Liang Xiao,Paul Lewis,Srinandan Dasmahapatra

DOI: https://doi.org/10.1007/978-3-540-87698-4_16

2008-01-01

Abstract:Distributed decision support systems designed for healthcare use can benefit from services and information available across a decentralised environment. The sophisticated nature of collaboration among involved partners who contribute services or sensitive data in this paradigm, however, demands careful attention from the beginning of designing such systems. Apart from the traditional need of secure data transmission across clinical centres, a more important issue arises from the need of consensus for access to system-wide resources by separately managed user groups from each centre. A primary concern is the determination of interactive tasks that should be made available to authorised users, and further the clinical resources that can be populated into interactions in compliance with user clinical roles and policies. To this end, explicit interaction modelling is put forward along with the contextual constraints within interactions that together enforce secure access, the interaction participation being governed by system-wide policies and local resource access being governed by node-wide policies. Clinical security requirements are comprehensively analysed, prior to the design and building of our security model. The application of the approach results in a Multi-Agent System driven by secure interaction models. This is illustrated using a prototype of the HealthAgents system.

Liang Xiao,Javier Vicente,Carlos Saez,Andrew Peet,Alex Gibb,Paul Lewis,Srinandan Dasmahapatra,Madalina Croitoru,Horacio Gonzalez-Velez,Magi Lluch i Ariet,David Dupplaw

DOI: https://doi.org/10.1109/ares.2008.22

2008-01-01

Abstract:A distributed decision support system involving multiple clinical centres is crucial to the diagnosis of rare diseases. Although sharing of valid diagnosed cases can facilitate later decision making, possibly from geographically different centres, the released information could reveal patient privacy if it is not properly protected. Clinical centres may have to impose their distinct regulations and rules that govern the use of their data externally. The collaboration of centres, therefore, must respect the collective policies and ideally, serve users the most appropriate and useful resources possible in the system according to the past experience. In this way, the system’s value is entrusted and even elevated through continuous collaboration. We present in this paper a link-anonymised data scheme and in addition to that, a security model that together enforce privacy data security and secure resource access for distributed clinical centres. Our illustration of the approach involves a prototype medical decision support system, HealthAgents, for brain tumour diagnosis.

Yi-Fan Zhang,Ling Gou,Yu Tian,Tian-Chang Li,Mao Zhang,Jing-Song Li

DOI: https://doi.org/10.1007/s10916-016-0472-y

IF: 4.92

2016-01-01

Journal of Medical Systems

Abstract:Clinical decision support (CDS) systems provide clinicians and other health care stakeholders with patient-specific assessments or recommendations to aid in the clinical decision-making process. Despite their demonstrated potential for improving health care quality, the widespread availability of CDS systems has been limited mainly by the difficulty and cost of sharing CDS knowledge among heterogeneous healthcare information systems. The purpose of this study was to design and develop a sharable clinical decision support (S-CDS) system that meets this challenge. The fundamental knowledge base consists of independent and reusable knowledge modules (KMs) to meet core CDS needs, wherein each KM is semantically well defined based on the standard information model, terminologies, and representation formalisms. A semantic web service framework was developed to identify, access, and leverage these KMs across diverse CDS applications and care settings. The S-CDS system has been validated in two distinct client CDS applications. Model-level evaluation results confirmed coherent knowledge representation. Application-level evaluation results reached an overall accuracy of 98.66 % and a completeness of 96.98 %. The evaluation results demonstrated the technical feasibility and application prospect of our approach. Compared with other CDS engineering efforts, our approach facilitates system development and implementation and improves system maintainability, scalability and efficiency, which contribute to the widespread adoption of effective CDS within the healthcare domain.

Liang Xiao,Srinandan Dasmahapatra,Paul Lewis,Bo Hu,Andrew Peet,Alex Gibb,David Dupplaw,Madalina Croitoru,Francesc Estanyol,Juan Martinez-Miranda,Horacio Gonzalez-Velez,Magilluch I. Ariet

DOI: https://doi.org/10.1017/s0269888911000117

2011-01-01

Abstract:In this paper, we analyze the special security requirements for software support in health care and the HealthAgents system in particular. Our security solution consists of a link-anonymized data scheme, a secure data transportation service, a secure data sharing and collection service, and a more advanced access control mechanism. The novel security service architecture, as part of the integrated system architecture, provides a secure health-care infrastructure for HealthAgents and can be easily adapted for other health-care applications.

Liang Xiao,Bo Hu,Madalina Croitoru,Paul Lewis,Srinandan Dasmahapatra

DOI: https://doi.org/10.1016/j.cose.2009.08.002

IF: 5.105

2009-01-01

Computers & Security

Abstract:Realising the vision of pervasive healthcare will generate new challenges to system security. Such challenges are fundamentally different from issues and problems that we face in centralised approaches as well as non-clinical scenarios. In this paper, we reflect upon our experiences in the HealthAgents project wherein a prototype system was developed and a novel approach employed that supports data transfer and decision making in human brain tumour diagnosis and treatment. While the decision making needs to rely on different clinical expertise, the HealthAgents system leveraged a domain ontology to align different sub-domain vocabularies and we have experimented with a process calculus to glue together distributed services. We examine the capability of the Lightweight Coordination Calculus (LCC), a process calculus based language, in meeting security challenges in pervasive settings, especially in the healthcare domain. The key difference in approach lies in making the representational abstraction reflect the relative autonomy of the various clinical specialisms involved in contributing to patient management. The scope within LCC of accommodating Boolean-valued constraints allows for flexible integration of heterogeneous sources in multiple formats, which are characteristic features of a pervasive healthcare environment.

HL Hu,D Chen,CQ Huang

DOI: https://doi.org/10.1109/icsmc.2004.1401072

2004-01-01

Abstract:The idea of role has been widely applied to solving the authority, responsibility, function and interaction, which are associated with member station in organizations. Access control is a key security issue in distributed collaboration systems. After analyzing corresponding security requirements and the present status of security in distributed collaboration system, this paper presents an extensive role-based access control (ERBAC) architecture based on differentiated domain management. In this architecture, security management is classified into inter-domain one and infra-domain one, whilst, it can integrate new security policies. Based on definition of role permission type, the paper introduces a function of permission type change to make ERBAC architecture flexible. In addition, the authors discuss the methods by which the security can be implemented in an agent-based framework. The practices signify that this system can be flexibly applied various existing policy languages and protocols.

潘巨龙,李善平,吴震东,张道远

DOI: https://doi.org/10.3969/j.issn.1004-1699.2009.06.016

2009-01-01

Abstract:A design of secure community healthcare monitoring system based on wireless sensor networks is presented.To address the issues of system security and be resilient to diverse attacks,the system protects sensitive data from being attacked by using Elliptic Curve Cryptography and digital signature scheme in those resource-constrained sensor nodes.A secure architecture of community healthcare monitoring system is proposed.Experiment result shows that the system can resist some outer attacks(such as eavesdropping) and inner attacks.

Liang Xiao,Andrew Peet,Paul Lewis,Srinandan Dashmapatra,Carlos Saez,Madalina Croitoru,Javier Vicente,Horacio Gonzalez-Velez,Magi Lluch i Ariet

DOI: https://doi.org/10.1109/compsac.2007.55

2007-01-01

Abstract:We present in this paper an adaptive security model for Multi-agent systems. A security meta-model has been developed in which the traditional role concept has been extended. The new concept incorporates the need of both security management as used by role-based access control (RBAC) and agent functional behaviour in agent-oriented Software Engineering (AOSE). Our approach avoids, weaknesses of traditional RBAC approaches and provides a practically usable security model for Multi-agent Systems (MAS). A unified role interaction model framework has been put forward that incorporates not only functional requirements but also security constraints in MAS. A security policy rule scheme has been used to express security requirements in relation to affective roles. The major contribution of the work is that little redevelopment effort will be required when security is to be engineered into the overall MAS architecture, hence minimising the impact of the security requirements changes to the MAS architecture. We illustrate the approach through its potential application in a clinical trial setting involving a prototype medical decision support system, HealthAgents.

JS Wimalasiri,P Ray,CS Wilson

DOI: https://doi.org/10.1109/health.2004.1324458

2004-01-01

Abstract:The use of electronic health records (EHR) aim to improve the quality of healthcare by facilitating the exchange of patient information between healthcare providers. However, as disparate systems have varying techniques of representing and managing patient data, a multi-agent system (MAS) architecture was presented in a previous paper for consolidating this patient data. The architecture addresses the issues of interoperability, flexibility, and scalability through the use of multiple co-operating mobile agents that actively access, recognize and associate the various EHRs. The rapid adoption of EHRs has also prompted concerns about their security. An injudicious application of EHR systems introduces the type of security risks that plague current large scale network models. This paper continues the work presented in a paper by Wimalasiri et. al., by addressing the security and privacy needs of patients within a MAS to ensure that communication and co-operation within a distributed network of EHRs is not compromised.

Liang Xiao,John Fox,Hong Zhu

DOI: https://doi.org/10.1109/ecbs-eerc.2013.10

2013-01-01

Abstract:Patient care is becoming increasingly complex and multidisciplinary for many conditions, notably cancer and chronic diseases, in which a care team participates in and shares responsibility for the patient's care. Providing IT support for joint clinical decision making in an open and distributed environment raises some challenges that are worth our attention: 1) new clinical evidence and guidelines, published by healthcare authorities and subject to continuous revision, need to be shared and enacted by the care team, as automatically as possible, 2) clinical specialists, located in their own working environments, need to be able to group together wherever necessary, 3) decision points, distributed in the environment, need to refer consistently the same set of guidelines and unless these are well-coordinated across the care team, safe delivery of care will be hard to guarantee. In this paper we propose an open and adaptive agent architectural model to resolve these challenges. This is based on an Agent-oriented Model Driven Architecture and a decision support management model, which are integrated to support joint clinical decision-making.

Liang Xiao,Bo Hu,Lucy Hederman,Paul Lewis,Borislav D. Dimitrov,Tom Fahey

DOI: https://doi.org/10.1109/iti.2009.5196061

2009-01-01

Abstract:Patient records and their disease and treatment history can be scattered among healthcare providers. Sharing the knowledge effectively and, at the same time, respecting patient privacy is crucial in providing safe and accurate clinical decision support systems (CDSSs). In this paper we reflect upon our experience in the HealthAgents project wherein a prototype system was developed and a novel approach employed that supports data transfer and decision making in human brain tumour diagnosis. Here we examine the capability of the Lightweight Coordination Calculus (LCC), a process calculus-based language, in combining together distributed healthcare services and meeting security challenges in pervasive settings. The result is that various clinical specialisms, being captured in representational abstractions and making contribution to patient diagnosis and management, retain their autonomy. However, at the same time, the behaviour of specialists in sharing clinical knowledge about their patients and providing clinical support is constrained by policies and rules in respect of their own clinical duties and responsibilities. Being introduced into the programme of the HRB Centre for Primary Care Research, this novel approach has the potential to help the provision of optimal solutions in data linkage and sharing across the Primary and Secondary Care interface. As added value, its application also advances the process of integrating clinical prediction rules and implementing CDSSs in practice and, ultimately, the improvement of quality of care.

Faizal Khan,Omar Reyad

DOI: https://doi.org/10.18576/isl/080204

2020-04-03

Abstract:In recent years, availability and usage of extensive systems for Electronic Healthcare Record (EHR) is increased. In medical centers such hospitals and other laboratories, more health data sets were formed during the treatment process. In order to enhance the standard of the services provided in healthcare, these records where shared and can be used by various users depends on their requirements. As a result, notable issues in the security and privacy where obtained which should be monitored and removed in order to make the use of EHR more effectively. Various researches have been done in the past literature for improving the standards of the security and privacy in E-health systems. In spite of this, it is not completely enhanced. In this paper, a comprehensive analysis is done by selecting the existing approaches and models which were proposed for the security and privacy of the E-healthcare systems. Also, a novel Intelligent-based Access Control Security Model (IBAC) based on multi agents is proposed to maintain and support the security and privacy of E-healthcare systems. This system uses agents in order to maintain security and privacy while accessing the E-health data between the users.

Computers and Society,Cryptography and Security

JG Zhang,XM Chen,J Zhuang,JR Jiang,XY Zhang,DQ Wu,HK Huang

DOI: https://doi.org/10.1117/12.480651

2003-01-01

Abstract:In this paper, we presented a new security approach to provide security measures and features in both healthcare information systems (PACS, RIS/HIS), and electronic patient record (EPR). We introduced two security components, certificate authoring (CA) system and patient record digital signature management (DSPR) system, as well as electronic envelope technology, into the current hospital healthcare information infrastructure to provide security measures and functions such as confidential or privacy, authenticity, integrity, reliability, non-repudiation, and authentication for in-house healthcare information systems daily operating, and EPR exchanging among the hospitals or healthcare providers. CA component keeps the information of user personnel identification, accessing rights, and their administration levels, and the DSPR component manages the All the digital signatures of patient medical records signed through using an-symmetry key encryption technologies. The electronic envelopes used for EPR exchanging are created based on the information of signers, digital signatures, and identifications of patient records stored in CAS and DSMS, as well as the destinations and the remote users. The CAS and DSMS were developed and integrated into a RIS-integrated PACS, and the integration of these new security components is seamless and painless. The electronic envelopes designed for EPR were used successfully in multimedia data transmission.

Mohammed Ateeq Alanezi

DOI: https://doi.org/10.3991/ijoe.v17i11.25347

2021-11-15

International Journal of Online and Biomedical Engineering (iJOE)

Abstract:Privacy and security are crucial when it comes to the implementation of Electronic Healthcare Records (HER). Whenever a patient visits a doctor, their health records are updated since it consists of vital information on the patient's health and well-being. It also comprises of description about the previous and current treatment quality.Multi-Agent Systems can support E-Healthcare applications for improving quality of life. The availability and use of extensive systems for EHR has increased dramatically. The EHR technology currently available consists of health information of various patients which helps those people to monitor their health. These information should be protected from being altered or mishandled. Various studies have been conducted in the past literature to improve the protection and privacy requirements in E-health services. Despite this, it hasn't been entirely improved. This article proposes a Fuzzy based multi-agent system architecture that uses agents and fuzzy logic to monitor the flow and access of the EHR record using fuzzy logic and multi agents. Architecture comprises of multi agent and fuzzy systems are proposed. In this system, we have employed Action/ Computation (Interface) agent, communication interface agent and verification agent and Communication Module Agent. These agents collaboratively worked one another in order to obtain the desired output. These agent based e-health system can increase the accuracy of data transfer by providing additional security in selecting the user who handles the data. It also monitors the communication between different medical units in the health system.

JinMing Huang,Liang Xiao,Junyi Yang,Mo Cheng

DOI: https://doi.org/10.1109/ICCECE51280.2021.9342262

2021-01-01

Abstract:In a distributed Clinical Decision Support environment, a decision model is usually defined and coupled w WI a group if decision rules that together drive the decision support process. These can then be applied to patient-specific data to provide customised clinical adsices. 13ting useful and able to deliver improved clinical service, such systems are often closed and thus lead to the difficulties in keeping aligned with up-to-date hest evidences, interoperating wiih local Electronic Health Records (EHRs) systems, and ads king in multi-disciplinary decisions whereas disparate participants work towards the same decision goals. In this paper, a semantic-enabled agent-oriented distributed clinical decision model is proposed. Group decisions are modelled as goal trees, which can be managed altogether and later chosen, decomposed and distributed to appropriate decision participants. Individual decisions are modelled in the film of RM.-based argumentation rules, si hick can he universally. interpreted by a Rule Engine (RE) against the local EliRs. An Interactive Decision Interface Engine (IDIE) is developed to guide Incal decisions step by step and a Choreographer Agent (CA) syntheirzes decisions among a collaborathe group in a distributed environment. Ultimately, specialists can easily maintain decision know ledge in open and shared triple stores, and decision makers can liter undersiand and investigate decision recommendation rationale using knowledge graphs that are intimately integrated within their decision-making environment, We demonstrate the idea with a case study of triple assessment of breast cancer.

Mohini Bhardwaj,Nitin Pandey,Vinod Kumar Shukla,Ajay Vikram Singh,Neetu Gupta

DOI: https://doi.org/10.1109/icrito51393.2021.9596090

2021-09-03

Abstract:Health systems include diverse networking mechanisms and practitioners, who tend to communicate knowledge to deliver healthcare services. There are a number of various technical roles, ethics and security standards and regulatory structures within this sort of program. The knowledge that is handled within the program can not be obtained free of charge but may, on the contrary, be subject to very complex data privacy restrictions. This is particularly relevant for distributed networks, where remote transmission protection must be assured. The paper discusses crucial protection issues that have to be taken into consideration in the architecture of a mobile framework for health care. Home treatment requires structurally autonomous practitioners from multiple organizations (hospitals, social services, etc.), who tend to communicate with and residents in separate geographic locations their autonomous information systems.

Mohammadreza Begli,Farnaz Derakhshan

DOI: https://doi.org/10.48550/arXiv.2104.06498

2021-04-13

Cryptography and Security

Abstract:Since the number of elderly and patients who are in hospitals and healthcare centers are growing, providing efficient remote healthcare services seems very important. Currently, most such systems benefit from the distribution and autonomy features of multiagent systems and the structure of wireless sensor networks. On the one hand, securing the data of remote healthcare systems is one of the most significant concerns; particularly recent types of research about the security of remote healthcare systems keep them secure from eavesdropping and data modification. On the other hand, existing remote healthcare systems are still vulnerable against other common attacks of healthcare networks such as Denial of Service (DoS) and User to Root (U2R) attacks, because they are managed remotely and based on the Internet. Therefore, in this paper, we propose a secure framework for remote healthcare systems that consists of two phases. First, we design a healthcare system base on multiagent technology to collect data from a sensor network. Then, in the second phase, a layered architecture of intrusion detection systems that uses Support Vector Machine to learn the behavior of network traffic is applied. Based on our framework, we implement a secure remote healthcare system and evaluate this system against the frequent attacks of healthcare networks such as Smurf, Buffer overflow, Neptune, and Pod attacks. In the end, evaluation parameters of the layered architecture of intrusion detection systems prove the efficiency and correctness of our proposed framework.

YeHong Yao,Chenghao Zhang,Jianyong Sun,Jin Jin,Jianguo Zhang

DOI: https://doi.org/10.1117/12.709156

2007-01-01

Abstract:The EHR is a secure, real-time, point-of-care, patient-centric information resource for healthcare providers. Many countries and regional districts have set long-term goals to build EHRs, and most of EHRs are usually built based on the integration of different information systems with different information models and platforms. A number of hospitals in Shanghai are also piloting the development of an EHR solution based on IHE XDS/XDS-1 profiles with a service-oriented architecture (SOA). The first phase of the project targets the Diagnostic Imaging domain and allows seamless sharing of images and reports across the multiple hospitals. To develop EHRs for regional coordinated healthcare, some factors should be considered in designing architecture, one of which is security issue. In this paper, we present some approaches and policies to improve and strengthen the security among the different hospitals' nodes, which are compliant with the security requirements defined by IHE IT Infrastructure (ITI) Technical Framework. Our security solution includes four components: Time Sync System (TSS), Digital Signature Manage System (DSMS), Data Exchange Control Component (DECC) and Single Sign-On (SSO) System. We give a design method and implementation strategy of these security components, and then evaluate the performance and overheads of the security services or features by integrating the security components into an image-based EHR system.

Wang Yuanbing,Liu Wanrong,Li Bin

DOI: https://doi.org/10.1109/access.2021.3099299

IF: 3.9

2021-01-01

IEEE Access

Abstract:With the rapid development and evolution of wireless network technology, electronic health has shown great potential in continuously monitoring the health of patients. The wireless medical sensor network (WMSN) has played an important role in this field. In WMSN, medical sensors are placed on patients to collect relevant health data and transmitted to medical professionals in hospitals or at home through insecure channels. These health data need to be highly protected because they contain patient-related private information. Once the information is leaked or maliciously modified, it will cause the wrong diagnosis and endanger the health of patients. To protect information privacy and security from being stolen by illegal users, this article reviews the solutions of Farash et al. and further points out the existing vulnerabilities, such as privileged insider attack, user anonymity invalidation, and offline password guessing attack. In order to overcome these drawbacks, we use the Elliptic Curve Cryptography to propose an improved anonymous authentication protocol for a smart healthcare system. The security of our protocol is verified by Burrows-Abadi-Needham logic and Automated Validation of Internet Security Protocols and Applications (AVISPA) tools, and security features and efficiency analysis are performed with other related schemes. The results show that the improved protocol provides better security protection while ensuring computational and communication efficiency.

Debiao He,Neeraj Kumar,Huaqun Wang,Lina Wang,Kim-Kwang Raymond Choo,Alexey Vinel

DOI: https://doi.org/10.1109/tdsc.2016.2596286

2018-01-01

Abstract:With rapid developments of sensor, wireless and mobile communication technologies, Mobile Healthcare Social Networks (MHSNs) have emerged as a popular means of communication in healthcare services. Within MHSNs, patients can use their mobile devices to securely share their experiences, broaden their understanding of the illness or symptoms, form a supportive network, and transmit information (e.g., state of health and new symptoms) between users and other stake holders (e.g., medical center). Despite the benefits afforded by MHSNs, there are underlying security and privacy issues (e.g., due to the transmission of messages via a wireless channel). The handshake scheme is an important cryptographic mechanism, which can provide secure communication in MHSNs (e.g., anonymity and mutual authentication between users, such as patients). In this paper, we present a new framework for the handshake scheme in MHSNs, which is based on hierarchical identity-based cryptography. We then construct an efficient Cross-Domain HandShake (CDHS) scheme that allows symptoms-matching within MHSNs. For example, using the proposed CDHS scheme, two patients registered with different healthcare centers can achieve mutual authentication and generate a session key for future secure communications. We then prove the security of the scheme, and a comparative summary demonstrates that the proposed CDHS scheme requires fewer computation and lower communication costs. We also implement the proposed CDHS scheme and three related schemes in a proof of concept Android app to demonstrate utility of the scheme. Findings from the evaluations demonstrate that the proposed CDHS scheme achieves a reduction of 18.14 and 5.41 percent in computation cost and communication cost, in comparison to three other related handshake schemes.