, citizens are expected to trade part of their privacy for higher security. Drawing from the PRISE project, this study casts some light on how citizens actually assess SOSTs through a combined analysis of focus groups and survey data. First, the outcomes suggest that people did not assess SOSTs in abstract terms but in relation to the specific institutional and social context of implementation. Second, from this embedded viewpoint, citizens either expressed concern about government's surveillance intentions and considered SOSTs mainly as privacy infringing, or trusted political institutions and believed that SOSTs effectively enhanced their security. None of them, however, seemed to trade privacy for security because concerned citizens saw their privacy being infringed without having their security enhanced, whilst trusting citizens saw their security being increased without their privacy being affected.

  20. Argumentation Key to Communicating Climate Change to the Public

    Science.gov (United States)

    Bleicher, R. E.; Lambert, J. L.

    2012-12-01

    Argumentation plays an important role in how we communicate climate change science to the public and is a key component integrated throughout the Next Generation Science Standards. A scientific argument can be described as a disagreement between explanations with data being used to justify each position. Argumentation is social process where two or more individuals construct and critique arguments (Kuhn & Udell, 2003; Nussbaum, 1997). Sampson, Grooms, and Walker's (2011) developed a framework for understanding the components of a scientific argument. The three components start with a claim (a conjecture, conclusion, explanation, or an answer to a research question). This claim must fit the evidence (observations that show trends over time, relationships between variables or difference between groups). The evidence must be justified with reasoning (explains how the evidence supports the explanation and whey it should count as support). In a scientific argument, or debate, the controversy focuses on how data were collected, what data can or should be included, and what inferences can be made based on a set of evidence. Toulmin's model (1969) also includes rebutting or presenting an alternative explanation supported by counter evidence and reasoning of why the alternative is not the appropriate explanation for the question of the problem. The process of scientific argumentation should involve the construction and critique of scientific arguments, one that involves the consideration of alternative hypotheses (Lawson, 2003). Scientific literacy depends as much on the ability to refute and recognize poor scientific arguments as much as it does on the ability to present an effective argument based on good scientific data (Osborne, 2010). Argument is, therefore, a core feature of science. When students learn to construct a sound scientific argument, they demonstrate critical thinking and a mastery of the science being taught. To present a convincing argument in support of

  1. Public engagement with CCS: barriers, key issues and ways forward

    Science.gov (United States)

    Xenias, Dimitrios

    2017-04-01

    Although Carbon Capture and Storage (CCS) is recognised as a crucial transition technology to a low-carbon world, it has not been popular with the public or some governments (e.g. the UK). Also, despite its use in industrial processes for decades, CCS remains and unfamiliar technology for most publics. It is therefore important to foster top-down and bottom-up acceptance of large scale CCS. In an exploratory round of interviews we canvassed the views of British, Dutch, German and Norwegian experts (N=13) with previous experience in public engagement with CCS. They identified barriers and drivers for CCS deployment and public engagement with CCS. Thematic analysis revealed a small number of recurrent issues, including: (a) lack of political leadership on CCS; (b) lack of public knowledge on relevant technologies and (c) difficulty communicating why CCS is necessary. Emphasis on these barriers varied with the level of experts' engagement with the public. More interestingly, although most experts agreed on the importance of public engagement, their views divided between 'why' engage and 'how' best to do this. In a subsequent expert survey (N=99) interview findings were reinforced: public support was seen as important for CCS roll-out (72%), though lower than political support and funding. The survey also showed that local public was expected to experience most risks, while global public will experience most benefits; whereas local business is seen to benefit more than global. Experts were overwhelmingly positive about CCS - risks outweigh benefits, and are confident that CCS will play a major role in climate change mitigation (along with reduced energy demand and renewables). These findings will be expanded on and triangulated in a follow-up public survey which will benefit those involved with public engagement with CCS.

  2. A brief review of revocable ID-based public key cryptosystem

    Directory of Open Access Journals (Sweden)

    Tsu-Yang Wu

    2016-03-01

    Full Text Available The design of ID-based cryptography has received much attention from researchers. However, how to revoke the misbehaviour/compromised user in ID-based public key cryptosystem becomes an important research issue. Recently, Tseng and Tsai proposed a novel public key cryptosystem called revocable ID-based public key cryptosystem (RIBE to solve the revocation problem. Later on, numerous research papers based on the Tseng-Tsai key RIBE were proposed. In this paper, we brief review Tseng and Tsai's RIBE. We hope this review can help the readers to understand the Tseng and Tsai's revocable ID-based public key cryptosystem.

  3. Protecting patron privacy

    CERN Document Server

    Beckstrom, Matthew

    2015-01-01

    In a world where almost anyone with computer savvy can hack, track, and record the online activities of others, your library can serve as a protected haven for your visitors who rely on the Internet to conduct research-if you take the necessary steps to safeguard their privacy. This book shows you how to protect patrons' privacy while using the technology that your library provides, including public computers, Internet access, wireless networks, and other devices. Logically organized into two major sections, the first part of the book discusses why the privacy of your users is of paramount

  4. Privacy protection schemes for fingerprint recognition systems

    Science.gov (United States)

    Marasco, Emanuela; Cukic, Bojan

    2015-05-01

    The deployment of fingerprint recognition systems has always raised concerns related to personal privacy. A fingerprint is permanently associated with an individual and, generally, it cannot be reset if compromised in one application. Given that fingerprints are not a secret, potential misuses besides personal recognition represent privacy threats and may lead to public distrust. Privacy mechanisms control access to personal information and limit the likelihood of intrusions. In this paper, image- and feature-level schemes for privacy protection in fingerprint recognition systems are reviewed. Storing only key features of a biometric signature can reduce the likelihood of biometric data being used for unintended purposes. In biometric cryptosystems and biometric-based key release, the biometric component verifies the identity of the user, while the cryptographic key protects the communication channel. Transformation-based approaches only a transformed version of the original biometric signature is stored. Different applications can use different transforms. Matching is performed in the transformed domain which enable the preservation of low error rates. Since such templates do not reveal information about individuals, they are referred to as cancelable templates. A compromised template can be re-issued using a different transform. At image-level, de-identification schemes can remove identifiers disclosed for objectives unrelated to the original purpose, while permitting other authorized uses of personal information. Fingerprint images can be de-identified by, for example, mixing fingerprints or removing gender signature. In both cases, degradation of matching performance is minimized.

  5. A New Proxy Signature Scheme with Message Recovery Using Self-Certified Public Key

    Institute of Scientific and Technical Information of China (English)

    LI Ji-guo; ZHANG Yi-chen; ZHU Yue-long

    2005-01-01

    A proxy signature scheme with message recovery using self-certified public key is proposed, which withstands public key substitution attacks, active attacks, and forgery attacks. The proposed scheme accomplishes the tasks of public key verification, proxy signature verification, and message recovery in a logically single step. In addition, the proposed scheme satisfies all properties of strong proxy signature and does not use secure channel in the communication between the original signer and the proxy signature signer.

  6. Information verification cryptosystem using one-time keys based on double random phase encoding and public-key cryptography

    Science.gov (United States)

    Zhao, Tieyu; Ran, Qiwen; Yuan, Lin; Chi, Yingying; Ma, Jing

    2016-08-01

    A novel image encryption system based on double random phase encoding (DRPE) and RSA public-key algorithm is proposed. The main characteristic of the system is that each encryption process produces a new decryption key (even for the same plaintext), thus the encryption system conforms to the feature of the one-time pad (OTP) cryptography. The other characteristic of the system is the use of fingerprint key. Only with the rightful authorization will the true decryption be obtained, otherwise the decryption will result in noisy images. So the proposed system can be used to determine whether the ciphertext is falsified by attackers. In addition, the system conforms to the basic agreement of asymmetric cryptosystem (ACS) due to the combination with the RSA public-key algorithm. The simulation results show that the encryption scheme has high robustness against the existing attacks.

  7. PRIVATUMAS VIRTUALIUOSE SOCIALINIUOSE TINKLUOSE KAIP ĮSTATYMO SAUGOMA VERTYBĖ / PRIVACY IN ONLINE SOCIAL NETWORKS AS LEGALLY PROTECTED VALUE

    Directory of Open Access Journals (Sweden)

    Inga Malinauskaitė

    2015-07-01

    Full Text Available Purpose – to analyze the privacy as legally protected value phenomena in online social networks. Design/methodology/approach – in order to achieve the above mentioned purpose, the author introduces the history of the right to privacy, the distinction between privacy and data protection, describes the limits of the right of the protection of privacy, specifically referring to the protection of privacy in online social networks. The author uses the following methods: analysis of the scientific literature, examination of legislation, study of actual court decisions and comparison of US and European approaches to the protection of privacy. Findings – the main findings of the article include the reflection of a constantly developing conception of privacy, the different continental approaches into the protection of privacy, the inevitable distinction between public and private information and characterization of the fundamental elements of privacy. Research limitations/implications – the research mainly focuses on the examination of legal values in assessing the protection of privacy in online social networks and does not include any psychological, sociological and ethical aspects of the phenomena. Practical implications – the research analyses the key elements in defining privacy value, which might be practically used by the legislative bodies, as well as the each consumer and end-user of the online social network. Originality/Value – the article reveals quit new, currently actual and little researched area in privacy studies – the legally protected key elements of the privacy in online social networks. Keywords: privacy, online social networks, legislation requirements. Research type: research paper, viewpoint, literature review.

  8. Key Performance Indicators of Public Universities Based on Quality Assessment Criteria in Thailand

    Science.gov (United States)

    Sukboonyasatit, Kritsana; Thanapaisarn, Chaiwit; Manmar, Lampang

    2011-01-01

    The research objective was to develop public universities' key performance indicators. Qualitative research and interviews were employed with each public university's senior executive and quality assessors. The sample group was selected by the office of the public sector development commission and Thailand's public universities can be separated…

  9. Public Participation: Do's and Don't's & Key Messages

    NARCIS (Netherlands)

    Astley, T.; Massey, H.

    2005-01-01

    This document has been produced to provide a tool to project managers to enable them to quickly assess whether or not participation is the right thing to do and the key Dos and Donts of participation. An example of a Community Engagement Plan in the UK is discribed.

  10. Writing for Professional Publication. Keys to Academic and Business Success.

    Science.gov (United States)

    Henson, Kenneth T.

    This book provides practical help for people writing for publication, especially for those writing for professional journals or university presses. Chapters cover the following topics: (1) reasons for writing; (2) finding topics; (3) getting started; (4) writing style; (5) organizing articles; (6) using journals, libraries, surveys, and action…

  11. Improved RSA cryptosystem based on the study of number theory and public key cryptosystems

    Directory of Open Access Journals (Sweden)

    Israt Jahan

    2015-01-01

    Full Text Available Security is required to transmit confidential information over the network. Security is also demanding in wide range of applications. Cryptographic algorithms play a vital role in providing the data security against malicious attacks. RSA algorithm is extensively used in the popular implementations of Public Key Infrastructures. In asymmetric key cryptography, also called Public Key cryptography, two different keys (which form a key pair are used. One key is used for encryption and only the other corresponding key must be used for decryption. No other key can decrypt the message – not even the original (i.e. the first key used for encryption. In this paper, we have proposed an improved approach of RSA algorithm using two public key pairs and using some mathematical logic rather than sending one public key d irectly.Because if an attacker has an opportunity of getting the public key componet they can find private key value by brute force search. General Terms: Cryptography, network security

  12. 43 CFR 2.47 - Records subject to Privacy Act.

    Science.gov (United States)

    2010-10-01

    ... 43 Public Lands: Interior 1 2010-10-01 2010-10-01 false Records subject to Privacy Act. 2.47 Section 2.47 Public Lands: Interior Office of the Secretary of the Interior RECORDS AND TESTIMONY; FREEDOM OF INFORMATION ACT Privacy Act § 2.47 Records subject to Privacy Act. The Privacy Act applies to all...

  13. 一种基于PKI的密钥%An Internet Key Exchange Protocol Based on Public Key Infrastructure

    Institute of Scientific and Technical Information of China (English)

    朱建明; 马建峰

    2004-01-01

    Internet key exchange (IKE) is an automated key exchange mechanism that is used to facilitate the transfer of IPSec security associations (SAs).Public key infrastructure (PKI) is considered as a key element for providing security to new distributed communication networks and services.In this paper, we concentrate on the properties of the protocol of Phase 1 IKE.After investigating IKE protocol and PKI technology, we combine IKE protocol and PKI and present an implementation scheme of the IKE based on PKI.Then, we give a logic analysis of the proposed protocol with the BAN-logic and discuss the security of the protocol.The result indicates that the protocol is correct and satisfies the security requirements of Internet key exchange.

  14. Key elements for a measurement framework for public sector innovation

    DEFF Research Database (Denmark)

    Bloch, Carter Walter; Lopez-Bassols, Vladimir

    2013-01-01

    This document provides an overview of recent NESTI work on developing guidelines for measuring public sector innovation (PSI). The paper includes an update on various ongoing activities which will contribute to the development of a measurement framework for PSI and outlines a number of areas which...... could be further addressed in a final report. Delegates are invited to discuss the proposals and provide inputs on the next steps of the work, particularly regarding the use of multiple approaches, the scope of the measurement framework, the need for core definitions,and priorities for indicators...

  15. Public Key Encryption Supporting Plaintext Equality Test and User-Specified Authorization

    NARCIS (Netherlands)

    Tang, Qiang

    2011-01-01

    In this paper we investigate a category of public key encryption schemes which supports plaintext equality test and user-specified authorization. With this new primitive, two users, who possess their own public/private key pairs, can issue token(s) to a proxy to authorize it to perform plaintext

  16. Public key encryption supporting plaintext equality test and user-specified authorization

    NARCIS (Netherlands)

    Tang, Qiang

    2012-01-01

    In this paper, we investigate a category of public key encryption schemes that supports plaintext equality test and userspecified authorization. With this new primitive, two users, who possess their own public/private key pairs, can issue token(s) to a proxy to authorize it to perform plaintext

  17. Privacy and Open Government

    Directory of Open Access Journals (Sweden)

    Teresa Scassa

    2014-06-01

    Full Text Available The public-oriented goals of the open government movement promise increased transparency and accountability of governments, enhanced citizen engagement and participation, improved service delivery, economic development and the stimulation of innovation. In part, these goals are to be achieved by making more and more government information public in reusable formats and under open licences. This paper identifies three broad privacy challenges raised by open government. The first is how to balance privacy with transparency and accountability in the context of “public” personal information. The second challenge flows from the disruption of traditional approaches to privacy based on a collapse of the distinctions between public and private sector actors. The third challenge is that of the potential for open government data—even if anonymized—to contribute to the big data environment in which citizens and their activities are increasingly monitored and profiled.

  18. Sustainability as the key to prioritize investments in public infrastructures

    Energy Technology Data Exchange (ETDEWEB)

    Pardo-Bosch, Francesc, E-mail: francesc.pardo@upc.edu [Departament d' Enginyeria Civil i Ambiental, Universitat Politècnica de Catalunya - Barcelona Tech. (Spain); Political Science Department, University of California - Berkeley (United States); Aguado, Antonio, E-mail: antonio.aguado@upc.edu [Departament d' Enginyeria Civil i Ambiental, Universitat Politècnica de Catalunya - Barcelona Tech. (Spain)

    2016-09-15

    Infrastructure construction, one of the biggest driving forces of the economy nowadays, requires a huge analysis and clear transparency to decide what projects have to be executed with the few resources available. With the aim to provide the public administrations a tool with which they can make their decisions easier, the Sustainability Index of Infrastructure Projects (SIIP) has been defined, with a multi-criteria decision system called MIVES, in order to classify non-uniform investments. This index evaluates, in two inseparable stages, the contribution to the sustainable development of each infrastructure project, analyzing its social, environmental and economic impact. The result of the SIIP allows to decide the order with which projects will be prioritized. The case of study developed proves the adaptability and utility of this tool for the ordinary budget management.

  19. Applications of single-qubit rotations in quantum public-key cryptography

    OpenAIRE

    Nikolopoulos, Georgios M.

    2008-01-01

    We discuss cryptographic applications of single-qubit rotations from the perspective of trapdoor one-way functions and public-key encryption. In particular, we present an asymmetric cryptosystem whose security relies on fundamental principles of quantum physics. A quantum public key is used for the encryption of messages while decryption is possible by means of a classical private key only. The trapdoor one-way function underlying the proposed cryptosystem maps integer numbers to quantum stat...

  20. Location Privacy

    Science.gov (United States)

    Meng, Xiaofeng; Chen, Jidong

    With rapid development of sensor and wireless mobile devices, it is easy to access mobile users' location information anytime and anywhere. On one hand, LBS is becoming more and more valuable and important. On the other hand, location privacy issues raised by such applications have also gained more attention. However, due to the specificity of location information, traditional privacy-preserving techniques in data publishing cannot be used. In this chapter, we will introduce location privacy, and analyze the challenges of location privacy-preserving, and give a survey of existing work including the system architecture, location anonymity and query processing.

  1. Location Privacy in RFID Applications

    Science.gov (United States)

    Sadeghi, Ahmad-Reza; Visconti, Ivan; Wachsmann, Christian

    RFID-enabled systems allow fully automatic wireless identification of objects and are rapidly becoming a pervasive technology with various applications. However, despite their benefits, RFID-based systems also pose challenging risks, in particular concerning user privacy. Indeed, improvident use of RFID can disclose sensitive information about users and their locations allowing detailed user profiles. Hence, it is crucial to identify and to enforce appropriate security and privacy requirements of RFID applications (that are also compliant to legislation). This chapter first discusses security and privacy requirements for RFID-enabled systems, focusing in particular on location privacy issues. Then it explores the advances in RFID applications, stressing the security and privacy shortcomings of existing proposals. Finally, it presents new promising directions for privacy-preserving RFID systems, where as a case study we focus electronic tickets (e-tickets) for public transportation.

  2. Universal Keyword Classifier on Public Key Based Encrypted Multikeyword Fuzzy Search in Public Cloud.

    Science.gov (United States)

    Munisamy, Shyamala Devi; Chokkalingam, Arun

    2015-01-01

    Cloud computing has pioneered the emerging world by manifesting itself as a service through internet and facilitates third party infrastructure and applications. While customers have no visibility on how their data is stored on service provider's premises, it offers greater benefits in lowering infrastructure costs and delivering more flexibility and simplicity in managing private data. The opportunity to use cloud services on pay-per-use basis provides comfort for private data owners in managing costs and data. With the pervasive usage of internet, the focus has now shifted towards effective data utilization on the cloud without compromising security concerns. In the pursuit of increasing data utilization on public cloud storage, the key is to make effective data access through several fuzzy searching techniques. In this paper, we have discussed the existing fuzzy searching techniques and focused on reducing the searching time on the cloud storage server for effective data utilization. Our proposed Asymmetric Classifier Multikeyword Fuzzy Search method provides classifier search server that creates universal keyword classifier for the multiple keyword request which greatly reduces the searching time by learning the search path pattern for all the keywords in the fuzzy keyword set. The objective of using BTree fuzzy searchable index is to resolve typos and representation inconsistencies and also to facilitate effective data utilization.

  3. Universal Keyword Classifier on Public Key Based Encrypted Multikeyword Fuzzy Search in Public Cloud

    Directory of Open Access Journals (Sweden)

    Shyamala Devi Munisamy

    2015-01-01

    Full Text Available Cloud computing has pioneered the emerging world by manifesting itself as a service through internet and facilitates third party infrastructure and applications. While customers have no visibility on how their data is stored on service provider’s premises, it offers greater benefits in lowering infrastructure costs and delivering more flexibility and simplicity in managing private data. The opportunity to use cloud services on pay-per-use basis provides comfort for private data owners in managing costs and data. With the pervasive usage of internet, the focus has now shifted towards effective data utilization on the cloud without compromising security concerns. In the pursuit of increasing data utilization on public cloud storage, the key is to make effective data access through several fuzzy searching techniques. In this paper, we have discussed the existing fuzzy searching techniques and focused on reducing the searching time on the cloud storage server for effective data utilization. Our proposed Asymmetric Classifier Multikeyword Fuzzy Search method provides classifier search server that creates universal keyword classifier for the multiple keyword request which greatly reduces the searching time by learning the search path pattern for all the keywords in the fuzzy keyword set. The objective of using BTree fuzzy searchable index is to resolve typos and representation inconsistencies and also to facilitate effective data utilization.

  4. Breaking the HFEM public key scheme%破解HFEM公钥密码方案

    Institute of Scientific and Technical Information of China (English)

    古春生

    2013-01-01

    To design post-quantum public key cryptography, Zhao, et al presented a novel public key scheme based on the BMQ problem. An equivalent secret key could directly be solved from the public key of their scheme by applying the property of the ergodic matrix over finite field. Thus, the HFEM public key scheme was broken.%  为设计后量子公钥密码,赵永哲等人提出了一种基于BMQ问题新的公钥方案。利用有限域上遍历矩阵的性质,从该方案公钥能够直接求出其等价私钥,从而破解了该HFEM公钥密码方案。

  5. Fast public-key encryption scheme based on Chinese remainder theorem

    Institute of Scientific and Technical Information of China (English)

    Baocang WANG; Yongzhuang WEI; Yupu HU

    2009-01-01

    Traditional public-key cryptosystems suffer from a relatively low encryption/decryption speed, which hampers their applications in resource-constrained environments. A fast public-key cryptosystem is proposed to remedy this drawback. The new algorithm uses Chinese remainder theorem to hide the trapdoor information. The encryption of the system only carries out several modular multiplication operations, and the decryption only needs a modular multiplication and a low-dimensional matrixvector multiplication, which makes the speed of the encryption and the decryption of the scheme very high.The security of the system is based on two difficult number-theoretic problems. The attacker has to solve the integer factorization problem and the simultaneous Diophantine approximation problem simultaneously to recover the secret key from the public key. The proposed cryptosystem is also shown to be secure against lattice attack. The analysis shows that the encryption algorithm is a secure, fast and efficient public-key cryptosystem.

  6. User Privacy in RFID Networks

    Science.gov (United States)

    Singelée, Dave; Seys, Stefaan

    Wireless RFID networks are getting deployed at a rapid pace and have already entered the public space on a massive scale: public transport cards, the biometric passport, office ID tokens, customer loyalty cards, etc. Although RFID technology offers interesting services to customers and retailers, it could also endanger the privacy of the end-users. The lack of protection mechanisms being deployed could potentially result in a privacy leakage of personal data. Furthermore, there is the emerging threat of location privacy. In this paper, we will show some practical attack scenarios and illustrates some of them with cases that have received press coverage. We will present the main challenges of enhancing privacy in RFID networks and evaluate some solutions proposed in literature. The main advantages and shortcomings will be briefly discussed. Finally, we will give an overview of some academic and industrial research initiatives on RFID privacy.

  7. Measuring Public Leadership: Developing Scales for Four Key Public Leadership Roles

    NARCIS (Netherlands)

    Tummers, Lars; Knies, Eva|info:eu-repo/dai/nl/313875421

    2016-01-01

    This article on public leadership contributes to the literature by (1) focusing on the ‘public’ aspect of leadership and (2) developing quantitative scales for measuring four public leadership roles. These roles all refer to the extent to which public leaders actively support their employees in

  8. Measuring Public Leadership: Developing Scales for Four Key Public Leadership Roles

    NARCIS (Netherlands)

    Tummers, Lars; Knies, Eva

    2016-01-01

    This article on public leadership contributes to the literature by (1) focusing on the ‘public’ aspect of leadership and (2) developing quantitative scales for measuring four public leadership roles. These roles all refer to the extent to which public leaders actively support their employees in deal

  9. 45 CFR 503.2 - General policies-Privacy Act.

    Science.gov (United States)

    2010-10-01

    ... 45 Public Welfare 3 2010-10-01 2010-10-01 false General policies-Privacy Act. 503.2 Section 503.2... THE UNITED STATES, DEPARTMENT OF JUSTICE RULES OF PRACTICE PRIVACY ACT AND GOVERNMENT IN THE SUNSHINE REGULATIONS Privacy Act Regulations § 503.2 General policies—Privacy Act. The Commission will protect the...

  10. 45 CFR 503.1 - Definitions-Privacy Act.

    Science.gov (United States)

    2010-10-01

    ... 45 Public Welfare 3 2010-10-01 2010-10-01 false Definitions-Privacy Act. 503.1 Section 503.1... THE UNITED STATES, DEPARTMENT OF JUSTICE RULES OF PRACTICE PRIVACY ACT AND GOVERNMENT IN THE SUNSHINE REGULATIONS Privacy Act Regulations § 503.1 Definitions—Privacy Act. For the purpose of this part: Agency...

  11. Data publication and dissemination of interactive keys under the open access model

    Directory of Open Access Journals (Sweden)

    Lyubomir Penev

    2009-09-01

    Full Text Available The concepts of publication, citation and dissemination of interactive keys and other online keys are discussed and illustrated by a sample paper published in the present issue (doi: 10.3897/zookeys.21.271. The present model is based on previous experience with several existing examples of publishing online keys. However, this model also suggests ways to publish, cite, preserve, disseminate and reuse the original data files to the benefit of the authors, future workers, and society in general. To be regarded as a ''formal scientific publication,'' an online key should satisfy the same criteria of peer review, registration, persistence, bibliographic description, etc., as conventional publications. Keys can be published in a form of either ''static'\\''dynamic'' publications. We define a ''static'' publication as a discrete unit of information preserved in a persistent and unchangeable way on the publisher’s Web site and/or on paper and consequently in conventional/electronic libraries and archives. This contrasts with the nature of the Internet, which allows and tends to encourage updating and improvement on a continuing basis. We call ''dynamic'' a publication of an interactive key on a Web site where its contents can be continuously updated. ''Dynamic'' publications meet some of the criteria of a ''formal scientific publication'' (identification, citation and location, while they lack other important features of it (persistence, archiving, indexing, science metric and citation metric services. Dynamic Web-based interactive keys may benefit from publishing the first version of their underlying datasets in a form of “formal scientific publication”. We define here the minimum set of data files to be published for several different platforms (Intkey, Lucid2, Lucid3, MX to ensure both (1 priority, identification, location and citation of the firstly published work and (2 future use and re-use of the keys.

  12. Trust Threshold Based Public Key Management in Mobile Ad Hoc Networks

    Science.gov (United States)

    2016-03-05

    used trust mechanism. Many studies used certificate-based public key manage- ent. However, they have brought out practical limitations cluding high...certificate-based public key management hemes cited above expose practical limitations, including eeding a centralized trusted CA [25] , high...ent sociability derived from the trust profile availabl a priori as well as dynamic social behavior measure by the number of nodes that a node

  13. Formal Methods for Privacy

    Science.gov (United States)

    2009-09-01

    Shuchi Chawla, Cynthia Dwork, Frank McSherry, Adam Smith , and Hoeteck Wee. Toward privacy in public databases. In 2nd Theory of Cryptography Conference...Dwork, Frank McSherry, Kobbi Nissim, and Adam Smith . Calibrating noise to sensitivity in private data analysis. In In Proceedings of the 3rd Theory of

  14. A new spin on quantum cryptography: Avoiding trapdoors and embracing public keys

    CERN Document Server

    Ioannou, Lawrence M

    2011-01-01

    We give new arguments in support of \\emph{signed quantum key establishment}, where quantum cryptography is used in a public-key infrastructure that provides the required authentication. We also analyze more thoroughly than previous works the benefits that quantum key establishment protocols have over certain classical protocols, motivated in part by the various objections to quantum key establishment that are sometimes raised. Previous knowledge of quantum cryptography on the reader's part is not required for this article, as the definition of "quantum key establishment" that we use is an entirely classical and black-box characterization (one need only trust that protocols satisfying the definition exist).

  15. Internet privacy options for adequate realisation

    CERN Document Server

    2013-01-01

    A thorough multidisciplinary analysis of various perspectives on internet privacy was published as the first volume of a study, revealing the results of the achatech project "Internet Privacy - A Culture of Privacy and Trust on the Internet." The second publication from this project presents integrated, interdisciplinary options for improving privacy on the Internet utilising a normative, value-oriented approach. The ways in which privacy promotes and preconditions fundamental societal values and how privacy violations endanger the flourishing of said values are exemplified. The conditions which must be fulfilled in order to achieve a culture of privacy and trust on the internet are illuminated. This volume presents options for policy-makers, educators, businesses and technology experts how to facilitate solutions for more privacy on the Internet and identifies further research requirements in this area.

  16. Security of public key encryption technique based on multiple chaotic systems

    Energy Technology Data Exchange (ETDEWEB)

    Wang Kai [Department of Radio Engineering, Southeast University, Nanjing 210096 (China)]. E-mail: kaiwang@seu.edu.cn; Pei Wenjiang [Department of Radio Engineering, Southeast University, Nanjing 210096 (China); Zou Liuhua [Department of Radio Engineering, Southeast University, Nanjing 210096 (China); Cheung Yiuming [Department of Computer Science, Hong Kong Baptist University, Hong Kong (China); He Zhenya [Department of Radio Engineering, Southeast University, Nanjing 210096 (China)

    2006-12-25

    Recently, a new public key encryption technique based on multiple chaotic systems has been proposed [B. Ranjan, Phys. Rev. Lett. 95 (2005) 098702]. This scheme employs m-chaotic systems and a set of linear functions for key exchange over an insecure channel. Security of the proposed algorithm grows as (NP){sup m}, where N, P are the size of the key and the computational complexity of the linear functions respectively. In this Letter, the fundamental weakness of the cryptosystem is pointed out and a successful attack is described. Given the public keys and the initial vector, one can calculate the secret key based on Parseval's theorem. Both theoretical and experimental results show that the attacker can access to the secret key without difficulty. The lack of security discourages the use of such algorithm for practical applications.

  17. 77 FR 1728 - Privacy Act of 1974; Publication of Five New Systems of Records; Amendments to Five Existing...

    Science.gov (United States)

    2012-01-11

    ... or who owe a payment for back wages as a result of the enforcement of the Fair Labor Standards Act... CONTACT: Joseph J. Plick, Counsel for FOIA/ FACA/Privacy Act, Office of the Solicitor, Department of Labor...-agencies: the Office of Federal Contract Compliance Programs, the Office of Labor Management Standards, the...

  18. Data publication and dissemination of interactive keys under the open access model

    Science.gov (United States)

    The concepts of publication, citation and dissemination of interactive keys and other online keys are discussed and illustrated by a sample paper published in the present issue (doi: 10.3897/zookeys.21.271). The present model is based on previous experience with several existing examples of publishi...

  19. 75 FR 22577 - Proposed Privacy Policy Statement

    Science.gov (United States)

    2010-04-29

    ... request for public comment on Proposed Privacy Policy Statement. SUMMARY: The U.S. Election Assistance Commission (EAC) seeks public comment on the Proposed Privacy Policy Statement. OMB Memorandum M-99- 18.... These statements are intended to inform the public of government- wide policies and how each...

  20. Health on Course? Key Messages from the 2002 Dutch Public Health Status and Forecasts Report

    NARCIS (Netherlands)

    Oers JAM van; VTV

    2003-01-01

    The third Dutch Public Health Status and Forecasts (PHSF) report once again contains a large amount of up-todate information about Dutch public health status, prevention and healthcare and includes international and regional comparisons. This brochure contains the Key Messages of the 2002 PHSF summa

  1. James Baldwin and the Question of Privacy: A Roundtable Conversation at the 2014 American Studies Convention

    Directory of Open Access Journals (Sweden)

    Brian Norman

    2015-09-01

    Full Text Available Six key Baldwin scholars converged at the 2014 American Studies Association to consider the question of privacy, informed by their own book-length projects in process. Key topics included Baldwin’s sexuality and the (open secret, historical lack of access to privacy in African-American experience, obligations for public representation in African-American literary history, Baldwin’s attempts to construct home spaces, public access to Baldwin’s private documents, and ethical matters for scholars in creating and preserving Baldwin’s legacy, including his final home in St. Paul-de-Vence.

  2. Applications of single-qubit rotations in quantum public-key cryptography

    Science.gov (United States)

    Nikolopoulos, Georgios M.

    2008-03-01

    We discuss cryptographic applications of single-qubit rotations from the perspective of trapdoor one-way functions and public-key encryption. In particular, we present an asymmetric cryptosystem whose security relies on fundamental principles of quantum physics. A quantum public key is used for the encryption of messages while decryption is possible by means of a classical private key only. The trapdoor one-way function underlying the proposed cryptosystem maps integer numbers to quantum states of a qubit and its inversion can be infeasible by virtue of the Holevo’s theorem.

  3. 基于身份的一次性盲公钥方案%One-off Blind Public Key Scheme Based on Identity

    Institute of Scientific and Technical Information of China (English)

    赵伟艇; 申远

    2012-01-01

    在现有方案的基础上,通过分析超椭圆曲线双线性对和基于身份的特点,给出了一个改进的基于身份的一次性盲公钥方案.该方案由用户和可信中心共同完成用户密钥的生成,克服了密钥托管问题,避免了由可信中心进行密钥管理所产生的安全隐患.新构造的方案能够抵抗伪造性攻击,具有不可欺骗性,又保证了一次性盲公钥的独立性,是安全可靠的.而且方案中用户在通讯时可以使用不同的公钥,解决了Internet通信中的匿名认证问题,实现了用户隐私的有效保护.%By analyzing the characteristic of the bilinear pairings on hyper-elliptic curves and identity-based cryptography, an improved one-off blind public key scheme based on the existing schemes is proposed. The scheme solves the problem of the key escrow by users and trust center generated encryption key, so it avoids security problems caused by single independent key management. The scheme is robust a-gainst the Forgery attack and ensures the independence of user's public key. This scheme is satisfied. And user's public key is different ever-y time, it can be applied to implementing internet anonymous attestation for privacy protection.

  4. Privacy Act

    Science.gov (United States)

    Learn about the Privacy Act of 1974, the Electronic Government Act of 2002, the Federal Information Security Management Act, and other information about the Environmental Protection Agency maintains its records.

  5. 刑事司法公开下个人隐私保护的路径论略%On the Personal Privacy Protection Path under the Criminal Justice in Public

    Institute of Scientific and Technical Information of China (English)

    陈海平; 任旭

    2015-01-01

    网络技术的发展使司法公开大大提速,也加剧了个人隐私的泄露风险。可以通过明确个人隐私保护对象、划定个人隐私保护范围、确立隐私争议先决程序、确立隐私泄露责任追究等途径强化我国刑事司法公开领域的个人隐私保护。%The development of network technology makes the judicial public speed greatly, which also contributed to the privacy of per-sonal information leakage risk.We can strengthen the personal privacy protection in the field of our country judicial public through defi-ning personal privacy protection object, designing scope of privacy protection, establishing the prerequisite program of privacy debate, and establishing privacy responsibility which can be implemented.

  6. Security, privacy, and confidentiality issues on the Internet.

    Science.gov (United States)

    Kelly, Grant; McKenzie, Bruce

    2002-01-01

    We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to 'sign' a message whereby the private key of an individual can be used to 'hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a 'digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers.

  7. Security and privacy for implantable medical devices

    CERN Document Server

    Carrara, Sandro

    2014-01-01

     This book presents a systematic approach to analyzing the challenging engineering problems posed by the need for security and privacy in implantable medical devices (IMD).  It describes in detail new issues termed as lightweight security, due to the associated constraints on metrics such as available power, energy, computing ability, area, execution time, and memory requirements. Coverage includes vulnerabilities and defense across multiple levels, with basic abstractions of cryptographic services and primitives such as public key cryptography, block ciphers and digital signatures. Experts from engineering introduce to some IMD systems that have  recently been proposed and developed. Experts from Computer Security and Cryptography present new research, which shows vulnerabilities in existing IMDs and proposes solutions. Experts from Privacy Technology and Policy will discuss the societal, legal and ethical challenges surrounding IMD security as well as technological solutions that build on the latest in C...

  8. Online Tracking Technologies and Web Privacy:Technologieën voor Online volgen en Web Privacy

    OpenAIRE

    Acar, Mustafa Gunes Can

    2017-01-01

    In my PhD thesis, I would like to study the problem of online privacy with a focus on Web and mobile applications. Key research questions to be addressed by my study are the following: How can we formalize and quantify web tracking? What are the threats presented against privacy by different tracking techniques such as browser fingerprinting and cookie based tracking? What kind of privacy enhancing technologies (PET) can be used to ensure privacy without degrading service quality? The stud...

  9. Adding Query Privacy to Robust DHTs

    DEFF Research Database (Denmark)

    Backes, Michael; Goldberg, Ian; Kate, Aniket

    2011-01-01

    of obtaining query privacy over robust DHTs. Finally, we compare the performance of our privacy-preserving protocols with their more privacy-invasive counterparts. We observe that there is no increase in the message complexity and only a small overhead in the computational complexity....... intermediate peers that (help to) route the queries towards their destinations. In this paper, we satisfy this requirement by presenting an approach for providing privacy for the keys in DHT queries. We use the concept of oblivious transfer (OT) in communication over DHTs to preserve query privacy without...

  10. What was privacy?

    Science.gov (United States)

    McCreary, Lew

    2008-10-01

    Why is that question in the past tense? Because individuals can no longer feel confident that the details of their lives--from identifying numbers to cultural preferences--will be treated with discretion rather than exploited. Even as Facebook users happily share the names of their favorite books, movies, songs, and brands, they often regard marketers' use of that information as an invasion of privacy. In this wide-ranging essay, McCreary, a senior editor at HBR, examines numerous facets of the privacy issue, from Google searches, public shaming on the internet, and cell phone etiquette to passenger screening devices, public surveillance cameras, and corporate chief privacy officers. He notes that IBM has been a leader on privacy; its policy forswearing the use of employees' genetic information in hiring and benefits decisions predated the federal Genetic Information Nondiscrimination Act by three years. Now IBM is involved in an open-source project known as Higgins to provide users with transportable, potentially anonymous online presences. Craigslist, whose CEO calls it "as close to 100% user driven as you can get," has taken an extremely conservative position on privacy--perhaps easier for a company with a declared lack of interest in maximizing revenue. But TJX and other corporate victims of security breaches have discovered that retaining consumers' transaction information can be both costly and risky. Companies that underestimate the importance of privacy to their customers or fail to protect it may eventually face harsh regulation, reputational damage, or both. The best thing they can do, says the author, is negotiate directly with those customers over where to draw the line.

  11. Concentrated Differential Privacy

    OpenAIRE

    Dwork, Cynthia; Rothblum, Guy N.

    2016-01-01

    We introduce Concentrated Differential Privacy, a relaxation of Differential Privacy enjoying better accuracy than both pure differential privacy and its popular "(epsilon,delta)" relaxation without compromising on cumulative privacy loss over multiple computations.

  12. Public Perspectives of Mobile Phones' Effects on Healthcare Quality and Medical Data Security and Privacy: A 2-Year Nationwide Survey.

    Science.gov (United States)

    Richardson, Joshua E; Ancker, Jessica S

    2015-01-01

    Given growing interest in mobile phones for health management (mHealth), we surveyed consumer perceptions of mHealth in security, privacy, and healthcare quality using national random-digit-dial telephone surveys in 2013 and 2014. In 2013, 48% thought that using a mobile phone to communicate data with a physician's electronic health record (EHR) would improve the quality of health care. By 2014, the proportion rose to 57% (p mobile phones than they were to endorse similar concerns with EHRs or health information exchange (HIE). Consumers increasingly believe that mHealth improves healthcare quality, but security and privacy concerns need to be addressed for quality improvement to be fully realized.

  13. 45 CFR 5.4 - Relationship between the FOIA and the Privacy Act of 1974.

    Science.gov (United States)

    2010-10-01

    ... 45 Public Welfare 1 2010-10-01 2010-10-01 false Relationship between the FOIA and the Privacy Act... Privacy Act of 1974. (a) Coverage. The FOIA and this rule apply to all HHS records. The Privacy Act, 5 U.S... records. “Individuals” and “system of records” are defined in the Privacy Act and in our Privacy...

  14. 一种基于扰动的轨迹数据隐藏发布方法%A perturbation-based privacy preserving trajectory publication method

    Institute of Scientific and Technical Information of China (English)

    翁国庆; 张森; 倪巍伟

    2014-01-01

    针对轨迹数据发布中的隐私保护和数据可用性问题,结合统计学的概念,提出一种基于扰动的轨迹数据隐藏发布方法。首先定义一种隐私泄露检测机制,当该检测机制发现攻击者依赖所掌握部分轨迹能以较大概率推测出某隐私节点时,基于统计方法,寻找出现频率最低的同类隐私节点,若存在且用其替换有隐私泄露风险的隐私节点后不会出现新的隐私泄露,则执行替换操作;否则在拥有该隐私节点的所有轨迹中,选择最佳的那条轨迹,将该隐私节点移除。这样,就能降低隐私节点的隐私泄露概率,保证发布后的轨迹数据满足用户的隐私需求。理论分析和实验结果表明,所提出的方法能有效避免基于部分轨迹推测剩余隐私节点的攻击,有效保持原有轨迹数据中不同种类节点间连接关系的可用性。%Considering the problems of privacy preserving and data utility in trajectory publication,a perturbation-based privacy preserving trajectory publishing method is proposed from the view of sta-tistics.First,a mechanism of privacy leak detection is devised to identify whether an attacker can use partial trajectories as quasi-identifier to infer the rest privacy-aware trajectory nodes with high probability.When it detects privacy leak,a statistic-based approach is used to find homogeneous pri-vacy-aware nodes of the lowest occurrence frequency,and replace private leak nodes with them,on condition that there is no new privacy disclosure after replacement.Otherwise,the method suppres-ses the private leak node of appropriate trajectory.In this way,the breach probability could be de-creased effectively,and it can be assured that the published trajectory datasets meet the users'privacy demands.Theoretical analysis and experimental results testify that the proposed method can prevent the attack of inferring sensitive locations by partial trajectory,meanwhile keep

  15. Is there a future in privacy: encryption and digital signatures

    Science.gov (United States)

    Garfinkel, Simson L.

    1996-03-01

    Cryptography is a set of mathematical techniques used to protect the secrecy of information sent by unprotected or undefendable channels. Although cryptography is thought to be as old as writing itself, recent developments over the past 20 years have greatly expanded its use and need. Today a variety of new cryptographic techniques, including public key cryptography and digital signatures, promise virtually unlimited privacy for our communications--and near certain proof when fraudulent information is sent masquerading as legitimate communications. Nevertheless, despite these advances in cryptography and communications systems, we seem to have less privacy now than ever before. Indeed, as we prepare to exit the 20th Century, our society seems determined to replace the protective value of personal privacy with a new regime that promises positive identification and authentication, and absolute accountability for our actions. Ironically, cryptography and digital signatures may play a strong role in bringing about this dystopian future as well.

  16. Reducing Communication Overhead For Authentication Using Self Contained Public Key Management Scheme In MANET

    Directory of Open Access Journals (Sweden)

    Gundala Swathi

    2013-06-01

    Full Text Available In the past few years, we have seen a rapid increase in important application fields of Mobile ad-hoc networks (MANET. Hence, many industrial and academic researchers have been conducted. Because, these applications are closely related to human beings and their physical environment, the usage of MANET on a large scale depends on whether we can provide proper dependability. Particularly, security is the most important issue in MANET because of the limitation in resources. Management of keys is the most necessary activity for providing security for the network. MANETs have resource limitations. Thus using public-key based solutions is not feasible. Thus, we use symmetric key establishment. In this paper, a key management scheme which is self contained and public is represented.This scheme achieves near zero communication overhead while providing security services. Cryptographic keys in small numbers are inputted at all nodes prior to the deployment in network. Mathematical Combinations of pairs of keys, both public and private is used for better utilization of storage space. This means a combination of more than one key pair is utilized by nodes for the encryption and the decryption of messages. A secure communication algorithm for forwarding the packets in MANET is also proposed.

  17. Symmetries and security of a quantum-public-key encryption based on single-qubit rotations

    CERN Document Server

    Seyfarth, U; Alber, G

    2012-01-01

    Exploring the symmetries underlying a previously proposed encryption scheme which relies on single-qubit rotations, we derive an improved upper bound on the maximum information that an eavesdropper might extract from all the available copies of the public key. Subsequently, the robustness of the scheme is investigated in the context of attacks that address each public-key qubit independently. The attacks under consideration make use of projective measurements on single qubits and their efficiency is compared to attacks that address many qubits collectively and require complicated quantum operations.

  18. A General Construction of IND-CCA2 Secure Public Key Encryption

    DEFF Research Database (Denmark)

    Kiltz, Eike; Malone-Lee, John

    2003-01-01

    We propose a general construction for public key encryption schemes that are IND-CCA2 secure in the random oracle model. We show that the scheme proposed in [1, 2] fits our general framework and moreover that our method of analysis leads to a more efficient security reduction.......We propose a general construction for public key encryption schemes that are IND-CCA2 secure in the random oracle model. We show that the scheme proposed in [1, 2] fits our general framework and moreover that our method of analysis leads to a more efficient security reduction....

  19. A General Construction of IND-CCA2 Secure Public Key Encryption

    DEFF Research Database (Denmark)

    Kiltz, Eike; Malone-Lee, John

    2003-01-01

    We propose a general construction for public key encryption schemes that are IND-CCA2 secure in the random oracle model. We show that the scheme proposed in [1, 2] fits our general framework and moreover that our method of analysis leads to a more efficient security reduction.......We propose a general construction for public key encryption schemes that are IND-CCA2 secure in the random oracle model. We show that the scheme proposed in [1, 2] fits our general framework and moreover that our method of analysis leads to a more efficient security reduction....

  20. Information hiding based on double random-phase encoding and public-key cryptography.

    Science.gov (United States)

    Sheng, Yuan; Xin, Zhou; Alam, Mohammed S; Xi, Lu; Xiao-Feng, Li

    2009-03-01

    A novel information hiding method based on double random-phase encoding (DRPE) and Rivest-Shamir-Adleman (RSA) public-key cryptosystem is proposed. In the proposed technique, the inherent diffusion property of DRPE is cleverly utilized to make up the diffusion insufficiency of RSA public-key cryptography, while the RSA cryptosystem is utilized for simultaneous transmission of the cipher text and the two phase-masks, which is not possible under the DRPE technique. This technique combines the complementary advantages of the DPRE and RSA encryption techniques and brings security and convenience for efficient information transmission. Extensive numerical simulation results are presented to verify the performance of the proposed technique.

  1. The Design, Analysis and Optimization of the REESSE1+ Public-key Cryptosystem

    CERN Document Server

    Su, Shenghui

    2007-01-01

    This paper gives the definition of a coprime sequence and the concept of the lever function, describes the five algorithms and six characteristics of the REESSE1+ public-key cryptosystem based on three new hardnesses: the modular subset product problem, the multivariate arrangement problem, and the super logarithm problem in a prime field, shows the correctness of the decryption and verification algorithms, and infers that the probability that a plaintext solution is not unique is nearly zeroth. The authors discuss necessity and sufficiency of the lever function for preventing a continued fraction attack, explain the relation between the lever function and a random oracle, and analyze the security of REESSE1+ against recovering a plaintext from a ciphertext, extracting a private key from a public key or a signature, and faking a digital signature via a public key or known signatures with a public key. On the basis of analysis, believe that the security of REESSE1+ is at least equal to the time complexity of O...

  2. A Deontological View of the Privacy Debate.

    Science.gov (United States)

    Wilson, Alan

    The mass media are at odds with the public on issues concerning privacy, i.e., issues concerning whether private information about a person should be printed in a newspaper or magazine. In a 1982 survey, one journalist/respondent said his or her newspaper "almost always" favored the public's right to know over a person's right to privacy.…

  3. Preserving Privacy in Transparency Logging

    OpenAIRE

    Pulls, Tobias

    2015-01-01

    The subject of this dissertation is the construction of privacy-enhancing technologies (PETs) for transparency logging, a technology at the intersection of privacy, transparency, and accountability. Transparency logging facilitates the transportation of data from service providers to users of services and is therefore a key enabler for ex-post transparency-enhancing tools (TETs). Ex-post transparency provides information to users about how their personal data have been processed by service pr...

  4. Secret-Key Agreement with Public Discussion subject to an Amplitude Constraint

    KAUST Repository

    Zorgui, Marwen

    2016-04-06

    This paper considers the problem of secret-key agreement with public discussion subject to a peak power constraint A on the channel input. The optimal input distribution is proved to be discrete with finite support. To overcome the computationally heavy search for the optimal discrete distribution, several suboptimal schemes are proposed and shown numerically to perform close to the capacity. Moreover, lower and upper bounds for the secret-key capacity are provided and used to prove that the secret-key capacity converges for asymptotic high values of A, to the secret-key capacity with an average power constraint A2. Finally, when the amplitude constraint A is small (A ! 0), the secret-key capacity is proved to be asymptotically equal to the capacity of the legitimate user with an amplitude constraint A and no secrecy constraint.

  5. Privacy-Preserving Data Publication for Clustering%面向聚类的数据隐藏发布研究

    Institute of Scientific and Technical Information of China (English)

    倪巍伟; 陈耿; 崇志宏; 吴英杰

    2012-01-01

    数据隐藏发布在保护数据隐私和维持数据可用性间寻求一种折中,近年来得到了研究者的持续关注.数据隐藏发布的起因和目标都源于数据的使用价值,聚类作为实现数据深层使用价值的一个重要步骤,在数据挖掘领域得到了广泛的研究.聚类对数据个体特征的依赖与隐藏操作弱化个体特征的主导思想问的矛盾,使得面向聚类的数据隐藏发布成为一个难点.对面向聚类的隐私保护数据发布领域已有研究成果进行了总结,从保存聚类特征粒度的角度,分析保存聚类特征粒度与聚类可用性、隐私保护安全性间的关系;从维持数据聚类可用性效果角度对匿名、随机化、数据交换、人工合成数据替换等主要隐藏方法的原理、特点进行了分析.在对已有技术方法深入对比分析的基础上,指出了面向聚类的数据隐藏发布领域待解决的一些难点问题和未来发展方向.%Privacy-preserving data publication has attracted sustained attention in recent years. It seeks a trade-off between preserving data privacy and maintaining data utility. Clustering is a crucial step for advanced data analysis, which has been widely studied in data mining. There exists some inconsistency between clustering and data obfuscation. Process of clustering heavily depends on characteristics of individual records to segment data into different clusters. On the contrary, the process of data obfuscation usually adopts the idea of suppressing individual characteristics for the sake of avoiding leakage of individual privacy. It becomes difficult to accommodate data privacy and clustering utility of the published data simultaneously. Various distortion and limited distribution techniques are delved into this problem. The state-of-the-art of data obfuscation methods for clustering application is surveyed. The constraint mechanism among clustering character granularities to be kept, clustering

  6. A generalization of Paillier's public-key system with applications to electronic voting

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Jurik, Mads Johan; Nielsen, Jesper Buus

    2010-01-01

    We propose a generalization of Paillier's probabilistic public-key system, in which the expansion factor is reduced and which allows to adjust the block length of the scheme even after the public key has been fixed, without losing the homomorphic property. We show that the generalization is as se......We propose a generalization of Paillier's probabilistic public-key system, in which the expansion factor is reduced and which allows to adjust the block length of the scheme even after the public key has been fixed, without losing the homomorphic property. We show that the generalization...... is as secure as Paillier's original system and propose several ways to optimize implementations of both the generalized and the original scheme. We construct a threshold variant of the generalized scheme as well as zero-knowledge protocols to show that a given ciphertext encrypts one of a set of given...... schemes. We show how the basic scheme for a yes/no vote can be easily adapted to casting a vote for up to t out of L candidates. The same basic building blocks can also be adapted to provide receipt-free elections, under appropriate physical assumptions. The scheme for 1 out of L elections can...

  7. A new notion of soundness in bare public-key model

    Institute of Scientific and Technical Information of China (English)

    ZHAO Yunlei; ZHU Hong

    2003-01-01

    A new notion of soundness in bare public-key (BPK) model is presented. This new notion just lies in between one-time soundness and sequential soundness and its reasonableness is justified in the context of resettable zero-knowledge when resettable zero-knowledge prover is implemented by smart card.

  8. Gaussian elimination in split unitary groups with an application to public-key cryptography

    Directory of Open Access Journals (Sweden)

    Ayan Mahalanobis

    2017-07-01

    Full Text Available Gaussian elimination is used in special linear groups to solve the word problem. In this paper, we extend Gaussian elimination to split unitary groups. These algorithms have an application in building a public-key cryptosystem, we demonstrate that.

  9. Practical Cryptanalysis of a Public-key Encryption Scheme Based on New Multivariate Quadratic Assumptions

    DEFF Research Database (Denmark)

    Albrecht, Martin Roland; Faugére, Jean-Charles; Fitzpatrick, Robert

    2014-01-01

    In this paper, we investigate the security of a public-key encryption scheme introduced by Huang, Liu and Yang (HLY) at PKC’12. This new scheme can be provably reduced to the hardness of solving a set of quadratic equations whose coefficients of highest degree are chosen according to a discrete...

  10. Toekomstvaste fysieke toegangsystemen : Public Key Infrastructure als oplossing voor fysiek toegangbeheer

    NARCIS (Netherlands)

    Kleinhuis, G.; Olk, J.G.E.

    2011-01-01

    Voor fysieke toegangssystemen wordt veelal gebruik gemaakt van toegangspassen met een contactlose chip. Soms zijn deze passen ook nog voorzien van een PKI (Public Key Infrastructure) contactchip voor toegang tot ICT en/of het plaatsen van een digitale handtekening. Ook voor fysieke toegang bied PKI

  11. Toekomstvaste fysieke toegangsystemen : Public Key Infrastructure als oplossing voor fysiek toegangbeheer

    NARCIS (Netherlands)

    Kleinhuis, G.; Olk, J.G.E.

    2011-01-01

    Voor fysieke toegangssystemen wordt veelal gebruik gemaakt van toegangspassen met een contactlose chip. Soms zijn deze passen ook nog voorzien van een PKI (Public Key Infrastructure) contactchip voor toegang tot ICT en/of het plaatsen van een digitale handtekening. Ook voor fysieke toegang bied PKI

  12. Privacy and the Right to Information Act, 2005

    Science.gov (United States)

    MISHRA, N N; PARKER, LISA S; NIMGAONKAR, V L; DESHPANDE, S N

    2017-01-01

    Privacy is a key component of individual autonomy, and a voluminous literature has established both its practical value in healthcare contexts and its status as a fundamental, but not absolute ethical right. Because the Right to Information Act (2005) permits citizens to gain information under government control, it might be thought to threaten the privacy of patients and research subjects, especially those in government institutions. It is important for clinicians, administrators, information officers, patients, and research subjects to understand that the RTI Act generally does not require or permit disclosure of personal health information to third parties. Only under unusual circumstances when the larger public interest is properly certified to warrant it, would information shared or created within the fiduciary relationships of clinical care or research be required to be disclosed. Against this background concerning the right to privacy and the RTI Act, we consider a 2007 legal case that used the RTI Act to expose patient information of a public official and argue that the “public interest” claimed in this case did not justify disclosure of the official’s private health information. We conclude that the provisions of the RTI Act, when properly interpreted, are compatible with the important value of safeguarding patient privacy. PMID:18988373

  13. Musings on privacy issues in health research involving disaggregate geographic data about individuals

    Directory of Open Access Journals (Sweden)

    AbdelMalik Philip

    2009-07-01

    Full Text Available Abstract This paper offers a state-of-the-art overview of the intertwined privacy, confidentiality, and security issues that are commonly encountered in health research involving disaggregate geographic data about individuals. Key definitions are provided, along with some examples of actual and potential security and confidentiality breaches and related incidents that captured mainstream media and public interest in recent months and years. The paper then goes on to present a brief survey of the research literature on location privacy/confidentiality concerns and on privacy-preserving solutions in conventional health research and beyond, touching on the emerging privacy issues associated with online consumer geoinformatics and location-based services. The 'missing ring' (in many treatments of the topic of data security is also discussed. Personal information and privacy legislations in two countries, Canada and the UK, are covered, as well as some examples of recent research projects and events about the subject. Select highlights from a June 2009 URISA (Urban and Regional Information Systems Association workshop entitled 'Protecting Privacy and Confidentiality of Geographic Data in Health Research' are then presented. The paper concludes by briefly charting the complexity of the domain and the many challenges associated with it, and proposing a novel, 'one stop shop' case-based reasoning framework to streamline the provision of clear and individualised guidance for the design and approval of new research projects (involving geographical identifiers about individuals, including crisp recommendations on which specific privacy-preserving solutions and approaches would be suitable in each case.

  14. Privacy 2.0

    Directory of Open Access Journals (Sweden)

    Stylianos Papathanassopoulos

    2015-04-01

    Full Text Available We live in the era of change. In this world, privacy is not a static concept, but instead has a dynamic component. Overall, it becomes clear that the public and private are not defined in the same manner as in the past and as in the actual world, while our personal information has become a commodity that can raise our visibility in the social media driven world.

  15. BITRU: Binary Version of the NTRU Public Key Cryptosystem via Binary Algebra

    Directory of Open Access Journals (Sweden)

    Nadia M.G. Alsaidi

    2016-11-01

    Full Text Available New terms such as closest vector problem (CVP and the shortest vector problem (SVP, which have been illustrated as NP-hard problem, emerged, leading to a new hope for designing public key cryptosystem based on certain lattice hardness. A new cryptosystem called NTRU is proven computationally efficient and it can be implemented with low cost. With these characteristics, NTRU possesses advantage over others system that rely on number-theoretical problem in a finite field (e.g. integer factorization problem or discrete logarithm problem. These advantages make NTRU a good choice for many applications. After the adaptation of NTRU, many attempts to generalize its algebraic structure have appeared. In this study, a new variant of the NTRU public key cryptosystem called BITRU is proposed. BITRU is based on a new algebraic structure used as an alternative to NTRU-mathematical structure called binary algebra. This commutative and associative. Establishing two public keys in the proposed system has distinguished it from NTRU and those similar to NTRU cryptosystems. This new structure helps to increase the security and complexity of BITRU. The clauses of BITRU, which include key generation, encryption, decryption, and decryption failure, are explained in details. Its suitability of the proposed system is proven and its security is demonstrated by comparing it with NTRU.

  16. Privacy transparency patterns

    NARCIS (Netherlands)

    Siljee B.I.J.

    2015-01-01

    This paper describes two privacy patterns for creating privacy transparency: the Personal Data Table pattern and the Privacy Policy Icons pattern, as well as a full overview of privacy transparency patterns. It is a first step in creating a full set of privacy design patterns, which will aid

  17. Privacy transparency patterns

    NARCIS (Netherlands)

    Siljee B.I.J.

    2015-01-01

    This paper describes two privacy patterns for creating privacy transparency: the Personal Data Table pattern and the Privacy Policy Icons pattern, as well as a full overview of privacy transparency patterns. It is a first step in creating a full set of privacy design patterns, which will aid softwar

  18. Increasing Ranks of Linear Finite Automata and Complexity of FA Public Key Cryptosystem

    Institute of Scientific and Technical Information of China (English)

    鲍丰

    1994-01-01

    The encryption algorithm of finite automata (FA) public key cryptosystem is implemented by a weakly invertible finite automata (WIFA) which is composed of a nonlinear WIFA with delay 0 and a linear WIFA with delay τ. In this paper, we proved that such an automaton bears the same properties as the linear WIFA and the increasing ranks of the latter are key factors to affecting the former. A probabilistic algorithm is given to realize a ciphertext attack, and its complexity is analysed through the increasing ranks of the linear WIFA. The size of the parameters for safe linear WIFA is estimated.

  19. Security and Privacy in Cyber-Physical Systems

    Energy Technology Data Exchange (ETDEWEB)

    Fink, Glenn A.; Edgar, Thomas W.; Rice, Theora R.; MacDonald, Douglas G.; Crawford, Cary E.

    2016-08-30

    As you have seen from the previous chapters, cyber-physical systems (CPS) are broadly used across technology and industrial domains. While these systems enable process optimization and efficiency and allow previously impossible functionality, security and privacy are key concerns for their design, development, and operation. CPS have been key components utilized in some of the highest publicized security breaches over the last decade. In this chapter, we will look over the CPS described in the previous chapters from a security perspective. In this chapter, we explain classical information and physical security fundamentals in the context of CPS and contextualize them across application domains. We give examples where the interplay of functionality and diverse communication can introduce unexpected vulnerabilities and produce larger impacts. We will discuss how CPS security and privacy is inherently different from that of pure cyber or physical systems and what may be done to secure these systems, considering their emergent cyber-physical properties. Finally, we will discuss security and privacy implications of merging infrastructural and personal CPS. Our hope is to impart the knowledge of what CPS security and privacy are, why they are important, and explain existing processes and challenges.

  20. Cryptanalysis of the public key encryption based on multiple chaotic systems

    Energy Technology Data Exchange (ETDEWEB)

    Zhang Linhua [College of Mathematics and Computer, Chongqing Normal University, Chongqing, 400047 (China)], E-mail: Linzhang@cqu.edu.cn

    2008-08-15

    Recently, Ranjan proposed a novel public key encryption technique based on multiple chaotic systems [Phys Lett 2005;95]. Unfortunately, Wang soon gave a successful attack on its special case based on Parseval's theorem [Wang K, Pei W, Zhou L, et al. Security of public key encryption technique based on multiple chaotic system. Phys Lett A, in press]. In this letter, we give an improved example which can avoid the attack and point out that Wang cannot find the essential drawback of the technique. However, further experimental result shows Ruanjan's encryption technique is inefficient, and detailed theoretic analysis shows that the complexity to break the cryptosystem is overestimated.

  1. Comparison of Certificate Policies Formerging Public Key Infrastructuresduring Merger and Acquisition of Companies

    Directory of Open Access Journals (Sweden)

    Balachandra Muniyal

    2012-10-01

    Full Text Available The Public Key Infrastructure(PKI provides facilities for data encryption, digital signature and timestamping. It is a system where different authorities verify and authenticate the validity of each participantwith the use of digital certificates. A Certificate Policy (CP is a named set of rules and it indicatesthe applicability of a certificate in a Public Key Infrastructure. Sometimes two companies or organizationswith different PKIs merge. Therefore it would be necessary that their PKIs are also able to merge.Sometimes, the unification of different PKIs is not possible because of the different certificate policies.This paper presents a method to compare and assess certificate policies during merger and acquisitionof companies.

  2. Public key Steganography Using Discrete Cross-Coupled One-Dimensional Chaotic Maps

    Directory of Open Access Journals (Sweden)

    Mahdiyeh Majidpour

    2013-07-01

    Full Text Available By cross-coupling two one-dimensional chaotic maps a novel method is proposed for the public key steganography in JPEG image. Chaotic maps entail high complexity in the used algorithm for embedding secret data in a medium. In this paper, discrete cross-coupled chaotic maps are used to specifying the location of the different parts of the secret data in the image. Modifying JPEG format during compressing and decompressing, and also using public key enhanced difficulty of the algorithm. Simulation results show that in addition to excessive capacity, this method has high robustness and resistance against hackers and can be applicable in secret communication. Also the PSNR value is high compared to the other works.

  3. Efficient certificate-based signcryption secure against public key replacement attacks and insider attacks.

    Science.gov (United States)

    Lu, Yang; Li, Jiguo

    2014-01-01

    Signcryption is a useful cryptographic primitive that achieves confidentiality and authentication in an efficient manner. As an extension of signcryption in certificate-based cryptography, certificate-based signcryption preserves the merits of certificate-based cryptography and signcryption simultaneously. In this paper, we present an improved security model of certificate-based signcryption that covers both public key replacement attack and insider security. We show that an existing certificate-based signcryption scheme is insecure in our model. We also propose a new certificate-based signcryption scheme that achieves security against both public key replacement attacks and insider attacks. We prove in the random oracle model that the proposed scheme is chosen-ciphertext secure and existentially unforgeable. Performance analysis shows that the proposed scheme outperforms all the previous certificate-based signcryption schemes in the literature.

  4. Efficient Certificate-Based Signcryption Secure against Public Key Replacement Attacks and Insider Attacks

    Directory of Open Access Journals (Sweden)

    Yang Lu

    2014-01-01

    Full Text Available Signcryption is a useful cryptographic primitive that achieves confidentiality and authentication in an efficient manner. As an extension of signcryption in certificate-based cryptography, certificate-based signcryption preserves the merits of certificate-based cryptography and signcryption simultaneously. In this paper, we present an improved security model of certificate-based signcryption that covers both public key replacement attack and insider security. We show that an existing certificate-based signcryption scheme is insecure in our model. We also propose a new certificate-based signcryption scheme that achieves security against both public key replacement attacks and insider attacks. We prove in the random oracle model that the proposed scheme is chosen-ciphertext secure and existentially unforgeable. Performance analysis shows that the proposed scheme outperforms all the previous certificate-based signcryption schemes in the literature.

  5. A Generalisation, a Simplification and some Applications of Paillier's Probabilistic Public-Key System

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Jurik, Mads Johan

    2001-01-01

    to t out of L candidates. The same basic building blocks can also be adapted to provide receipt-free elections, under appropriate physical assumptions. The scheme for 1 out of L elections can be optimised such that for a certain range of parameter values, a ballot has size only O(log L) bits.......We propose a generalisation of Paillier's probabilistic public key system, in which the expansion factor is reduced and which allows to adjust the block length of the scheme even after the public key has been fixed, without loosing the homomorphic property. We show that the generalisation...... blocks can be used for applying the scheme to efficient electronic voting. This reduces dramatically the work needed to compute the final result of an election, compared to the previously best known schemes. We show how the basic scheme for a yes/no vote can be easily adapted to casting a vote for up...

  6. From Data Privacy to Location Privacy

    Science.gov (United States)

    Wang, Ting; Liu, Ling

    Over the past decade, the research on data privacy has achieved considerable advancement in the following two aspects: First, a variety of privacy threat models and privacy principles have been proposed, aiming at providing sufficient protection against different types of inference attacks; Second, a plethora of algorithms and methods have been developed to implement the proposed privacy principles, while attempting to optimize the utility of the resulting data. The first part of the chapter presents an overview of data privacy research by taking a close examination at the achievements from the above two aspects, with the objective of pinpointing individual research efforts on the grand map of data privacy protection. As a special form of data privacy, location privacy possesses its unique characteristics. In the second part of the chapter, we examine the research challenges and opportunities of location privacy protection, in a perspective analogous to data privacy. Our discussion attempts to answer the following three questions: (1) Is it sufficient to apply the data privacy models and algorithms developed to date for protecting location privacy? (2) What is the current state of the research on location privacy? (3) What are the open issues and technical challenges that demand further investigation? Through answering these questions, we intend to provide a comprehensive review of the state of the art in location privacy research.

  7. Efficient Certificate-Based Signcryption Secure against Public Key Replacement Attacks and Insider Attacks

    OpenAIRE

    Yang Lu; Jiguo Li

    2014-01-01

    Signcryption is a useful cryptographic primitive that achieves confidentiality and authentication in an efficient manner. As an extension of signcryption in certificate-based cryptography, certificate-based signcryption preserves the merits of certificate-based cryptography and signcryption simultaneously. In this paper, we present an improved security model of certificate-based signcryption that covers both public key replacement attack and insider security. We show that an existing certific...

  8. [Translational research in geriatrics? A plea based on current biomedical key publications].

    Science.gov (United States)

    Bollheimer, L C; Volkert, D; Bertsch, T; Bauer, J; Klucken, J; Sieber, C C; Büttner, R

    2013-08-01

    Contemporary geriatric research focuses mainly on observational clinical studies and epidemiological surveys and the translation of basic scientific results from biogerontology into a clinical context is often neglected. Following a definition of translational research the article gives an overview of recent key publications in experimental biogerontology with a special emphasis on their relevance for clinical geriatrics. The topics dealt with include age-induced loss of skeletal muscle (sarcopenia), the aging immune system (immunosenescence) and neurodegenerative disorders (Alzheimer's and Parkinson's disease).

  9. Stakeholders' perception of key performance indicators (KPIs) of public-private partnership (PPP) projects

    OpenAIRE

    Olabode Emmanuel Ogunsanmi

    2013-01-01

    The study investigates key performance indicators (KPIs) that could improve performance of public-private partnership (PPP) projects in Nigeria. The study objectives include a comparison of stakeholders’ perception on KPIs and to investigate if significant difference exists between stakeholders’ perceptions on most KPIs. A structured questionnaire was used to collect information from various respondents who were recently involved in PPP projects. Random sampling technique was used to select f...

  10. Designing solutions for securing patient privacy--meeting the demands of health care in the 21st century.

    Science.gov (United States)

    Bluml, B M; Crooks, G M

    1999-01-01

    To define the issues surrounding patient privacy, examine the political context in which debate is taking place, and present a novel technology model for addressing privacy, confidentiality, and security in 21st century health care. The discussion of privacy addresses one of the basic issues in health care today--the tension between the needs of the individual patient for privacy and confidentiality and the needs of society to effectively manage health care practices and control health care costs. Patient concerns for privacy, confidentiality, and security are legitimate, and can usually be reduced to issues that potentially affect an individual's employment, ability to get and maintain health coverage, and have control over his or her records and care. These concerns, combined with several precipitating events, are forcing the issue of privacy into the political arena, where new health policy decisions will be made. The debate must be framed within a principle-centered approach that focuses on boundaries, security, consumer control, accountability, and public responsibility. A global, distributed electronic health record management model that provides location-independent, secured, authenticated access to relevant patient care records by qualified health care professionals on a need-to-know basis provides solutions. Information asset considerations should be designed to equitably represent the ownership needs of corporate entities, society, and the individual. A secure electronic health record structure that systematically ensures a high level of accountability combined with thoughtful dialogue among key stakeholders in the public policy development process can offer the privacy outcomes we seek.

  11. PKDIP: Efficient Public-Key-Based Data Integrity Protection for Wireless Image Sensors

    Directory of Open Access Journals (Sweden)

    Changsheng Wan

    2015-01-01

    Full Text Available Due to limited energy of “wireless image sensors (WISs,” existing data integrity protection mechanisms typically employ a hash-function-based signing algorithm to generate “message authentication codes (MACs” for long image frames. However, hash-function-based signing algorithm requires the WIS and the “end user (EU” sharing a secret, which leads to a new security issue: Once the EU becomes malicious due to some reasons, it will be able to forge the WIS’s data since it holds the shared secret. Therefore, public-key cryptography is desirable. Unfortunately, public-key cryptographic operations are quite time-consuming for energy-restrained WISs. Facing this dilemma, we present a novel data integrity protection protocol named PKDIP in this paper. Similar to the mechanisms of this field, PKDIP generates MACs for data integrity protection. However, different from other well-known approaches, PKDIP introduces the “Montgomery Modular Multiplication (MontMM” technique to current public-key-based signing algorithms. Since MontMM is much more efficient than hash functions, PKDIP can reduce the signing cost significantly. Experimental results show PKDIP can even be more efficient than hash-function-based schemes.

  12. Common Privacy Myths

    Science.gov (United States)

    ... Health Information home > privacy + phrs > common privacy myths Common Privacy Myths With the new federal laws protecting ... Here are the truths to some of the common myths: Health information cannot be faxed – FALSE Your ...

  13. Non-coherent capacity of secret-key agreement with public discussion

    KAUST Repository

    Agrawal, Anurag

    2011-06-01

    We study the Rayleigh fading non-coherent capacity of secret-key agreement with public discussion, where neither the sender nor the receivers have access to instantaneous channel state information (CSI) of any channel. We present two results. At high Signal-to-Noise Ratio (SNR), the secret-key capacity is bounded in SNR, regardless of the number of antennas at each terminal. Second, for a system with a single antenna at both the legitimate and the eavesdropper terminals and an arbitrary number of transmit antennas, the secret-key capacity-achieving input distribution is discrete, with a finite number of mass points. Numerically we observe that at low-SNR, the capacity achieving distribution has two mass points with one of them at the origin. © 2011 IEEE.

  14. Performing privacy in schools

    DEFF Research Database (Denmark)

    Bøge, Ask Risom; Albrechtslund, Anders; Andersen, Lars Bo

    2017-01-01

    In this presentation we pursue the question: How is privacy performed and perceived in schools by children? Our aim is to investigate how the boundaries between public and private spheres are continuously performed in the formal setting of the classroom as well as in the social lives of students....... School life involves a wide range of technologies, including smartphones, online communication platforms between teachers and parents, and social media. These and other surveillance-enabling services all contribute to the tracking of and by school children and shape their perceptions of privacy (Monahan...... and Torres, 2009; Selwyn, 2010; Taylor, 2013; Taylor & Rooney, 2016). The presentation reports findings from a qualitative study in which teachers and students between 12-16 from two Danish schools are interviewed. In addition, the teachers and students participate in workshops where experiments...

  15. Secured Wireless Communication using Fuzzy Logic based High Speed Public-Key Cryptography (FLHSPKC

    Directory of Open Access Journals (Sweden)

    Arindam Sarkar

    2012-10-01

    Full Text Available In this paper secured wireless communication using fuzzy logic based high speed public-key cryptography (FLHSPKC has been proposed by satisfying the major issues likes computational safety, power management and restricted usage of memory in wireless communication. Wireless Sensor Network (WSN has several major constraints likes’ inadequate source of energy, restricted computational potentiality and limited memory. Though conventional Elliptic Curve Cryptography (ECC which is a sort of public-key cryptography used in wireless communication provides equivalent level of security like other existing public–key algorithm using smaller parameters than other but this traditional ECC does not take care of all these major limitations in WSN. In conventional ECC consider Elliptic curve point p, an arbitrary integer k and modulus m, ECC carry out scalar multiplication kP mod m, which takes about 80% of key computation time on WSN. In this paper proposed FLHSPKC scheme provides some novel strategy including novel soft computing based strategy to speed up scalar multiplication in conventional ECC and which in turn takes shorter computational time and also satisfies power consumption restraint, limited usage of memory without hampering the security level. Performance analysis of the different strategies under FLHSPKC scheme and comparison study with existing conventional ECC methods has been done.

  16. Customer privacy on UK healthcare websites.

    Science.gov (United States)

    Mundy, Darren P

    2006-09-01

    Privacy has been and continues to be one of the key challenges of an age devoted to the accumulation, processing, and mining of electronic information. In particular, privacy of healthcare-related information is seen as a key issue as health organizations move towards the electronic provision of services. The aim of the research detailed in this paper has been to analyse privacy policies on popular UK healthcare-related websites to determine the extent to which consumer privacy is protected. The author has combined approaches (such as approaches focused on usability, policy content, and policy quality) used in studies by other researchers on e-commerce and US healthcare websites to provide a comprehensive analysis of UK healthcare privacy policies. The author identifies a wide range of issues related to the protection of consumer privacy through his research analysis using quantitative results. The main outcomes from the author's research are that only 61% of healthcare-related websites in their sample group posted privacy policies. In addition, most of the posted privacy policies had poor readability standards and included a variety of privacy vulnerability statements. Overall, the author's findings represent significant current issues in relation to healthcare information protection on the Internet. The hope is that raising awareness of these results will drive forward changes in the industry, similar to those experienced with information quality.

  17. 75 FR 18837 - Office of Public Health and Science, Office of Minority Health; Privacy Act of 1974; Report of a...

    Science.gov (United States)

    2010-04-13

    ... HUMAN SERVICES Office of the Secretary Office of Public Health and Science, Office of Minority Health..., Office of the Secretary, Office of Public Health and Science, Office of Minority Health. ACTION: Notice... minority health information to public and professional audiences. In support of this purpose, this...

  18. Key Data Gaps Regarding the Public Health Issues Associated with Opioid Analgesics.

    Science.gov (United States)

    Schmidt, Teresa D; Haddox, J David; Nielsen, Alexandra E; Wakeland, Wayne; Fitzgerald, John

    2015-10-01

    Most pharmaceutical opioids are used to treat pain, and they have been demonstrated to be effective medications for many. Their abuse and misuse pose significant public health concerns in the USA. Research has provided much insight into the prevalence, scope, and drivers of opioid abuse, but a holistic understanding is limited by a lack of available data regarding key aspects of this public health problem. Twelve data gaps were revealed during the creation of a systems-level computer model of medical use, diversion, nonmedical use, and the adverse outcomes associated with opioid analgesics in the USA. Data specific to these gaps would enhance the validity and real-world applications of systems-level models of this public health problem and would increase understanding of the complex system in which use and abuse occur. This paper provides an overview of these gaps, argues for the importance of closing them, and provides specific recommendations for future data collection efforts.

  19. 36 CFR 902.56 - Protection of personal privacy.

    Science.gov (United States)

    2010-07-01

    ... privacy. 902.56 Section 902.56 Parks, Forests, and Public Property PENNSYLVANIA AVENUE DEVELOPMENT... Protection of personal privacy. (a) Any of the following personnel, medical, or similar records is within the... invasion of his personal privacy: (1) Personnel and background records personal to any officer or employee...

  20. Privacy Concerns: The Effects of the Latest FERPA Changes

    Science.gov (United States)

    Cossler, Christine

    2010-01-01

    Privacy, something once taken for granted, has again become top-of-mind for public school districts thanks to technology's increasing reach, as well as new changes to privacy laws governing student information. Recently, educators have had to face important changes to the Family Educational Rights and Privacy Act (FERPA), originally signed into…

  1. 22 CFR 212.22 - Protection of personal privacy.

    Science.gov (United States)

    2010-04-01

    ... 22 Foreign Relations 1 2010-04-01 2010-04-01 false Protection of personal privacy. 212.22 Section... Information for Public Inspection and Copying § 212.22 Protection of personal privacy. To the extent required to prevent a clearly unwarranted invasion of personal privacy, USAID may delete identifying details...

  2. 32 CFR 701.119 - Privacy and the web.

    Science.gov (United States)

    2010-07-01

    ... 32 National Defense 5 2010-07-01 2010-07-01 false Privacy and the web. 701.119 Section 701.119... THE NAVY DOCUMENTS AFFECTING THE PUBLIC DON Privacy Program § 701.119 Privacy and the web. DON activities shall consult SECNAVINST 5720.47B for guidance on what may be posted on a Navy Web site....

  3. Semantic Security: Privacy Definitions Revisited

    OpenAIRE

    Jinfei Liu; Li Xiong; Jun Luo

    2013-01-01

    In this paper we illustrate a privacy framework named Indistinguishabley Privacy. Indistinguishable privacy could be deemed as the formalization of the existing privacy definitions in privacy preserving data publishing as well as secure multi-party computation. We introduce three representative privacy notions in the literature, Bayes-optimal privacy for privacy preserving data publishing, differential privacy for statistical data release, and privacy w.r.t. semi-honest behavior in the secure...

  4. An Alternative View of Privacy on Facebook

    Directory of Open Access Journals (Sweden)

    Christian Fuchs

    2011-02-01

    Full Text Available The predominant analysis of privacy on Facebook focuses on personal information revelation. This paper is critical of this kind of research and introduces an alternative analytical framework for studying privacy on Facebook, social networking sites and web 2.0. This framework is connecting the phenomenon of online privacy to the political economy of capitalism—a focus that has thus far been rather neglected in research literature about Internet and web 2.0 privacy. Liberal privacy philosophy tends to ignore the political economy of privacy in capitalism that can mask socio-economic inequality and protect capital and the rich from public accountability. Facebook is in this paper analyzed with the help of an approach, in which privacy for dominant groups, in regard to the ability of keeping wealth and power secret from the public, is seen as problematic, whereas privacy at the bottom of the power pyramid for consumers and normal citizens is seen as a protection from dominant interests. Facebook’s privacy concept is based on an understanding that stresses self-regulation and on an individualistic understanding of privacy. The theoretical analysis of the political economy of privacy on Facebook in this paper is based on the political theories of Karl Marx, Hannah Arendt and Jürgen Habermas. Based on the political economist Dallas Smythe’s concept of audience commodification, the process of prosumer commodification on Facebook is analyzed. The political economy of privacy on Facebook is analyzed with the help of a theory of drives that is grounded in Herbert Marcuse’s interpretation of Sigmund Freud, which allows to analyze Facebook based on the concept of play labor (= the convergence of play and labor.

  5. Applying Encryption Algorithm for Data Security and Privacy in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Mohit Marwaha

    2013-01-01

    Full Text Available Cloud computing is the next big thing after internet in the field of information technology; some say its a metaphor for internet. It is an Internet-based computing technology, in which software, shared recourses and information, are provided to consumers and devices on-demand, and as per users requirement on a pay per use model. Even though the cloud continues to grow in popularity, Usability and respectability, Problems with data protection and data privacy and other Security issues play a major setback in the field of Cloud Computing. Privacy and security are the key issue for cloud storage. Encryption is a well known technology for protecting sensitive data. Use of the combination of Public and Private key encryption to hide the sensitive data of users, and cipher text retrieval. The paper analyzes the feasibility of the applying encryption algorithm for data security and privacy in cloud Storage.

  6. Protecting privacy in a clinical data warehouse.

    Science.gov (United States)

    Kong, Guilan; Xiao, Zhichun

    2015-06-01

    Peking University has several prestigious teaching hospitals in China. To make secondary use of massive medical data for research purposes, construction of a clinical data warehouse is imperative in Peking University. However, a big concern for clinical data warehouse construction is how to protect patient privacy. In this project, we propose to use a combination of symmetric block ciphers, asymmetric ciphers, and cryptographic hashing algorithms to protect patient privacy information. The novelty of our privacy protection approach lies in message-level data encryption, the key caching system, and the cryptographic key management system. The proposed privacy protection approach is scalable to clinical data warehouse construction with any size of medical data. With the composite privacy protection approach, the clinical data warehouse can be secure enough to keep the confidential data from leaking to the outside world. © The Author(s) 2014.

  7. Privacy in the Genomic Era

    Science.gov (United States)

    NAVEED, MUHAMMAD; AYDAY, ERMAN; CLAYTON, ELLEN W.; FELLAY, JACQUES; GUNTER, CARL A.; HUBAUX, JEAN-PIERRE; MALIN, BRADLEY A.; WANG, XIAOFENG

    2015-01-01

    Genome sequencing technology has advanced at a rapid pace and it is now possible to generate highly-detailed genotypes inexpensively. The collection and analysis of such data has the potential to support various applications, including personalized medical services. While the benefits of the genomics revolution are trumpeted by the biomedical community, the increased availability of such data has major implications for personal privacy; notably because the genome has certain essential features, which include (but are not limited to) (i) an association with traits and certain diseases, (ii) identification capability (e.g., forensics), and (iii) revelation of family relationships. Moreover, direct-to-consumer DNA testing increases the likelihood that genome data will be made available in less regulated environments, such as the Internet and for-profit companies. The problem of genome data privacy thus resides at the crossroads of computer science, medicine, and public policy. While the computer scientists have addressed data privacy for various data types, there has been less attention dedicated to genomic data. Thus, the goal of this paper is to provide a systematization of knowledge for the computer science community. In doing so, we address some of the (sometimes erroneous) beliefs of this field and we report on a survey we conducted about genome data privacy with biomedical specialists. Then, after characterizing the genome privacy problem, we review the state-of-the-art regarding privacy attacks on genomic data and strategies for mitigating such attacks, as well as contextualizing these attacks from the perspective of medicine and public policy. This paper concludes with an enumeration of the challenges for genome data privacy and presents a framework to systematize the analysis of threats and the design of countermeasures as the field moves forward. PMID:26640318

  8. Automated information extraction of key trial design elements from clinical trial publications.

    Science.gov (United States)

    de Bruijn, Berry; Carini, Simona; Kiritchenko, Svetlana; Martin, Joel; Sim, Ida

    2008-11-06

    Clinical trials are one of the most valuable sources of scientific evidence for improving the practice of medicine. The Trial Bank project aims to improve structured access to trial findings by including formalized trial information into a knowledge base. Manually extracting trial information from published articles is costly, but automated information extraction techniques can assist. The current study highlights a single architecture to extract a wide array of information elements from full-text publications of randomized clinical trials (RCTs). This architecture combines a text classifier with a weak regular expression matcher. We tested this two-stage architecture on 88 RCT reports from 5 leading medical journals, extracting 23 elements of key trial information such as eligibility rules, sample size, intervention, and outcome names. Results prove this to be a promising avenue to help critical appraisers, systematic reviewers, and curators quickly identify key information elements in published RCT articles.

  9. An efficient and provably-secure certificateless public key encryption scheme for telecare medicine information systems.

    Science.gov (United States)

    Guo, Rui; Wen, Qiaoyan; Shi, Huixian; Jin, Zhengping; Zhang, Hua

    2013-10-01

    Telecare Medicine Information Systems (TMIS) promote the traditional medical and healthcare services by information and communication technology. Since the physician and caregiver can monitor the patient's physiological condition remotely in TMIS, the confidentiality of this sensitive data should be protected, which is the key issue in the Health Insurance Portability and Accountability Act. In this paper, we propose an efficient certificateless public key encryption scheme without bilinear pairing for TMIS. Our proposal is proved to be secure in the random oracle model under the hardness assumption of computational Diffie-Hellman problem. Moreover, after modifying the original model of the certificateless encryption, this scheme achieves Girault's trust level 3. Compared with the related protocols, the perform evaluations show that our scheme is more efficient and appropriate to collocate with low power mobile devices for TMIS.

  10. On the Security of a Simple Three-Party Key Exchange Protocol without Server’s Public Keys

    Directory of Open Access Journals (Sweden)

    Junghyun Nam

    2014-01-01

    Full Text Available Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010: (1 the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2 the protocol cannot protect clients’ passwords against an offline dictionary attack; and (3 the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol.

  11. Enhanced Montgomery Multiplication on DSP Architectures for Embedded Public-Key Cryptosystems

    Directory of Open Access Journals (Sweden)

    Gastaldo P

    2008-01-01

    Full Text Available Abstract Montgomery's algorithm is a popular technique to speed up modular multiplications in public-key cryptosystems. This paper tackles the efficient support of modular exponentiation on inexpensive circuitry for embedded security services and proposes a variant of the finely integrated product scanning (FIPS algorithm that is targeted to digital signal processors. The general approach improves on the basic FIPS formulation by removing potential inefficiencies and boosts the exploitation of computing resources. The reformulation of the basic FIPS structure results in a general approach that balances computational efficiency and flexibility. Experimental results on commercial DSP platforms confirm both the method's validity and its effectiveness.

  12. In science communication, why does the idea of the public deficit always return? Exploring key influences.

    Science.gov (United States)

    Suldovsky, Brianne

    2016-05-01

    Despite mounting criticism, the deficit model remains an integral part of science communication research and practice. In this article, I advance three key factors that contribute to the idea of the public deficit in science communication, including the purpose of science communication, how communication processes and outcomes are conceptualized, and how science and scientific knowledge are defined. Affording science absolute epistemic privilege, I argue, is the most compelling factor contributing to the continued use of the deficit model. In addition, I contend that the deficit model plays a necessary, though not sufficient, role in science communication research and practice. Areas for future research are discussed.

  13. Effective Privacy Amplification for Secure Classical Communications

    CERN Document Server

    Horvath, Tamas; Scheuer, Jacob

    2011-01-01

    We study the effectiveness of privacy amplification for classical key-distribution schemes. We find that, unlike quantum key distribution schemes, the high fidelity of the raw key in classical systems allow the users to always sift a secure shorter key, given that they have an upper bound of eavesdropper probability to correctly guess the exchanged key-bits. We establish the number of privacy amplification iterations needed to achieve information leak of 10^-8 in several classical systems and highlight the inherent tradeoff between the number of iterations and the security of the raw key.

  14. Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things.

    Science.gov (United States)

    Hernández-Ramos, José L; Bernabe, Jorge Bernal; Moreno, M Victoria; Skarmeta, Antonio F

    2015-07-01

    As we get into the Internet of Things era, security and privacy concerns remain as the main obstacles in the development of innovative and valuable services to be exploited by society. Given the Machine-to-Machine (M2M) nature of these emerging scenarios, the application of current privacy-friendly technologies needs to be reconsidered and adapted to be deployed in such global ecosystem. This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography. The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities. Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things.

  15. Post-processing procedure for industrial quantum key distribution systems

    Science.gov (United States)

    Kiktenko, Evgeny; Trushechkin, Anton; Kurochkin, Yury; Fedorov, Aleksey

    2016-08-01

    We present algorithmic solutions aimed on post-processing procedure for industrial quantum key distribution systems with hardware sifting. The main steps of the procedure are error correction, parameter estimation, and privacy amplification. Authentication of classical public communication channel is also considered.

  16. Privacy og selvbeskrivelse

    DEFF Research Database (Denmark)

    Rosengaard, Hans Ulrik

    2015-01-01

    En beskrivelse af feltet for forskning i Privacy med særligt henblik på privacys betydning for muligheden for at styre sin egen selvbeskrivelse......En beskrivelse af feltet for forskning i Privacy med særligt henblik på privacys betydning for muligheden for at styre sin egen selvbeskrivelse...

  17. Lattice Based Mix Network for Location Privacy in Mobile System

    Directory of Open Access Journals (Sweden)

    Kunwar Singh

    2015-01-01

    Full Text Available In 1981, David Chaum proposed a cryptographic primitive for privacy called mix network (Mixnet. A mixnet is cryptographic construction that establishes anonymous communication channel through a set of servers. In 2004, Golle et al. proposed a new cryptographic primitive called universal reencryption which takes the input as encrypted messages under the public key of the recipients not the public key of the universal mixnet. In Eurocrypt 2010, Gentry, Halevi, and Vaikunthanathan presented a cryptosystem which is an additive homomorphic and a multiplicative homomorphic for only one multiplication. In MIST 2013, Singh et al. presented a lattice based universal reencryption scheme under learning with error (LWE assumption. In this paper, we have improved Singh et al.’s scheme using Fairbrother’s idea. LWE is a lattice hard problem for which till now there is no polynomial time quantum algorithm. Wiangsripanawan et al. proposed a protocol for location privacy in mobile system using universal reencryption whose security is reducible to Decision Diffie-Hellman assumption. Once quantum computer becomes a reality, universal reencryption can be broken in polynomial time by Shor’s algorithm. In postquantum cryptography, our scheme can replace universal reencryption scheme used in Wiangsripanawan et al. scheme for location privacy in mobile system.

  18. Privacy vs security

    CERN Document Server

    Stalla-Bourdillon, Sophie; Ryan, Mark D

    2014-01-01

    Securing privacy in the current environment is one of the great challenges of today's democracies. Privacy vs. Security explores the issues of privacy and security and their complicated interplay, from a legal and a technical point of view. Sophie Stalla-Bourdillon provides a thorough account of the legal underpinnings of the European approach to privacy and examines their implementation through privacy, data protection and data retention laws. Joshua Philips and Mark D. Ryan focus on the technological aspects of privacy, in particular, on today's attacks on privacy by the simple use of today'

  19. Will the new Australian health privacy law provide adequate protection?

    Science.gov (United States)

    Bomba, David; Hallit, George

    2002-01-01

    Amendments to the original Privacy Act (1988) come at a key point in time, as a national medical record system looms on the Australian horizon. Changes to The Privacy Act have the potential to define a level of information privacy prior to the implementation of such a system. We have therefore collected expert opinions on the ability of the Health Privacy Guidelines (enacted in December 2001 under The Privacy Act and hereafter more specifically known as Health Privacy Legislation) to ensure the privacy and security of patient information. We conclude that the legislation is flawed in its capacity to withstand an increasingly corporatised health sector. Deficiencies in consent requirements, together with feeble enforcement capabilities, mean The Legislation cannot effectively ensure that personally identifiable information will not end up in corporate third party hands. To significantly bolster the new legislation, we argue that it should be supplemented with explicit health data legislation and privacy auditing.

  20. Novel Authentication of Monitoring Data Through the use of Secret and Public Cryptographic Keys

    Energy Technology Data Exchange (ETDEWEB)

    Benz, Jacob M.; Tolk, Keith; Tanner, Jennifer E.

    2014-07-21

    The Office of Nuclear Verification (ONV) is supporting the development of a piece of equipment to provide data authentication and protection for a suite of monitoring sensors as part of a larger effort to create an arms control technology toolkit. This device, currently called the Red Box, leverages the strengths of both secret and public cryptographic keys to authenticate, digitally sign, and pass along monitoring data to allow for host review, and redaction if necessary, without the loss of confidence in the authenticity of the data by the monitoring party. The design of the Red Box will allow for the addition and removal of monitoring equipment and can also verify that the data was collected by authentic monitoring equipment prior to signing the data and sending it to the host and for review. The host will then forward the data to the monitor for review and inspection. This paper will highlight the progress to date of the Red Box development, and will explain the novel method of leveraging both symmetric and asymmetric (secret and public key) cryptography to authenticate data within a warhead monitoring regime.

  1. The EU Clinical Trials Regulation: key priorities, purposes and aims and the implications for public health.

    Science.gov (United States)

    Flear, Mark L

    2016-03-01

    The replacement of the European Union (EU) Clinical Trials Directive by the new Clinical Trials Regulation (CTR), which entered into force on 16 June 2014 but will not apply before 28 May 2016, provides an opportunity to review the legal and political context within which this important aspect of research law and policy sits and to reflect on the implications for public health. My aim in this article is to relate the context to the key purposes and aims of EU law and policy on clinical trials in order to explain and clarify its orientation. On that basis, I argue that the CTR and the changes it introduces to the law on clinical trials are part of the EU's continued focus on market optimisation. It is this focus that orients and directs the wider pharmaceutical development pipeline, but that undermines the achievement of key public health objectives. Published by the BMJ Publishing Group Limited. For permission to use (where not already granted under a licence) please go to http://www.bmj.com/company/products-services/rights-and-licensing/

  2. Breaking Classical Public Key Cryptosystems by Using a Novel Ensemble Search Algorithm

    CERN Document Server

    Chen, C Y

    2004-01-01

    In this paper, we improve Bruschweiler's algorithm such that only one query is needed for searching the single object z from N=2^n unsorted elements. Our algorithm construct the new oracle query function g(.) satisfying g(x)=0 for all input x, except for one, say x=z, where g(z)=z. To store z, our algorithm extends from one ancillary qubit to n ancillary qubits. We then measure these ancillary qubits to discover z. We further use our ensemble search algorithm to attack classical public key cryptosystems. Given the ciphertext C=Ek(m, r) which is generated by the encryption function Ek(), a public key k, a message m, and a random number r, we can construct an oracle query function h(.) satisfying h(m', r')=0 if Ek(m', r')!=C and h(m', r')= (m', r') if Ek(m', r')=C. There is only one object, say (m, r), can be discovered in decryption of C. By preparing the input with all possible states of (m', r'), we can thus use our ensemble search algorithm to find the wanted object (m, r). Obviously, we break the classical...

  3. Key Performance Indicators for Maintenance Management Effectiveness of Public Hospital Building

    Directory of Open Access Journals (Sweden)

    Farhana Omar Mardhiah

    2017-01-01

    Full Text Available Effectiveness of management in maintenance aspect holds the key element in influencing the performance of overall maintenance management. Similarly, public hospital building needs an effective maintenance management as this type of building in nature is one of the most complex issues in the field of maintenance. Improper building maintenance management adopted by the organization significantly will interrupt the overall operation of the building. Therefore, this paper is aim to identifying the key performance indicator (KPI of effectiveness of maintenance management for the public hospital building. A total of 32 set of questionnaires were distributed to the maintenance manager for each hospital in the northern region of peninsular Malaysia by using self-administration strategy. The survey answer was analyzed by performing descriptive analysis in SPSS. Overall, the result of descriptive analysis shows that all the ten factors of effectiveness of maintenance management are accepted as KPI since the mean value is at least 3.93 which classified as important and significant. The most significant factor of effectiveness of maintenance management is task planning and scheduling with the mean score of 4.35. While less significant factor is identify as maintenance approach with the value of mean score is 3.93. The both results indicates that the management need to have well-structured planning for the maintenance works and also need to embrace the exact strategy of maintenance approach in order to achieved better overall performance of maintenance management. This study may draw a standard practice for the government in assessing the performance of public facilities in terms of maintenance management.

  4. Understanding key influencers' attitudes and beliefs about healthy public policy change for obesity prevention.

    Science.gov (United States)

    Raine, Kim D; Nykiforuk, Candace I J; Vu-Nguyen, Karen; Nieuwendyk, Laura M; VanSpronsen, Eric; Reed, Shandy; Wild, T Cameron

    2014-11-01

    As overweight and obesity is a risk factor for chronic diseases, the development of environmental and healthy public policy interventions across multiple sectors has been identified as a key strategy to address this issue. In 2009, a survey was developed to assess the attitudes and beliefs regarding health promotion principles, and the priority and acceptability of policy actions to prevent obesity and chronic diseases, among key policy influencers in Alberta and Manitoba, Canada. Surveys were mailed to 1,765 key influencers from five settings: provincial government, municipal government, school boards, print media companies, and workplaces with greater than 500 employees. A total of 236 surveys were completed with a response rate of 15.0%. Findings indicate nearly unanimous influencer support for individual-focused policy approaches and high support for some environmental policies. Restrictive environmental and economic policies received weakest support. Obesity was comparable to smoking with respect to perceptions as a societal responsibility versus a personal responsibility, boding well for the potential of environmental policy interventions for obesity prevention. This level of influencer support provides a platform for more evidence to be brokered to policy influencers about the effectiveness of environmental policy approaches to obesity prevention. © 2014 The Obesity Society.

  5. Collateral visibility : A socio-legal study of police body camera adoption, privacy, and public disclosure in Washington State

    NARCIS (Netherlands)

    Newell, Bryce

    2017-01-01

    Law enforcement use of body-worn cameras has recently become a subject of significant public and scholarly debate. This article presents findings from a socio-legal examination of the legal and social implications of body-worn camera adoption by two police departments in Washington State. In particu

  6. The Preference for Privacy: In Search of the Social Locations of Privacy Orientations.

    Science.gov (United States)

    Gandy, Oscar H., Jr.

    A study was conducted to develop some understanding of how social experience might be related to public expectations of rights to privacy. A telephone questionnaire was developed which sought information about respondent knowledge, attitudes, and behavior regarding privacy and personal information. A national survey of adults over the age of 18…

  7. Generic Construction of Privacy-Preserving Optimistic Fair Exchange Protocols

    Directory of Open Access Journals (Sweden)

    Qingwen Guo

    2017-05-01

    Full Text Available Privacy-preserving optimistic fair exchange (P2OFE is a kind of protocols which aim to solve the fairness problem in the exchange of digital signatures between two parties and in the meanwhile protect their privacy. In P2OFE, no one else including the semi-trusted third party in charge of arbitration can confirm an exchange even after resolving a dispute. In this paper we present a black-box construction of P2OFE based on a tag-based public key encryption scheme and a standard digital signature scheme. Our construction follows the ‘sign-then-encrypt’ paradigm, and is secure in the standard model. Our construction is generic and admits more instantiations of P2OFE.

  8. Adaptively Sharing Time-Series with Differential Privacy

    CERN Document Server

    Fan, Liyue

    2012-01-01

    Sharing real-time aggregate statistics of private data has given much benefit to the public to perform data mining for understanding important phenomena, such as Influenza outbreaks and traffic congestions. We propose an adaptive approach with sampling and estimation to release aggregated time series under differential privacy, the key innovation of which is that we utilize feedback loops based on observed (perturbed) values to dynamically adjust the estimation model as well as the sampling rate. To minimize the overall privacy cost, our solution uses the PID controller to adaptively sample long time-series according to detected data dynamics. To improve the accuracy of data release per timestamp, the Kalman filter is used to predict data values at non-sampling points and to estimate true values from perturbed query answers at sampling points. Our experiments with three real data sets show that it is beneficial to incorporate feedback into both the estimation model and the sampling process. The results confir...

  9. A privacy enhanced authentication scheme for telecare medical information systems.

    Science.gov (United States)

    Jiang, Qi; Ma, Jianfeng; Ma, Zhuo; Li, Guangsong

    2013-02-01

    The telecare medical information system (TMIS) aims to establish telecare services and enable the public to access medical services or medical information at remote sites. Authentication and key agreement is essential to ensure data integrity, confidentiality, and availability for TMIS. Most recently, Chen et al. proposed an efficient and secure dynamic ID-based authentication scheme for TMIS, and claimed that their scheme achieves user anonymity. However, we observe that Chen et al.'s scheme achieves neither anonymity nor untraceability, and is subject to the identity guessing attack and tracking attack. In order to protect user privacy, we propose an enhanced authentication scheme which achieves user anonymity and untraceablity. It is a secure and efficient authentication scheme with user privacy preservation which is practical for TMIS.

  10. Key Technologies Research on Privacy Protection of the Era of Big Data%大数据时代的隐私保护关键技术研究

    Institute of Scientific and Technical Information of China (English)

    王静婷; 孙亚红; 肖淑苹

    2016-01-01

    Big data is the popular hot topic in the study of the social from all walks of life. It has become an important wealth of information society, but it has brought about great challenge to data processing and management. Therefore, this article obtains from the concept of big data and expounds the definition, characteristics, sources and applications. It also analyzes the security challenges. At the same time, combined with the security test of big data, it has carried on the exploration to the key technolo-gies of privacy protection. Finally, it summarizes the significance of privacy protection in the era of big data.%大数据是目前广受社会各界研究的热点,它成为了信息社会的重要财富,同时也给数据的处理和管理带来了巨大挑战。因此,该文从大数据概念入手,阐述了大数据的定义、特点、来源以及应用目标,分析了大数据带来的安全挑战。同时,结合大数据面临的安全考验,对隐私保护的关键技术进行了探究。最后,总结了大数据时代的隐私保护的意义。

  11. Privacy and human behavior in the age of information.

    Science.gov (United States)

    Acquisti, Alessandro; Brandimarte, Laura; Loewenstein, George

    2015-01-30

    This Review summarizes and draws connections between diverse streams of empirical research on privacy behavior. We use three themes to connect insights from social and behavioral sciences: people's uncertainty about the consequences of privacy-related behaviors and their own preferences over those consequences; the context-dependence of people's concern, or lack thereof, about privacy; and the degree to which privacy concerns are malleable—manipulable by commercial and governmental interests. Organizing our discussion by these themes, we offer observations concerning the role of public policy in the protection of privacy in the information age. Copyright © 2015, American Association for the Advancement of Science.

  12. A New Public-key Oblivious Fragile Watermarking for Image Authentication Using Discrete Cosine Transform

    Directory of Open Access Journals (Sweden)

    Chin-Chen Chang

    2009-03-01

    Full Text Available In this paper, a new oblivious fragile watermarking using discrete cosine transform is proposed. It is inspired by Wong's public key watermarking scheme proposed in 1998 and aims to improve its vulnerability towards possible attacks indicated by Barreto and Holliman. Instead of making use of contextual information and making it an inter-block dependent scheme, as suggested by Barreto, we adopt another approach to retain its blockwise independent property. Our scheme can avoid the conditions necessary for such attacks to befeasible. Furthermore, our scheme extracts the inherent image features and embeds them into this image as the watermark. This relieves users from having to maintain a database of watermarks from various sources. Experimental results show that the watermark insertion procedure has little effect on the visual quality of the watermarked image. They also show our scheme can locate the modifications made to the watermarked image, including imagescaling, cropping, geometric distortion, pixel value changes, etc.

  13. Information Hiding in CSS : A Secure Scheme Text-Steganography using Public Key Cryptosystem

    CERN Document Server

    Kabetta, Herman; Suyoto,

    2012-01-01

    In many recent years, the programming world has been introduced about a new programming language for designing websites, it is CSS that can be be used together with HTML to develop a web interface. And now, these two programming languages as if inseparably from each other. As a client-side scripting, CSS is visible by all users as the original script, but it can not be granted changed. Website is a tool of information disseminator throughout the world, this is certainly can be used to a secret communication by using CSS as a message hider. This paper proposed a new scheme using web tools like CSS for hiding informations. This is a secret communication mechanism using text steganography techniques that is embedded messages on CSS files and is further encrypted using RSA as a public key cryptographic algorithm.

  14. Secure Digital Certificate Design Based on the Public Key Cryptography Algorithm

    Directory of Open Access Journals (Sweden)

    Zhang Qi ming

    2013-07-01

    Full Text Available     With the popularity of the Internet, more and more people choose online shopping, however, in the case of lacking security measures, there is a great deal of risk on the Internet. to this situation,In response to this situation, this paper presents a digital certificate based on the X.509 standard. This paper uses the C language generation public key algorithm (RSA,Realization of the digital certificate registration, verification and certificate generation process,the identity of certification users can be verified and provide proof of identity on the Internet transactions ,reducing the transaction risks greatly , ensuring the user's property and interests are not infringed.

  15. Funding ATLAS 2012 key indicators for publicly funded research in Germany

    CERN Document Server

    Deutsche Forschungsgemeinschaft (DFG)

    2013-01-01

    The Funding ATLAS is a reporting system (previously referred to as the Funding Ranking) employed by the German Research Foundation (DFG) to provide information in the form of indicators of key developments in publicly funded research in Germany every three years. This English version of the Funding ATLAS 2012 presents selected findings from the more comprehensive German edition. At the core of the report are indicators that provide information on which subject areas have received funding at higher education and other research institutions in the period 2008-2010. This report also includes, as a supplement not found in the German edition, the decisions on the Excellence Initiative, which were taken shortly after the German edition of the Funding ATLAS 2012 was published. The report also addresses the subject of internationality by presenting selected indicators that show how attractive Germany's research institutions are for visiting scientists. In summary, the DFG Funding ATLAS furnishes reliable indicators o...

  16. Health and safety's stewardship of key business values: employees, public trust, and responsibility to shareholders.

    Science.gov (United States)

    Fulwiler, R D

    1993-11-01

    This paper reviews how one company has been able to develop and implement a highly effective job safety and health system and to sustain it at a high level of performance. This process begins with a simple but clear corporate safety and health policy statement: "Procter & Gamble insists on safe operation." It is driven by three critical values, namely: 1) its employees, 2) its public trust, and 3) its profits. The impact of workers' compensation costs on company profits is examined, along with the enormous savings in these costs that have been achieved by the company's commitment to total quality. This is followed by brief descriptions of the company's "Total Incident Rate" and it's "Key Elements" systems, and the relationships between them. The paper concludes with a description of the company's model for enabling all employees to make recommendations for continuous improvement of health and safety systems throughout all of the company's operations.

  17. Healthcare public key infrastructure (HPKI) and non-profit organization (NPO): essentials for healthcare data exchange.

    Science.gov (United States)

    Takeda, Hiroshi; Matsumura, Yasushi; Nakagawa, Katsuhiko; Teratani, Tadamasa; Qiyan, Zhang; Kusuoka, Hideo; Matsuoka, Masami

    2004-01-01

    To share healthcare information and to promote cooperation among healthcare providers and customers (patients) under computerized network environment, a non-profit organization (NPO), named as OCHIS, was established at Osaka, Japan in 2003. Since security and confidentiality issues on the Internet have been major concerns in the OCHIS, the system has been based on healthcare public key infrastructure (HPKI), and found that there remained problems to be solved technically and operationally. An experimental study was conducted to elucidate the central and the local function in terms of a registration authority and a time stamp authority by contracting with the Ministry of Economics and Trading Industries in 2003. This paper describes the experimental design with NPO and the results of the study concerning message security and HPKI. The developed system has been operated practically in Osaka urban area.

  18. [Reversal of aging and lifespan elongation. Current biomedical key publications and the implications for geriatrics].

    Science.gov (United States)

    Bollheimer, L C; Volkert, D; Bertsch, T; Sieber, C C; Büttner, R

    2013-08-01

    Biological aging means a time-dependent accumulation of changes to which a living organism is being exposed during its lifetime. Biological aging normally concurs with chronological aging the time frame of which is set by an upper limit, the lifespan (in humans approximately 120 years). New findings in experimental biogerontology are challenging both the dogma of irreversibility of biological aging and the preset species-specific limitations of life. The present overview first explains the general principle of rejuvenation and reversal of biological aging with paradigms from stem cell research. Secondly, recent key publications on artificial telomerase elongation and (alleged) lifespan enhancement by sirtuins and resveratrol will be discussed with an emphasis on the implications for (future) geriatric medicine.

  19. 一种新的公钥基础设施——SPKI%A New Public Key Infrastructure - SPKI

    Institute of Scientific and Technical Information of China (English)

    张鹏程; 陈克非

    2003-01-01

    Information security is a part of the core of computer field. This existing PKI system can not satisfy themore and more demand from people. Simple Public Key Infrastructure, SPKI, is new standard of public key certifi-cate, which can bring a simple but precise naming and authorization system for distributed computing environment.The base theory of SPKI is presented, and the brief analysis about its study hotspots and shortcomings are also shownin the paper.

  20. Survey of main challenges (security and privacy in wireless body area networks for healthcare applications

    Directory of Open Access Journals (Sweden)

    Samaher Al-Janabi

    2017-07-01

    Full Text Available Wireless Body Area Network (WBAN is a new trend in the technology that provides remote mechanism to monitor and collect patient’s health record data using wearable sensors. It is widely recognized that a high level of system security and privacy play a key role in protecting these data when being used by the healthcare professionals and during storage to ensure that patient’s records are kept safe from intruder’s danger. It is therefore of great interest to discuss security and privacy issues in WBANs. In this paper, we reviewed WBAN communication architecture, security and privacy requirements and security threats and the primary challenges in WBANs to these systems based on the latest standards and publications. This paper also covers the state-of-art security measures and research in WBAN. Finally, open areas for future research and enhancements are explored.

  1. Providing Source-Location Privacy in Wireless Sensor Networks

    Science.gov (United States)

    Li, Yun; Ren, Jian

    Wireless sensor networks (WSN) have been widely used in many areas for unattended event monitoring. Mainly due to lack of a protected physical boundary, wireless communications are vulnerable to unauthorized detection, interception and and even node capture. Privacy is becoming one of the major issues that jeopardize the successful deployment and survivability of wireless sensor networks. While confidentiality of the message can be ensured through content encryption, it is much more difficult to adequately address the source-location privacy. For WSN, source-location privacy service is further complicated by the fact that the sensor nodes consist of low-cost and low-power radio devices, computationally intensive cryptographic algorithms (such as public-key cryptosystems) and large scale broadcasting-based protocols are not suitable for WSN. In this paper, we propose a two-step routing strategy for the messages to be routed from the actual source node to the SINK node through either a single, or multiple, randomly selected intermediate node(s) away from the source node so that it is to make it infeasible for the adversaries to trace back to the source node through hop-by-hop routing analysis. In the first protocol, the messages will be routed to a single intermediate node. This scheme can provide very good local source-location privacy. We also propose routing through multiple randomly selected intermediate nodes based on angle and quadrant to further improve the performance and security. While providing source-location privacy for WSN, our simulation results demonstrate that the proposed schemes are very efficient in energy consumption, and transmission latency. The proposed schemes can also assurance high message delivery ratio. Therefore, they can be used for many practical applications.

  2. Public Power Monitoring and Personal Privacy Protection During the Era of Big Data%大数据时代的公权力监控与个人隐私保护

    Institute of Scientific and Technical Information of China (English)

    徐昊

    2015-01-01

    Public power monitoring and personal privacy protection is public problems since Countries are established. As long as there is country, this contradiction will not disappear. The whole human society is in constant game of both sides to go on. But the advent of the era of big data exacerbated this contradiction. After the arrival of the era of big data, public power increaseds the means and enhances the level of obtaining citizen's privacy. This situation is good for safeguard security of the whole society. But it is also a serious violation of civil privacy rights, causeing serious concerns for individual rights. Although there is a contradiction between public power monitoring and personal privacy protection, this article found a new way which could meet both side of the contradiction. The results of this way could both help the authorities to maintain the security of social and protect personal privacy.%公权力监控与个人隐私保护是一个自从有了国家便存在的矛盾,只要国家还存在,这个矛盾就不会消失。整个人类社会就是在双方的不停博弈中不断前行。但是大数据时代的到来加剧了这一矛盾的冲突。公权力在大数据时代到来后,获取公民隐私的手段与程度都空前加强。这虽然对维护整个社会治安稳定做出了巨大的贡献,但是也严重的侵害了公民的个人隐私,引发了人们对个人权利的严重忧虑。两者间虽有本质矛盾,但又非不可调和。本文旨在探讨一种公权力监控的运用方式,使其既能满足我国维护社会长治久安的政治目的,又能使民众最大程度的保护期个人隐私并接受其对个人隐私的合理利用。

  3. Performance Evaluation of Public Key Based Authentication in Future Mobile Communication Systems

    Directory of Open Access Journals (Sweden)

    Kambourakis Georgios

    2004-01-01

    Full Text Available While mobile hosts are evolving into full-IP enabled devices, there is a greater demand to provide a more flexible, reconfigurable, and scalable security mechanism in mobile communication systems beyond 3G (B3G. Work has already begun on such an “all-IP” end-to-end solution, commonly referred to as 4G systems. Fully fledged integration between heterogeneous networks, such as 2.5G, UMTS, WLAN, Bluetooth, and the Internet, demands fully compatible, time-tested, and reliable mechanisms to depend on. SSL protocol has proved its effectiveness in the wired Internet and it will probably be the most promising candidate for future wireless environments. In this paper, we discuss existing problems related to authentication and key agreement (AKA procedures, such as compromised authentication vectors attacks, as they appear in current 2/2.5G/3G mobile communication systems, and propose how SSL, combined with public key infrastructure (PKI elements, can be used to overcome these vulnerabilities. In this B3G environment, we perceive authentication as a service, which has to be performed at the higher protocol layers irrespective of the underlying network technology. Furthermore, we analyze the effectiveness of such a solution, based on measurements of a “prototype” implementation. Performance measurements indicate that SSL-based authentication can be possible in terms of service time in future wireless systems, while it can simultaneously provide both the necessary flexibility to network operators and a high level of confidence to end users.

  4. A typology of privacy

    NARCIS (Netherlands)

    Koops, Bert Jaap; Newell, Bryce; Timan, Tjerk; Skorvánek, Ivan; Chokrevski, Tomislav; Galič, Maša

    2017-01-01

    Despite the difficulty of capturing the nature and boundaries of privacy, it is important to conceptualize it. Some scholars develop unitary theories of privacy in the form of a unified conceptual core; others offer classifications of privacy that make meaningful distinctions between different types

  5. Privacy and Social Interaction

    NARCIS (Netherlands)

    B. Roessler; D. Mokrosinska

    2013-01-01

    This article joins in and extends the contemporary debate on the right to privacy. We bring together two strands of the contemporary discourse on privacy. While we endorse the prevailing claim that norms of informational privacy protect the autonomy of individual subjects, we supplement it with an a

  6. Evaluation of unique identifiers used as keys to match identical publications in Pure and SciVal

    DEFF Research Database (Denmark)

    Madsen, Heidi Holst; Madsen, Dicte; Gauffriau, Marianne

    2016-01-01

    also briefly discuss how publication sets formed by using UIDs as the match keys may affect the bibliometric indicators number of publications, number of citations, and the average number of citations per publication. The objective is addressed in a literature review and a case study. The literature...... recognition in our publication sets. In particular the duplicate DOIs constitute a problem for the calculation of bibliometric indicators as both keeping the duplicates to improve the reliability of citation counts and deleting them to improve the reliability of publication counts will distort the calculation...... review shows that only a few studies evaluate how well UIDs work as a match key. From the literature we identify four error types: Duplicate digital object identifiers (DOI), incorrect DOIs in reference lists and databases, DOIs not registered by the database where a bibliometric analysis is performed...

  7. Privacy policies for health social networking sites

    OpenAIRE

    2013-01-01

    Health social networking sites (HSNS), virtual communities where users connect with each other around common problems and share relevant health data, have been increasingly adopted by medical professionals and patients. The growing use of HSNS like Sermo and PatientsLikeMe has prompted public concerns about the risks that such online data-sharing platforms pose to the privacy and security of personal health data. This paper articulates a set of privacy risks introduced by social networking in...

  8. Coordination between veterinary services and other relevant authorities: a key component of good public governance.

    Science.gov (United States)

    Bellemain, V

    2012-08-01

    Coordination between Veterinary Services and other relevant authorities is a key component of good public governance, especially for effective action and optimal management of available resources. The importance of good coordination is reflected in the World Organisation for Animal Health'Tool forthe Evaluation of Performance of Veterinary Services', which includes a critical competency on coordination. Many partners from technical, administrative and legal fields are involved. The degree of formalisation of coordination tends to depend on a country's level of organisation and development. Contingency plans against avian influenza led to breakthroughs in many countries in the mid-2000s. While interpersonal relationships remain vital, not everything should hinge on them. Organisation and management are critical to operational efficiency. The distribution of responsibilities needs to be defined clearly, avoiding duplication and areas of conflict. Lead authorities should be designated according to subject (Veterinary Services in animal health areas) and endowed with the necessary legitimacy. Lead authorities will be responsible for coordinating the drafting and updating of the relevant documents: agreements between authorities, contingency plans, standard operating procedures, etc.

  9. E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption

    Directory of Open Access Journals (Sweden)

    Najlaa A. Abuadhmah

    2010-01-01

    Full Text Available Problem statement: Visa is a very important travelling document, which is an essential need at the point of entry of any country we are visiting. However an important document such as visa is still handled manually which affects the accuracy and efficiency of processing the visa. Work on e-visa is almost unexplored. Approach: This study provided a detailed description of a newly proposed e-visa verification system prototyped based on RFID technology. The core technology of the proposed e-visa verification system is based on Identity Based Encryption (IBE and Public Key Infrastructure (PKI. This research provided comparison between both methods in terms of processing time and application usability. Results: The result showed the e-visa verification system is highly flexible when implemented with IBE and on the other hand produces better processing speed when implemented with PKI. Conclusion: Therefore, it is believed that the proposed e-visa verification schemes are valuable security protocol for future study on e-visa.

  10. Optimal-Rate Coding Theorem For Adversarial Networks in the Public-Key Setting

    CERN Document Server

    Amir, Yair; Ostrovksy, Rafail

    2008-01-01

    In this paper, we establish an optimal-rate (interactive) coding theorem in the public-key setting for synchronous networks in the presence of a malicious poly-time adversary for dynamically changing networks. Namely, even if the majority of the nodes are controlled by a malicious adversary and the topology of the network is changing at each round, then as long as there is some path of non-corrupted nodes connecting the sender and receiver at each round (though this path may change at every round) we construct a protocol with bounded memory per processor that achieves optimal transfer rate and negligible decoding error. This protocol will transmit polynomially many messages of polynomial size with constant overhead per bit. We stress that our protocol assumes no knowledge of which nodes are corrupted nor which path is reliable at any round. Our interactive coding theorem states that our protocol cannot be affected in a meaningful way by any polynomial-time malicious adversary whose goal is to disrupt and dest...

  11. Stakeholders' perception of key performance indicators (KPIs of public-private partnership (PPP projects

    Directory of Open Access Journals (Sweden)

    Olabode Emmanuel Ogunsanmi

    2013-12-01

    Full Text Available The study investigates key performance indicators (KPIs that could improve performance of public-private partnership (PPP projects in Nigeria. The study objectives include a comparison of stakeholders’ perception on KPIs and to investigate if significant difference exists between stakeholders’ perceptions on most KPIs. A structured questionnaire was used to collect information from various respondents who were recently involved in PPP projects. Random sampling technique was used to select forty-five (45 respondents out of which thirty-one (31 responses were used for the data analysis. The results indicate that top KPIs for performance improvement are levels of design complexity and technological advancement, and return on investment. Stakeholders agree on most of the rankings of the KPIs. The general perception of stakeholders was similar on most KPIs except for a few divergent opinions. The study findings have an implication for policy and decision making such that stakeholders could pay special attention to the KPIs identified, that could improve construction project performance. Finally the study recommends further research to explore KPIs for other procurement options.

  12. Applications of Public Key Watermarking for Authentication of Job-Card in MGNREGA

    Directory of Open Access Journals (Sweden)

    Sunil Karforma

    2012-01-01

    Full Text Available Nowadays different state governments and central governments have taken initiative to successfully implement E-Governance in various areas of services applying Information and Communication Technology (ICT to provide better transparency, accuracy & security of its services to the citizens. In September, 2005, Parliament of India has passed the Mahatma Gandhi National Rural Employment Guarantee Act (MGNREGA, to enhance livelihood security by giving at least 100 days of guaranteed wage employment in a financial year to every house-hold in rural India. E-Governance solutions helps to simplify complex manual activities and supports transparent wage payment through agencies like Bank and Post-Offices. In e-governance, information’s are exchanged between communicating parties via Internet and message may be changed, modified or destroyed by hackers during its transmission through Internet. So, information hiding is needed at the time of exchanging information via Internet. In this paper, we propose a tool, called Public-Key Watermarking algorithm, for integrity verification of Job-Card (JC issued to individual house-hold by state governments, so that the watermark is capable enough to detect any changes made to the Job-Card by malicious users and can also identify fraudulent wage payment.

  13. Multilayered security and privacy protection in Car-to-X networks solutions from application down to physical layer

    CERN Document Server

    Stübing, Hagen

    2013-01-01

    Car-to-X (C2X) communication in terms of Car-to-Car (C2C) and Car-to-Infrastructure (C2I) communication aims at increasing road safety and traffic efficiency by exchanging foresighted traffic information. Thereby, security and privacy are regarded as an absolute prerequisite for successfully establishing the C2X technology on the market. Towards the paramount objective of covering the entire ITS reference model with security and privacy measures, Hagen Stübing develops dedicated solutions for each layer, respectively. On application layer a security architecture in terms of a Public Key Infras

  14. Privacy by design in personal health monitoring.

    Science.gov (United States)

    Nordgren, Anders

    2015-06-01

    The concept of privacy by design is becoming increasingly popular among regulators of information and communications technologies. This paper aims at analysing and discussing the ethical implications of this concept for personal health monitoring. I assume a privacy theory of restricted access and limited control. On the basis of this theory, I suggest a version of the concept of privacy by design that constitutes a middle road between what I call broad privacy by design and narrow privacy by design. The key feature of this approach is that it attempts to balance automated privacy protection and autonomously chosen privacy protection in a way that is context-sensitive. In personal health monitoring, this approach implies that in some contexts like medication assistance and monitoring of specific health parameters one single automatic option is legitimate, while in some other contexts, for example monitoring in which relatives are receivers of health-relevant information rather than health care professionals, a multi-choice approach stressing autonomy is warranted.

  15. Self-Organized Public-Key Management for Mobile Ad Hoc Networks Based on a Bidirectional Trust Model

    Institute of Scientific and Technical Information of China (English)

    2006-01-01

    In traditional networks ,the authentication is performed by certificate authoritys(CA),which can't be built in distributed mobile Ad Hoc Networks however. In this paper, we propose a fully self-organized public key management based on bidirectional trust model without any centralized authority that allows users to generate their public-private key pairs, to issue certificates, and the trust relation spreads rationally according to the truly human relations. In contrast with the traditional self-organized public-key management, the average certificates paths get more short,the authentication passing rate gets more high and the most important is that the bidirectional trust based model satisfys the trust requirement of hosts better.

  16. New threats to health data privacy.

    Science.gov (United States)

    Li, Fengjun; Zou, Xukai; Liu, Peng; Chen, Jake Y

    2011-11-24

    Along with the rapid digitalization of health data (e.g. Electronic Health Records), there is an increasing concern on maintaining data privacy while garnering the benefits, especially when the data are required to be published for secondary use. Most of the current research on protecting health data privacy is centered around data de-identification and data anonymization, which removes the identifiable information from the published health data to prevent an adversary from reasoning about the privacy of the patients. However, published health data is not the only source that the adversaries can count on: with a large amount of information that people voluntarily share on the Web, sophisticated attacks that join disparate information pieces from multiple sources against health data privacy become practical. Limited efforts have been devoted to studying these attacks yet. We study how patient privacy could be compromised with the help of today's information technologies. In particular, we show that private healthcare information could be collected by aggregating and associating disparate pieces of information from multiple online data sources including online social networks, public records and search engine results. We demonstrate a real-world case study to show user identity and privacy are highly vulnerable to the attribution, inference and aggregation attacks. We also show that people are highly identifiable to adversaries even with inaccurate information pieces about the target, with real data analysis. We claim that too much information has been made available electronic and available online that people are very vulnerable without effective privacy protection.

  17. Kids Sell: Celebrity Kids’ Right to Privacy

    Directory of Open Access Journals (Sweden)

    Seong Choul Hong

    2016-04-01

    Full Text Available The lives of celebrities are often spotlighted in the media because of their newsworthiness; however, many celebrities argue that their right to privacy is often infringed upon. Concerns about celebrity privacy are not limited to the celebrities themselves and often expand to their children. As a result of their popularity, public interest has pushed paparazzi and journalists to pursue trivial and private details about the lives of both celebrities and their children. This paper investigates conflicting areas where the right to privacy and the right to know collide when dealing with the children of celebrities. In general, the courts have been unsympathetic to celebrity privacy claims, noting their newsworthiness and self-promoted characteristic. Unless the press violates news-gathering ethics or torts, the courts will often rule in favor of the media. However, the story becomes quite different when related to an infringement on the privacy of celebrities’ children. This paper argues that all children have a right to protect their privacy regardless of their parents’ social status. Children of celebrities should not be exempt to principles of privacy just because their parents are a celebrity. Furthermore, they should not be exposed by the media without the voluntary consent of their legal patrons. That is, the right of the media to publish and the newsworthiness of children of celebrities must be restrictedly acknowledged.

  18. Non-Interactive Differential Privacy: a Survey

    CERN Document Server

    Leoni, David

    2012-01-01

    OpenData movement around the globe is demanding more access to information which lies locked in public or private servers. As recently reported by a McKinsey publication, this data has significant economic value, yet its release has potential to blatantly conflict with people privacy. Recent UK government inquires have shown concern from various parties about publication of anonymized databases, as there is concrete possibility of user identification by means of linkage attacks. Differential privacy stands out as a model that provides strong formal guarantees about the anonymity of the participants in a sanitized database. Only recent results demonstrated its applicability on real-life datasets, though. This paper covers such breakthrough discoveries, by reviewing applications of differential privacy for non-interactive publication of anonymized real-life datasets. Theory, utility and a data-aware comparison are discussed on a variety of principles and concrete applications.

  19. 75 FR 63703 - Privacy Act of 1974; Privacy Act Regulation

    Science.gov (United States)

    2010-10-18

    ... CFR Part 261a Privacy Act of 1974; Privacy Act Regulation AGENCY: Board of Governors of the Federal...) is issuing a final rule to amend its regulation implementing the Privacy Act of 1974 (Privacy Act..., and applicants for Board employment, for access to their records under the Privacy Act; the amendment...

  20. Choose Privacy Week: Educate Your Students (and Yourself) about Privacy

    Science.gov (United States)

    Adams, Helen R.

    2016-01-01

    The purpose of "Choose Privacy Week" is to encourage a national conversation to raise awareness of the growing threats to personal privacy online and in day-to-day life. The 2016 Choose Privacy Week theme is "respecting individuals' privacy," with an emphasis on minors' privacy. A plethora of issues relating to minors' privacy…

  1. A Market Analysis of Publications, Trade Conferences, and Key Events for Fleet Readiness Center Southwest

    Science.gov (United States)

    2007-12-01

    Win and Keep Big Customers. Austin: Bard Press, 2005. Kotler , Philip and Kevin Lane Keller. Marketing Management. Upper Saddle River, NJ...stimulate awareness and demand with little or no cost. Kotler and Keller describe public relations and publicity as “a variety of programs designed to...broadcast media to promote something.”13 Kotler and Keller also argue that there is an appeal to the use of public relations and publicity that is based

  2. Key challenges of offshore wind power: Three essays addressing public acceptance, stakeholder conflict, and wildlife impacts

    Science.gov (United States)

    Bates, Alison Waterbury

    been proposed. The essay examines how the public considers the societal tradeoffs that are made to develop small-scale, in-view demonstration wind projects instead of larger facilities farther offshore. Results indicate that a strong majority of the public supports near-shore demonstration wind projects in both states. Primary reasons for support include benefits to wildlife, cost of electricity, and job creation, while the primary reasons for opposition include wildlife impacts, aesthetics, tourism, and user conflicts. These factors differ between coastal Delaware and greater Atlantic City and highlight the importance of local, community engagement in the early stages of development. The second essay examines the interaction of a new proposed use of the ocean---offshore wind---and a key existing ocean user group---commercial fishers. A key component of offshore wind planning includes consideration of existing uses of the marine environment in order to optimally site wind projects while minimizing conflicts. Commercial fisheries comprise an important stakeholder group, and may be one of the most impacted stakeholders from offshore renewable energy development. Concern of the fishing industry stems from possible interference with productive fishing grounds and access within wind developments resulting in costs from increased effort or reduction in catch. Success of offshore wind development may in part depend on the acceptance of commercial fishers, who are concerned about loss of access to fishing grounds. Using a quantitative, marine spatial planning approach in the siting of offshore wind projects with respect to commercial fishing in the mid-Atlantic, U.S., this essay develops a spatially explicit representation of potential conflicts and compatibilities between these two industries in the mid-Atlantic region of the United States. Areas that are highly valuable to the wind industry are determined through a spatial suitability model using variable cost per unit

  3. Privacy-Preserving Electrocardiogram Monitoring for Intelligent Arrhythmia Detection.

    Science.gov (United States)

    Son, Junggab; Park, Juyoung; Oh, Heekuck; Bhuiyan, Md Zakirul Alam; Hur, Junbeom; Kang, Kyungtae

    2017-06-12

    Long-term electrocardiogram (ECG) monitoring, as a representative application of cyber-physical systems, facilitates the early detection of arrhythmia. A considerable number of previous studies has explored monitoring techniques and the automated analysis of sensing data. However, ensuring patient privacy or confidentiality has not been a primary concern in ECG monitoring. First, we propose an intelligent heart monitoring system, which involves a patient-worn ECG sensor (e.g., a smartphone) and a remote monitoring station, as well as a decision support server that interconnects these components. The decision support server analyzes the heart activity, using the Pan-Tompkins algorithm to detect heartbeats and a decision tree to classify them. Our system protects sensing data and user privacy, which is an essential attribute of dependability, by adopting signal scrambling and anonymous identity schemes. We also employ a public key cryptosystem to enable secure communication between the entities. Simulations using data from the MIT-BIH arrhythmia database demonstrate that our system achieves a 95.74% success rate in heartbeat detection and almost a 96.63% accuracy in heartbeat classification, while successfully preserving privacy and securing communications among the involved entities.

  4. Privacy-Preserving Electrocardiogram Monitoring for Intelligent Arrhythmia Detection

    Directory of Open Access Journals (Sweden)

    Junggab Son

    2017-06-01

    Full Text Available Long-term electrocardiogram (ECG monitoring, as a representative application of cyber-physical systems, facilitates the early detection of arrhythmia. A considerable number of previous studies has explored monitoring techniques and the automated analysis of sensing data. However, ensuring patient privacy or confidentiality has not been a primary concern in ECG monitoring. First, we propose an intelligent heart monitoring system, which involves a patient-worn ECG sensor (e.g., a smartphone and a remote monitoring station, as well as a decision support server that interconnects these components. The decision support server analyzes the heart activity, using the Pan–Tompkins algorithm to detect heartbeats and a decision tree to classify them. Our system protects sensing data and user privacy, which is an essential attribute of dependability, by adopting signal scrambling and anonymous identity schemes. We also employ a public key cryptosystem to enable secure communication between the entities. Simulations using data from the MIT-BIH arrhythmia database demonstrate that our system achieves a 95.74% success rate in heartbeat detection and almost a 96.63% accuracy in heartbeat classification, while successfully preserving privacy and securing communications among the involved entities.

  5. Privacy Concerns and Online Behavior - Not so Paradoxical After All? : Viewing the Privacy Paradox through Different Theoretical Lenses

    OpenAIRE

    Lutz, Christoph; Strathoff, Pepe

    2013-01-01

    This contribution provides a new avenue to the privacy paradox - the divergence between attitudes and behavior when it comes to online privacy. Our approach rests on research in online trust and on the theory of public value as well as Tönnies' duality of "Gemeinschaft and Gesellschaft". We show with representative data from 2012 that the very providers of Internet and mobile services - web companies and telecommunication providers - enjoy very low levels of trust in terms of privacy protect...

  6. 76 FR 22615 - Privacy Act; Implementation

    Science.gov (United States)

    2011-04-22

    ... the Privacy Act. This will improve the efficiency and effectiveness of DoD's program by preserving the... requirements on the public under the Paperwork Reduction Act of 1995. Section 202, Public Law 104-4, ``Unfunded..., Stat. 1896 (5 U.S.C. 552a). 0 2. In Sec. 322.7, remove and reserve paragraph (l) and add paragraph (u...

  7. Participatory Privacy: Enabling Privacy in Participatory Sensing

    CERN Document Server

    De Cristofaro, Emiliano

    2012-01-01

    Participatory Sensing is an emerging computing paradigm that enables the distributed collection of data by self-selected participants. It allows the increasing number of mobile phone users to share local knowledge acquired by their sensor-equipped devices, e.g., to monitor temperature, pollution level or consumer pricing information. While research initiatives and prototypes proliferate, their real-world impact is often bounded to comprehensive user participation. If users have no incentive, or feel that their privacy might be endangered, it is likely that they will not participate. In this article, we focus on privacy protection in Participatory Sensing and introduce a suitable privacy-enhanced infrastructure. First, we provide a set of definitions of privacy requirements for both data producers (i.e., users providing sensed information) and consumers (i.e., applications accessing the data). Then, we propose an efficient solution designed for mobile phone users, which incurs very low overhead. Finally, we di...

  8. An Investigation of the National School Board Association Key Work Standards for Public Policy Leadership and School Board Chair Performance

    Science.gov (United States)

    Quarles, Roger C.

    2011-01-01

    This multiple case qualitative study addressed the National School Board Association's (NSBA) Key Work standards for public policy leadership by local school boards, and how three elite school board chairs understood and implemented those standards. Elite board chair status was defined by experience, training, and peer recognition. The study…

  9. An Investigation of the National School Board Association Key Work Standards for Public Policy Leadership and School Board Chair Performance

    Science.gov (United States)

    Quarles, Roger C.

    2011-01-01

    This multiple case qualitative study addressed the National School Board Association's (NSBA) Key Work standards for public policy leadership by local school boards, and how three elite school board chairs understood and implemented those standards. Elite board chair status was defined by experience, training, and peer recognition. The study…

  10. Public health ethics: key concepts and issues in policy and practice

    National Research Council Canada - National Science Library

    Dawson, Angus

    2011-01-01

    .... Topics covered include the nature of public health ethics, the concepts of disease and prevention, risk and precaution, health inequalities and justice, screening, vaccination and disease control...

  11. Key handling in wireless sensor networks

    Energy Technology Data Exchange (ETDEWEB)

    Li, Y; Newe, T [Optical Fibre Sensors Research Centre, Department of Electronic and Computer Engineering, University of Limerick, Limerick (Ireland)

    2007-07-15

    With the rapid growth of Wireless Sensor Networks (WSNs), many advanced application areas have received significant attention. However, security will be an important factor for their full adoption. Wireless sensor nodes pose unique challenges and as such traditional security protocols, used in traditional networks cannot be applied directly. Some new protocols have been published recently with the goal of providing both privacy of data and authentication of sensor nodes for WSNs. Such protocols can employ private-key and/or public key cryptographic algorithms. Public key algorithms hold the promise of simplifying the network infrastructure required to provide security services such as: privacy, authentication and non-repudiation, while symmetric algorithms require less processing power on the lower power wireless node. In this paper a selection of key establishment/agreement protocols are reviewed and they are broadly divided into two categories: group key agreement protocols and pair-wise key establishment protocols. A summary of the capabilities and security related services provided by each protocol is provided.

  12. On Differences between Chinese and Western Privacy Views

    Institute of Scientific and Technical Information of China (English)

    孙耕梅

    2015-01-01

    With the emergence of globalization and China hosting 2022 winter Olympics,cross-cultural communication is being eagerly required to strengthen.Further understanding of different privacy views between China and the west is key to consciousness of privacy protection and smooth intercultural communication.

  13. Privacy, Democracy and Surveillance

    OpenAIRE

    Lever, Annabelle

    2013-01-01

    How should we think about our claims to privacy and their relationship to security? Must we suppose that privacy should give way before the demands of security whenever the two cannot both be fully protected? This is the position presented by Sir David Omand on numerous occasions and, most recently, in his response to the revelations of Edward Snowden. However, this article shows, Omand's reasoning and conclusions are both problematic, as the protection of privacy is necessary to a democratic...

  14. Best practices for interacting with the public about wildland fire: Key findings from interviews

    Science.gov (United States)

    Daniel Berkman

    2012-01-01

    Interviews were conducted with public information and line officers about wildland fire communications with the public. The goal of these interviews was to determine the best practices and most useful content and format for an annotated bibliography about external wildland fire communications, i.e., does the current literature reviewed address the issues of greatest...

  15. Bidirectional private key exchange using delay-coupled semiconductor lasers.

    Science.gov (United States)

    Porte, Xavier; Soriano, Miguel C; Brunner, Daniel; Fischer, Ingo

    2016-06-15

    We experimentally demonstrate a key exchange cryptosystem based on the phenomenon of identical chaos synchronization. In our protocol, the private key is symmetrically generated by the two communicating partners. It is built up from the synchronized bits occurring between two current-modulated bidirectionally coupled semiconductor lasers with additional self-feedback. We analyze the security of the exchanged key and discuss the amplification of its privacy. We demonstrate private key generation rates up to 11  Mbit/s over a public channel.

  16. Privacy Training Program

    Science.gov (United States)

    Recognizing that training and awareness are critical to protecting agency Personally Identifiable Information (PII), the EPA is developing online training for privacy contacts in its programs and regions.

  17. Practical Privacy Assessment

    DEFF Research Database (Denmark)

    Peen, Søren; Jansen, Thejs Willem; Jensen, Christian D.

    2008-01-01

    This chapter proposes a privacy assessment model called the Operational Privacy Assessment Model that includes organizational, operational and technical factors for the protection of personal data stored in an IT system. The factors can be evaluated in a simple scale so that not only the resulting...... graphical depiction can be easily created for an IT system, but graphical comparisons across multiple IT systems are also possible. Examples of factors presented in a Kiviat graph are also presented. This assessment tool may be used to standardize privacy assessment criteria, making it less painful...... for the management to assess privacy risks on their systems....

  18. Practical Privacy Assessment

    DEFF Research Database (Denmark)

    Peen, Søren; Jansen, Thejs Willem; Jensen, Christian D.

    2008-01-01

    This chapter proposes a privacy assessment model called the Operational Privacy Assessment Model that includes organizational, operational and technical factors for the protection of personal data stored in an IT system. The factors can be evaluated in a simple scale so that not only the resulting...... graphical depiction can be easily created for an IT system, but graphical comparisons across multiple IT systems are also possible. Examples of factors presented in a Kiviat graph are also presented. This assessment tool may be used to standardize privacy assessment criteria, making it less painful...... for the management to assess privacy risks on their systems....

  19. Privacy in a cyber age policy and practice

    CERN Document Server

    Etzioni, Amitai

    2015-01-01

    This book lays out the foundation of a privacy doctrine suitable to the cyber age. It limits the volume, sensitivity, and secondary analysis that can be carried out. In studying these matters, the book examines the privacy issues raised by the NSA, publication of state secrets, and DNA usage.

  20. 32 CFR 806b.51 - Privacy and the Web.

    Science.gov (United States)

    2010-07-01

    ... 32 National Defense 6 2010-07-01 2010-07-01 false Privacy and the Web. 806b.51 Section 806b.51... PROGRAM Disclosing Records to Third Parties § 806b.51 Privacy and the Web. Do not post personal information on publicly accessible DoD web sites unless clearly authorized by law and implementing...

  1. Composition Attacks and Auxiliary Information in Data Privacy

    CERN Document Server

    Ganta, Srivatsava Ranjit; Smith, Adam

    2008-01-01

    Privacy is an increasingly important aspect of data publishing. Reasoning about privacy, however, is fraught with pitfalls. One of the most significant is the auxiliary information (also called external knowledge, background knowledge, or side information) that an adversary gleans from other channels such as the web, public records, or domain knowledge. This paper explores how one can reason about privacy in the face of rich, realistic sources of auxiliary information. Specifically, we investigate the effectiveness of current anonymization schemes in preserving privacy when multiple organizations independently release anonymized data about overlapping populations. 1. We investigate composition attacks, in which an adversary uses independent anonymized releases to breach privacy. We explain why recently proposed models of limited auxiliary information fail to capture composition attacks. Our experiments demonstrate that even a simple instance of a composition attack can breach privacy in practice, for a large ...

  2. Sharing Privacy Protected and Statistically Sound Clinical Research Data Using Outsourced Data Storage

    Directory of Open Access Journals (Sweden)

    Geontae Noh

    2014-01-01

    Full Text Available It is critical to scientific progress to share clinical research data stored in outsourced generally available cloud computing services. Researchers are able to obtain valuable information that they would not otherwise be able to access; however, privacy concerns arise when sharing clinical data in these outsourced publicly available data storage services. HIPAA requires researchers to deidentify private information when disclosing clinical data for research purposes and describes two available methods for doing so. Unfortunately, both techniques degrade statistical accuracy. Therefore, the need to protect privacy presents a significant problem for data sharing between hospitals and researchers. In this paper, we propose a controlled secure aggregation protocol to secure both privacy and accuracy when researchers outsource their clinical research data for sharing. Since clinical data must remain private beyond a patient’s lifetime, we take advantage of lattice-based homomorphic encryption to guarantee long-term security against quantum computing attacks. Using lattice-based homomorphic encryption, we design an aggregation protocol that aggregates outsourced ciphertexts under distinct public keys. It enables researchers to get aggregated results from outsourced ciphertexts of distinct researchers. To the best of our knowledge, our protocol is the first aggregation protocol which can aggregate ciphertexts which are encrypted with distinct public keys.

  3. Space Partitioning for Privacy Enabled 3D City Models

    Science.gov (United States)

    Filippovska, Y.; Wichmann, A.; Kada, M.

    2016-10-01

    Due to recent technological progress, data capturing and processing of highly detailed (3D) data has become extensive. And despite all prospects of potential uses, data that includes personal living spaces and public buildings can also be considered as a serious intrusion into people's privacy and a threat to security. It becomes especially critical if data is visible by the general public. Thus, a compromise is needed between open access to data and privacy requirements which can be very different for each application. As privacy is a complex and versatile topic, the focus of this work particularly lies on the visualization of 3D urban data sets. For the purpose of privacy enabled visualizations of 3D city models, we propose to partition the (living) spaces into privacy regions, each featuring its own level of anonymity. Within each region, the depicted 2D and 3D geometry and imagery is anonymized with cartographic generalization techniques. The underlying spatial partitioning is realized as a 2D map generated as a straight skeleton of the open space between buildings. The resulting privacy cells are then merged according to the privacy requirements associated with each building to form larger regions, their borderlines smoothed, and transition zones established between privacy regions to have a harmonious visual appearance. It is exemplarily demonstrated how the proposed method generates privacy enabled 3D city models.

  4. Should There Be an Expectation of Privacy in the Library? Online Treasures

    Science.gov (United States)

    Balas, Janet L.

    2005-01-01

    Although some people feel that there should be no expectation of privacy in a library because it is a public place, the debate on the library's obligation to protect patron privacy continues. Despite the media attention given to some notorious breaches of privacy (for example, the hacking of Paris Hilton's electronic address book), and the…

  5. Privacy in Educational Use of Social Media in the U.S.

    Science.gov (United States)

    Marek, Michael W.; Skrabut, Stan

    2017-01-01

    Few scholarly publications have addressed in detail the question of student privacy when using social media for classroom educational activities. This study combined qualitative and conceptual methodologies to explore the implications of privacy law on learning activities, using the strict Family Educational Rights Privacy Act (FERPA) in the…

  6. Development and Analyses of Privacy Management Models in Online Social Networks Based on Communication Privacy Management Theory

    Science.gov (United States)

    Lee, Ki Jung

    2013-01-01

    Online social networks (OSNs), while serving as an emerging means of communication, promote various issues of privacy. Users of OSNs encounter diverse occasions that lead to invasion of their privacy, e.g., published conversation, public revelation of their personally identifiable information, and open boundary of distinct social groups within…

  7. Development and Analyses of Privacy Management Models in Online Social Networks Based on Communication Privacy Management Theory

    Science.gov (United States)

    Lee, Ki Jung

    2013-01-01

    Online social networks (OSNs), while serving as an emerging means of communication, promote various issues of privacy. Users of OSNs encounter diverse occasions that lead to invasion of their privacy, e.g., published conversation, public revelation of their personally identifiable information, and open boundary of distinct social groups within…

  8. Key issues of public relations of Europe: Findings from the European Communication Monitor 2007-2014

    Directory of Open Access Journals (Sweden)

    Dejan Vercic

    2014-10-01

    Full Text Available European Communication Monitor is the largest longitudinal research project in public relations practice in the world. Data collected annually from 2007 to 2014 show that practitioners perceive five issues as the most important for their work: linking business strategy and communication, coping with the digital evolution and social web, building and maintaining trust, dealing with the demand for more transparency and active audiences, and dealing with the speed and volume of information flow. Perception of the importance of various issues for the practice of public relations is largely dependent on the gender, geography (division between Northern and Western vs. Southern and Eastern Europe, and sector in which a practitioner works (corporate, government, NGO or agency. While gender and sectorial differences studied in academic public relations literature, divisions in public relations practice between North-Western and South-Eastern Europe are largely ignored.

  9. Trust and Privacy in Our Networked World

    Directory of Open Access Journals (Sweden)

    Herman T. Tavani

    2011-10-01

    Full Text Available Remarking on the relationship between the concepts of trust and privacy, Charles Fried (1990, p. 56 [1] writes: Trust is the attitude of expectation that another will behave according to the constraints of morality… There can be no trust where there is no possibility of error. More specifically, man cannot know that he is trusted unless he has the right to act without constant surveillance so that he knows he can betray the trust. Privacy confers that essential right… Without privacy and the possibility of error which it protects that aspect of his humanity is denied to him. The important relationship between trust and privacy that Fried describes is often overlooked in the contemporary literature on privacy, as well in the recent publications that focus on trust and trust-related topics. The six essays included in this special issue of Information, however, give us some additional insights into certain conceptual and practical connections involving the notions of trust and privacy. In this respect, the contributing authors expand upon the insight in Fried’s classic work on the interconnection between the two concepts.[...

  10. Privacy in Online Social Networking Sites

    Directory of Open Access Journals (Sweden)

    M.Ida Evones

    2015-11-01

    Full Text Available There are more than 192 act ive social networking websites. Bringing every kind of social group together in one place and letting them interact is really a big thing indeed .Huge amount of information process in the sites each day, end up making it vulnerable to attack. There is no systematic framework taking into account the importance of privacy. Increased privacy settings don’t always guarantee privacy when there is a loop hole in the applications. Lack of user education results is over sharing. Privacy settings to limit access to some data are available, but these settings are never the default. Only a tiny minority make use of these. Online social network does not provide any demarcation line between private and public information. The personal informat ion shared in online social networks can harm the user in often unexpected ways. Private data is available in plenty. The major privacy problems are due to complicated privacy model, implementation errors and economic pressure. Until recently, not much work was done in this area. The recent papers, which I have collected is a Testimony to state that lot of work needs to be done in this area.

  11. Building Interdisciplinary Research Capacity: a Key Challenge for Ecological Approaches in Public Health

    Directory of Open Access Journals (Sweden)

    Lindsay P. Galway

    2016-06-01

    Full Text Available The shortcomings of public health research informed by reductionist and fragmented biomedical approaches and the emergence of wicked problems are fueling a renewed interest in ecological approaches in public health. Despite the central role of interdisciplinarity in the context of ecological approaches in public health research, inadequate attention has been given to the specific challenge of doing interdisciplinary research in practice. As a result, important knowledge gaps exist with regards to the practice of interdisciplinary research. We argue that explicit attention towards the challenge of doing interdisciplinary research is critical in order to effectively apply ecological approaches to public health issues. This paper draws on our experiences developing and conducting an interdisciplinary research project exploring the links among climate change, water, and health to highlight five specific insights which we see as relevant to building capacity for interdisciplinary research specifically, and which have particular relevance to addressing the integrative challenges demanded by ecological approaches to address public health issues. These lessons include: (i the need for frameworks that facilitate integration; (ii emphasize learning-by-doing; (iii the benefits of examining issues at multiple scales; (iv make the implicit, explicit; and (v the need for reflective practice. By synthesizing and sharing experiences gained by engaging in interdisciplinary inquiries using an ecological approach, this paper responds to a growing need to build interdisciplinary research capacity as a means for advancing the ecological public health agenda more broadly.

  12. Civic participation and public spaces: a key factor for sustainable tourism in historic cities

    Directory of Open Access Journals (Sweden)

    Martin van der Zwan

    2016-06-01

    Full Text Available Attractive public spaces are crucial for tourism. After all, most tourists that visit a city, experience it by foot and increasingly by bicycle. Public spaces have to meet a few minimum requirements. If not, tourists will feel uncomfortable. For instance; a lot of rubbish and graffiti, worn out and damaged street furniture can cause a feeling of unsafety. Attractive public spaces are the ones that invite tourists to stay a bit longer than strictly necessary and sit down and relax. Some of these spaces are quit and green, others more vibrant, well dimensioned and furbished. In this paper I describe a method for defining and measuring the quality of public space and also for predicting the conclusion tourists may draw based on this; “will I revisit this place or not ?” In some cities inhabitants, local shop owners and local institutions voluntarily take the initiative to upgrade the quality of public spaces or even act as ‘city hosts’ to welcome visitors. These kinds of civic participation help to provide the unique experience many tourists are looking for.

  13. Information Privacy Revealed

    Science.gov (United States)

    Lavagnino, Merri Beth

    2013-01-01

    Why is Information Privacy the focus of the January-February 2013 issue of "EDUCAUSE Review" and "EDUCAUSE Review Online"? Results from the 2012 annual survey of the International Association of Privacy Professionals (IAPP) indicate that "meeting regulatory compliance requirements continues to be the top perceived driver…

  14. Privacy for Sale?

    DEFF Research Database (Denmark)

    Sørensen, Lene Tolstrup; Sørensen, Jannick Kirk; Khajuria, Samant

    conditions, and those who reject the idea completely. Based on the literature we identify two positions to privacy either as an instrumental good, or as an intrinsic good. The paper positions vari- ous user perceptions on privacy that are relevant for future service develop- ment....

  15. Information Privacy Revealed

    Science.gov (United States)

    Lavagnino, Merri Beth

    2013-01-01

    Why is Information Privacy the focus of the January-February 2013 issue of "EDUCAUSE Review" and "EDUCAUSE Review Online"? Results from the 2012 annual survey of the International Association of Privacy Professionals (IAPP) indicate that "meeting regulatory compliance requirements continues to be the top perceived driver…

  16. Privacy Metrics and Boundaries

    NARCIS (Netherlands)

    L-F. Pau (Louis-François)

    2005-01-01

    textabstractThis paper aims at defining a set of privacy metrics (quantitative and qualitative) in the case of the relation between a privacy protector ,and an information gatherer .The aims with such metrics are: -to allow to assess and compare different user scenarios and their differences; for ex

  17. 75 FR 63524 - Computer Matching and Privacy Protection Act of 1988; Report of Matching Program: RRB and State...

    Science.gov (United States)

    2010-10-15

    ... Computer Matching and Privacy Protection Act of 1988; Report of Matching Program: RRB and State Medicare... required by the Computer Matching and Privacy Protection Act of ] 1988, the RRB is issuing a public notice... Matching and Privacy Protection Act of 1988, Public Law 100-503, requires a Federal agency participating...

  18. Finding your voice: key elements to consider when writing for publication.

    Science.gov (United States)

    Wollin, Judy Ann; Fairweather, Carrie Therese

    The dissemination of nursing knowledge rests on optimizing the accessibility of such knowledge among nurses and all other healthcare professionals. Nursing publications of all types, including research, case studies, reports, literature reviews, clinical audits, reflections on practice and letters to the editor, are important mechanisms for sharing knowledge and experience. Nurses need to publish their knowledge and experiences to inform and reflect on nursing practice. Barriers to writing for publication include inexperience and lack of know how. This article provides guidance for the novice writer.

  19. Identity And Privacy Services

    Directory of Open Access Journals (Sweden)

    Harry Katzan, Jr.

    2010-12-01

    Full Text Available Personal identity and privacy are important topics in information systems in general and data analytics in particular.  Normally associated with digital security, the scope of identity and privacy is much greater and affects most aspects of everyday life.  Related subjects are behavioral tracking, personal-identifiable information (PII, privacy data relevance, data repurposing, identity theft, and homeland security.  Identity and Privacy Services is an admixture of the major issues in the area of personal identity and privacy and the security of individual rights in a complex societal environment.  This is a general paper on this important subject, intended to give exposure to the constituent topics.

  20. Public Key Infrastructure (PKI) And Virtual Private Network (VPN) Compared Using An Utility Function And The Analytic Hierarchy Process (AHP)

    OpenAIRE

    Wagner, Edward Dishman

    2002-01-01

    This paper compares two technologies, Public Key Infrastructure (PKI) and Virtual Private Network (VPN). PKI and VPN are two approaches currently in use to resolve the problem of securing data in computer networks. Making this comparison difficult is the lack of available data. Additionally, an organization will make their decision based on circumstances unique to their information security needs. Therefore, this paper will illustrate a method using a utility function and the Analytic Hie...

  1. Privacy under construction : A developmental perspective on privacy perception

    NARCIS (Netherlands)

    Steijn, W.M.P.; Vedder, A.H.

    2015-01-01

    We present a developmental perspective regarding the difference in perceptions toward privacy between young and old. Here, we introduce the notion of privacy conceptions, that is, the specific ideas that individuals have regarding what privacy actually is. The differences in privacy concerns often f

  2. Interviewing Key Informants: Strategic Planning for a Global Public Health Management Program

    Science.gov (United States)

    Kun, Karen E.; Kassim, Anisa; Howze, Elizabeth; MacDonald, Goldie

    2013-01-01

    The Centers for Disease Control and Prevention's Sustainable Management Development Program (SMDP) partners with low- and middle-resource countries to develop management capacity so that effective global public health programs can be implemented and better health outcomes can be achieved. The program's impact however, was variable. Hence, there…

  3. Key issues of public relations of Europe: findings from the European Communication Monitor 2007-2014

    NARCIS (Netherlands)

    Verčič, D.; Verhoeven, P.; Zerfass, A.

    2014-01-01

    European Communication Monitor is the largest longitudinal research project in public relations practice in the world. Data collected annually from 2007 to 2014 show that practitioners perceive five issues as the most important for their work: linking business strategy and communication, coping with

  4. Key issues of public relations of Europe: findings from the European Communication Monitor 2007-2014

    NARCIS (Netherlands)

    Verčič, D.; Verhoeven, P.; Zerfass, A.

    2014-01-01

    European Communication Monitor is the largest longitudinal research project in public relations practice in the world. Data collected annually from 2007 to 2014 show that practitioners perceive five issues as the most important for their work: linking business strategy and communication, coping with

  5. The REESSE2+ Public-key Encryption Scheme - Another Application of the Lever Function and its Connotation

    CERN Document Server

    Su, Shenghui; Hu, Jun

    2008-01-01

    This paper gives the definitions of a nonnormal super-increasing sequence and a nonnormal subset sum separately, proves the two properties of a nonnormal super-increasing sequence, and proposes the REESSE2+ public-key encryption scheme which includes the three algorithms for key generation, encryption and decryption. The paper discusses the necessity and sufficiency of the lever function for preventing the Shamir extremum attack, analyzes the security of REESSE2+ against extracting a private key from a public key through the exhaustive search, recovering a plaintext from a ciphertext plus a knapsack of high density through the LLL lattice basis reduction method, and heuristically obtaining a plaintext through the meet-in-the-middle attack or the adaptive-chosen-ciphertext attack. The authors evaluate the time complexity of the REESSE2+ algorithms, compare REESSE2+ with ECC and NTRU, and find that the encryption speed of REESSE2+ is ten thousand times faster than ECC and NTRU bearing the matchable security, an...

  6. Privacy Preserving Facial and Fingerprint Multi-biometric Authentication

    Science.gov (United States)

    Anzaku, Esla Timothy; Sohn, Hosik; Ro, Yong Man

    The cases of identity theft can be mitigated by the adoption of secure authentication methods. Biohashing and its variants, which utilizes secret keys and biometrics, are promising methods for secure authentication; however, their shortcoming is the degraded performance under the assumption that secret keys are compromised. In this paper, we extend the concept of Biohashing to multi-biometrics - facial and fingerprint traits. We chose these traits because they are widely used, howbeit, little research attention has been given to designing privacy preserving multi-biometric systems using them. Instead of just using a single modality (facial or fingerprint), we presented a framework for using both modalities. The improved performance of the proposed method, using face and fingerprint, as against either facial or fingerprint trait used in isolation is evaluated using two chimerical bimodal databases formed from publicly available facial and fingerprint databases.

  7. 77 FR 15585 - Privacy Act; Implementation

    Science.gov (United States)

    2012-03-16

    ... the ] objectivity or fairness of the test if the correct or incorrect answers are released. DATES... answer keys should be at the discretion of the test taker, i.e., U.S. citizens.'' The Privacy Act exemption rule addresses an individual's answers to the Armed Services Vocational Aptitude Battery...

  8. Public-private relationships in biobanking: a still underestimated key component of open innovation.

    Science.gov (United States)

    Hofman, Paul; Bréchot, Christian; Zatloukal, Kurt; Dagher, Georges; Clément, Bruno

    2014-01-01

    Access to human bioresources is essential to the understanding of human diseases and to the discovery of new biomarkers aimed at improving the diagnosis, prognosis, and the predictive response of patients to treatments. The use of biospecimens is strictly controlled by ethical assessment, which complies with the laws of the country. These laws regulate the partnerships between the biobanks and industrial actors. However, private-public partnerships (PPP) can be limiting for several reasons, which can hamper the discovery of new biological tests and new active molecules targeted to human diseases. The bottlenecks and roadblocks in establishing these partnerships include: poor organization of the biobank in setting up PPP, evaluation of the cost of human samples, the absence of experience on the public side in setting up contracts with industry, and the fact that public and private partners may not share the same objectives. However, it is critical, in particular for academic biobanks, to establish strong PPP to accelerate translational research for the benefits of patients, and to allow the sustainability of the biobank. The purpose of this review is to discuss the main bottlenecks and roadblocks that can hamper the establishment of PPP based on solid and trusting relationships.

  9. Protecting privacy in data release

    CERN Document Server

    Livraga, Giovanni

    2015-01-01

    This book presents a comprehensive approach to protecting sensitive information when large data collections are released by their owners. It addresses three key requirements of data privacy: the protection of data explicitly released, the protection of information not explicitly released but potentially vulnerable due to a release of other data, and the enforcement of owner-defined access restrictions to the released data. It is also the first book with a complete examination of how to enforce dynamic read and write access authorizations on released data, applicable to the emerging data outsou

  10. Privacy and Security in Mobile Health: A Research Agenda.

    Science.gov (United States)

    Kotz, David; Gunter, Carl A; Kumar, Santosh; Weiner, Jonathan P

    2016-06-01

    Mobile health technology has great potential to increase healthcare quality, expand access to services, reduce costs, and improve personal wellness and public health. However, mHealth also raises significant privacy and security challenges.

  11. Randomization Based Privacy Preserving Categorical Data Analysis

    Science.gov (United States)

    Guo, Ling

    2010-01-01

    The success of data mining relies on the availability of high quality data. To ensure quality data mining, effective information sharing between organizations becomes a vital requirement in today's society. Since data mining often involves sensitive information of individuals, the public has expressed a deep concern about their privacy.…

  12. Randomization Based Privacy Preserving Categorical Data Analysis

    Science.gov (United States)

    Guo, Ling

    2010-01-01

    The success of data mining relies on the availability of high quality data. To ensure quality data mining, effective information sharing between organizations becomes a vital requirement in today's society. Since data mining often involves sensitive information of individuals, the public has expressed a deep concern about their privacy.…

  13. Web Security, Privacy & Commerce

    CERN Document Server

    Garfinkel, Simson

    2011-01-01

    Since the first edition of this classic reference was published, World Wide Web use has exploded and e-commerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacy--from credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites. Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Exp

  14. Privacy in Social Networks

    CERN Document Server

    Zheleva, Elena

    2012-01-01

    This synthesis lecture provides a survey of work on privacy in online social networks (OSNs). This work encompasses concerns of users as well as service providers and third parties. Our goal is to approach such concerns from a computer-science perspective, and building upon existing work on privacy, security, statistical modeling and databases to provide an overview of the technical and algorithmic issues related to privacy in OSNs. We start our survey by introducing a simple OSN data model and describe common statistical-inference techniques that can be used to infer potentially sensitive inf

  15. A Certificate Authority (CA-based cryptographic solution for HIPAA privacy/security regulations

    Directory of Open Access Journals (Sweden)

    Sangram Ray

    2014-07-01

    Full Text Available The Health Insurance Portability and Accountability Act (HIPAA passed by the US Congress establishes a number of privacy/security regulations for e-healthcare systems. These regulations support patients’ medical privacy and secure exchange of PHI (protected health information among medical practitioners. Three existing HIPAA-based schemes have been studied but appear to be ineffective as patients’ PHI is stored in smartcards. Moreover, carrying a smartcard during a treatment session and accessing PHI from different locations results in restrictions. In addition, authentication of the smartcard presenter would not be possible if the PIN is compromised. In this context, we propose an MCS (medical center server should be located at each hospital and accessed via the Internet for secure handling of patients’ PHI. All entities of the proposed e-health system register online with the MCS, and each entity negotiates a contributory registration key, where public-key certificates issued and maintained by CAs are used for authentication. Prior to a treatment session, a doctor negotiates a secret session key with MCS and uploads/retrieves patients’ PHI securely. The proposed scheme has five phases, which have been implemented in a secure manner for supporting HIPAA privacy/security regulations. Finally, the security aspects, computation and communication costs of the scheme are analyzed and compared with existing methods that display satisfactory performance.

  16. Why sustainable population growth is a key to climate change and public health equity.

    Science.gov (United States)

    Howat, Peter; Stoneham, Melissa

    2011-12-01

    Australia's population could reach 42 million by 2050. This rapid population growth, if unabated, will have significant social, public health and environmental implications. On the one hand, it is a major driver of climate change and environmental degradation; on the other it is likely to be a major contributor to growing social and health issues including a decline in quality of life for many residents. Disadvantaged and vulnerable groups will be most affected. The environmental, social and health-related issues include: pressure on the limited arable land in Australia; increased volumes of industrial and domestic waste; inadequate essential services; traffic congestion; lack of affordable housing; declining mental health; increased obesity problems; and inadequate aged care services. Many of these factors are related to the aggravation of climate change and health inequities. It is critical that the Australian Government develops a sustainable population plan with stabilisation of population growth as an option. The plan needs to ensure adequate hospitals and healthcare services, education facilities, road infrastructure, sustainable transport options, water quality and quantity, utilities and other amenities that are already severely overburdened in Australian cities. There is a need for a guarantee that affordable housing will be available and priority be given to training young people and Indigenous people for employment. This paper presents evidence to support the need for the stabilisation of population growth as one of the most significant measures to control climate change as well as to improve public health equity.

  17. Privacy Protection in Cloud Using Rsa Algorithm

    Directory of Open Access Journals (Sweden)

    Amandeep Kaur

    2014-05-01

    Full Text Available The cloud computing architecture has been on high demand nowadays. The cloud has been successful over grid and distributed environment due to its cost and high reliability along with high security. However in the area of research it is observed that cloud computing still has some issues in security regarding privacy. The cloud broker provide services of cloud to general public and ensures that data is protected however they sometimes lag security and privacy. Thus in this work of research an architecture is developed to preserve the security in two phases that is by RSA algorithm and auto-backup policy. Keywords:-

  18. Privacy in the Internet: Myth or reality

    Directory of Open Access Journals (Sweden)

    Mikarić Bratislav

    2016-01-01

    Full Text Available The present time, unthinkable without using Internet - from e-mail, through social networks, cloud services, GPS, to YouTube and mobile computing in business, as well as on a private level, poses a question: Is there a way to protect data and their privacy on the Internet? What are the ways to control what personal information we will publicly share with others and is there a safe way to protect privacy on the world's global computer network? The paper gives an overview of the situation in the field, as well as tips for achieving the desired level of data protection.

  19. Governing the internet in the privacy arena

    Directory of Open Access Journals (Sweden)

    Carsten Ochs

    2016-09-01

    Full Text Available The surveillance disclosures triggered by Snowden have fueled the public re-negotiation of privacy. To follow resulting controversies we present a methodology that links social worlds theory to approaches asking for the democratic governance character of issue-centred arenas. After having outlined this approach it is put to the test. We analyse and compare two cases: the Schengen/National Routing, and the Parliamentary Committee investigating the NSA surveillance disclosures. The analysis reveals two oscillating governance modes at work in the privacy arena; their interplay results in an obstruction. Based on this observation we finally provide a diagnosis of possible future arena trajectories.

  20. [Key measures for developing palliative care from a public health perspective. Initial results from a three-round Delphi study].

    Science.gov (United States)

    Behmann, M; Jünger, S; Radbruch, L; Schneider, N

    2011-05-01

    Recently, six key targets for public health initiatives to improve palliative care in Germany were defined. This article reports the initial results of a follow-up study aiming at developing concrete measures to achieve these targets. We carried out a three-round Delphi study with stakeholders acting on the meso- and macro-levels of the German healthcare system (e.g., representatives of patient organizations, health insurance funds, politics, medical and nursing associations). In the first Delphi round, participants proposed measures to achieve the six key targets using free-text answers. The answers were analyzed with a qualitative-descriptive approach. In total, 107 stakeholders responded to the first Delphi round. After data reduction, 37 measures were extracted and grouped into six major categories: family carers, qualification, quality, public relations, services, and coordination. The range of measures on the different levels of policy, health care, and education presents a substantiated basis for the elaboration of targeted public health action plans to improve palliative care. Prioritization of measures in the second and third Delphi rounds will provide empirical support for decision making.

  1. Public Policies for ICT Update In Business: Some Key Indicators for Spain in the European Area

    Directory of Open Access Journals (Sweden)

    José Luis Vázquez

    2013-08-01

    Full Text Available Purpose—Based on the new face of business in the twenty first century, this general review is aimed at analyzing the use of information and communication technologies (ICT as social technologies by Spanish enterprises in the European context, as a result of recent policy frameworks set at communitarian and national levels.Design/methodology/approach—The paper reviews the guidelines marked by European common policies with regards to ICT update in business, just as the translation of such standards in the Spanish area. From this framework, implications of ICT adoption in the social relationships with consumers, employees, business partners and public authorities are analyzed by providing some figures in the Spanish context in comparison with the European average.Findings—The analysis supports a positive effect of national policies on Spanish enterprises’ use of social technologies in the interactions with their internal and external stakeholders, while some differences can be reported attending size and sector criteria. In this respect, ICT penetration seems to be widespread in Spanish enterprises longer than ten employees, specially within informatics, telecommunications and audiovisuals, whereas automation of interactions is moderated in micro-enterprises in the manufacture, building, retailing, and transportation sectors.Research limitations/implications—The paper offers a general overview of the use of ICT as social technologies in Spanish enterprises based on public reports. However, further research should be oriented to analyze more in deep the impact of public policies on ICT adoption and usage in business, by explaining their determining factors and comparing different clusters of counties and major regions of the world.Practical implications—The analysis reported point to the need of reinforcing the Spanish positioning in the ICT European sector in the long term. In this sense, future policy measures should be devoted to

  2. Public Policies for ICT Update In Business: Some Key Indicators for Spain in the European Area

    Directory of Open Access Journals (Sweden)

    Ana Lanero

    2011-08-01

    Full Text Available Purpose—Based on the new face of business in the twenty first century, this general review is aimed at analyzing the use of information and communication technologies (ICT as social technologies by Spanish enterprises in the European context, as a result of recent policy frameworks set at communitarian and national levels. Design/methodology/approach—The paper reviews the guidelines marked by European common policies with regards to ICT update in business, just as the translation of such standards in the Spanish area. From this framework, implications of ICT adoption in the social relationships with consumers, employees, business partners and public authorities are analyzed by providing some figures in the Spanish context in comparison with the European average.Findings—The analysis supports a positive effect of national policies on Spanish enterprises’ use of social technologies in the interactions with their internal and external stakeholders, while some differences can be reported attending size and sector criteria. In this respect, ICT penetration seems to be widespread in Spanish enterprises longer than ten employees, specially within informatics, telecommunications and audiovisuals, whereas automation of interactions is moderated in micro-enterprises in the manufacture, building, retailing, and transportation sectors.Research limitations/implications—The paper offers a general overview of the use of ICT as social technologies in Spanish enterprises based on public reports. However, further research should be oriented to analyze more in deep the impact of public policies on ICT adoption and usage in business, by explaining their determining factors and comparing different clusters of counties and major regions of the world.Practical implications—The analysis reported point to the need of reinforcing the Spanish positioning in the ICT European sector in the long term. In this sense, future policy measures should be devoted to

  3. Patient privacy in the genomic era.

    Science.gov (United States)

    Raisaro, Jean Louis; Ayday, Erman; Hubaux, Jean-Pierre

    2014-05-07

    According to many scientists and clinicians, genomics is taking on a key role in the field of medicine. Impressive advances in genome sequencing have opened the way to a variety of revolutionary applications in modern healthcare. In particular, the increasing understanding of the human genome, and of its relation to diseases and response to treatments brings promise of improvements in better preventive and personalized medicine. However, this progress raises important privacy and ethical concerns that need to be addressed. Indeed, each genome is the ultimate identifier of its owner and, due to its nature, it contains highly personal and privacy-sensitive data. In this article, after summarizing recent advances in genomics, we discuss some important privacy issues associated with human genomic information and methods put in place to address them.

  4. Valuating Privacy with Option Pricing Theory

    Science.gov (United States)

    Berthold, Stefan; Böhme, Rainer

    One of the key challenges in the information society is responsible handling of personal data. An often-cited reason why people fail to make rational decisions regarding their own informational privacy is the high uncertainty about future consequences of information disclosures today. This chapter builds an analogy to financial options and draws on principles of option pricing to account for this uncertainty in the valuation of privacy. For this purpose, the development of a data subject's personal attributes over time and the development of the attribute distribution in the population are modeled as two stochastic processes, which fit into the Binomial Option Pricing Model (BOPM). Possible applications of such valuation methods to guide decision support in future privacy-enhancing technologies (PETs) are sketched.

  5. Effective Privacy-Preserving Online Route Planning

    DEFF Research Database (Denmark)

    Vicente, Carmen Ruiz; Assent, Ira; Jensen, Christian S.

    2011-01-01

    An online Route Planning Service (RPS) computes a route from one location to another. Current RPSs such as Google Maps require the use of precise locations. However, some users may not want to disclose their source and destination locations due to privacy concerns. An approach that supplies fake...... privacy. The solution re-uses a standard online RPS rather than replicate this functionality, and it needs no trusted third party. The solution is able to compute the exact results without leaking of the exact locations to the RPS or un-trusted parties. In addition, we provide heuristics that reduce...... the number of times that the RPS needs to be queried, and we also describe how the accuracy and privacy requirements can be relaxed to achieve better performance. An empirical study offers insight into key properties of the approach....

  6. Scalable privacy-preserving data sharing methodology for genome-wide association studies: an application to iDASH healthcare privacy protection challenge.

    Science.gov (United States)

    Yu, Fei; Ji, Zhanglong

    2014-01-01

    In response to the growing interest in genome-wide association study (GWAS) data privacy, the Integrating Data for Analysis, Anonymization and SHaring (iDASH) center organized the iDASH Healthcare Privacy Protection Challenge, with the aim of investigating the effectiveness of applying privacy-preserving methodologies to human genetic data. This paper is based on a submission to the iDASH Healthcare Privacy Protection Challenge. We apply privacy-preserving methods that are adapted from Uhler et al. 2013 and Yu et al. 2014 to the challenge's data and analyze the data utility after the data are perturbed by the privacy-preserving methods. Major contributions of this paper include new interpretation of the χ2 statistic in a GWAS setting and new results about the Hamming distance score, a key component for one of the privacy-preserving methods.

  7. National Privacy Research Strategy

    Data.gov (United States)

    Networking and Information Technology Research and Development, Executive Office of the President — On July 1, NITRD released the National Privacy Research Strategy. Research agencies across government participated in the development of the strategy, reviewing...

  8. Privacy for Sale?

    DEFF Research Database (Denmark)

    Sørensen, Lene Tolstrup; Sørensen, Jannick Kirk; Khajuria, Samant

    Data brokers have become central players in the collection online of private user data. Data brokers’ activities are however not very transparent or even known by users. Many users regard privacy a central element when they use online services. Based on 12 short interviews with users, this paper...... analyses how users perceive the concept of online privacy in respect to data brokers col- lection of private data, and particularly novel services that offer users the possi- bility to sell their private data. Two groups of users are identified: Those who are considering selling their data under specific...... conditions, and those who reject the idea completely. Based on the literature we identify two positions to privacy either as an instrumental good, or as an intrinsic good. The paper positions vari- ous user perceptions on privacy that are relevant for future service develop- ment....

  9. EGRP Privacy Policy & Disclaimers

    Science.gov (United States)

    The Epidemiology and Genomics Research Program complies with requirements for privacy and security established by the Office of Management and Budget, Department of Health and Human Services, the National Institutes of Health, and the National Cancer Institute.

  10. Legal Protections for Privacy

    Science.gov (United States)

    Leslie, David W.

    1977-01-01

    Individual interest in privacy is a multiple legal issue, roughly divided into four parts according to different types of law: constitutional, statutory, administrative, and common law. Policy implications of this issue for institutions are discussed. (Editor/LBH)

  11. EGRP Privacy Policy & Disclaimers

    Science.gov (United States)

    The Epidemiology and Genomics Research Program complies with requirements for privacy and security established by the Office of Management and Budget, Department of Health and Human Services, the National Institutes of Health, and the National Cancer Institute.

  12. Privacy policies for health social networking sites.

    Science.gov (United States)

    Li, Jingquan

    2013-01-01

    Health social networking sites (HSNS), virtual communities where users connect with each other around common problems and share relevant health data, have been increasingly adopted by medical professionals and patients. The growing use of HSNS like Sermo and PatientsLikeMe has prompted public concerns about the risks that such online data-sharing platforms pose to the privacy and security of personal health data. This paper articulates a set of privacy risks introduced by social networking in health care and presents a practical example that demonstrates how the risks might be intrinsic to some HSNS. The aim of this study is to identify and sketch the policy implications of using HSNS and how policy makers and stakeholders should elaborate upon them to protect the privacy of online health data.

  13. BIG DATA SECURITY AND PRIVACY ISSUES IN THE CLOUD

    Directory of Open Access Journals (Sweden)

    Ali Gholami

    2016-01-01

    Full Text Available Many organizations demand efficient solutions to store and analyze huge amount of information. Cloud computing as an enabler provides scalable resources and significant economic benefits in the form of reduced operational costs. This paradigm raises a broad range of security and privacy issues that must be taken into consideration. Multi-tenancy, loss of control, and trust are key challenges in cloud computing environments. This paper reviews the existing technologies and a wide array of both earlier and state-ofthe-art projects on cloud security and privacy. We categorize the existing research according to the cloud reference architecture orchestration, resource control, physical resource, and cloud service management layers, in addition to reviewing the recent developments for enhancing the Apache Hadoop security as one of the most deployed big data infrastructures. We also outline the frontier research on privacy-preserving data-intensive applications in cloud computing such as privacy threat modeling and privacy enhancing solutions.

  14. On the Ergodic Secret-Key Agreement over Spatially Correlated Multiple-Antenna Channels with Public Discussion

    KAUST Repository

    Zorgui, Marwen

    2015-09-28

    We consider secret-key agreement with public discussion over multiple-input multiple-output (MIMO) Rayleigh fast-fading channels under correlated environment. We assume that transmit, legitimate receiver and eavesdropper antennas are correlated. The legitimate receiver and the eavesdropper are assumed to have perfect channel knowledge while the transmitter has only knowledge of the correlation matrices. First, we derive the expression of the secret-key capacity under the considered setup. We prove that the optimal transmit strategy achieving the secret-key capacity consists in transmitting independent Gaussian signals along the eingenvectors of the transmit correlation matrix. The powers allocated to each channel mode are determined as the solution to a numerical optimization problem. A necessary and sufficient condition for beamforming (i.e., transmitting along the strongest channel mode) to be capacity-achieving is derived. Moreover, we analyze the impact of correlation matrices on the system performance. Finally, we study the system’s performance in the two extreme power regimes. In the high-power regime, we provide closed-form expressions of the gain/loss due to correlation. In the low signal-to-noise ratio (SNR) regime, we investigate the energy efficiency of the system by determining the minimum energy required for sharing a secret-key bit and the wideband slope while highlighting the impact of correlation matrices.

  15. A Low Cost Key Agreement Protocol Based on Binary Tree for EPCglobal Class 1 Generation 2 RFID Protocol

    Science.gov (United States)

    Jeng, Albert; Chang, Li-Chung; Chen, Sheng-Hui

    There are many protocols proposed for protecting Radio Frequency Identification (RFID) system privacy and security. A number of these protocols are designed for protecting long-term security of RFID system using symmetric key or public key cryptosystem. Others are designed for protecting user anonymity and privacy. In practice, the use of RFID technology often has a short lifespan, such as commodity check out, supply chain management and so on. Furthermore, we know that designing a long-term security architecture to protect the security and privacy of RFID tags information requires a thorough consideration from many different aspects. However, any security enhancement on RFID technology will jack up its cost which may be detrimental to its widespread deployment. Due to the severe constraints of RFID tag resources (e. g., power source, computing power, communication bandwidth) and open air communication nature of RFID usage, it is a great challenge to secure a typical RFID system. For example, computational heavy public key and symmetric key cryptography algorithms (e. g., RSA and AES) may not be suitable or over-killed to protect RFID security or privacy. These factors motivate us to research an efficient and cost effective solution for RFID security and privacy protection. In this paper, we propose a new effective generic binary tree based key agreement protocol (called BKAP) and its variations, and show how it can be applied to secure the low cost and resource constraint RFID system. This BKAP is not a general purpose key agreement protocol rather it is a special purpose protocol to protect privacy, un-traceability and anonymity in a single RFID closed system domain.

  16. Privacy and Security Research Group workshop on network and distributed system security: Proceedings

    Energy Technology Data Exchange (ETDEWEB)

    1993-05-01

    This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

  17. Key aspects of a Flemish system to safeguard public health interests in case of chemical release incidents.

    Science.gov (United States)

    Smolders, Roel; Colles, Ann; Cornelis, Christa; Van Holderbeke, Mirja; Chovanova, Hana; Wildemeersch, Dirk; Mampaey, Maja; Van Campenhout, Karen

    2014-12-15

    Although well-established protocols are available for emergency services and first-responders in case of chemical release incidents, a well-developed system to monitor and safeguard public health was, until recently, lacking in Flanders. We therefore developed a decision support system (DSS) to aid public health officials in identifying the appropriate actions in case of incidents. Although the DSS includes human biomonitoring as one of its key instruments, it also goes well beyond this instrument alone. Also other, complementary, approaches that focus more on effect assessment using in vitro toxicity testing, indirect exposures through the food chain, and parallel means of data collection (e.g. through ecosurveillance or public consultation), are integrated in the Flemish approach. Even though the DSS is set up to provide a flexible and structured decision tree, the value of expert opinion is deemed essential to account for the many uncertainties associated with the early phases of technological incidents. When the DSS and the associated instruments will be fully operational, it will provide a valuable addition to the already available protocols, and will specifically safeguard public health interests.

  18. What are the key organisational capabilities that facilitate research use in public health policy?

    Science.gov (United States)

    Huckel Schneider, Carmen; Campbell, Danielle; Milat, Andrew; Haynes, Abby; Quinn, Emma

    2014-11-28

    Literature about research use suggests that certain characteristics or capabilities may make policy agencies more evidence attuned. This study sought to determine policy makers' perceptions of a suite of organisational capabilities identified from the literature as potentially facilitating research uptake in policy decision making. A literature scan identified eight key organisational capabilities that support research use in policy making. To determine whether these capabilities were relevant, practical and applicable in real world policy settings, nine Australian health policy makers were consulted in September 2011. We used an open-ended questionnaire asking what facilitates the use of research in policy and program decision making, followed by specific questions rating the proposed capabilities. Interviews were transcribed and the content analysed. There was general agreement that the capabilities identified from the literature were relevant to real world contexts. However, interviewees varied in whether they could provide examples of experiences with the capabilities, how essential they considered the different capabilities to be and how difficult they considered the capabilities were to achieve. Efforts to improve the use of research in policy decision making are likely to benefit from targeting multiple organisational capabilities, including staff skills and competence, tools such as templates and checklists to aid evidence use and leadership support for the use of research in policy development. However, such efforts should be guided by an understanding of how policy agencies use evidence and how they view their roles, and external factors such as resource constraints and availability of appropriate research.

  19. Public health and social injustice are the key issues for the decriminalization of abortion in Mexico.

    Science.gov (United States)

    1994-01-01

    Although the Second National Abortion Survey Gallup found that 88% of Mexicans believe abortion should be a woman's choice and 77% think the decriminalization of abortion would substantially reduce maternal mortality, abortion in Mexico remains governed by a 1931 criminal code. The survey was initiated by the Information and Reproductive Choice Group to provide information for the 1994 national debate on abortion. Supporters of legal abortion note that poor women resort to unsafe pregnancy terminations without regard to the criminal status of abortion. According to Patricia Mercado, co-founder of the Reproductive Choice Group, "You can be against abortion, but still allow it to be decriminalized. In other words, criminalization does not prevent women from having abortions, it only makes then have then in bad conditions. The idea is that women should be able to decide freely without risking problems of health and social justice." Despite public support for abortion legalization, survey results indicate widespread fear about acknowledging the existence of clandestine abortion. An estimated 1-2 million illegal abortions occur each year in Mexico, yet only 26% of survey respondents would admit to knowing a woman who had undergone illegal abortion.

  20. 基于Chebyshev的概率公钥密码体制%Probabilistic public-key cryptosystem based on Chebyshev

    Institute of Scientific and Technical Information of China (English)

    程学海; 徐江峰

    2013-01-01

    This paper introduced the definition and the properties of Chebyshev polynomial.According to the deterministic public-key cryptosystem of Chebyshev polynomial,found that it couldn't resist chosen cipher-text attacks.Combining with the security model against chosen cipher-text attacks,this paper proposed the probabilistic public-key cryptosystem of Chebyshev polynomial.The analysis show that the proposed cryptosystem is correct.Through the result of the reduction proof,the proposed cryptosystem can resist the adaptive chosen cipher-text attacks and has the IND-CCA2 security.%介绍了Chebyshev多项式的定义和相关性质,针对确定性Chebyshev多项式公钥密码体制进行了研究,发现其不能抵抗选择密文攻击.结合抵抗选择密文攻击的安全模型,提出了基于有限域的Chebyshev多项式的概率公钥密码体制,分析结果表明该密码体制是正确的.通过归约证明,该密码体制能够抵挡适应性选择密文攻击,具有抵抗选择密文攻击的IND-CCA2安全性.

  1. Secret-key agreement over spatially correlated fast-fading multiple-antenna channels with public discussion

    KAUST Repository

    Zorgui, Marwen

    2015-06-14

    We consider secret-key agreement with public discussion over multiple-input multiple-output (MIMO) Rayleigh fast-fading channels under correlated environment. We assume that transmit, legitimate receiver and eavesdropper antennas are correlated. The legitimate receiver and the eavesdropper are assumed to have perfect channel knowledge while the transmitter has only knowledge of the correlation matrices. First, we derive the expression of the secret-key capacity under the considered setup. Then, we prove that the optimal transmit strategy achieving the secret-key capacity consists in transmitting independent Gaussian signals along the eingenvectors of the transmit correlation matrix. The powers allocated to each channel mode are determined as the solution to a numerical optimization problem that we derive. A necessary and sufficient condition for beamforming (i.e., transmitting along the strongest channel mode) to be capacity-achieving is derived. Finally, we analyze the impact of correlation matrices on the system performance and provide closed-form expressions of the gain/loss due to correlation in the high power regime.

  2. 36 CFR 1202.8 - How does NARA handle records that are in Government-wide Privacy Act systems?

    Science.gov (United States)

    2010-07-01

    ... that are in Government-wide Privacy Act systems? 1202.8 Section 1202.8 Parks, Forests, and Public... in Government-wide Privacy Act systems? Records in the custody of NARA in a Government-wide Privacy Act system are the primary responsibility of another agency, e.g., the Office of Personnel...

  3. Google Street View: Walking the Line of Privacy-Intrusion upon Seclusion and Publicity Given to Private Facts in the Digital Age

    Directory of Open Access Journals (Sweden)

    Jordan E. Segall

    2010-04-01

    Full Text Available On a snowy evening, a man hears of a new restaurant opening in a distant suburb of his metropolis and looks for driving directions to take his significant other out for a romantic evening. He opens Google and conducts a driving direction search. As they have never been to the location, and as the weather is not optimal, they check the layout of the roads in order to alleviate safety concerns through Google's Street View Program.1 They click on the images nextto the proposed turns and see a picture of a man walking with a woman at the intersection. Later it is disclosed in the news that this individual is a high-ranking government official and the woman is not his wife, but his mistress.2 In another image, a smoker is lounging in the background, hiding his addiction from his family and friends.3 With another click of the mouse he sees sunbathers sitting on top of the roof of a building, enjoying the warm summer day as well as the seeming privacy and anonymity of their rooftop abode.

  4. Information Privacy: Culture, Legislation and User Attitudes

    Directory of Open Access Journals (Sweden)

    Sophie Cockcroft

    2006-11-01

    Full Text Available Information privacy has received much public and research interest in recent years. Globally this has arisen from public anxiety following the September 11 attacks and within Australia a progressive tightening of privacy legislation in particular the privacy amendment (private sector Act of 2000 which became operative in 2001. This paper presents the results of a study into attitudes towards information privacy. Based on an instrument developed and validated by Smith et al (1996a this study sets out to measure individual concerns regarding organisational use of information along four dimensions: collection, errors, unauthorised secondary use, and improper access. The survey was completed by 67 undergraduate and postgraduate students enrolled in an e-commerce security subject at the University of Queensland. Comparisons are drawn between the results of this study and an identical one carried out at the University of North Alabama. Whilst it is too early to draw conclusions about the impact of these attitudes on the success of e-commerce in general, the results should be of interest to those within universities seeking to expand the use of networking technologies for handling sensitive information such as enrolment and fee processing (Vanscoy & Oakleaf 2003

  5. Enabling secure and privacy preserving communications in smart grids

    CERN Document Server

    Li, Hongwei

    2014-01-01

    This brief focuses on the current research on security and privacy preservation in smart grids. Along with a review of the existing works, this brief includes fundamental system models, possible frameworks, useful performance, and future research directions. It explores privacy preservation demand response with adaptive key evolution, secure and efficient Merkle tree based authentication, and fine-grained keywords comparison in the smart grid auction market. By examining the current and potential security and privacy threats, the author equips readers to understand the developing issues in sma

  6. Investigating the Privacy Policy Adoption among Malaysia E-Government Websites: Towards Conceptualizing the E-Privacy Assessment Framework

    Directory of Open Access Journals (Sweden)

    Nor Asiakin Hasbullah

    2011-01-01

    Full Text Available Malaysia E-government had improved the government services and overcome barriers faced by the public in the offline environment. The government initiatives to safeguard the interest of the public had transcended to include privacy protection. The Personal Data Protection Act 2009 is considered as  one of the initiatives that had been  successfully  passed by  the  Malaysia Government  by April 2010. However, the implementation and governance of the Act is still subjected to minister’s  decision. This study  aims in parallel with the government initiatives by investigating the  adoption of  privacy policy  among the  Malaysia's  egovernment  websites. This study is importance towards examining the  current  level of awareness for the importance for privacy protection being provided for the  public,  before the full  enforcement of the  Act. Samples of 154 websites were selected by using convenient sampling from Malaysia government portal (http://www.malaysia.gov.my, which comprises  of federal and state governments. The evaluation process was done by using personal observation through an adopted indicators of privacy policies from Jamal Maier and Sunder in 2002 by observing the links provided for 'privacy policy statements', 'privacy policy notice' and 'privacy policy'. The study revealed several issues pertaining privacy policy adoption among Malaysia e-government site and highlights few recommendations and future works towards conceptualization of e-privacy assessment framework in Malaysia e-government context.

  7. A Random Matrix Approach to Differential Privacy and Structure Preserved Social Network Graph Publishing

    CERN Document Server

    Ahmed, Faraz; Liu, Alex X

    2013-01-01

    Online social networks are being increasingly used for analyzing various societal phenomena such as epidemiology, information dissemination, marketing and sentiment flow. Popular analysis techniques such as clustering and influential node analysis, require the computation of eigenvectors of the real graph's adjacency matrix. Recent de-anonymization attacks on Netflix and AOL datasets show that an open access to such graphs pose privacy threats. Among the various privacy preserving models, Differential privacy provides the strongest privacy guarantees. In this paper we propose a privacy preserving mechanism for publishing social network graph data, which satisfies differential privacy guarantees by utilizing a combination of theory of random matrix and that of differential privacy. The key idea is to project each row of an adjacency matrix to a low dimensional space using the random projection approach and then perturb the projected matrix with random noise. We show that as compared to existing approaches for ...

  8. 45 CFR 164.522 - Rights to request privacy protection for protected health information.

    Science.gov (United States)

    2010-10-01

    ... Health Information § 164.522 Rights to request privacy protection for protected health information. (a)(1... 45 Public Welfare 1 2010-10-01 2010-10-01 false Rights to request privacy protection for protected health information. 164.522 Section 164.522 Public Welfare DEPARTMENT OF HEALTH AND HUMAN...

  9. Inequalities for the quantum privacy

    Science.gov (United States)

    Trindade, M. A. S.; Pinto, E.

    2016-02-01

    In this work, we investigate the asymptotic behavior related to the quantum privacy for multipartite systems. In this context, an inequality for quantum privacy was obtained by exploiting of quantum entropy properties. Subsequently, we derive a lower limit for the quantum privacy through the entanglement fidelity. In particular, we show that there is an interval where an increase in entanglement fidelity implies a decrease in quantum privacy.

  10. Evaluation of unique identifiers used as keys to match identical publications in Pure and SciVal - a case study from health science.

    Science.gov (United States)

    Madsen, Heidi Holst; Madsen, Dicte; Gauffriau, Marianne

    2016-01-01

    Unique identifiers (UID) are seen as an effective key to match identical publications across databases or identify duplicates in a database. The objective of the present study is to investigate how well UIDs work as match keys in the integration between Pure and SciVal, based on a case with publications from the health sciences. We evaluate the matching process based on information about coverage, precision, and characteristics of publications matched versus not matched with UIDs as the match keys. We analyze this information to detect errors, if any, in the matching process. As an example we also briefly discuss how publication sets formed by using UIDs as the match keys may affect the bibliometric indicators number of publications, number of citations, and the average number of citations per publication.  The objective is addressed in a literature review and a case study. The literature review shows that only a few studies evaluate how well UIDs work as a match key. From the literature we identify four error types: Duplicate digital object identifiers (DOI), incorrect DOIs in reference lists and databases, DOIs not registered by the database where a bibliometric analysis is performed, and erroneous optical or special character recognition. The case study explores the use of UIDs in the integration between the databases Pure and SciVal. Specifically journal publications in English are matched between the two databases. We find all error types except erroneous optical or special character recognition in our publication sets. In particular the duplicate DOIs constitute a problem for the calculation of bibliometric indicators as both keeping the duplicates to improve the reliability of citation counts and deleting them to improve the reliability of publication counts will distort the calculation of average number of citations per publication. The use of UIDs as a match key in citation linking is implemented in many settings, and the availability of UIDs may become

  11. Evaluation of unique identifiers used as keys to match identical publications in Pure and SciVal – a case study from health science

    Science.gov (United States)

    Madsen, Heidi Holst; Madsen, Dicte; Gauffriau, Marianne

    2016-01-01

    Unique identifiers (UID) are seen as an effective key to match identical publications across databases or identify duplicates in a database. The objective of the present study is to investigate how well UIDs work as match keys in the integration between Pure and SciVal, based on a case with publications from the health sciences. We evaluate the matching process based on information about coverage, precision, and characteristics of publications matched versus not matched with UIDs as the match keys. We analyze this information to detect errors, if any, in the matching process. As an example we also briefly discuss how publication sets formed by using UIDs as the match keys may affect the bibliometric indicators number of publications, number of citations, and the average number of citations per publication.  The objective is addressed in a literature review and a case study. The literature review shows that only a few studies evaluate how well UIDs work as a match key. From the literature we identify four error types: Duplicate digital object identifiers (DOI), incorrect DOIs in reference lists and databases, DOIs not registered by the database where a bibliometric analysis is performed, and erroneous optical or special character recognition. The case study explores the use of UIDs in the integration between the databases Pure and SciVal. Specifically journal publications in English are matched between the two databases. We find all error types except erroneous optical or special character recognition in our publication sets. In particular the duplicate DOIs constitute a problem for the calculation of bibliometric indicators as both keeping the duplicates to improve the reliability of citation counts and deleting them to improve the reliability of publication counts will distort the calculation of average number of citations per publication. The use of UIDs as a match key in citation linking is implemented in many settings, and the availability of UIDs may become

  12. Privacy-Related Context Information for Ubiquitous Health

    Science.gov (United States)

    Nykänen, Pirkko; Ruotsalainen, Pekka

    2014-01-01

    Background Ubiquitous health has been defined as a dynamic network of interconnected systems. A system is composed of one or more information systems, their stakeholders, and the environment. These systems offer health services to individuals and thus implement ubiquitous computing. Privacy is the key challenge for ubiquitous health because of autonomous processing, rich contextual metadata, lack of predefined trust among participants, and the business objectives. Additionally, regulations and policies of stakeholders may be unknown to the individual. Context-sensitive privacy policies are needed to regulate information processing. Objective Our goal was to analyze privacy-related context information and to define the corresponding components and their properties that support privacy management in ubiquitous health. These properties should describe the privacy issues of information processing. With components and their properties, individuals can define context-aware privacy policies and set their privacy preferences that can change in different information-processing situations. Methods Scenarios and user stories are used to analyze typical activities in ubiquitous health to identify main actors, goals, tasks, and stakeholders. Context arises from an activity and, therefore, we can determine different situations, services, and systems to identify properties for privacy-related context information in information-processing situations. Results Privacy-related context information components are situation, environment, individual, information technology system, service, and stakeholder. Combining our analyses and previously identified characteristics of ubiquitous health, more detailed properties for the components are defined. Properties define explicitly what context information for different components is needed to create context-aware privacy policies that can control, limit, and constrain information processing. With properties, we can define, for example, how

  13. What Is Special in the Economics of Cybersecurity and Privacy?

    OpenAIRE

    Jentzsch, Nicola

    2015-01-01

    One of the most popular questions in information security economics is whether there are any special features relating to privacy and cyber-security products and services that separate these from traditional goods, like apples or cars. This paper is a contribution to this discussion. First, different goods and services are compared to assess whether privacy and cyber-security are in fact different. Although basic, it is enlightening. We then discuss how economics treats key features and wheth...

  14. 78 FR 73466 - Privacy Act

    Science.gov (United States)

    2013-12-06

    ... CORPORATION 22 CFR Part 707 Privacy Act AGENCY: Overseas Private Investment Corporation. ACTION: Notice of... (``OPIC'') Privacy Act (``PA'') regulations by making substantive and administrative changes. These... procedure, Privacy. For the reasons stated in the preamble the Overseas Private Investment Corporation...

  15. Designing Privacy-by-Design

    NARCIS (Netherlands)

    Rest, J.H.C. van; Boonstra, D.; Everts, M.H.; Rijn, M. van; Paassen, R.J.G. van

    2014-01-01

    The proposal for a new privacy regulation d.d. January 25th 2012 introduces sanctions of up to 2% of the annual turnover of enterprises. This elevates the importance of mitigation of privacy risks. This paper makes Privacy by Design more concrete, and positions it as the mechanism to mitigate these

  16. Multimode-multivariate public key cryptosystem%多模式多变量公钥密码体制

    Institute of Scientific and Technical Information of China (English)

    孙小雁; 张茂胜

    2012-01-01

    A multimode-multivariate public key cryptosystem is developed for resisting the quantum algorithm. Since quantum computers are not efficient to solve multivariate polynomial problems, the multivariate public key cryptosystem is secure. In order to improve the computational efficiency, the branching modification is used. During the process of every branch, the plus modifier, minus modifier and iteration are combined. Analysis results show that the proposed scheme can resist known types of attacks. And thus it can be applied to encryption/decryption, signature and integrity.%针对量子计算机对公钥密码体制的挑战,提出一种能抵抗量子算法的多模式多变量公钥密码算法.量子计算机在解决多变量多项式问题并无高效算法,在传统多变量公钥密码体制的基础上,使用多分支模式,在分支内部采用加模式、减模式和迭代模式,增强了多变量公钥密码体制的安全性.通过分析各种常见攻击的复杂度,多模式多变量公钥密码体制能有效抵抗各种攻击,可以应用于加解密、签名和数据完整性验证.

  17. PUBLIC KEY INFRASTRUCTURE (PKI)

    Data.gov (United States)

    Federal Laboratory Consortium — Common Access Card (CAC)Enterprise Testing Overview:Established in 2003Performs test and evaluations of the DOD PKI CAC issuance systems from an enterprise level all...

  18. PUBLIC KEY INFRASTRUCTURE (PKI)

    Data.gov (United States)

    Federal Laboratory Consortium — Common Access Card (CAC) Enterprise Testing Overview: Established in 2003 Performs test and evaluations of the DOD PKI CAC issuance systems from an enterprise level...

  19. Public assessment of key performance indicators of healthcare in a Canadian province: the effect of age and chronic health problems.

    Science.gov (United States)

    Nurullah, Abu Sadat; Northcott, Herbert C; Harvey, Michael D

    2014-01-15

    This study explores the effect of age and chronic conditions on public perceptions of the health system, as measured by the Key Performance Indicators (KPIs) of healthcare, in the province of Alberta in Canada. Drawing from data collected by Government of Alberta's Department of Health and Wellness, this research examines two key questions: (1) Do people in the 65+ age group rate the KPIs of healthcare (i.e., availability, accessibility, quality, outcome, and satisfaction) more favorably compared to people in younger age groups in Alberta? (2) Does the rating of KPIs of healthcare in Alberta vary with different chronic conditions (i.e., no chronic problem, chronic illnesses without pain, and chronic pain)? The findings indicate that people in the older age group tend to rate the KPIs of healthcare more favorably compared to younger age groups in Alberta, net of socio-demographic factors, self-reported health status, and knowledge and utilization of health services. However, people experiencing chronic pain are less likely to rate the KPIs of healthcare favorably compared to people with no chronic health problem in Alberta. Discussion includes implications of the findings for the healthcare system in the province.

  20. Adding Query Privacy to Robust DHTs

    DEFF Research Database (Denmark)

    Backes, Michael; Goldberg, Ian; Kate, Aniket

    2011-01-01

    Interest in anonymous communication over distributed hash tables (DHTs) has increased in recent years. However, almost all known solutions solely aim at achieving sender or requestor anonymity in DHT queries. In many application scenarios, it is crucial that the queried key remains secret from...... intermediate peers that (help to) route the queries towards their destinations. In this paper, we satisfy this requirement by presenting an approach for providing privacy for the keys in DHT queries. We use the concept of oblivious transfer (OT) in communication over DHTs to preserve query privacy without...... compromising spam resistance. Although our OT-based approach can work over any DHT, we concentrate on communication over robust DHTs that can tolerate Byzantine faults and resist spam. We choose the best-known robust DHT construction, and employ an efficient OT protocol well-suited for achieving our goal...

  1. Adding query privacy to robust DHTs

    DEFF Research Database (Denmark)

    Backes, Michael; Goldberg, Ian; Kate, Aniket

    2012-01-01

    Interest in anonymous communication over distributed hash tables (DHTs) has increased in recent years. However, almost all known solutions solely aim at achieving sender or requestor anonymity in DHT queries. In many application scenarios, it is crucial that the queried key remains secret from...... intermediate peers that (help to) route the queries towards their destinations. In this paper, we satisfy this requirement by presenting an approach for providing privacy for the keys in DHT queries. We use the concept of oblivious transfer (OT) in communication over DHTs to preserve query privacy without...... compromising spam resistance. Although our OT-based approach can work over any DHT, we concentrate on robust DHTs that can tolerate Byzantine faults and resist spam. We choose the best-known robust DHT construction, and employ an efficient OT protocol well-suited for achieving our goal of obtaining query...

  2. Secret Key Crypto Implementations

    Science.gov (United States)

    Bertoni, Guido Marco; Melzani, Filippo

    This chapter presents the algorithm selected in 2001 as the Advanced Encryption Standard. This algorithm is the base for implementing security and privacy based on symmetric key solutions in almost all new applications. Secret key algorithms are used in combination with modes of operation to provide different security properties. The most used modes of operation are presented in this chapter. Finally an overview of the different techniques of software and hardware implementations is given.

  3. Analysis of Different Privacy Preserving Cloud Storage Frameworks

    CERN Document Server

    Bedi, Rajeev; Singh, Tajinder; Singh, Harwinder; Singh, Amritpal

    2012-01-01

    Privacy Security of data in Cloud Storage is one of the main issues. Many Frameworks and Technologies are used to preserve data security in cloud storage. [1] Proposes a framework which includes the design of data organization structure, the generation and management of keys, the treatment of change of user's access right and dynamic operations of data, and the interaction between participants. It also design an interactive protocol and an extirpation-based key derivation algorithm, which are combined with lazy revocation, it uses multi-tree structure and symmetric encryption to form a privacy-preserving, efficient framework for cloud storage. [2] Proposes a framework which design a privacy-preserving cloud storage framework in which he designed an interaction protocol among participants, use key derivation algorithm to generate and manage keys, use both symmetric and asymmetric encryption to hide the sensitive data of users, and apply Bloom filter for cipher text retrieval. A system based on this framework i...

  4. Privacy in the family

    NARCIS (Netherlands)

    Newell, Bryce; Metoyer, Cheryl A.; Moore, Adam D.

    2015-01-01

    Popular access to increasingly sophisticated forms of electronic surveillance technologies has altered the dynamics of family relationships. Monitoring, mediated and facilitated by practices of both covert and overt electronic surveillance, has changed the nature of privacy within the family. In thi

  5. Biometrics and privacy

    NARCIS (Netherlands)

    Grijpink, J.H.A.M.

    2001-01-01

    Biometrics offers many alternatives for protecting our privacy and preventing us from falling victim to crime. Biometrics can even serve as a solid basis for safe anonymous and semi-anonymous legal transactions. In this article Jan Grijpink clarifies which concepts and practical applications this

  6. Privacy Policy | FNLCR

    Science.gov (United States)

    The privacy of our users is of utmost importance to Frederick National Lab. The policy outlined below establishes how Frederick National Lab will use the information we gather about you from your visit to our website. We may collect and store

  7. Governing the internet in the privacy arena

    OpenAIRE

    Carsten Ochs; Fabian Pittroff; Barbara Büttner; Jörn Lamla

    2016-01-01

    The surveillance disclosures triggered by Snowden have fueled the public re-negotiation of privacy. To follow resulting controversies we present a methodology that links social worlds theory to approaches asking for the democratic governance character of issue-centred arenas. After having outlined this approach it is put to the test. We analyse and compare two cases: the Schengen/National Routing, and the Parliamentary Committee investigating the NSA surveillance disclosures. The analysis rev...

  8. Collaborative Privacy - A Community-Based Privacy Infrastructure

    Science.gov (United States)

    Kolter, Jan; Kernchen, Thomas; Pernul, Günther

    The landscape of the World Wide Web with all its versatile services heavily relies on the disclosure of private user information. Service providers collecting more and more of these personal user data pose a growing privacy threat for users. Addressing user concerns privacy-enhancing technologies emerged. One goal of these technologies is to enable users to improve the control over their personal data. A famous representative is the PRIME project that aims for a holistic privacy-enhancing identity management system. However, approaches like the PRIME privacy architecture require service providers to change their server infrastructure and add specific privacy-enhancing components. In the near future, service providers are not expected to alter internal processes. In this paper, we introduce a collaborative privacy community that allows the open exchange of privacy-related information. We lay out the privacy community’s functions and potentials within a user-centric, provider-independent privacy architecture that will help foster the usage and acceptance of privacy-enhancing technologies.

  9. Differential privacy two-dimensional data partitioning publication algorithm based on quad-tree%基于四分树的差分隐私二维数据划分发布算法

    Institute of Scientific and Technical Information of China (English)

    吴英杰; 卢清; 蔡剑平; 王晓东

    2016-01-01

    In order to boost the accuracy of range counting queries of the released two-dimensional space data under differential privacy,an algorithm Quad-heu based on quad-tree for differential priva-cy two-dimensional data publication by space partitioning was proposed.The basic idea of Quad-heu is to firstly construct a quad-tree with respect to the two-dimensional data and then add Laplace noise to tree nodes.After that,a bottom up heuristic approach for structural adjustment of the quad-tree was put forward,and the aim of which was to balance the noise error of queries and the error of uniform hypothesis.Finally,the accuracy of range counting queries was further reduced by post-processing the tree nodes′values through the consistency constraint of queries.Experimental analysis was designed by comparing Quad-heu and the traditional algorithms on the accuracy of range counting queries in the released data and the algorithm efficiency.Experimental results show that Quad-heu is effective and feasible.%为了提高差分隐私下二维数据区间计数查询的精度,提出一种基于四分树的差分隐私二维数据空间划分发布算法 Quad-heu.首先构建与二维数据相对应的四分树,并对树节点添加拉普拉斯噪声;然后采用启发式判断策略,自底向上对四分树结构进行调整,以达到平衡查询噪声误差和均匀假设误差的目的;最后利用查询一致性约束对添加噪声后的四分树节点进行后置处理,以进一步提高查询精度.实验对算法 Quad-heu 所发布数据的区间计数查询精度及效率与同类算法进行比较分析,结果验证了其有效性.

  10. An examination of electronic health information privacy in older adults.

    Science.gov (United States)

    Le, Thai; Thompson, Hilaire; Demiris, George

    2013-01-01

    Older adults are the quickest growing demographic group and are key consumers of health services. As the United States health system transitions to electronic health records, it is important to understand older adult perceptions of privacy and security. We performed a secondary analysis of the Health Information National Trends Survey (2012, Cycle 1), to examine differences in perceptions of electronic health information privacy between older adults and the general population. We found differences in the level of importance placed on access to electronic health information (older adults placed greater emphasis on provider as opposed to personal access) and tendency to withhold information out of concerns for privacy and security (older adults were less likely to withhold information). We provide recommendations to alleviate some of these privacy concerns. This may facilitate greater use of electronic health communication between patient and provider, while promoting shared decision making.

  11. A Scalable Privacy Preserving Scheme In Vehicular Network

    Institute of Scientific and Technical Information of China (English)

    YAN Gong-jun; SHI Hui; Awny Alnusair; Matthew Todd Bradley

    2014-01-01

    Vehicles enlisted with computing, sensing and communicating devices can create vehicular networks, a subset of cooperative systems in heterogeneous environments, aiming at improving safety and entertainment in traffic. In vehicular networks, a vehicle’s identity is associated to its owner’s identity as a unique linkage. Therefore, it is of importance to protect privacy of vehicles from being possibly tracked. Obviously, the privacy protection must be scalable because of the high mobility and large population of vehicles. In this work, we take a non-trivial step towards protecting privacy of vehicles. As privacy draws public concerns, we firstly present privacy implications of operational challenges from the public policy perspective. Additionally, we envision vehicular networks as geographically partitioned subnetworks (cells). Each subnetwork maintains a list of pseudonyms. Each pseudonym includes the cell’s geographic id and a random number as host id. Before starting communication, vehicles need to request a pseudonym on demand from pseudonym server. In order to improve utilization of pseudonyms, we address a stochastic model with time-varying arrival and departure rates. Our main contribution includes:1) proposing a scalable and effective algorithm to protect privacy; 2) providing analytical results of probability, variance and expected number of requests on pseudonym servers. The empirical results confirm the accuracy of our analytical predictions.

  12. Genetic secrets: Protecting privacy and confidentiality in the genetic era

    Energy Technology Data Exchange (ETDEWEB)

    Rothstein, M.A. [ed.

    1998-07-01

    Few developments are likely to affect human beings more profoundly in the long run than the discoveries resulting from advances in modern genetics. Although the developments in genetic technology promise to provide many additional benefits, their application to genetic screening poses ethical, social, and legal questions, many of which are rooted in issues of privacy and confidentiality. The ethical, practical, and legal ramifications of these and related questions are explored in depth. The broad range of topics includes: the privacy and confidentiality of genetic information; the challenges to privacy and confidentiality that may be projected to result from the emerging genetic technologies; the role of informed consent in protecting the confidentiality of genetic information in the clinical setting; the potential uses of genetic information by third parties; the implications of changes in the health care delivery system for privacy and confidentiality; relevant national and international developments in public policies, professional standards, and laws; recommendations; and the identification of research needs.

  13. Privacy Awareness: A Means to Solve the Privacy Paradox?

    Science.gov (United States)

    Pötzsch, Stefanie

    People are limited in their resources, i.e. they have limited memory capabilities, cannot pay attention to too many things at the same time, and forget much information after a while; computers do not suffer from these limitations. Thus, revealing personal data in electronic communication environments and being completely unaware of the impact of privacy might cause a lot of privacy issues later. Even if people are privacy aware in general, the so-called privacy paradox shows that they do not behave according to their stated attitudes. This paper discusses explanations for the existing dichotomy between the intentions of people towards disclosure of personal data and their behaviour. We present requirements on tools for privacy-awareness support in order to counteract the privacy paradox.

  14. 77 FR 38598 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2012-06-28

    ... Officer, Department of Defense. CIG-23 System Name: Public Affairs Files (August 7, 2006, 71 FR 44667) Changes: * * * * * System name: Delete entry and replace with ``SCOUT and Public Affairs Files.'' System... Office of the Secretary Privacy Act of 1974; System of Records AGENCY: Office of the Inspector...

  15. A Signcryption based Light Weight Key Exchange Protocol

    Science.gov (United States)

    Feng, Yong; Wei, Qian; Zhang, Xing

    Traditional cryptography based authenticated Diffie-Hellman key exchange protocols expose the problems of efficiency and privacy since signature-then-encryption is heavy to wireless communication special for flexible dynamic deployment, i.e., wireless mesh networks, wireless sensor networks, mobile ad hoc networks, etc., in computational cost and communicational overhead and traditional digital signature allows anyone to verify its validity using the corresponding public key. In this paper, we propose a signcryption based light weight key exchange protocol named SLWKE which can provide resistance to traditional attacks, i.e., eavesdropping, deducing, replaying, interleaving, forging and repudiating, and unknown key-share attack and save computational cost by three modular calculations, i.e., one modular inversion, one modular addition and one modular multiplicative, included in a signature s and communicational overhead by secure length of IqI in comparison to signcryption based direct key exchange using a time-stamp protocol termed Dkeuts.

  16. Privacy Preserving Similarity Based Text Retrieval through Blind Storage

    Directory of Open Access Journals (Sweden)

    Pinki Kumari

    2016-09-01

    Full Text Available Cloud computing is improving rapidly due to their more advantage and more data owners give interest to outsource their data into cloud storage for centralize their data. As huge files stored in the cloud storage, there is need to implement the keyword based search process to data user. At the same time to protect the privacy of data, encryption techniques are used for sensitive data, that encryption is done before outsourcing data to cloud server. But it is critical to search results in encryption data. In this system we propose similarity text retrieval from the blind storage blocks with encryption format. This system provides more security because of blind storage system. In blind storage system data is stored randomly on cloud storage.  In Existing Data Owner cannot encrypt the document data as it was done only at server end. Everyone can access the data as there was no private key concept applied to maintained privacy of the data. But In our proposed system, Data Owner can encrypt the data himself using RSA algorithm.  RSA is a public key-cryptosystem and it is widely used for sensitive data storage over Internet. In our system we use Text mining process for identifying the index files of user documents. Before encryption we also use NLP (Nature Language Processing technique to identify the keyword synonyms of data owner document. Here text mining process examines text word by word and collect literal meaning beyond the words group that composes the sentence. Those words are examined in API of word net so that only equivalent words can be identified for index file use. Our proposed system provides more secure and authorized way of recover the text in cloud storage with access control. Finally, our experimental result shows that our system is better than existing.

  17. Privacy and Facebook

    Directory of Open Access Journals (Sweden)

    Ronan Comer

    2012-09-01

    Full Text Available Social Networking is continually growing and showing more possibilities. Facebook the leading social network site is approaching 1 billion members. Facebook guarantees more than friend requests and also acts as an excellent marketing tool for businesses. Social media is a technology allowing the nation to publish instantly and economically on the internet. It encourages live discussion on a huge range of topics, with not only friends, but businesses and consumers. Facebook serves 120 billion hits per day, stored 60 billion photos and generated 150TB (Terabytes of logs every day. Privacy - or lack of it - however has provoked outrage at various times in the media. This paper seeks to examine the ramifications of poor privacy management by Facebook.

  18. Approximate Privacy: Foundations and Quantification

    CERN Document Server

    Feigenbaum, Joan; Schapira, Michael

    2009-01-01

    Increasing use of computers and networks in business, government, recreation, and almost all aspects of daily life has led to a proliferation of online sensitive data about individuals and organizations. Consequently, concern about the privacy of these data has become a top priority, particularly those data that are created and used in electronic commerce. There have been many formulations of privacy and, unfortunately, many negative results about the feasibility of maintaining privacy of sensitive data in realistic networked environments. We formulate communication-complexity-based definitions, both worst-case and average-case, of a problem's privacy-approximation ratio. We use our definitions to investigate the extent to which approximate privacy is achievable in two standard problems: the second-price Vickrey auction and the millionaires problem of Yao. For both the second-price Vickrey auction and the millionaires problem, we show that not only is perfect privacy impossible or infeasibly costly to achieve...

  19. On quantum and approximate privacy

    CERN Document Server

    Klauck, H

    2001-01-01

    This paper studies privacy in communication complexity. The focus is on quantum versions of the model and on protocols with only approximate privacy against honest players. We show that the privacy loss (the minimum divulged information) in computing a function can be decreased exponentially by using quantum protocols, while the class of privately computable functions (i.e., those with privacy loss 0) is not increased by quantum protocols. Quantum communication combined with small information leakage on the other hand makes certain functions computable (almost) privately which are not computable using quantum communication without leakage or using classical communication with leakage. We also give an example of an exponential reduction of the communication complexity of a function by allowing a privacy loss of o(1) instead of privacy loss 0.

  20. Security and Privacy of Electronic Banking

    Directory of Open Access Journals (Sweden)

    Zachary Bosire Omariba

    2012-07-01

    Full Text Available The internet has played a key role in changing how we interact with other people and how we do business today. As a result of the internet, electronic commerce has emerged, allowing business to more effectively interact with their customers and other corporations inside and outside their industries. One industry that is using this new communication channel to reach its customers is the banking industry. The e-banking system addresses several emerging trends: customers demand for anytime, anywhere service, product time-to-market imperatives and increasingly complex back-office integration challenges. The challenges that oppose electronic banking are concerns of security and privacy of information. This paper will first discuss the drivers of e-banking; secondly, it will talk about the concerns about e-banking from various perspectives. Thirdly, the security and privacy issues will also be discussed, and fourthly the attacks of e-banking with their solutions are discussed.

  1. Pythia: A Privacy-enhanced Personalized Contextual Suggestion System for Tourism

    NARCIS (Netherlands)

    Drosatos, G.; Efraimidis, P.S.; Arampatzis, A.; Stamatelatos, G.; Athanasiadis, I.N.

    2015-01-01

    We present Pythia, a privacy-enhanced non-invasive contextual suggestion system for tourists, with important architectural innovations. The system offers high quality personalized recommendations, non-invasive operation and protection of user privacy. A key feature of Pythia is the exploitation of t

  2. Enhancing Privacy for Biometric Identification Cards

    CERN Document Server

    Balanoiu, Paul

    2010-01-01

    Most developed countries have started the implementation of biometric electronic identification cards, especially passports. The European Union and the United States of America struggle to introduce and standardize these electronic documents. Due to the personal nature of the biometric elements used for the generation of these cards, privacy issues were raised on both sides of the Atlantic Ocean, leading to civilian protests and concerns. The lack of transparency from the public authorities responsible with the implementation of such identification systems, and the poor technological approaches chosen by these authorities, are the main reasons for the negative popularity of the new identification methods. The following article shows an approach that provides all the benefits of modern technological advances in the fields of biometrics and cryptography, without sacrificing the privacy of those that will be the beneficiaries of the new system.

  3. Enhancing Privacy for Biometric Identification Cards

    Directory of Open Access Journals (Sweden)

    2009-01-01

    Full Text Available Most developed countries have started the implementation of biometric electronic identification cards, especially passports. The European Union and the United States of America struggle to introduce and standardize these electronic documents. Due to the personal nature of the biometric elements used for the generation of these cards, privacy issues were raised on both sides of the Atlantic Ocean, leading to civilian protests and concerns. The lack of transparency from the public authorities responsible with the implementation of such identification systems, and the poor technological approaches chosen by these authorities, are the main reasons for the negative popularity of the new identification methods. The following article shows an approach that provides all the benefits of modern technological advances in the fields of biometrics and cryptography, without sacrificing the privacy of those that will be the beneficiaries of the new system

  4. Practical Privacy in WDM Networks with All-Optical Layered Encryption

    OpenAIRE

    Engelmann, Anna; Jukan, Admela

    2016-01-01

    Privacy in form of anonymous communication could be comparably both faster and harder to break in optical routers than in today's anonymous IP networks based on The Onion Routing (Tor). Implementing the practical privacy alloptically,however, is not straightforward, as it requires key generation in each anonymization node to avoid distribution of long keys, and layered encryption, both at the optical line rate. Due to the unavailability of cryptographically strong optical key generation and e...

  5. Cognitive Privacy for Personal Clouds

    Directory of Open Access Journals (Sweden)

    Milena Radenkovic

    2016-01-01

    Full Text Available This paper proposes a novel Cognitive Privacy (CogPriv framework that improves privacy of data sharing between Personal Clouds for different application types and across heterogeneous networks. Depending on the behaviour of neighbouring network nodes, their estimated privacy levels, resource availability, and social network connectivity, each Personal Cloud may decide to use different transmission network for different types of data and privacy requirements. CogPriv is fully distributed, uses complex graph contacts analytics and multiple implicit novel heuristics, and combines these with smart probing to identify presence and behaviour of privacy compromising nodes in the network. Based on sensed local context and through cooperation with remote nodes in the network, CogPriv is able to transparently and on-the-fly change the network in order to avoid transmissions when privacy may be compromised. We show that CogPriv achieves higher end-to-end privacy levels compared to both noncognitive cellular network communication and state-of-the-art strategies based on privacy-aware adaptive social mobile networks routing for a range of experiment scenarios based on real-world user and network traces. CogPriv is able to adapt to varying network connectivity and maintain high quality of service while managing to keep low data exposure for a wide range of privacy leakage levels in the infrastructure.

  6. Privacy and the Connected Society

    DEFF Research Database (Denmark)

    Sørensen, Lene Tolstrup; Khajuria, Samant; Skouby, Knud Erik

    the society. Enabling the vision of the connected society, researchers point in the direction of security and privacy as areas to challenge the vision. By use of the Internet of Things reference model as well as the vision of the connected society, this paper identifies privacy of the individual with respect...... to three selected areas: Shopping, connected cars and online gaming. The paper concludes that privacy is a complexity within the connected society vision and that thee is a need for more privacy use cases to shed light on the challenge....

  7. 42 CFR 403.812 - HIPAA privacy, security, administrative data standards, and national identifiers.

    Science.gov (United States)

    2010-10-01

    ... 42 Public Health 2 2010-10-01 2010-10-01 false HIPAA privacy, security, administrative data... Prescription Drug Discount Card and Transitional Assistance Program § 403.812 HIPAA privacy, security, administrative data standards, and national identifiers. (a) HIPAA covered entities. An endorsed sponsor is...

  8. 45 CFR 5.67 - Exemption six: Clearly unwarranted invasion of personal privacy.

    Science.gov (United States)

    2010-10-01

    ...: Clearly unwarranted invasion of personal privacy. (a) Documents affected. We may withhold records about individuals if disclosure would constitute a clearly unwarranted invasion of their personal privacy. (b... 45 Public Welfare 1 2010-10-01 2010-10-01 false Exemption six: Clearly unwarranted invasion...

  9. 75 FR 32372 - Information Privacy and Innovation in the Internet Economy

    Science.gov (United States)

    2010-06-08

    ... in the Internet Economy AGENCY: National Telecommunications and Information Administration, U.S... between privacy policy and innovation in the Internet economy.\\1\\ In addition, the Department announced... Public Review of Privacy Policy and Innovation in the Internet Economy, Launches Internet Policy...

  10. The Homomorphism Analysis of Public Key Cryptosystem%公钥密码体制的同态性分析

    Institute of Scientific and Technical Information of China (English)

    闫世斗; 刘念; 李子臣

    2012-01-01

    Homomorphic encryption algorithm is based on the concept of homomorphism, which is a subset ot the homomorphism. Homomorphic encryption technology can do the operation to ciphertext directly, the op- eration results can be encrypted automatically, and the technology has a very broad application in secure multi - party computation, data encryption, electronic voting and other fields. A Homomorphic property in- cludes additively homomorphism, muhiplicatively homomorphism, and mixed multiplicatively homomor- phism. We study the homomorphic property of the three public key cryptosystem widely used now, and ana- lyze Pallier cryptosystem that meets additively homomorphism, which can provide theoretical basis and guid- ance to the follow - up study of fully homomorphic encryption algorithm.%同态加密算法是基于秘密同态的概念,是秘密同态的一个子集。同态加密技术可以对加密数据直接进行运算,并且运算结果也自动加密。正是基于此,使得同态加密技术在安全多方计算、数据库加密、电子投票等领域具有广泛的应用。同态特性主要包括加法特性、乘法特性、混合乘法特性。文章对目前广泛应用的三大公钥密码体制的同态特性进行了分析,并对满足加法同态的Pallier密码体制进行了研究。为后续研究全同态加密算法提供理论基础和方法指导。

  11. Data privacy for the smart grid

    CERN Document Server

    Herold, Rebecca

    2015-01-01

    The Smart Grid and PrivacyWhat Is the Smart Grid? Changes from Traditional Energy Delivery Smart Grid Possibilities Business Model Transformations Emerging Privacy Risks The Need for Privacy PoliciesPrivacy Laws, Regulations, and Standards Privacy-Enhancing Technologies New Privacy Challenges IOT Big Data What Is the Smart Grid?Market and Regulatory OverviewTraditional Electricity Business SectorThe Electricity Open Market Classifications of Utilities Rate-Making ProcessesElectricity Consumer

  12. Certificateless Multi-receiver Signcryption Scheme Based on Multivariate Public Key Cryptography%基于多变量公钥密码体制的无证书多接收者签密体制

    Institute of Scientific and Technical Information of China (English)

    李慧贤; 陈绪宝; 庞辽军; 王育民

    2012-01-01

    针对基于身份的多接收者签密方案不能抵抗量子攻击以及存在的密钥托管问题,基于多变量公钥密码体制,提出一个多接收者模型下的无证书签密方案.新方案不仅避免了基于身份密码体制的密钥托管问题,而且继承了多变量公钥密码体制的优势,实现了“抗量子攻击”的高安全性.与现有方案相比,新方案无需双线性对操作,具有更少的计算量,更高的计算效率,适用于智能卡等计算能力较小的终端设备.最后,在随机预言模型下,给出了该文方案基于MQ困难问题假设和IP困难问题假设的安全性证明.分析表明,该文方案具有不可否认性、前向安全性、后向安全性、保护接收者隐私等安全属性.%Aiming at the vulnerability under quantum attacks and the inherent key escrow problem of the existing ID-based multi-receiver signcryption schemes, we propose an efficient certificateless multi-receiver signcryption scheme (CLMSC), which is based on the multivariate public key cryptography (MPKC). The new scheme can not only avoid the inherent key escrow problem in the identity-based cryptographic system,but also have the advantage of MPKC, that is, it can withstand the quantum attack. The proposed scheme does not require any pairing operations in signcrypting a message for any number of receivers. Therefore, compared with the existing signcryption schemes, the proposed scheme is more efficient, and thus it is suitable for terminals which have lower computation capacity like smart card. Finally, we prove its semantic security under the hardness of Multivariate Quadratic (MQ) problem and its unforgeability under the Isomorphism of Polynomials (IP) assumption in the random oracle model respectively. The proposed scheme also has the security properties of non-repudiation, forward security, backward security and the recipient privacy protection.

  13. Privacy-Preserving Trajectory Collection

    DEFF Research Database (Denmark)

    Gidofalvi, Gyozo; Xuegang, Huang; Pedersen, Torben Bach

    2008-01-01

    . To remedy this situation, this paper first formally defines novel location privacy requirements. Then, it briefly presents a system for privacy--preserving trajectory collection that meets these requirements. The system is composed of an untrusted server and clients communicating in a P2P network. Location...

  14. Perspectives on key principles of generalist medical practice in public service in sub-saharan africa: a qualitative study

    Directory of Open Access Journals (Sweden)

    Downing Raymond V

    2011-07-01

    Full Text Available Abstract Background The principles and practice of Family Medicine that arose in developed Western countries have been imported and adopted in African countries without adequate consideration of their relevance and appropriateness to the African context. In this study we attempted to elicit a priori principles of generalist medical practice from the experience of long-serving medical officers in a variety of African counties, through which we explored emergent principles of Family Medicine in our own context. Methods A descriptive study design was utilized, using qualitative methods. 16 respondents who were clinically active medical practitioners, working as generalists in the public services or non-profit sector for at least 5 years, and who had had no previous formal training or involvement in academic Family Medicine, were purposively selected in 8 different countries in southern, western and east Africa, and interviewed. Results The respondents highlighted a number of key issues with respect to the external environment within which they work, their collective roles, activities and behaviours, as well as the personal values and beliefs that motivate their behaviour. The context is characterized by resource constraints, high workload, traditional health beliefs, and the difficulty of referring patients to the next level of care. Generalist clinicians in sub-Saharan Africa need to be competent across a wide range of clinical disciplines and procedural skills at the level of the district hospital and clinic, in both chronic and emergency care. They need to understand the patient's perspective and context, empowering the patient and building an effective doctor-patient relationship. They are also managers, focused on coordinating and improving the quality of clinical care through teamwork, training and mentoring other health workers in the generalist setting, while being life-long learners themselves. However, their role in the community, was

  15. Introduction of Renal Key Performance Indicators Associated with Increased Uptake of Peritoneal Dialysis in a Publicly Funded Health Service.

    Science.gov (United States)

    Toussaint, Nigel D; McMahon, Lawrence P; Dowling, Gregory; Holt, Stephen G; Smith, Gillian; Safe, Maria; Knight, Richard; Fair, Kathleen; Linehan, Leanne; Walker, Rowan G; Power, David A

    2017-01-01

    ♦ BACKGROUND: Increased demand for treatment of end-stage kidney disease has largely been accommodated by a costly increase in satellite hemodialysis (SHD) in most jurisdictions. In the Australian State of Victoria, a marked regional variation in the uptake of home-based dialysis suggests that use of home therapies could be increased as an alternative to SHD. An earlier strategy based solely on increased remuneration had failed to increase uptake of home therapies. Therefore, the public dialysis funder adopted the incidence and prevalence of home-based dialysis therapies as a key performance indicator (KPI) for its health services to encourage greater uptake of home therapies. ♦ METHODS: A KPI data collection and bench-marking program was established in 2012 by the Victorian Department of Health and Human Services, with data provided monthly by all renal units in Victoria using a purpose-designed website portal. A KPI Working Group was responsible for analyzing data each quarter and ensuring indicators remained accurate and relevant and each KPI had clear definitions and targets. We present a prospective, observational study of all dialysis patients in Victoria over a 4-year period following the introduction of the renal KPI program, with descriptive analyses to evaluate the proportion of patients using home therapies as well as home dialysis modality survival. ♦ RESULTS: Following the introduction of the KPI program, the net growth of dialysis patient numbers in Victoria remained stable over 4 years, at 75 - 80 per year (approximately 4%). However, unlike the previous decade, about 40% of this growth was through an increase in home dialysis, which was almost exclusively peritoneal dialysis (PD). The increase was identified particularly in the young (20 - 49) and the elderly (> 80). Disappointingly, however, 67% of these incident patients ceased PD within 2 years of commencement, 46% of whom transferred to SHD. ♦ CONCLUSIONS: Introduction of a KPI program

  16. Privacy and Big Data

    CERN Document Server

    Craig, Terence

    2011-01-01

    Much of what constitutes Big Data is information about us. Through our online activities, we leave an easy-to-follow trail of digital footprints that reveal who we are, what we buy, where we go, and much more. This eye-opening book explores the raging privacy debate over the use of personal data, with one undeniable conclusion: once data's been collected, we have absolutely no control over who uses it or how it is used. Personal data is the hottest commodity on the market today-truly more valuable than gold. We are the asset that every company, industry, non-profit, and government wants. Pri

  17. The El-Gamal AA_{\\beta} Public Key Cryptosystem - A new approach utilizing the subset sum problem in designing an asymmetric cryptosystem

    CERN Document Server

    Ariffin, Muhammad Rezal Kamel; Ghani, Aniza Abdul; Atan, Kamel Ariffin Mohd; Abu, Nor Azman

    2010-01-01

    The El-Gamal AA_{\\beta} Public Key Cryptosystem is a new asymmetric cryptosystem based on the piecewise AA_{\\beta}-function. The AA_{\\beta}-function which is essentially a one way Boolean function was motivated by the squaring and multiplying process while computing g^a (mod p) in the Diffie Hellman key exchange procedure and also computing C \\equiv M^e (mod N) and M \\equiv C^d (mod N) in the RSA cryptosystem. It was also motivated by the add and double point operation E=kG in the elliptic curve cryptosystem. The hard mathematical problem surrounding this newly designed asymmetric cryptosystem is the NP-complete problem known as the subset sum problem. The El-Gamal AA_{\\beta} Public Key Cryptosystem mimics the El-Gamal Cryptosystem and the Elliptic Curve Cryptosystem by sending a two parameter ciphertext to the recipient.

  18. Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations (Extended Abstract)

    DEFF Research Database (Denmark)

    Bogdanov, Andrey; Knudsen, L.R.; Leander, Gregor

    2012-01-01

    show that the distribution of Fourier coefficients for the cipher over all keys is close to ideal. Lastly, we define a practical instance of the construction with t = 2 using AES referred to as AES2. Any attack on AES2 with complexity below 285 will have to make use of AES with a fixed known key...

  19. Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations (Extended Abstract)

    DEFF Research Database (Denmark)

    Bogdanov, Andrey; Knudsen, L.R.; Leander, Gregor

    2012-01-01

    This paper considers—for the first time—the concept of key-alternating ciphers in a provable security setting. Key-alternating ciphers can be seen as a generalization of a construction proposed by Even and Mansour in 1991. This construction builds a block cipher PX from an n-bit permutation P and...

  20. Medical information and the right to privacy

    Energy Technology Data Exchange (ETDEWEB)

    Drell, D. [ed.

    1994-06-01

    This report is a compilation of submitted abstracts of papers presented at the DOE-supported workshop on medical information and the right to privacy held at the National Academy of Sciences in Washington, DC, on June 9 and 10, 1994. The aim of this meeting is to provide a forum to discuss the legal, ethical and practical issues related to the computerization and use of medical data, as well as the potential impact the use of these data may have on an individual`s privacy. Topical areas include an overview of the Federal and legal requirements to collect medical data, historical experiences with worker screening programs, currently available medical surveillance technologies (both biomedical and computer technologies) and their limitations. In addition, an-depth assessment of the needs and interests of a wide spectrum of parties as they relate to the use of medical data from both a legal and privacy perspective is provided. The needs of the individual, the public (e.g., blood and tissue banks), private enterprises (e.g., industry and insurance carriers), and the government (e.g., FBI) are discussed. Finally, the practical and legal issues relating to the use of computers to carry, store and transmit this information are also examined. The abstracts are presented in the intended order of presentation as indicated in the agenda for the meeting.

  1. Medical information and the right to privacy

    Energy Technology Data Exchange (ETDEWEB)

    Drell, D. [ed.

    1994-06-01

    This report is a compilation of submitted abstracts of papers presented at the DOE-supported workshop on medical information and the right to privacy held at the National Academy of Sciences in Washington, DC, on June 9 and 10, 1994. The aim of this meeting is to provide a forum to discuss the legal, ethical and practical issues related to the computerization and use of medical data, as well as the potential impact the use of these data may have on an individual`s privacy. Topical areas include an overview of the Federal and legal requirements to collect medical data, historical experiences with worker screening programs, currently available medical surveillance technologies (both biomedical and computer technologies) and their limitations. In addition, an-depth assessment of the needs and interests of a wide spectrum of parties as they relate to the use of medical data from both a legal and privacy perspective is provided. The needs of the individual, the public (e.g., blood and tissue banks), private enterprises (e.g., industry and insurance carriers), and the government (e.g., FBI) are discussed. Finally, the practical and legal issues relating to the use of computers to carry, store and transmit this information are also examined. The abstracts are presented in the intended order of presentation as indicated in the agenda for the meeting.

  2. 公安网络舆情分析中的关键技术研究%Research on key technologies of public security network public opinion analysis

    Institute of Scientific and Technical Information of China (English)

    李燕

    2015-01-01

    Faced with online public opinions, It’s a practical problem which must be deeply studied and confronted for the public security organs on how to find , collect, analyze and deal with these opinions timely, and effectively enhance the credibility of the public security organization. Therefore, this article will be focused on a study related to public security methods and techniques involved in the network public opinion analysis.%面对网络舆情,公安机关如何及时发现并采集、分析并处理,切实提升公安机关的公信力,是公安机关必须深入研究和对待的现实问题。本文重点就公安网络舆情分析中涉及的相关方法和技术展开研究。

  3. A Generic Privacy Quantification Framework for Privacy-Preserving Data Publishing

    Science.gov (United States)

    Zhu, Zutao

    2010-01-01

    In recent years, the concerns about the privacy for the electronic data collected by government agencies, organizations, and industries are increasing. They include individual privacy and knowledge privacy. Privacy-preserving data publishing is a research branch that preserves the privacy while, at the same time, withholding useful information in…

  4. A Generic Privacy Quantification Framework for Privacy-Preserving Data Publishing

    Science.gov (United States)

    Zhu, Zutao

    2010-01-01

    In recent years, the concerns about the privacy for the electronic data collected by government agencies, organizations, and industries are increasing. They include individual privacy and knowledge privacy. Privacy-preserving data publishing is a research branch that preserves the privacy while, at the same time, withholding useful information in…

  5. 48 CFR 39.105 - Privacy.

    Science.gov (United States)

    2010-10-01

    ... 48 Federal Acquisition Regulations System 1 2010-10-01 2010-10-01 false Privacy. 39.105 Section 39... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 39.105 Privacy. Agencies shall ensure that contracts for information technology address protection of privacy in accordance with the Privacy Act (5 U.S.C...

  6. Employee Privacy Rights: A Management Guide.

    Science.gov (United States)

    Shepard, Ira Michael; Olsen, Harry

    Employee privacy rights are considered, along with practical problems and permissible parameters of employer activity. Included is a state-by-state analysis of the status of workplace privacy. Definitions are offered of "invasion of privacy," with attention to four types of privacy invasions: (1) placing someone in a "false light," (2) the public…

  7. Police in the Dorms: Student Safety or Privacy Infringement?

    Science.gov (United States)

    Hoover, Eric

    2008-01-01

    Since 1970, officers on the Seattle campus have regularly patrolled the hallways of dormitories of the University of Washington. It is a community-policing strategy, a low-key way to engage students. However, the practice might cease this fall. In June, the state's Court of Appeals ruled that students have the same right to privacy in dormitory…

  8. ANALYSIS OF DIFFERENT PRIVACY PRESERVING CLOUD STORAGE FRAMEWORKS

    Directory of Open Access Journals (Sweden)

    Rajeev Bedi

    2012-01-01

    Full Text Available Privacy Security of data in Cloud Storage is one of the main issues. Many Frameworks and Technologiesare used to preserve data security in cloud storage. [1] Proposes a framework which includes the designof data organization structure, the generation and management of keys, the treatment of change of user’saccess right and dynamic operations of data, and the interaction between participants. It also design aninteractive protocol and an extirpation-based key derivation algorithm, which are combined with lazyrevocation, it uses multi-tree structure and symmetric encryption to form a privacy-preserving, efficientframework for cloud storage. [2] Proposes a framework which design a privacy-preserving cloudstorage framework in which he designed an interaction protocol among participants, use key derivationalgorithm to generate and manage keys, use both symmetric and asymmetric encryption to hide thesensitive data of users, and apply Bloom filter for cipher text retrieval. A system based on this frameworkis realized. This paper analyzes both the frameworks in terms of the feasibility of the frameworks,running overhead of the system and the privacy security of the frameworks.

  9. Challenges, alternatives, and paths to sustainability: better public health promotion using social networking pages as key tools.

    Science.gov (United States)

    Zaidan, A A; Zaidan, B B; Kadhem, Z; Larbani, M; Lakulu, M B; Hashim, M

    2015-02-01

    This paper discusses the possibility of promoting public health and implementing educational health services using Facebook. We discuss the challenges and strengths of using such a platform as a tool for public health care systems from two different perspectives, namely, the view of IT developers and that of physicians. We present a new way of evaluating user interactivity in health care systems from tools provided by Facebook that measure statistical traffic in the Internet. Findings show that Facebook is a very promising tool in promoting e-health services in Web 2.0. Results from statistical traffic show that a Facebook page is more efficient than other pages in promoting public health.

  10. Evaluation of unique identifiers used as keys to match identical publications in Pure and SciVal

    DEFF Research Database (Denmark)

    Madsen, Heidi Holst; Madsen, Dicte; Gauffriau, Marianne

    2016-01-01

    , and erroneous optical or special character recognition. The case study explores the use of UIDs in the integration between the databases Pure and SciVal. Specifically journal publications in English are matched between the two databases. We find all error types except erroneous optical or special character...... recognition in our publication sets. In particular the duplicate DOIs constitute a problem for the calculation of bibliometric indicators as both keeping the duplicates to improve the reliability of citation counts and deleting them to improve the reliability of publication counts will distort the calculation...

  11. 可撤销的公钥加密方案的形式化分析%Revocable Public-Key Cryptosystems Formal Analysis

    Institute of Scientific and Technical Information of China (English)

    于瑞琴

    2011-01-01

    通常的密码系统,IBE或者PKI都必须提供从系统中撤销用户私钥的途径,同样PEKS也应该提供撤销陷门的方式.本文研究了可高效撤销的无需安全信道的带关键字搜索公钥加密方案的形式化定义及安全模型.基于BDH问题,可证明方案的安全性.%Any setting,Public-key Infrastructure or Identity-Based.Must provide a means to revoke users from the system.Efficient revocation is a well-studied problem in the traditional Public-Key Infrastructure or Identity-Based Encryption.We propose revocable public key encryption with Key words search scheme of formalized definition and the security model in the paper.Based on bilinear dilinear diffie-hellman,the security of the scheme can be proved.

  12. Advanced research in data privacy

    CERN Document Server

    Torra, Vicenç

    2015-01-01

    This book provides an overview of the research work on data privacy and privacy enhancing technologies carried by the participants of the ARES project. ARES (Advanced Research in Privacy an Security, CSD2007-00004) has been one of the most important research projects funded by the Spanish Government in the fields of computer security and privacy. It is part of the now extinct CONSOLIDER INGENIO 2010 program, a highly competitive program which aimed to advance knowledge and open new research lines among top Spanish research groups. The project started in 2007 and will finish this 2014. Composed by 6 research groups from 6 different institutions, it has gathered an important number of researchers during its lifetime. Among the work produced by the ARES project, one specific work package has been related to privacy. This books gathers works produced by members of the project related to data privacy and privacy enhancing technologies. The presented works not only summarize important research carried in the proje...

  13. Nursing professional facing patient privacy

    Directory of Open Access Journals (Sweden)

    Fidel López Espuela

    2010-05-01

    Full Text Available Privacy of patients admitted to the hospital is played down in favour of other needs considered more basic by the healthcare system and more related to the disease than to patients themselves. Situations and factors where privacy is damaged are frequent, but it is known that when these are avoided by professionals’ attitude, through strategies and different mechanisms, it becomes one of the most satisfactory elements to patients.Objectives: To identify and analyze situations and factors which affect privacy in hospital environment as well as the adaptation capacity of patients to them.Methodology: Phenomenological, qualitative research. By means of discussion groups with professionals, the following questions where answered: ‘What do professionals understand by privacy? Which situations and factors jeopardize it during the hospital stay? How do they think patients get adapted?Results: The concept of privacy is complex, personal and non-transferable. Situations in which it is jeopardized were divided in 5 main areas. Numerous behaviors regarding adaptation of patients to these were collected.Discussion: Although there is little nursery research referring to privacy and its defense in the professional-patient relationship field, concern about this aspect always shown by nursery staff stands out.As a conclussion, we observe the need to complement this research with the perception patients have about these same questions, establishing the importance they give to privacy.

  14. 75 FR 23274 - Privacy Act of 1974; Department of Homeland Security United States Immigration Customs and...

    Science.gov (United States)

    2010-05-03

    ... use in the enforcement Federal firearms laws (e.g., Brady Act). BB. To Federal, State, local, tribal... facility. HH. To the news media and the public, with the approval of the Chief Privacy Officer in...

  15. Student Privacy and Educational Data Mining: Perspectives from Industry

    Science.gov (United States)

    Sabourin, Jennifer; Kosturko, Lucy; FitzGerald, Clare; McQuiggan, Scott

    2015-01-01

    While the field of educational data mining (EDM) has generated many innovations for improving educational software and student learning, the mining of student data has recently come under a great deal of scrutiny. Many stakeholder groups, including public officials, media outlets, and parents, have voiced concern over the privacy of student data…

  16. 76 FR 20341 - Privacy Act of 1974; Systems of Records

    Science.gov (United States)

    2011-04-12

    ... Liaison Officer, Department of Defense. S190.24 System name: Biography File (May 26, 2009, 74 FR 24831....24 System name: Biography File. System location: Headquarters, Defense Logistics Agency (DLA), Public... of the Secretary Privacy Act of 1974; Systems of Records AGENCY: Defense Logistics Agency,...

  17. 75 FR 53262 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2010-08-31

    ... criminal law enforcement functions and responsibilities of the FBI. Public comment is invited. DATES... violations of criminal law. Revealing this information could also permit the record subject to obtain... Privacy Act in order to avoid interference with the law enforcement, intelligence and...

  18. Scoping Electronic Communication Privacy Rules: Data, Services and Values

    NARCIS (Netherlands)

    van Hoboken, J.; Zuiderveen Borgesius, F.

    2015-01-01

    We use electronic communication networks for more than simply traditional telecommunications: we access the news, buy goods online, file our taxes, contribute to public debate, and more. As a result, a wider array of privacy interests is implicated for users of electronic communications networks and

  19. 77 FR 5860 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2012-02-06

    ... receiving entity. D. To disclose information to a Federal, state, local, or tribal or other public authority... entities. These records are not subject to the Privacy Act. CATEGORIES OF RECORDS IN THE SYSTEM: Every..., sole proprietors, and other legal entities that have applied for, sought, or received Federal funds...

  20. 78 FR 50041 - Privacy Act of 1974, as Amended

    Science.gov (United States)

    2013-08-16

    ... voluntarily with the CFPB through various social media sites and services. They may also contain information... social media sites and services, or as a result of public outreach. EXEMPTIONS CLAIMED FOR THE SYSTEM... CFPB revises its Privacy Act System of Records Notice (SORN) ``CFPB.006--Social Networks and Citizen...

  1. Towards Privacy Managment of Information Systems

    OpenAIRE

    Drageide, Vidar

    2009-01-01

    This masters thesis provides insight into the concept of privacy. It argues why privacy is important, and why developers and system owners should keep privacy in mind when developing and maintaining systems containing personal information. Following this, a strategy for evaluating the overall level of privacy in a system is defined. The strategy is then applied to parts of the cellphone system in an attempt to evaluate the privacy of traffic and location data in this system.

  2. A Privacy Manager for Cloud Computing

    Science.gov (United States)

    Pearson, Siani; Shen, Yun; Mowbray, Miranda

    We describe a privacy manager for cloud computing, which reduces the risk to the cloud computing user of their private data being stolen or misused, and also assists the cloud computing provider to conform to privacy law. We describe different possible architectures for privacy management in cloud computing; give an algebraic description of obfuscation, one of the features of the privacy manager; and describe how the privacy manager might be used to protect private metadata of online photos.

  3. Privacy-Preserving Trajectory Collection

    DEFF Research Database (Denmark)

    Gidofalvi, Gyozo; Xuegang, Huang; Pedersen, Torben Bach

    2008-01-01

    In order to provide context--aware Location--Based Services, real location data of mobile users must be collected and analyzed by spatio--temporal data mining methods. However, the data mining methods need precise location data, while the mobile users want to protect their location privacy....... To remedy this situation, this paper first formally defines novel location privacy requirements. Then, it briefly presents a system for privacy--preserving trajectory collection that meets these requirements. The system is composed of an untrusted server and clients communicating in a P2P network. Location...

  4. User Privacy and Empowerment:

    DEFF Research Database (Denmark)

    Dhotre, Prashant Shantaram; Olesen, Henning; Khajuria, Samant

    2017-01-01

    of personal information and its manage-ment. Thus, empowering users and enhancing awareness are essential to compre-hending the value of secrecy. This paper also introduced latest advances in the domain of privacy issues like User Managed Access (UMA) can state suitable requirements for user empowerment...... and will cater to redefine the trustworthy relationship between service providers and users. Subsequently, this paper con-cludes with suggestions for providing empowerment to the user and developing user-centric, transparent business models.......Today, the service providers are capable of assembling a huge measure of user information using Big data techniques. For service providers, user infor-mation has become a vital asset. The present business models are attentive to collect extensive users’ information to extract useful knowledge...

  5. Attribute-Based Signcryption: Signer Privacy, Strong Unforgeability and IND-CCA Security in Adaptive-Predicates Model (Extended Version

    Directory of Open Access Journals (Sweden)

    Tapas Pandit

    2016-08-01

    Full Text Available Attribute-Based Signcryption (ABSC is a natural extension of Attribute-Based Encryption (ABE and Attribute-Based Signature (ABS, where one can have the message confidentiality and authenticity together. Since the signer privacy is captured in security of ABS, it is quite natural to expect that the signer privacy will also be preserved in ABSC. In this paper, first we propose an ABSC scheme which is weak existential unforgeable and IND-CCA secure in adaptive-predicates models and, achieves signer privacy. Then, by applying strongly unforgeable one-time signature (OTS, the above scheme is lifted to an ABSC scheme to attain strong existential unforgeability in adaptive-predicates model. Both the ABSC schemes are constructed on common setup, i.e the public parameters and key are same for both the encryption and signature modules. Our first construction is in the flavor of CtE&S paradigm, except one extra component that will be computed using both signature components and ciphertext components. The second proposed construction follows a new paradigm (extension of CtE&S , we call it “Commit then Encrypt and Sign then Sign” (CtE&S . The last signature is generated using a strong OTS scheme. Since, the non-repudiation is achieved by CtE&S paradigm, our systems also achieve the same.

  6. On Breaching Enterprise Data Privacy Through Adversarial Information Fusion

    CERN Document Server

    Ganta, Srivatsava Ranjit

    2008-01-01

    Data privacy is one of the key challenges faced by enterprises today. Anonymization techniques address this problem by sanitizing sensitive data such that individual privacy is preserved while allowing enterprises to maintain and share sensitive data. However, existing work on this problem make inherent assumptions about the data that are impractical in day-to-day enterprise data management scenarios. Further, application of existing anonymization schemes on enterprise data could lead to adversarial attacks in which an intruder could use information fusion techniques to inflict a privacy breach. In this paper, we shed light on the shortcomings of current anonymization schemes in the context of enterprise data. We define and experimentally demonstrate Web-based Information- Fusion Attack on anonymized enterprise data. We formulate the problem of Fusion Resilient Enterprise Data Anonymization and propose a prototype solution to address this problem.

  7. ELGamal public key cryptosystem based on multiplicative group Zp*%基于乘法群Zp*的ELGamal公钥密码系统

    Institute of Scientific and Technical Information of China (English)

    孙立宏

    2011-01-01

    为了解决发送方与接收方不能识别对方身份的问题,在研究E1Gamal密码体制的基础上,给出了一种基于乘法群Zn*的ELGamal公钥密码体制。结果表明:该算法可以实现通信双方的双向身份认证,有效地防止了攻击者冒充发送方伪造要发送的消息。同时该算法在通信过程中加入了可以追踪消息来源的信息,使得接收者可以对消息的真实性进行有效的验证。通过对消息的双重保护,该体制实现了在公开信道上的安全通信。%In the public key cryptography system, the sender encrypts the messages with the recipient's public key and the receiver decrypts them with their own secret key, which results in that the two sides are unable to recognize each other. In order to solve the problem above, an ELGamal public key cryptosystem based on multiplicative group Zp* has been presented in this paper. The bidirectional identity authentication between both communications sides are supplied in the proposed algorithm, which successfully prevents the attacker sending a forged message in the identity of sender. In addition, the algorithm also adds the information to track the sources of message in the communication process, which allows the message recipients verifying the authenticity of message effectively. The system implements a secured communication in the public channel through a dual protection on message.

  8. Privacy Preserving Distributed Data Mining

    Data.gov (United States)

    National Aeronautics and Space Administration — Distributed data mining from privacy-sensitive multi-party data is likely to play an important role in the next generation of integrated vehicle health monitoring...

  9. Privacy Impact Assessment (PIA) Repository

    Data.gov (United States)

    Department of Veterans Affairs — This repository contains Privacy Impact Assessments (PIA) that have been vetted/approved. Section 208 of the Electronic Government Act of 2002 (E-Gov Act) requires...

  10. First Chinese public hospital wins Joint Commission International accreditation: the Health Information Department played a key role in the process.

    Science.gov (United States)

    Shaffer, Audrey; Jun, Cheng Li

    2008-07-01

    Sir Run Run Shaw Hospital in Hangzhou, China spent five years preparing for a Joint Commission International accreditation survey. In March 2007 it became the first public hospital on the Chinese mainland to attain international accreditation. The Health Information Department, managed according to Western standards, played an integral role in preparing the hospital for the survey.

  11. Social Networks’ Benefits, Privacy, and Identity Theft: KSA Case Study

    Directory of Open Access Journals (Sweden)

    Ahmad A. Al-Daraiseh

    2014-12-01

    Full Text Available Privacy breaches and Identity Theft cases are increasing at an alarming rate. Social Networking Sites (SN’s are making it worse. Facebook (FB, Twitter and other SN’s offer attackers a wide and easily accessible platform. Privacy in the Kingdom of Saudi Arabia (KSA is extremely important due to cultural beliefs besides the other typical reasons. In this research we comprehensively cover Privacy and Identity Theft in SNs from many aspects; such as, methods of stealing, contributing factors, ways to use stolen information, examples and other aspects. A study on the local community was also conducted. In the survey, the participants were asked about privacy on SN’s, SN’s privacy policies, and whether they think that SN’s benefits outweigh their risks. A social experiment was also conducted on FB and Twitter to show how fragile the systems are and how easy it is to gain access to private profiles. Results from the survey are scary: 43% of all the accounts are public, 76% of participants do not read the policies, and almost 60% believe that the benefits of SN’s outweigh their risks. Not too far from this, the results of the experiment show that it is extremely easy to obtain information from private accounts on FB and Twitter.

  12. Security and privacy in biometrics

    CERN Document Server

    Campisi, Patrizio

    2013-01-01

    This important text/reference presents the latest secure and privacy-compliant techniques in automatic human recognition. Featuring viewpoints from an international selection of experts in the field, the comprehensive coverage spans both theory and practical implementations, taking into consideration all ethical and legal issues. Topics and features: presents a unique focus on novel approaches and new architectures for unimodal and multimodal template protection; examines signal processing techniques in the encrypted domain, security and privacy leakage assessment, and aspects of standardizati

  13. Developing Key Performance Indicators to Measure the Effectiveness of Early Facilities Management Performance on BIM Governed Public Sector Projects

    OpenAIRE

    McAuley, Barry; Hore, Alan; West, Roger

    2015-01-01

    Governments across the globe are now recognising the need to take steps to better manage their property portfolios due to the escalating costs of operating these buildings over their lifetime. This has seen them turn towards innovative work practices and technologies offered by Building Information Modelling (BIM). It is now becoming increasingly evident that BIM can bring significant added value to the design, construction and most importantly to the operational life of a public sector devel...

  14. Dissemination of public health information: key tools utilised by the NECOBELAC network in Europe and Latin America

    Science.gov (United States)

    De Castro, Paola; Marsili, Daniela; Poltronieri, Elisabetta; Calderón, Carlos Agudelo

    2012-01-01

    Background Open Access (OA) to scientific information is an important step forward in communication patterns, yet we still need to reinforce OA principles to promote a cultural change of traditional publishing practices. The advantages of free access to scientific information are even more evident in public health where knowledge is directly associated with human wellbeing. Objectives An OA ‘consolidation’ initiative in public health is presented to show how the involvement of people and institutions is fundamental to create awareness on OA and promote a cultural change. This initiative is developed within the project NEtwork of COllaboration Between Europe and Latin American Caribbean countries (NECOBELAC), financed by the European Commission. Methods Three actions are envisaged: Capacity building through a flexible and sustainable training programme on scientific writing and OA publishing; creation of training tools based on semantic web technologies; development of a network of supporting institutions. Results In 2010–2011, 23 training initiatives were performed involving 856 participants from 15 countries; topic maps on scientific publication and OA were produced; 195 institutions are included in the network. Conclusions Cultural change in scientific dissemination practices is a long process requiring a flexible approach and strong commitment by all stakeholders. PMID:22630360

  15. How Well Are We Respecting Patient Privacy in Medical Imaging? Lessons Learnt From a Departmental Audit.

    Science.gov (United States)

    Dilauro, Marc; Thornhill, Rebecca; Fasih, Najla

    2016-11-01

    Preservation of patient privacy and dignity are basic requirements for all patients visiting a hospital. The purpose of this study was to perform an audit of patients' satisfaction with privacy whilst in the Department of Medical Imaging (MI) at the Civic Campus of the Ottawa Hospital. Outpatients who underwent magnetic resonance imaging (MRI), computed tomography (CT), ultrasonography (US), and plain film (XR) examinations were provided with a survey on patient privacy. The survey asked participants to rank (on a 6-point scale ranging from 6 = excellent to 1 = no privacy) whether their privacy was respected in 5 key locations within the Department of MI. The survey was conducted over a consecutive 5-day period. A total of 502 surveys were completed. The survey response rate for each imaging modality was: 55% MRI, 42% CT, 45% US, and 47% XR. For each imaging modality, the total percentage of privacy scores greater than or equal to 5 were: 98% MRI, 96% CT, 94% US, and 92% XR. Privacy ratings for the MRI reception and waiting room areas were significantly higher in comparison to the other imaging modalities (P = .0025 and P = .0227, respectively). Overall, patient privacy was well respected within the Department of MI. Copyright © 2016 Canadian Association of Radiologists. Published by Elsevier Inc. All rights reserved.

  16. 基于CPK组合公钥的电子签章技术研究%Study on Electronic Signature Technology based on Combined Public Key

    Institute of Scientific and Technical Information of China (English)

    范志强; 李成; 马兆丰; 芦效峰; 钮心忻

    2011-01-01

    With the development of e-government and e-commerce,the electronic documents have gradually replaced traditional paper-based documentation. Thus,how to ensure the security of the electronic document has become the key to the farther successful application of e-government and e-business.?The adoptions of CPK(Combined Public Key) in the design of electronic signature system and ID certificate in digital signature and verification,could make any two users confirm public key information only by their own identity labels with any dependence the trusted third party validation,thus simplifying the key exchange agreement,ensuring the documents integrity,confidentiality and undesirability,and realizing the efficient safe electronic signature system.%随着中国电子政务与电子商务的发展,电子文档已经逐渐取代传统的纸质文档。因此,如何保证电子文档的安全已经成为电子政务与电子商务进一步深入与成功应用的关键。采用组合公钥密码体制(Combined Public Key,CPK)设计电子签章系统,利用ID证书来进行数字签名与验证,使任何两个用户之间仅通过对方身份标识即可确认公钥信息,不依靠可信第三方验证,并简化了密钥交换协议,保证了文档的完整性、机密性和不可抵赖性,实现了高效安全的电子签章系统。

  17. Improving System Security and User Privacy in Secure Electronic Transaction (SET with X.509 v3 Certificate

    Directory of Open Access Journals (Sweden)

    Saidu Muhammad

    2015-04-01

    Full Text Available With the advancement of internets, user’s transaction is at ease, timely manner and effective wise through online payment method, so also cybercriminals become increasingly more prompt in areas like e-commerce sites, financial institutions, payment processes and other online transactions. Therefore the need for the system security and privacy became the central issues for the acceptance of online payment methods in particular and growth of the Internet market in general. Using SET as an open encryption and security specification designed to protect credit card transaction on the internet. This paper proposes a new approach for increasing security by avoiding privacy violation using Public Key Infrastructure, X.509 certificate and Format Preservation encryption method, the credit card number is encrypted using public key algorithm and re-encrypted using Format preservation Encryption algorithm and finally stored in the X.509 version 3 certificate private extensions. This technique can be used to improve the security of the user credit card information against card fraud or the compromise of data associated with the account.

  18. Key points for developing an international declaration on nursing, human rights, human genetics and public health policy.

    Science.gov (United States)

    Anderson, G; Rorty, M V

    2001-05-01

    Human rights legislation pertaining to applications of human genetic science is still lacking at an international level. Three international human rights documents now serve as guidelines for countries wishing to develop such legislation. These were drafted and adopted by the United Nations Educational, Scientific and Cultural Organization, the Human Genome Organization, and the Council of Europe. It is critically important that the international nursing community makes known its philosophy and practice-based knowledge relating to ethics and human rights, and contributes to the globalization of genetics. Nurses have particular expertise because they serve in a unique role at grass roots level to mediate between genetic science and its application to public health policies and medical interventions. As a result, nurses worldwide need to focus a constant eye on human rights ideals and interpret these within social, cultural, economic and political contexts at national and local levels. The purpose of this article is to clarify and legitimate the need for an international declaration on nursing, human rights, human genetics and public health policy. Because nurses around the world are the professional workforce by which genetic health care services and genetic research protocols will be delivered in the twenty-first century, members of the discipline of nursing need to think globally while acting locally. Above all other disciplines involved in genetics, nursing is in a good position to articulate an expanded theory of ethics beyond the principled approach of biomedical ethics. Nursing is sensitive to cultural diversity and community values; it is sympathetic to and can introduce an ethic of caring and relational ethics that listen to and accommodate the needs of local people and their requirements for public health.

  19. 78 FR 29786 - Computer Matching and Privacy Protection Act of 1988; Report of Matching Program: RRB and State...

    Science.gov (United States)

    2013-05-21

    ... Privacy Act Systems of Records notices on our public Web site at: ( http://www.rrb.gov/bis/privacy_act... in the records will consist of beneficiary identifying information such as: name, Social Security... ongoing computer matching program. In this match, we provide certain Medicare and benefit rate information...

  20. Innovative electronic publication in plant systematics: PhytoKeys and the changes to the “Botanical Code” accepted at the XVIII International Botanical Congress in Melbourne

    Directory of Open Access Journals (Sweden)

    W. John Kress

    2011-09-01

    Full Text Available PhytoKeys was established less than a year ago in response to four main publication challenges of our time: (1 the appearance of electronic publications as amendments or even alternatives to paper publications; (2 Open Access (OA as a new publishing model; (3 the linkage of electronic registers, indices, and aggregators, which summarize information on biological species through taxonomic names or their persistent identifiers; and (4 Web 2.0 technologies, which permit the semantic markup of, and semantic enhancements to, published biological texts. The appearance of the journal was concomitant with lively discussions on the validity of nomenclatural acts published electronically (Knapp and Wright 2010, Knapp et al. 2010, Penev et al. 2010, Chapman et al. 2010. At the XVIII International Botanical Congress in Melbourne in July 2011 (IBC 2011 these discussions culminated in the decision to amend the International Code of Botanical Nomenclature to allow electronic-only publishing of new taxa. Even before the end of the Congress and formal acceptance of the changes PhytoKeys was able to publish a report on the main outcomes of the Nomenclature Section on electronic publishing (Miller et al. 2011.

  1. Pervasive Computing, Privacy and Distribution of the Self

    Directory of Open Access Journals (Sweden)

    Soraj Hongladarom

    2011-05-01

    Full Text Available The emergence of what is commonly known as “ambient intelligence” or “ubiquitous computing” means that our conception of privacy and trust needs to be reconsidered. Many have voiced their concerns about the threat to privacy and the more prominent role of trust that have been brought about by emerging technologies. In this paper, I will present an investigation of what this means for the self and identity in our ambient intelligence environment. Since information about oneself can be actively distributed and processed, it is proposed that in a significant sense it is the self itself that is distributed throughout a pervasive or ubiquitous computing network when information pertaining to the self of the individual travels through the network. Hence privacy protection needs to be extended to all types of information distributed. It is also recommended that appropriately strong legislation on privacy and data protection regarding this pervasive network is necessary, but at present not sufficient, to ensure public trust. What is needed is a campaign on public awareness and positive perception of the technology.

  2. 76 FR 67763 - Privacy Act of 1974; Privacy Act System of Records

    Science.gov (United States)

    2011-11-02

    ... SPACE ADMINISTRATION Privacy Act of 1974; Privacy Act System of Records AGENCY: National Aeronautics and Space Administration (NASA). ACTION: Notice of proposed revisions to an existing Privacy Act system of records. SUMMARY: Pursuant to the provisions of the Privacy Act of 1974 (5 U.S.C. 552a), the National...

  3. The privacy coach: Supporting customer privacy in the internet of things

    NARCIS (Netherlands)

    Broenink, E.G.; Hoepman, J.H.; Hof, C. van 't; Kranenburg, R. van; Smits, D.; Wisman, T.

    2010-01-01

    The Privacy Coach is an application running on a mobile phone that supports customers in making privacy decisions when confronted with RFID tags. The approach we take to increase customer privacy is a radical departure from the mainstream research efforts that focus on implementing privacy enhancing

  4. 78 FR 77719 - Privacy Act of 1974; Privacy Act System of Records

    Science.gov (United States)

    2013-12-24

    ... SPACE ADMINISTRATION Privacy Act of 1974; Privacy Act System of Records AGENCY: National Aeronautics and Space Administration (NASA). ACTION: Notice of Privacy Act system of records. SUMMARY: Pursuant to the provisions of the Privacy Act of 1974 (5 U.S.C. 552a), the National Aeronautics and Space Administration is...

  5. 76 FR 64115 - Privacy Act of 1974; Privacy Act System of Records

    Science.gov (United States)

    2011-10-17

    ... SPACE ADMINISTRATION Privacy Act of 1974; Privacy Act System of Records AGENCY: National Aeronautics and Space Administration (NASA). ACTION: Notice of the retirement of one Privacy Act system of records notice. SUMMARY: In accordance with the Privacy Act of 1974, NASA is giving notice that it proposes to...

  6. 75 FR 81205 - Privacy Act: Revision of Privacy Act Systems of Records

    Science.gov (United States)

    2010-12-27

    ... Office of the Secretary Privacy Act: Revision of Privacy Act Systems of Records AGENCY: Office of the Secretary, USDA. ACTION: Notice to Revise Privacy Act Systems of Records. SUMMARY: Notice is hereby given that the United States Department of Agriculture (USDA) proposes to revise two Privacy Act Systems of...

  7. 76 FR 64114 - Privacy Act of 1974; Privacy Act System of Records

    Science.gov (United States)

    2011-10-17

    ... SPACE ADMINISTRATION Privacy Act of 1974; Privacy Act System of Records AGENCY: National Aeronautics and Space Administration (NASA). ACTION: Notice of proposed revisions to an existing Privacy Act system of records. SUMMARY: Pursuant to the provisions of the Privacy Act of 1974 (5 U.S.C. 552a), the National...

  8. 76 FR 64112 - Privacy Act of 1974; Privacy Act System of Records Appendices

    Science.gov (United States)

    2011-10-17

    ... SPACE ADMINISTRATION Privacy Act of 1974; Privacy Act System of Records Appendices AGENCY: National Aeronautics and Space Administration (NASA). ACTION: Revisions of NASA Appendices to Privacy Act System of... publishes with the Agency's systems of records under the Privacy Act of 1974. This notice publishes those...

  9. The privacy coach: Supporting customer privacy in the internet of things

    NARCIS (Netherlands)

    Broenink, E.G.; Hoepman, J.H.; Hof, C. van 't; Kranenburg, R. van; Smits, D.; Wisman, T.

    2010-01-01

    The Privacy Coach is an application running on a mobile phone that supports customers in making privacy decisions when confronted with RFID tags. The approach we take to increase customer privacy is a radical departure from the mainstream research efforts that focus on implementing privacy enhancing

  10. Cloud-assisted mobile-access of health data with privacy and auditability.

    Science.gov (United States)

    Tong, Yue; Sun, Jinyuan; Chow, Sherman S M; Li, Pan

    2014-03-01

    Motivated by the privacy issues, curbing the adoption of electronic healthcare systems and the wild success of cloud service models, we propose to build privacy into mobile healthcare systems with the help of the private cloud. Our system offers salient features including efficient key management, privacy-preserving data storage, and retrieval, especially for retrieval at emergencies, and auditability for misusing health data. Specifically, we propose to integrate key management from pseudorandom number generator for unlinkability, a secure indexing method for privacy-preserving keyword search which hides both search and access patterns based on redundancy, and integrate the concept of attribute-based encryption with threshold signing for providing role-based access control with auditability to prevent potential misbehavior, in both normal and emergency cases.

  11. Secure verifier-based three-party authentication schemes without server public keys for data exchange in telecare medicine information systems.

    Science.gov (United States)

    Lin, Tsung-Hung; Lee, Tian-Fu

    2014-05-01

    Secure verified-based three-party authentication scheme for data exchange in telecare medicine information systems enables two users only store their verifiers computed from their actual password in authentication server's database. Then the authentication server can verify the users' verifiers and help them to exchange electronic medical records or electronic health records securely and conveniently. This investigation presents an efficient and secure verified-based three-party authentication scheme for data exchange in telecare medicine information systems. The proposed scheme does not use server's public keys and includes the key confirmation without extra numbers of messages and rounds. Compared to related verified-based approaches, the proposed scheme possesses higher security, has lower computational cost and fewer transmissions, and thus is suitable for the telecare medicine information systems.

  12. A parallel realization for LUC algorithm of public key cryptosystems%公钥加密算法LUC的并行实现方法

    Institute of Scientific and Technical Information of China (English)

    杜珍珍; 陆正福; 周同; 杨春尧

    2016-01-01

    LUC是基于数论的公钥密码体制,相比RSA公钥密码体制,具有能够抵抗共模攻击的优点。但LUC算法因实现难度大,运算时间长而难以用于实际加密。而影响其运算速度的主要因素是密钥长度和模幂算法。本文参考相关文献工作,得到将密钥进行分段计算的公式,而后利用LUC序列的性质将密钥进行分段计算,并在多核系统下实现了LUC并行算法,从而提高了LUC算法的执行效率。%The LUC algorithm based on the number theory is one of the public key encryption, which resists common modu-lus attack comparing with the RSA public cyptosystem. But it is difficult for practical encryption and decryption as LUC is a long time of computing task. The main factor that affects the calculation speed of LUC encryption is key length and mode power algorithm. Reviewed with related references in this paper, we deduced the expression which computed by key division segmenta-tion, then applying the mathematical properties of LUC sequences, and the LUC algorithm is computed by key division segmen-tation, which is executed parallelly by implemented on multi-core platform, consequently, the computation efficiency of LUC al-gorithm is improved.

  13. Public Records 1995.

    Science.gov (United States)

    Pritchard-Schoch, Teresa

    1995-01-01

    Examines developments among public record information providers, including a shift from file acquisition to entire company acquisition. Highlights include a table of remote access to public records by state; pricing information; privacy issues; and information about the three main companies offering access to public records: LEXIS, CDB Infotek,…

  14. 39 CFR 262.5 - Systems (Privacy).

    Science.gov (United States)

    2010-07-01

    ... 39 Postal Service 1 2010-07-01 2010-07-01 false Systems (Privacy). 262.5 Section 262.5 Postal... DEFINITIONS § 262.5 Systems (Privacy). (a) Privacy Act system of records. A Postal Service system containing... individual. (c) Computer matching program. A “matching program,” as defined in the Privacy Act, 5 U.S.C. 552a...

  15. 城乡公交一体化规划的关键技术%Key Technology of Integrated Planning of Urban and Rural Public Transportation

    Institute of Scientific and Technical Information of China (English)

    王献香

    2014-01-01

    Integrated development of urban and rural passenger transport is the inevitability of the times, and it is the needs of China′s new urbanization development. Through the understanding of integration of urban and rural public transportation, the article analyzed the difference between the road passenger trans-port and public transport. Then it proposed key technologies of the urban and rural transit integrated plan-ning which are establishment of integrated rural hub system, integrated urban and rural public transporta-tion network structure, integration of urban and rural bus fare and sustainable public transport subsidy mechanism. At the same time, it studied the content of each key technology with cases.%统筹城乡客运发展是时代发展的必然性,也是我国新型城镇化发展的现实需要,通过对城乡公交一体化内涵的理解,对公路客运和公共交通之间差异性进行分析,提出城乡公交一体化规划关键技术,包括建立城乡一体的枢纽体系、城乡一体的线网结构、城乡一体票价体系和可持续的公交补贴机制,并结合案例对每项关键技术进行研究。

  16. A Privacy Data-Oriented Hierarchical MapReduce Programming Model

    Directory of Open Access Journals (Sweden)

    Haiwen Han

    2013-08-01

    Full Text Available To realize privacy data protection efficiently in hybrid cloud service, a hierarchical control architecture based multi-cluster MapReduce programming model (the Hierarchical MapReduce Model,HMR is presented. Under this hierarchical control architecture,  data isolation and placement among private cloud and public clouds according to the data privacy characteristic is implemented by the control center in private cloud.  And then, to perform the corresponding distributed parallel computation correctly under the multi-clusters mode that is different to the conventional single-cluster mode, the Map-Reduce-GlobalReduce three stage scheduling process is designed. Limiting the computation about privacy data in private cloud while outsourcing the computation about non-privacy data to public clouds as much as possible, HMR reaches the performance of both security and low cost.  

  17. 略论英国隐私权保护的发展%Developments in Privacy Laws in the UK

    Institute of Scientific and Technical Information of China (English)

    何冰洁

    2014-01-01

    Historically, British courts offered very limited protection in respect of the invasion of privacy. In 2000, the European Convention of Human Rights was incorporated into English law, providing an explicit right for everyone to respect for private life, home and correspondence. Since then, the law of privacy in the UK has developed through a series of key cases like Camp-bell v. Mirror Group Newspapers, Mosley v News Group Newspapers Ltd., and Murray v Big Pictures (UK) Ltd., to name just a few. It could be seen that the privacy laws has been developing in the discussion of public interest, definition of private place and public place, scope of private life, the privacy of children, and the balance between individuals ’right to privacy and the freedom of speech, etc.%长久以来,英国法律并未将隐私权列为法定权利,对隐私的保护零散而有限。直至2000年10月,《欧洲人权公约》被纳入英国法律,才有了对私人生活、家庭、通信等隐私的明确保护。自此之后,发生了一系列具有重要意义的案例,如名模纳奥米·坎贝尔起诉《镜报》发布其离开戒毒所的照片、国际汽联主席莫斯利诉《世界新闻报》曝光其不雅照、《哈利波特》作者JK罗琳起诉媒体侵犯其幼子隐私等。英国对隐私权的保护也因而不断拓展完善,如在裁决中考虑披露的信息是否具有公共利益、私人场所与公共场合的划分、私人生活的界定、对儿童隐私权的保护,以及平衡隐私权与言论自由等。但直至今日,英国仍未制定专门的隐私保护法。

  18. New method to solve collusion attack and key collision in combined public key%解决组合公钥共谋攻击和密钥碰撞的新方法

    Institute of Scientific and Technical Information of China (English)

    LI Fang-wei; MA An-jun; ZHU Jiang; YU Hang

    2014-01-01

    The purpose of this paper is to solve the problem of collusion attack and key collision in combined public key crypto-system. First, for the linear collusion attacks, this paper proposed a new method to construct seed matrix, it made the sum of seeds gre%以解决组合公钥体制中共谋攻击和密钥碰撞问题为目的。首先,针对线性共谋攻击,提出了一种新的构造种子矩阵的方法,使得种子密钥和大于基点加法群的阶数,从而使密钥之间不能相互线性表示。其次在密钥的生产过程中,引入系数破坏了层不同和层互斥不同的关系,为解决选择共谋攻击提供了一种有效的方法,同时增强了抵御随机共谋攻击的能力。最后,在密钥产生的流程中,通过公钥对比来避免密钥碰撞,为解决密钥碰撞问题提出了一种新方法。

  19. Fetal privacy and confidentiality.

    Science.gov (United States)

    Botkin, J R

    1995-01-01

    With the advent of new and better contraceptive methods and the ability to facilitate and manipulate fertilization and gestation, couples will gain greater control over their fertility. Once a pregnancy has been established or an in vitro embryo created, the ability to evaluate the embryo and fetus will increase dramatically with progress in human genetic research. Preconception and preimplantation genetic testing and screening are now possible, and the technology to perform prenatal screening early in gestation is advancing rapidly. Nonsurgical methods facilitate induced abortion with a relatively lower degree of trauma upon the woman undergoing the procedure. These capabilities may all be used to enable and even encourage the genetic selection of future children. Despite the ethical concerns associated with prenatal testing and abortion, these services will continue to be an integral aspect of reproductive medicine. As technology advances, however, it will be possible to test and screen for conditions which do not produce serious defects. Genetic conditions which produce relatively mild impacts upon health will be identifiable in the embryo or fetus, while late-onset conditions and genetic factors which have only a probability of affecting health will also be located in the fetal genome. Prospective parents may therefore soon have the capability of selecting their most desirable embryo in vitro, or terminating all undesirable fetuses in vivo until the preferred child is delivered. The medical profession must take some responsibility for establishing guidelines on the use of reproductive technology. The standards of practice for the medical profession must reflect the results of a broad social debate over competing moral values. The author develops an argument for legal and ethical limitations on the application of prenatal testing and screening technology, suggesting that for some medical conditions, respect for the privacy and confidentiality of the fetus

  20. On genomics, kin, and privacy.

    Science.gov (United States)

    Telenti, Amalio; Ayday, Erman; Hubaux, Jean Pierre

    2014-01-01

    The storage of greater numbers of exomes or genomes raises the question of loss of privacy for the individual and for families if genomic data are not properly protected. Access to genome data may result from a personal decision to disclose, or from gaps in protection. In either case, revealing genome data has consequences beyond the individual, as it compromises the privacy of family members. Increasing availability of genome data linked or linkable to metadata through online social networks and services adds one additional layer of complexity to the protection of genome privacy.  The field of computer science and information technology offers solutions to secure genomic data so that individuals, medical personnel or researchers can access only the subset of genomic information required for healthcare or dedicated studies.

  1. Intimacy, Confidentiality, and Power: Kiss and Tell as a Feminist Critique of Privacy Law

    Directory of Open Access Journals (Sweden)

    Naomh Gibson

    2015-12-01

    Full Text Available The current principle of privacy and its enactment in law and policy is presented as a reified, universal value that is gender-neutral. However this article contends this presumption, and advances that privacy is an inconsistent area of law that has allowed for the oppression of women’s rights and interests. It will be proposed that the narrative of ‘kiss and tell’ stories offers access to substantive justice and equality by subverting legal and gender norms and deconstructing the concept of privacy. Using the tools of feminist legal theory and theoretical commentary, this argument forms four sections. Firstly, it will be introduced that privacy is a value which is nebulous at best, and the reasons for critiquing privacy law using a perspective from feminist legal theory will be explored. Following this, the injustices perpetrated against women by the current state of privacy law will be outlined – particularly in the area of sexual information and sexuality. Using examples from both the UK and American jurisdictions, it will be submitted that privacy law is mired in patriarchal values. Thirdly, the jurisprudence underpinning privacy law decisions on sexual relationships and the legal concepts of confidence and intimacy will be critically examined and deconstructed. Finally, drawing upon investigative research, anecdotal evidence, and critical analysis, it will be submitted that ‘kiss and tell’ narratives are the way forward to reconceptualise privacy. It will be recommended that kiss and tell stories have value in social communication and present a chance for women to engage in relevant public discourse, and more widely, gives law an opportunity to reach a new understanding of privacy appropriate in the modern age.

  2. 24 CFR 3280.107 - Interior privacy.

    Science.gov (United States)

    2010-04-01

    ... 24 Housing and Urban Development 5 2010-04-01 2010-04-01 false Interior privacy. 3280.107 Section 3280.107 Housing and Urban Development Regulations Relating to Housing and Urban Development (Continued... privacy. Bathroom and toilet compartment doors shall be equipped with a privacy lock. ...

  3. 31 CFR 0.216 - Privacy Act.

    Science.gov (United States)

    2010-07-01

    ... 31 Money and Finance: Treasury 1 2010-07-01 2010-07-01 false Privacy Act. 0.216 Section 0.216... RULES OF CONDUCT Rules of Conduct § 0.216 Privacy Act. Employees involved in the design, development, operation, or maintenance of any system of records or in maintaining records subject to the Privacy Act of...

  4. Sexiled: Privacy Acquisition Strategies of College Roommates

    Science.gov (United States)

    Erlandson, Karen

    2014-01-01

    This study sought to understand how roommates make privacy bids in college residence halls. The results indicate that privacy for sexual activity is a problem for students living in college residence halls, as almost all participants (82%) reported having dealt with this issue. Two sets of responses were collected and analyzed: privacy acquisition…

  5. Video Surveillance: Privacy Issues and Legal Compliance

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim; Jensen, Christian D.

    2015-01-01

    . There is a need to balance the usage of video surveillance against its negative impact on privacy. This chapter aims to highlight the privacy issues in video surveillance and provides a model to help identify the privacy requirements in a video surveillance system. The authors make a step in the direction...

  6. Sexiled: Privacy Acquisition Strategies of College Roommates

    Science.gov (United States)

    Erlandson, Karen

    2014-01-01

    This study sought to understand how roommates make privacy bids in college residence halls. The results indicate that privacy for sexual activity is a problem for students living in college residence halls, as almost all participants (82%) reported having dealt with this issue. Two sets of responses were collected and analyzed: privacy acquisition…

  7. Enhancing Privacy for Digital Rights Management

    NARCIS (Netherlands)

    Petkovic, M.; Conrado, C.; Schrijen, G.J.; Jonker, W.

    2007-01-01

    This chapter addresses privacy issues in DRM systems. These systems provide a means of protecting digital content, but may violate the privacy of users in that the content they purchase and their actions in the system can be linked to specific users. The chapter proposes a privacy-preserving DRM sys

  8. Disassociation for electronic health record privacy.

    Science.gov (United States)

    Loukides, Grigorios; Liagouris, John; Gkoulalas-Divanis, Aris; Terrovitis, Manolis

    2014-08-01

    The dissemination of Electronic Health Record (EHR) data, beyond the originating healthcare institutions, can enable large-scale, low-cost medical studies that have the potential to improve public health. Thus, funding bodies, such as the National Institutes of Health (NIH) in the U.S., encourage or require the dissemination of EHR data, and a growing number of innovative medical investigations are being performed using such data. However, simply disseminating EHR data, after removing identifying information, may risk privacy, as patients can still be linked with their record, based on diagnosis codes. This paper proposes the first approach that prevents this type of data linkage using disassociation, an operation that transforms records by splitting them into carefully selected subsets. Our approach preserves privacy with significantly lower data utility loss than existing methods and does not require data owners to specify diagnosis codes that may lead to identity disclosure, as these methods do. Consequently, it can be employed when data need to be shared broadly and be used in studies, beyond the intended ones. Through extensive experiments using EHR data, we demonstrate that our method can construct data that are highly useful for supporting various types of clinical case count studies and general medical analysis tasks. Copyright © 2014 Elsevier Inc. All rights reserved.

  9. Smartdata privacy meets evolutionary robotics

    CERN Document Server

    Harvey, Inman; Tomko, George

    2013-01-01

    Privacy by Design and the Promise of SmartData.- SmartData: the Need, the Goal and the Challenge.- Perspectives on Artificial Intelligence.- Context dependent information processing entails scale-free dynamics.- Philosophy and SmartData.- Relevance Realization and the Neurodynamics and Neural Connectivity of General Intelligence.- What Matters: Real Bodies and Virtual Worlds.- The development of autonomous virtual agents.- Patterns of Attractors in the "Brain"".- A Privacy-Enabled Mobile Computing Model Using Intelligent Cloud-Based Services.- Unconstraint the Population: the Benefits of Horiz

  10. Large-scale Health Information Database and Privacy Protection*1

    Science.gov (United States)

    YAMAMOTO, Ryuichi

    2016-01-01

    Japan was once progressive in the digitalization of healthcare fields but unfortunately has fallen behind in terms of the secondary use of data for public interest. There has recently been a trend to establish large-scale health databases in the nation, and a conflict between data use for public interest and privacy protection has surfaced as this trend has progressed. Databases for health insurance claims or for specific health checkups and guidance services were created according to the law that aims to ensure healthcare for the elderly; however, there is no mention in the act about using these databases for public interest in general. Thus, an initiative for such use must proceed carefully and attentively. The PMDA*2 projects that collect a large amount of medical record information from large hospitals and the health database development project that the Ministry of Health, Labour and Welfare (MHLW) is working on will soon begin to operate according to a general consensus; however, the validity of this consensus can be questioned if issues of anonymity arise. The likelihood that researchers conducting a study for public interest would intentionally invade the privacy of their subjects is slim. However, patients could develop a sense of distrust about their data being used since legal requirements are ambiguous. Nevertheless, without using patients’ medical records for public interest, progress in medicine will grind to a halt. Proper legislation that is clear for both researchers and patients will therefore be highly desirable. A revision of the Act on the Protection of Personal Information is currently in progress. In reality, however, privacy is not something that laws alone can protect; it will also require guidelines and self-discipline. We now live in an information capitalization age. I will introduce the trends in legal reform regarding healthcare information and discuss some basics to help people properly face the issue of health big data and privacy

  11. Large-scale Health Information Database and Privacy Protection.

    Science.gov (United States)

    Yamamoto, Ryuichi

    2016-09-01

    Japan was once progressive in the digitalization of healthcare fields but unfortunately has fallen behind in terms of the secondary use of data for public interest. There has recently been a trend to establish large-scale health databases in the nation, and a conflict between data use for public interest and privacy protection has surfaced as this trend has progressed. Databases for health insurance claims or for specific health checkups and guidance services were created according to the law that aims to ensure healthcare for the elderly; however, there is no mention in the act about using these databases for public interest in general. Thus, an initiative for such use must proceed carefully and attentively. The PMDA projects that collect a large amount of medical record information from large hospitals and the health database development project that the Ministry of Health, Labour and Welfare (MHLW) is working on will soon begin to operate according to a general consensus; however, the validity of this consensus can be questioned if issues of anonymity arise. The likelihood that researchers conducting a study for public interest would intentionally invade the privacy of their subjects is slim. However, patients could develop a sense of distrust about their data being used since legal requirements are ambiguous. Nevertheless, without using patients' medical records for public interest, progress in medicine will grind to a halt. Proper legislation that is clear for both researchers and patients will therefore be highly desirable. A revision of the Act on the Protection of Personal Information is currently in progress. In reality, however, privacy is not something that laws alone can protect; it will also require guidelines and self-discipline. We now live in an information capitalization age. I will introduce the trends in legal reform regarding healthcare information and discuss some basics to help people properly face the issue of health big data and privacy

  12. Disinvestment policy and the public funding of assisted reproductive technologies: outcomes of deliberative engagements with three key stakeholder groups.

    Science.gov (United States)

    Hodgetts, Katherine; Hiller, Janet E; Street, Jackie M; Carter, Drew; Braunack-Mayer, Annette J; Watt, Amber M; Moss, John R; Elshaug, Adam G

    2014-05-05

    Measures to improve the quality and sustainability of healthcare practice and provision have become a policy concern. In addition, the involvement of stakeholders in health policy decision-making has been advocated, as complex questions arise around the structure of funding arrangements in a context of limited resources. Using a case study of assisted reproductive technologies (ART), deliberative engagements with a range of stakeholder groups were held on the topic of how best to structure the distribution of Australian public funding in this domain. Deliberative engagements were carried out with groups of ART consumers, clinicians and community members. The forums were informed by a systematic review of ART treatment safety and effectiveness (focusing, in particular, on maternal age and number of treatment cycles), as well as by international policy comparisons, and ethical and cost analyses. Forum discussions were transcribed and subject to thematic analysis. Each forum demonstrated stakeholders' capacity to understand concepts of choice under resource scarcity and disinvestment, and to countenance options for ART funding not always aligned with their interests. Deliberations in each engagement identified concerns around 'equity' and 'patient responsibility', culminating in a broad preference for (potential) ART subsidy restrictions to be based upon individual factors rather than maternal age or number of treatment cycles. Community participants were open to restrictions based upon measures of body mass index (BMI) and smoking status, while consumers and clinicians saw support to improve these factors as part of an ART treatment program, as distinct from a funding criterion. All groups advocated continued patient co-payments, with measures in place to provide treatment access to those unable to pay (namely, equity of access). Deliberations yielded qualitative, socially-negotiated evidence required to inform ethical, accountable policy decisions in the specific

  13. (IN-PRIVACY IN MOBILE APPS. CUSTOMER OPPORTUNITIES

    Directory of Open Access Journals (Sweden)

    Yu.S. Chemerkina

    2016-01-01

    Full Text Available Subject of Study. The paper presents the results of an investigation of cross-platform mobile applications. This paper focuses on a cross-platform app data investigation in purpose of creating a database that helps to make decisions from data privacy viewpoint. These decisions refer to knowledge about mobile apps that are available to the public, especially on how consumer data is protected while it is stored locally or transferred via network as well as what type of data may leak. Methods. This paper proposes a forensics methodology as a cornerstone of an app data investigation process. The object of research is an application data protection under different security control types among modern mobile OS. The subject of research is a modification of forensics approach and behavioral analysis to examine application data privacy in order to find data that are not properly handled by applications which lead to data leakages, defining protection control type without forensics limits. In addition, this paper relies on using the simplest tools, proposing a limit to examine locally stored data and transmitted over the network to cover all data, excluding memory and code analysis unless it is valuable (behavioral analysis. The research methods of the tasks set in the paper include digital forensics approach methods depending on data conception (at-rest, in-use/memory, in-transit with behavioral analysis of application, and static and dynamic application code analysis. Main Results. The research was carried out for the scope of that thesis, and the following scientific results were obtained. First, the methods used to investigate the privacy of application data allow considering application features and protection code design and flaws in the context of incomplete user awareness about the privacy state due to external activity of the developer. Second, the knowledge set about facts of application data protection that allows making a knowledge database to

  14. 一种基于多变量公钥的软件注册方案%A SOFTWARE REGISTRATION SCHEME BASED ON MULTIVARIATE PUBLIC KEY

    Institute of Scientific and Technical Information of China (English)

    黄宁

    2013-01-01

    对中间域多变量公钥密码算法MFE(Medium-Field Multivariate Public Key Encryption)可能遇到的奇异性进行分析和处理,并研究其应用于软件注册。用改进的MFE多变量公钥密码算法,在扩展ASCⅡ字符集构建的有限域F(28)中,设计软件注册方案,运算过程多处采用了不可更改的机器指纹信息,实现一次一密,为了提高安全性,在注册码的形成过程中对字符进行分解;而在注册码的验证过程中对字符进行合成,抗代数攻击能力得到提高。由于注册码对机器指纹信息的依赖,有效防止多机共享注册码。%We analyse and process the singularity which might be encountered by MFE(medium-field multivariate public key encryption)and study the application of it in software registration.We use the enhanced MFE multivariate public key encryption to design a software registration scheme in finite field F (28 )configured from the character set of extended ASCII,which uses unchangeable fingerprints of machine in several steps of operation,and realises one key used for just one time.In order to enhance the security,characters are decomposed in the process of registration string generation,and then are composed in the process of registration string verification,thus the ability to withstand the algebraic attacks is enhanced. The dependence of registration string on machine fingerprints effectively prevents any registration string from being shared by multiple machines.

  15. Privacy Preserving Linear Regression on Distributed Databases

    Directory of Open Access Journals (Sweden)

    Fida K. Dankar

    2015-04-01

    Full Text Available Studies that combine data from multiple sources can tremendously improve the outcome of the statistical analysis. However, combining data from these various sources for analysis poses privacy risks. A number of protocols have been proposed in the literature to address the privacy concerns; however they do not fully deliver on either privacy or complexity. In this paper, we present a (theoretical privacy preserving linear regression model for the analysis of data owned by several sources. The protocol uses a semi-trusted third party and delivers on privacy and complexity.

  16. Model-driven Privacy Assessment in the Smart Grid

    Energy Technology Data Exchange (ETDEWEB)

    Knirsch, Fabian [Salzburg Univ. (Austria); Engel, Dominik [Salzburg Univ. (Austria); Neureiter, Christian [Salzburg Univ. (Austria); Frincu, Marc [Univ. of Southern California, Los Angeles, CA (United States); Prasanna, Viktor [Univ. of Southern California, Los Angeles, CA (United States)

    2015-02-09

    In a smart grid, data and information are transported, transmitted, stored, and processed with various stakeholders having to cooperate effectively. Furthermore, personal data is the key to many smart grid applications and therefore privacy impacts have to be taken into account. For an effective smart grid, well integrated solutions are crucial and for achieving a high degree of customer acceptance, privacy should already be considered at design time of the system. To assist system engineers in early design phase, frameworks for the automated privacy evaluation of use cases are important. For evaluation, use cases for services and software architectures need to be formally captured in a standardized and commonly understood manner. In order to ensure this common understanding for all kinds of stakeholders, reference models have recently been developed. In this paper we present a model-driven approach for the automated assessment of such services and software architectures in the smart grid that builds on the standardized reference models. The focus of qualitative and quantitative evaluation is on privacy. For evaluation, the framework draws on use cases from the University of Southern California microgrid.

  17. SPM: Source Privacy for Mobile Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    Ren Jian

    2010-01-01

    Full Text Available Source privacy plays a key role in communication infrastructure protection. It is a critical security requirement for many mission critical communications. This is especially true for mobile ad hoc networks (MANETs due to node mobility and lack of physical protection. Existing cryptosystem-based techniques and broadcasting-based techniques cannot be easily adapted to MANET because of their extensive cryptographic computation and/or large communication overhead. In this paper, we first propose a novel unconditionally secure source anonymous message authentication scheme (SAMAS. This scheme enables message sender to transmit messages without relying on any trusted third parties. While providing source privacy, the proposed scheme can also provide message content authenticity. We then propose a novel communication protocol for MANET that can ensure communication privacy for both message sender and message recipient. This protocol can also protect end-to-end routing privacy. Our security analysis demonstrates that the proposed protocol is secure against various attacks. The theoretical analysis and simulation show that the proposed scheme is efficient and can provide high message delivery ratio. The proposed protocol can be used for critical infrastructure protection and secure file sharing in mobile ad hoc networks where dynamic groups can be formed.

  18. Privacy and security of patient data in the pathology laboratory

    Directory of Open Access Journals (Sweden)

    Ioan C Cucoranu

    2013-01-01

    Full Text Available Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI. In the United States, the Health Insurance Portability and Accountability Act (HIPAA govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States.

  19. Privacy and security of patient data in the pathology laboratory

    Science.gov (United States)

    Cucoranu, Ioan C.; Parwani, Anil V.; West, Andrew J.; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B.; Balis, Ulysses J.; Tuthill, Mark J.; Pantanowitz, Liron

    2013-01-01

    Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States. PMID:23599904

  20. Privacy and security of patient data in the pathology laboratory.

    Science.gov (United States)

    Cucoranu, Ioan C; Parwani, Anil V; West, Andrew J; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B; Balis, Ulysses J; Tuthill, Mark J; Pantanowitz, Liron

    2013-01-01

    Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States.