The increased use of computing has significantly raised the profile of information security within the clinical environment. Medical information security is concerned with protecting the assets of a medical practice. These assets include hardware, software and intellectual property. To date, computer and information security in this environment has been poorly applied. Whilst the tenets of conf...

The main focus of modern cryptanalysis is on breaking the implementation of cryptographic algorithms as opposed to traditional attacks which primarily target on mathematically breaking the algorithms. For over the last decade these new trend of attacks, Side Channel Attacks (SCAs), are becoming increasingly popular and pose a serious threat to cryptographic devices. Researchers proposing counte...

(Austria). All errors and omissions are the responsibility of the present authors alone. 2 Abstract In this paper, we investigate the links between risk attitudes, risk-reducing behaviour and stated preferences for changes in risk. This is done in the context of an empirical study of " countermeasures " against radioactive contamination of land following nuclear accidents such as Chernobyl. Cou...

This work1 provides a detailed study of two finalists of the SHA-3 competition from the sidechannel analysis point of view. For both functions when used as a MAC, this paper presents detected strategies for performing a power analysis. Besides the classical HMAC mode, two additionally proposed constructions, the envelope MAC for Grøstl and the Skein-MAC for Skein, are analyzed. Consequently, ex...

This paper investigates the autonomous decision-making process of threat detection, classiÞcation, and the selection of alternative countermeasures against threats in electronic warfare settings. We introduce a threat model that represents a speciÞc threat pattern and also present a methodology that compiles the threat into a set of rules using soft computing methods. This methodology, which is...

Random delays and dynamic frequency switching are widely adopted in smartcards and embedded systems as temporal hiding countermeasures to side channel attack.Temporal hiding is regarded as efficient to enhance the security of cryptographic devices. However, spectral analysis with Fast Fourier Transform is a powerful method to defeat temporal hiding countermeasures. Spectral analysis shares the ...

Introduced in 1999, differential power-analysis (DPA) attacks pose a serious threat for cryptographic devices. Several countermeasures have been proposed during the last years. However, none of them leads to implementations that are provably resistant against DPA. A promising class of DPA countermeasures is masking. In this article we discuss implementations of three existing masking schemes fo...

Java Card are devices subject to either hardware and software attacks. Thus several countermeasures need to be embedded to avoid the effects of these attacks. Recently, the idea to combine logical attacks with a physical attack to bypass bytecode verification has emerged. For instance, correct and legitimate Java Card applications can be dynamically modified on-card using laser beam. Such appli...

Although many countermeasures have been developed for desktop and server environments, buffer overflows still pose a big threat. The same approach can be used to target mobile devices. Unfortunately, they place more severe limitations on countermeasures. Not only are the performance requirements at least as important, memory and power consumption need to be considered as well. Moreover, process...

Managing the configuration of heterogeneous enterprise security mechanisms is a wholly complex task. The effectiveness of a configuration may be constrained by poor understanding and/or management of the overall security policy requirements, which may, in turn, unnecessarily expose the enterprise to known threats. This paper proposes a threat management approach, whereby knowledge about the eff...