Informe del Comité de Bioética de España sobre aspectos del uso secundario de los datos y el espacio europeo de protección de datos / [Report of the Spanish Bioethics Committee on aspects of secondary use of data and the European data protection space]

El presente informe da respuesta a la consulta de la Secretaría de Estado de Sanidad del Ministerio de Sanidad de 26 de mayo de 2023 sobre algunos aspectos del uso secundario de los datos y el espacio europeo de protección de datos. Recibida la consulta, el Comité aprobó el siguiente informe en su reunión plenaria del día 7 de noviembre de 2023, conforme a lo dispuesto en el artículo 78.1 a) de la Ley 14/2007, de 3 de julio, de Investigación Biomédica, que fija entre las funciones del Comité emitir informes, propuestas y recomendaciones para los poderes públicos de ámbito estatal y autonómico en asuntos con implicaciones bioéticas relevantes. (AU)

Protección de datos en investigación clínica: ¿pseudonimización o anonimización? / [Data protection in clinical research: pseudonymization or anonymization?]

Se pretende analizar la necesidad de codificar los datos de los participantes de un estudio de salud, así como las técnicas que se pueden emplear como medida de protección, analizando sus características, ventajas e inconvenientes y abordándose desde un punto de vista semi-práctico, al desarrollarse brevemente algunas técnicas de codificación. (AU)

Te aim is to analyse the need to code the data of the participants of a health study, as well as the techniques that can be used to do so, analysing their characteristics, advantages and disadvantages and approaching it from a semi-practical point of view, by briefly developing some coding techniques. (AU)

Design of a BIST implemented AES crypto-processor ASIC.

This paper presents the design of a Built-in-self-Test (BIST) implemented Advanced Encryption Standard (AES) cryptoprocessor Application Specific Integrated Circuit (ASIC). AES has been proved as the strongest symmetric encryption algorithm declared by USA Govt. and it outperforms all other existing cryptographic algorithms. Its hardware implementation offers much higher speed and physical security than that of its software implementation. Due to this reason, a number of AES cryptoprocessor ASIC have been presented in the literature, but the problem of testability in the complex AES chip is not addressed yet. This research introduces a solution to the problem for the AES cryptoprocessor ASIC implementing mixed-mode BIST technique, a hybrid of pseudo-random and deterministic techniques. The BIST implemented ASIC is designed using IEEE industry standard Hardware Description Language(HDL). It has been simulated using Electronic Design Automation (EDA)tools for verification and validation using the input-output data from the National Institute of Standard and Technology (NIST) of the USA Govt. The simulation results show that the design is working as per desired functionalities in different modes of operation of the ASIC. The current research is compared with those of other researchers, and it shows that it is unique in terms of BIST implementation into the ASIC chip.

An improved NFC device authentication protocol.

Aimed at the security authentication problem between Near Field Communication (NFC) devices, this paper uses the technology of asymmetric encryption algorithm, symmetric encryption algorithm, hash function, timestamp and survival period to improve the confidentiality, performance and security of the protocol. The symmetric encryption algorithm encrypts the transmission content, while the asymmetric encryption algorithm encrypts the shared key. The whole authentication process is secure, and the key distribution is secure. The improved NFC device authentication protocol can effectively resist the brute force attack, man-in-the-middle attack and replay attack in the authentication process, it can reduce the number of message transmission in the authentication process, improve the transmission efficiency, enhance the confidentiality, integrity, non-repudiation and improve the security of NFC device authentication.

Zero-knowledge identity authentication for internet of vehicles: Improvement and application.

The popularity of Internet of Vehicles (IoV) has made people's driving environment more comfortable and convenient. However, with the integration of external networks and the vehicle networks, the vulnerabilities of the Controller Area Network (CAN) are exposed, allowing attackers to remotely invade vehicle networks through external devices. Based on the remote attack model for vulnerabilities of the in-vehicle CAN, we designed an efficient and safe identity authentication scheme based on Feige-Fiat-Shamir (FFS) zero-knowledge identification scheme with extremely high soundness. We used the method of zero-one reversal and two-to-one verification to solve the problem that FFS cannot effectively resist guessing attacks. Then, we carried out a theoretical analysis of the scheme's security and evaluated it on the software and hardware platform. Finally, regarding time overhead, under the same parameters, compared with the existing scheme, the scheme can complete the authentication within 6.1ms without having to go through multiple rounds of interaction, which reduces the additional authentication delay and enables all private keys to participate in one round of authentication, thereby eliminating the possibility that a private key may not be involved in the original protocol. Regarding security and soundness, as long as private keys are not cracked, the scheme can resist guessing attacks, which is more secure than the existing scheme.

Self-Powered Multifunctional Electronic Skin for a Smart Anti-Counterfeiting Signature System.

Self-powered electronic skin is a promising field for human-machine interfaces to the next generation of intelligent and interactive products due to its capability of including multiple physical parameters for sensing without additional energy supply. This paper reports a novel active multifunctional electronic skin capable of independently detecting contact trajectory, acceleration, velocity, and pressure based on the synchronized triboelectrification and piezoelectric effect. Motion trajectories in the full plane can be identified by using a net-cross electrodes configuration design. Under this electrode special structure design, the motion information such as velocity and acceleration can be accurately obtained by the time difference between the peak values of the triboelectric signal. Real-time detection of dynamic pressure with only two electrodes is achieved by a spacer-grid design and a high quality piezoelectric nanofiber film. By virtue of its high sensitivity and precision, a smart anti-counterfeiting signature system (SASS) can be achieved by this self-powered multifunctional electronic skin with the capability of recognizing the writing habits of people within a 100 ms error for security. It is also a promising candidate in terms of human-machine interaction, cyber security, and so on.

Construction of RSA-Based Authentication Scheme in Authorized Access to Healthcare Services : Authorized Access to Healthcare Services.

Modern network technology yields new interface for telecare medicine information systems in short TMIS used for patient's healthcare. This system is used to provide healthcare services to patients at their home. It can be observed, telecare medicine information systems generally suffer several attacks as information being transmitted over a public network. Therefore, various authentication and key agreement schemes are proposed for TMIS to ensure secure and authorized patients communication over given public network. However, most of the schemes fail to achieve essential attributes discussed in this article. Although the key attributes of security and efficiency should be achieved in a common framework. This paper proposes construction of an RSA based authentication scheme for authorized access to healthcare services and achieves desirable key attributes of authentication protocols. Proof of security against polynomial time adversary is given in the random oracle to justify the security of proposed scheme. Communication analysis and computation analysis of proposed scheme indicates that proposed scheme's performance is comparable and having better security.

Anonymity preserving and round effective three-party authentication key exchange protocol based on chaotic maps.

Three-party authentication key exchange (3PAKE) is a protocol that allows two users to set up a common session key with the help of a trusted remote server, which is effective for secret communication between clients in a large-scale network environment. Since chaotic maps have superior characteristics, researchers have recently presented some of the studies that apply it to authentication key exchange and cryptography. Providing user anonymity in the authentication key exchange is one of the important security requirements to protect users' personal secrets. We analyse Lu et al.'s scheme which attempts to provide user anonymity and we prove that his scheme has errors in the key exchange phase and password change phase. We propose a round-effective three-party authentication key exchange (3PAKE) protocol that provides user anonymity and we analyse its security properties based on BAN logic and AVISPA tool.

Health Care and Cybersecurity: Bibliometric Analysis of the Literature.

BACKGROUND: Over the past decade, clinical care has become globally dependent on information technology. The cybersecurity of health care information systems is now an essential component of safe, reliable, and effective health care delivery. OBJECTIVE: The objective of this study was to provide an overview of the literature at the intersection of cybersecurity and health care delivery. METHODS: A comprehensive search was conducted using PubMed and Web of Science for English-language peer-reviewed articles. We carried out chronological analysis, domain clustering analysis, and text analysis of the included articles to generate a high-level concept map composed of specific words and the connections between them. RESULTS: Our final sample included 472 English-language journal articles. Our review results revealed that majority of the articles were focused on technology: Technology-focused articles made up more than half of all the clusters, whereas managerial articles accounted for only 32% of all clusters. This finding suggests that nontechnological variables (human-based and organizational aspects, strategy, and management) may be understudied. In addition, Software Development Security, Business Continuity, and Disaster Recovery Planning each accounted for 3% of the studied articles. Our results also showed that publications on Physical Security account for only 1% of the literature, and research in this area is lacking. Cyber vulnerabilities are not all digital; many physical threats contribute to breaches and potentially affect the physical safety of patients. CONCLUSIONS: Our results revealed an overall increase in research on cybersecurity and identified major gaps and opportunities for future work.

An Artificial Neural Network Framework for Gait-Based Biometrics.

As the popularity of wearable and the implantable body sensor network (BSN) devices increases, there is a growing concern regarding the data security of such power-constrained miniaturized medical devices. With limited computational power, BSN devices are often not able to provide strong security mechanisms to protect sensitive personal and health information, such as one's physiological data. Consequently, many new methods of securing wireless body area networks have been proposed recently. One effective solution is the biometric cryptosystem (BCS) approach. BCS exploits physiological and behavioral biometric traits, including face, iris, fingerprints, electrocardiogram, and photoplethysmography. In this paper, we propose a new BCS approach for securing wireless communications for wearable and implantable healthcare devices using gait signal energy variations and an artificial neural network framework. By simultaneously extracting similar features from BSN sensors using our approach, binary keys can be generated on demand without user intervention. Through an extensive analysis on our BCS approach using a gait dataset, the results have shown that the binary keys generated using our approach have high entropy for all subjects. The keys can pass both National Institute of Standards and Technology and Dieharder statistical tests with high efficiency. The experimental results also show the robustness of the proposed approach in terms of the similarity of intraclass keys and the discriminability of the interclass keys.

A framework for secure and decentralized sharing of medical imaging data via blockchain consensus.

The electronic sharing of medical imaging data is an important element of modern healthcare systems, but current infrastructure for cross-site image transfer depends on trust in third-party intermediaries. In this work, we examine the blockchain concept, which enables parties to establish consensus without relying on a central authority. We develop a framework for cross-domain image sharing that uses a blockchain as a distributed data store to establish a ledger of radiological studies and patient-defined access permissions. The blockchain framework is shown to eliminate third-party access to protected health information, satisfy many criteria of an interoperable health system, and readily generalize to domains beyond medical imaging. Relative drawbacks of the framework include the complexity of the privacy and security models and an unclear regulatory environment. Ultimately, the large-scale feasibility of such an approach remains to be demonstrated and will depend on a number of factors which we discuss in detail.

Protecting contacts against privacy leaks in smartphones.

Due to recent developments in technologies associated with the Internet of Things (IoT), a large number of people now regularly use smart devices, such as smartwatches and smartphones. However, these devices are prone to data leaks because of security vulnerabilities. In particular, Android devices use permission-based security, which allows users to directly approve permissions requested by an app when installing it. As a result, many malicious apps can obtain and leak private user data by requesting more permissions than are needed. However, it is difficult to identify malicious apps based solely on the requested permissions. A system is hence needed to accurately identify malicious apps and protect private data from them. In this paper, we propose a system for hiding data related to a user's contacts or providing virtual data according to preconfigured policies when an Android app requests access to them. By hiding data related to the contacts, the proposed system can protect them from malicious apps. By using virtual data, it can even detect malicious apps that leak private data. The system requires less storage and provides faster access to user contacts than prevalent solutions to similar problems.

Biometrics: Accessibility challenge or opportunity?

Biometric recognition is currently implemented in several authentication contexts, most recently in mobile devices where it is expected to complement or even replace traditional authentication modalities such as PIN (Personal Identification Number) or passwords. The assumed convenience characteristics of biometrics are transparency, reliability and ease-of-use, however, the question of whether biometric recognition is as intuitive and straightforward to use is open to debate. Can biometric systems make some tasks easier for people with accessibility concerns? To investigate this question, an accessibility evaluation of a mobile app was conducted where test subjects withdraw money from a fictitious ATM (Automated Teller Machine) scenario. The biometric authentication mechanisms used include face, voice, and fingerprint. Furthermore, we employed traditional modalities of PIN and pattern in order to check if biometric recognition is indeed a real improvement. The trial test subjects within this work were people with real-life accessibility concerns. A group of people without accessibility concerns also participated, providing a baseline performance. Experimental results are presented concerning performance, HCI (Human-Computer Interaction) and accessibility, grouped according to category of accessibility concern. Our results reveal links between individual modalities and user category establishing guidelines for future accessible biometric products.

Compact FPGA hardware architecture for public key encryption in embedded devices.

Security is a crucial requirement in the envisioned applications of the Internet of Things (IoT), where most of the underlying computing platforms are embedded systems with reduced computing capabilities and energy constraints. In this paper we present the design and evaluation of a scalable low-area FPGA hardware architecture that serves as a building block to accelerate the costly operations of exponentiation and multiplication in [Formula: see text], commonly required in security protocols relying on public key encryption, such as in key agreement, authentication and digital signature. The proposed design can process operands of different size using the same datapath, which exhibits a significant reduction in area without loss of efficiency if compared to representative state of the art designs. For example, our design uses 96% less standard logic than a similar design optimized for performance, and 46% less resources than other design optimized for area. Even using fewer area resources, our design still performs better than its embedded software counterparts (190x and 697x).

Smart Sensing Based on DNA-Metal Interaction Enables a Label-Free and Resettable Security Model of Electrochemical Molecular Keypad Lock.

Recently, molecular keypad locks have received increasing attention. As a new subgroup of smart biosensors, they show great potential for protecting information as a molecular security data processor, rather than merely molecular recognition and quantitation. Herein, label-free electrochemically transduced Ag+ and cysteine (Cys) sensors were developed. A molecular keypad lock model with reset function was successfully realized based on the balanced interaction of metal ion with its nucleic acid and chemical ligands. The correct input of "1-2-3" (i.e., "Ag+-Cys-cDNA") is the only password of such molecular keypad lock. Moreover, the resetting process of either correct or wrong input order could be easily made by Cys, buffer, and DI water treatment. Therefore, our system provides an even smarter system of molecular keypad lock, which could inhibit illegal access of unauthorized users, holding great promise in information protection at the molecular level.

Controlled searching in reversibly de-identified medical imaging archives.

Nowadays, digital medical imaging in healthcare has become a fundamental tool for medical diagnosis. This growth has been accompanied by the development of technologies and standards, such as the DICOM standard and PACS. This environment led to the creation of collaborative projects where there is a need to share medical data between different institutions for research and educational purposes. In this context, it is necessary to maintain patient data privacy and provide an easy and secure mechanism for authorized personnel access. This paper presents a solution that fully de-identifies standard medical imaging objects, including metadata and pixel data, providing at the same time a reversible de-identifier mechanism that retains search capabilities from the original data. The last feature is important in some scenarios, for instance, in collaborative platforms where data is anonymized when shared with the community but searchable for data custodians or authorized entities. The solution was integrated into an open source PACS archive and validated in a multidisciplinary collaborative scenario.

RAIN: A Bio-Inspired Communication and Data Storage Infrastructure.

We summarize the results and perspectives from a companion article, where we presented and evaluated an alternative architecture for data storage in distributed networks. We name the bio-inspired architecture RAIN, and it offers file storage service that, in contrast with current centralized cloud storage, has privacy by design, is open source, is more secure, is scalable, is more sustainable, has community ownership, is inexpensive, and is potentially faster, more efficient, and more reliable. We propose that a RAIN-style architecture could form the backbone of the Internet of Things that likely will integrate multiple current and future infrastructures ranging from online services and cryptocurrency to parts of government administration.