Checking and Enforcing Security through Opacity in Healthcare Applications

  title={Checking and Enforcing Security through Opacity in Healthcare Applications},
  author={Rym Zrelli and Mohamed Moez Yeddes and Nejib Ben Hadj-Alouane},
  booktitle={ICSOC Workshops},
The Internet of Things (IoT) is a paradigm that can tremendously revolutionize health care thus benefiting both hospitals, doctors and patients. In this context, protecting the IoT in health care against interference, including service attacks and malwares, is challenging. Opacity is a confidentiality property capturing a system’s ability to keep a subset of its behavior hidden from passive observers. In this work, we seek to introduce an IoT-based heart attack detection system, that could be… 



Checking Opacity of Vulnerable Critical Systems On-The-Fly

This paper uses the formal definitions of opacity in three of its forms simple opacity, -step weak opacity and -step strong opacity, basing on finite Labeled Transition Systems as a model, and presents efficient algorithms for verifying opacity in all these forms within the context of a hybrid, on-the-fly approach.

Monitoring and Supervisory Control for Opacity Properties

This thesis investigates the problems of verifying and enforcing confidentiality on critical systems and develops new algorithms to compute a most permissive controller enforcing the opacity property on a given system.

Various Notions of Opacity Verified and Enforced at Runtime

This paper studies how to verify and enforce, at system runtime, several levels of opacity, and introduces a new one that provides a stronger level of confidentiality.

Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption

A novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers are proposed and a high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE.

Enforcing opacity with Orwellian observation

  • M. Yeddes
  • Computer Science
    2016 13th International Workshop on Discrete Event Systems (WODES)
  • 2016
This paper addresses two problems of opacification of a regular secret φ for a regular language L w.r.t. an Orwellian projection πo,d and derives both language-theoretic characterizations and algorithms to solve the two problems.

Runtime enforcement of K-step opacity

The mechanism of runtime enforcer that is placed between the output of the system and the attacker and enforces opacity using delays and stores the event in the memory if an output event from the system violates K-step opacity.

Characterizing intransitive noninterference for 3-domain security policies with observability

This note introduces a new algorithmic approach to the problem of checking the property of intransitive noninterference (INI) using discrete-event systems (DESs) tools and concepts and proves that a system satisfies INI if and only if it is iP-observable.

Opacity of discrete event systems and its applications

  • F. Lin
  • Computer Science
  • 2011

Using Unification For Opacity Properties

The most studied property, secrecy, is not always sufficient to prove the security of a protocol, so a new property over messages called similarity is drawn on, which proves the decidability of opacity.

Opacity-Enforcing Supervisory Strategies via State Estimator Constructions

Although infinite-step opacity cannot be easily translated to language-based opacity, it is shown that, by using a finite bank of supervisors, the aforementioned approach can be extended to enforce infinite- step opacity in a minimally restrictive way.