Secret shares to protect health records in Cloud-based infrastructures

Buchanan, William J; Ukwandu, Elochukwu; van Deursen, Nicole; Fan, Lu; Russell, Gordon; Lo, Owen; Thuemmler, Christoph

doi:10.1109/HealthCom.2015.7454589

Advanced Security and Network Forensics: Threats (2016)
Other
Buchanan, W. (2016). Advanced Security and Network Forensics: Threats. http://buchananweb.co.uk/adv/unit02.html

2 THREAT ANALYSIS 2.1 Objectives 2.2 Introduction 2.3 Intruder detection Sweeps 2.4 Vulnerably analysis Vulnerability scanners 2.5 Hping 2.6 Botnets 2.7 Phishing 2.8 Active attacks 2.9 Inference Applying different levels of dat... Read More about Advanced Security and Network Forensics: Threats.

Protecting Documents with Sticky Policies and Identity-Based Encryption (2016)
Presentation / Conference Contribution
Spyra, G., & Buchanan, W. J. (2016). Protecting Documents with Sticky Policies and Identity-Based Encryption. In Proceedings of the Future Technologies Conference (FTC) 2016. https://doi.org/10.1109/FTC.2016.7821719

Documents are increasingly being held in public cloud-based systems, and there thus increasingly exposed to accesses from malicious entities. This paper focuses on the integration of sticky policies that are embedded into OOXML (Open Office XML) pr... Read More about Protecting Documents with Sticky Policies and Identity-Based Encryption.

3LS-authenticate: an e-commerce challenge-response mobile application. (2016)
Presentation / Conference Contribution
Molla, R., Romdhani, I., & Buchanan, B. (2016, November). 3LS-authenticate: an e-commerce challenge-response mobile application. Paper presented at 13th ACS/IEEE International Conference on Computer Systems and Applications AICCSA 2016

The rapid growth of e-commerce has been associated with a number of security concerns, which challenge its continual success. In view of this, an investigative study determining the most secure and convenient solution to protect online clients has be... Read More about 3LS-authenticate: an e-commerce challenge-response mobile application..

HI-risk: A method to analyse health information risk intelligence (2016)
Presentation / Conference Contribution
Buchanan, W. J., & van Deursen, N. (2016). HI-risk: A method to analyse health information risk intelligence. In 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom). https://doi.org/10.1109/healthcom.2016

Information security threat intelligence is a prevalent topic amongst researchers, long-established IT-vendors and start-ups. The possibilities of Big Data analytics to security threat and vulnerability scanning offer a significant development in the... Read More about HI-risk: A method to analyse health information risk intelligence.

Will quantum computers be the end of public key encryption? (2016)
Journal Article
Buchanan, W., & Woodward, A. (2016). Will quantum computers be the end of public key encryption?. Journal of Cyber Security Technology, 1(1), 1-22. https://doi.org/10.1080/23742917.2016.1226650

The emergence of practical quantum computers poses a significant threat to the most popular public key cryptographic schemes in current use. While we know that the well-understood algorithms for factoring large composites and solving the discrete log... Read More about Will quantum computers be the end of public key encryption?.

Power analysis attacks on the AES-128 S-box using differential power analysis (DPA) and correlation power analysis (CPA) (2016)
Journal Article
Lo, O., Buchanan, W. J., & Carson, D. (2016). Power analysis attacks on the AES-128 S-box using differential power analysis (DPA) and correlation power analysis (CPA). Journal of Cyber Security Technology, 1(2), 88-107. https://doi.org/10.1080/23742917.2016.1231523

This article demonstrates two fundamental techniques of power analysis, differential power analysis (DPA) and correlation power analysis (CPA), against a modern piece of hardware which is widely available to the public: the Arduino Uno microcontrolle... Read More about Power analysis attacks on the AES-128 S-box using differential power analysis (DPA) and correlation power analysis (CPA).

Sticky policy enabled authenticated OOXML (2016)
Presentation / Conference Contribution
Spyra, G., Buchanan, W. J., & Ekonomou, E. (2016). Sticky policy enabled authenticated OOXML. In Conference Proceedings of the IEEE Technically Sponsored SAI Computing Conference 2016. https://doi.org/10.1109/SAI.2016.7556117

This paper proposes a secure document sharing construction, which addresses confidentiality and authenticity concerns related to cloud-based data sharing. The goal of this research is to find an efficient way to share data in the cloud across various... Read More about Sticky policy enabled authenticated OOXML.

If two countries waged cyber war on each another, here’s what to expect (2016)
Newspaper / Magazine
Buchanan, B. (2016). If two countries waged cyber war on each another, here’s what to expect. [https://theconversation.com/if-two-countries-waged-cyber-war-on-each-another-heres-what-to-expect-63544]. https://theconversation.com/if-two-countries-waged-c

Imagine you woke up to discover a massive cyber attack on your country. All government data has been destroyed, taking out healthcare records, birth certificates, social care records and so much more. The transport system isn’t working, traffic light... Read More about If two countries waged cyber war on each another, here’s what to expect.

Resilient secret sharing cloud based architecture for data vault (2016)
Patent
Lanc, D., Fan, L., MacKinnon, L., & Buchanan, B. (2016). Resilient secret sharing cloud based architecture for data vault

A method of securely storing data including: providing, within a secure data storage system, a plurality of secret sharing methods for selection and identifying a striping policy for storage of the data, in accordance with input preferences. The data... Read More about Resilient secret sharing cloud based architecture for data vault.

A RAM triage methodology for Hadoop HDFS forensics (2016)
Journal Article
Leimich, P., Harrison, J., & Buchanan, W. J. (2016). A RAM triage methodology for Hadoop HDFS forensics. Digital Investigation, 18, 96-109. https://doi.org/10.1016/j.diin.2016.07.003

This paper discusses the challenges of performing a forensic investigation against a multi-node Hadoop cluster and proposes a methodology for examiners to use in such situations. The procedure's aim of minimising disruption to the data centre during... Read More about A RAM triage methodology for Hadoop HDFS forensics.

Applied web traffic analysis for numerical encoding of SQL Injection attack features (2016)
Presentation / Conference Contribution
Uwagbole, S., Buchanan, W., & Fan, L. (2016, July). Applied web traffic analysis for numerical encoding of SQL Injection attack features. Presented at 15th European Conference on Cyber Warfare and Security ECCWS-2016

SQL Injection Attack (SQLIA) remains a technique used by a computer network intruder to pilfer an organisation’s confidential data. This is done by an intruder re-crafting web form’s input and query strings used in web requests with malicious intent... Read More about Applied web traffic analysis for numerical encoding of SQL Injection attack features.

Numerical encoding to tame SQL injection attacks (2016)
Presentation / Conference Contribution
Uwagbole, S., Buchanan, W. J., & Fan, L. (2016, April). Numerical encoding to tame SQL injection attacks. Presented at 2ND IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT)

Recent years have seen an astronomical rise in SQL Injection Attacks (SQLIAs) used to compromise the confidentiality, authentication and integrity of organisations’ databases. Intruders becoming smarter in obfuscating web requests to evade detection... Read More about Numerical encoding to tame SQL injection attacks.

Password Pattern and Vulnerability Analysis for Web and Mobile Applications (2016)
Journal Article
Li, S., Romdhani, I., & Buchanan, W. (2016). Password Pattern and Vulnerability Analysis for Web and Mobile Applications. ZTE Communications, 14, 32-36. https://doi.org/10.3969/j.issn.1673-5188.2016.S0.006

Text⁃based passwords are heavily used to defense for many web and mobile applications. In this paper, we investigated the patterns and vulnerabilities for both web and mobile applications based on conditions of the Shannon entropy, Guessing entropy a... Read More about Password Pattern and Vulnerability Analysis for Web and Mobile Applications.

Bitcoin mining is about to become a lot less profitable (2016)
Newspaper / Magazine
Buchanan, W. J. (2016). Bitcoin mining is about to become a lot less profitable

Imagine being told that your wage was going to be cut in half. Well, that’s what’s soon going to happen to those who make money from Bitcoin mining, the process of earning the online currency Bitcoin. The current expected date for this change is 1... Read More about Bitcoin mining is about to become a lot less profitable.

Secret shares to protect health records in Cloud-based infrastructures (2016)
Presentation / Conference Contribution
Buchanan, W. J., Ukwandu, E., van Deursen, N., Fan, L., Russell, G., Lo, O., & Thuemmler, C. (2016). Secret shares to protect health records in Cloud-based infrastructures. In 2015 17th International Conference on E-health Networking, Application & Servi

Increasingly health records are stored in cloud-based systems, and often protected by a private key. Unfortunately the loss of this key can cause large-scale data loss. This paper outlines a novel Cloud-based architecture (SECRET) which supports keyl... Read More about Secret shares to protect health records in Cloud-based infrastructures.

All Outputs (15)