The Experts below are selected from a list of 33294 Experts worldwide ranked by ideXlab platform
Maziar Siami - One of the best experts on this subject based on the ideXlab platform.
-
Authentication and Confidentiality in Protocol Independent Multicast Sparse Mode (PIM-SM) Link-Local Messages
2010Co-Authors: Salekul Islam, Maziar SiamiAbstract:RFC 4601 mandates the use of IPsec to ensure authentication of the link-local messages in the Protocol Independent Multicast - Sparse Mode (PIM-SM) routing protocol. This document specifies mechanisms to authenticate the PIM-SM link-local messages using the IP security (IPsec) Encapsulating Security Payload (ESP) or (optionally) the Authentication Header (AH). It specifies optional mechanisms to provide confidentiality using the ESP. Manual Keying is specified as the mandatory and default group Key Management Solution. To deal with issues of scalability and security that exist with manual Keying, an optional support for automated group Key Management mechanism is provided. However, the procedures for implementing automated group Key Management are left to other documents. This document updates RFC 4601.
-
Authentication and Confidentiality in PIM-SM Link-local Messages
2010Co-Authors: Salekul Islam, Maziar SiamiAbstract:RFC 4601 mandates the use of IPsec to ensure authentication of the link-local messages in the Protocol Independent Multicast - Sparse Mode (PIM-SM) routing protocol. This document specifies mechanisms to authenticate the PIM-SM link-local messages using the IP security (IPsec) Encapsulating Security Payload (ESP) or (optionally) the Authentication Header (AH). It specifies optional mechanisms to provide confidentiality using the ESP. Manual Keying is specified as the mandatory and default group Key Management Solution. To deal with issues of scalability and security that exist with manual Keying, an optional support for automated group Key Management mechanism is provided. However, the procedures for implementing automated group Key Management are left to other documents. This document updates RFC 4601.
Cungang Yang - One of the best experts on this subject based on the ideXlab platform.
-
ACISP - Key Management for role hierarchy in distributed systems
Information Security and Privacy, 2005Co-Authors: Cungang Yang, R. CheungAbstract:As distributed computing system grow in size, complexity and variety of application, the problem of protecting sensitive data from unauthorized disclosure and tampering becomes increasingly important. In this paper, we present a cryptographic Key Management Solution to the role-based access control (RBAC) model in distributed systems. The Key Management method used for distributed system is decentralized. Each local domain is managed by its local domain security manager and any Key modifications of roles in a local domain will not affect the Keys of roles in other local domains.
-
Access control in a hierarchy using one-way hash functions
Computers & Security, 2004Co-Authors: Cungang YangAbstract:This paper presents a cryptographic Key Management Solution to solve the access control problem in a hierarchy. Based on one-way hash functions, an efficient Key assignment and derivation method is proposed. This Solution uses limited number of Keys and hash functions. Also, the dynamic access control problems, such as adding/deleting nodes, or modifying relationships between nodes in the hierarchy are considered and can be resolved.
-
A secure object-oriented role-based access control model for distributed systems
2003Co-Authors: Chang Zhang, Cungang YangAbstract:This thesis focuses on an Object-Oriented Role-Based Access Control model (ORBAC) for distributed systems that efficiently represent the real world. The access control models are well documented. Previous research in Role-Based Access Control (RBAC) is reviewed. Through our work, an information flow analysis technique is proposed to deal with a confinement problem on ORBAC. A practical method that can be employed in distributed systems for managing security policies is presented. A cryptographic Key Management Solution to solve the access control problem in a position role hierarchy is also proposed. Based on one-way hash functions, we introduce a Key assignment and derivation method. This Solution uses limited number of Keys and hash functions. Moreover, ORBAC extends its original model from a single enterprise domain to foreign domains and has been applied to the Internet. Using XML techniques, we propose an efficient method to manage security policies for web-based applications. Unlike most existing approaches, with our approach the authorization is independently defined and is separated from policy representation and from implementation mechanisms. The academic and technical achievements of this thesis can be applied to electronic commerce and distributed systems, and may also be integrated with firewall techniques.
-
Cryptographic Key Management Solution in a role hierarchy
Canadian Conference on Electrical and Computer Engineering 2004 (IEEE Cat. No.04CH37513), 1Co-Authors: Cungang Yang, R. CheungAbstract:This paper presents a cryptographic Key Management Solution to solve the access control problem in the role hierarchy. Based on one-way hash functions, we propose an efficient Key assignment and derivation method. This Solution uses a limited number of Keys and hash functions. Also, the dynamic access control problems, such as adding/deleting roles, or modifying relationships between roles in the role hierarchy are considered and can be resolved.
Chien-ding Lee - One of the best experts on this subject based on the ideXlab platform.
-
a novel Key Management Solution for reinforcing compliance with hipaa privacy security regulations
International Conference of the IEEE Engineering in Medicine and Biology Society, 2011Co-Authors: Chien-ding Lee, Wei-bin LeeAbstract:Digitizing medical records facilitates the healthcare process. However, it can also cause serious security and privacy problems, which are the major concern in the Health Insurance Portability and Accountability Act (HIPAA). While various conventional encryption mechanisms can solve some aspects of these problems, they cannot address the illegal distribution of decrypted medical images, which violates the regulations defined in the HIPAA. To protect decrypted medical images from being illegally distributed by an authorized staff member, the model proposed in this paper provides a way to integrate several cryptographic mechanisms. In this model, the malicious staff member can be tracked by a watermarked clue. By combining several well-designed cryptographic mechanisms and developing a Key Management scheme to facilitate the interoperation among these mechanisms, the risk of illegal distribution can be reduced.
-
A Novel Key Management Solution for Reinforcing Compliance With HIPAA Privacy/Security Regulations
IEEE transactions on information technology in biomedicine : a publication of the IEEE Engineering in Medicine and Biology Society, 2011Co-Authors: Chien-ding Lee, Wei-bin LeeAbstract:Digitizing medical records facilitates the healthcare process. However, it can also cause serious security and privacy problems, which are the major concern in the Health Insurance Portability and Accountability Act (HIPAA). While various conventional encryption mechanisms can solve some aspects of these problems, they cannot address the illegal distribution of decrypted medical images, which violates the regulations defined in the HIPAA. To protect decrypted medical images from being illegally distributed by an authorized staff member, the model proposed in this paper provides a way to integrate several cryptographic mechanisms. In this model, the malicious staff member can be tracked by a watermarked clue. By combining several well-designed cryptographic mechanisms and developing a Key Management scheme to facilitate the interoperation among these mechanisms, the risk of illegal distribution can be reduced.
-
A Cryptographic Key Management Solution for HIPAA Privacy/Security Regulations
IEEE transactions on information technology in biomedicine : a publication of the IEEE Engineering in Medicine and Biology Society, 2008Co-Authors: Wei-bin Lee, Chien-ding LeeAbstract:The Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations are two crucial provisions in the protection of healthcare privacy. Privacy regulations create a principle to assure that patients have more control over their health information and set limits on the use and disclosure of health information. The security regulations stipulate the provisions implemented to guard data integrity, confidentiality, and availability. Undoubtedly, the cryptographic mechanisms are well defined to provide suitable Solutions. In this paper, to comply with the HIPAA regulations, a flexible cryptographic Key Management Solution is proposed to facilitate interoperations among the applied cryptographic mechanisms. In addition, case of consent exceptions intended to facilitate emergency applications and other possible exceptions can also be handled easily.
-
a cryptographic Key Management Solution for hipaa privacy security regulations
International Conference of the IEEE Engineering in Medicine and Biology Society, 2008Co-Authors: Wei-bin Lee, Chien-ding LeeAbstract:The Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations are two crucial provisions in the protection of healthcare privacy. Privacy regulations create a principle to assure that patients have more control over their health information and set limits on the use and disclosure of health information. The security regulations stipulate the provisions implemented to guard data integrity, confidentiality, and availability. Undoubtedly, the cryptographic mechanisms are well defined to provide suitable Solutions. In this paper, to comply with the HIPAA regulations, a flexible cryptographic Key Management Solution is proposed to facilitate interoperations among the applied cryptographic mechanisms. In addition, case of consent exceptions intended to facilitate emergency applications and other possible exceptions can also be handled easily.
Wei-bin Lee - One of the best experts on this subject based on the ideXlab platform.
-
a novel Key Management Solution for reinforcing compliance with hipaa privacy security regulations
International Conference of the IEEE Engineering in Medicine and Biology Society, 2011Co-Authors: Chien-ding Lee, Wei-bin LeeAbstract:Digitizing medical records facilitates the healthcare process. However, it can also cause serious security and privacy problems, which are the major concern in the Health Insurance Portability and Accountability Act (HIPAA). While various conventional encryption mechanisms can solve some aspects of these problems, they cannot address the illegal distribution of decrypted medical images, which violates the regulations defined in the HIPAA. To protect decrypted medical images from being illegally distributed by an authorized staff member, the model proposed in this paper provides a way to integrate several cryptographic mechanisms. In this model, the malicious staff member can be tracked by a watermarked clue. By combining several well-designed cryptographic mechanisms and developing a Key Management scheme to facilitate the interoperation among these mechanisms, the risk of illegal distribution can be reduced.
-
A Novel Key Management Solution for Reinforcing Compliance With HIPAA Privacy/Security Regulations
IEEE transactions on information technology in biomedicine : a publication of the IEEE Engineering in Medicine and Biology Society, 2011Co-Authors: Chien-ding Lee, Wei-bin LeeAbstract:Digitizing medical records facilitates the healthcare process. However, it can also cause serious security and privacy problems, which are the major concern in the Health Insurance Portability and Accountability Act (HIPAA). While various conventional encryption mechanisms can solve some aspects of these problems, they cannot address the illegal distribution of decrypted medical images, which violates the regulations defined in the HIPAA. To protect decrypted medical images from being illegally distributed by an authorized staff member, the model proposed in this paper provides a way to integrate several cryptographic mechanisms. In this model, the malicious staff member can be tracked by a watermarked clue. By combining several well-designed cryptographic mechanisms and developing a Key Management scheme to facilitate the interoperation among these mechanisms, the risk of illegal distribution can be reduced.
-
A Cryptographic Key Management Solution for HIPAA Privacy/Security Regulations
IEEE transactions on information technology in biomedicine : a publication of the IEEE Engineering in Medicine and Biology Society, 2008Co-Authors: Wei-bin Lee, Chien-ding LeeAbstract:The Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations are two crucial provisions in the protection of healthcare privacy. Privacy regulations create a principle to assure that patients have more control over their health information and set limits on the use and disclosure of health information. The security regulations stipulate the provisions implemented to guard data integrity, confidentiality, and availability. Undoubtedly, the cryptographic mechanisms are well defined to provide suitable Solutions. In this paper, to comply with the HIPAA regulations, a flexible cryptographic Key Management Solution is proposed to facilitate interoperations among the applied cryptographic mechanisms. In addition, case of consent exceptions intended to facilitate emergency applications and other possible exceptions can also be handled easily.
-
a cryptographic Key Management Solution for hipaa privacy security regulations
International Conference of the IEEE Engineering in Medicine and Biology Society, 2008Co-Authors: Wei-bin Lee, Chien-ding LeeAbstract:The Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations are two crucial provisions in the protection of healthcare privacy. Privacy regulations create a principle to assure that patients have more control over their health information and set limits on the use and disclosure of health information. The security regulations stipulate the provisions implemented to guard data integrity, confidentiality, and availability. Undoubtedly, the cryptographic mechanisms are well defined to provide suitable Solutions. In this paper, to comply with the HIPAA regulations, a flexible cryptographic Key Management Solution is proposed to facilitate interoperations among the applied cryptographic mechanisms. In addition, case of consent exceptions intended to facilitate emergency applications and other possible exceptions can also be handled easily.
Salekul Islam - One of the best experts on this subject based on the ideXlab platform.
-
Authentication and Confidentiality in Protocol Independent Multicast Sparse Mode (PIM-SM) Link-Local Messages
2010Co-Authors: Salekul Islam, Maziar SiamiAbstract:RFC 4601 mandates the use of IPsec to ensure authentication of the link-local messages in the Protocol Independent Multicast - Sparse Mode (PIM-SM) routing protocol. This document specifies mechanisms to authenticate the PIM-SM link-local messages using the IP security (IPsec) Encapsulating Security Payload (ESP) or (optionally) the Authentication Header (AH). It specifies optional mechanisms to provide confidentiality using the ESP. Manual Keying is specified as the mandatory and default group Key Management Solution. To deal with issues of scalability and security that exist with manual Keying, an optional support for automated group Key Management mechanism is provided. However, the procedures for implementing automated group Key Management are left to other documents. This document updates RFC 4601.
-
Authentication and Confidentiality in PIM-SM Link-local Messages
2010Co-Authors: Salekul Islam, Maziar SiamiAbstract:RFC 4601 mandates the use of IPsec to ensure authentication of the link-local messages in the Protocol Independent Multicast - Sparse Mode (PIM-SM) routing protocol. This document specifies mechanisms to authenticate the PIM-SM link-local messages using the IP security (IPsec) Encapsulating Security Payload (ESP) or (optionally) the Authentication Header (AH). It specifies optional mechanisms to provide confidentiality using the ESP. Manual Keying is specified as the mandatory and default group Key Management Solution. To deal with issues of scalability and security that exist with manual Keying, an optional support for automated group Key Management mechanism is provided. However, the procedures for implementing automated group Key Management are left to other documents. This document updates RFC 4601.
