Presentation is loading. Please wait.

Presentation is loading. Please wait.

Emerging Security Mechanisms for Medical Cyber Physical Systems

Published byΚαλόγερος Γεωργίου Modified over 5 years ago

Similar presentations

Presentation on theme: "Emerging Security Mechanisms for Medical Cyber Physical Systems"— Presentation transcript:

1 Emerging Security Mechanisms for Medical Cyber Physical Systems
Ovunc Kocabas, Tolga Soyata, and Mehmet K. Aktas

2 Structure of MCPS & data flow in MCPS

3 Where the data gets exposed(e. g
Where the data gets exposed(e.g. collected, transmitted, and stored), where security issues kick in Data Acquisition Layer Limited computational capability and battery life Generation & Management of security keys or agreed info Data Concentration Layer Sharing of the secret key among multiple parties Cloud Processing and Storage Layer Need of direct computations on encrypted data Action Layer

4 Encryption schemes for MCPS?
Data Acquisition Layer Limited computational capability and battery life Generation & Management of security keys or agreed info Data Concentration Layer Sharing of the secret key among multiple parties Cloud Processing and Storage Layer Need of direct computations on encrypted data Action Layer Is there an one-size-fits-all encryption scheme that can address all the security issues in an MCPS?

5 Encryption schemes for MCPS?
Data Acquisition Layer Limited computational capability and battery life Generation & Management of security keys or agreed info Data Concentration Layer Sharing of the secret key among multiple parties Cloud Processing and Storage Layer Need of direct computations on encrypted data Action Layer Is there a one-size-fits-all encryption scheme that can address all the security issues in an MCPS?

6 Identifying suitable encryption schemes for each layer
Data Acquisition Layer Limited computational capability and battery life Advanced Encryption Standard (AES) & EC Integrated Encryption Scheme (ECIES) (Conventional) Data Concentration Layer Sharing of the secret key among multiple parties Attribute-Based Encryption(ABE) Cloud Processing and Storage Layer Need of direct computations on encrypted data Fully Homomorphic Encryption Action Layer

7 Identifying suitable encryption schemes for each layer
Data Acquisition Layer Limited computational capability and battery life Advanced Encryption Standard (AES) & EC Integrated Encryption Scheme (ECIES) (Conventional) Data Concentration Layer Sharing of the secret key among multiple parties Attribute-Based Encryption(ABE) Cloud Processing and Storage Layer Need of direct computations on encrypted data Fully Homomorphic Encryption Action Layer Both Advanced Encryption Standard (AES) & EC Integrated Encryption Scheme (ECIES) schemes are seen as conventional encryption schemes and both of them can also use physiological or biomedical signals to agree on security keys. In conventional public-key cryptography, the receiver has two keys: The public key is shared by the sender, while the private key, which is kept only to the receiver himself/herself, is used to decrypt the received messages. AES uses a generic key exchange algorithm such as Diffie-Hellman (DH) or Elliptic Curve Diffie-Hellman (ECDH). ECIES uses ECDH to generate security keys between the sender & receiver. After the generation of the security keys, the encryption schemes start the encryption & decryption procedures.

8 Identifying suitable encryption schemes for each layer
Data Acquisition Layer Limited computational capability and battery life Advanced Encryption Standard (AES) & EC Integrated Encryption Scheme (ECIES) (Conventional) Data Concentration Layer Sharing of the secret key among multiple parties Attribute-Based Encryption(ABE) Cloud Processing and Storage Layer Need of direct computations on encrypted data Fully Homomorphic Encryption Action Layer Attribute-based encryption (ABE) is a public-key encryption that enables secure data sharing by multiple receivers. The data is encrypted using an access policy based on credentials (i.e., attributes). Only the receivers whose credentials satisfy the access policy can access data. Ciphertext-Policy ABE (CP-ABE): Private key of an user is associated with user credentials. Ciphertexts specify an access policy and only users whose credentials satisfy the policy requirements can decrypt them. Key-Policy ABE (KP-ABE): In KP-ABE, the access policy is encoded into the receivers’ private key and a ciphertext is labeled with a set of attributes. KP-ABE schemes place the access policy on the private key of the receivers and the attributes are associated with the ciphertexts.

9 Identifying suitable encryption schemes for each layer
Homomorphic encryption schemes enable computation of meaningful operations on encrypted data without observing the actual data. Everyone may have access to the data but only ones who have the private key can perform related homomorphic addition or homomorphic multiplication or both. Partially Homomorphic Encryption scheme, which could perform only either homomorphic addition or homomorphic multiplication. E.g., Paillier Encryption scheme is a public-key cryptosystem that is additively-homomorphic. Fully Homomorphic Encryption scheme, which needs to perform both homomorphic addition and homomorphic multiplication. E.g., Brakerski-Gentry-Vaikuntanathan (BGV). Data Acquisition Layer Limited computational capability and battery life Advanced Encryption Standard (AES) & EC Integrated Encryption Scheme (ECIES) (Conventional) Data Concentration Layer Sharing of the secret key among multiple parties Attribute-Based Encryption(ABE) Cloud Processing and Storage Layer Need of direct computations on encrypted data Fully Homomorphic Encryption Action Layer

10 Comparison of encryption schemes – Capability comparison

11 Comparison of encryption schemes – Performance comparison
Evaluating six different encryption schemes based on four metrics: Encryption time Decryption time Ciphertext size Evaluation time(Direct computation time on encrypted data)

12 Comparison of encryption schemes – Performance comparison
Conclusion: Among the six different schemes studied in this paper, AES is the clear winner in terms of computation and storage requirements, while the other five suffer substantial storage and computation overheads, but AES has many limits. An one-size-fits-all encryption scheme simply does not exist for designing an MCPS. Even if such a scheme would be developed, computation overhead could be so tremendous that it won’t be suitable to be used in MCPS.

13 Thank You

Download ppt "Emerging Security Mechanisms for Medical Cyber Physical Systems"

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.

Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.

An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.
Russell Martin August 9th, 2013. Contents Introduction to CPABE Bilinear Pairings Group Selection Key Management Key Insulated CPABE Conclusion & Future.

Russell Martin August 9th, Contents Introduction to CPABE Bilinear Pairings Group Selection Key Management Key Insulated CPABE Conclusion & Future.
Lect. 11: Public Key Cryptography. 2 Contents 1.Introduction to PKC 2.Hard problems  IFP  DLP 3.Public Key Encryptions  RSA  ElGamal 4.Digital Signatures.

Lect. 11: Public Key Cryptography. 2 Contents 1.Introduction to PKC 2.Hard problems  IFP  DLP 3.Public Key Encryptions  RSA  ElGamal 4.Digital Signatures.
Elliptic Curve Cryptography (ECC) Mustafa Demirhan Bhaskar Anepu Ajit Kunjal.

Elliptic Curve Cryptography (ECC) Mustafa Demirhan Bhaskar Anepu Ajit Kunjal.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.

Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.
Public Key Cryptography

Public Key Cryptography
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
CSCI 172/283 Fall 2010 Public Key Cryptography. New paradigm introduced by Diffie and Hellman The mailbox analogy: Bob has a locked mailbox Alice can.

CSCI 172/283 Fall 2010 Public Key Cryptography. New paradigm introduced by Diffie and Hellman The mailbox analogy: Bob has a locked mailbox Alice can.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
Andreas Steffen, 17.10.2011, 4-PublicKey.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.

Andreas Steffen, , 4-PublicKey.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.

© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
Fine-Grained Access Control (FGAC) in the Cloud Robert Barton.

Fine-Grained Access Control (FGAC) in the Cloud Robert Barton.
Application of Elliptic Curves to Cryptography

Application of Elliptic Curves to Cryptography

Similar presentations

Ads by Google