Search results for " Security"
showing 10 items of 1419 documents
Moderated Redactable Blockchains: A Definitional Framework with an Efficient Construct
2020
Blockchain is a multiparty protocol to reach agreement on the order of events, and to record them consistently and immutably without centralized trust. In some cases, however, the blockchain can benefit from some controlled mutability. Examples include removing private information or unlawful content, and correcting protocol vulnerabilities which would otherwise require a hard fork. Two approaches to control the mutability are: moderation, where one or more designated administrators can use their private keys to approve a redaction, and voting, where miners can vote to endorse a suggested redaction. In this paper, we first present several attacks against existing redactable blockchain solut…
Security and Privacy in Wireless IoT
2018
The 13 articles in this special section focus on security and privacy in wireless Internet of Things (IoT). IoT is a paradigm that involves networked physical objects with embedded technologies to collect, communicate, sense, and interact with the external environment through wireless or wired connections. With rapid advancements in IoT technology, the number of IoT devices is expected to surpass 50 billion by 2020, which has also drawn the attention of attackers who seek to exploit the merits of this new technology for their own benefits. There are many potential security and privacy threats to IoT, such as attacks against IoT systems and unauthorized access to private information of end u…
A Patient-Centric Attribute Based Access Control Scheme for Secure Sharing of Personal Health Records Using Cloud Computing
2016
Personal health records (PHR) are an emerging health information exchange model, which facilitates PHR owners to efficiently share their private health data among a variety of users including healthcare professionals as well as family and friends. PHRs are usually outsourced and stored in third-party cloud platforms which relieves PHR owners from the burden of managing their PHR data while achieving better availability of health data. However, outsourcing private health data raises significant privacy concerns because there is a higher risk of leaking health information to unauthorized parties. To ensure PHR owners' control of their outsourced PHR data, attribute based encryption (ABE) mech…
A Distributed Multi-Authority Attribute Based Encryption Scheme for Secure Sharing of Personal Health Records
2017
Personal health records (PHR) are an emerging health information exchange model, which facilitates PHR owners to efficiently manage their health data. Typically, PHRs are outsourced and stored in third-party cloud platforms. Although, outsourcing private health data to third-party platforms is an appealing solution for PHR owners, it may lead to significant privacy concerns, because there is a higher risk of leaking private data to unauthorized parties. As a way of ensuring PHR owners' control of their outsourced PHR data, attribute based encryption (ABE) mechanisms have been considered due to the fact that such schemes facilitate a mechanism of sharing encrypted data among a set of intende…
Privacy in Modern Healthcare Communications: The Lesson of Alan Turing
2016
Security Management in Electronic Health Records: Attitudes and Experiences Among Health Care Professionals
2018
Electronic health records play an important role for management, exchange and storage of information within health care organizations. Health care organizations are obliged to adopt strategies for information security and privacy associated with access to medical and sensitive information, but at the same time, the information needs to be available for authorized health care professionals carrying out patient treatment. This paper presents a study about attitudes and experiences among health care professionals towards security management in electronic health records. Qualitative research methods were used, with an initial literature review that was followed by observations and interviews wi…
Security Management in Health Care Information Systems — A Literature Review
2017
Health care information systems play an important role for communication across the organizational borders of health care services. The electronic health record represents the main entity in the management, exchange and storage of medical information. Health care organizations must adopt strategies for security and privacy risks associated with access to health care information systems, but on the other hand, the information needs to be accessible and readable for authorized health care professionals carrying out patient treatment. This paper presents a literature review on security management in health care information systems. The aim was to analyze descriptions and definitions of informa…
Soil genetic erosion: New conceptual developments in soil security
2019
In the last decades, in some Mediterranean areas, pedodiversity decreased mainly due to pedotechnique application in large-scale farming that transformed original soils into Anthrosols. Supporting the consideration that soils can be considered as living systems, the original concept of 'soil genetic erosion' is re-proposed. Data, extrapolated and modeled from a Soil Information System in a study case representative of a Mediterranean landscape, predicted that most of the soil types would disappear in few years leading to a decrease of the soil diversity and originating soil genetic erosion. This circumstance is intentionally here told in form of a story where the fairy tale characters are s…
Robust Network Agreement on Logical Information
2011
Abstract Logical consensus is an approach to distributed decision making which is based on the availability of a network of agents with incomplete system knowledge. The method requires the construction of a Boolean map which defines a dynamic system allowing the entire network to consent on a unique, global decision. Previous work by the authors proved the method to be viable for applications such as intrusion detection within a structured environment, when the agent's communication topology is known in advance. The current work aims at providing a fully distributed protocol, requiring no a priori knowledge of each agent's communication neighbors. The protocol allows the construction of a r…
Stealthy Attacks in Cloud-Connected Linear Impulsive Systems
2018
This paper studies a security problem for a class cloud-connected multi-agent systems, where autonomous agents coordinate via a combination of short-range ad-hoc commu- nication links and long-range cloud services. We consider a simplified model for the dynamics of a cloud-connected multi- agent system and attacks, where the states evolve according to linear time-invariant impulsive dynamics, and attacks are modeled as exogenous inputs designed by an omniscent attacker that alters the continuous and impulsive updates. We propose a definition of attack detectability, characterize the existence of stealthy attacks as a function of the system parameters and attack properties, and design a fami…