Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Qian Wang,Zhiwei Xu,Shengzhi Qu

DOI: https://doi.org/10.4304/jsw.6.10.1945-1952

2011-01-01

Journal of Software

Abstract:k-anonymity is an important model in the field of privacy protection and it is an effective method to prevent privacy disclosure in micro-data release. However, it is ineffective for the attribute disclosure by the homogeneity attack. The existing models based on k-anonymity have solved this problem to a certain extent, but they did not distinguish the different values of the sensitive attribute, processed a series of unnecessary generalization and expanded the information loss when they protect the sensitive attribute. Based on k-anonymity, this paper proposed a model based on average leakage probability and probability difference of sensitive attribute value. It is not only an effective method to deal with the problem of attributes disclosure that k-anonymity cannot deal, but also to realize different levels of protection to the various sensitive attribute values. It has reduced the generalization to the data in the most possibility during the procedure and ensures the most effectiveness of quasi-identifier attributes. Greedy generalization algorithm based on the generalization information loss is also proposed in this paper. To choose the generalization attributes, the information loss is considered and the importance of generalization attribute to sensitive attribute is accounted as well. Comparison experiment and performance experiment are made to the proposed model. The experiment results show that the model is feasible.

Yan Zhu,Lin Peng

DOI: https://doi.org/10.1109/icsssm.2007.4280299

2007-01-01

Abstract:Today's globally networked society places great demand on sharing of information. Chinese Medical industry is undergoing a drastic Informationization process while privacy concerns arise. This paper discusses the threatening due to information share in medical industry, especially in a well-informatinized society. We first thoroughly describe the present situation of China Medical informatization level and explain the necessity of cross-organizational information share. The specific problem called linking attack is illustrated. We also formulated a corresponding anonymity model and exemplified the Generalization and Suppression techniques it utilizes to preserve privacy. Then we give an overview of present research areas and classical algorithms. Next, more detailed attacking conditions and the characteristic of medical information are taking into consideration. We formulated a Modified Entropy 1-diversity model which was an extension of the basic k-anonymity. Finally, we look forward to possible future researches.

Khan,Ali,Khan

DOI: https://doi.org/10.3390/math11051197

IF: 2.4

2023-03-01

Mathematics

Abstract:Internet of Things (IoT) devices have drawn significant attention over the last few years due to their significant contribution to every domain of life, but the major application of these devices has been witnessed in the healthcare sector. IoT devices have changed the complexion of healthcare set-up, however, the major limitation of such devices is susceptibility to many cyberattacks due to the use of embedded operating systems, the nature of communication, insufficient software updates, and the nature of backend resources. Similarly, they transfer a huge amount of sensitive data via sensors and actuators. Therefore, the security of Internet of Health Things (IoHT) devices remains a prime concern as these devices are prone to various cyberattacks, which can lead to compromising and violating the security of IoT devices. Therefore, IoT devices need to be authenticated before they join the network or communicate within a network, and the applied method of authentication must be robust and reliable. This authentication method has to be evaluated before being implemented for the authentication of IoT devices/equipment in a healthcare environment. In this study, an evaluation framework is introduced to provide a reliable and secure authentication mechanism based on authentication features. The proposed framework evaluates and selects the most appropriate authentication scheme/method based on evaluating authentication features using a hybrid multicriteria decision-making approach. It completes this in two steps: in the first step, the analytic hierarchy process (AHP) method is applied for assigning criteria weights; and in the second step, the technique for order preference by similarity to ideal solution (TOPSIS) approach selects the best authentication solution for IoHT devices based upon identified authentication features. This is the first attempt to present a features-based authentication model for selecting the improved authentication solution employed in IoHT devices.

mathematics

Shakir Khan,Nabamita Deb,Nashwan Adnan Othman,V. Saravanan,Gnanaprakasam C. N,T. Jaya Lakshmi

DOI: https://doi.org/10.1155/2022/9985933

IF: 3.12

2022-03-24

Computational Intelligence and Neuroscience

Abstract:With the rapid development of mobile medical care, medical institutions also have the hidden danger of privacy leakage while sharing personal medical data. Based on the k-anonymity and l-diversity supervised models, it is proposed to use the classified personalized entropy l-diversity privacy protection model to protect user privacy in a fine-grained manner. By distinguishing solid and weak sensitive attribute values, the constraints on sensitive attributes are improved, and the sensitive information is reduced for the leakage probability of vital information to achieve the safety of medical data sharing. This research offers a customized information entropy l-diversity model and performs experiments to tackle the issues that the information entropy l-diversity model does not discriminate between strong and weak sensitive features. Data analysis and experimental results show that this method can minimize execution time while improving data accuracy and service quality, which is more effective than existing solutions. The limits of solid and weak on sensitive qualities are enhanced, sensitive data are reduced, and the chance of crucial data leakage is lowered, all of which contribute to the security of healthcare data exchange. This research offers a customized information entropy l-diversity model and performs experiments to tackle the issues that the information entropy l-diversity model does not discriminate between strong and weak sensitive features. The scope of this research is that this paper enhances data accuracy while minimizing the algorithm’s execution time.

mathematical & computational biology,neurosciences

Zhang Wenhua,Mohammad Kamrul Hasan,Norleyza Binti Jailani,Shayla Islam,Nurhizam Safie,Hussain Mobarak Albarakati,Abeer Aljohani,Muhammad Attique Khan

DOI: https://doi.org/10.1016/j.chb.2024.108134

IF: 9.9

2024-01-04

Computers in Human Behavior

Abstract:Telehealth, a cornerstone of Healthcare 4.0 has widespread adoption owing to its convenience and efficiency. However, the secure transmission of patient records over the Internet and Cloud services remains a paramount concern. This study endeavors to design an enhanced security model that guarantees the privacy and confidentiality of patient electronic health records in telehealth applications. The proposed model employs a lightweight encryption algorithm to generate an access token that strictly regulates data access exclusively to the patient's department. Leveraging the patient's unique ID for encryption and decryption processes, the model ensures the secure handling of sensitive information. Robust data privacy measures are implemented through a random key generator utilizing the patient's ECG signal for secure key generation. Test results underscore the efficacy of the proposed security model in limiting access to patient-related data within the designated department. Furthermore, the model employs an efficient encryption algorithm, resulting in a 0.2% increase in generation rate compared to previous models, while reducing CPU usage by 23.16%. These enhancements significantly bolster the reliability and efficiency of the security model, providing robust safeguards for patient electronic health records' privacy and confidentiality during transmission across diverse telehealth applications. This study makes a substantial contribution to healthcare by addressing critical concerns surrounding patient privacy and confidentiality. The designed security model stands poised for seamless integration into various telehealth applications, offering a steadfast solution for data privacy and confidentiality concerns.

psychology, multidisciplinary, experimental

Aitizaz Ali,Bander Ali Saleh Al-rimy,Faisal S. Alsubaei,Abdulwahab Ali Almazroi,Abdulaleem Ali Almazroi

DOI: https://doi.org/10.3390/s23156762

IF: 3.9

2023-07-29

Sensors

Abstract:The swift advancement of the Internet of Things (IoT), coupled with the growing application of healthcare software in this area, has given rise to significant worries about the protection and confidentiality of critical health data. To address these challenges, blockchain technology has emerged as a promising solution, providing decentralized and immutable data storage and transparent transaction records. However, traditional blockchain systems still face limitations in terms of preserving data privacy. This paper proposes a novel approach to enhancing privacy preservation in IoT-based healthcare applications using homomorphic encryption techniques combined with blockchain technology. Homomorphic encryption facilitates the performance of calculations on encrypted data without requiring decryption, thus safeguarding the data's privacy throughout the computational process. The encrypted data can be processed and analyzed by authorized parties without revealing the actual contents, thereby protecting patient privacy. Furthermore, our approach incorporates smart contracts within the blockchain network to enforce access control and to define data-sharing policies. These smart contracts provide fine-grained permission settings, which ensure that only authorized entities can access and utilize the encrypted data. These settings protect the data from being viewed by unauthorized parties. In addition, our system generates an audit record of all data transactions, which improves both accountability and transparency. We have provided a comparative evaluation with the standard models, taking into account factors such as communication expense, transaction volume, and security. The findings of our experiments suggest that our strategy protects the confidentiality of the data while at the same time enabling effective data processing and analysis. In conclusion, the combination of homomorphic encryption and blockchain technology presents a solution that is both resilient and protective of users' privacy for healthcare applications integrated with IoT. This strategy offers a safe and open setting for the management and exchange of sensitive patient medical data, while simultaneously preserving the confidentiality of the patients involved.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Chun-Ta Li,Tsu-Yang Wu,Chin-Ling Chen,Cheng-Chi Lee,Chien-Ming Chen

DOI: https://doi.org/10.3390/s17071482

2017-06-23

Abstract:In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients' physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu-Chung's scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP.

Sagar Sharma,Keke Chen,Amit Sheth

DOI: https://doi.org/10.1109/MIC.2018.112102519

2018-04-12

Abstract:Modern healthcare systems now rely on advanced computing methods and technologies, such as Internet of Things (IoT) devices and clouds, to collect and analyze personal health data at an unprecedented scale and depth. Patients, doctors, healthcare providers, and researchers depend on analytical models derived from such data sources to remotely monitor patients, early-diagnose diseases, and find personalized treatments and medications. However, without appropriate privacy protection, conducting data analytics becomes a source of a privacy nightmare. In this article, we present the research challenges in developing practical privacy-preserving analytics in healthcare information systems. The study is based on kHealth - a personalized digital healthcare information system that is being developed and tested for disease monitoring. We analyze the data and analytic requirements for the involved parties, identify the privacy assets, analyze existing privacy substrates, and discuss the potential tradeoff among privacy, efficiency, and model quality.

Computers and Society,Cryptography and Security

Ramesh Kuppusamy,Anbarasan Murugesan

DOI: https://doi.org/10.3233/THC-231895

Abstract:Background: In recent times, there has been widespread deployment of Internet of Things (IoT) applications, particularly in the healthcare sector, where computations involving user-specific data are carried out on cloud servers. However, the network nodes in IoT healthcare are vulnerable to an increased level of security threats. Objective: This paper introduces a secure Electronic Health Record (EHR) framework with a focus on IoT. Methods: Initially, the IoT sensor nodes are designated as registered patients and undergo initialization. Subsequently, a trust evaluation is conducted, and the clustering of trusted nodes is achieved through the application of Tasmanian Devil Optimization (STD-TDO) utilizing the Student's T-Distribution. Utilizing the Transposition Cipher-Squared random number generator-based-Elliptic Curve Cryptography (TCS-ECC), the clustered nodes encrypt four types of sensed patient data. The resulting encrypted data undergoes hashing and is subsequently added to the blockchain. This configuration functions as a network, actively monitored to detect any external attacks. To accomplish this, a feature reputation score is calculated for the network's features. This score is then input into the Swish Beta activated-Recurrent Neural Network (SB-RNN) model to classify potential attacks. The latest transactions on the blockchain are scrutinized using the Neutrosophic Vague Set Fuzzy (NVS-Fu) algorithm to identify any double-spending attacks on non-compromised nodes. Finally, genuine nodes are granted permission to decrypt medical records. Results: In the experimental analysis, the performance of the proposed methods was compared to existing models. The results demonstrated that the suggested approach significantly increased the security level to 98%, reduced attack detection time to 1300 ms, and maximized accuracy to 98%. Furthermore, a comprehensive comparative analysis affirmed the reliability of the proposed model across all metrics. Conclusion: The proposed healthcare framework's efficiency is proved by the experimental evaluation.

Amjad Rehman,Tanzila Saba,Khalid Haseeb,Souad Larabi Marie-Sainte,Jaime Lloret

DOI: https://doi.org/10.3390/en14196414

IF: 3.2

2021-10-07

Energies

Abstract:Internet of Things (IoT) is a developing technology for supporting heterogeneous physical objects into smart things and improving the individuals living using wireless communication systems. Recently, many smart healthcare systems are based on the Internet of Medical Things (IoMT) to collect and analyze the data for infectious diseases, i.e., body fever, flu, COVID-19, shortness of breath, etc. with the least operation cost. However, the most important research challenges in such applications are storing the medical data on a secured cloud and make the disease diagnosis system more energy efficient. Additionally, the rapid explosion of IoMT technology has involved many cyber-criminals and continuous attempts to compromise medical devices with information loss and generating bogus certificates. Thus, the increase in modern technologies for healthcare applications based on IoMT, securing health data, and offering trusted communication against intruders is gaining much research attention. Therefore, this study aims to propose an energy-efficient IoT e-health model using artificial intelligence with homomorphic secret sharing, which aims to increase the maintainability of disease diagnosis systems and support trustworthy communication with the integration of the medical cloud. The proposed model is analyzed and proved its significance against relevant systems.

energy & fuels

Fasee Ullah,Izhar Ullah,Atif Khan,M Irfan Uddin,Hashem Alyami,Wael Alosaimi

DOI: https://doi.org/10.1155/2020/8824907

2020-11-28

Abstract:There is a need to develop an effective data preservation scheme with minimal information loss when the patient's data are shared in public interest for different research activities. Prior studies have devised different approaches for data preservation in healthcare domains; however, there is still room for improvement in the design of an elegant data preservation approach. With that motivation behind, this study has proposed a medical healthcare-IoTs-based infrastructure with restricted access. The infrastructure comprises two algorithms. The first algorithm protects the sensitivity information of a patient with quantifying minimum information loss during the anonymization process. The algorithm has also designed the access polices comprising the public access, doctor access, and the nurse access, to access the sensitivity information of a patient based on the clustering concept. The second suggested algorithm is K-anonymity privacy preservation based on local coding, which is based on cell suppression. This algorithm utilizes a mapping method to classify the data into different regions in such a manner that the data of the same group are placed in the same region. The benefit of using local coding is to restrict third-party users, such as doctors and nurses, when trying to insert incorrect values in order to access real patient data. Efficiency of the proposed algorithm is evaluated against the state-of-the-art algorithm by performing extensive simulations. Simulation results demonstrate benefits of the proposed algorithms in terms of efficient cluster formation in minimum time, minimum information loss, and execution time for data dissemination.

J. Andrew,R. Jennifer Eunice,J. Karthikeyan

DOI: https://doi.org/10.3389/fpubh.2023.1125011

IF: 5.2

2023-03-04

Frontiers in Public Health

Abstract:Digital health data collection is vital for healthcare and medical research. But it contains sensitive information about patients, which makes it challenging. To collect health data without privacy breaches, it must be secured between the data owner and the collector. Existing data collection research studies have too stringent assumptions such as using a third-party anonymizer or a private channel amid the data owner and the collector. These studies are more susceptible to privacy attacks due to third-party involvement, which makes them less applicable for privacy-preserving healthcare data collection. This article proposes a novel privacy-preserving data collection protocol that anonymizes healthcare data without using a third-party anonymizer or a private channel for data transmission. A clustering-based k -anonymity model was adopted to efficiently prevent identity disclosure attacks, and the communication between the data owner and the collector is restricted to some elected representatives of each equivalent group of data owners. We also identified a privacy attack, known as "leader collusion", in which the elected representatives may collaborate to violate an individual's privacy. We propose solutions for such collisions and sensitive attribute protection. A greedy heuristic method is devised to efficiently handle the data owners who join or depart the anonymization process dynamically. Furthermore, we present the potential privacy attacks on the proposed protocol and theoretical analysis. Extensive experiments are conducted in real-world datasets, and the results suggest that our solution outperforms the state-of-the-art techniques in terms of privacy protection and computational complexity.

public, environmental & occupational health

Ashutosh Kumar Singh,Rishabh Gupta

DOI: https://doi.org/10.1007/s11042-021-11751-w

IF: 2.577

2022-04-18

Multimedia Tools and Applications

Abstract:A large amount of data and applications need to be shared with various parties and stakeholders in the cloud environment for storage, computation, and data utilization. Since a third party operates the cloud platform, owners cannot fully trust this environment. However, it has become a challenge to ensure privacy preservation when sharing data effectively among different parties. This paper proposes a novel model that partitions data into sensitive and non-sensitive parts, injects the noise into sensitive data, and performs classification tasks using k-anonymization, differential privacy, and machine learning approaches. It allows multiple owners to share their data in the cloud environment for various purposes. The model specifies communication protocol among involved multiple untrusted parties to process owners’ data. The proposed model preserves actual data by providing a robust mechanism. The experiments are performed over Heart Disease, Arrhythmia, Hepatitis, Indian-liver-patient, and Framingham datasets for Support Vector Machine, K-Nearest Neighbor, Random Forest, Naive Bayes, and Artificial Neural Network classifiers to compute the efficiency in terms of accuracy, precision, recall, and F1-score of the proposed model. The achieved results provide high accuracy, precision, recall, and F1-score up to 93.75%, 94.11%, 100%, and 87.99% and improvement up to 16%, 29%, 12%, and 11%, respectively, compared to previous works.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Xueyan Liu,Xiaotao Yang,Yukun Luo,Qiang Zhang

DOI: https://doi.org/10.1109/jiot.2021.3056116

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:The development of the Internet of Things (IoT) has given birth to new applications and services. Accordingly, because the IoT application system collects a large amount of data containing sensitive information, there are also new challenges in data security and privacy preservation. To locate the medical IoT (mIoT), this article proposes a multikeyword searchable encryption scheme based on attributes supporting the data privacy preservation and integrity verification of the electronic health files stored on the IoT cloud platform on the basis of ensuring the application business functions of mIoT: 1) to ensure data confidentiality and fine-grained search authorization, the attribute-based encryption mechanism is introduced to encrypt the symmetric key. Moreover, anonymous key generation tampers semitrusted center authority’s (CA) decryption of all ciphertexts of users and access policy is hidden to prevent access policy from leaking; 2) the convergence key is adopted to encrypt electronic health records (EHRs), thereby providing double verification of the correctness of the search results and partial decryption results; 3) a time-division mechanism is also established to provide the access validity of shared EHRs; and 4) fixed length ciphertext and outsourcing decryption mechanisms are used to reduce the calculation on the user side, in which the majority of the decryption calculations are done by the cloud server. Formal proofs and performance evaluation show that the proposed scheme can achieve data security, keyword security, integrity verification, hidden policy, and collusion resistance, and has high computational efficiency and search efficiency.

computer science, information systems,telecommunications,engineering, electrical & electronic

Hang Xu,Chingfang Hsu,Lein Harn,Janqun Cui,Zhuo Zhao,Ze Zhang

DOI: https://doi.org/10.1109/tsc.2023.3257569

IF: 11.019

2023-01-01

IEEE Transactions on Services Computing

Abstract:With the increasing popularity and wide application of the Internet, the users (such as managers and data consumers) in the Industrial Internet of Things (IIoT) can remotely analyze and control real-time data collected by various smart sensor devices. However, there are many security and privacy issues in the process of transmitting collected data through public channels in IIoT environment. In order to against the illegal access by opponents, a novel anonymous user authentication and key agreement scheme based on hash and elliptic curve encryption is proposed in this paper, which not only uses a pseudonym tuple database in control nodes to realize the functions of user dynamic joining and anonymity protection, but also resists key loss and device capture attacks through fuzzy biometric extraction technology. In addition, the formal secure analysis of the proposed scheme is carried out using the BAN logic model and ROR model, which proves the security of the proposed scheme. Meanwhile, we also prove the scheme can against the described existing attacks and meet the design goals by a detailed informal security discussion. Compared with the latest similar IIoT authentication proposals, our solution has a very obvious advantage in communication efficiency and realizes more functions. Hence, our scheme is more suitable for the IIoT environment, and can also generate greater benefits.

computer science, information systems, software engineering

Kevser Şahinbaş,Ferhat Ozgur Catak

DOI: https://doi.org/10.48550/arXiv.2109.14334

2021-09-29

Cryptography and Security

Abstract:Recently, many innovations have been experienced in healthcare by rapidly growing Internet-of-Things (IoT) technology that provides significant developments and facilities in the health sector and improves daily human life. The IoT bridges people, information technology and speed up shopping. For these reasons, IoT technology has started to be used on a large scale. Thanks to the use of IoT technology in health services, chronic disease monitoring, health monitoring, rapid intervention, early diagnosis and treatment, etc. facilitates the delivery of health services. However, the data transferred to the digital environment pose a threat of privacy leakage. Unauthorized persons have used them, and there have been malicious attacks on the health and privacy of individuals. In this study, it is aimed to propose a model to handle the privacy problems based on federated learning. Besides, we apply secure multi party computation. Our proposed model presents an extensive privacy and data analysis and achieve high performance.

Junqi Guo,Minghui Yang,Boxin Wan

DOI: https://doi.org/10.3390/sym13061043

2021-06-09

Symmetry

Abstract:With the rapid development of the Internet of Things (IoT), wearable devices have become ubiquitous and interconnected in daily lives. Because wearable devices collect, transmit, and monitor humans’ physiological signals, data privacy should be a concern, as well as fully protected, throughout the whole process. However, the existing privacy protection methods are insufficient. In this paper, we propose a practical privacy-preserving mechanism for physiological signals collected by intelligent wearable devices. In the data acquisition and transmission stage, we employed existing asymmetry encryption-based methods. In the data publishing stage, we proposed a new model based on the combination and optimization of k-anonymity and differential privacy. An entropy-based personalized k-anonymity algorithm is proposed to improve the performance on processing the static and long-term data. Moreover, we use the symmetry of differential privacy and propose the temporal differential privacy mechanism for real-time data to suppress the privacy leakage while updating data. It is proved theoretically that the combination of the two algorithms is reasonable. Finally, we use smart bracelets as an example to verify the performance of our mechanism. The experiment results show that personalized k-anonymity improves up to 6.25% in terms of security index compared with traditional k-anonymity, and the grouping results are more centralized. Moreover, temporal differential privacy effectively reduces the amount of information exposed, which protects the privacy of IoT-based users.

Stylianos Karagiannis,Christoforos Ntantogian,Emmanouil Magkos,Aggeliki Tsohou,Luís Landeiro Ribeiro

DOI: https://doi.org/10.1007/s10207-024-00838-8

2024-03-28

International Journal of Information Security

Abstract:In modern healthcare systems, data sources are highly integrated, and the privacy challenges are becoming a paramount concern. Despite the critical importance of privacy preservation in safeguarding sensitive and private information across various domains, there is a notable deficiency of learning and training material for privacy preservation. In this research, we present a k-anonymity algorithm explicitly for educational purposes. The development of the k-anonymity algorithm is complemented by seven validation tests, that have also been used as a basis for constructing five learning scenarios on privacy preservation. The outcomes of this research provide a practical understanding of a well-known privacy preservation technique and extends the familiarity of k-anonymity and the fundamental concepts of privacy protection to a broader audience.

computer science, information systems, theory & methods, software engineering

Abdullah Alabdulatif,Navod Neranjan Thilakarathne,Kassim Kalinaki

DOI: https://doi.org/10.3390/electronics12122646

IF: 2.9

2023-06-13

Electronics

Abstract:In the context of healthcare, big data refers to a complex compilation of digital medical data collected from many sources that are difficult to manage with normal technology and software due to its size and complexity. These big data are useful in various aspects of healthcare, such as disease diagnosis, early prevention of diseases, and predicting epidemics. Even though medical big data has many advantages and a lot of potential for revolutionizing healthcare, it also has a lot of drawbacks and problems, of which security and privacy are of the utmost concern, owing to the severity of the complications once the medical data is compromised. On the other hand, it is evident that existing security and privacy safeguards in healthcare organizations are insufficient to protect their massive, big data repositories and ubiquitous environment. Thus, motivated by the synthesizing of the current knowledge pertaining to the security and privacy of medical big data, including the countermeasures, in the study, firstly, we provide a comprehensive review of the security and privacy of medical big data, including countermeasures. Secondly, we propose a novel cloud-enabled hybrid access control framework for securing the medical big data in healthcare organizations, and the result of this research indicates that the proposed access control model can withstand most cyber-attacks, and it is also proven that the proposed framework can be utilized as a primary base to build secure and safe medical big data solutions. Thus, we believe this research would be useful for future researchers to comprehend the knowledge on the security and privacy of medical big data and the development of countermeasures.

engineering, electrical & electronic,computer science, information systems,physics, applied