Mohamed Layouni

Learn More
Real world healthcare systems are generally large and overly complex systems. Designing privacy-friendly protocols for such systems is a challenging task. In this paper we present a privacy-preserving protocol for the Belgian healthcare system. The proposed protocol protects the patients' privacy throughout the prescription handling process, while complying(More)
Intrusion-tolerance is the technique of using fault-tolerance to achieve security properties. Assuming that faults, both benign and Byzantine, are unavoidable, the main goal of Intrusion-tolerance is to preserve an acceptable, though possibly degraded, service of the overall system despite intrusions at some of its sub-parts. In this paper, we present a(More)
Advances in communication technology have opened a myr-iad of new possibilities for the remote delivery of healthcare. This new form of service delivery, not only contributes to the democratization of healthcare, by reaching faraway populations, but also makes it possible for elderly and chronically-ill patients to have their health monitored while in the(More)
We consider a setting where records containing sensitive personal information are stored on a remote database managed by a storage provider. Each record in the database is co-owned by a fixed number of parties called data-subjects. The paper proposes a protocol that allows data-subjects to grant access to their records, to self-approved parties, without the(More)
The following full text is a preprint version which may differ from the publisher's version. Abstract In this paper, we present a correctness proof of the Intrusion-tolerant Enclaves protocol [10]. Enclaves is a group-membership protocol. It assumes a Byzantine failure model, and has a maximum resiliency of one third. To carry out the proof, we adaptively(More)
Privacy-preserving digital credentials are cryptographic tools that allow a user to prove a predicate about his/her identity or qualifications , without the verifying party learning additional information beyond the status of that predicate. The Identity Mixer (Idemix) [CL01] is a framework providing such credentials. In Idemix, we can distinguish two types(More)
Executive Summary The protection of personal health information is central to the privacy of citizens. This report describes our work in the area of privacy-preserving electronic healthcare. We present a design for an ehealth system using the Belgian eID card. The system we present focuses on the issuance and handling of medical prescriptions and takes into(More)
With the digitization of society and the continuous migration of services to the electronic world, individuals have lost significant control over their data. In this paper, we consider the problem of protecting personal information according to privacy policies defined by the data subjects. More specifically, we propose a new primitive allowing a data(More)
Enclaves is a group-oriented intrusion-tolerant protocol. Intrusion-tolerant protocols are cryptographic protocols that implement fault-tolerance techniques to achieve security despite possible intrusions at some parts of the system. Among the most tedious faults to handle in security are the so-called Byzantine faults, where insiders maliciously exhibit an(More)