Zhou Tian-shu,Li Peng-fei,Li Jing-song

DOI: https://doi.org/10.2991/ccis-13.2013.56

2013-01-01

Abstract:Since the health information exchange (HIE) becomes more and more important and numerous systems have been implemented among medical institutions and regions, there also grows the concern of data security and privacy protection. In the prior work, we have designed and developed an international clinical data exchange system named Global Dolphin, technically achieving the goal of health information exchange between China and Japan. However, to put the system into practical use, we have to take the different privacy protection rules into account. In the clinical data exchange implementation, we tried to conform to the stricter privacy protection standards and designed a protected health information (PHI) de-identification system to keep the personal information secure from third parties. Since China and Japan do not yet have detailed rules and guidelines such as the safe harbor method in Health Insurance Portability and Accountability Act (HIPAA), thus we have referenced some of the HIPAA rules and guidelines about PHI, and used a dictionary and regular expressions pattern matching de-identification means to protect personal privacy.

Tian-shu ZHOU,Xing-hua ZHU,Jing-song LI

DOI: https://doi.org/10.3969/j.issn.1673-7571.2015.06.025

2015-01-01

Abstract:To meet the demand of big data sharing and communication in regional medical systems in a secure manner, we designed and developed a security system within HIE-oriented EMR, including identity authentication, privilege management, access log, and data encryption modules. The establish and deployment of the system could prevent access from the illegal users, keep EMR system accessibility while controllability, record the modification traces and make it undeniability, protect the medical data from intercepted by intruders, keep the data confidentiality from none stakeholders, and finally construct a complete security system in EMR.

Yang Li,Li Guo,Chao Wu,Chun-Hsiang Lee,Yike Guo

DOI: https://doi.org/10.1109/BHI.2014.6864344

2014-01-01

Abstract:Recent developments of modern technologies such as cloud computing, wearable sensor devices and big data have significantly impacted people's daily lives, and offer real potential for an Internet-wide, people-centric ecosystem. These advances in technology will considerably extend human capabilities in acquiring, consuming and sharing personal health information. A future in which we are all equipped with devices and sensors that passively collect data and interpret our health and activity status is not far away. The key challenge that we will be facing is how to effectively manage and use that big data. In this paper, we propose a cloud-based platform for health sensor data management, named Wiki-Health, which will provide a potential solution for storing, tagging, retrieving, analysing, comparing and searching health sensor data.

Mengjun Xie,Umit Topaloglu,Thomas Powell,Chao Peng,Jiang Bian

DOI: https://doi.org/10.1109/bibm.2013.6732600

2013-01-01

Abstract:Secure and convenient user identity management is particularly important to the success of EMR, EHR, and PHR systems. Unfortunately, widely-used identity management mechanisms that solely rely on username/password are inadequate to meet the strong security and privacy requirements for protecting sensitive user information and medical data. Two-factor authentication approaches that are more convenient and user friendly than existing solutions have been given top priority in the healthcare sector where the majority of healthcare practitioners and patients are not tech-savvy. In this paper, we present a smartphone-based identity management framework-SIM-to enhance the security and usability of user identity management in healthcare information systems. SIM leverages the popularity and computational power of smartphone. Within the SIM framework, a person employs a smartphone to centrally store and manage her identity credentials and authenticates herself to healthcare applications using two-factor authentication without typing any identity credentials. Moreover, SIM provides patients with a patient-controlled authorization mechanism to help patients manage the accesses to their PHRs in a secure and convenient manner. Using an existing EMR system-Arkansas Trauma Image Repository-as an example, we demonstrate that SIM can be applied to a real-world healthcare information system to enhance its protection of user credentials and sensitive information.

Jian Jiang,Haixin Duan,Tao Lin,Fenglin Qin,Hong Zhang

DOI: https://doi.org/10.1109/chinacom.2011.6158260

2011-01-01

Abstract:Federated identity management (FIM) is an effective technology that allows multiple organizations to share resources with each other. Proposed FIM solutions have faced deployment and maintenance barriers caused by lack of effective trust management mechanism. In this paper, we present a FIM system with a centralized trust management component named TSP. TSP can automatically establish trust relationship between federation parties in runtime with inexpensive overhead. We also propose a new interaction mode, indirect authentication exchange, to unify network access authentication with application level Single Sign-On (SSO) as an integrated one-step authentication. With the features of centralized trust management and indirect authentication exchange, FIM system can be more easily and flexibly deployed and maintained. We have implemented a prototype to demonstrate the feasibility of proposed features.

Junqiao Fan,Xuehe Wang,Yanxiang Guo,Xiping Hu,Bin Hu

DOI: https://doi.org/10.1109/mwc.008.00475

IF: 12.777

2022-06-22

IEEE Wireless Communications

Abstract:With the outbreak of COVID-19, people are experiencing increasing physical and mental health issues. Therefore, personal daily healthcare and monitoring become vital for our physical and mental well being. As a combination of the Internet of Things (IoT) and healthcare services, the Internet of Medical Things (IoMT) has emerged to provide intelligent medical services. However, privacy and security concerns have deterred its wide adoption. In this article, we propose a Federated Learning Driven IoMT (FLDIoMT) framework, which aims to support flexible deployment of IoMT services and address the privacy and security issues at the same time. Also, a systematic workflow of IoMT services is proposed to show an efficient data processing and analysis scheme for specific medical applications. Moreover, we demonstrate the feasibility of the proposed FLDIoMT framework by implementing a novel sleep monitoring system called iSmile.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Fei Liu,Jing Wang,Hongtao Bai,Huiping Sun

DOI: https://doi.org/10.1109/ITNG.2015.34

2015-01-01

Abstract:As cloud computing technology develops rapidly, more convenience has been brought to users by various cloud providers with various cloud services. However, difficulty of management, especially when different access control protocols and personal information involved, has become one of barriers that inhibit the development process of cloud technology. In this paper, a user-centered ID MaaS (Identity Management as a Service) is proposed combined with a novel access control model based on trust and risk evaluation. Besides, a format-preserving encryption (FPE) method is proposed as an auxiliary scheme guaranteeing the effectiveness of access control. ID MaaS offers a solution that effectively alleviates the difficulty of realizing unified management of users' identity and information among diverse cloud service providers.

Jingsha He,Ran Zhang

DOI: https://doi.org/10.1007/978-3-540-31849-1_87

2005-01-01

Abstract:In this paper, we propose a framework for identity management in a distributed environment. In addition to achieving convenience, which is the primary objective for identity management in most related work, we believe that user privacy and controlled information disclosure are equally important. Therefore, we look beyond the so-called single-sign-on (SSO) suitable mainly for a federated environment [2] because the requirement that a trust relationship be established between network applications and services so that a central authority can act on behalf of the applications and services in identity management and access authorization is not practical in the Internet where distributed control and management is the mainstream. We show how convenience can be achieved without the requirement for such a central authority in our framework. We also show how multiple identities can be managed for users to access network applications and services and how users can control the disclosure of identity information and hence ensure their privacy. Consequently, the framework can serve as the foundation for the development of the next generation of network identity management systems that are both practical and flexible.

Heng Pan,Yaoyao Zhang,Xueming Si,Zhongyuan Yao,Liang Zhao

DOI: https://doi.org/10.3390/sym14122479

2022-01-01

Symmetry

Abstract:The Internet of Things (IoT) and cloud technologies have significantly facilitated healthcare. In such a context, medical data are collected by the terminals from the patients, manipulated, and stored on the cloud by hospitals (doctors). This brings asymmetry problems in medical data access control, processing, and storage between doctors and patients, which results in medical data sharing face many challenges such as privacy leakage and malicious feedback from cloud servers on queries. To solve these asymmetry problems, this paper proposes a medical data sharing scheme with cloud-chain cooperation and policy fusion in the IoT. Regarding asymmetrical access control rights, a conflict resolution and fusion algorithm that enables co-authorization of medical data by the doctor and the patient is introduced. To balance the symmetry of medical data storage and processing, a cloud-chain cooperation ciphertext retrieval method is proposed by means of two-stage joint searching from cloud servers and the blockchain, which can not only detect malicious medical data feedback from cloud servers, but also improve the data search efficiency. The security analysis showed that this scheme satisfies the confidentiality and verifiability of the retrieved information, and the feasibility of the proposed scheme was demonstrated through experiments.

Yawen Xing,Huizhe Lu,Lifei Zhao,Shihua Cao

DOI: https://doi.org/10.1007/s11036-024-02299-8

2024-09-10

Mobile Networks and Applications

Abstract:Mobile Medical information systems MMIS or mHealth applications support personal health and potentially improve the health sector by offering a solution to significant problems faced by the healthcare system. While espousing these Mobile Medical Information Systems, sequestration and security issues arise. Due to advanced computing and different capabilities, data security and confidentiality come major enterprises with continuously expanding mHealth operations. European Union General Data Protection (GDPR) and California Consumer Sequestration Act (CCPA) raise mindfulness; still, they need to address developing a system that meets sequestration and security conditions. This paper deals with research literature to understand current privacy and security issues and possible solutions for patients and providers using mHealth applications. This is the reason for several threats, such as information harvesting, tracking patients, relaying attacks, and denial of service attacks, which affect the confidentiality and integrity of these devices. We discussed the challenges and risks associated with Mobile Medical information systems and emphasized the need to address these concerns for widespread adoption. Mitigation strategies include robust security measures, regulatory compliance, and user awareness. We discussed the impact of privacy and security issues on healthcare, including potential harm to patients and disruptions in system functioning, reviewing laws, conducting a literature review, and assessing mHealth system applications. We emphasize the need for comprehensive security measures and continuous evaluation of security practices in mHealth, which need to be addressed to achieve quality, continuity, and portability of health services. We offer a critical and methodical assessment of the state of the art in mHealth security and privacy and suggest a methodology for creating and executing MMIS that is safe and protects privacy.

computer science, information systems,telecommunications, hardware & architecture

Bin Han,Yueting Chai,Yi Liu

DOI: https://doi.org/10.1007/978-3-642-27287-5_76

2012-01-01

Abstract:Internet identity management (IIDM), which is a core issue of network security, has drawn close attention from governments and IT experts all over the world. This article makes a worldwide review on the development status of IIDM at first. Then a new definition of trusted IIDM is brought forward. As a realization of the concept, we represent a creative design of IIDM mode, as well as a technique solution of online information system introducing biometrics. Our study is innovative and valuable on the research and application of IIDM.

Leonardo Horn Iwaya,Aakash Ahmad,M. Ali Babar

DOI: https://doi.org/10.1109/ACCESS.2020.3015962

2020-06-22

Abstract:An increased adoption of mobile health (mHealth) and ubiquitous health (uHealth) systems empower users with handheld devices and embedded sensors for a broad range of healthcare services. However, m/uHealth systems face significant challenges related to data security and privacy that must be addressed to increase the pervasiveness of such systems. This study aims to systematically identify, classify, compare, and evaluate state-of-the-art on security and privacy of m/uHealth systems. We conducted a systematic mapping study (SMS) based on 365 qualitatively selected studies to (i) classify the types, frequency, and demography of published research and (ii) synthesize and categorize research themes, (iii) recurring challenges, (iv) prominent solutions (i.e., research outcomes) and their (v) reported evaluations (i.e., practical validations). Results suggest that the existing research on security and privacy of m/uHealth systems primarily focuses on select group of control families (compliant with NIST800-53), protection of systems and information, access control, authentication, individual participation, and privacy authorisation. In contrast, areas of data governance, security and privacy policies, and program management are under-represented, although these are critical to most of the organizations that employ m/uHealth systems. Most research proposes new solutions with limited validation, reflecting a lack of evaluation of security and privacy of m/uHealth in the real world. Empirical research, development, and validation of m/uHealth security and privacy is still incipient, which may discourage practitioners from readily adopting solutions from the literature. This SMS facilitates knowledge transfer, enabling researchers and practitioners to engineer security and privacy for emerging and next generation of m/uHealth systems.

Cryptography and Security,Computers and Society

Ming Sheng,Yong Zhang,Jigang Yang,Chao Li,Chunxiao Xing

DOI: https://doi.org/10.1109/wisa.2015.26

2015-01-01

Abstract:This paper proposes a mobile smart health service platform - Fihuo based on the analysis of big data. Fihuo can present the long-term health-related data and ambient data to users, which are collected through wearable devices, smartphone applications and background big data processing mechanism. Fihuo can analyze and compare the health-related data, moreover provide the on-line browsing and monitoring of the health-related data. We have developed the wearable devices such as pedometer, wristband and other related smartphone applications.

Ana González Bermúdez,David Carramiñana,Ana M Bernardos,Luca Bergesio,Juan A Besada

DOI: https://doi.org/10.1016/j.compbiomed.2024.108344

Abstract:Mobile Health (mHealth) services typically make use of customized software architectures, leading to development-dependent fragmentation. Nevertheless, irrespective of their specific purpose, most mHealth services share common functionalities, where standard pieces could be reused or adapted to expedite service deployment and even extend the follow-up of appearing conditions under the same service. To harness compatibility and reuse, this article presents a data fusion architecture proposing a common design framework for mHealth services. An exhaustive mapping of mHealth functionalities identified in the literature serves as starting point. The architecture is then conceptualized making use of the Joint Directors of Laboratories (JDL) data fusion model. The aim of the architecture is to exploit the multi-source data acquisition capabilities supported by smartphones and Internet of Things devices, and artificial intelligence-enabled feature fusion. A series of interconnected fusion layers ensure streamlined data management; each layer is composed of microservices which may be implemented or omitted depending on the specific goals of the healthcare service. Moreover, the architecture considers essential features related to authentication mechanisms, data sharing protocols, practitioner-patient communication, context-based notifications and tailored visualization interfaces. The effectiveness of the architecture is underscored by its instantiation for four real cases, encompassing risk assessment for youth with mental health issues, remote monitoring for SARS-CoV-2 patients, liquid intake control for kidney disease patients, and peritoneal dialysis treatment support. This breadth of applications exemplifies how the architecture can effectively serve as a guidance framework to accelerate the design of mHealth services.

Zina Houhamdi,Belkacem Athamena

DOI: https://doi.org/10.34028/iajit/17/4a/9

2020-07-31

The International Arab Journal of Information Technology

Abstract:Henceforth, users agreed on the necessity of continuous Internet connection independently of the place, the manner, and the time. Nowadays, several elite services are accessible by people over the Internet of Things (IoT), which is a heterogeneous network defined by machine-to-machine communication. Despite the fact that the devices are used to establish the communication, the users can be considered as the actual producers of input data and consumers of the output data. Consequently, the users should be viewed as a smart object in IoT; therefore, user identification, authentication, authorization are required. However, the user identification process is too complicated because the users are worried to share their confidential and private data. on the other hand, this private data should be used by some of their devices. Accordingly, an equitable mechanism to identify users and manage their identities is necessary. In addition, the user plays an extreme important role in the establishment of rules needed for identity identification and in ensuring the continuity of receptive services.The main purpose of this paper is to develop a new framework for Identity Management System (IdMS) for IoT. The primary contributions of this paper are: the proposition of a device recognition algorithm for user identification, the proposition of a new format for the identifier, and a theoretical framework for IdMS

LIU Ji-quan,SHI Hong-fei,LV Xu-dong

DOI: https://doi.org/10.3969/j.issn.1673-7571.2008.11.003

2008-01-01

Abstract:In order to reduce the coupling between each clinical information system and medical data center as well as among clinical information systems,and realize the cross-hospital and cross-regional medical information sharing,it gives an open middleware of medical information service.Based on Web Service,this middleware provides the access service of medical data information and medical business information with a set of standardized interfaces,and meanwhile,it is adopted with the multi-dimensional security access control strategy,the security authentication strategy based on PKI structure,and data filtering of server as well as mark-reservation.Therefore,it has openness and strong security.

Linke Guo,Chi Zhang,Jinyuan Sun,Yuguang Fang

DOI: https://doi.org/10.1109/TMC.2013.84

IF: 6.075

2013-01-01

IEEE Transactions on Mobile Computing

Abstract:Electronic healthcare (eHealth) systems have replaced paper-based medical systems due to the attractive features such as universal accessibility, high accuracy, and low cost. As a major component of eHealth systems, mobile healthcare (mHealth) applies mobile devices, such as smartphones and tablets, to enable patient-to-physician and patient-to-patient communications for better healthcare and quality of life (QoL). Unfortunately, patients' concerns on potential leakage of personal health records (PHRs) is the biggest stumbling block. In current eHealth/mHealth networks, patients' medical records are usually associated with a set of attributes like existing symptoms and undergoing treatments based on the information collected from portable devices. To guarantee the authenticity of those attributes, PHRs should be verifiable. However, due to the linkability between identities and PHRs, existing mHealth systems fail to preserve patient identity privacy while providing medical services. To solve this problem, we propose a decentralized system that leverages users' verifiable attributes to authenticate each other while preserving attribute and identity privacy. Moreover, we design authentication strategies with progressive privacy requirements in different interactions among participating entities. Finally, we have thoroughly evaluated the security and computational overheads for our proposed schemes via extensive simulations and experiments.

Ju Chen,Yi Liu,Yueting Chai

DOI: https://doi.org/10.1109/icebe.2015.67

2015-01-01

Abstract:The Internet of Things (IoT) has been developing rapidly in the past few years. In IoT, an enormous number of smart devices are connected to the network, where communication and interaction occurs extensively among end users, smart devices and Internet services. Due to the great diversity of devices, broader scope of interactions and other characteristics of IoT, current IdM model for Internet needs to be extended and improved. The objective of this article is to analyze the main features of IoT and key issues of the IdM for IoT, and then present an IdM framework for IoT, which consists of three parts: the standard information model, user-centric architecture and multi-channel authentication.

Samia El Haddouti,Mohamed Dafir Ech-Cherif El Kettani

DOI: https://doi.org/10.48550/arXiv.1902.11184

2019-03-01

Abstract:The development of services and the growing demand for resources sharing among users from different organizations with some level of affinity have motivated the creation of Identity Management Systems. Identity Management has gained significant attention in recent years in the form of several projects producing many standards, prototypes and application models both in the academia and the industry. However, the interoperability between different Identity Management Solutions is still a complex challenge yet to achieve. The user can only use one Identity Provider within a single Service Provider session, when in many scenarios the user needs to provide attributes from multiple Identity Providers. This paper presents the state of the art of our researches and it focuses on two main topics: first, to provide a detailed study about the Identity Management and the integrated disciplines and technologies in general; secondly, to summarize the main approaches that have been proposed to overcome the interoperability challenge.

Cryptography and Security

Boyi Xu,Lida Xu,Hongming Cai,Lihong Jiang,Yang Luo,Yizhi Gu

DOI: https://doi.org/10.1080/17517575.2015.1053416

2017-01-01

Enterprise Information Systems

Abstract:Compared to traditional medical services provided within hospitals, m-Health monitoring systems (MHMSs) face more challenges in personalised health data processing. To achieve personalised and high-quality health monitoring by means of new technologies, such as mobile network and cloud computing, in this paper, a framework of an m-Health monitoring system based on a cloud computing platform (Cloud-MHMS) is designed to implement pervasive health monitoring. Furthermore, the modules of the framework, which are Cloud Storage and Multiple Tenants Access Control Layer, Healthcare Data Annotation Layer, and Healthcare Data Analysis Layer, are discussed. In the data storage layer, a multiple tenant access method is designed to protect patient privacy. In the data annotation layer, linked open data are adopted to augment health data interoperability semantically. In the data analysis layer, the process mining algorithm and similarity calculating method are implemented to support personalised treatment plan selection. These three modules cooperate to implement the core functions in the process of health monitoring, which are data storage, data processing, and data analysis. Finally, we study the application of our architecture in the monitoring of antimicrobial drug usage to demonstrate the usability of our method in personal healthcare analysis.