Article

Research issues for privacy and security of electronic health services

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

With the prevalence of information and communication technologies, Electronic Health Services (EHS) are commonly used by patients, doctors, and other healthcare professionals to decrease healthcare costs and provide efficient healthcare processes. However, using EHS increases the concerns regarding security, privacy, and integrity of healthcare data. Several solutions have been proposed to address these issues in EHS. In this survey, we categorize and evaluate state-of-the-art electronic health system research based on their architecture, as well as services including access control, emergency access, sharing, searching, and anonymity methods by considering their cryptographic approaches. Our survey differs from previous EHS related surveys in being method-based such that the proposed services are classified based on their methods and compared with other solutions. We provide performance comparisons and state commonly used methods for each category. We also identify relevant open problems and provide future research directions. http://www.sciencedirect.com/science/article/pii/S0167739X16302667

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... The Healthcare industry alone has recently begun to emphasis more on the implementations allowed by blockchain [15]- [20]. ...
... The Fuzzy-TOPSIS approach is assigned global weights of different specified factors generated through fuzzy-ANP as inputs towards generating priority rank for every alternative. The performance result with the help of fuzzy-ANP-TOPSIS has been checked by implementing these equations (15)- (20) as follows: with the help of equations (1)-(9) and equation (15). The Equation (16) has been used for that purpose, and a hierarchical decision-matrix was constructed. ...
... After that the distance for each choice value from both the FPIS as well as FNIS is calculated applying through Equations (18) and (19) and can be seen in Table 8-9 under the column called D+I and D-I. Subsequently, the output value of each criterion has been determined through implementing Equation (20). Alternatives rating are achieved on the account of the measured success score that has also been showed in Table 10. ...
Article
Full-text available
Blockchain technology is among the most significant developments and revolutionary innovations of the Information Technology industry. It corners a crucial space in the present digital era and has already made significant differences in human life. Moreover, it is anticipated that the Blockchain technology will improvise the existing IT facilities in the next several years in many domains. Recent technological developments are allowing for a major advancement in Healthcare sectors. Information security and accessibility are critical considerations for the integration and communication with Electronic Healthcare Record (EHR) systems when sharing private medical information. In this context, selecting the most effective blockchain model for secure and trustworthy EHRs in the healthcare sector requires an accurate mechanism for evaluating the impact of different available blockchain models for its features. The present study uses a scientifically proven approach for evaluating the impact of blockchain technology and provides a novel idea and path to the future researchers. This research analysis garnered the feedback of 56 domain experts in the healthcare management for assessing the impact of different blockchain models. To eliminate the ambiguities that arose due to multiple opinions of these experts and for the externalization and organization of information about the selection context of the blockchain model, the study used a decision model. Fuzzy Analytic Analytical Network Process (F-ANP) method was used to calculate the weights of the criteria as well as the Fuzzy-Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) technique was used to evaluate the effect of alternative solutions. Further, the results obtained through this empirical investigation will be an instrumental reference for choosing the most appropriate Blockchain model for maintaining breach-free EHRs.
... Application of blockchain in healthcare has been more recent [21,22], and, as discussed earlier, trust in sharing sensitive healthcare information among several actors outside a hospital system has been a challenge [23]. However, the mechanisms embedded in the distributed ledger technology associated with blockchain technology may be able to address this challenge [21,22,[24][25][26]. In other words, if healthcare organizations are to become agile in meeting patient needs outside a hospital, the digital platform has to address some of the technical challenges, such as ensuring security, interoperability, data sharing, and mobility, if it is to engender trust [23]. ...
... Existing methods used to protect and secure patient medical records have not been effective [27,28]. While access controls and authentication of records are widely used in ensure integrity, confidentiality, and accessible of medication information [26,29,30], their implementation becomes a challenge once systems are extended outside a hospital [31,32]. The encryption of data among Electronic Medical Record (EMR) and stakeholder systems is useful, but this leads to problems when there are many different encryption standards [33,34]. ...
... With no single technology platform addressing the security challenges [35], a distributed platform that allows local control of the data at each node but ensures security as it moves across a distributed platform may be a solution. Blockchain technology, which has a uniform method to encrypt the data transferred, public-private keys for the authentication of users who transfer the data, and validation of those who decrypt the data for use, can be effective in addressing security when data are shared by several stakeholders [20,26,36,37]. ...
Article
Full-text available
With patients demanding services to control their own health conditions, hospitals are looking to build agility in delivering care by extending their reach into patient and partner ecosystems and sharing relevant patient data to support care continuity. However, sharing patient data with several external stakeholders outside a hospital network calls for the development of a digital platform that is trusted by both hospitals and stakeholders, given that there is often no single entity supporting such coordination. In this paper, we propose a methodology that uses a blockchain architecture to address the technical challenge of linking disparate systems used by multiple stakeholders and the social challenge of engendering trust by using visualization to bring about transparency in the way in which data are shared. We illustrate this methodology using a pilot implementation. The paper concludes with a discussion and directions for future research and makes some concluding comments.
... Current EHR storage and distribution approaches utilize certain solutions in the context of challenging the aforementioned security threats. In particular, they use access control policies such as role-based access control (RBAC) and attribute-based access control (ABAC), which restrict system access to unauthorized users according to specific preassigned roles and attributes [6]. Moreover, a secure and anonymous three-factor authentication protocol could be deployed in the context of privacy-preserving healthcare-oriented wireless sensor networks (WSNs) [7]. ...
... There are currently several approaches regarding EHR management and how blockchain technology can be utilized to improve it [20,21]. Yüksel et al. [6] discussed the distinction of EHR storage between distributed and cloud design, and propose that a centralized model could be established by applying the relevant decentralized settings and techniques of the cloud architectures. Overall, cloud architecture refers to the structured storage and allocation of massive volumes of medical records among remote third-party service providers. ...
Article
Full-text available
Electronic health record (EHR) management systems require the adoption of effective technologies when health information is being exchanged. Current management approaches often face risks that may expose medical record storage solutions to common security attack vectors. However, healthcare-oriented blockchain solutions can provide a decentralized, anonymous and secure EHR handling approach. This paper presents PREHEALTH, a privacy-preserving EHR management solution that uses distributed ledger technology and an Identity Mixer (Idemix). The paper describes a proof-of-concept implementation that uses the Hyperledger Fabric's permissioned blockchain framework. The proposed solution is able to store patient records effectively whilst providing anonymity and unlinkability. Experimental performance evaluation results demonstrate the scheme's efficiency and feasibility for real-world scale deployment.
... Current EHR storage and distribution approaches utilize certain solutions in the context of challenging the aforementioned security threats. In particular, they use access control policies such as role-based access control (RBAC) and attribute-based access control (ABAC), which restrict system access to unauthorized users according to specific preassigned roles and attributes [6]. Moreover, a secure and anonymous three-factor authentication protocol could be deployed in the context of privacy-preserving healthcare-oriented wireless sensor networks (WSNs) [7]. ...
... There are currently several approaches regarding EHR management and how blockchain technology can be utilized to improve it [20,21]. Yüksel et al. [6] discussed the distinction of EHR storage between distributed and cloud design, and propose that a centralized model could be established by applying the relevant decentralized settings and techniques of the cloud architectures. Overall, cloud architecture refers to the structured storage and allocation of massive volumes of medical records among remote third-party service providers. ...
Preprint
Full-text available
Electronic health record (EHR) management systems require the adoption of effective technologies when health information is being exchanged. Current management approaches often face risks that may expose medical record storage solutions to common security attack vectors. However, healthcare-oriented blockchain solutions can provide a decentralized, anonymous and secure EHR handling approach. This paper presents PREHEALTH, a privacy-preserving EHR management solution that uses distributed ledger technology and an Identity Mixer (Idemix). The paper describes a proof-of-concept implementation that uses the Hyperledger Fabric's permissioned blockchain framework. The proposed solution is able to store patient records effectively whilst providing anonymity and unlinkability. Experimental performance evaluation results demonstrate the scheme's efficiency and feasibility for real-world scale deployment.
... In this section, we formally present different factors that have the most significant influence on the quality of data protection. Basically, there are four crucial factors to consider when outsourcing medical data to an external cloud provider [13,] [14], [15], [16], as shown in Figure 4. On the one hand, medical images integrity is seen as top concerns in healthcare sector because they play a vital role in disease diagnosis and treatment. Under these considerations, it is mandatory to implement necessary measures to avoid data corruption and loss. ...
Article
Cloud computing is an easy-to-use, affordable solution to manage and analyze medical data. Therefore, this paradigm has gained wide acceptance in the healthcare sector as a cost-efficient way for a successful Electronic Medical Records (EMR) implementation. Cloud technology is, however, subject to increasing criticism because of the numerous security vulnerabilities. In this regard, we propose a framework to protect confidential data through the development of new security measures, including compression, secret share scheme and XOR operation. The primary objective of the proposal is to achieve the right balance between security and usability. To this aim, we divide an image into several blocks and then encrypt each piece separately with different cryptographic keys. To enhance privacy and performance, we suggest DepSky architecture to keep data on various storage nodes. Simulation experiments have been conducted to prove the effectiveness of the proposed methodology.
... In the context of network security, Intrusion Detection Systems (IDSs) [3] represent the main tool, as in their different configurations and modalities they are able to analyze the events that occur in a network, with the aim of detecting the illegitimate ones. Nowadays, this activity has become crucial due to the huge number of network services, public and private, which involve critical and important areas, such as health services [4], education [5], financial services [6], and so on. ...
Article
Full-text available
The dramatic increase in devices and services that has characterized modern societies in recent decades, boosted by the exponential growth of ever faster network connections and the predominant use of wireless connection technologies, has materialized a very crucial challenge in terms of security. The anomaly-based Intrusion Detection Systems, which for a long time have represented one of the most efficient solutions in order to detect intrusion attempts on a network, then have to face this new and more complicated scenario. Well-known problems, such as the difficulty of distinguishing legitimate activities from illegitimate ones due to their similar characteristics and their high degree of heterogeneity, today have become even more complex, considering the increase in the network activity. After providing an extensive overview of the scenario under consideration, this work proposes a Local Feature Engineering (LFE) strategy aimed to face such problems through the adoption of a data preprocessing strategy that reduces the number of possible network event patterns, increasing at the same time their characterization. Unlike the canonical feature engineering approaches, which take into account the entire dataset, it operates locally in the feature space of each single event. The experiments conducted on real-world data have shown that this strategy, which is based on the introduction of new features and the discretization of their values, improves the performance of the canonical state-of-the-art solutions.
... We believe our approach to be an important step towards enforcing privacy prior to the alignment of reads, which is routinely executed in a public cloud for performance and cost reasons. Typically, clouds do not guarantee that the data they host cannot be accessed by either the cloud service provider, or an intruder [19], and several works highlighted the risks associated to the inconsiderate use of clouds for biomedical data [20], [21], [22], [23]. We therefore consider an adversary located in the cloud whose goal is to perform a privacy attack using raw genomic sequences it is able to observe either prior, or during, alignment. ...
Preprint
Full-text available
Sequencing thousands of human genomes has enabled breakthroughs in many areas, among them precision medicine, the study of rare diseases, and forensics. However, mass collection of such sensitive data entails enormous risks if not protected to the highest standards. In this article, we follow the position and argue that post-alignment privacy is not enough and that data should be automatically protected as early as possible in the genomics workflow, ideally immediately after the data is produced. We show that a previous approach for filtering short reads cannot extend to long reads and present a novel filtering approach that classifies raw genomic data (i.e., whose location and content is not yet determined) into privacy-sensitive (i.e., more affected by a successful privacy attack) and non-privacy-sensitive information. Such a classification allows the fine-grained and automated adjustment of protective measures to mitigate the possible consequences of exposure, in particular when relying on public clouds. We present the first filter that can be indistinctly applied to reads of any length, i.e., making it usable with any recent or future sequencing technologies. The filter is accurate, in the sense that it detects all known sensitive nucleotides except those located in highly variable regions (less than 10 nucleotides remain undetected per genome instead of 100,000 in previous works). It has far less false positives than previously known methods (10% instead of 60%) and can detect sensitive nucleotides despite sequencing errors (86% detected instead of 56% with 2% of mutations). Finally, practical experiments demonstrate high performance, both in terms of throughput and memory consumption.
... After the sequencing process, the produced reads are typically used either in a de novo assembly, or aligned to a reference genome. Besides the wide use of genomic data on diverse fields, privacy attacks [8], [22] and the use of clouds environments for biomedical data analysis [23], [24], [25], [26] have raised concerns about the data security on the alignment step. Melissa Gymrek et al. [5] performed a re-identification attack identifying 131 of the anonymized genomes of the 1000 Genomes Project. ...
Preprint
Full-text available
The advent of high throughput next-generation sequencing (NGS) machines made DNA sequencing cheaper, but also put pressure on the genomic life-cycle, which includes aligning millions of short DNA sequences, called reads, to a reference genome. On the performance side, efficient algorithms have been developed, and parallelized on public clouds. On the privacy side, since genomic data are utterly sensitive, several cryptographic mechanisms have been proposed to align reads securely, with a lower performance than the former, which in turn are not secure. This manuscript proposes a novel contribution to improving the privacy performance product in current genomic studies. Building on recent works that argue that genomics data needs to be × treated according to a threat-risk analysis, we introduce a multi-level sensitivity classification of genomic variations. Our classification prevents the amplification of possible privacy attacks, thanks to promoting and partitioning mechanisms among sensitivity levels. Thanks to this classification, reads can be aligned, stored, and later accessed, using different security levels. We then extend a recent filter, which detects the reads that carry sensitive information, to classify reads into sensitivity levels. Finally, based on a review of the existing alignment methods, we show that adapting alignment algorithms to reads sensitivity allows high performance gains, whilst enforcing high privacy levels. Our results indicate that using sensitivity levels is feasible to optimize the performance of privacy preserving alignment, if one combines the advantages of private and public clouds.
... Our goal is to tackle emergency events, data sharing and anonymity from earlier identified issues [15] of electronic health services. Our paper defines a federated pseudonymisation protocol that is compatible with break-the-glass procedures. ...
Article
Healthcare data for primary use (diagnosis) may be encrypted for confidentiality purposes; however, secondary uses such as feeding machine learning algorithms requires open access. Full anonymity has no traceable identifiers to report diagnosis results. Moreover, implicit and explicit consent routes are of practical importance under recent data protection regulations (GDPR), translating directly into break-the-glass requirements. Pseudonymisation is an acceptable compromise when dealing with such orthogonal requirements and is an advisable measure to protect data. Our work presents a pseudonymisation protocol that is compliant with implicit and explicit consent routes. The protocol is constructed on a (t,n)-threshold secret sharing scheme and public key cryptography. The pseudonym is safely derived from a fragment of public information without requiring any data-subject's secret. The method is proven secure under reasonable cryptographic assumptions and scalable from the experimental results.
... Specifically, mining the electronic medical record of patients could reveal the underlying relationships between various diseases or other information that is conducive to medical treatment, but this process may also result in the disclosure of personal information of patients ( Abouelmehdi et al., 2018;Li et al., 2015;Yang et al., 2018 ). Therefore, an effective Privacy-Preserving Data Mining (PPDM) method, which can address the need of revealing the data in a database while giving away nothing about personal information, is of great significance in the data mining field ( Buket et al., 2016 ). ...
Article
The rapid development of data analysis technologies and the easily accessible datasets have enabled the construction of a comprehensive analytics model, which can facilitate the decision makings involved in services. Meanwhile, the individual privacy preservation is of great necessity. Decision tree is a common method in medical prediction and diagnose, known for its simplicity of understanding and interpreting. However, the process of building a decision tree might cause individual privacy disclosure. Differential privacy provides a rigorous mathematical definition of privacy by controlling the risk of privacy leakage in a manageable range while maintaining the statistical characteristics. In this paper, we propose a Differentially Private Greedy Decision Forest with high utility (DPGDF) to build a privacy-preserving decision forest. In DPGDF, we design a novel budget allocation strategy that allows the nodes in greater depth get more privacy budgets in the decision tree construction process, which can, to some extent, mitigate the problem of excessive noises introduced to the leaf nodes. To aggregate multiple trees into a forest, we propose a selective aggregation method based on the prediction accuracy of the decision forest. In addition, we develop an iterative method to speed up the process of selective aggregation. Finally, we experimentally prove that the proposed DPGDF can achieve a better performance on two practical datasets compared with other algorithms.
... Vários autores têm se debruçado sobre essa questão, abordando tanto recomendações para melhorar a segurança e privacidade no desenvolvimento (11) como os aspectos de segurança e privacidade abordados em pesquisas sobre esse tipo de sistema de informação. (12) No entanto, faltam estudos que abordem essas questões, bem como as percepções de pacientes e profissionais sobre elas, especificamente em sistemas nacionais de prontuários eletrônicos, nos quais o objetivo é prover acesso aos dados por um amplo conjunto de profissionais distribuídos em todo o território de um país. ...
Article
Full-text available
The objective of this paper was to explore privacy issues addressed by national electronic health record systems, with a case study of Australia's My Health Record system. Privacy issues were organized according to a conceptual framework of informational privacy that included corporate privacy practices and customer behavior. After searching bibliographic databases covering health, 18 articles were selected and analyzed that addressed the government's privacy practices, users' perceptions or attitudes, as well as their intentions or behavior related to informational privacy. Regarding privacy practices, the aspects of collecting and storing patient information were addressed, as well as the degree of transparency and control exercised by the patient over their data. With regard to patients' perception, there is a fear of improper access to data as well as identity theft and misuse of information by insurance companies or employers, but this fear does not differ from that when information is available on paper support. Finally, as the patient has access to health information, there is a need for these patients to be able to understand what has been recorded, i.e. there is a demand for better health literacy, but health professionals fear that this access by patients may lead to unnecessary confusion and worry, leading to an increased workload. It is concluded that the patient-controlled electronic health record at the national level can be an effective instrument for empowering citizens to control their health and a motivator to expand the conditions of their health literacy. However, these privacy issues call for an explicit and clear position by governments to ensure the confidentiality of the data and secondary uses that may be made of this information.
... In this way, clinicians would be able to log in once to a number of eHealth applications, including the EHR, using a single set of credentials. The level of security can then be increased by using a smart card in combination with an authentication method such as SSO (Yüksel et al., 2017). This would prevent unauthorised access in the event that the smart card was lost. ...
Article
Purpose An electronic health record (EHR) enables clinicians to access and share patient information electronically and has the ultimate goal of improving the delivery of healthcare. However, this can create security and privacy risks to patient information. This paper aims to present a model for securing the EHR based on role-based access control (RBAC), attribute-based access control (ABAC) and the Clark-Wilson model. Design/methodology/approach A systematic literature review was conducted which resulted in the collection of secondary data that was used as the content analysis sample. Using the MAXQDA software program, the secondary data was analysed quantitatively using content analysis, resulting in 2,856 tags, which informed the discussion. An expert review was conducted to evaluate the proposed model using an evaluation framework. Findings The study found that a combination of RBAC, ABAC and the Clark-Wilson model may be used to secure the EHR. While RBAC is applicable to healthcare, as roles are linked to an organisation’s structure, its lack of dynamic authorisation is addressed by ABAC. Additionally, key concepts of the Clark-Wilson model such as well-formed transactions, authentication, separation of duties and auditing can be used to secure the EHR. Originality/value Although previous studies have been based on a combination of RBAC and ABAC, this study also uses key concepts of the Clark-Wilson model for securing the EHR. Countries implementing the EHR can use the model proposed by this study to help secure the EHR while also providing EHR access in a medical emergency.
... Furthermore, access revocation is greatly simplified by re-encrypting only one data fragment with a fresh encryption key, which significantly reduces the transmission cost [34,35]. However, utility of such encrypted data is quite limited such as search, update, and computation cannot be performed without reconstructing the original data [22,75]. Database Fragmentation or Data Splitting [18] aim to provide functionality-preserving data protection for data storage on clouds. ...
Preprint
Full-text available
Data privacy is an important issue for organizations and enterprises to securely outsource data storage, sharing, and computation on clouds / fogs. However, data encryption is complicated in terms of the key management and distribution; existing secure computation techniques are expensive in terms of computational / communication cost and therefore do not scale to big data computation. Tensor network decomposition and distributed tensor computation have been widely used in signal processing and machine learning for dimensionality reduction and large-scale optimization. However, the potential of distributed tensor networks for big data privacy preservation have not been considered before, this motivates the current study. Our primary intuition is that tensor network representations are mathematically non-unique, unlinkable, and uninterpretable; tensor network representations naturally support a range of multilinear operations for compressed and distributed / dispersed computation. Therefore, we propose randomized algorithms to decompose big data into randomized tensor network representations and analyze the privacy leakage for 1D to 3D data tensors. The randomness mainly comes from the complex structural information commonly found in big data; randomization is based on controlled perturbation applied to the tensor blocks prior to decomposition. The distributed tensor representations are dispersed on multiple clouds / fogs or servers / devices with metadata privacy, this provides both distributed trust and management to seamlessly secure big data storage, communication, sharing, and computation. Experiments show that the proposed randomization techniques are helpful for big data anonymization and efficient for big data storage and computation.
... In addition to satisfying the security goals mentioned above, one should ensure necessary privacy requirements in healthcare systems. In this work, we consider the privacy goals based on device, data, and communication anonymity properties [51][52][53]. ...
Preprint
Full-text available
The recent advancements in computing systems and wireless communications have made healthcare systems more efficient than before. Modern healthcare devices can monitor and manage different health conditions of the patients automatically without any manual intervention from medical professionals. Additionally, the use of implantable medical devices (IMDs), body area networks (BANs), and Internet of Things (IoT) technologies in healthcare systems improve the overall patient monitoring and treatment process. However, these systems are complex in software and hardware, and optimizing between security, privacy, and treatment is crucial for healthcare systems as any security or privacy violation can lead to severe effects on patients' treatments and overall health conditions. Indeed, the healthcare domain is increasingly facing security challenges and threats due to numerous design flaws and the lack of proper security measures in healthcare devices and applications. In this paper, we explore various security and privacy threats to healthcare systems and discuss the consequences of these threats. We present a detailed survey of different potential attacks and discuss their impacts. Furthermore, we review the existing security measures proposed for healthcare systems and discuss their limitations. Finally, we conclude the paper with future research directions toward securing healthcare systems against common vulnerabilities.
... However, it brings about a series of challenges, especially how to preserve privacy of the patient's personal health information from various attack such as eavesdropping and tampering [19] [20] [21]. The main issue is that only the eligible patients of the social group and the related medical professionals must have access the patient's personal healthcare information during the data sharing in the distributed m-healthcare computing system [22] [23] [24]. It is due to the fact that most patients are concerned about each kind of unauthorized disclosure of their personal health information, which put them in trouble [25] [26] [27]. ...
Preprint
Full-text available
The expeditious growth of the wearable and implantable body sensors and wireless communication technologies have provided both inspiration and motivation for increasingly development of m-healthcare information systems as a promising next generation e-health system. In m-healthcare systems, the authorized mobile patients with the same disease symptoms can constitute a social group to share their health condition and medical experience. The privacy of social communication transferred over open wireless channels is an essential system requirement. Furthermore, the m-healthcare system on contrary to the traditional e-Health system allows mobile patients to move across distinguished location domains during different time periods. The mobility of patients considerably increases the cost of key management in terms of communication overhead if it is addressed with a naïve solution such as treating as a leave in the old location and a new join in the visited location. This paper proposes a privacy-preserving scheme, which maintains the secrecy of patients’ personal health information using secure group communication in m-healthcare information systems while supporting mobility of patients. The scheme is highly scalable, and treats patients’ mobility with the minimum rekeying cost, as such efficiently preserve secrecy of communication between patients associated with a social group. The security properties of the proposed scheme as well as its performance based on simulation experiments are evaluated. The experimental results demonstrate that the proposed scheme outperforms the existing solution in terms of communication overhead.
... Sullivan and Burger 2017;Zhang et al. 2016;Suzuki and Murai 2017;Beninger and Ibara 2016;Anjum et al. 2017;Au et al. 2017; N.Kshetri 2017;Yüksel et al. 2017;Roehrs et al. 2017;Azaria et al. 2016;Mettler 2016;Torre et al. 2016;Samaniego and Deters 2016;Siddiqi et al. 2017;Stanciu 2017;Shae and Tsai 2017;Xia et al. 2017;Jin et al. 2017;Gazali et al. 2017;Shrestha and Vassileva 2016;Tosh et al. 2017;Liang et al. 2017;Raju et al. 2017;Yue et al. 2016;Dubovitskaya et al. 2017; chin Cheng et al. 2018). ...
Article
Full-text available
Since its inception, Healthcare 4.0 has empowered the integration of advance technologies to create and improve the quality of healthcare services. The delivery of healthcare services have come a long way from physical appointments with doctors to remote health monitoring and disease prediction, surgery assistive systems. This advancement has only been possible with the integration of cutting-edge technologies like Tele-healthcare, Software-Defined Networking etc. with healthcare systems. In this survey, we have targeted some of the pioneering research works that could contribute significantly for the future development of Healthcare 4.0 systems. We have identified the major research gaps and presented the modern state-of-the-art of healthcare systems and introduced the Healthcare IoT Application and Service Stacks. We have also discussed the latest paradigm of Wireless Body Area Networks, emphasizing its significance and how it can contribute to the development of next-gen healthcare applications using emerging technologies like Machine Learning, Blockchain, Cloud Computing , Internet of things, Edge/ Fog Computing, Telehealthcare, Big Data Analytics, Software-Defined Networking etc. We have performed comparative study of different architectural implementations considering their advantages, shortcomings and Quality-of-Service requirements. We emphasize the importance of the different emerging technologies in detail, discussing the opportunities available and their potential to build better healthcare solutions that provide improved quality of service. Finally we highlight the fundamental need for establishing security and privacy in future healthcare systems. Overall this survey provides a strong outlook into the development of the future of healthcare 4.0.
... The challenges in maintaining data security are due to the large population size across the wide geographical landscape and lack of IT infrastructure in the country. To make the healthcare system to run smoothly, HIPAA has suggested a set of valuable security and privacy guidelines within the purview of federal law [9][10][11]. The essential guidelines related to privacy, confidentiality, and security are presented in Table 1. ...
Article
Full-text available
Health records are an integral aspect of any Hospital Management System. With newer innovations in technology, there has been a shift in the way of recording health information. Medical records which used to be managed using various paper charts have now become easier to organize and maintain, thereby increasing the efficiency of medical staff. The Electronic Health Records (EHR) System is becoming a high-tech medical management technology developed for the economic or emerging economic countries like India. In a national health system, the EHR integrates the Electronic Medical Records (EMR) in all collaborating hospitals through different networks. EHR gives healthcare professionals a way to share and manage patient data quickly and effectively. Due to the mass storage of confidential patient data, healthcare organizations are considered as one of the most targeted sectors by intruders. This paper proposes a security framework for EHR system, which takes into consideration the integrity, availability, and confidentiality of health records. The threats posed to the EHR system are modeled by STRIDE modeling tool, and the amount of risk is calculated using DREAD. The paper also suggests the security mechanism and countermeasures based on security standards, which can be utilized in an EHR environment. The paper shows that the utilization of the proposed methods effectively addresses security concerns such as breach of sensitive medical information.
... The study also addressed Blockchain's impact on IoT security. Yüksel et al. [10] surveyed privacy, security and integrity features of the E-Health Services (EHS). They introduced cryptography solutions currently used in this field and classified them according to the access control, sharing, analyzing, searching and conducting emergency techniques. ...
Conference Paper
Full-text available
The Electronic Health Records (EHR) sharing system is the state of art for delivering healthcare. The tools within the system can predict outcomes during the patient’s lifetime, monitor how effective are treatments, track therapies and detect human errors. For main industry stakeholders, the priority is to ensure integrity and interoperability across the care continuum. Achieving this priority is still challenging considering an enormous amount of EHR data, security issues, and heterogeneity of healthcare information systems. To overcome these challenges, this work proposes BiiMED: a Blockchain framework for Enhancing Data Interoperability and Integrity regarding EHR-sharing. The proposed solutions include an access management system allowing the exchange of EHRs between different medical providers and a decentralized Trusted Third Party Auditor (TTPA) for ensuring data integrity. This work establishes a foundation for further research on dynamic data interoperability and integrity verification in a fully decentralized environment. Index Terms—Blockchain, Electronic Health Records (EHR), Data sharing, Access control, Ethereum, Integrity, Interoperability, Security and Cloud.
... There have been some surveys focusing on specific components of e-healthcare systems, that is, e-health data security [5][6][7][8], medical device security [3,[9][10][11][12], and medical network security [13,14]. Other studies [15][16][17][18] have aimed at more than one component of the e-healthcare system. However, the security and privacy issues for all components have not yet been surveyed. ...
Article
Full-text available
Recently, the integration of state-of-the-art technologies, such as modern sensors, networks, and cloud computing, has revolutionized the conventional healthcare system. However, security concerns have increasingly been emerging due to the integration of technologies. Therefore, the security and privacy issues associated with e-health data must be properly explored. In this paper, to investigate the security and privacy of e-health systems, we identified major components of the modern e-health systems (i.e., e-health data, medical devices, medical networks and edge/fog/cloud). Then, we reviewed recent security and privacy studies that focus on each component of the e-health systems. Based on the review, we obtained research taxonomy, security concerns, requirements, solutions, research trends, and open challenges for the components with strengths and weaknesses of the analyzed studies. In particular, edge and fog computing studies for e-health security and privacy were reviewed since the studies had mostly not been analyzed in other survey papers.
... Filkins et al. [20] 2016 A survey of security and privacy in a digital health environment SSL/TSL protocol Helpful for translational researchers awareness Not given a detailed solution of any issue Yuksel et al. [21] 2017 ...
Article
The healthcare industry has revolutionized from 1.0 to 4.0, where Healthcare 1.0 was more doctor centric and Healthcare 2.0 replaced manual records with electronic healthcare records (EHRs). Healthcare 3.0 was patient-centric and Healthcare 4.0 uses cloud computing (CC), fog computing (FC), Internet of things (IoT), and telehealthcare technologies to share data between various stake-holders. However, framing a secure technique for Healthcare 4.0 has always been a challenging task. An insecure technique for Healthcare 4.0 may lead to the healthcare data breach where hackers can gain full access to patients' email accounts, messages, and reports. On the contrary, a secured technique for Healthcare 4.0 can provide satisfaction to all stakeholders, including patients and caregivers. Motivated from these facts, this paper presents an extensive literature review and analysis of state-of-the-art proposals to maintain security and privacy in Healthcare 4.0. We also explored the blockchain-based solution to give insights to both the research and practitioners communities. Different taxonomies used for exploring various security and privacy issues in Healthcare 4.0 are also presented in a structured manner. Then, the advantages and limitations of various security and privacy techniques are explored and discussed in the paper. Finally, existing challenges and future research directions of security and privacy in Healthcare 4.0 are presented.
... There is growing concern that breaches of confidentiality may lead to an erosion of public confidence in the healthcare system . The presence of such concerns may impair the actual quality of care provided, since patients may self-medicate, visit another doctor, provide incomplete information, or opt out of seeking treatment (Yüksel et al., 2017). This is underpinned by research which found that the most common objection to sharing data with an outside provider is the potential discrimination by insurance technical perspective (e.g., using digital key cryptography) or transparent disclosures on how citizen data is stored and processed (firm-generated reassurances), but by encouraging people to become more proactive in sharing and disseminating data about themselves. ...
Article
Full-text available
A variety of ethical concerns about artificial intelligence (AI) implementation in healthcare have emerged as AI becomes increasingly applicable and technologically advanced. The last decade has witnessed significant endeavors in striking a balance between ethical considerations and health transformation led by AI. Despite a growing interest in AI ethics, implementing AI-related technologies and initiatives responsibly in healthcare settings remains a challenge. In response to this topical challenge, we reviewed 253 articles pertaining to AI ethics in healthcare published between 2000 and 2020, summarizing the coherent themes of responsible AI initiatives. A preferred reporting items for systematic review and meta-analysis (PRISMA) approach was employed to screen and select articles, and a hermeneutic approach was adopted to conduct systematic literature review. By synthesizing relevant knowledge from AI governance and ethics, we propose a responsible AI initiative framework that encompasses five core themes for AI solution developers, healthcare professionals, and policy makers. These themes are summarized in the acronym SHIFT: Sustainability, Human centeredness, Inclusiveness, Fairness, and Transparency. In addition, we unravel the key issues and challenges concerning responsible AI use in healthcare, and outline avenues for future research.
... It provides the technique for restrictive access to data. Commonly known techniques for healthcare systems are role-based, attribute-based, and identity-based access control [49]. Since EHRs deal with patients' health data containing very sensitive information, access control is a significant factor to consider. ...
Article
Full-text available
Blockchain is the revolutionary invention of the twentieth century that offers a distributed and decentralized setting to communicate among nodes in a list of networks without a central authority. On the other hand, an electronic health records (EHRs) is the electronically stored health information in a digital format.EHRs are normally shared among healthcare stakeholders and facing power failure, data misuse, lack of privacy and security, and audit trail. Blockchain is a leading technology among others to address the limitations related to EHRs. It can provide a safer and secured decentralized environment for exchanging EHRs data. There are three categories of blockchain-based potential solutions have been proposed to handle EHRs: conceptual, prototype, and implemented. This study focused on a Systematic Literature Review (SLR) to find and analyze articles proposed either conceptual or implemented to manage EHRs using blockchain. The study analyzed 99 papers that were described from various publication categories. The deep technical analysis focused on evaluating articles based on privacy, security, scalability, accessibility, cost, consensus algorithms, and type of blockchain used. The SLR found that the blockchain technology is promising to provide decentralization, security, and privacy that traditional EHRs often lack. Moreover, results obtained from the detailed studies would provide potential researchers with a reference as to which type of blockchain to choose for future development. Finally, future research directions, in the end, would direct enthusiasm to combine new blockchain-based systems to properly manage EHRs.
... . An access control mechanism ensures that users at each level can only access specific types of data. Thus, key management is the primary concern with respect to scalable content in access control; this highlights the necessity of establishing an access control mechanism that effectively provides appropriate access to data and protects information [13]. However, any network environment is exposed to numerous security risks [14]. ...
Article
A personal health record (PHR) contains health information on a specific individual and incorporates medical data from cloud databases (e.g., diagnosis and treatment records). Because of the use of medical applications on smart mobile devices, security mechanisms must be implemented. Secure access control enables convenient information sharing under secure conditions. To effectively implement secure access control for PHRs in cloud databases, we propose a Lagrange-interpolation-driven access control mechanism (LIDACM) that ensures the security and confidentiality of healthcare information. The LIDACM strictly controls privacy settings and access authority; it also prevents unauthorised individuals from accessing PHRs, thereby increasing the difficulty of hacking the database and stealing private medical information. The present analysis indicates that the LIDACM effectively protects PHR information and enables secure information sharing among multiple medical institutions. Because a user’s private key is generated randomly through the proposed mechanism and no relationships exist between private keys, cracking the private key system is difficult. The LIDACM supports dynamic modifications (e.g., user addition and deletion and document or user inquiry) and can deliver files to specific users when they use a private key. Each user has specific access rights pertaining to retrieval of confidential data. The LIDACM helps guarantee the privacy and security of personal medical information within an information-sharing system.
... Privacy refers to determining who can access the patients' personal information. Considering the openness nature of communications in edge and the sensibility of healthcare information, preserving privacy becomes remarkably critical in edge-assisted solutions for connected healthcare services [45], [46]. ...
Article
In today’s modern era, with the rapid growth of edge-assisted solutions especially Internet of Things (IoT) networks, connected healthcare progressively relies on such solutions. Connected healthcare systems refer to health systems in which all the stakeholders are connected to each other. These systems employ novel technologies such as IoT, edge computing, and Artificial Intelligence (AI) to convert conventional health systems to more effective, appropriate, and customized intelligent systems. However, emerging connected healthcare systems encounter many restrictions and require new policies. Intelligent and edge computing technologies integration including IoT are a promising solution for most of the limitations arising from using cloud computing in connected healthcare applications. In fact, edge computing and AI are essential factors of smart IoT applications. Moving the computation and processing closer to the data sources and end-users, edge computing can reduce latency, bandwidth usage, and energy consumption. Notwithstanding the importance of edge-assisted solutions for connected healthcare systems, there is not any systematic and methodological research in this scope that investigates the existing studies considering various vital and relevant factors. Thus, this survey aims to comprehensively examine the state-of-the-art research in this area. We have reviewed the qualified existing works and divided them into two main taxonomies, including patient-centric and process-centric techniques, and their benefits and issues are also provided and discussed thoroughly. Furthermore, essential factors such as available datasets and parameters like accuracy, mobility, and data rate are comprehensively described and examined. In fact, in this paper, we bridge the gap between edge computing and connected healthcare solutions by comprehensively discussing relevant vital issues and highlighting the future trends.
... Privacy algorithms make use of certain Privacy-preservinge anonymity-based techniques or (privacy techniques in short) 1 (e.g., generalization, suppression, anatomy etc.) to accomplish the most desirable trade-off between privacy preservation and utility. Existing surveys [77,79,81,128,141,142,143,144] on anonymity-based approaches have performed just a comparative investigation of privacy models that are based on their properties and presented their internal implementation. These surveys require general guidelines about (i) how privacy models and privacy techniques correlate with each other and (ii) how can we improve the trade-off between privacy and utility by using different combinations of privacy models and privacy techniques (iii) what are the most relevant privacy techniques that can be adapted for cloud based EHRs. ...
Article
Full-text available
Electronic health records (EHRs) are increasingly employed to maintain, store and share varied types of patient data. The data can also be utilized for various research purposes, such as clinical trials or epidemic control strategies. With the increasing cost and scarcity of healthcare services, healthcare organizations feel at ease in outsourcing these services to cloud-based EHRs. That serves as pay-as-you-go (PAYG) “e-health cloud” models to aid the healthcare organizations handling with existing and imminent demands yet restricting their costs. Technologies can host some risks; hence the privacy of information in these systems is of utmost importance. Regardless of its increased effectiveness and growing eagerness in its adoption, not much care is being employed to the privacy issues that might arise. Privacy preservation need to be reviewed about the changing privacy rules and legislations regarding sensitive personal data. Our work aims at answering three major questions: firstly, how privacy models and privacy techniques correlate with each other, secondly, how we can fix the privacy-utility-trade off by using different combinations of privacy models and privacy techniques and lastly, what are the most relevant privacy techniques that can be adapted to achieve privacy of EHR on cloud.
... In addition to satisfying the security goals mentioned above, one should ensure necessary privacy requirements in healthcare systems. In this work, we consider the privacy goals based on device, data, and communication anonymity properties [51][52][53]. ...
Article
Full-text available
Recent advancements in computing systems and wireless communications have made healthcare systems more efficient than before. Modern healthcare devices can monitor and manage different health conditions of patients automatically without any manual intervention from medical professionals. Additionally, the use of implantable medical devices, body area networks, and Internet of Things technologies in healthcare systems improve the overall patient monitoring and treatment process. However, these systems are complex in software and hardware, and optimizing between security, privacy, and treatment is crucial for healthcare systems because any security or privacy violation can lead to severe effects on patients’ treatments and overall health conditions. Indeed, the healthcare domain is increasingly facing security challenges and threats due to numerous design flaws and the lack of proper security measures in healthcare devices and applications. In this article, we explore various security and privacy threats to healthcare systems and discuss the consequences of these threats. We present a detailed survey of different potential attacks and discuss their impacts. Furthermore, we review the existing security measures proposed for healthcare systems and discuss their limitations. Finally, we conclude the article with future research directions toward securing healthcare systems against common vulnerabilities.
... When the parameters of a particular machine learning algorithm are estimated in a balanced way so that it can predict the outcome reasonably accurately, it is called "learning or training the model" [15]. The crucial issue we should consider here is security and privacy [16]. We must not allow the information to be breached. ...
Article
Full-text available
Internet of Medical Things (IoMT) provides an excellent opportunity to investigate better automatic medical decision support tools with the effective integration of various medical equipment and associated data. This study explores two such medical decision-making tasks, namely COVID-19 detection and lung area segmentation detection, using chest radiography images. We also explore different cutting-edge machine learning techniques, such as federated learning, semi-supervised learning, transfer learning, and multi-task learning to explore the issue. To analyze the applicability of computationally less capable edge devices in the IoMT system, we report the results using Raspberry Pi devices as accuracy, precision, recall, Fscore for COVID-19 detection, and average dice score for lung segmentation detection tasks. We also publish the results obtained through server-centric simulation for comparison. The results show that Raspberry Pi-centric devices provide better performance in lung segmentation detection, and server-centric experiments provide better results in COVID-19 detection. We also discuss the IoMT application-centric settings, utilizing medical data and decision support systems, and posit that such a system could benefit all the stakeholders in the IoMT domain.
... Cloud-based health services allow physicians, patients, and owners of health data (health departments or health organizations) to control and share their data easily. However, eHealth cloud computing poses a range of challenges, such as data security and privacy for both clients and cloud service providers (CSPs) [3][4][5]. Security and privacy issues threaten an open network and semi-trusted servers which may lose, leak, or disclose data [6]. These can allow breaches in users' privacy when sharing data in a public cloud. ...
Article
Full-text available
The proliferation and usefulness of cloud computing in eHealth demands high levels of security and privacy for health records. However, eHealth clouds pose serious security and privacy concerns for sensitive health data. Therefore, practical and effective methods for security and privacy management are essential to preserve the privacy and security of the data. To review the current research directions in security and privacy in eHealth clouds, this study analysed and summarized the state of the art technologies and approaches reported in security and privacy in the eHealth cloud. An extensive review covering 132 studies from several peer-reviewed databases such as IEEE Xplore was conducted. The relevant studies were reviewed and summarized in terms of their benefits and risks. This study also compared several research works in the domain of data security requirements. This paper will provide eHealth stakeholders and researchers with extensive knowledge and information on current research trends in the areas of privacy and security.
... Furthermore, access revocation is greatly simplified by re-encrypting only one data fragment with a fresh encryption key, which significantly reduces the transmission cost [34,35]. However, utility of such encrypted data is quite limited such as search, update, and computation cannot be performed without reconstructing the original data [22,75]. Database Fragmentation or Data Splitting [18] aim to provide functionality-preserving data protection for data storage on clouds. ...
Article
Full-text available
Data privacy is an important issue for organizations and enterprises to securely outsource data storage, sharing, and computation on clouds / fogs. However, data encryption is complicated in terms of the key management and distribution; existing secure computation techniques are expensive in terms of computational / communication cost and therefore do not scale to big data computation. Tensor network decomposition and distributed tensor computation have been widely used in signal processing and machine learning for dimensionality reduction and large-scale optimization. However, the potential of distributed tensor networks for big data privacy preservation have not been considered before, this motivates the current study. Our primary intuition is that tensor network representations are mathematically non-unique, unlinkable, and un-interpretable; tensor network representations naturally support a range of multilinear operations for compressed and distributed / dispersed computation. Therefore, we propose randomized algorithms to decompose big data into randomized tensor network representations and analyze the privacy leakage for 1D to 3D data tensors. The randomness mainly comes from the complex structural information commonly found in big data; randomization is based on controlled perturbation applied to the tensor blocks prior to decomposition. The distributed tensor representations are dispersed on multiple clouds / fogs or servers / devices with metadata privacy, this provides both distributed trust and management to seamlessly secure big data storage, communication, sharing, and computation. Experiments show that the proposed randomization techniques are helpful for big data anonymization and efficient for big data storage and computation.
Article
Recently, Electronic Health Records (EHR) plays a significant role in E-health care system that allows data exchange of patient's health records via a portal designated by healthcare professionals. In this, the lack of confidentiality and integrity factors leads to different security issues on sensitive health information and causes a serious impact on a patient's life. To accomplish the security of medical data, we propose a new scheme named Elliptical Curve Certificateless Aggregate Cryptography Signature scheme (EC-ACS) for the public verification and auditing in the Medical Cloud Server (MCS) to secure EHR using authorized blockchain technology. In this, we use Elliptic Curve Cryptography (ECC) to encrypt medical data and the Certificateless Aggregate Signature scheme (CAS) to generate the digital signature for sharing and storing data in the cloud storage. This proposed scheme ensures security, privacy and safeguards the confidential information from unauthorized access in the cloud health system. Furthermore, the blockchain technique guarantees the integrity, traceability and secure storage of medical records in the cloud environment.
Article
Full-text available
Users are each day more aware of their privacy and data protection. Although this problem is transversal to every digital service, it is especially relevant when critical and personal information is managed, as in eHealth and well-being services. During the last years, many different innovative services in this area have been proposed. However, data management challenges are still in need of a solution. In general, data are directly sent to services but no trustworthy instruments to recover these data or remove them from services are available. In this scheme, services become the users’ data owners although users keep the rights to access, modify, and be forgotten. Nevertheless, the adequate implementation of these rights is not guaranteed, as services use the received data with commercial purposes. In order to address and solve this situation, we propose a new trustworthy personal data protection mechanism for well-being services, based on privacy-by-design technologies. This new mechanism is based on Blockchain networks and indirection functions and tokens. Blockchain networks execute transparent smart contracts, where users’ rights are codified, and store the users’ personal data which are never sent or given to external services. Besides, permissions and privacy restrictions designed by users to be applied to their data and services consuming them are also implemented in these smart contracts. Finally, an experimental validation is also described to evaluate the Quality of Experience (in terms of user satisfaction) and Quality of Service (in terms of processing delay) compared to traditional service provision solutions.
Article
Mental healthcare providers increasingly use technology for psychotherapy services. This progress enables professionals to communicate, store, and rely on digital software and hardware. Emails, text messaging, telepsychology/telemental health therapy, electronic medical records, cloud-based storage, apps/applications, and assessments are now available within the provision of services. Of those mentioned, some are directly utilized for psychotherapy while others ancillarily aid providers. Whereas professionals previously wrote notes locally, technology has empowered providers to work more efficiently with third-party services and solutions. However, the implementation of these advancements in mental healthcare involves consequences to digital privacy and might increase clients’ risk to unintended breaches of confidentiality. This manuscript reviews common technologies, considers the vulnerabilities therein, and proposes suggestions to strengthen privacy.
Thesis
Full-text available
Privacy attacks reported in the literature alerted the research community for the existing serious privacy issues in current biomedical process workflows. Since sharing biomedical data is vital for the advancement of research and the improvement of medical healthcare, reconciling sharing with privacy assumes an overwhelming importance. In this thesis, we state the need for effective privacy-preserving measures for biomedical data processing, and study solutions for the problem in one of the harder contexts, genomics. The thesis focuses on the specific properties of the human genome that make critical parts of it privacy-sensitive and tries to prevent the leakage of such critical information throughout the several steps of the sequenced genomic data analysis and processing workflow. In order to achieve this goal, it introduces efficient and effective privacy-preserving mechanisms, namely at the level of reads filtering right upon sequencing, and alignment. Human individuals share the majority of their genome (99.5%), the remaining 0.5% being what distinguishes one individual from all others. However, that information is only revealed after two costly processing steps, alignment and variant calling, which today are typically run in clouds for performance efficiency, but with the corresponding privacy risks. Reaping the benefits of cloud processing, we set out to neutralize the privacy risks, by identifying the sensitive (i.e., discriminating) nucleotides in raw genomic data, and acting upon that. The first contribution is DNA-SeAl, a systematic classification of genomic data into different levels of sensitivity with regard to privacy, leveraging the output of a state-of-the-art automatic filter (SRF) isolating the critical sequences. The second contribution is a novel filtering approach, LRF, which undertakes the early protection of sensitive information in the raw reads right after sequencing, for sequences of arbitrary length (long reads), improving SRF, which only dealt with short reads. The last contribution proposed in this thesis is MaskAl, an SGX-based privacy-preserving alignment approach based on the filtering method developed. These contributions entailed several findings. The first finding of this thesis is the performance × privacy product improvement achieved by implementing multiple sensitivity levels. The proposed example of three sensitivity levels allows to show the benefits of mapping progressively sensitive levels to classes of alignment algorithms with progressively higher privacy protection (albeit at the cost of a performance tradeoff). In this thesis, we demonstrate the effectiveness of the proposed sensitivity levels classification, DNA-SeAl. Just by considering three levels of sensitivity and taking advantage of three existing classes of alignment algorithms, the performance of privacy-preserving alignment significantly improves when compared with state-of-the-art approaches. For reads of 100 nucleotides, 72% have low sensitivity, 23% have intermediate sensitivity, and the remaining 5% are highly sensitive. With this distribution, DNA-SeAl is 5.85× faster and it requires 5.85× less data transfers than the binary classification – two sensitivity levels. The second finding is the sensitive genomic information filtering improvement by replacing the per read classification with a per nucleotide classification. With this change, the filtering approach proposed in this thesis (LRF) allows the filtering of sequences of arbitrary length (long reads), instead of the classification limited to short reads provided by the state-of-the-art filtering approach (SRF). This thesis shows that around 10% of an individuals genome is classified as sensitive by the developed LRF approach. This improves the 60% achieved by the previous state of the art, the SRF approach. The third finding is the possibility of building a privacy-preserving alignment approach based on reads filtering. The sensitivity-adapted alignment relying on hybrid environments, in particular composed by common (e.g., public cloud) and trustworthy execution environments (e.g., SGX enclave cloud) in clouds, gets the best of both worlds: it enjoys the resource and performance optimization of cloud environments,while providing a high degree of protection to genomic data. We demonstrate that MaskAl is 87% faster than existing privacy-preserving alignment algorithms (Balaur), with similar privacy guarantees. On the other hand, Maskal is 58% slower compared to BWA, a highly efficient non-privacy preserving alignment algorithm. In addition, MaskAl requires less 95% of RAM memory and it requires between 5.7 GB and 15 GB less data transfers in comparison with Balaur. This thesis breaks new ground on the simultaneous achievement of two important goals of genomics data processing: availability of data for sharing; and privacy preservation. We hope to have shown that our work, being generalisable, gives a significant step in the direction of, and opens new avenues for, wider-scale, secure, and cooperative efforts and projects within the biomedical information processing life cycle.
Chapter
Consent management is a significant function in electronic healthcare. Given the rise of personal data stored on electronic devices, there is a need to ensure that personal data of individuals is protected—in particular, healthcare user information stored on health information systems. In addition to the basic protection of healthcare user information, healthcare users should also be informed how and by whom their personal information may be used. Through the adoption of transparency by the healthcare service provider, healthcare users are placed in a position to control access to their health information and to reduce the risks for reputational and personal harm. This paper presents a conceptual model for consent management in e-healthcare. The application of the model in e-healthcare will ensure that the following four main requirements are satisfied for the healthcare user: informativity, modifiability, controllability and end-to-end security.
Article
In today’s digital environment, the paper-based healthcare system shifts towards the Electronic Healthcare System (EHS). The EHS features will allow its user to access the healthcare data and resources anywhere in the world-wide with the help of the Internet. This will improve the access and sharing, healthcare quality, treatment procedure, efficiency and reduce the care cost and time of the EHS. Regardless of the advantages, the transformation from a paper-based healthcare system to EHS has brought many security and privacy issues such as access control, trust, authentication, transmission of data, sharing, delegation, abuse use of healthcare data, data confidentiality and integrity, and many more. Due to such issues, there is a need to be the focus on the security and privacy issues in the EHS. Thus, in this paper, we focus on many security and privacy issues present in the modern EHS. The paper discussed the architecture of the modern EHS. Additionally, we have discussed the security analysis of the EHS. The given security analysis and solutions of EHS will help the EHS research people to design a more secure and robust healthcare system.
Preprint
Full-text available
We study the fundamental task of estimating the median of an underlying distribution from a finite number of samples, under pure differential privacy constraints. We focus on distributions satisfying the minimal assumption that they have a positive density at a small neighborhood around the median. In particular, the distribution is allowed to output unbounded values and is not required to have finite moments. We compute the exact, up-to-constant terms, statistical rate of estimation for the median by providing nearly-tight upper and lower bounds. Furthermore, we design a polynomial-time differentially private algorithm which provably achieves the optimal performance. At a technical level, our results leverage a Lipschitz Extension Lemma which allows us to design and analyze differentially private algorithms solely on appropriately defined "typical" instances of the samples.
Article
Mobile Health (mHealth) technology facilitates patients’ care and decreases healthcare costs by remotely monitoring healthcare processes and medical data management. Nonetheless, there are many concerns regarding the security, privacy, and anonymity of the mHealth transactions. Conventionally, privacy includes anonymity, untraceability, unlinkability, unforgeability, and confidentiality. Transactions’ confidentiality can be easily protected using confidential transaction techniques. However, anonymity, untraceability, unlinkability, and unforgeability properties are quite challenging issues in healthcare transactions. This paper proposes a UDP-based anonymous protocol for mHealth transactions to protect the security of data and privacy of clients’ identities. In this work, we aim to investigate utilizing one of the best anonymity solutions, onion structure (onion encryption, onion routing, and onion network), with blockchain smart contracts upon the UDP platform to make a protocol for transferring data in IoT-based mHealth applications. In the proposed protocol, every malicious client who sends false data can be easily detected using an identity disclosure process. In this way, mHealth clients, without exchanging sensitive identities, can establish an authorized connection and be protected against different kinds of attacks. According to our experimental results and security/privacy proofs, the proposed protocol has an acceptable computational cost and security protections for IoT-based mHealth transactions.
Chapter
Full-text available
The Internet of Things aggregates devices able to capture information and interfere in the environment, acting in systems of different domains of application, such as health-care. These systems need a layer of security to guarantee, among other characteristics, the irrefutability, anonymity, and integrity of the manipulated data. In this sense, an integration with a blockchain, through smart contracts, would meet this need. This chapter, therefore, presents current research using IoT, blockchain, and smart contracts in health-care. The details for using these technologies in healthcare, the technical challenges and the consensus protocols involved in the main applications will be discussed. This chapter presents a practice that applies knowledge in the health supply chain, building a decentralized application (DApp) that monitors the temperature of vaccines during their storage. In the end, it offers an informative guide that allows participants to design training in this area, including practical exercises. Resumo A Internet das Coisas (Internet of Things (IoT)) agrega dispositivos capazes de capturar informações e interferir no ambiente, atuando em sistemas de domínios de aplicações diferentes, como por exemplo o da saúde. Estes sistemas precisam de uma camada de segurança para garantir, dentre outras características, a irrefutabilidade, o anonimato e a integridade dos dados manipulados. Neste sentido, a integração com a blockchain, através dos contratos inteligentes, atenderia a esta necessidade. Este capítulo apresenta, portanto, pesquisas recentes que utilizam IoT, blockchain e contratos inteligentes na área da saúde. Serão apresentados os detalhes para se empregar estas tecnologias na área da saúde, os desafios técnicos e os protocolos de consenso envolvidos nas principais aplica-ções. Na sequência, apresenta-se uma prática que aplica os conhecimentos abordados na 1
Chapter
In this concluding chapter of the book, we present some issues related to the ethics of eHealth applications as well as privacy, data protection, data anonymization, encryption, etc., in AI medicine at large. Regulatory issues and policies, such as the EU General Data Protection Regulation (GDPR), among others, and healthcare standards are briefly discussed in terms of their impact on research and development of eHealth applications requiring specialized access control and authentication, patient data protection, clinical data, pharmaco-vigilance, etc. Also, emerging research trends and challenges in eHealth applications based on IoT technologies, Cloud digital ecosystem and data streams are discussed, including noninvasive and personalized solutions, detection vs. prediction solutions, Predictive, Personalized, Preventive and Participatory (4P) Medicine.
Article
Full-text available
The healthcare sector is suffering from inefficiencies in handling its data. Many patients and healthcare organisations are frustrated by the numerous hurdles to obtaining current, real-time patient information. Patients are also frustrated at trying to schedule appointments at health organisations that have outdated contact information. The healthcare sector’s attention has been drawn to blockchain technology as a part of the solution, especially since this technology has been successfully applied in the financial sector to improve the security of transactions. The aspect of interoperability is resolved adequately by blockchain technology, because it has the potential to store, manage and share EMRs safely in the healthcare community. Therefore, the technology is having a positive impact on healthcare outcomes for various stakeholders. Interoperability in healthcare eases the exchange of health-related data, such as EMRs, between healthcare entities so that records may be shared and distributed among clinical systems. To handle data in this sector without violating privacy is a challenge, whether in the collection, storage, or analysis. Poor security, which increases data breaches, endangers patients both mentally, socially, and financially. A lack of data-sharing in the healthcare sector is considered a significant issue worldwide. This research focuses on this gap by investigating the benefits of using blockchain at the Ministry of Health in Saudi Arabia, providing a detailed analysis of the healthcare sector, and evaluating how blockchain technology improves data-sharing security. This research proposes a framework that identifies the factors supporting data-sharing using blockchain among healthcare organisations. It has three categories: healthcare systems factors; security factors; and blockchain factors. A triangulation technique achieved reliable results in three steps: a literature review; an expert review; and a questionnaire. This gave a comprehensive picture of the research topic, validating and confirming the results. To construct the framework, factors were comprehensively extracted from the literature then analysed, cleared of duplicates, and categorised. As a result, the final framework is confirmed as being based on the literature and expert review, and it is supported by the practitioners’ survey.
Chapter
Smart City systems capture and exchange information with the aim to improve public services. Particularly, healthcare data could help emergency services to plan resources and make life-saving decisions. However, the delivery of healthcare information to emergency bodies must be balanced against the concerns related to citizens’ privacy. Besides, emergency services face challenges in interpreting this data; the heterogeneity of sources and a large amount of information available represent a significant barrier. In this paper, we focus on a case study involving the use of personal health records to support emergency services in the context of a fire building evacuation. We propose a methodology involving a knowledge engineering approach and a common-sense knowledge base to address the problem of deriving useful information from health records and, at the same time, preserve citizens’ privacy. We perform extensive experiments involving a synthetic dataset of health records and a curated gold standard to demonstrate how our approach allows us to identify vulnerable people and interpret their particular needs while avoiding the disclosure of personal information.
Article
Full-text available
Differential privacy has gained a lot of attention in recent years as a general model for the protection of personal information when used and disclosed for secondary purposes. It has also been proposed as an appropriate model for protecting health data. In this paper we review the current literature on differential privacy and highlight important general limitations to the model and the proposed mechanisms. We then examine some practical challenges to the application of differential privacy to health data. The most severe limitation is the theoretical nature of the privacy parameter ε. It has implications on our ability to quantify the level of anonymization that would be guaranteed to patients, as well as assessing responsibilities when a privacy breach occurs. The review concludes by identifying the areas that researchers and practitioners need to address to increase the adoption of differential privacy for health data.
Article
Full-text available
With the development of cloud computing, electronic health record (EHR) system has appeared in the form of patient-centric, in which patients store their personal health records (PHRs) at a remote cloud server and selectively share them with physicians for convenient medical care. Although the newly emerged form has many advantages over traditional client-server model, it inevitably introduces patients’ concerns on the privacy of their PHRs due to the fact that cloud servers are very likely to be in a different trusted domain from that of the patients. In this paper, aiming at allowing for efficient storing and sharing PHRs and also eliminating patients’ worries about PHR privacy, we design a secure cloud-based EHR system, which guarantees security and privacy of medical data stored in the cloud, relying on cryptographic primitive but not the full trust over cloud servers. Based on our proposed basic EHR system, we provide several extensions including adding searchability, supporting revocation functionality and enabling efficient local decryption, which fills the gap between theoretical proposal and practical application.
Article
Full-text available
Existing approaches to protect the privacy of Electronic Health Records are either insufficient for existing medical laws or they are too restrictive in their usage. For example, smart card-based encryption systems require the patient to be always present to authorize access to medical records. Questionnaires were administered by 50 medical practitioners to identify and categorize different Electronic Health Records attributes. The system was implemented using multi biometrics of patients to access patient record in pre-hospital care.The software development tools employed were JAVA and MySQL database. The system provides applicable security when patients records are shared either with other practitioners, employers, organizations or research institutes. The result of the system evaluation shows that the average response time of 6 seconds and 11.1 seconds for fingerprint and iris respectively after ten different simulations. The system protects privacy and confidentiality by limiting the amount of data exposed to users.The system also enables emergency medical technicians to gain easy and reliable access to necessary attributes of patients Electronic Health Records while still maintaining the privacy and confidentiality of the data using the patients fingerprint and iris.
Article
Full-text available
IntroductionThe past decade has seen a rapid development of probabilistic topic models notably probabilistic latent semantic index (PLSI) and latent Dirichlet allocation (LDA). Originally, topic modeling methods have been used to find thematic word clusters called topics from a collection of documents. Since the bag-of-word (BOW) representations have been widely extended to represent both images and videos, topic modeling techniques have found many important applications in the multimedia area. Typical examples include natural scene categorization, human action recognition, multi-label image annotation, part of speech annotation, topic identification and spoken document segmentation. The advantage of topic models lies in their elegant graphical representations and efficient approximate inference algorithms. In the meanwhile, many real-world systems use topic modeling methods to automatically do the feature engineering job. However, different applications require investigating different ...
Article
Full-text available
Analysts, researchers and organizations alike seem to agree that cloud computing will be a defining trend in the coming decade impacting wide range of businesses and how those businesses are practiced. Large technology companies are already investing millions of dollars in building infrastructure, services, tools and applications to facilitate cloud computing for consumers, organizations and businesses to use and take advantage. It remains to be seen how cloud computing will impact the healthcare business since it is very diverse, complex and unique and presents several challenges such as protecting members health records in addition to following HIPAA guidelines set by federal compliance regulations. In addition to these the rising cost of healthcare solutions is another major concern. Efforts are being made to reduce these costs for consumers and IT will play a big role in achieving it and also improving clinical and quality outcomes for patients. It will be very interesting to see how cloud computing will address and contribute towards these issues in the healthcare industry. The purpose of this paper is to explore the current state and trends of cloud computing in healthcare.
Article
Full-text available
Background Thymosin beta 10 (Tbeta10) overexpression has been reported in a variety of human cancers. However, the role of Tbeta10 in hepatocellular carcinoma (HCC) remains unclear. The aim of the present study was to analyze Tbeta10 expression in tumor and matched non-tumorous tissues, and to assess its prognostic significance for HCC after hepatectomy. Methods The level of Tbeta10 mRNA and protein in tumor and matched non-tumorous tissues was evaluated in 26 fresh HCC cases by reverse transcription-polymerase chain reaction (RT-PCR) and western blot. Additionally, Tbeta10 protein expression in 196 HCC was analyzed by immunohistochemistry (IHC) and correlated with clinicopathological characteristics and survival. Results Results from RT-PCR and western blot analysis show that the levels of Tbeta10 mRNA and protein were significantly higher in tumor tissues of HCC, compared to that in matched non-tumorous tissues (P = 0.01 and P <0.001, respectively). IHC staining showed that high expression of Tbeta10 was detected in 58.2% (114/196) of HCC cases. High expression of Tbeta10 was significantly associated with advanced TNM stage (P <0.001). Survival analysis demonstrated that high Tbeta10 was related to shorter overall survival (OS) (P = 0.000) and disease-free survival (DFS) (P = 0.000). Multivariate analysis showed that high expression of Tbeta10 was an independent prognostic factor for both OS (P = 0.001, HR = 4.135, 95% CI: 2.603 to 6.569) and DFS (P = 0.001, HR = 2.021, 95% CI: 1.442 to 2.832). Subgroup analysis revealed that high expression of Tbeta10 predicts poorer survival for early and advanced stage. Conclusions Tbeta10 protein abnormal expression might contribute to the malignant progression of HCC. High expression of Tbeta10 predicts poor prognosis in patients with HCC after hepatectomy.
Conference Paper
Full-text available
As more and more healthcare organizations adopt electronic health records (EHRs), the case for cloud data storage becomes compelling for deploying EHR systems: not only is it inexpensive but it also provides the flexible, wide-area mobile access increasingly needed in the modern world. However, before cloud-based EHR systems can become a reality, issues of data security, patient privacy, and overall performance must be addressed. As standard encryption (including symmetric key and public key) techniques for EHR encryption/decryption cause increased access control and performance overhead, this paper proposes the use of Ciphertext-Policy Attribute-Based Encryption (CPABE) to encrypt EHRs based on healthcare providers' attributes or credentials, to decrypt EHRs, they must possess the set of attributes needed for proper access. The design and usage of a cloud-based EHR system based on CP-ABE is motivated and presented, along with preliminary experiments to analyze the flexibility and scalability of the proposed approach.
Conference Paper
Full-text available
The accelerated adoption of cloud computing among enterprises is due to the multiple benefits the technology provides, one of them the simplification of inter-organizational information sharing, which is of utmost importance in healthcare. Nevertheless, moving sensitive health records to the cloud still implies severe security and privacy risks. With this background, we present a novel secure architecture for sharing electronic health records in a cloud environment. We first conducted a systematic literature review and interviews with different experts from the German healthcare industry that allowed us to derive real-world processes and corresponding security and privacy requirements. Based on these results, we designed our multi-provider cloud architecture that satisfies many of the requirements by providing increased availability, confidentiality and integrity of the medical records stored in the cloud. This architecture features secret sharing as an important measure to distribute health records as fragments to different cloud services, which can provide higher redundancy and additional security and privacy protection in the case of key compromise, broken encryption algorithms or their insecure implementation. Finally, we evaluate and select a secret-sharing algorithm for our multi-cloud architecture. We implemented both Shamir's secret-sharing scheme and Rabin's information dispersal algorithm and performed several experiments measuring the execution time. Our results indicate that an adoption of Rabin's algorithm would create a low overhead, giving strong indicators to the feasibility of our approach.
Article
Full-text available
Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients' control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access, and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute-based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability, and efficiency of our proposed scheme.
Article
Full-text available
Differential privacy has gained a lot of attention in recent years as a general model for the protection of personal information when used and disclosed for secondary purposes. It has also been proposed as an appropriate model for health data. In this paper we review the current literature on differential privacy and highlight important general limitations to the model and the proposed mechanisms. We then examine some practical challenges to the application of differential privacy to health data. The review concludes by identifying areas that researchers and practitioners in this area need to address to increase the adoption of differential privacy for health data.
Article
Full-text available
OBJECTIVE: To report the results of a systematic literature review concerning the security and privacy of electronic health record (EHR) systems. DATA SOURCES: Original articles written in English found in MEDLINE, ACM Digital Library, Wiley InterScience, IEEE Digital Library, Science@Direct, MetaPress, ERIC, CINAHL and Trip Database. STUDY SELECTION: Only those articles dealing with the security and privacy of EHR systems. DATA EXTRACTION: The extraction of 775 articles using a predefined search string, the outcome of which was reviewed by three authors and checked by a fourth. RESULTS: A total of 49 articles were selected, of which 26 used standards or regulations related to the privacy and security of EHR data. The most widely used regulations are the Health Insurance Portability and Accountability Act (HIPAA) and the European Data Protection Directive 95/46/EC. We found 23 articles that used symmetric key and/or asymmetric key schemes and 13 articles that employed the pseudo anonymity technique in EHR systems. A total of 11 articles propose the use of a digital signature scheme based on PKI (Public Key Infrastructure) and 13 articles propose a login/password (seven of them combined with a digital certificate or PIN) for authentication. The preferred access control model appears to be Role-Based Access Control (RBAC), since it is used in 27 studies. Ten of these studies discuss who should define the EHR systems' roles. Eleven studies discuss who should provide access to EHR data: patients or health entities. Sixteen of the articles reviewed indicate that it is necessary to override defined access policies in the case of an emergency. In 25 articles an audit-log of the system is produced. Only four studies mention that system users and/or health staff should be trained in security and privacy. CONCLUSIONS: Recent years have witnessed the design of standards and the promulgation of directives concerning security and privacy in EHR systems. However, more work should be done to adopt these regulations and to deploy secure EHR systems.
Article
Full-text available
We provide a design and implementation of self-protecting electronic medical records (EMRs) using attribute-based en-cryption on mobile devices. Our system allows healthcare organizations to export EMRs to locations outside of their trust boundary. In contrast to previous approaches, our so-lution is designed to maintain EMR availability even when providers are offline, i.e., where network connectivity is not available. To balance the needs of emergency care and pa-tient privacy, our system is designed to provide fine-grained encryption and is able to protect individual items within an EMR, where each encrypted item may have its own access control policy. We implemented a prototype system using a new key-and ciphertext-policy attribute-based encryption library that we developed. Our implementation, which in-cludes an iPhone app for storing and managing EMRs of-fline, allows for flexible and automated policy generation. An evaluation of our design shows that our ABE library performs well, has acceptable storage requirements, and is practical and usable on modern smartphones.
Article
Full-text available
Based on the nomenclature of the early papers in the field, we propose a terminology which is both expressive and precise. More particularly, we define anonymity, unlinkability, undetectability, unobservability, pseudonymity (pseudonyms and digital pseudonyms, and their attributes), and identity management. In addition, we describe the relationships between these terms, give a rationale why we define them as we do, and sketch the main mechanisms to provide for the properties defined.
Conference Paper
Full-text available
We study the problem of searching on data that is encrypted using a public key system. Consider user Bob who sends email to user Alice encrypted under Alice’s public key. An email gateway wants to test whether the email contains the keyword “urgent” so that it could route the email accordingly. Alice, on the other hand does not wish to give the gateway the ability to decrypt all her messages. We define and construct a mechanism that enables Alice to provide a key to the gateway that enables the gateway to test whether the word “urgent” is a keyword in the email without learning anything else about the email. We refer to this mechanism as Public Key Encryption with keyword Search. As another example, consider a mail server that stores various messages publicly encrypted for Alice by others. Using our mechanism Alice can send the mail server a key that will enable the server to identify all messages containing some specific keyword, but learn nothing else. We define the concept of public key encryption with keyword search and give several constructions.
Article
OASIS is a role-based access control architecture for achieving secure interoperation of services in an open, distributed environment. The aim of OASIS is to allow autonomous management domains to specify their own access control policies and to interoperate subject to service level agreements (SLAs). Services define roles and implement formally specified policy to control role activation and service use; users must present the required credentials, in an appropriate context, in order to activate a role or invoke a service. All privileges are derived from roles, which are activated for the duration of a session only. In addition, a role is deactivated immediately if any of the conditions of the membership rule associated with its activation becomes false. These conditions can test the context, thus ensuring active monitoring of security. To support the management of privileges, OASIS introduces appointment. Users in certain roles are authorized to issue other users with appointment certificates, whichmay be a prerequisite for activating one or more roles. The conditions for activating a role at a service may include appointment certificates as well as prerequisite roles and constraints on the context. An appointment certificate does not therefore convey privileges directly but can be used as a credential for role activation. The lifetime of appointment certificates is not restricted to the issuing session, so they can be used as long-lived credentials to represent academic and professional qualification, or membership of an organization. Role-based access control (RBAC), in associating privileges with roles, provides a means of expressing access control that is scalable to large numbers of principals. However, pure RBAC associates privileges only with roles, whereas applications often require more fine-grained access control. Parametrized roles extend the functionality to meet this need. We motivate our approach and formalise OASIS. We first present the overall architecture through a basic model, followed by an extended model that includes parametrization.
Conference Paper
The modern society is evolving to IoT based hyper-connected society which is possible to control and manage to diverse resources in real time. In this environment, the luggage is effectively controlled using a system approving RFID tag at domestic and foreign airports. However air-baggage tracking service for passengers is still not being provided, and also passengers will wait a long time to find for their baggage. In this paper suggest an IoT based system which is possible to trace passenger's baggage in real time for greater efficiency.
Book
Progress in ubiquitous computing, social networking, medical informatics and IT technologies has resulted in a new generation of healthcare systems. Ubiquitous Health and Medical Informatics: The Ubiquity 2.0 Trend and Beyond provides insight into the various trends, innovations, and organizational challenges of contemporary ubiquitous health and medical informatics. Contributions highlight changes to healthcare distribution that will significantly revolutionize the exchange between healthcare providers and consumers.
Article
Cloud computing turns up as an advanced computing model in all business domains. It is a novel interactive data model to realize industries and users who store data in cloud servers. The healthcare sector is one of the major industries for working with the enormous amount of data. With the advent of cloud computing, many healthcare organizations are motivated towards outsourcing their medical records, which are called Electronic Health Records (EHR’s) from local sites to the cloud environment. Outsourcing this sensitive data (i.e. EHR’s) helps organizations to provide cost-effective personalized services to patients. However, securing outsourcing data is a problematic issue. This paper proposes a Searchable Symmetric Encryption (SSE) and Attribute-Based Encryption (ABE) secure architecture to build privacy in the health care systems using the private cloud. Our system provides efficient key management using a pseudorandom number generator to avoid unauthorized access and preserving privacy in EHR’s storage. With the help of modified SSE, we can hide both keyword and access pattern, and improve search efficiency. The system provides EHR’s access in the emergency (when data owner does not meet the requirements) with the help of the ABE. Role-based login is another technique that is provided to monitor EHR’s activities to prevent misbehavior. Through the analysis of the proposed architecture, the privacy and efficiency in the cloud data is guaranteed.
Article
As cloud computing becomes prevalent, electronic health record (EHR) system has appeared in the form of patient centric, in which more and more sensitive information from patients is being uploaded into the cloud. To protect patients’ privacy, sensitive EHR information has to be encrypted before outsourcing. However, this makes effective data utilization, such as fuzzy keyword search and data sharing, a very challenging problem. In this paper, aiming at allowing for securely storing, sharing and effectively utilizing the EHR, a new cloud-based EHR system is proposed. A binary tree is utilized to store the encrypted records in the proposed scheme, and an attribute-based encryption scheme is applied to encrypt the secret keys. The proposed system is very efficient because only symmetric encryption is introduced to encrypt the records. To support effectively retrieve patients’ records, an efficient fuzzy keyword search over encrypted data is proposed without reliance on heavy cryptographic operations, which greatly enhances system usability by returning the matching files. With rigorous security analysis, we show that the proposed scheme is secure, while it realized privacy-preserving data sharing and fuzzy keyword search. Extensive experimental results illustrate the efficiency of the proposed solution.
Article
In this paper, we study the existence of positive ground state solutions for the nonlinear Kirchhoff type problem View the MathML source{−(a+b∫R3|∇u|2)△u+V(x)u=f(u)in R3,u∈H1(R3),u>0in R3, where a,b>0a,b>0 are constants, f∈C(R,R)f∈C(R,R) is subcritical near infinity and superlinear near zero and satisfies the Berestycki–Lions condition. By using an abstract critical point theorem established by Jeanjean and a new global compactness lemma, we show that the above problem has at least a positive ground state solution. Our result generalizes the results of Li and Ye (2014) concerning the nonlinearity f(u)=|u|p−1uf(u)=|u|p−1u with p∈(2,5)p∈(2,5).
Article
Privacy is one of the fundamental issues in health care today and a fundamental right of every individual. Several laws were enacted that demand the protection of patients' privacy. However, approaches for protecting privacy often do not comply with legal requirements or basic secu-rity requirements. This paper highlights research directions currently pursued for privacy protection in e-health and evaluates common pseudonymization approaches against legal criteria taken from Directive 95/46/EC and HIPAA. Thereby, it supports decision makers in deciding on privacy systems and researchers in identifying the gaps of current approaches for privacy protection as a basis for further research.
Chapter
The cloud computing is the emerging paradigm that allows the user to access the data using internet. Growing medical records and difficult data management intends to health department to move towards cloud. The security and privacy are major issues in cloud. The mission critical applications are limited in cloud though it has numerous small and medium sized business applications. We proposed hybrid cloud based framework for overall health care system with Attribute Based encryption with verifiable outsourced decryption for efficient data access and integration of hospital’s using community cloud. Secure data transfer and integration of hospital is made possible using hybrid cloud. Our framework overcomes security flaws by achieving data integrity, data confidentiality with secure authentication and authentication. Thus cloud provides scalable, efficient data access with cost effective approach.
Article
eHealth is being rapidly deployed. Lower cost and greater productivity attract government and healthcare enterprise to transit from traditional healthcare service to eHealth service. Security and privacy are growing concerns with the widespread deployment of eHealth and the development of next generation of eHealth services. In this paper, we discuss these security problems and propose a high-level security framework that captures required features in the next-generation eHealth infrastructure. Our framework consists of the following: (i) an adaptive trust-aware tag-based privacy control to specify which data to share and whom to share with. The fine-grained control of data access is guaranteed; (ii) a decentralized authorization that relies on trust propagation protocol to provide robust and resilient access control enforcement; and (iii) a hybrid trust management mechanism that addresses access control information depository on a cloud server. It enforces user-defined access control not only in a distributed environment but also in a privacy-preserving manner so as to minimize the disclosure of privileges and of access policies. Copyright © 2013 John Wiley & Sons, Ltd.
Article
In healthcare, inter-organizational sharing and collaborative use of big data become increasingly important. The cloud computing paradigm is expected to provide an environment perfectly matching the needs of collaborating healthcare workers. However, there are still many security and privacy challenges impeding the wide adoption of cloud computing in this domain. In this paper, we present a novel architecture and its implementation for inter-organizational data sharing, which provides a high level of security and privacy for patient data in semi-trusted cloud computing environments. This architecture features attribute-based encryption for selective access authorization and cryptographic secret sharing in order to disperse data across multiple clouds, reducing the adversarial capabilities of curious cloud providers. An implementation and evaluation by several experiments demonstrate the practical feasibility and good performance of our approach.
Article
A fundamental approach for secure data sharing in a cloud environment is to let the data owner encrypt data before outsouring. To simultaneously achieve fine-grained access control on encrypted data and scalable user revocation, existing work combines attribute-based encryption (ABE) and proxy re-encryption (PRE) to delegate the cloud service provider (CSP) to execute re-encryption. However, the data owner should be online in order to send the PRE keys to the CSP in a timely fashion, to prevent the revoked user from accessing the future data. The delay of issuing the PRE keys may cause potential security risks. In this paper, we propose a time-based proxy re-encryption (TimePRE) scheme to allow a user's access right to expire automatically after a predetermined period of time. In this case, the data owner can be offline in the process of user revocations. The basic idea is to incorporate the concept of time into the combination of ABE and PRE. Specifically, each data is associated with an attribute-based access structure and an access time, and each user is identified by a set of attributes and a set of eligible time periods which denote the period of validity of the user's access right. Then, the data owner and the CSP are required to share a root secret key in advance, with which CSP can automatically update the access time of the data with the time that it receives a data access request. Therefore, given the re-encrypted ciphertext, only the users whose attributes satisfy the access structure and whose access rights are effective in the access time can recover corresponding data.
Conference Paper
Attribute-based encryption (ABE) is a new vision for public key encryption that allows users to encrypt and decrypt messages based on user attributes. For example, a user can create a ciphertext that can be decrypted only by other users with attributes satisfying ("Faculty" OR ("PhD Student" AND "Quals Completed")). Given its expressiveness, ABE is currently being considered for many cloud storage and computing applications. However, one of the main efficiency drawbacks of ABE is that the size of the ciphertext and the time required to decrypt it grows with the complexity of the access formula. In this work, we propose a new paradigm for ABE that largely eliminates this overhead for users. Suppose that ABE ciphertexts are stored in the cloud. We show how a user can provide the cloud with a single transformation key that allows the cloud to translate any ABE ciphertext satisfied by that user's attributes into a (constant-size) El Gamal-style ciphertext, without the cloud being able to read any part of the user's messages. To precisely define and demonstrate the advantages of this approach, we provide new security definitions for both CPA and replayable CCA security with outsourcing, several new constructions, an implementation of our algorithms and detailed performance measurements. In a typical configuration, the user saves significantly on both bandwidth and decryption time, without increasing the number of transmissions.
Conference Paper
A number of recent studies have adopted risk assessment in access control for healthcare applications, but few of the work is specifically concerned with the risk assessment in the presence of uncertainties, such as uncertain values of risk factors, and consequences of imprecision. This paper presents a fuzzy modeling-based approach that accounts for uncertainty analysis when evaluating the risk. Three inputs -- data sensitivity, action severity, and risk history -- are modeled with fuzzy set and used to calculate the level of risk associated with healthcare information access in a cloud environment. Experiments were conducted and demonstrated that the approach can generate accurate and realistic outcomes in assessing current security risk and predicting the scope and impact of different risk factors. This would lead to a great change of access control from being active to being proactive to security breach, and enhance the security level of eHealth cloud applications.
Conference Paper
Recently, eHealth systems have replaced paper based medical system due to its prominent features of convenience and accuracy. Also, since the medical data can be stored on any kind of digital devices, people can easily obtain medical services at any time and any place. However, privacy concern over patient medical data draws an increasing attention. In the current eHealth networks, patients are assigned multiple attributes which directly reflect their symptoms, undergoing treatments, etc. Those life-threatened attributes need to be verified by an authorized medical facilities, such as hospitals and clinics. When there is a need for medical services, patients have to be authenticated by showing their identities and the corresponding attributes in order to take appropriate healthcare actions. However, directly disclosing those attributes for verification may expose real identities. Therefore, existing eHealth systems fail to preserve patients' private attribute information while maintaining original functionalities of medical services. To solve this dilemma, we propose a framework called PAAS which leverages users' verifiable attributes to authenticate users in eHealth systems while preserving their privacy issues. In our system, instead of letting centralized infrastructures take care of authentication, our scheme only involves two end users. We also offer authentication strategies with progressive privacy requirements among patients or between patients and physicians. Based on the security and efficiency analysis, we show our framework is better than existing eHealth systems in terms of privacy preservation and practicality.
Conference Paper
Motivated by the privacy issues curbing the adoption of electronic healthcare systems and the wild success of cloud service models, we propose to build privacy into electronic healthcare systems with the help of private cloud. Our system offers salient features including privacy-preserving data access, especially during emergencies, and auditability for misusing health data. Specifically, we propose to integrate the concept of attribute-based encryption with threshold signing for providing role-based access control with auditability to prevent potential misbehavior, in both normal and emergency cases.
Conference Paper
In modern healthcare environments, healthcare providers are more willing to shift their electronic medical record systems to clouds. Instead of building and maintaining dedicated data centers, this paradigm enables to achieve lower operational cost and better interoperability with other healthcare providers. However, the adoption of cloud computing in healthcare systems may also raise many security challenges associated with authentication, identity management, access control, trust management, and so on. In this paper, we focus on access control issues in electronic medical record systems in clouds. We propose a systematic access control mechanism to support selective sharing of composite electronic health records (EHRs) aggregated from various healthcare providers in clouds. Our approach ensures that privacy concerns are accommodated for processing access requests to patients' healthcare information.We also demonstrate the feasibility and efficiency of our approach by implementing a proof-of-concept prototype along with evaluation results.