Infrastructure for secure medical image sharing between distributed PACS and DI-r systems.

Kurlakose, Krupa Anna

01 December 2013

Recent developments in information and communication technologies and their incor- poration into the medical domain have opened doors for the enhancement of health care services and thereby increasing the work ow at a reasonable rate. However, to implement such services, current medical system needs to be exible enough to support integration with other systems. This integration should be achieved in a secure manner and the resultant service should be made available to all health professionals and patients. This thesis proposes a new infrastructure for secure medical image sharing between legacy PACS and DI-r. The solution employs OpenID standard for user authentication, OAuth service to grant authorization and IHE XDS-I pro les to store and retrieve medical im- ages and associated meta data. In the proposed infrastructure cooperative agents are employed to provide a user action, patient consent and system policy based access con- trol mechanism to securely share medical images. This allows safe integration of PACS and DI-r systems within a standard EHR system. In addition to this, a behavior-pattern based security policy enhancement feature is added to the system to assist the system security administrator. The resulting secure and interoperable medical imaging systems are easy to expand and maintain. Behavior of the entire system is analysed using general- purpose model driven development tool IBM Rational Rhapsody. The code generation and animation capability of the tool makes it powerful for running e ective simulations. We mainly explore the use of state charts and their interactions with MySQL database to learn the behavior of the system.

Access control

PACS

DI-r

OpenID

OAuth

Relating Declarative Semantics and Usability in Access Control

Krishnan, Vivek

January 2012

This thesis addresses the problem of usability in the context of administration of access control systems. We seek to relate the notion of declarative semantics, a recurring theme in research in access control, with usability. We adopt the concrete context of POSIX ACLs and the traditional interface for it that comprises two utilities getfacl and setfacl. POSIX ACLs are the de facto standard to which POSIX conformant systems such as Linux and OpenBSD adhere. The natural semantics of getfacl and setfacl is operational. By operational we mean that the semantics of these are speci ed procedurally. We have designed and implemented an alternate interface that we call askfacl whose natural semantics is declarative. Declarative semantics means "what you see is what it is." We also discuss our design of askfacl and articulate the following thesis that underlies our work: If the natural semantics of the interface for ACLs is declarative, then a user is able to more quickly, accurately and confidently, inspect and edit ACLs than if the semantics is operational. To validate our thesis we conducted a between participant human-subject usability study with 42 participants. The results of our study measurably demonstrate the goodness of declarative semantics in access control.

Usability

Security

Access Control

Electrical and Computer Engineering

Authentication Via Multiple Associated Devices

Subils, Jean-Baptiste

16 September 2015

This thesis presents a practical method of authentication utilizing multiple devices. The factors contributing to the practicality of the method are: the utilization of devices already commonly possessed by users and the amenability to being implemented on a wide variety of devices. The term “device” refers to anything able to perform cryptographic operations, store data, and communicate with another such device. In the method presented herein, multiple devices need to be associated with a single user to provide this user an identity in the system. A public key infrastructure is used to provide this identity. Each of the devices associated with a user possesses a public and private key which allow cryptographic operations to be performed. These operations include signing and encrypting data and will prove the identity of each device. The addition of these identities helps authenticate a single user. A wide variety of devices qualifies to be used by this authentication method. The minimum requirements are: the storage of data such as a private key, the ability to communicate, and a processor to perform the cryptographic operations. Smart devices possess these requirements and the manufacture of such devices can be realized at a reasonable cost. This method is malleable and implemented in numerous authentication protocols. This thesis illustrates and explains several instances of these protocols. The method’s primary novelty is its resistance to theft-based attacks, which results from the utilization of multiple devices to authenticate users. A user associated with multiple devices needs to be in possession of these devices to correctly perform the authentication task. This thesis focuses on the system design of this novel authentication method.

Security

access control

authorization

Computer Sciences

Toward Monitoring, Assessing, and Confining Mobile Applications in Modern Mobile Platforms

January 2015

abstract: Smartphones are pervasive nowadays. They are supported by mobile platforms that allow users to download and run feature-rich mobile applications (apps). While mobile apps help users conveniently process personal data on mobile devices, they also pose security and privacy threats and put user's data at risk. Even though modern mobile platforms such as Android have integrated security mechanisms to protect users, most mechanisms do not easily adapt to user's security requirements and rapidly evolving threats. They either fail to provide sufficient intelligence for a user to make informed security decisions, or require great sophistication to configure the mechanisms for enforcing security decisions. These limitations lead to a situation where users are disadvantageous against emerging malware on modern mobile platforms. To remedy this situation, I propose automated and systematic approaches to address three security management tasks: monitoring, assessment, and confinement of mobile apps. In particular, monitoring apps helps a user observe and record apps' runtime behaviors as controlled under security mechanisms. Automated assessment distills intelligence from the observed behaviors and the security configurations of security mechanisms. The distilled intelligence further fuels enhanced confinement mechanisms that flexibly and accurately shape apps' behaviors. To demonstrate the feasibility of my approaches, I design and implement a suite of proof-of-concept prototypes that support the three tasks respectively. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2015

Computer science

access control

Android

security

Anonymity Protection and Access Control in Mobile Network Environment

January 2016

abstract: Wireless communication technologies have been playing an important role in modern society. Due to its inherent mobility property, wireless networks are more vulnerable to passive attacks than traditional wired networks. Anonymity, as an important issue in mobile network environment, serves as the first topic that leads to all the research work presented in this manuscript. Specifically, anonymity issue in Mobile Ad hoc Networks (MANETs) is discussed with details as the first section of research. To thoroughly study on this topic, the presented work approaches it from an attacker's perspective. Under a perfect scenario, all the traffic in a targeted MANET exhibits the communication relations to a passive attacker. However, localization errors pose a significant influence on the accuracy of the derived communication patterns. To handle such issue, a new scheme is proposed to generate super nodes, which represent the activities of user groups in the target MANET. This scheme also helps reduce the scale of monitoring work by grouping users based on their behaviors. The first part of work on anonymity in MANET leads to the thought on its major cause. The link-based communication pattern is a key contributor to the success of the traffic analysis attack. A natural way to circumvent such issue is to use link-less approaches. Information Centric Networking (ICN) is a typical instance of such kind. Its communication pattern is able to overcome the anonymity issue with MANET. However, it also comes with its own shortcomings. One of them is access control enforcement. To tackle this issue, a new naming scheme for contents transmitted in ICN networks is presented. This scheme is based on a new Attribute-Based Encryption (ABE) algorithm. It enforces access control in ICN with minimum requirements on additional network components. Following the research work on ABE, an important function, delegation, exhibits a potential security issue. In traditional ABE schemes, Ciphertext-Policy ABE (CP-ABE), a user is able to generate a subset of authentic attribute key components for other users using delegation function. This capability is not monitored or controlled by the trusted third party (TTP) in the cryptosystem. A direct threat caused from this issue is that any user may intentionally or unintentionally lower the standards for attribute assignments. Unauthorized users/attackers may be able to obtain their desired attributes through a delegation party instead of directly from the TTP. As the third part of work presented in this manuscript, a three-level delegation restriction architecture is proposed. Furthermore, a delegation restriction scheme following this architecture is also presented. This scheme allows the TTP to have full control on the delegation function of all its direct users. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2016

Computer science

Access Control

Anonymity

Mobile Network

Automated secure systems development methodology

Booysen, Hester Aletta Susanna

20 November 2014

D.Com. (Informatics) / The complexity of modern computer-based information systems is such that, for all but the simplest of examples, they cannot be produced without a considerable amount of prior planning and preparation. The actual difficulties of trying to design, develop and implement complex computer-based systems have been recognised as early as the seventies. In a bid to deal with what was then referred to as the "software crisis", a number of so- called "methodologies" were advocated. Those methodologies were, in turn, based on a collection of guidelines or methods thanks to which their designers could eventually make the claim that computer systems, and in particular information systems, could be designed and developed with a greater degree of success. By using a clear set of rules, or at least reasonably detailed principles, they could ensure that the various design and development tasks be performed in a methodical, organ ised fashion. Irrespective of the methodologies or guidelines that were adopted or laid down, the developers principal aim was to ensure that all relevant detail about the proposed information systems would be taken into account during the long and often drawn-out design and development process. Unfortunately, many of those methodologies and guidelines date from the early 1970s and, as a result, no longer meet the security requirements and guidelines of today's information systems. It was never attempted under any of those methodolog ies, however, to unriddle the difficulties they had come up against in information security in the domain of system development . Security concerns should however, form an integral part of the planning, development and maintenance of a computer application. Each application system should for example, take the necessary security measures in any given situation.

Computers - Access control

Computer security

Data protection

A critical review of the IFIP TC11 Security Conference Series

Gaadingwe, Tshepo Gaadingwe

January 2007

Over the past few decades the field of computing has grown and evolved. In this time, information security research has experienced the same type of growth. The increase in importance and interest in information security research is reflected by the sheer number of research efforts being produced by different type of organizations around the world. One such organization is the International Federation for Information Processing (IFIP), more specifically the IFIP Technical Committee 11 (IFIP TC11). The IFIP TC11 community has had a rich history in producing high quality information security specific articles for over 20 years now. Therefore, IFIP TC11 found it necessary to reflect on this history, mainly to try and discover where it came from and where it may be going. Its 20th anniversary of its main conference presented an opportunity to begin such a study of its history. The core belief driving the study being that the future can only be realized and appreciated if the past is well understood. The main area of interest was to find out topics which may have had prevalence in the past or could be considered as "hot" topics. To achieve this, the author developed a systematic process for the study. The underpinning element being the creation of a classification scheme which was used to aid the analysis of the IFIP TC11 20 year's worth of articles. Major themes were identified and trends in the series highlighted. Further discussion and reflection on these trends were given. It was found that, not surprisingly, the series covered a wide variety of topics in the 20 years. However, it was discovered that there has been a notable move towards technically focused papers. Furthermore, topics such as business continuity had just about disappeared in the series while topics which are related to networking and cryptography continue to gain more prevalence.

Database security

Data protection

Computers -- Access control

CBiX a model for content-based billing in XML environments

De Villiers, Peter

January 2003

The new global economy is based on knowledge and information. Further- more, the Internet is facilitating new forms of revenue generation of which one recognized potential source is content delivery over the Internet. One aspect that is critical to ensuring a content-based revenue stream is billing. While there are a number of content-based billing systems commercially available, as far as can be determined these products are not based on a common model that can ensure interoperability and communication between the billing sys- tems. This dissertation addresses the need for a content-based billing model by developing the CBiX (Content-based Billing in XML Environments) model. This model, developed in a phased approach as a family of billing models, incorporates three aspects. The rst aspect is access control. The second as- pect is pricing, in the form of document, element and inherited element level pricing for content. The third aspect is XML as the platform for information exchange. The nature of the Internet facilitates information interchange, exible web business models and exible pricing. These facts, coupled with CBiX being concerned with billing for content over the Internet, leads to a number of decisions regarding the model: The CBiX model has to incorporate exible pricing. Therefore pricing is evolved through the development of the family of models from doc- ument level pricing to element level pricing to inherited element level pricing. The CBiX model has to be based on a platform for information inter- change that enables content delivery. XML provides a broad family of standards that is widely supported and creating the next generation Internet. XML is therefore selected as the environment for information exchange for CBiX. The CBiX model requires a form of access control that can provide access to content based on user properties. Credential-based Access Control is therefore selected as the method of access control for CBiX, whereby authorization is granted based on a set of user credentials. Furthermore, this dissertation reports on the development of a prototype. This serves a dual purpose: rstly, to assist the author in understanding the technologies and principles involved; secondly, to illustrate CBiX0 and therefore present a proof-of-concept of at least the base model. The CBiX model provides a base to guide and assist developers with regards to the issues involved with developing a billing system for XML- based environments.

XML (Document Markup Language)

Access control

Pricing

A dynamic distributed trust model to control access to resources over the Internet

Lei, Hui.

10 April 2008

The access control mechanisms used in traditional security infrastructures, such as ACL and password applications, have been proven inadequate, inflexible, and difficult to apply in the Internet due to the incredible magnitude of today's Internet. Recently, research for expressing trust information in the digital world has been explored to be complementary to security mechanisms. This thesis deals with the access control for the resources provided over the Internet. On line digital content service is exemplary of such an application. In this work, we have concentrated on the idea of a trust management system, which was first proposed by Blaze et a1 in 1996, and we have proposed a general-purpose, application-independent Dynamic Distributed Trust Model (DDTM). In our DDTM, access rights are directly associated with a trust value. The trust values in this thesis are further classified into direct trust values, indirect trust values and trust authorization levels. We have calculated and expressed each type of the trust values as explicit numerical values. The core of this model is the recommendation-based trust model, organized as a Trust Delegation Tree (TDT), and the authorization delegation realized by delegation certificate chains. Moreover, the DDTM provides a distributed key-oriented certificate-issuing mechanism with no centralized global authority. A Dynamic Distributed Trust Protocol (DDTP) was developed as a general protocol for establishing and managing the trust relationship in a TDT structure. The protocol was verified by means of the verification tool, SPIN, and was prototyped to simulate communication and behaviors among the certificate issuer nodes on a TDT.

Internet -- Access control

Internet -- Security measures

Application of the access path model with specific reference to the SAP R/3 environment

Pretorius, Maria Rebecca

07 October 2014

M.Com. (Computer Auditing) / The management and control of modern day computer systems are becoming more and more trying due to the complexity of systems. This renders the traditional approach to evaluating controls in complex computer systems, inadequate and heightens the need for an alternative audit approach. The complex SAP R/3 environment will be evaluated in terms of security and validity of users and processes. This will be achieved through the use of an alternative audit approach namely, the application of the Access Path and Path Context Models (Boshoff 1985, 1990). The research methodology used during this research may indicate universal application implications for similar complex environments, although this has not yet been proved. The research showed that there are many control features available in the different software c.omponents of the SAP R/3 environment, that can be applied to control access and validity of users and processes. The duplication of control features provided by the software components, requires a global approach to security inthe defined environment. Only when evaluating the environment as a whole, will it be able to make the most effective security decisions. The use of the control matrices developed during this research will ease the global evaluation of the SAP R/3 environment. Although further research is required, the above has proven the usefulness of both the research methodology and the resultant model and matrices.

Computer security

Data protection

Computers - Access control