98 resultados para SELECTIVE ENCRYPTION
Resumo:
EMR (Electronic Medical Record) is an emerging technology that is highly-blended between non-IT and IT area. One methodology is to link the non-IT and IT area is to construct databases. Nowadays, it supports before and after-treatment for patients and should satisfy all stakeholders such as practitioners, nurses, researchers, administrators and financial departments and so on. In accordance with the database maintenance, DAS (Data as Service) model is one solution for outsourcing. However, there are some scalability and strategy issues when we need to plan to use DAS model properly. We constructed three kinds of databases such as plan-text, MS built-in encryption which is in-house model and custom AES (Advanced Encryption Standard) - DAS model scaling from 5K to 2560K records. To perform custom AES-DAS better, we also devised Bucket Index using Bloom Filter. The simulation showed the response times arithmetically increased in the beginning but after a certain threshold, exponentially increased in the end. In conclusion, if the database model is close to in-house model, then vendor technology is a good way to perform and get query response times in a consistent manner. If the model is DAS model, it is easy to outsource the database, however, some techniques like Bucket Index enhances its utilization. To get faster query response times, designing database such as consideration of the field type is also important. This study suggests cloud computing would be a next DAS model to satisfy the scalability and the security issues.
Resumo:
The encryption method is a well established technology for protecting sensitive data. However, once encrypted, the data can no longer be easily queried. The performance of the database depends on how to encrypt the sensitive data. In this paper we review the conventional encryption method which can be partially queried and propose the encryption method for numerical data which can be effectively queried. The proposed system includes the design of the service scenario, and metadata.
Resumo:
Electronic Health Record (EHR) retrieval processes are complex demanding Information Technology (IT) resources exponentially in particular memory usage. Database-as-a-service (DAS) model approach is proposed to meet the scalability factor of EHR retrieval processes. A simulation study using ranged of EHR records with DAS model was presented. The bucket-indexing model incorporated partitioning fields and bloom filters in a Singleton design pattern were used to implement custom database encryption system. It effectively provided faster responses in the range query compared to different types of queries used such as aggregation queries among the DAS, built-in encryption and the plain-text DBMS. The study also presented with constraints around the approach should consider for other practical applications.
Resumo:
In the medical and healthcare arena, patients‟ data is not just their own personal history but also a valuable large dataset for finding solutions for diseases. While electronic medical records are becoming popular and are used in healthcare work places like hospitals, as well as insurance companies, and by major stakeholders such as physicians and their patients, the accessibility of such information should be dealt with in a way that preserves privacy and security. Thus, finding the best way to keep the data secure has become an important issue in the area of database security. Sensitive medical data should be encrypted in databases. There are many encryption/ decryption techniques and algorithms with regard to preserving privacy and security. Currently their performance is an important factor while the medical data is being managed in databases. Another important factor is that the stakeholders should decide more cost-effective ways to reduce the total cost of ownership. As an alternative, DAS (Data as Service) is a popular outsourcing model to satisfy the cost-effectiveness but it takes a consideration that the encryption/ decryption modules needs to be handled by trustworthy stakeholders. This research project is focusing on the query response times in a DAS model (AES-DAS) and analyses the comparison between the outsourcing model and the in-house model which incorporates Microsoft built-in encryption scheme in a SQL Server. This research project includes building a prototype of medical database schemas. There are 2 types of simulations to carry out the project. The first stage includes 6 databases in order to carry out simulations to measure the performance between plain-text, Microsoft built-in encryption and AES-DAS (Data as Service). Particularly, the AES-DAS incorporates implementations of symmetric key encryption such as AES (Advanced Encryption Standard) and a Bucket indexing processor using Bloom filter. The results are categorised such as character type, numeric type, range queries, range queries using Bucket Index and aggregate queries. The second stage takes the scalability test from 5K to 2560K records. The main result of these simulations is that particularly as an outsourcing model, AES-DAS using the Bucket index shows around 3.32 times faster than a normal AES-DAS under the 70 partitions and 10K record-sized databases. Retrieving Numeric typed data takes shorter time than Character typed data in AES-DAS. The aggregation query response time in AES-DAS is not as consistent as that in MS built-in encryption scheme. The scalability test shows that the DBMS reaches in a certain threshold; the query response time becomes rapidly slower. However, there is more to investigate in order to bring about other outcomes and to construct a secured EMR (Electronic Medical Record) more efficiently from these simulations.
Resumo:
Timed-release cryptography addresses the problem of “sending messages into the future”: information is encrypted so that it can only be decrypted after a certain amount of time, either (a) with the help of a trusted third party time server, or (b) after a party performs the required number of sequential operations. We generalise the latter case to what we call effort-release public key encryption (ER-PKE), where only the party holding the private key corresponding to the public key can decrypt, and only after performing a certain amount of computation which may or may not be parallelisable. Effort-release PKE generalises both the sequential-operation-based timed-release encryption of Rivest, Shamir, and Wagner, and also the encapsulated key escrow techniques of Bellare and Goldwasser. We give a generic construction for ER-PKE based on the use of moderately hard computational problems called puzzles. Our approach extends the KEM/DEM framework for public key encryption by introducing a difficulty notion for KEMs which results in effort-release PKE. When the puzzle used in our generic construction is non-parallelisable, we recover timed-release cryptography, with the addition that only the designated receiver (in the public key setting) can decrypt.
Resumo:
We introduce the concept of Revocable Predicate Encryption (RPE), which extends current predicate encryption setting with revocation support: private keys can be used to decrypt an RPE ciphertext only if they match the decryption policy (defined via attributes encoded into the ciphertext and predicates associated with private keys) and were not revoked by the time the ciphertext was created. We formalize the notion of attribute hiding in the presence of revocation and propose an RPE scheme, called AH-RPE, which achieves attribute-hiding under the Decision Linear assumption in the standard model. We then present a stronger privacy notion, termed full hiding, which further cares about privacy of revoked users. We propose another RPE scheme, called FH-RPE, that adopts the Subset Cover Framework and offers full hiding under the Decision Linear assumption in the standard model. The scheme offers very flexible privacy-preserving access control to encrypted data and can be used in sender-local revocation scenarios.
Resumo:
Study Design. Analysis of a case series of 24 Lenke 1C adolescent idiopathic scoliosis (AIS) patients receiving selective thoracoscopic anterior scoliosis correction. Objective. To report the behaviour of the compensatory lumbar curve in a group of Lenke IC AIS patients following thoracoscopic anterior scoliosis correction, and to compare the results of this study with previously published data. Summary of Background Data. Several prior studies have reported spontaneous lumbar curve correction for both anterior and posterior selective fusion in Lenke 1C/King-Moe II patients; however to our knowledge no previous studies have reported outcomes of thoracoscopic anterior correction for this curve type. Methods. All AIS patients with a curve classification of Lenke 1C and a minimum of 24 months follow-up were retrieved from a consecutive series of 190 AIS patients who underwent thoracoscopic anterior instrumented fusion. Cobb angles of the major curve, instrumented levels, compensatory lumbar curve, and T5-T12 kyphosis were recorded, as well as coronal spinal balance, T1 tilt angle and shoulder balance. All radiographic parameters were measured before surgery and at 2, 6, 12 and 24 months after surgery. Results. Twenty-four female patients with right thoracic curves had a mean thoracic Cobb angle of 53.0° before surgery, decreasing to 24.9° two years after surgery. The mean lumbar compensatory Cobb angle was 43.5° before surgery, spontaneously correcting to 25.4° two years after surgery, indicating balance between the thoracic and lumbar scoliotic curves. The lumbar correction achieved (41.8%) compares favourably to previous studies. Conclusions. Selective thoracoscopic anterior fusion allows spontaneous lumbar curve correction and achieves coronal balance of main thoracic and compensatory lumbar curves, good cosmesis and patient satisfaction. Correction and balance are maintained 24 months after surgery.
Resumo:
It is very difficult to selectively oxidise stable compounds such as toluene and xylenes to useful chemicals with molecular oxygen (O 2) under moderate conditions. To achieve high conversion and less over-oxidised products, a new class of photocatalysts, metal hydroxide nanoparticles grafted with alcohols, is devised. They can efficiently oxidise alkyl aromatic compounds with O 2 using visible or ultraviolet light or even sunlight to generate the corresponding aldehydes, alcohols and acids at ambient temperatures and give very little over-oxidation. For example toluene can be oxidised with a 23% conversion after a 48-hour exposure to sunlight with 85% of the product being benzaldehyde, and only a trace of CO 2.The surface complexes grafted onto metal hydroxides can absorb light, generating free radicals on the surface, which then initiate aerobic oxidation of the stable alkyl aromatic molecules with high product selectivity. This mechanism is distinctly different from those of any known catalysts. The use of the new photocatalysts as a controlled means to generate surface radicals through light excitation allows us to drive the production of fine organic chemicals at ambient temperatures with sunlight. The process with the new photocatalysts is especially valuable for temperature-sensitive syntheses and a greener process than many conventional thermal reactions. © 2012 The Royal Society of Chemistry.
Resumo:
Secrecy of decryption keys is an important pre-requisite for security of any encryption scheme and compromised private keys must be immediately replaced. \emph{Forward Security (FS)}, introduced to Public Key Encryption (PKE) by Canetti, Halevi, and Katz (Eurocrypt 2003), reduces damage from compromised keys by guaranteeing confidentiality of messages that were encrypted prior to the compromise event. The FS property was also shown to be achievable in (Hierarchical) Identity-Based Encryption (HIBE) by Yao, Fazio, Dodis, and Lysyanskaya (ACM CCS 2004). Yet, for emerging encryption techniques, offering flexible access control to encrypted data, by means of functional relationships between ciphertexts and decryption keys, FS protection was not known to exist.\smallskip In this paper we introduce FS to the powerful setting of \emph{Hierarchical Predicate Encryption (HPE)}, proposed by Okamoto and Takashima (Asiacrypt 2009). Anticipated applications of FS-HPE schemes can be found in searchable encryption and in fully private communication. Considering the dependencies amongst the concepts, our FS-HPE scheme implies forward-secure flavors of Predicate Encryption and (Hierarchical) Attribute-Based Encryption.\smallskip Our FS-HPE scheme guarantees forward security for plaintexts and for attributes that are hidden in HPE ciphertexts. It further allows delegation of decrypting abilities at any point in time, independent of FS time evolution. It realizes zero-inner-product predicates and is proven adaptively secure under standard assumptions. As the ``cross-product" approach taken in FS-HIBE is not directly applicable to the HPE setting, our construction resorts to techniques that are specific to existing HPE schemes and extends them with what can be seen as a reminiscent of binary tree encryption from FS-PKE.
Resumo:
This thesis is a collection of essays that utilises descriptive and empirical tools to examine competitive environments such as in academia, superrich and sport. The essays capture different aspects of the winner-take-all phenomenon by looking at citation and publication inequality in a top tier economics journal namely the American Economic Review. How globalisation and corruption influence the accumulation of extraordinary wealth and finally, how in a fairly equal competition, that is in the National Rugby League in Australia, wearing red shirts could lead to a comparative advantage and hence, tip the balance between winning and losing. The results within academia indicate that a highly unequal distribution exist, in which only a few top authors or institutions produce the majority of output. Furthermore, the results obtained in the superrich environment indicate that corruption and globalisation enhances the accumulation of extraordinary wealth. Finally, the results in the sport environment are mixed. While we find support for a positive effect of wearing red jerseys in our descriptive analysis, we find a negative effect when we control at the team level. However, when we investigate the relative difference in the degree of redness between home and away team, we find a quite strong positive effect of wearing red shirts even after controlling at the team level.
Resumo:
Photocatalytic synthesis using visible light is a desirable chemical process because of its potential to utilize sunlight. Supported gold nanoparticles (Au-NPs) were found to be efficient photocatalysts and the effects of the supports were identified including CeO2, TiO2, ZrO2, Al2O3, and zeolite Y. In particular Au/CeO2 exhibited the high catalytic activity to reduce nitroaromatics to azo compounds, hydrogenate azobenzene to hydroazobenzene, reduce ketones to alcohols, and deoxygenate epoxides to alkenes at ambient temperatures, under irradiation of visible light (or simulated sunlight). The reac-tive efficiency depends on two primary factors: one is the light adsorption of catalysts and another is the driving ability of catalysts corresponding to the reactants. The light absorption by Au-NPs is due to surface plasmon resonance effect or inter-band electron transition; this is related to the reduction ability of the photocatalysts. Irradiation with shorter wavelengths can excite the conduction electrons in Au-NPs to higher energy levels and as a result, induce reduction with more negative reduction potentials. It is known when irradiated with light the Au-NPs can abstract hydrogen from isopropanol forming Au-H species on the Au-NP surface. Hence, we proposed that the active Au-H species will react with the N=O, N=N, C=O double bonds or epoxide bonds, which are weakened by the interaction with the excited electrons in the Au-NPs, and yield the final reductive products. The reacting power of the Au-H species depends on the energy of the excited electrons in Au-NPs: the higher the electronic energy, the stronger the reduction ability of the Au-H species. This finding demonstrates that we can tune the reduction ability of the photocatalysts by manipulating the irradiation wavelength.
Resumo:
Stimulation of the androgen receptor via bioavailable androgens, including testosterone and testosterone metabolites, is a key driver of prostate development and the early stages of prostate cancer. Androgens are hydrophobic and as such require carrier proteins, including sex hormone-binding globulin (SHBG), to enable efficient distribution from sites of biosynthesis to target tissues. The similarly hydrophobic corticosteroids also require a carrier protein whose affinity for steroid is modulated by proteolysis. However, proteolytic mechanisms regulating the SHBG/androgen complex have not been reported. Here, we show that the cancer-associated serine proteases, kallikrein-related peptidase (KLK)4 and KLK14, bind strongly to SHBG in glutathione S-transferase interaction analyses. Further, we demonstrate that active KLK4 and KLK14 cleave human SHBG at unique sites and in an androgen-dependent manner. KLK4 separated androgen-free SHBG into its two laminin G-like (LG) domains that were subsequently proteolytically stable even after prolonged digestion, whereas a catalytically equivalent amount of KLK14 reduced SHBG to small peptide fragments over the same period. Conversely, proteolysis of 5α-dihydrotestosterone (DHT)-bound SHBG was similar for both KLKs and left the steroid binding LG4 domain intact. Characterization of this proteolysis fragment by [(3)H]-labeled DHT binding assays revealed that it retained identical affinity for androgen compared with full-length SHBG (dissociation constant = 1.92 nM). Consistent with this, both full-length SHBG and SHBG-LG4 significantly increased DHT-mediated transcriptional activity of the androgen receptor compared with DHT delivered without carrier protein. Collectively, these data provide the first evidence that SHBG is a target for proteolysis and demonstrate that a stable fragment derived from proteolysis of steroid-bound SHBG retains binding function in vitro.
Resumo:
Vertically-aligned carbon nanotube (VACNT) membranes show very high permeation fluxes due to the inherent smooth and frictionless nature of the interior of the nanotubes. However, the hydrogen selectivities are all in the Knudsen range and are quite low. In this study we grew molecular sieve zeolite imidazolate frameworks (ZIFs) via secondary seeded growth on the VACNT membranes as a gas selective layer. The ZIF layer has a thickness of 5–6 μm and shows good contact with the VACNT membrane surface. The VACNT supported ZIF membrane shows much higher H2 selectivity than Ar (7.0); O2 (13.6); N2 (15.1) and CH4 (9.8). We conclude that tailoring metal–organic frameworks on the membrane surface can be an effective route to improve the gas separation performance of the VACNT membrane.
Resumo:
Predicate encryption (PE) is a new primitive which supports exible control over access to encrypted data. In PE schemes, users' decryption keys are associated with predicates f and ciphertexts encode attributes a that are specified during the encryption procedure. A user can successfully decrypt if and only if f(a) = 1. In this thesis, we will investigate several properties that are crucial to PE. We focus on expressiveness of PE, Revocable PE and Hierarchical PE (HPE) with forward security. For all proposed systems, we provide a security model and analysis using the widely accepted computational complexity approach. Our first contribution is to explore the expressiveness of PE. Existing PE supports a wide class of predicates such as conjunctions of equality, comparison and subset queries, disjunctions of equality queries, and more generally, arbitrary combinations of conjunctive and disjunctive equality queries. We advance PE to evaluate more expressive predicates, e.g., disjunctive comparison or disjunctive subset queries. Such expressiveness is achieved at the cost of computational and space overhead. To improve the performance, we appropriately revise the PE to reduce the computational and space cost. Furthermore, we propose a heuristic method to reduce disjunctions in the predicates. Our schemes are proved in the standard model. We then introduce the concept of Revocable Predicate Encryption (RPE), which extends the previous PE setting with revocation support: private keys can be used to decrypt an RPE ciphertext only if they match the decryption policy (defined via attributes encoded into the ciphertext and predicates associated with private keys) and were not revoked by the time the ciphertext was created. We propose two RPE schemes. Our first scheme, termed Attribute- Hiding RPE (AH-RPE), offers attribute-hiding, which is the standard PE property. Our second scheme, termed Full-Hiding RPE (FH-RPE), offers even stronger privacy guarantees, i.e., apart from possessing the Attribute-Hiding property, the scheme also ensures that no information about revoked users is leaked from a given ciphertext. The proposed schemes are also proved to be secure under well established assumptions in the standard model. Secrecy of decryption keys is an important pre-requisite for security of (H)PE and compromised private keys must be immediately replaced. The notion of Forward Security (FS) reduces damage from compromised keys by guaranteeing confidentiality of messages that were encrypted prior to the compromise event. We present the first Forward-Secure Hierarchical Predicate Encryption (FS-HPE) that is proved secure in the standard model. Our FS-HPE scheme offers some desirable properties: time-independent delegation of predicates (to support dynamic behavior for delegation of decrypting rights to new users), local update for users' private keys (i.e., no master authority needs to be contacted), forward security, and the scheme's encryption process does not require knowledge of predicates at any level including when those predicates join the hierarchy.