Presentation is loading. Please wait.

Presentation is loading. Please wait.

Marco Casassa Mont Pete Bramhall Keith Harrison

Published byHans Moens Modified over 6 years ago

Similar presentations

Presentation on theme: "Marco Casassa Mont Pete Bramhall Keith Harrison"— Presentation transcript:

1 A Flexible Role-based Secure Messaging Service: Exploiting IBE Technology for Privacy in Health Care
Marco Casassa Mont Pete Bramhall Keith Harrison Trusted Systems Laboratory Hewlett-Packard Labs, Bristol, UK TrustBus 2003, 2-4 September 2003 Prague, Czech Republic

2 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Presentation Outline Setting the Context Addressed Problems Scenarios Requirements Related Work Our Approach Discussion Conclusions 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

3 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Setting the Context Organisations are more and more complex, dynamic and flexible: people’s roles, rights and duties can frequently change Confidential information needs to be protected whilst it is exchanged and accessed, especially in dynamic environments Messaging services (such as services), are commonly used to exchange information within and across organisations 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

4 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Addressed Problems Enforcement of confidentiality and privacy of information in dynamic contexts, where people’s roles and permissions are subject to frequent changes Allow the exchange of confidential information in a way that only the entities that satisfy predefined privacy policies, at a specific point in time, can access it 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

5 Context: UK Health Care Service
Focus on an Health Care Service: example of dynamic organisation Roles (GP, Doctor, Consultant, Nurse, etc.) can be played by different people at different time We partnered with a UK Health Care Organization to understand real problems and have a Technology Trial of our solutions Most of the employees use the service but … At moment interactions involving confidential patient data are mainly paper-based: need to be compliant with Data Protection and Privacy Laws … Waiting List Administration Teams Referral Letter Referral Letter Assistant GP Referral Letter Nurse Consultant Surgeries Discharge Letter Departments Hospitals Health Service Network 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

6 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Scenarios [1] 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

7 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Scenarios [2] 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

8 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Our Goals Automate the exchange of Confidential Information by preserving the Privacy of Patients: i.e. only the people with the right roles and permissions will access it Provide a Flexible, Role-based Secure service Learn from the Trial and investigate usages of the adopted solution in other “dynamic contexts” 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

9 High-level Requirements
Requirements for a secure service (Health Care Trial): Strong Authentication of the involved parties Privacy and Confidentiality: obfuscation of confidential data Policy-based Disclosures: privacy policies strictly associated to confidential messages. It must be possible to tell if they have been tampered with. Flexibility: Privacy policies must be flexible. it must be possible to specify role-based disclosure policies. Support for late binding of roles. Users define their own disclosure policies. Simplicity of Usage and Management 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

10 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Related Work [1] Usage of traditional public key cryptography and digital certificates for confidentiality, non-repudiation and authentication purposes. Example of S/MIME, for services: Alice’s Private Key Public Keys (Certificates) Bob’s Private Key service Alice Bob Encryption Plaintext Ciphertext Decryption Plaintext Bob’s Public Key Bob’s Private Key Does it address our problems? … 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

11 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Related Work [2] If disclosure polices depend on the Identity of the receiver, the usage of digital certificates and public key cryptography is viable. Confidential messages are encrypted with the public key (within the digital certificate) of the receiver. Examples: S/MIME If these policies do not (directly) depend on the identity but on other aspects, such as Roles or terms and conditions, the above approach does not work! At priori (at the encryption time) , the Identity of the Receivers might not be known! Case of Late Binding of the Identity. This is the case we are addressing. Receiver’s Identity Known at the sending time Alice Bob Bob Role X Charles Receiver’s Identity Unknown at the sending time Alice Late Binding 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

12 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Related Work [3] Introducing a further level of indirection via a “third party”: It must be trusted Encryption/decryption of messages (along with the associated disclosure polices) by using its keys Usage of enveloping techniques (PKCS#7, etc.) It can be coupled with Role-based Access Control mechanisms (RBAC)  It can be implemented by using public key/PKI technologies Cons: - It is not the most natural way of using public key/PKI for services (e.g. S/MIME) - Complexity of PKI-based solutions for end-users Alice Bob Charles Trusted Mediator RBAC Bob has Role x Mediator’s Public Key Encrypted data + policies x 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

13 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Our Approach Based on: Identifier-based Encryption (IBE) technology Reasons: Explore alternative/complementary solutions Investigate the suitability of IBE technology 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

14 What is Identifier-based Encryption (IBE)?
It is an Emerging Cryptography Technology Based on a Three-Player Model: Sender, Receiver, Trust Authority (Trusted Third Party) Same Strength of RSA Different Approaches: Quadratic Residuosity, Weil Pairing, Tate Pairing … SW Library and Technology available at HP Laboratories 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

15 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
IBE Core Properties 1st Property: any kind of “String” (or sequence of bytes) can be used as an IBE encryption key: for example a Role, an Address, a Picture, a Disclosure Time, Terms and Conditions, a Privacy Policy … 2nd Property: the generation of IBE decryption keys can be postponed in time, even long time after the generation of the correspondent IBE encryption key 3rd Property: reliance on at least a trust authority (trusted third party) for the generation of IBE decryption key 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

16 IBE Three-Player Model
Alice Trust Authority Bob 4. Alice Sends the encrypted Message to Bob, along with the Encryption Key 4 2. Alice knows the Trust Authority's published value of Public Detail N It is well known or available from reliable source 2 3. Alice chooses an appropriate Encryption Key. She encrypts the message: Encrypted message = {E(msg, N, encryption key)} 3 5. Bob requests the Decryption Key associated to the Encryption Key to the relevant Trust Authority. 5 6. The Trust Authority issues an IBE Decryption Key corresponding to the supplied Encryption Key only if it is happy with Bob’s entitlement to the Decryption Key. It needs the Secret to perform the computation. 6 1. Trust Authority - Generates and protects a Secret - Publishes a Public Detail N 1 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

17 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Our Solution [1] Based on the IBE Model: reliance on Trust Authority(ies) Privacy policies are represented as IBE encryption keys: Generated by the sender of confidential messages Contain list of roles to be played by the intended receivers Example: “Member of The Waiting List Team” If tampered with, the associated cannot be decrypted Trust Authority (TA): Checks for policy compliance Generates, on-the-fly, IBE decryption keys Policy compliance check: Authentication of the requestor to the TA The requestor must have the roles defined by the IBE encryption key at the request time List of people’s current roles managed by the TA 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

18 Encrypted confidential data Generation and issuance of
Our Solution [2] 1 Encrypted confidential data + IBE Encryption Key (Required Roles) service Sender Receiver 2 Request for IBE Decryption Key 3 Generation and issuance of IBE Decryption Key, If the receiver has the required roles Trust Authority Tables Roles <Identity, Roles> Mappings 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

19 Additional Technical Constraints
Technical constraints dictated by the trial environment: Authentication of Health Care’s employees via Microsoft Authentication (NT Logon). Unique login account for each employee. Policies dictate its correct usage MS Windows Trust Domains associated to Health Care Entities (Surgeries, Hospitals, etc) for “authentication management” purposes Usage of Microsoft Outlook 2000 at the client site (GPs, Nurses, Consultants, etc.) as browser Exchange of confidential information within the Health Care Organisation’s Intranet Hospital Trust Domain GP Health Care Organisation - Intranet 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

20 High-level System Architecture
Browser Add-in: - Standard MS Outlook 2000add-in, containing IBE encryption/decryption libraries - Secure connection (https) and authentication to the TA - XML-based encryption envelopes Trust Authority (TA): secure web service, with IBE key generation libraries. Protection of TA secret in secure vault. Run in a stand-alone TA trust domain by trusted administrators, in a secure site Database: simple MS SQL Server database at the TA site containing list of current roles and up-to-date mappings of users’ identities (NT logon) to their roles 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

21 System Architecture: Information Flow
MS Outlook 2000 MS Outlook 2000 service IBE Add-in IBE Add-in 1 Encrypted Request for IBE Decryption Key by sending (part of) the XML Wrapper (via https channel) Sender + XML Wrapper (containing encrypted IBE Encryption Key) Receiver 2 3 Generation and Issuance of IBE Decryption Key, If privacy policies are satisfied (via https channel) IIS IIS .ASP ASP Trust Authority Trust Authority Trust Authority Engine TA Secret Secure Vault Tables Roles <Identity, Roles> Mappings 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

22 Encrypted e-Mail: XML Wrapper Details
<?xml version="1.0" ?> - <IB Ciphertext> <EphemeralKey> </EphemeralKey> <IBEPublicKeyCiphertextLength>280</IBEPublicKeyCiphertextLength> <IBEPublicKeyCiphertext> 3affcffdc1ea36455fcf rt4rg5uyhg6u </IBEPublicKeyCiphertext> <IB BodyCiphertextLength> 1384 </IB BodyCiphertextLength> <IB BodyCiphertext> d53f07f88946e6411db83f4daeb72bdb c2b900 </IB BodyCiphertext> <UID> </UID> <TimeSent>03:14:31 PM, Monday, Mar </TimeSent> </IB Ciphertext> (Random) Ephemeral Key To encrypt Disclosure Policy Encrypted Disclosure Policy Exposed to TA (no content is ever exposed to TA) Encrypted Body ( attachments are encrypted and attached) Information for Receipting 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

23 E-mail Browser Add-in: Snapshots
16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

24 Addressing the Requirements
Authentication` Reliance on Windows Authentication (out of our scope in the trial). Introduced a TA trust domain that trusts the existing trust domains Privacy and Confidentiality Encryption of Confidential by using IBE Policy based Disclosure Disclosure policies expressed via IBE Encryption Keys, specifying the roles to be played by the intended receivers. The TA interprets and checks for their compliance. Control given to the senders of confidential information. Flexibility Flexibility in defining disclosure policies: they can be extended to include more complex terms and conditions. Support for late binding of roles. Usage of multiple TAs if required. Simplicity Users: Intuitive, integrated solution with browser Administrator: database tables to be kept up-to-date (similar issues to RBAC) 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

25 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Discussion Our solution is a practical application of IBE cryptography deployed in a real context (related work: IBE-based service by Stanford University) We leveraged IBE for encryption purposes. It was straightforward to do it, in a close and trusted environment. Need to explore the implications in an open, untrusted environment … Heavy reliance on a “third party” authentication mechanism … We are exploring IBE-based authentication mechanisms. We do not have practical evidence that they are better or more usable than traditional (PKI) solution. In general we believe IBE is a complementary technology to public key cryptography/PKI … 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

26 Current and Future Work
We have an optimised version of IBE cryptography libraries (performance of cryptographic operations comparable to RSA). We are exploring how to extend our solution to include: multiple IBE Trust Authorities (for key-escrow and trust reasons) more complex disclosure policies 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

27 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Conclusions Privacy management is a major problem for modern, dynamic organisations Important issue: preserve data confidentiality when exchanged via Current limitations and complexity of PKI-based solutions We partnered with a Health Care Organisation. Goal: provision of a flexible, role-based secure service Our approach: leveraging IBE technology to enforce privacy, in a flexible, simple and secure way We have built a solution that is used in a Trial. IBE is a viable technology for encryption purposes The Trial is ongoing and our research is in progress … 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

28 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
Backup Slides RSA and IBE Cryptography Models 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

29 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
RSA Model Secrets p&q Compute d&e Keep d secret Compute N = p*q encrypt decrypt N and d e and N published Encrypted Msg Msg 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

30 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
IBE Model [1] Public details E D Encrypt Decrypt Secrets s Compute public Compute Key pairs Encrypted Msg Msg 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

31 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK
IBE Model [2] Public details Encrypt Decrypt Secrets s Compute public Generate Decryption Key Encrypted Msg Choose e Get decrypt Key,e Msg 16/02/2019 ﴀTrusted Systems Laboratory – Hewlett-Packard Labs, Bristol - UK

32

Download ppt "Marco Casassa Mont Pete Bramhall Keith Harrison"

Similar presentations

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.

On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Masud Hasan 03-60-475 Secure Email Project 1. Secure Email It uses Digital Certificate combined with S/MIME capable email clients to digitally sign and.

Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK InfraSec 2002 InfraSec 2002 Bristol, 01-03 October 2002 Marco Casassa Mont Richard.

Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK InfraSec 2002 InfraSec 2002 Bristol, October 2002 Marco Casassa Mont Richard.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Cryptography, Authentication and Digital Signatures

Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: 102088 March 10, 2001.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
``Chaffing and Winnowing’’ & Crypto Policy Comments Ronald L. Rivest Cryptography and Information Security Group MIT Lab for Computer Science April 1998.

``Chaffing and Winnowing’’ & Crypto Policy Comments Ronald L. Rivest Cryptography and Information Security Group MIT Lab for Computer Science April 1998.
Secure Active Network Prototypes Sandra Murphy TIS Labs at Network Associates March 16,1999.

Secure Active Network Prototypes Sandra Murphy TIS Labs at Network Associates March 16,1999.

Similar presentations

Ads by Google