KALwEN: a new practical and interoperable key management scheme for body sensor networks

Key management is the pillar of a security architecture. Body sensor networks (BSNs) pose several challenges–some inherited from wireless sensor networks (WSNs), some unique to themselves–that require a new key management scheme to be tailor-made. The challenge is taken on, and the result is KALwEN, a new parameterized key management scheme that combines the best-suited cryptographic techniques in a seamless framework. KALwEN is user-friendly in the sense that it requires no expert knowledge of a user, and instead only requires a user to follow a simple set of instructions when bootstrapping or extending a network. One of KALwEN's key features is that it allows sensor devices from different manufacturers, which expectedly do not have any pre-shared secret, to establish secure communications with each other. KALwEN is decentralized, such that it does not rely on the availability of a local processing unit (LPU). KALwEN supports secure global broadcast, local broadcast, and local (neighbor-to-neighbor) unicast, while preserving past key secrecy and future key secrecy (FKS). The fact that the cryptographic protocols of KALwEN have been formally verified also makes a convincing case. With both formal verification and experimental evaluation, our results should appeal to theorists and practitioners alike

Towards an interoperable healthcare information infrastructure - working from the bottom up

Historically, the healthcare system has not made effective use of information technology. On the face of things, it would seem to provide a natural and richly varied domain in which to target benefit from IT solutions. But history shows that it is one of the most difficult domains in which to bring them to fruition. This paper provides an overview of the changing context and information requirements of healthcare that help to explain these characteristics.First and foremost, the disciplines and professions that healthcare encompasses have immense complexity and diversity to deal with, in structuring knowledge about what medicine and healthcare are, how they function, and what differentiates good practice and good performance. The need to maintain macro-economic stability of the health service, faced with this and many other uncertainties, means that management bottom lines predominate over choices and decisions that have to be made within everyday individual patient services. Individual practice and care, the bedrock of healthcare, is, for this and other reasons, more and more subject to professional and managerial control and regulation.One characteristic of organisations shown to be good at making effective use of IT is their capacity to devolve decisions within the organisation to where they can be best made, for the purpose of meeting their customers' needs. IT should, in this context, contribute as an enabler and not as an enforcer of good information services. The information infrastructure must work effectively, both top down and bottom up, to accommodate these countervailing pressures. This issue is explored in the context of infrastructure to support electronic health records.Because of the diverse and changing requirements of the huge healthcare sector, and the need to sustain health records over many decades, standardised systems must concentrate on doing the easier things well and as simply as possible, while accommodating immense diversity of requirements and practice. The manner in which the healthcare information infrastructure can be formulated and implemented to meet useful practical goals is explored, in the context of two case studies of research in CHIME at UCL and their user communities.Healthcare has severe problems both as a provider of information and as a purchaser of information systems. This has an impact on both its customer and its supplier relationships. Healthcare needs to become a better purchaser, more aware and realistic about what technology can and cannot do and where research is needed. Industry needs a greater awareness of the complexity of the healthcare domain, and the subtle ways in which information is part of the basic contract between healthcare professionals and patients, and the trust and understanding that must exist between them. It is an ideal domain for deeper collaboration between academic institutions and industry

Alcuni abstract di articoli che trattano argomenti relativi all'eHealth

Non utile per esam

Service-Oriented Framework for Developing Interoperable e-Health Systems in a Low-Income Country

e-Health solutions in low-income countries are fragmented, address institution-specific needs, and do little to address the strategic need for inter-institutional exchange of health data. Although various e-health interoperability frameworks exist, contextual factors often hinder their effective adoption in low-income countries. This underlines the need to investigate such factors and to use findings to adapt existing e-health interoperability models. Following a design science approach, this research involved conducting an exploratory survey among 90 medical and Information Technology personnel from 67 health facilities in Uganda. Findings were used to derive requirements for e-health interoperability, and to orchestrate elements of a service oriented framework for developing interoperable e-health systems in a low-income country (SOFIEH). A service-oriented approach yields reusable, flexible, robust, and interoperable services that support communication through well-defined interfaces. SOFIEH was evaluated using structured walkthroughs, and findings indicate that it scored well regarding applicability, usability, and understandability

Secure data sharing and processing in heterogeneous clouds

The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors