Owen Lo

DACAR Platform for eHealth Services Cloud

The use of digital technologies in providing health care services is collectively known as eHealth. Considerable progress has been made in the development of eHealth services, but concerns over service integration, large scale deployment, and security, integrity and confidentiality of sensitive medical data still need to be addressed. This paper presents a solution proposed by the Data Capture and Auto Identification Reference (DACAR) project to overcoming these challenges. The key contributions of this paper include a Single Point of Contact (SPoC), a novel rule based information sharing policy syntax, and Data Buckets hosted by a scalable and cost-effective Cloud infrastructure. These key components and other system services constitute DACARs eHealth platform, which allows the secure capture, storage and consumption of sensitive health care data. Currently, a prototype of the DACAR platform has been implemented. To assess the viability and performance of the platform, a demonstration application, namely the Early Warning Score (EWS), has been developed and deployed within a private Cloud infrastructure at Edinburgh Napier University. Simulated experimental results show that the end-to-end communication latency of 97.8% of application messages were below 100ms. Hence, the DACAR platform is efficient enough to support the development and integration of time critical eHealth services. A more comprehensive evaluation of the DACAR platform in a real life clinical environment is under development at Chelsea & Westminster Hospital in London.

Letter to the Editor: Formal security policy implementations in network firewalls

Network security should be based around formal security policies. From high-level natural language, non-technical, policies created by management, down to device and vendor specific policies, or configurations, written by network system administrators. There exists a multitude of research into policy-based network systems which has been undertaken. This paper provides an overview of the different type of policies relating to security in networks, and a taxonomy of the research into systems which have been proposed to support the network administrators in difficult tasks of creating, managing and deploying these policies.

Power analysis attacks on the AES-128 S-box using differential power analysis (DPA) and correlation power analysis (CPA)

ABSTRACT This article demonstrates two fundamental techniques of power analysis, differential power analysis (DPA) and correlation power analysis (CPA), against a modern piece of hardware which is widely available to the public: the Arduino Uno microcontroller. The DPA attack we implement is referred to as the Difference of Means attack while the CPA attack is implemented by building a power model of the device using the Hamming Weight Power Model method. The cryptographic algorithm we have chosen to attack is AES-128. In particular, the AddRoundKey and SubBytes functions of this algorithm are implemented on an Arduino Uno and we demonstrate how the full 16-byte cipher key can be deduced using the two techniques by monitoring the power consumption of the device during cryptographic operations. The results of experimentation find that both forms of attack, DPA and CPA, are viable against the Arduino Uno. However, it was found that CPA produces results which are easier to interpret from an analytical perspective. Thus, our contributions in this article is providing a side-by-side comparison on how applicable these two power analysis attack techniques are along with providing a methodology to enable readers to replicate and learn how one may perform such attacks on their own hardware.

Correlation Power Analysis on the PRESENT Block Cipher on an Embedded Device

Traditional cryptographic techniques have proven to work well on most modern computing devices but they are unsuitable for devices (e.g. IoT devices) where memory, power consumption or processing power is limited. Thus, there has been an increasing amount of work on the design and implementation of lightweight cryptographic algorithms to provide a solution for running cryptography on low resource devices. One particular cryptographic algorithm designed specifically to be used on low resource devices is the PRESENT algorithm. Although the design of PRESENT provides a small memory footprint alongside low power consumption our results show it is susceptible to information leakage when power analysis is performed against a device running this algorithm. In this paper, we present our methodology and results on performing correlation power analysis against this light weight block cipher. Our chosen device under test is an Arduino Uno which was programmed to run the Add Round Key and S-Box functions of PRESENT during the first round of encryptions. Results demonstrate that the Add Round Key function is susceptible to information leakage but a high number of false-positives were observed. Greater success was obtained when targeting the S-Box of the PRESENT algorithm and we were able to derive the first 8 bytes of the key.

Distance Measurement Methods for Improved Insider Threat Detection

Insider threats are a considerable problem within cyber security and it is often difficult to detect these threats using signature detection. Increasing machine learning can provide a solution, but these methods often fail to take into account changes of behaviour of users. This work builds on a published method of detecting insider threats and applies Hidden Markov method on a CERT data set (CERT r4.2) and analyses a number of distance vector methods (Damerau–Levenshtein Distance, Cosine Distance, and Jaccard Distance) in order to detect changes of behaviour, which are shown to have success in determining different insider threats.

Modelling of Integrated Trust, Governance and Access

We live in a world where trust relationships are becoming ever more important. The paper defines a novel modelling system of trust relationships using Binary Decision Diagrams (BDDs), and outlines how this integrates with an information sharing architecture known as safi.re (Structured Analysis and Filtering Engine). This architecture has been used on a number of information sharing projects, including within health and social care integration, and in sharing between the police and their community partners. The research aims to abstract the relationships between domains, organisations and units, into a formal definition, and then implement these as governance rules, and using the trust relationship definition, and the rules.