363 resultados para Privacy.
Resumo:
A parallel authentication and public-key encryption is introduced and exemplified on joint encryption and signing which compares favorably with sequential Encrypt-then-Sign (ɛtS) or Sign-then-Encrypt (Stɛ) schemes as far as both efficiency and security are concerned. A security model for signcryption, and thus joint encryption and signing, has been recently defined which considers possible attacks and security goals. Such a scheme is considered secure if the encryption part guarantees indistinguishability and the signature part prevents existential forgeries, for outsider but also insider adversaries. We propose two schemes of parallel signcryption, which are efficient alternative to Commit-then-Sign-and- Encrypt (Ct&G3&S). They are both provably secure in the random oracle model. The first one, called generic parallel encrypt and sign, is secure if the encryption scheme is semantically secure against chosen-ciphertext attacks and the signature scheme prevents existential forgeries against random-message attacks. The second scheme, called optimal parallel encrypt. and sign, applies random oracles similar to the OAEP technique in order to achieve security using encryption and signature components with very weak security requirements — encryption is expected to be one-way under chosen-plaintext attacks while signature needs to be secure against universal forgeries under random-plaintext attack, that is actually the case for both the plain-RSA encryption and signature under the usual RSA assumption. Both proposals are generic in the sense that any suitable encryption and signature schemes (i.e. which simply achieve required security) can be used. Furthermore they allow both parallel encryption and signing, as well as parallel decryption and verification. Properties of parallel encrypt and sign schemes are considered and a new security standard for parallel signcryption is proposed.
Resumo:
In this paper we make progress towards solving an open problem posed by Katz and Yung at CRYPTO 2003. We propose the first protocol for key exchange among n ≥2k+1 parties which simultaneously achieves all of the following properties: 1. Key Privacy (including forward security) against active attacks by group outsiders, 2. Non-malleability — meaning in particular that no subset of up to k corrupted group insiders can ‘fix’ the agreed key to a desired value, and 3. Robustness against denial of service attacks by up to k corrupted group insiders. Our insider security properties above are achieved assuming the availability of a reliable broadcast channel.
Resumo:
Motivated by privacy issues associated with dissemination of signed digital certificates, we define a new type of signature scheme called a ‘Universal Designated-Verifier Signature’ (UDVS). A UDVS scheme can function as a standard publicly-verifiable digital signature but has additional functionality which allows any holder of a signature (not necessarily the signer) to designate the signature to any desired designated-verifier (using the verifier’s public key). Given the designated-signature, the designated-verifier can verify that the message was signed by the signer, but is unable to convince anyone else of this fact. We propose an efficient deterministic UDVS scheme constructed using any bilinear group-pair. Our UDVS scheme functions as a standard Boneh-Lynn-Shacham (BLS) signature when no verifier-designation is performed, and is therefore compatible with the key-generation, signing and verifying algorithms of the BLS scheme. We prove that our UDVS scheme is secure in the sense of our unforgeability and privacy notions for UDVS schemes, under the Bilinear Diffie-Hellman (BDH) assumption for the underlying group-pair, in the random-oracle model. We also demonstrate a general constructive equivalence between a class of unforgeable and unconditionally-private UDVS schemes having unique signatures (which includes the deterministic UDVS schemes) and a class of ID-Based Encryption (IBE) schemes which contains the Boneh-Franklin IBE scheme but not the Cocks IBE scheme.
Resumo:
Health Law in Australia is the country’s leading text in this area and was the first book to deal with health law on a comprehensive national basis. In this important field that continues to give rise to challenges for society Health Law in Australia takes a logical, structured approach to explain the breadth of this area of law across all Australian jurisdictions. By covering all the major areas in this diverse field, Health Law in Australia enhances the understanding of the discipline as a whole. Beginning with an exploration of the general principles of health law, including chapters on “Negligence”, “Children and Consent to Medical Treatment”, and “Medical Confidentiality and Patient Privacy, the book goes on to consider beginning-of-life and end-of-life issues before concluding with chapters on emerging areas in health law, such as biotechnology, genetic technologies and medical research. The contributing authors are national leaders who are specialists in these areas of health law and who can share with readers the results of their research. Health Law in Australia has been written for both legal and health audiences and is essential reading for undergraduate and postgraduate students, researchers and scholars in the disciplines of law, health and medicine, as well as health and legal practitioners, government departments and bodies in the health area, and private health providers.
Resumo:
Dealing with digital medical images is raising many new security problems with legal and ethical complexities for local archiving and distant medical services. These include image retention and fraud, distrust and invasion of privacy. This project was a significant step forward in developing a complete framework for systematically designing, analyzing, and applying digital watermarking, with a particular focus on medical image security. A formal generic watermarking model, three new attack models, and an efficient watermarking technique for medical images were developed. These outcomes contribute to standardizing future research in formal modeling and complete security and computational analysis of watermarking schemes.
Resumo:
This tutorial primarily focuses on the technical challenges surrounding the design and implementation of Accountable-eHealth (AeH) systems. The potential benefits of shared eHealth records systems are promising for the future of improved healthcare; however, their uptake is hindered by concerns over the privacy and security of patient information. In the current eHealth environment, there are competing requirements between healthcare consumers' (i.e. patients) requirements and healthcare professionals' requirements. While consumers want control over their information, healthcare professionals want access to as much information as required in order to make well informed decisions. This conflict is evident in the review of Australia's PCEHR system. Accountable-eHealth systems aim to balance these concerns by implementing Information Accountability (IA) mechanisms. AeH systems create an eHealth environment where health information is available to the right person at the right time without rigid barriers whilst empowering the consumers with information control and transparency, thus, enabling the creation of shared eHealth records that can be useful to both patients and HCPs. In this half-day tutorial, we will discuss and describe the technical challenges surrounding the implementation of AeH systems and the solutions we have devised. A prototype AeH system will be used to demonstrate the functionality of AeH systems, and illustrate some of the proposed solutions. The topics that will be covered include: designing for usability in AeH systems, the privacy and security of audit mechanisms, providing for diversity of users, the scalability of AeH systems, and finally the challenges of enabling research and Big Data Analytics on shared eHealth Records while ensuring accountability and privacy are maintained.
Resumo:
This tutorial primarily focuses on the social aspects of implementing a novel eHealth systems called Accountable-eHealth (AeH) systems. The main focus of AeH systems is mitigating information privacy concerns whilst facilitating appropriate access to information for users, and is based on the principles of information accountability (IA).
Resumo:
This paper provides a first look at the acceptance of Accountable-eHealth systems, a new genre of eHealth systems, designed to manage information privacy concerns that hinder the proliferation of eHealth. The underlying concept of AeH systems is appropriate use of information through after-the-fact accountability for intentional misuse of information by healthcare professionals. An online questionnaire survey was utilised for data collection from three educational institutions in Queensland, Australia. A total of 23 hypothesis relating to 9 constructs were tested using a structural equation modelling technique. A total of 334 valid responses were received. The cohort consisted of medical, nursing and other health related students studying at various levels in both undergraduate and postgraduate courses. The hypothesis testing disproved 7 hypotheses. The empirical research model developed was capable of predicting 47.3% of healthcare professionals’ perceived intention to use AeH systems. A validation of the model with a wider survey cohort would be useful to confirm the current findings.
Resumo:
Objective The move internationally by Governments and other health providers to encourage patients to have their own electronic personal health record (e-PHRs) is growing exponentially. In Australia the initiative for a personally controlled electronic health record (known as PCEHR) is directed towards the public at large. The first objective of this study then, is to examine how individuals in the general population perceive the promoted idea of having a PCEHR. The second objective is to extend research on applying a theoretically derived consumer technology acceptance model to guide the research. Method An online survey was conducted to capture the perceptions and beliefs about having a PCEHR identified from technology acceptance models and extant literature. The survey was completed by 750 Queensland respondents, 97% of whom did not have a PCEHR at that time. The model was examined using exploratory factor analysis, regressions and mediation tests. Results Findings support eight of the 11 hypothesised relationships in the model. Perceived value and perceived risk were the two most important variables explaining attitude, with perceived usefulness and compatibility being weak but significant. The perception of risk was reduced through partial mediation from trust and privacy concerns. Additionally, web-self efficacy and ease of use partially mediate the relationship between attitude and intentions. Conclusions The findings represent a snapshot of the early stages of implementing this Australian initiative and captures the perceptions of Queenslanders who at present do not have a PCEHR. Findings show that while individuals appreciate the value of having this record, they do not appear to regard it as particularly useful at present, nor is it particularly compatible with their current engagement with e-services. Moreover, they will need to have any concerns about the risks alleviated, particularly through an increased sense of trust and reduction of privacy concerns. It is noted that although the respondents are non-adopters, they do not feel that they lack the necessary web skills to set up and use a PCEHR. To the best of our knowledge this is one of a very limited number of studies that examines a national level implementation of an e-PHR system, where take-up of the PCEHR is optional rather than a centralised, mandated requirement.
Resumo:
The study investigated the school experiences of girls whose parents are separated or divorced. The case study, conducted in a metropolitan, all-girls Catholic school in Brisbane, drew upon theoretical understandings from childhood studies and children's rights to reveal the school experiences of participants, from their own perspectives. Findings showed that students express emotions about their families while at school, are active agents in their own learning, and seek teachers' understanding of their situation, while respecting their family's privacy. The research points to the need for strengths-based, resilience-building strategies in schools, for an inclusive culture of respect for family diversity, and for understanding of students' transitions between households and family types.
Resumo:
It is often said that Australia is a world leader in rates of copyright infringement for entertainment goods. In 2012, the hit television show, Game of Thrones, was the most downloaded television show over bitorrent, and estimates suggest that Australians accounted for a plurality of nearly 10% of the 3-4 million downloads each week. The season finale of 2013 was downloaded over a million times within 24 hours of its release, and again Australians were the largest block of illicit downloaders over BitTorrent, despite our relatively small population. This trend has led the former US Ambassador to Australia to implore Australians to stop 'stealing' digital content, and rightsholders to push for increasing sanctions on copyright infringers. The Australian Government is looking to respond by requiring Internet Service Providers to issue warnings and potentially punish consumers who are alleged by industry groups to have infringed copyright. This is the logical next step in deterring infringement, given that the operators of infringing networks (like The Pirate Bay, for example) are out of regulatory reach. This steady ratcheting up of the strength of copyright, however, comes at a significant cost to user privacy and autonomy, and while the decentralisation of enforcement reduces costs, it also reduces the due process safeguards provided by the judicial process. This article presents qualitative evidence that substantiates a common intuition: one of the major reasons that Australians seek out illicit downloads of content like Game of Thrones in such numbers is that it is more difficult to access legitimately in Australia. The geographically segmented way in which copyright is exploited at an international level has given rise to a ‘tyranny of digital distance’, where Australians have less access to copyright goods than consumers in other countries. Compared to consumers in the US and the EU, Australians pay more for digital goods, have less choice in distribution channels, are exposed to substantial delays in access, and are sometimes denied access completely. In this article we focus our analysis on premium film and television offerings, like Game of Thrones, and through semi-structured interviews, explore how choices in distribution impact on the willingness of Australian consumers to seek out infringing copies of copyright material. Game of Thrones provides an excellent case study through which to frame this analysis: it is both one of the least legally accessible television offerings and one of the most downloaded through filesharing networks of recent times. Our analysis shows that at the same time as rightsholder groups, particularly in the film and television industries, are lobbying for stronger laws to counter illicit distribution, the business practices of their member organisations are counter-productively increasing incentives for consumers to infringe. The lack of accessibility and high prices of copyright goods in Australia leads to substantial economic waste. The unmet consumer demand means that Australian consumers are harmed by lower access to information and entertainment goods than consumers in other jurisdictions. The higher rates of infringement that fulfils some of this unmet demand increases enforcement costs for copyright owners and imposes burdens either on our judicial system or on private entities – like ISPs – who may be tasked with enforcing the rights of third parties. Most worryingly, the lack of convenient and cheap legitimate digital distribution channels risks undermining public support for copyright law. Our research shows that consumers blame rightsholders for failing to meet market demand, and this encourages a social norm that infringing copyright, while illegal, is not morally wrongful. The implications are as simple as they are profound: Australia should not take steps to increase the strength of copyright law at this time. The interests of the public and those of rightsholders align better when there is effective competition in distribution channels and consumers can legitimately get access to content. While foreign rightsholders are seeking enhanced protection for their interests, increasing enforcement is likely to increase their ability to engage in lucrative geographical price-discrimination, particularly for premium content. This is only likely to increase the degree to which Australian consumers feel that their interests are not being met and, consequently, to further undermine the legitimacy of copyright law. If consumers are to respect copyright law, increasing sanctions for infringement without enhancing access and competition in legitimate distribution channels could be dangerously counter-productive. We suggest that rightsholders’ best strategy for addressing infringement in Australia at this time is to ensure that Australians can access copyright goods in a timely, affordable, convenient, and fair lawful manner.
Resumo:
Rating systems are used by many websites, which allow customers to rate available items according to their own experience. Subsequently, reputation models are used to aggregate available ratings in order to generate reputation scores for items. A problem with current reputation models is that they provide solutions to enhance accuracy of sparse datasets not thinking of their models performance over dense datasets. In this paper, we propose a novel reputation model to generate more accurate reputation scores for items using any dataset; whether it is dense or sparse. Our proposed model is described as a weighted average method, where the weights are generated using the normal distribution. Experiments show promising results for the proposed model over state-of-the-art ones on sparse and dense datasets.
Resumo:
With the introduction of the Personally Controlled Health Record (PCEHR), the Australian public is being asked to accept greater responsibility for their healthcare. Although well designed, constructed and intentioned, policy and privacy concerns have resulted in an eHealth model that may impact future health information sharing requirements. Thus an opportunity to transform the beleaguered Australian PCEHR into a sustainable on-demand technology consumption model for patient safety must be explored further. Moreover, the current clerical focus of healthcare practitioners must be renegotiated to establish a shared knowledge creation landscape of action for safer patient interventions. To achieve this potential however requires a platform that will facilitate efficient and trusted unification of all health information available in real-time across the continuum of care. As a conceptual paper, the goal of the authors is to deliver insights into the antecedents of usage influencing superior patient outcomes within an eHealth-as-a-Service framework. To achieve this, the paper attempts to distil key concepts and identify common themes drawn from a preliminary literature review of eHealth and cloud computing concepts, specifically cloud service orchestration to establish a conceptual framework and a research agenda. Initial findings support the authors’ view that an eHealth-as-a-Service (eHaaS) construct will serve as a disruptive paradigm shift in the aggregation and transformation of health information for use as real-world knowledge in patient care scenarios. Moreover, the strategic value of extending the community Health Record Bank (HRB) model lies in the ability to automatically draw on a multitude of relevant data repositories and sources to create a single source of practice based evidence and to engage market forces to create financial sustainability.
Resumo:
Culturally, philosophically and religiously diverse medical systems including Western medicine, Traditional Chinese Medicine, Ayurvedic Medicine and Homeopathic Medicine, once situated in places and times relatively unconnected from each other, currently co-exist to a point where patients must choose which system to consult. These decisions require comparative analyses, yet the divergence in key underpinning assumptions is so great that comparisons cannot easily be made. However, diverse medical systems can be meaningfully juxtaposed for the purpose of making practical decisions if relevant information is presented appropriately. Information regarding privacy provisions inherent in the typical practice of each medical system is an important element in this juxtaposition. In this paper the information needs of patients making decisions regarding the selection of a medical system are examined.
Resumo:
Research studies aimed at advancing cancer prevention, diagnosis, and treatment depend on a number of key resources, including a ready supply of high-quality annotated biospecimens from diverse ethnic populations that can be used to test new drugs, assess the validity of prognostic biomarkers, and develop tailor-made therapies. In November 2011, KHCCBIO was established at the King Hussein Cancer Center (KHCC) with the support of Seventh Framework Programme (FP7) funding from the European Union (khccbio.khcc.jo). KHCCBIO was developed for the purpose of achieving an ISO accredited cancer biobank through the collection, processing, and preservation of high-quality, clinically annotated biospecimens from consenting cancer patients, making it the first cancer biobank of its kind in Jordan. The establishment of a state-of-the-art, standardized biospecimen repository of matched normal and lung tumor tissue, in addition to blood components such as serum, plasma, and white blood cells, was achieved through the support and experience of its European partners, Trinity College Dublin, Biostor Ireland, and accelopment AG. To date, KHCCBIO along with its partners, have worked closely in establishing an ISO Quality Management System (QMS) under which the biobank will operate. A Quality Policy Manual, Validation, and Training plan have been developed in addition to the development of standard operating procedures (SOPs) for consenting policies on ethical issues, data privacy, confidentiality, and biobanking bylaws. SOPs have also been drafted according to best international practices and implemented for the donation, procurement, processing, testing, preservation, storage, and distribution of tissues and blood samples from lung cancer patients, which will form the basis for the procurement of other cancer types. KHCCBIO will be the first ISO accredited cancer biobank from a diverse ethnic Middle Eastern and North African population. It will provide a unique and valuable resource of high-quality human biospecimens and anonymized clinicopathological data to the cancer research communities world-wide.
