Content Security Research Articles

WebEnclave: Protect Web Secrets From Browser Extensions With Software Enclave

Browser extensions are widely used nowadays to customize users’ browsers with more functionalities, meanwhile introduce potential risks due to escalated privileges. Existing security mechanisms, such as Same Origin Policy and Content Security Policy, do not apply to browser extensions that can read and write on web applications at any time. In spite of the state-of-the-art industrial efforts that rely on centralized management to inspect and detect malicious behaviors massively, the detection-based method cannot analyze fast-evolving behaviors of malicious browser extensions. To this end, we adopt a novel approach to protect users from malicious browser extensions, where we consider the problem of malicious extensions on the side of web applications. From a high level point of view, web developers are allowed to specify sensitive parts in a web application by using our provided software enclave. With our proposed WebEnclave extension installed, when users visit a web application, sensitive information required for the web application to work normally is sealed into an isolated world locally that malicious extensions cannot access. Extensive evaluation of our built prototype shows it can effectively protect user secrets from malicious extensions with negligible performance overhead and usability inconvenience. We also publish source codes for public use.

“I just looked for the solution!”On Integrating Security-Relevant Information in Non-Security API Documentation to Support Secure Coding Practices

Software developers build complex systems using plenty of third-party libraries. Documentation is key to understand and use the functionality provided via the libraries’ APIs. Therefore, functionality is the main focus of contemporary API documentation, while cross-cutting concerns such as security are almost never considered at all, especially when the API itself does not provide security features. Documentations of JavaScript libraries for use in web applications, e.g., do not specify how to add or adapt a Content Security Policy (CSP) to mitigate content injection attacks like Cross-Site Scripting (XSS). This is unfortunate, as security-relevant API documentation might have an influence on secure coding practices and prevailing major vulnerabilities such as XSS. For the first time, we study the effects of integrating security-relevant information in non-security API documentation. For this purpose, we took CSP as an exemplary study object and extended the official Google Maps JavaScript API documentation with security-relevant CSP information in three distinct manners. Then, we evaluated the usage of these variations in a between-group eye-tracking lab study involving N=49 participants. Our observations suggest: (1) Developers are focused on elements with code examples. They mostly skim the documentation while searching for a quick solution to their programming task. This finding gives further evidence to results of related studies. (2) The location where CSP-related code examples are placed in non-security API documentation significantly impacts the time it takes to find this security-relevant information. In particular, the study results showed that the proximity to functional-related code examples in documentation is a decisive factor. (3) Examples significantly help to produce secure CSP solutions. (4) Developers have additional information needs that our approach cannot meet. Overall, our study contributes to a first understanding of the impact of security-relevant information in non-security API documentation on CSP implementation. Although further research is required, our findings emphasize that API producers should take responsibility for adequately documenting security aspects and thus supporting the sensibility and training of developers to implement secure systems. This responsibility also holds in seemingly non-security relevant contexts.

Color image encryption algorithm based on 3D spiral transform and radial diffusion

While digital image information is convenient to transmit in Internet, there is a great risk of information leakage in practice. To satisfy the demands for image content security and real-time communication, we propose a color image encryption algorithm based on a three-dimensional (3D) spiral transform and radial diffusion. Firstly, a 3D spiral transform is designed by combining the R, G and B channels of the color image with the traditional spiral transform; secondly, after the randomly selecting the spiral starting point by the chaotic sequence, the plained image is scrambled by the 3D spiral transform; thirdly, after randomly selecting the method of radial diffusion by the chaotic sequence, the scrambled image is radially diffused by chaotic sequences to obtain the cipher image. Simulation results and theoretical analyses show that the proposed algorithm not only has an excellent encryption effect, but also has the strong security to resist common attacks. Thus, the proposed algorithm can be suitable for the color image transmission under the network platform with the high-security requirement.

A New Robust and Secure 3-Level Digital Image Watermarking Method Based on G-BAT Hybrid Optimization

This contribution applies tools from the information theory and soft computing (SC) paradigms to the embedding and extraction of watermarks in aerial remote sensing (RS) images to protect copyright. By the time 5G came along, Internet usage had already grown exponentially. Regarding copyright protection, the most important responsibility of the digital image watermarking (DIW) approach is to provide authentication and security for digital content. In this paper, our main goal is to provide authentication and security to aerial RS images transmitted over the Internet by the proposal of a hybrid approach using both the redundant discrete wavelet transform (RDWT) and the singular value decomposition (SVD) schemes for DIW. Specifically, SC is adopted in this work for the numerical optimization of critical parameters. Moreover, 1-level RDWT and SVD are applied on digital cover image and singular matrices of LH and HL sub-bands are selected for watermark embedding. Further selected singular matrices SLH and SHL are split into 3×3 non-overlapping blocks, and diagonal positions are used for watermark embedding. Three-level symmetric encryption with low computational cost is used to ensure higher watermark security. A hybrid grasshopper–BAT (G-BAT) SC-based optimization algorithm is also proposed in order to achieve high quality DIW outcomes, and a broad comparison against other methods in the state-of-the-art is provided. The experimental results have demonstrated that our proposal provides high levels of imperceptibility, robustness, embedding capacity and security when dealing with DIW of aerial RS images, even higher than the state-of-the-art methods.

Теоретические аспекты содержания экономической безопасности государства в современных условиях

The change in the general consciousness of society predetermines new approaches to ensuring security, deepens its content and the most important components. At the present stage, the role of economic science in working out the conceptual foundations of economic security is noticeably increasing. The problems of manifestations and identification of existing threats, the search for effective tools and methods for neutralizing or eliminating them come to the fore in the field of economic security from the point of view of its scientific justification. Ensuring the economic security of the state is a guarantee of its independence, a condition for sustainable development, as well as a prerequisite for improving the welfare of all sectors of society. This thesis is confirmed by the experience of European countries in the formation of economic security. Given this, the protection of economic interests is included in the list of the most important national priorities [2]. In this regard, the article analyzes the content of economic security and its subsystems, considers the classification of internal and external threats, methodological approaches to solving the problem of determining indicators of the state of macroeconomic security. Considering the definitions of "economic security" in the interpretation of Western experts, the authors propose their own classification of this category. The establishment of basic standards and indicators of economic security plays an important role, therefore, in the study, the authors of the article develop criteria for determining the level of ensuring the country's economic security.

Separable Reversible Data Hiding in Encrypted AMBTC Images Using Hamming Code

Data hiding is a field widely used in copyright, annotation, and secret communication for digital content, and has been continuously studied for more than 20 years. In general, data hiding uses the original image as a cover image to hide data, but recently, the research area has expanded to research on improving the security and privacy protection of image contents by encrypting the image. This research is called separable reversible data hiding in an encrypted image (SRDH-EI). In this paper, we proposed a more efficient SRDH-EI method based on AMBTC. AMBTC can guarantee very good network transmission efficiency for applications that do not require a particularly high image quality because the compression time is short and calculation is simple compared to other existing compression methods. The SRDH-EI method presented here divides AMBTC into non-overlapping 4×4 blocks and then performs image encryption on them. Thereafter, data can be hidden using a Hamming code for each block. The proposed method has an advantage in that the quality of the cover image and the hiding capacity can be adjusted by appropriately using the value T of the difference between the two quantization levels. The experimental results proved the efficiency and superiority of our proposed model.

SCD2: Secure Content Delivery and Deduplication With Multiple Content Providers in Information Centric Networking

As one of the promising next generation network architectures, information centric networking (ICN) is highly anticipated to improve the bandwidth usage of the Internet and reduce duplicate traffic. Since contents in ICN are disseminated in the whole network, ICN is much more vulnerable and the issue of how to deliver contents securely has been intensively discussed. However, the scalability of the existing schemes is limited. A scalable scheme is expected to be able to achieve fine-grained access control and at the same time also support multiple content providers scenario with efficient key management at user side. Besides, different content providers may publish some identical contents and these contents may be cached in the same intermediate routers, which causes high data redundancy and in turn exerts an adverse impact on the performance of ICN. In this paper, we propose a Secure Content Delivery and Deduplication scheme, called SCD2, to achieve secure and efficient fine-grained access control in ICN with multiple content providers. We first propose a scalable key-policy attribute-based encryption (SKP-ABE) to provide fine-grained access control and allow different attribute authorities to share some public attributes to simplify the key management. Furthermore, based on SKP-ABE, we design a simple but effective mechanism to conduct content deduplication. Finally, we implement a prototype of SCD2 to test its performance and compare it with some existing schemes. The results show that SCD2 has lower storage overhead, a higher degree of deduplication, and better retrieval efficiency.

(Retracted) Software development and design of network security system based on log data

With the rapid development of computer network technology and the fact that the network brings convenience to people’s lives and work, security issues cannot be ignored. Various countries and social organizations build a network security vulnerability database based on big data analysis technology, use network offensive and defensive platforms to train network security talents, and the target environment as a core component in the offensive and defensive platforms plays an important role in practice. We construct a large network security data set with a security knowledge system, analyze the current construction technology and vulnerability data characteristics of major vulnerability databases at home and abroad from multiple levels, and propose a vulnerability information correlation technology based on a combination of general vulnerability numbers and specific vulnerability numbers. Also, we comprehensively analyze each vulnerability database, assess the comprehensiveness and coverage of the vulnerability data information covered, and establish the source of the vulnerability data, data reference, security content automation protocol support, proof of concept, platform environment affected by the vulnerability exploitation code situation, and other fields of network security big data sets with security knowledge system. Here, we have completed the design and implementation of the user rights management module, the centralized monitoring module, and the service desk and configuration change management module. The system can accurately monitor the operation of the system in real time, find problems in time, warn of potential risks, and promote the operation and maintenance approach to intelligent. The transformation has improved the efficiency of fault diagnosis and greatly enhanced the safety of the system. Experimental research shows that the software system automatically screens and manually confirms the vulnerabilities that meet the target construction environment, and initially constructs a total of 43 effective target environments, which provides security researchers with the understanding of vulnerability principles, hazards, and targeted network security training. A stable and convenient experimental environment.

ФОРМУВАННЯ ТОЛЕРАНТНОСТІ МАЙБУТНІХ УЧИТЕЛІВ ПОЧАТКОВОЇ ШКОЛИ В ПРОЦЕСІ ПРОФЕСІЙНОЇ ПІДГОТОВКИ

The article attempts to analyze the philosophical, psychological and pedagogical literature from the point of view of the researched problem - the formation of tolerance of future primary school teachers. It has been proven that an integral part of the tolerance of primary school teachers is the ability to engage in dialogical relationships with students, namely the ability to perceive the situation from the standpoint of others; the property of an emotionally stable personality, which determines the possibility of establishing relationships between people based on values, content and organization of psychological security. The objectives of the pedagogy of tolerance are: recognizing the child as he is: forming a child on a non-violent basis; showing humanity, kindness, sensitivity, tolerance, trust, respect for the pupil; development of skills to find ways to resolve and prevent conflicts; dialogic communication; identification of pedagogical optimism. Formation of tolerance of future primary school teachers occurs by ensuring awareness of the personal significance of tolerance as a necessary feature on axiological and humanistic principles; formation of practical skills for its education in schoolchildren in the educational process; use of forms and methods in classes that involve dialogical and polylogical interaction. The objectives of the pedagogy of tolerance are: recognizing the child as he is: forming a child on a non-violent basis; showing humanity, kindness, sensitivity, tolerance, trust, respect for the pupil; development of skills to find ways to resolve and prevent conflicts; dialogic communication; identification of pedagogical optimism. Tasks were effective, which involved discussing professional problems in groups, brainstorming; situational modeling – role-playing situations; elaboration of discussion issues – «take a position», a continuous scale of opinions, discussion; the use of media resources in general and work on animated films that have a positive impact on the development of motivation and abilities of students to self-improvement, activation of personal and professional experience. What is decisive is that tolerance is manifested among the moral values of humanism, becomes, on the one hand, the basis of modern education, which translates the norms of human relations and is the basis of humanization of knowledge, on the other – the instrumental value of the individual. interaction with others. Key words: tolerance, formation of tolerance of future teacher, future primary school teachers, professional training.

A Blockchain-Based Decentralized Public Key Infrastructure for Information-Centric Networks

How to achieve secure content distribution and accountability in information-centric networking (ICN) is a crucial problem. Subscribers need to verify whether the data came from a reliable source, rather than from a spoofing adversary. Public key cryptography was introduced to achieve a method of authentication that binds the data packet to its owner. In existing prototypes, PKIs, identity-based signatures (IBSs) and recommendation networks are the common schemes used to ensure the authenticity and availability of public keys. However, CA-based PKIs and KGC-based IBSs have been proven to be weak when it comes to resisting security attacks, with recommendation networks being too complex to deploy. In this respect, we designed a novel distributed authentication model as a secure scheme to support public key cryptography. Our model establishes a decentralized public key infrastructure by combining the smart contracts of blockchain and optimized zero-knowledge proof-verifiable presentations by utilizing the DID project, which realizes the management of public key certificates through blockchain and ensures the authenticity and availability of public keys in decentralized infrastructure. Our scheme fundamentally solves the issues of security and feasibility in existing schemes and provides a more scalable solution with respect to authenticating data sources. An experiment demonstrated that our proposal is 20% faster than the original zero knowledge proof scheme in registration.

Secured Multiparty Access Control Model for Online Social Networking Using Machine Learning

In recent years, Online Social Networks (OSNs) have registered significant growth. They have become part of daily routine life, a phenomenon that received the serious attention of academic, technological, and social research communities. Many OSNs allow its users to post multimedia content, communicate in various ways, and share many aspects of their life in addition to building a virtual network of social relationships. While sharing data to the multiple users, there is no mechanism in place to enforce privacy and security issues in OSNs. Users in OSNs reveal personal information such as their profiles photos, relationship status, phone numbers, dates of birth, and other social activities without being aware of the risks and thefts which may occur. Therefore, this paper aims to capture the concepts of multiparty authorization and policy enforcement in an access control model. The paper deliberates broad-spectrum issues of the multi-users such as privacy and security issues, data integrity, scalability, data authentication, and so on, while sending the data. To overcome such a situation, we need to develop an innovative framework, i.e. Novel Adaptive Privacy Policy Prediction (NA3P), for multi-users access control policies using machine learning classification techniques to provide security and policy prediction for shared content.

Cyber Security Concerns in Social Networking Service

Today’s world is unimaginable without online social networks. Nowadays, millions of people connect with their friends and families by sharing their personal information with the help of different forms of social media. Sometimes, individuals face different types of issues while maintaining the multimedia contents like, audios, videos, photos because it is difficult to maintain the security and privacy of these multimedia contents uploaded on a daily basis. In fact, sometimes personal or sensitive information could get viral if that leaks out even unintentionally. Any leaked out content can be shared and made a topic of popular talk all over the world within few seconds with the help of the social networking sites. In the setting of Internet of Things (IoT) that would connect millions of devices, such contents could be shared from anywhere anytime. Considering such a setting, in this work, we investigate the key security and privacy concerns faced by individuals who use different social networking sites differently for different reasons. We also discuss the current state-of-the-art defense mechanisms that can bring somewhat long-term solutions to tackling these threats.

A cloud-based buyer-seller watermarking protocol (CB-BSWP) using semi-trusted third party for copy deterrence and privacy preserving.

Nowadays, cloud computing provides a platform infrastructure for the secure dealing of digital data, but privacy and copy control are the two important issues in it over a network. Cloud data is available to the end user and requires enormous security and privacy techniques to protect the data. Moreover, the access control mechanism with encryption-based technique protects the digital rights for participants in a transaction, but they do not protect the media from being illegally redistributed and do not restrict an authorized user to reveal their secret information this is referred to as you can access but you cannot leak. This brought out a need for controlling copy deterrence and preserving the privacy of digital media over the internet. To overlook this, we proposed a cloud-based buyer-seller watermarking protocol (CB-BSWP) with the use of a semi-trusted third party for copy deterrence and privacy-preserving in the cloud environment. The suggested scheme uses 1) a privacy homomorphism cryptosystem with Diffie-Hellman key exchange algorithm to provide an encrypted domain for the secure exchange of digital media 2) adopt robust and fair watermarking techniques to ensure high imperceptibility and robustness for the watermarked images against attacks 3) two services of cloud Infrastructure as a service (IaaS) to support virtualized computing infrastructure and Watermarking as a service (WaaS) to execute the speedy process of watermarking, this process is supported by watermarking generation and signing phase (WGSP) and watermark extraction and verifying phase reported in 4th section. 4) cloud service provider (CSP) considered as a “semi-trusted” third party to reduce the burden from the trusted third party (TTP) server and provide storage for the encrypted digital media on cloud databases, this frees content owner from not having a separate storage infrastructure. The proposed scheme encrypts the digital content by using SHA-512 algorithm with key size 512-bits to ensure that it doesn’t affect computational time during the process of encryption. The suggested scheme addresses the problems of piracy tracing, anonymity, tamper resistance, non-framing, customer rights problem. The role of cloud is crucial because it reduces communication overhead, provides unlimited storage, supports the watermarking process and offers a solution for the secure distribution of end-to-end security of digital content over cloud. To check the performance of the suggested CB-BSWP protocol against common image processing attacks, we have conducted experiments in which the perceptual quality of watermarked digital media was found enhanced, resulting in a robust watermark.

A comprehensive survey on robust image watermarking

With the rapid development and popularity of the Internet, multimedia security has become a general essential concern. Especially, as manipulation of digital images gets much easier, the challenges it brings to authentication certification are increasing. As part of the solution, digital watermarking has made significant contributions to image content security and has attracted increasing attention. In this paper, we present a comprehensive review on digital image watermarking methods that were published in recent years illustrating the conventional schemes in different domains. We provide an overview of geometric invariant techniques and emerging watermarking methods for novel medias, such as depth image based rendering (DIBR), high dynamic range (HDR), screen content images (SCIs), and point cloud model. Particularly, as deep learning has achieved a great success in the field of image processing, and has also successfully been used in the field of digital watermarking, learning-based watermarking methods using various neural networks are summarized according to the utilization of neural networks in the single stage training (SST) and double stage training (DST). Finally, we provide an analysis and summary on those methods, and suggest some future research directions.

The concept of the development of Russian legislation in the field of aviation security

The study of the place of aviation security in the structure of transport security is conditioned by theoretical and practical needs in determining the need to preserve or exclude the existing dual legal regulation of legal relations by the norms of Russian air legislation and legislation in the field of transport security. Currently, the legal norms regulating: the definition of organizations authorized to protect air transport; the definition of requirements for the protection of air transport, including inspection measures; certification and training of specialists (personnel) directly performing functions in the field of aviation security are duplicated. Based on the comparison of concepts, content and principles of transport and aviation security, the general and special features in their legal regulation as a whole and private are revealed. The purpose of the study was an attempt to define the concept of development of Russian legislation in the field of aviation security from acts of unlawful interference, taking into account the draft law "On Amendments to the Federal Law "On Transport Security" and Certain Legislative Acts of the Russian Federation" developed by the Ministry of Transport of the Russian Federation. The analysis made it possible to draw conclusions that the draft law proposed by the Ministry of Transport of Russia radically changes the state approach to regulating legal relations in the field of aviation security. It seems necessary to conduct additional discussions and assess the regulatory impact of the proposed draft law on the possibility of developing the Russian aviation business in the conditions of abandonment of the federal aviation security system. Based on the analysis, the author's concepts of "aviation security" and "act of unlawful interference" are proposed, the necessity of making appropriate amendments to Article 83 of the Air Code of the Russian Federation is substantiated. The scientific novelty of the study lies in the fact that an industry approach is proposed in the public administration of the legal relations under consideration, taking into account the specifics of air transport and a significant amount of international law on the protection of aviation.

Content Object Security in the Internet of Things: Challenges, Prospects, and Emerging Solutions

Content objects are confined data elements that carry meaningful information. Massive amounts of content objects are published and exchanged every day on the Internet. The emerging Internet of Things (IoT) augments the network edge with reading sensors and controlling actuators that comprise machine-to-machine communication using small data objects. IoT content objects are often messages that fit into single IPv6 datagram. These IoT messages frequently traverse protocol translators at gateways, which break end-to-end transport and security of Internet protocols. To preserve content security from end to end via gateways and proxies, the IETF recently developed Object Security for Constrained RESTful Environments (OSCORE), which extends the Constrained Application Protocol (CoAP) with content object security features commonly known from Information Centric Networking (ICN). This paper revisits the current IoT protocol architectures and presents a comparative analysis of protocol stacks that protect request-response transactions. We discuss features and limitations of the different protocols and analyze emerging functional extensions. We measure the protocol performances of CoAP over Datagram Transport Layer Security (DTLS), OSCORE, and the information-centric Named Data Networking (NDN) protocol on a large-scale IoT testbed in single- and multi-hop scenarios. Our findings indicate that (a) OSCORE improves on CoAP over DTLS in error-prone wireless regimes due to omitting the overhead of maintaining security sessions at endpoints, (b) NDN attains superior robustness and reliability due to its intrinsic network caches and hop-wise retransmissions, and (c) OSCORE/CoAP offers room for improvement and optimization in multiple directions.

A novel watermarking scheme based on discrete wavelet transform‐singular value decomposition

AbstractDue to the rapid advancement in information technology, individuals as well as organizations frequently transfer or share their digital content via cyberspace. The security and integrity of this digital content become a big concern, as any middleman can misuse or temper this content. Digital watermarking is a blessing to protect it from any unwanted tampering. Even though many researchers have implemented various watermarking approaches, but still ownership protection and reliability concerns are not fully mitigated. This paper proposes an improved novel hybrid watermarking scheme by combining discrete wavelet transform (DWT) with singular value decomposition (SVD) to minimize these concerns. At first, the host image is decomposed by multi‐level DWT and a two‐level SVD is applied to the fourth lower‐level coefficient (LL5) of the host image. Then the watermark is inserted into the specified sub‐band of the host image. The watermark is extracted in a reverse manner. The hybridization of DWT and SVD ensures that the watermarking technique performs better in terms of visual distortion and robustness. The outcomes of the experiment show that our proposed method is more robust, imperceptible, and secure than the existing DWT‐SVD based methods, even with a broad watermark scale.

Satisfaction with HyFlex Teaching and Law-abiding Leadership Education in Hong Kong University Students Under COVID-19

Since the early days of COVID-19, university teaching has changed from face-to-face format to online mode. With the gradual containment of the pandemic, there is no need for school lockdown. As a result, the teaching format has changed to HyFlex mode integrating both face-to-face and online modes. Obviously, it is necessary to understand the academic quality of life among students under the Hyflex teaching mode. In this paper, we report an evaluation study on a leadership subject in Hong Kong delivered via HyFlex teaching using a post-lecture evaluation strategy. In one of the lectures, we covered law-abiding leadership in university students, including abiding by the Hong Kong National Security Law. The post-lecture evaluation showed that students generally held positive views toward the HyFlex teaching and they perceived that the subject promoted their well-being indexed by psychosocial competence. Regarding the lecture on law-abiding leadership, students agreed that the lecture promoted their psychosocial competence, personal development, knowledge about law-abiding behavior and national security (including the Hong Kong National Security Law), and readiness to serve as socially responsible leaders. Positive perceptions of the lecture design, teacher performance, lecture content of law-abiding leadership and national security, and benefits positively predicted students’ overall satisfaction with the lecture on law-abiding leadership and national security.

An Optimal Text Watermarking Method for Sensitive Detecting of Illegal Tampering Attacks

Due to the rapid increase in the exchange of text information via internet networks, the security and authenticity of digital content have become a major research issue. The main challenges faced by researchers are how to hide the information within the text to use it later for authentication and attacks tampering detection without effects on the meaning and size of the given digital text. In this paper, an efficient text-based watermarking method has been proposed for detecting the illegal tampering attacks on the Arabic text transmitted online via an Internet network. Towards this purpose, the accuracy of tampering detection and watermark robustness has been improved of the proposed method as compared with the existing approaches. In the proposed method, both embedding and extracting of the watermark are logically implemented, which causes no change in the digital text. This is achieved by using the third level and alphanumeric strategy of the Markov model as a text analysis technique for analyzing the Arabic contents to obtain its features which are considered as the digital watermark. This digital watermark will be used later to detecting any tampering of illegal attack on the received Arabic text. An extensive set of experiments using four data sets of varying lengths proves the effectiveness of our approach in terms of detection accuracy, robustness, and effectiveness under multiple random locations of the common tampering attacks.

Chatbot-Assisted Care Management.

Chatbots are automated conversation pathways that users can access through text message or email on smartphones or other connected devices. In care management, they can be used to monitor patients' health conditions or recovery from procedures. This article describes nurse care managers' experiences using chatbots in patient care, illustrated through two patient case reviews. Considerations for planning and implementing chatbot technology in care management settings are discussed. This care management service is part of an accountable care organization that serves 582,000 patients in University Hospitals of Cleveland, Ohio. Care management focuses on patients with chronic conditions, recent hospital discharges, and other needs. Care managers comprise a centralized team as well as embedded staff in select primary care practices. The two patient cases are exemplars from the care management program serving patients recently discharged from the hospital with ongoing chronic conditions that increase risk for readmission. Use of chatbots helped overcome obstacles to conventional care management outreach and resulted in improved outcomes and strong trusting relationships with the care managers. Patients who typically do not respond to other types of care manager outreach may respond to text message-based, asynchronous chatbot communication. Interpersonal relationships between care managers and patients can be strengthened by chatbot support. Chatbot technology tracks patients' progress and offers insights to patients and clinicians to facilitate earlier interventions when problems occur. Chatbots make frequent patient contact to collect and provide routine information, allowing care managers to spend more time on high-value interactions that require clinical judgment. Potential concerns about chatbots include effect on labor force, information security, health equity, and oversight of content.