ABSTRACT
Counterfeited products are a significant problem in both developed and developing countries and has become more critical as an aftermath of COVID-19, exclusively for drugs and medical equipment's. In this paper, an innovative approach is proposed to resist counterfeiting which is based on the principles of Synthetic DNA. The proposed encryption approach has employed the distinctive features of synthetic DNA in amalgamation with DNA encryption to provide information security and functions as an anticounterfeiting method that ensures usability. The scheme's security analysis and proof of concept are detailed. Scyther is used to carry out the formal analysis of the scheme, and all of the modeled assertions are verified without any attacks. © 2022 IEEE.
ABSTRACT
As a result of COVID-19, a lot of users in Pakistan switched to online banking. However, the most significant obstacles to the widespread use of online banking applications are security and usability concerns.This research aims to analyze the security and usability of online banking applications in Pakistan. An investigation of security, usability, users' education, and comparison with international online banking applications is carried out in this study. In the first phase of this study, a survey was conducted on 302 participants to collect data from end-users perspectives in Pakistan. The statistical analysis tool SPSS was used to analyze the survey findings. In the second phase of this study, a limited number of experts were interviewed to better understand the survey findings. Survey and interview findings were compared to highlight the strength and weaknesses of online banking applications in Pakistan. Additionally, this study aims to identify users' needs and provide suggestions for improving the acceptance and usage of online banking applications in Pakistan.The results indicate that the use of mobile banking is relatively high as compared to other online banking applications. Most users are not familiar with all the features, and functions provided in online banking. Users are still experiencing significant difficulties in logging in, especially after a long time of inactivity. Additional authentication other than OTP is needed at the time of the transaction. Users should be educated about security features and security measures to avoid online attacks while banking online. It is hoped that the findings of this study will help online banking service providers in Pakistan to recognize usability, security, and user education issues and make their services more secure, usable, and convenient. Additionally, this study aims to identify users' needs and provide suggestions for improving the acceptance and usage of online banking applications in Pakistan. © 2022 IEEE.
ABSTRACT
The emergence of the COVID-19 pandemic led several organizations around the world and in the most varied areas of activity, to move from the intention to implement a digital transformation in the medium/long-term, to an instant obligation to apply the digital transformation. The organizations’ ability to adapt immediately meant their survival and even in some cases a positive evolution of their business. The digital transformation applied in an abrupt way has uncovered some critical factors for its success. One of the most relevant factors will be information security. Many of the digital systems put into operation more intensively during the pandemic, have shown to be highly fragile on issues related to information security. One relevant problem of the organizations is the low effectiveness and efficiency of financial, human, and material resources, allocated to the reduction or mitigation of the risks identified in their information systems. This study aims to offer a new method for prioritizing security risks. The new proposed method directs the organizations resources to more effectively and efficiently actions to reduce or mitigate the identified vulnerabilities of the information system. © 2022, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
ABSTRACT
Wireless body area networks (WBANs) play a paramount role in modern health-care systems and bring numerous benefits. Modern WBANs provide a promising service especially for elderly people suffering from heart disease, Alzheimer, etc., which enable them to live safely and independently. Medical institutions tend to use WBANs to provide real-time monitoring of remote patients outside hospitals, which helps saving their lives by means of instant and proper responses at emergency situations. However, in 2020, the world was affected by COVID-19 pandemic and thousands of new cases are discovered daily all over the world. The pandemic provoked a serious lack in professional staff and in many countries there were not enough beds in hospitals for patients with COVID-19 symptoms. This in turn increases the demand for WBANs, which can help medical institutions to withstand harmful consequences of the pandemic and to ensure regular patients monitoring. In this context, very recently, Fotouhi et al. proposed a new lightweight authentication scheme to secure patient's sensitive data in WBANs. The authors claimed that their scheme is secure against various known attacks and is efficient to be applied in practice. However, we analyze Fotouhi et al.'s scheme and find out that their scheme is prone to several attacks. In this paper, we point out the weaknesses associated with their proposed lightweight authentication scheme. © 2021 IEEE
ABSTRACT
Contact tracing has widely been adopted to control the spread of Coronavirus-2019 (COVID-19). It enables to identify, assess, and manage people who have been exposed to COVID-19, thereby preventing from its further transmission. Today's most of the contact tracing approaches, tools, and solutions fall short in providing decentralized, transparent, traceable, immutable, auditable, secure, and trustworthy features. In this paper, we propose a decentralized blockchain-based COVID-19 contact tracing solution. Contact tracing can greatly suffice the need for a speedy response to a pandemic. We leverage the immutable and tamper-proof features of blockchain to enforce trust, accountability, and transparency. Trusted and registered oracles are used to bridge the gap between on-chain and off-chain data. With no third parties involved or centralized servers, the users' medical information is not prone to invasion, hacking, or abuse. Each user is registered using their digital medical passports. To respect the privacy of the users, their locations are updated with a time delay of 20 minutes. Using Ethereum smart contracts, transactions are executed on-chain with emitted events and immutable logs. We present details of the implemented algorithms and their testing analysis. We evaluate the proposed approach using security, cost, and privacy parameters to show its effectiveness. The smart contracts code is publicly made available on GitHub.
ABSTRACT
The year 2020 has witnessed unprecedented levels of demand for COVID-19 medical equipment and supplies. However, most of today's systems, methods, and technologies leveraged for handling the forward supply chain of COVID-19 medical equipment and the waste that results from them after usage are inefficient. They fall short in providing traceability, reliability, operational transparency, security, and trust features. Also, they are centralized that can cause a single point of failure problem. In this paper, we propose a decentralized blockchain-based solution to automate forward supply chain processes for the COVID-19 medical equipment and enable information exchange among all the stakeholders involved in their waste management in a manner that is fully secure, transparent, traceable, and trustworthy. We integrate the Ethereum blockchain with decentralized storage of interplanetary file systems (IPFS) to securely fetch, store, and share the data related to the forward supply chain of COVID-19 medical equipment and their waste management. We develop algorithms to define interaction rules regarding COVID-19 waste handling and penalties to be imposed on the stakeholders in case of violations. We present system design along with its full implementation details. We evaluate the performance of the proposed solution using cost analysis to show its affordability. We present the security analysis to verify the reliability of the smart contracts, and discuss our solution from the generalization and applicability point of view. Furthermore, we outline the limitations of our solution in form of open challenges that can act as future research directions. We make our smart contracts code publicly available on GitHub.
ABSTRACT
The task of preserving patient data is becoming more sophisticated with the evolution of technology and its integration with the medical sector in the form of telemedicine and electronic health (e-health). Secured medical image transmission requires adequate techniques for protecting patient privacy. This study aims at encrypting Coronavirus (COVID-19) images of Computed Tomography (CT) chest scan into cipherimages for secure real-world data transmission of infected patients. Provably safe pseudo-random generators are used for the production of a "key-stream" to achieve high privacy of patient data. The Blum Blum Shub (BBS) generator is a powerful generator of pseudo-random bit-strings. In this article, a hashing version of BBS, namely Hash-BBS (HBBS) generator, is presented to exploit the benefits of a hash function to reinforce the integrity of extracted binary sequences for creating multiple key-streams. The NIST-test-suite has been used to analyze and verify the statistical properties of resulted key bit-strings of all tested operations. The obtained bit-strings showed good randomness properties; consequently, uniform distributed binary sequence was achieved over the key length. Based on the obtained key-streams, an encryption scheme of four COVID-19 CT-images is proposed and designed to attain a high grade of confidentiality and integrity in transmission of medical data. In addition, a comprehensive performance analysis was done using different evaluation metrics. The evaluation results of this study demonstrated that the proposed key-stream generator outperforms the other security methods of previous studies. Therefore, it can be successfully applied to satisfy security requirements of transmitting CT-images for COVID-19 patients.