35,304 research outputs found
A systematic literature review of cloud computing in eHealth
Cloud computing in eHealth is an emerging area for only few years. There
needs to identify the state of the art and pinpoint challenges and possible
directions for researchers and applications developers. Based on this need, we
have conducted a systematic review of cloud computing in eHealth. We searched
ACM Digital Library, IEEE Xplore, Inspec, ISI Web of Science and Springer as
well as relevant open-access journals for relevant articles. A total of 237
studies were first searched, of which 44 papers met the Include Criteria. The
studies identified three types of studied areas about cloud computing in
eHealth, namely (1) cloud-based eHealth framework design (n=13); (2)
applications of cloud computing (n=17); and (3) security or privacy control
mechanisms of healthcare data in the cloud (n=14). Most of the studies in the
review were about designs and concept-proof. Only very few studies have
evaluated their research in the real world, which may indicate that the
application of cloud computing in eHealth is still very immature. However, our
presented review could pinpoint that a hybrid cloud platform with mixed access
control and security protection mechanisms will be a main research area for
developing citizen centred home-based healthcare applications
Secure Management of Personal Health Records by Applying Attribute-Based Encryption
The confidentiality of personal health records is a major problem when patients use commercial Web-based systems to store their health data. Traditional access control mechanisms, such as Role-Based Access Control, have several limitations with respect to enforcing access control policies and ensuring data confidentiality. In particular, the data has to be stored on a central server locked by the access control mechanism, and the data owner loses control on the data from the moment when the data is sent to the requester. Therefore, these mechanisms do not fulfil the requirements of data outsourcing scenarios where the third party storing the data should not have access to the plain data, and it is not trusted to enforce access control policies. In this paper, we describe a new approach which enables secure storage and controlled sharing of patient’s health records in the aforementioned scenarios. A new variant of a ciphertext-policy attribute-based encryption scheme is proposed to enforce patient/organizational access control policies such that everyone can download the encrypted data but only authorized users from the social domain (e.g. family, friends, or fellow patients) or authorized users from the professional\ud
domain (e.g. doctors or nurses) are allowed to decrypt it
Ensuring patients privacy in a cryptographic-based-electronic health records using bio-cryptography
Several recent works have proposed and implemented cryptography as a means to
preserve privacy and security of patients health data. Nevertheless, the
weakest point of electronic health record (EHR) systems that relied on these
cryptographic schemes is key management. Thus, this paper presents the
development of privacy and security system for cryptography-based-EHR by taking
advantage of the uniqueness of fingerprint and iris characteristic features to
secure cryptographic keys in a bio-cryptography framework. The results of the
system evaluation showed significant improvements in terms of time efficiency
of this approach to cryptographic-based-EHR. Both the fuzzy vault and fuzzy
commitment demonstrated false acceptance rate (FAR) of 0%, which reduces the
likelihood of imposters gaining successful access to the keys protecting
patients protected health information. This result also justifies the
feasibility of implementing fuzzy key binding scheme in real applications,
especially fuzzy vault which demonstrated a better performance during key
reconstruction
Routes for breaching and protecting genetic privacy
We are entering the era of ubiquitous genetic information for research,
clinical care, and personal curiosity. Sharing these datasets is vital for
rapid progress in understanding the genetic basis of human diseases. However,
one growing concern is the ability to protect the genetic privacy of the data
originators. Here, we technically map threats to genetic privacy and discuss
potential mitigation strategies for privacy-preserving dissemination of genetic
data.Comment: Draft for comment
- …