Department of Computer Science, Johns Hopkins University Limiting Liability in a Federally Compliant File System Zachary N. J. Peterson Randal Burns Adam.

Slides:



Advertisements
Similar presentations
Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Advertisements

Regulatory Issues in Campus Computing Privacy and Security in a Digital World Presented by David Gleason, Esq. University Counsel University of Maryland,
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Confidentiality and Privacy Controls
Brief Synopsis of Computer Security Standards. Tenets of Information Systems Security Confidentiality Integrity Availability Over the years, standards.
Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 © Copyright 2008 EMC Corporation. All rights reserved. EMC Documentum Trusted Content Services.
ELECTRONIC MEDICAL RECORDS By Group 5 members: Kinal Patel David A. Ronca Tolulope Oke.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.
16.2 Digital Signatures By: John Barton. What is a Digital Signature? The idea comes from the idea of signing a document by its author (authenticating.
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
Department of Computer Science, Johns Hopkins University Securely Implementing Regulatory Policy Randal C. Burns presentation to the Library of Congress.
STORAGE MANAGEMENT/ EXECUTIVE: Managing a Compliant Infrastructure Processes and Procedures Mike Casey Principal Analyst Contoural Inc.
Component 4: Introduction to Information and Computer Science Unit 2: Internet and the World Wide Web 1 Component 4/Unit 2Health IT Workforce Curriculum.
Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Cryptography, Authentication and Digital Signatures
Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
Robert Guerra Director, CryptoRights Foundation Implementing Privacy Implementing Privacy: Rules of the Game for Developers Mac-Crypto Conference on Macintosh.
Patient Confidentiality and Electronic Medical Records Ann J. Olsen, MBA, MA Information Security Officer and Director, Information Management Planning.
Protecting Privacy “Most people have figured out by now you can’t do anything on the Web without leaving a record” - Holman W. Jenkins, Jr
The Culture of Healthcare Privacy, Confidentiality, and Security Lecture d This material (Comp2_Unit9d) was developed by Oregon Health and Science University,
Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?
Working with HIT Systems
File System Security Robert “Bobby” Roy And Chris “Sparky” Arnold.
Component 8/Unit 6aHealth IT Workforce Curriculum Version 1.0 Fall Installation and Maintenance of Health IT Systems Unit 6a System Security Procedures.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
DIGITAL SIGNATURE.
Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.
Chapter 40 Network Security (Access Control, Encryption, Firewalls)
CSI-09 COMMUNICATION TECHNOLOGY SECURITY MECHANISMS IN A NETWORK AUTHOR - V. V. SUBRAHMANYAM.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Security of the Internet of Things: perspectives and challenges
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Component 9 – Networking and Health Information Exchange Unit 9-1 Privacy, Confidentiality, and Security Issues and Standards This material was developed.
The technology behind the USPS EPM. AND COMPLIANCE March 25, 2004 Adam Hoffman.
PRESENTED BY Raju. What is information security?  Information security is the process of protecting information. It protects its availability, privacy.
Electronic Health Records (EHR)
Confidentiality and Privacy Controls
Cryptography and Network Security
Lesson 1: Introduction to HIPAA
HIPAA Compliance Services CTG HealthCare Solutions, Inc.
Presentation transcript:

Department of Computer Science, Johns Hopkins University Limiting Liability in a Federally Compliant File System Zachary N. J. Peterson Randal Burns Adam Stubblefield

PORTIA Workshop 2004 Overview Recent legislation makes new requirements with respect to the management of electronic records How does one electronically “leave the past behind?” – Data managers may wish to limit their liability – Patients/account holders may wish for their data to expire We have developed a method for securely deleting data in a regulatory environment – Fast & efficient – No additional key overhead

PORTIA Workshop 2004 A Paperless World Information records are becoming entirely electronic – Financial records, medical records, federal data – 300 million computers storing 150,000 terabytes of data Eases use, sharing, and indexing Allows for undetectable modification, eaves-dropping, and other more devious things Congress and others have begun to address the importance of managing and securing electronic records Over 4,000 federal, state and local laws and regulations with regard to electronic record management

PORTIA Workshop 2004 The Law and Storage Health Insurance Portability and Accountability Act (HIPAA) (1996) Government Information Security Reform Act (GISRA) Federal Information Security Management Act (FISMA) (2002) E-SIGN (2000) Sarbanes-Oxley (2002) Gramm-Leach-Bliley (2002) USA-PATRIOT Act Federal Records Act DoD Directive And on and on…

PORTIA Workshop 2004 Distilling Regulatory Requirements Authentication and Authorization Audit Trail – Files should be versioned over time – Secure block sharing between versions Secure Storage and Transmission The use of cryptography for: – Privacy and confidentiality – Non-repudiation

PORTIA Workshop 2004 Secure Deletion in the Regulatory Environment Organizations must take steps to protect privacy Desire to limit liability – Records that go out of audit scope should do so forever – Patients may wish to redact portions of their medial record When a disk is subpoenaed, old and irrelevant data should be inaccessible Simply “emptying the trash” isn’t good enough – Only frees the blocks for future allocations – Even after reuse, overwritten data may be reconstructed using magnetic force microscopy

PORTIA Workshop 2004 Existing Techniques Secure Overwrite [Gutmann 96] – Data blocks are overwritten many times with alternating patterns of 1s and 0s – Magnetic media is degaussed and safe from MFM Key Disposal [Boneh & Lipton 96] – Data encrypted with a key – Key is securely deleted, eliminating meaningful data access User Space Tools – CyberScrub – Overwrite – Wipe

PORTIA Workshop 2004 Technical Problems Secure overwriting of noncontiguous data blocks is slow and inefficient – When versions share blocks, data to be overwritten may be noncontiguous Cannot dispose file keys in a versioning file system – Blocks encrypted with a particular key need to be available in future versions User space tools are categorically inadequate – Can’t delete metadata – Can’t be interposed between file operations – Truncate may leak data – Synchronicity is difficult and inconvenient

PORTIA Workshop 2004 The Big Idea A keyed all-or-nothing transform takes a key, a data block, and a nonce Encryption creates an encrypted block and a stub When the key is private, data is secure and authenticated Securely deleting stub, securely deletes block, even if the key is later exposed

PORTIA Workshop 2004 All-or-nothing (AON) Encryption [Boyko 99] [Rivest 96] A mode for block ciphers that requires all cipher blocks to be decrypted before the message block is recovered Increases the searchable key space for brute-force attacks – Attacker slowed down by a factor equal to the number of blocks in the cipher text By definition, destroying any cipher block destroys the entire message block Our work is the first practical application of AON

PORTIA Workshop 2004 Features of our System Stub length is a security parameter – In practice, the stub might be 128 bits Stubs are stored with metadata and are not secret When deleting a version, metadata and stubs are securely overwritten – this securely removes all data for that version Stubs of the shared blocks are replicated to new versions – Shared data are preserved when previous versions are deleted

PORTIA Workshop 2004 C0C0 Example C1C1 C2C2 s0s0 s1s1 s2s2 11 … Disk File Metadata

PORTIA Workshop … C0C0 Example C1C1 C2C2 s0s0 s1s1 s2s2 11 … Disk File Metadata s0s0 s1s1 s2s2 Receive a write to block #2 at time 17 C1’C1’ s1’s1’

PORTIA Workshop 2004 C0C0 Example C1C1 C2C2 C1’C1’ s0s0 s1s1 s2s2 11 … Disk s0s0 s1’s1’s2s2 17 … File Metadata Delete file at time 11

PORTIA Workshop 2004 C0C0 Example C1C1 C2C2 C1’C1’ s0s0 s1s1 s2s2 11 … Disk s0s0 s1’s1’s2s2 17 … File Metadata Delete file at time 11 Block C 1 is deleted permanently

PORTIA Workshop 2004 More Features No extra key overhead added to the system when compared with other secure systems – Versions of a file may use the same key for encryption AON encryption allows the deletion of any 128 bits – Instead of removing the stub, 128 bits of the block may be securely overwritten instead – More efficient when removing data from all versions of a file

PORTIA Workshop 2004 C0C0 Example C1C1 C2C2 s0s0 s1s1 s2s2 11 … Disk File Metadata s0s0 s1s1 s2s2 17 … …

PORTIA Workshop 2004 C0C0 Example C1C1 C2C2 s0s0 s1s1 s2s2 11 … Disk File Metadata s0s0 s1s1 s2s2 17 … …

PORTIA Workshop 2004 Availability Implementing this secure deletion scheme in ext3cow – A fully working snapshot file system for the Linux 2.4 kernel Web site: – Download the patch – Read the technical report – Join the mailing list

PORTIA Workshop 2004

Electronic Record Legislation HIPAA (1996) – Technical security mechanisms – Physical safeguards E-SIGN (2000) – Digital contracts are as legitimate as paper contracts FISMA (2002) – Framework for ensuring security controls for storage – Security of system must be commensurate with security of data Sarbanes-Oxley (2002) – CEO, CFO responsible for accurate financial reports – Management assessment of internal controls – Real time disclosure – Criminal penalties for altering documents Gramm-Leach-Bliley (2002) – Consumer records kept confidential – Protect against threats and unauthorized access

PORTIA Workshop 2004 The Law and Storage Health Insurance Portability and Accountability Act (HIPAA) Government Information Security Reform Act (GISRA) Federal Information Security Management Act (FISMA) Sarbanes-Oxley (SOX) Gramm-Leach-Bliley (GLB) PATRIOT Act Federal Records Act DoD Directive ,000+ State and Federal Laws and Regulations with regard to storage

PORTIA Workshop 2004 What are the requirements? Authorization – Access controls (role-based authorizations) – Encryption (confidentiality) – Digital signatures (non-repudiation) Authentication Audit Trail – Record of all changes Secure Storage and Transmission – More encryption? Integrity & Reliability – Unaltered records. – Trusted content.

PORTIA Workshop 2004 Introducing Ext3cow A file system based on ext3 that supports file system snapshot with a time-shifting interface. – Creates immutable views of a file system as it appeared at a specific point in time. – Versions of a file are created with copy-on-write (cow) of blocks. – Snapshots are addressed with an epoch number that corresponds to a system time ( gettimeofday ).

PORTIA Workshop 2004 Securing our COW file system Challenges – How to encrypt files that share blocks between versions. – How to change permissions such that a user who had access to a file in the past is not able to access current versions. – Securely deleting files such that they are no longer able to be subpoenaed.

PORTIA Workshop 2004 Conclusions New legislation requires versioning, security and privacy – Versioning must be fast? AON encryption allows for secure deletion with minimal secure overwriting – More efficient than securely overwriting noncontiguous data blocks – Does not increase key overhead

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.