Tian-shu ZHOU,Xing-hua ZHU,Jing-song LI

DOI: https://doi.org/10.3969/j.issn.1673-7571.2015.06.025

2015-01-01

Abstract:To meet the demand of big data sharing and communication in regional medical systems in a secure manner, we designed and developed a security system within HIE-oriented EMR, including identity authentication, privilege management, access log, and data encryption modules. The establish and deployment of the system could prevent access from the illegal users, keep EMR system accessibility while controllability, record the modification traces and make it undeniability, protect the medical data from intercepted by intruders, keep the data confidentiality from none stakeholders, and finally construct a complete security system in EMR.

Xiaoliang Wang,Liang Bai,Qing Yang,Liu Wang,Frank Jiang

DOI: https://doi.org/10.1016/j.jisa.2019.04.010

IF: 4.96

2019-01-01

Journal of Information Security and Applications

Abstract:With the development of wireless sensor network and internet, ubiquitous eHealth care systems are booming. However, a great deal of data computing and storage processing restrict the scalability of ubiquitous eHealth. As a solution, cloud-based eHealth is coming up. However, using cloud-computing model often causes some privacy concerns. Massive medical data in eHealth system contain numerous sensitive information and electronic health records of users. Meanwhile, if data encryption is adopted to protect privacy, cloud center cannot process data. To solve this problem, a scheme based on fully homomorphism conception for privacy protection and data processing of eHealth is proposed in this paper. Our scheme not only meets the aforementioned dual requirements but also limit the arbitrary actions of patients and doctors.

Yuan Tian,Biao Song,Mohammad Mehedi Hassan,Eui-Nam Huh

DOI: https://doi.org/10.3837/tiis.2012.10.016

2012-01-01

KSII Transactions on Internet and Information Systems

Abstract:The growing concern for the protection of personal information has made it critical to implement effective technologies for privacy and data management. By observing the limitations of existing approaches, we found that there is an urgent need for a flexible, privacy-aware system that is able to meet the privacy preservation needs at both the role levels and the personal levels. We proposed a conceptual system that considered these two requirements: a graph-based, access control model to safeguard patient privacy. We present a case study of the healthcare field in this paper. While our model was tested in the field of healthcare, it is generic and can be adapted to use in other fields. The proof-of-concept demos were also provided with the aim of valuating the efficacy of our system. In the end, based on the hospital scenarios, we present the experimental results to demonstrate the performance of our system, and we also compared those results to existing privacy-aware systems. As a result, we ensured a high quality of medical care service by preserving patient privacy.

Abdullah Alabdulatif,Navod Neranjan Thilakarathne,Kassim Kalinaki

DOI: https://doi.org/10.3390/electronics12122646

IF: 2.9

2023-06-13

Electronics

Abstract:In the context of healthcare, big data refers to a complex compilation of digital medical data collected from many sources that are difficult to manage with normal technology and software due to its size and complexity. These big data are useful in various aspects of healthcare, such as disease diagnosis, early prevention of diseases, and predicting epidemics. Even though medical big data has many advantages and a lot of potential for revolutionizing healthcare, it also has a lot of drawbacks and problems, of which security and privacy are of the utmost concern, owing to the severity of the complications once the medical data is compromised. On the other hand, it is evident that existing security and privacy safeguards in healthcare organizations are insufficient to protect their massive, big data repositories and ubiquitous environment. Thus, motivated by the synthesizing of the current knowledge pertaining to the security and privacy of medical big data, including the countermeasures, in the study, firstly, we provide a comprehensive review of the security and privacy of medical big data, including countermeasures. Secondly, we propose a novel cloud-enabled hybrid access control framework for securing the medical big data in healthcare organizations, and the result of this research indicates that the proposed access control model can withstand most cyber-attacks, and it is also proven that the proposed framework can be utilized as a primary base to build secure and safe medical big data solutions. Thus, we believe this research would be useful for future researchers to comprehend the knowledge on the security and privacy of medical big data and the development of countermeasures.

engineering, electrical & electronic,computer science, information systems,physics, applied

Zhang Wenhua,Mohammad Kamrul Hasan,Norleyza Binti Jailani,Shayla Islam,Nurhizam Safie,Hussain Mobarak Albarakati,Abeer Aljohani,Muhammad Attique Khan

DOI: https://doi.org/10.1016/j.chb.2024.108134

IF: 9.9

2024-01-04

Computers in Human Behavior

Abstract:Telehealth, a cornerstone of Healthcare 4.0 has widespread adoption owing to its convenience and efficiency. However, the secure transmission of patient records over the Internet and Cloud services remains a paramount concern. This study endeavors to design an enhanced security model that guarantees the privacy and confidentiality of patient electronic health records in telehealth applications. The proposed model employs a lightweight encryption algorithm to generate an access token that strictly regulates data access exclusively to the patient's department. Leveraging the patient's unique ID for encryption and decryption processes, the model ensures the secure handling of sensitive information. Robust data privacy measures are implemented through a random key generator utilizing the patient's ECG signal for secure key generation. Test results underscore the efficacy of the proposed security model in limiting access to patient-related data within the designated department. Furthermore, the model employs an efficient encryption algorithm, resulting in a 0.2% increase in generation rate compared to previous models, while reducing CPU usage by 23.16%. These enhancements significantly bolster the reliability and efficiency of the security model, providing robust safeguards for patient electronic health records' privacy and confidentiality during transmission across diverse telehealth applications. This study makes a substantial contribution to healthcare by addressing critical concerns surrounding patient privacy and confidentiality. The designed security model stands poised for seamless integration into various telehealth applications, offering a steadfast solution for data privacy and confidentiality concerns.

psychology, multidisciplinary, experimental

Kirtirajsinh Zala,Hiren Kumar Thakkar,Rajendrasinh Jadeja,Neel H Dholakia,Ketan Kotecha,Deepak Kumar Jain,Madhu Shukla

DOI: https://doi.org/10.1155/2022/3804553

2022-08-18

Abstract:Traditional healthcare services have changed into modern ones in which doctors can diagnose patients from a distance. All stakeholders, including patients, ward boy, life insurance agents, physicians, and others, have easy access to patients' medical records due to cloud computing. The cloud's services are very cost-effective and scalable, and provide various mobile access options for a patient's electronic health records (EHRs). EHR privacy and security are critical concerns despite the many benefits of the cloud. Patient health information is extremely sensitive and important, and sending it over an unencrypted wireless media raises a number of security hazards. This study suggests an innovative and secure access system for cloud-based electronic healthcare services storing patient health records in a third-party cloud service provider. The research considers the remote healthcare requirements for maintaining patient information integrity, confidentiality, and security. There will be fewer attacks on e-healthcare records now that stakeholders will have a safe interface and data on the cloud will not be accessible to them. End-to-end encryption is ensured by using multiple keys generated by the key conclusion function (KCF), and access to cloud services is granted based on a person's identity and the relationship between the parties involved, which protects their personal information that is the methodology used in the proposed scheme. The proposed scheme is best suited for cloud-based e-healthcare services because of its simplicity and robustness. Using different Amazon EC2 hosting options, we examine how well our cloud-based web application service works when the number of requests linearly increases. The performance of our web application service that runs in the cloud is based on how many requests it can handle per second while keeping its response time constant. The proposed secure access scheme for cloud-based web applications was compared to the Ethereum blockchain platform, which uses internet of things (IoT) devices in terms of execution time, throughput, and latency.

Shengmin Xu,Jianting Ning,Xinyi Huang,Yingjiu Li,Guowen Xu

DOI: https://doi.org/10.1109/tdsc.2021.3106393

2022-01-01

Abstract:Healthcare Internet-of-Things (IoT) enables lightweight devices to observe patients’ vital signals and outsource them to a remote cloud to enjoy flexible data sharing. However, it faces many security threats as the outsourced data is no longer physically controlled by data owners, and the cloud that hosts the outsourced data is not fully trusted. Many privacy protection technologies have been adopted to solve this problem, among which cryptographic mechanisms have become one of the most promising tools. Unfortunately, current cryptographic mechanisms in healthcare IoT mainly suffer from the following challenges: 1) dynamic user groups for managing users’ accessibility; 2) efficient revocation mechanism to mitigate the burden during user revocation; 3) forward and backward secrecy to ensure session independence in the presence of session key leakage; 4) revocable storage to prevent data users from learning any unauthorized data even the data is authorized before; and 5) information manipulation during data transmission. In this article, we introduce a practical and secure system to address the above problems. Our system provides fine-grained access control with dynamic user groups for optimizing scalability and functionality. We prove that our system is secure against numerous real-world threats. Extensive comparison and experimental analysis demonstrate that our system enjoys superior performance than the state-of-the-art solutions.

Pasupathy Vimalachandran,Hua Wang,Yanchun Zhang,Ben Heyward,Yueai Zhao

DOI: https://doi.org/10.48550/arXiv.1802.00575

2018-02-02

Abstract:As a consequence of the huge advancement of the Electronic Health Record (EHR) in healthcare settings, the My Health Record (MHR) is introduced in Australia. However security and privacy of the MHR system have been encumbering the development of the system. Even though the MHR system is claimed as patient-cenred and patient-controlled, there are several instances where healthcare providers (other than the usual provider) and system operators who maintain the system can easily access the system and these unauthorised accesses can lead to a breach of the privacy of the patients. This is one of the main concerns of the consumers that affect the uptake of the system. In this paper, we propose a patient centred MHR framework which requests authorisation from the patient to access their sensitive health information. The proposed model increases the involvement and satisfaction of the patients in their healthcare and also suggests mobile security system to give an online permission to access the MHR system.

Computers and Society

Shaden Al-Aqeeli,Mznah Al-Rodhaan,Yuan Tian

DOI: https://doi.org/10.1109/iciht.2017.7899150

2017-01-01

Abstract:Preserving privacy of the electronic health records of the patients has been a fundamental issue in the healthcare domain. Several techniques have been employed to maintain privacy of the sensitive information such as controlling access to the medical records. While acting as a first line of defense against illegitimate access, traditional access control schemes fall short of defending against misbehavior of the already authenticated and authorized users; a risk that can harbor devastating consequences upon potential data release or leak. Several approaches can be implemented to overcome this risk such as establishing the notion of trustworthiness of the system users, which makes the access control scheme more dynamic and adaptable. In effect, as opposed to rigidly denying an access request, an access control model becomes more tolerable towards risky access requests by employing risk mitigation strategies. This paper introduces a novel risk mitigation strategy, for the healthcare domain, through which the risk associated with an access request is evaluated against the privacy preferences of the patient undergoing the medical procedure. The proposed strategy, which is HIPAA compliant, decides the set of data objects that can be safely exposed to the healthcare service provider such that unnecessarily repeated tests and procedures can be avoided and the privacy preferences of the patient are preserved.

Daniel Agbesi Dzissah,Joong-Sun Lee,Hiroyuki Suzuki,Mie Nakamura,Takashi Obi

DOI: https://doi.org/10.4258/hir.2019.25.2.106

2019-01-01

Healthcare Informatics Research

Abstract:OBJECTIVES: Home-based nursing care services have increased over the past decade. However, accountability and privacy issues as well as security concerns become more challenging during care provider visits. Because of the heterogeneous combination of mobile and stationary assistive medical care devices, conventional systems lack architectural consistency, which leads to inherent time delays and inaccuracies in sharing information. The goal of our study is to develop an architecture that meets the competing goals of accountability and privacy and enhances security in distributed home-based care systems.METHODS: We realized this by using a context-aware approach to manage access to remote data. Our architecture uses a public certification service for individuals, the Japanese Public Key Infrastructure and Health Informatics-PKI to identify and validate the attributes of medical personnel. Both PKI mechanisms are provided by using separate smart cards issued by the government.RESULTS: Context-awareness enables users to have appropriate data access in home-based nursing environments. Our architecture ensures that healthcare providers perform the needed home care services by accessing patient data online and recording transactions.CONCLUSIONS: The proposed method aims to enhance healthcare data access and secure information delivery to preserve user's privacy. We implemented a prototype system and confirmed its feasibility by experimental evaluation. Our research can contribute to reducing patient neglect and wrongful treatment, and thus reduce health insurance costs by ensuring correct insurance claims. Our study can provide a baseline towards building distinctive intelligent treatment options to clinicians and serve as a model for home-based nursing care.

Shengmin Xu,Jianting Ning,Yingjiu Li,Yinghui Zhang,Guowen Xu,Xinyi Huang,Robert H. Deng

DOI: https://doi.org/10.1109/tdsc.2021.3126532

2023-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:To reduce the cost of human and material resources and improve the collaborations among medical systems, research laboratories and insurance companies for healthcare researches and commercial activities, electronic medical records (EMRs) have been proposed to shift from paperwork to friendly shareable electronic records. To take advantage of EMRs efficiently and reduce the cost of local storage, EMRs are usually outsourced to the remote cloud for sharing medical data with authorized users. However, cloud service providers are untrustworthy. In this paper, we propose an efficient, secure, and flexible EMR sharing system by introducing a novel cryptosystem called dual-policy revocable attribute-based encryption and tamper resistance blockchain technology. Our proposed system enables EMRs to be shared at a fine-grained level and allows data users to detect any unauthorized manipulation. Moreover, the key generation center can revoke malicious users without affecting the honest users. We provide the formal security model as well as the concrete scheme with security analysis. The experimental simulation and experimental analysis of our proposed scheme demonstrate that our proposed system has superior performances to the most relevant solutions.

Fatos Xhafa,Jingwei Li,Gansen Zhao,Jin Li,Xiaofeng Chen,Duncan S. Wong

DOI: https://doi.org/10.1007/s11042-013-1829-6

IF: 2.577

2014-01-01

Multimedia Tools and Applications

Abstract:With the development of cloud computing, electronic health record (EHR) system has appeared in the form of patient-centric, in which patients store their personal health records (PHRs) at a remote cloud server and selectively share them with physicians for convenient medical care. Although the newly emerged form has many advantages over traditional client-server model, it inevitably introduces patients’ concerns on the privacy of their PHRs due to the fact that cloud servers are very likely to be in a different trusted domain from that of the patients. In this paper, aiming at allowing for efficient storing and sharing PHRs and also eliminating patients’ worries about PHR privacy, we design a secure cloud-based EHR system, which guarantees security and privacy of medical data stored in the cloud, relying on cryptographic primitive but not the full trust over cloud servers. Based on our proposed basic EHR system, we provide several extensions including adding searchability, supporting revocation functionality and enabling efficient local decryption, which fills the gap between theoretical proposal and practical application.

Chin-Ling Chen,Po-Tsun Huang,Yung-Yuan Deng,Hsing-Chung Chen,Yun-Ciao Wang

DOI: https://doi.org/10.1186/s13673-020-00221-1

2020-05-07

Abstract:Abstract As cloud computing technology matures, along with an increased application of distributed networks, increasingly larger amounts of data are being stored in the cloud, and are thus available for pervasive application. At the same time, current independent medical record systems tend to be inefficient, and most previous studies in this field fail to meet the security requirements of anonymity and unlinkability. Some proposed schemes are even vulnerable to malicious impersonation attacks. The scheme proposed in this study, therefore, combines public and private clouds in order to more efficiently and securely preserve and manage electronic medical records (EMR). In this paper, a new secure EMR authorization system is proposed, which uses elliptic curve encryption and public-key encryption, providing a health care system with both public and private cloud environments with a message authentication mechanism, allowing the secure sharing of medical resources. The analysis shows that the proposed scheme prevents known attacks, such as replay attacks, man-in-the-middle attacks and impersonation attacks, and provides user anonymity, unlinkability, integrity, non-repudiation, forward and backward security.

computer science, information systems

Mehedi Masud,Gurjot Singh Gaba,Karanjeet Choudhary,Roobaea Alroobaea,M Shamim Hossain

DOI: https://doi.org/10.1007/s12083-021-01162-x

Abstract:Traditional healthcare services have transitioned into modern healthcare services where doctors remotely diagnose the patients. Cloud computing plays a significant role in this change by providing easy access to patients' medical records to all stakeholders, such as doctors, nurses, patients, life insurance agents, etc. Cloud services are scalable, cost-effective, and offer a broad range of mobile access to patients' electronic health record (EHR). Despite the cloud's enormous benefits like real-time data access, patients' EHR security and privacy are major concerns. Since the information about patients' health is highly sensitive and crucial, sharing it over the unsecured wireless medium brings many security challenges such as eavesdropping, modifications, etc. Considering the security needs of remote healthcare, this paper proposes a robust and lightweight, secure access scheme for cloud-based E-healthcare services. The proposed scheme addresses the potential threats to E-healthcare by providing a secure interface to stakeholders and prohibiting unauthorized users from accessing information stored in the cloud. The scheme makes use of multiple keys formed through the key derivation function (KDF) to ensure end-to-end ciphering of information for preventing misuse. The rights to access the cloud services are provided based on the identity and the association between stakeholders, thus ensuring privacy. Due to its simplicity and robustness, the proposed scheme is the best fit for protecting data security and privacy in cloud-based E-healthcare services.

Aisha Banu,Sharon Priya S,Poojitha K,Kiruthiga R,Ruby Annette,Subash Chandran

DOI: https://doi.org/10.48550/arXiv.2306.17084

2023-06-26

Abstract:Electronic Health Records (EHRs) have undergone numerous technical improvements in recent years, including the incorporation of mobile devices with the cloud computing technologies to facilitate medical data exchanges between patients and the healthcare professionals. This cutting-edge architecture enables cyber physical systems housed in the cloud to provide healthcare services with minimal operational costs, high flexibility, security, and EHR accessibility. If patient health information is stored in the hospital database, there will always be a risk of intrusion, i.e., unauthorized file access and information modification by attackers. To address this concern, we propose a decentralized EHR system based on Blockchain technology. To facilitate secure EHR exchange across various patients and medical providers, we develop a reliable access control method based on smart contracts. We incorporate Cryptocurrency, specifically Ethereum, in the suggested system to protect sensitive health information from potential attackers. In our suggested approach, both physicians and patients are required to be authenticated. Patients can register, and a block with a unique hash value will be generated. Once the patient discusses the disease with the physician, the physician can check the patient's condition and offer drugs. For experimental findings, we employ the public Block chain Ganache and solidity remix-based smart contracts to protect privacy. Ethers are used as the crypto currencies.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

Hongzhi Li,Dun Li,Wei Liang

DOI: https://doi.org/10.1007/s10586-024-04524-1

2024-05-30

Cluster Computing

Abstract:The application of healthcare systems has led to an explosive growth in personal electronic health records (EHRs). These EHRs are generated from different healthcare institutions and stored in cloud data centers, respectively. However, data owners lose the authority to control and track their private and sensitive EHRs. In fact, data owners cannot establish rules for EHRs exchanging and sharing, nor can they verify the integrity of EHRs stored in semi-trusted clouds. Hence, an individual-centric access control framework is required to realize data access control. In this study, we construct a data access control framework, which integrates decentralized smart contracts and role-based access control (RBAC) to provide fine-grained data access control services. The key ideas of this schme includes: (1) a fine-grained access control framework for EHRs is proposed to achieve trusted access control; (2) a personalized policies definition mechanism is adopted to achieve patient-centric data access control; (3) a integrity checking mechanism for the shared EHRs is implemented to ensure the availability of medical records. Finally, we analyze the security properties of this scheme and develop a prototype system to evaluate its performance. Both theoretical analysis and experiment results demonstrate that this scheme can provide fine-grained access control and efficient integrity checking services for EHRs.

computer science, information systems, theory & methods

Zhihui Lin,Prosanta Gope,Jianting Ning,Biplab Sikdar

DOI: https://doi.org/10.48550/arXiv.2207.05890

2022-07-13

Abstract:The transition from paper-based information to Electronic-Health-Records (EHRs) has driven various advancements in the modern healthcare-industry. In many cases, patients need to share their EHR with healthcare professionals. Given the sensitive and security-critical nature of EHRs, it is essential to consider the security and privacy issues of storing and sharing EHR. However, existing security solutions excessively encrypt the whole database, thus requiring the entire database to be decrypted for each access request, which is a time-consuming process. On the other hand, the use of EHR for medical research (e.g., development of precision-medicine, diagnostics-techniques), as well as optimisation of practices in healthcare organisations, requires the EHR to be analysed, and for that, they should be easily accessible without compromising the privacy of the patient. In this paper, we propose an efficient technique called E-Tenon that not only securely keeps all EHR publicly accessible but also provides the desirable security features. To the best of our knowledge, this is the first work in which an Open Database is used for protecting EHR. The proposed E-Tenon empowers patients to securely share their EHR under multi-level, fine-grained access policies defined by themselves. Analyses show that our system outperforms existing solutions in terms of computational-complexity.

Cryptography and Security,Databases

Faizal Khan,Omar Reyad

DOI: https://doi.org/10.18576/isl/080204

2020-04-03

Abstract:In recent years, availability and usage of extensive systems for Electronic Healthcare Record (EHR) is increased. In medical centers such hospitals and other laboratories, more health data sets were formed during the treatment process. In order to enhance the standard of the services provided in healthcare, these records where shared and can be used by various users depends on their requirements. As a result, notable issues in the security and privacy where obtained which should be monitored and removed in order to make the use of EHR more effectively. Various researches have been done in the past literature for improving the standards of the security and privacy in E-health systems. In spite of this, it is not completely enhanced. In this paper, a comprehensive analysis is done by selecting the existing approaches and models which were proposed for the security and privacy of the E-healthcare systems. Also, a novel Intelligent-based Access Control Security Model (IBAC) based on multi agents is proposed to maintain and support the security and privacy of E-healthcare systems. This system uses agents in order to maintain security and privacy while accessing the E-health data between the users.

Computers and Society,Cryptography and Security

Rakib Ul Haque,A.S.M. Touhidul Hasan,Apubra Daria,Abdur Rasool,Hui Chen,Qingshan Jiang,Yuqing Zhang

DOI: https://doi.org/10.1016/j.jnca.2023.103696

IF: 7.574

2023-08-01

Journal of Network and Computer Applications

Abstract:Patients often visit several hospitals to obtain medication, generating a significant volume of data. Moreover, hospitals use different data analytic techniques to improve healthcare services, leading to patient data privacy. However, no integrated architecture has a trustworthy data repository and secure communication protocols to store and share the data with various parties (e.g., hospitals and data analysts) for different healthcare services. This study proposes an innovative three-tier secure and distributed privacy-preserving healthcare architecture that addresses the aforementioned challenges. The first tier introduces a trustworthy data repository called custodian, where the data owner stores encrypted data and offer real-time privacy-preserving health monitoring service. The second tier provides Elliptic Curve Cryptography-based authentication for secure data exchange between the data owner and the hospital. The third tier utilizes smart contracts and local differential privacy ( L D P ) for secure machine learning model training. All transactions are recorded on the blockchain and managed by a smart contract. Security analysis shows that the proposed framework ensures privacy, security, and data integrity. Performance analysis is done based on score metrics, scalability metrics, and formal analysis. A transaction takes 0.00121 s in the first tier, and in the second tier, it takes 0.1267 s. The third tier uses ɛ − L D P with a privacy budget of ɛ = 3 on Random Forest and achieves 97%, 83%, and 74% accuracy on breast cancer, heart disease, and diabetic datasets. This accuracy is higher than the previous state-of-the-art methods. Moreover, the proposed healthcare framework ensures privacy, security and outperforms the previous state-of-the-art methods.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Rong Jiang,Shanshan Han,Mingyue Shi,Tilei Gao,Xusheng Zhao

DOI: https://doi.org/10.1155/2022/3086516

IF: 1.968

2022-03-15

Security and Communication Networks

Abstract:Edge computing is playing an increasingly important role in the field of health care. Edge computing provides high-quality personalized services to patients based on user and device data information. However, edge nodes will collect a large amount of sensitive patient information, and patients will also bear the risk of privacy disclosure while enjoying personalized services. How to reduce the risk of privacy disclosure while ensuring that patients enjoy personalized services brought by edge computing is the research content of this paper. In this paper, the work flow and management mode of Hospital Information System (HIS) are investigated on the spot, and the risk-adaptive access control model based on entropy is established. First, we use International Classification of Diseases, Tenth Revision (ICD-10) to mark the information resources accessed by users and use information entropy to measure the correlation “α” between medical information accessed by users and work tasks. Finally, we analyze the relationship between correlation “α” and risk through an example. The results show that users with high correlation α have low risk of access behavior, and users with low risk have high correlation α of access information resources and work goals. This discovery can help managers predict users’ access behavior in the Big Data environment, so as to dynamically formulate access control policies according to the actual access situation of users and then realize the privacy protection of medical big health data.

computer science, information systems,telecommunications