다중혈관 관상동맥 환자에서 y-문합을 이용하여 양쪽 내흉동맥만을 사용한 우회술의 조기 성적

The objective of this paper is to give a comprehensive introduction to applied cryptography with an engineer or computer scientist in mind. The emphasis is on the knowledge needed to create practical systems which supports integrity, confidentiality, or authenticity. Topics covered includes an introduction to the concepts in cryptography, attacks against cryptographic systems, key use and handling, random bit generation, encryption modes, and message authentication codes. Recommendations on algorithms and further reading is given in the end of the paper. This paper should make the reader able to build, understand and evaluate system descriptions and designs based on the cryptographic components described in the paper.

[서평]「Applied Cryptography」

Information privacy refers to the desire of individuals to control or have some influence over data about themselves. Advances in information technology have raised concerns about information privacy and its impacts, and have motivated Information Systems researchers to explore information privacy issues, including technical solutions to address these concerns. In this paper, we inform researchers about the current state of information privacy research in IS through a critical analysis of the IS literature that considers information privacy as a key construct. The review of the literature reveals that information privacy is a multilevel concept, but rarely studied as such. We also find that information privacy research has been heavily reliant on studentbased and USA-centric samples, which results in findings of limited generalizability. Information privacy research focuses on explaining and predicting theoretical contributions, with few studies in journal articles focusing on design and action contributions. We recommend that future research should consider different levels of analysis as well as multilevel effects of information privacy. We illustrate this with a multilevel framework for information privacy concerns. We call for research on information privacy to use a broader diversity of sampling populations, and for more design and action information privacy research to be published in journal articles that can result in IT artifacts for protection or control of information privacy.

http://ftp.misq.org/skin/frontend/default/misq/pdf/appendices/2011/BelangerCrosslerAppendices.pdf

Privacy in the digital age: a review of information privacy research in information systems

Healthcare data are a valuable source of healthcare intelligence. Sharing of healthcare data is one essential step to make healthcare system smarter and improve the quality of healthcare service. Healthcare data, one personal asset of patient, should be owned and controlled by patient, instead of being scattered in different healthcare systems, which prevents data sharing and puts patient privacy at risks. Blockchain is demonstrated in the financial field that trusted, auditable computing is possible using a decentralized network of peers accompanied by a public ledger. In this paper, we proposed an App (called Healthcare Data Gateway (HGD)) architecture based on blockchain to enable patient to own, control and share their own data easily and securely without violating privacy, which provides a new potential way to improve the intelligence of healthcare systems while keeping patient data private. Our proposed purpose-centric access model ensures patient own and control their healthcare data; simple unified Indicator-Centric Schema (ICS) makes it possible to organize all kinds of personal healthcare data practically and easily. We also point out that MPC (Secure Multi-Party Computing) is one promising solution to enable untrusted third-party to conduct computation over patient data without violating privacy.

Healthcare Data Gateways: Found Healthcare Intelligence on Blockchain with Novel Privacy Risk Control

Communications of the ACM (CACM for short, not the best sounding acronym around) is the ACM’s flagship magazine. Started in 1957, CACM is handy for keeping up to date on current research being carried out across all topics of computer science and realworld applications. CACM has had an illustrious past with many influential pieces of work and debates started within its pages. These include Hoare’s presentation of the Quicksort algorithm; Rivest, Shamir and Adleman’s description of the first publickey cryptosystem RSA; and Dijkstra’s famous letter against the use of GOTO. In addition to the print edition, which is released monthly, there is a fantastic website (http://cacm.acm. org/) that showcases not only the most recent edition but all previous CACM articles as well, readable online as well as downloadable as a PDF. In addition, the website lets you browse for articles by subject, a handy feature if you want to focus on a particular topic. CACM is really essential reading. Pretty much guaranteed to contain content that is interesting to anyone, it keeps tabs on the latest in computer science. It is a valuable asset for us students, who tend to delve deep into a particular area of CS and forget everything that is happening around us. — Daniel Gooch U ndergraduate research is like a box of chocolates: You never know what kind of project you will get. That being said, there are still a few things you should know to get the most out of the experience.

Communications of the ACM

Enhanced secure anonymous authentication scheme for roaming service in global mobility networks

This invention generally relates to secure communications links for data transmission and more particularly relates to data communications links in which asymmetric cryptographic techniques are used to establish a secure link using symmetric cryptography. A method of establishing a secure communications link between a terminal and a server, the method comprising, assembling a message comprising a secret number and a digital signature for the secret number, the digital signature being generated using a private key for the server, encrypting the message at the server end of the communications link using a public key for the terminal, sending said encrypted message from the server to the terminal, decrypting said encrypted message at the terminal using a private key for the terminal, validating the message by checking the digital signature using a public key for the server; and establishing said secure communications link using said secret number, wherein the public and private keys for the terminal and server are public and private keys of an asymmetric cryptographic technique. Corresponding software is also provided. The method facilitates fast and if desired, anonymous, download of software to a mobile communications system terminal.

Data transmission links

Enterprises are seeking toward the cloud horizon to expand their premises facilities. It provides several services in the market, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). This paper will discuss challenges regarding three information security concerns: confidentiality, integrity and availability. Most of the organizations are very much concerned about the ownership of their data. This paper will not only address security challenges for cloud computing including Identity and Access Management (IAM) but also present the current state authentication, authorization and auditing of users accessing the cloud along with emerging IAM protocols and standards.

Cloud computing security management

This invention generally relates to methods, apparatus and computer program code for
secure communication links, in particular where accountability is required. A method of initialising a secure communications link between a first data processing
system and a second data processing system using a first token comprising a first key
and associated first request data is described. The method comprises: generating at said
first system a first message comprising said first token and first authentication data
generated by operating on at least one of said first key and said first request data with a
secret key of said first system; encrypting said first message using a key known to both
said first and said second data processing systems to form an encrypted first message;
and sending said encrypted first message from said first system to said second system to
initialize said secure communications link. The method is particularly useful for establishing chains of accountability in systems
where trust is delegated.

Methods and apparatus for secure data communication links

Vehicular ad hoc networks (VANET) are emerging as a prominent form of mobile ad hoc networks (MANETs) and as an effective technology for providing a wide range of safety applications for vehicle passengers. Nowadays, VANETs are of an increasing importance as they enable accessing a large variety of ubiquitous services. Such increase is also associated with a similar increase in vulnerabilities in these inter-vehicular services and communications, and consequently, the number of security attacks and threats. It is of paramount importance to ensure VANETs security as their deployment in the future must not compromise the safety and privacy of their users. The successful defending against such VANETs attacks prerequisite deploying efficient and reliable security solutions and services, and the research in this field is still immature and is continuously and rapidly growing. As such, this paper is devoted to provide a structured and comprehensive overview of the recent research advances on VANETS security services, surveying the state-of-the-art on security threats, vulnerabilities and security services, while focusing on important aspects that are not well-surveyed in the literature such as VANET security assessment tools.

Chan Yeob Yeun

Papers

Enhanced secure anonymous authentication scheme for roaming service in global mobility networks

Data transmission links

Cloud computing security management

Methods and apparatus for secure data communication links

Recent Advances in VANET Security: A Survey