Visible to the public Biblio

Filters: Keyword is hospitals  [Clear All Filters]
2021-07-07
Karmakar, Kallol Krishna, Varadharajan, Vijay, Tupakula, Uday, Nepal, Surya, Thapa, Chandra.  2020.  Towards a Security Enhanced Virtualised Network Infrastructure for Internet of Medical Things (IoMT). 2020 6th IEEE Conference on Network Softwarization (NetSoft). :257–261.
Internet of Medical Things (IoMT) are getting popular in the smart healthcare domain. These devices are resource-constrained and are vulnerable to attack. As the IoMTs are connected to the healthcare network infrastructure, it becomes the primary target of the adversary due to weak security and privacy measures. In this regard, this paper proposes a security architecture for smart healthcare network infrastructures. The architecture uses various security components or services that are developed and deployed as virtual network functions. This makes the security architecture ready for future network frameworks such as OpenMANO. Besides, in this security architecture, only authenticated and trusted IoMTs serve the patients along with an encryption-based communication protocol, thus creating a secure, privacy-preserving and trusted healthcare network infrastructure.
2021-04-27
Syafalni, I., Fadhli, H., Utami, W., Dharma, G. S. A., Mulyawan, R., Sutisna, N., Adiono, T..  2020.  Cloud Security Implementation using Homomorphic Encryption. 2020 IEEE International Conference on Communication, Networks and Satellite (Comnetsat). :341—345.

With the advancement of computing and communication technologies, data transmission in the internet are getting bigger and faster. However, it is necessary to secure the data to prevent fraud and criminal over the internet. Furthermore, most of the data related to statistics requires to be analyzed securely such as weather data, health data, financial and other services. This paper presents an implementation of cloud security using homomorphic encryption for data analytic in the cloud. We apply the homomorphic encryption that allows the data to be processed without being decrypted. Experimental results show that, for the polynomial degree 26, 28, and 210, the total executions are 2.2 ms, 4.4 ms, 25 ms per data, respectively. The implementation is useful for big data security such as for environment, financial and hospital data analytics.

2021-04-08
Dinh, N., Tran, M., Park, Y., Kim, Y..  2020.  An Information-centric NFV-based System Implementation for Disaster Management Services. 2020 International Conference on Information Networking (ICOIN). :807–810.
When disasters occur, they not only affect the human life. Therefore, communication in disaster management is very important. During the disaster recovery phase, the network infrastructure may be partially fragmented and mobile rescue operations may involve many teams with different roles which can dynamically change. Therefore, disaster management services require high flexibility both in terms of network infrastructure management and rescue group communication. Existing studies have shown that IP-based or traditional telephony solutions are not well-suited to deal with such flexible group communication and network management due to their connection-oriented communication, no built-in support for mobile devices, and no mechanism for network fragmentation. Recent studies show that information-centric networking offers scalable and flexible communication based on its name-based interest-oriented communication approach. However, considering the difficulty of deploying a new service on the existing network, the programmability and virtualization of the network are required. This paper presents our implementation of an information-centric disaster management system based on network function virtualization (vICSNF). We show a proof-of-concept system with a case study for Seoul disaster management services. The system achieves flexibility both in terms of network infrastructure management and rescue group communication. Obtained testbed results show that vICSNF achieves a low communication overhead compared to the IP-based approach and the auto-configuration of vICSNFs enables the quick deployment for disaster management services in disaster scenarios.
2021-01-18
Pattanayak, S., Ludwig, S. A..  2019.  Improving Data Privacy Using Fuzzy Logic and Autoencoder Neural Network. 2019 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE). :1–6.
Data privacy is a very important problem to address while sharing data among multiple organizations and has become very crucial in the health sectors since multiple organizations such as hospitals are storing data of patients in the form of Electronic Health Records. Stored data is used with other organizations or research analysts to improve the health care of patients. However, the data records contain sensitive information such as age, sex, and date of birth of the patients. Revealing sensitive data can cause a privacy breach of the individuals. This has triggered research that has led to many different privacy preserving techniques being introduced. Thus, we designed a technique that not only encrypts / hides the sensitive information but also sends the data to different organizations securely. To encrypt sensitive data we use different fuzzy logic membership functions. We then use an autoencoder neural network to send the modified data. The output data of the autoencoder can then be used by different organizations for research analysis.
2020-12-01
Geiskkovitch, D. Y., Thiessen, R., Young, J. E., Glenwright, M. R..  2019.  What? That's Not a Chair!: How Robot Informational Errors Affect Children's Trust Towards Robots 2019 14th ACM/IEEE International Conference on Human-Robot Interaction (HRI). :48—56.

Robots that interact with children are becoming more common in places such as child care and hospital environments. While such robots may mistakenly provide nonsensical information, or have mechanical malfunctions, we know little of how these robot errors are perceived by children, and how they impact trust. This is particularly important when robots provide children with information or instructions, such as in education or health care. Drawing inspiration from established psychology literature investigating how children trust entities who teach or provide them with information (informants), we designed and conducted an experiment to examine how robot errors affect how young children (3-5 years old) trust robots. Our results suggest that children utilize their understanding of people to develop their perceptions of robots, and use this to determine how to interact with robots. Specifically, we found that children developed their trust model of a robot based on the robot's previous errors, similar to how they would for a person. We however failed to replicate other prior findings with robots. Our results provide insight into how children as young as 3 years old might perceive robot errors and develop trust.

2020-11-23
Sutton, A., Samavi, R., Doyle, T. E., Koff, D..  2018.  Digitized Trust in Human-in-the-Loop Health Research. 2018 16th Annual Conference on Privacy, Security and Trust (PST). :1–10.
In this paper, we propose an architecture that utilizes blockchain technology for enabling verifiable trust in collaborative health research environments. The architecture supports the human-in-the-loop paradigm for health research by establishing trust between participants, including human researchers and AI systems, by making all data transformations transparent and verifiable by all participants. We define the trustworthiness of the system and provide an analysis of the architecture in terms of trust requirements. We then evaluate our architecture by analyzing its resiliency to common security threats and through an experimental realization.
2020-11-04
Rajamäki, J., Nevmerzhitskaya, J., Virág, C..  2018.  Cybersecurity education and training in hospitals: Proactive resilience educational framework (Prosilience EF). 2018 IEEE Global Engineering Education Conference (EDUCON). :2042—2046.

Healthcare is a vital component of every nation's critical infrastructure, yet it is one of the most vulnerable sector for cyber-attacks. To enforce the knowledge on information security processes and data protection procedures, educational and training schemes should be establishedfor information technology (IT) staff working in healthcare settings. However, only training IT staff is not enough, as many of cybersecurity threats are caused by human errors or lack of awareness. Current awareness and training schemes are often implemented in silos, concentrating on one aspect of cybersecurity at a time. Proactive Resilience Educational Framework (Prosilience EF) provides a holistic cyber resilience and security framework for developing and delivering a multilateral educational and training scheme based on a proactive approach to cybersecurity. The framework is built on the principle that education and training must be interactive, guided, meaningful and directly relevant to the user' operational environment. The framework addresses capacity mapping, cyber resilience level measuring, utilizing available and mapping missing resources, adaptive learning technologies and dynamic content delivery. Prosilience EF launches an iterative process of awareness and training development with relevant stakeholders (end users - hospitals, healthcare authorities, cybersecurity training providers, industry members), evaluating the framework via joint exercises/workshops andfurther developing the framework.

2020-10-06
Ibrahim, Romani Farid.  2019.  Mobile Transaction Processing for a Distributed War Environment. 2019 14th International Conference on Computer Science Education (ICCSE). :856—862.

The battlefield environment differs from the natural environment in terms of irregular communications and the possibility of destroying communication and medical units by enemy forces. Information that can be collected in a war environment by soldiers is important information and must reach top-level commanders in time for timely decisions making. Also, ambulance staff in the battlefield need to enter the data of injured soldiers after the first aid, so that the information is available for the field hospital staff to prepare the needs for incoming injured soldiers.In this research, we propose two transaction techniques to handle these issues and use different concurrency control protocols, depending on the nature of the transaction and not a one concurrency control protocol for all types of transactions. Message transaction technique is used to collect valuable data from the battlefield by soldiers and allows top-level commanders to view it according to their permissions by logging into the system, to help them make timely decisions. In addition, use the capabilities of DBMS tools to organize data and generate reports, as well as for future analysis. Medical service unit transactional workflow technique is used to provides medical information to the medical authorities about the injured soldiers and their status, which helps them to prepare the required needs before the wounded soldiers arrive at the hospitals. Both techniques handle the disconnection problem during transaction processing.In our approach, the transaction consists of four phases, reading, editing, validation, and writing phases, and its processing is based on the optimistic concurrency control protocol, and the rules of actionability that describe how a transaction behaves if a value-change is occurred on one or more of its attributes during its processing time by other transactions.

2020-08-17
Myint, Phyo Wah Wah, Hlaing, Swe Zin, Htoon, Ei Chaw.  2019.  Policy-based Revolutionary Ciphertext-policy Attributes-based Encryption. 2019 International Conference on Advanced Information Technologies (ICAIT). :227–232.
Ciphertext-policy Attributes-based Encryption (CP-ABE) is an encouraging cryptographic mechanism. It behaves an access control mechanism for data security. A ciphertext and secret key of user are dependent upon attributes. As a nature of CP-ABE, the data owner defines access policy before encrypting plaintext by his right. Therefore, CP-ABE is suitable in a real environment. In CP-ABE, the revocation issue is demanding since each attribute is shared by many users. A policy-based revolutionary CP-ABE scheme is proposed in this paper. In the proposed scheme, revocation takes place in policy level because a policy consists of threshold attributes and each policy is identified as a unique identity number. Policy revocation means that the data owner updates his policy identity number for ciphertext whenever any attribute is changed in his policy. To be a flexible updating policy control, four types of updating policy levels are identified for the data owner. Authorized user gets a secret key from a trusted authority (TA). TA updates the secret key according to the policy updating level done by the data owner. This paper tests personal health records (PHRs) and analyzes execution times among conventional CP-ABE, other enhanced CP-ABE and the proposed scheme.
2020-04-13
Avianto, Hana, Ogi, Dion.  2019.  Design of Electronic Medical Record Security Policy in Hospital Management Information System (SIMRS) in XYZ Hospital. 2019 2nd International Conference on Applied Information Technology and Innovation (ICAITI). :163–167.
Electronic Medical Record (EMR) is a medical record management system. EMR contains personal data of patients that is critical. The critical nature of medical records is the reason for the necessity to develop security policies as guidelines for EMR in SIMRS in XZY Hospital. In this study, analysis and risk assessment conducted to EMR management at SIMRS in XZY Hospital. Based on this study, the security of SIMRS in XZY Hospital is categorized as high. Security and Privacy Control mapping based on NIST SP800-53 rev 5 obtained 57 security controls related to privacy aspects as control options to protect EMR in SIMRS in XZY Hospital. The policy designing was done using The Triangle framework for Policy Analysis. The analysis obtained from the policy decisions of the head of XYZ Hospital. The contents of the security policy are provisions on the implementation of security policies of EMR, outlined of 17 controls were selected.
2020-03-18
Padmashree, M G, Khanum, Shahela, Arunalatha, J S, Venugopal, K R.  2019.  SIRLC: Secure Information Retrieval using Lightweight Cryptography in HIoT. TENCON 2019 - 2019 IEEE Region 10 Conference (TENCON). :269–273.

Advances in new Communication and Information innovations has led to a new paradigm known as Internet of Things (IoT). Healthcare environment uses IoT technologies for Patients care which can be used in various medical applications. Patient information is encrypted consistently to maintain the access of therapeutic records by authoritative entities. Healthcare Internet of Things (HIoT) facilitate the access of Patient files immediately in emergency situations. In the proposed system, the Patient directly provides the Key to the Doctor in normal care access. In Emergency care, a Patient shares an Attribute based Key with a set of Emergency Supporting Representatives (ESRs) and access permission to the Doctor for utilizing Emergency key from ESR. The Doctor decrypts the medical records by using Attribute based key and Emergency key to save the Patient's life. The proposed model Secure Information Retrieval using Lightweight Cryptography (SIRLC) reduces the secret key generation time and cipher text size. The performance evaluation indicates that SIRLC is a better option to utilize in Healthcare IoT than Lightweight Break-glass Access Control(LiBAC) with enhanced security and reduced computational complexity.

2020-03-16
Hasavari, Shirin, Song, Yeong Tae.  2019.  A Secure and Scalable Data Source for Emergency Medical Care using Blockchain Technology. 2019 IEEE 17th International Conference on Software Engineering Research, Management and Applications (SERA). :71–75.
Emergency medical services universally get regarded as the essential part of the health care delivery system [1]. A relationship exists between the emergency patient death rate and factors such as the failure to access a patient's critical data and the time it takes to arrive at hospitals. Nearly thirty million Americans do not live within an hour of trauma care, so this poor access to trauma centers links to higher pre-hospital death rates in more than half of the United States [2]. So, we need to address the problem. In a patient care-cycle, loads of medical data items are born in different healthcare settings using a disparate system of records during patient visits. The ability for medical care providers to access a patient's complete picture of emergency-relevant medical data is critical and can significantly reduce the annual mortality rate. Today, the problem exists with a continuous recording system of the patient data between healthcare providers. In this paper, we've introduced a combination of secure file transfer methods/tools and blockchain technology as a solution to record patient Emergency relevant medical data as patient walk through from one clinic/medical facility to another, creating a continuous footprint of patient as a secure and scalable data source. So, ambulance crews can access and use it to provide high quality pre-hospital care. All concerns of medical record sharing and accessing like authentication, privacy, security, scalability and audibility, confidentiality has been considered in this approach.
2020-03-02
Yoshikawa, Takashi, Date, Susumu, Watashiba, Yasuhiro, Matsui, Yuki, Nozaki, Kazunori, Murakami, Shinya, Lee, Chonho, Hida, Masami, Shimojo, Shinji.  2019.  Secure Staging System for Highly Confidential Data Built on Reconfigurable Computing Platform. 2019 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). :308–313.
Cloud use for High Performance Computing (HPC) and High Performance Data Analytics (HPDA) is increasing. The data are transferred to the cloud and usually left there even after the data being processed. There is security concern for such data being left online. We propose secure staging system to prepare not only data but also computing platform for processing the data dynamically just while the data is processed. The data plane of the secure staging system has dynamic reconfigurability with several lower-than-IP-layer partitioning mechanisms. The control plane consists of a scheduler and a resource provisioner working together to reconfigure the partitioning in the data plane dynamically. A field trial system is deployed for treating secure data in dental school to be processed in the computer center with the location distance of 1km. The system shows high score in the Common Vulnerability Scoring System (CVSS) evaluation.
2020-02-17
Alsumayt, Albandari, Albawardy, Norah, Aldossary, Wejdan, Alghamdi, Ebtehal, Aljammaz, Aljawhra.  2019.  Improve the security over the wireless sensor networks in medical sector. 2019 2nd International Conference on Computer Applications Information Security (ICCAIS). :1–4.
Nowadays with the huge technological development, the reliance on technology has become enormous. Wireless Sensor Networks (WSN) is an example of using the Internet and communication between the patient and the hospital. Easy use of such networks helps to increase the quality of communication between patient and hospital. With the development of technology increased risk in use. Any change in this data between the patient and the hospital may cause false data that may harm the patient. In this paper, a secure protocol is designed to ensure the confidentiality, integrity, and availability of data transfer between the hospital and the patient, depending on the AES and RC4 algorithms.
2019-11-25
Pham, Dinh-Lam, Ahn, Hyun, Kim, Kwanghoon.  2019.  A Temporal Work Transference Event Log Trace Classification Algorithm and Its Experimental Analysis. 2019 21st International Conference on Advanced Communication Technology (ICACT). :692–696.

In the field of process mining, a lot of information about what happened inside the information system has been exploited and has yielded significant results. However, information related to the relationship between performers and performers is only utilized and evaluated in certain aspects. In this paper, we propose an algorithm to classify the temporal work transference from workflow enactment event log. This result may be used to reduce system memory, increase the computation speed. Furthermore, it can be used as one of the factors to evaluate the performer, active role of resources in the information system.

2019-11-11
Kunihiro, Noboru, Lu, Wen-jie, Nishide, Takashi, Sakuma, Jun.  2018.  Outsourced Private Function Evaluation with Privacy Policy Enforcement. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :412–423.
We propose a novel framework for outsourced private function evaluation with privacy policy enforcement (OPFE-PPE). Suppose an evaluator evaluates a function with private data contributed by a data contributor, and a client obtains the result of the evaluation. OPFE-PPE enables a data contributor to enforce two different kinds of privacy policies to the process of function evaluation: evaluator policy and client policy. An evaluator policy restricts entities that can conduct function evaluation with the data. A client policy restricts entities that can obtain the result of function evaluation. We demonstrate our construction with three applications: personalized medication, genetic epidemiology, and prediction by machine learning. Experimental results show that the overhead caused by enforcing the two privacy policies is less than 10% compared to function evaluation by homomorphic encryption without any privacy policy enforcement.
2017-12-12
Rezaeibagha, F., Mu, Y..  2017.  Access Control Policy Combination from Similarity Analysis for Secure Privacy-Preserved EHR Systems. 2017 IEEE Trustcom/BigDataSE/ICESS. :386–393.

In distributed systems, there is often a need to combine the heterogeneous access control policies to offer more comprehensive services to users in the local or national level. A large scale healthcare system is usually distributed in a computer network and might require sophisticated access control policies to protect the system. Therefore, the need for integrating the electronic healthcare systems might be important to provide a comprehensive care for patients while preserving patients' privacy and data security. However, there are major impediments in healthcare systems concerning not well-defined and flexible access control policy implementations, hindering the progress towards secure integrated systems. In this paper, we introduce an access control policy combination framework for EHR systems that preserves patients' privacy and ensures data security. We achieve our goal through an access control mechanism which handles multiple access control policies through a similarity analysis phase. In that phase, we evaluate different XACML policies to decide whether or not a policy combination is applicable. We have provided a case study to show the applicability of our proposed approach based on XACML. Our study results can be applied to the electronic health record (EHR) access control policy, which fosters interoperability and scalability among healthcare providers while preserving patients' privacy and data security. 

2015-04-30
Ben Othman, S., Trad, A., Youssef, H..  2014.  Security architecture for at-home medical care using Wireless Sensor Network. Wireless Communications and Mobile Computing Conference (IWCMC), 2014 International. :304-309.

Distributed wireless sensor network technologies have become one of the major research areas in healthcare industries due to rapid maturity in improving the quality of life. Medical Wireless Sensor Network (MWSN) via continuous monitoring of vital health parameters over a long period of time can enable physicians to make more accurate diagnosis and provide better treatment. The MWSNs provide the options for flexibilities and cost saving to patients and healthcare industries. Medical data sensors on patients produce an increasingly large volume of increasingly diverse real-time data. The transmission of this data through hospital wireless networks becomes a crucial problem, because the health information of an individual is highly sensitive. It must be kept private and secure. In this paper, we propose a security model to protect the transfer of medical data in hospitals using MWSNs. We propose Compressed Sensing + Encryption as a strategy to achieve low-energy secure data transmission in sensor networks.