Purpose: This research aims to evaluate the potential threats to patient privacy and confidentiality posed by mHealth applications on mobile devices. Methodology: A comprehensive literature review was conducted, selec...Purpose: This research aims to evaluate the potential threats to patient privacy and confidentiality posed by mHealth applications on mobile devices. Methodology: A comprehensive literature review was conducted, selecting eighty-eight articles published over the past fifteen years. The study assessed data gathering and storage practices, regulatory adherence, legal structures, consent procedures, user education, and strategies to mitigate risks. Results: The findings reveal significant advancements in technologies designed to safeguard privacy and facilitate the widespread use of mHealth apps. However, persistent ethical issues related to privacy remain largely unchanged despite these technological strides.展开更多
To address security and privacy issues in radio frequency identification (RFID) traceability networks, a multi-layer privacy and security framework is proposed, which includes four facets: a security model, a communic...To address security and privacy issues in radio frequency identification (RFID) traceability networks, a multi-layer privacy and security framework is proposed, which includes four facets: a security model, a communication protocol, access permission and privacy preservation. According to the security requirements that are needed in an RFID system, a security model that incorporates security requirements that include privacy of tag data, privacy of ownership, and availability of tag identity is introduced. Using this model, a secure communication protocol that can be used for anti-counterfeiting, automatic identification and privacy preservation is then developed. In order to manage the number of parties, data records of items, and complicated transitions of access permissions in an item-level traceability context, a well-designed access control protocol is proposed to parties that can prove the physical possession of an item;meanwhile, to address the privacy issues during data sharing in an RFID network, a vision of database systems that take responsibility for the privacy of the data they manage is also presented.展开更多
In an era characterized by digital pervasiveness and rapidly expanding datasets,ensuring the integrity and reliability of information is paramount.As cyber threats evolve in complexity,traditional cryptographic method...In an era characterized by digital pervasiveness and rapidly expanding datasets,ensuring the integrity and reliability of information is paramount.As cyber threats evolve in complexity,traditional cryptographic methods face increasingly sophisticated challenges.This article initiates an exploration into these challenges,focusing on key exchanges(encompassing their variety and subtleties),scalability,and the time metrics associated with various cryptographic processes.We propose a novel cryptographic approach underpinned by theoretical frameworks and practical engineering.Central to this approach is a thorough analysis of the interplay between Confidentiality and Integrity,foundational pillars of information security.Our method employs a phased strategy,beginning with a detailed examination of traditional cryptographic processes,including Elliptic Curve Diffie-Hellman(ECDH)key exchanges.We also delve into encrypt/decrypt paradigms,signature generation modes,and the hashes used for Message Authentication Codes(MACs).Each process is rigorously evaluated for performance and reliability.To gain a comprehensive understanding,a meticulously designed simulation was conducted,revealing the strengths and potential improvement areas of various techniques.Notably,our cryptographic protocol achieved a confidentiality metric of 9.13 in comprehensive simulation runs,marking a significant advancement over existing methods.Furthermore,with integrity metrics at 9.35,the protocol’s resilience is further affirmed.These metrics,derived from stringent testing,underscore the protocol’s efficacy in enhancing data security.展开更多
The privacy problem of many RFID systems has been extensively studied. Yet integrity in RFID has not received much attention as regular computer systems. When we evaluate an identification protocol for an RFID system ...The privacy problem of many RFID systems has been extensively studied. Yet integrity in RFID has not received much attention as regular computer systems. When we evaluate an identification protocol for an RFID system for anti-counterfeiting, it is important to consider integrity issues. Moreover, many RFID systems are accessed by multiple level trust parties, which makes comprehensive integrity protection even harder. In this paper, we first propose an integrity model for RFID protocols. Then we use the model to analyze the integrity problems in Squealing Euros protocol. Squealing Euros was proposed by Juels and Pappu for RFID enabled banknotes that will support anti-forgery and lawful tracing yet preserve individual's privacy. We analyze its integrity, we then discuss the problems that arise and propose some solutions to these problems. Then an improved protocol with integrity protection for the law enforcement is constructed, which includes an unforgeable binding between the banknote serial number and the RF ciphertext only readable to law enforcement. This same protocol can be applied in many other applications which require a privacy protecting anti-counterfeiting mechanism.展开更多
随着RFID(radio frequency identification)技术的广泛应用,引发的隐私威胁问题越来越突出.了解RFID隐私的内涵和常见攻击方法,掌握现有的RFID隐私保护技术,有助于减少RFID隐私信息的泄漏.从RFID技术的基本概念入手,全面分析了RFID隐私...随着RFID(radio frequency identification)技术的广泛应用,引发的隐私威胁问题越来越突出.了解RFID隐私的内涵和常见攻击方法,掌握现有的RFID隐私保护技术,有助于减少RFID隐私信息的泄漏.从RFID技术的基本概念入手,全面分析了RFID隐私及隐私威胁,给出了RFID隐私分类方法;对RFID隐私中的跟踪攻击和罗列攻击两种攻击方法进行了深入探讨.在此基础上,对现有典型的RFID隐私防御方法进行了详细讨论.全面介绍了RFID隐私保护技术发展现状和动态,可作为开展RFID隐私保护技术研究工作的参考和借鉴.展开更多
文摘Purpose: This research aims to evaluate the potential threats to patient privacy and confidentiality posed by mHealth applications on mobile devices. Methodology: A comprehensive literature review was conducted, selecting eighty-eight articles published over the past fifteen years. The study assessed data gathering and storage practices, regulatory adherence, legal structures, consent procedures, user education, and strategies to mitigate risks. Results: The findings reveal significant advancements in technologies designed to safeguard privacy and facilitate the widespread use of mHealth apps. However, persistent ethical issues related to privacy remain largely unchanged despite these technological strides.
基金Program for New Century Excellent Talents in University of Fujian Province (No.X04139)
文摘To address security and privacy issues in radio frequency identification (RFID) traceability networks, a multi-layer privacy and security framework is proposed, which includes four facets: a security model, a communication protocol, access permission and privacy preservation. According to the security requirements that are needed in an RFID system, a security model that incorporates security requirements that include privacy of tag data, privacy of ownership, and availability of tag identity is introduced. Using this model, a secure communication protocol that can be used for anti-counterfeiting, automatic identification and privacy preservation is then developed. In order to manage the number of parties, data records of items, and complicated transitions of access permissions in an item-level traceability context, a well-designed access control protocol is proposed to parties that can prove the physical possession of an item;meanwhile, to address the privacy issues during data sharing in an RFID network, a vision of database systems that take responsibility for the privacy of the data they manage is also presented.
文摘In an era characterized by digital pervasiveness and rapidly expanding datasets,ensuring the integrity and reliability of information is paramount.As cyber threats evolve in complexity,traditional cryptographic methods face increasingly sophisticated challenges.This article initiates an exploration into these challenges,focusing on key exchanges(encompassing their variety and subtleties),scalability,and the time metrics associated with various cryptographic processes.We propose a novel cryptographic approach underpinned by theoretical frameworks and practical engineering.Central to this approach is a thorough analysis of the interplay between Confidentiality and Integrity,foundational pillars of information security.Our method employs a phased strategy,beginning with a detailed examination of traditional cryptographic processes,including Elliptic Curve Diffie-Hellman(ECDH)key exchanges.We also delve into encrypt/decrypt paradigms,signature generation modes,and the hashes used for Message Authentication Codes(MACs).Each process is rigorously evaluated for performance and reliability.To gain a comprehensive understanding,a meticulously designed simulation was conducted,revealing the strengths and potential improvement areas of various techniques.Notably,our cryptographic protocol achieved a confidentiality metric of 9.13 in comprehensive simulation runs,marking a significant advancement over existing methods.Furthermore,with integrity metrics at 9.35,the protocol’s resilience is further affirmed.These metrics,derived from stringent testing,underscore the protocol’s efficacy in enhancing data security.
基金This work has been supported by a grant provided by The Lilly Endowment and the Indiana University Pervasive Technolugy Labs
文摘The privacy problem of many RFID systems has been extensively studied. Yet integrity in RFID has not received much attention as regular computer systems. When we evaluate an identification protocol for an RFID system for anti-counterfeiting, it is important to consider integrity issues. Moreover, many RFID systems are accessed by multiple level trust parties, which makes comprehensive integrity protection even harder. In this paper, we first propose an integrity model for RFID protocols. Then we use the model to analyze the integrity problems in Squealing Euros protocol. Squealing Euros was proposed by Juels and Pappu for RFID enabled banknotes that will support anti-forgery and lawful tracing yet preserve individual's privacy. We analyze its integrity, we then discuss the problems that arise and propose some solutions to these problems. Then an improved protocol with integrity protection for the law enforcement is constructed, which includes an unforgeable binding between the banknote serial number and the RF ciphertext only readable to law enforcement. This same protocol can be applied in many other applications which require a privacy protecting anti-counterfeiting mechanism.
文摘随着RFID(radio frequency identification)技术的广泛应用,引发的隐私威胁问题越来越突出.了解RFID隐私的内涵和常见攻击方法,掌握现有的RFID隐私保护技术,有助于减少RFID隐私信息的泄漏.从RFID技术的基本概念入手,全面分析了RFID隐私及隐私威胁,给出了RFID隐私分类方法;对RFID隐私中的跟踪攻击和罗列攻击两种攻击方法进行了深入探讨.在此基础上,对现有典型的RFID隐私防御方法进行了详细讨论.全面介绍了RFID隐私保护技术发展现状和动态,可作为开展RFID隐私保护技术研究工作的参考和借鉴.