Temporary Access to Medical Records in Emergency Situations

Access to patients Electronic Health Records (EHR) is a daily operation in mainstream healthcare. However, having access to EHR in emergencies while is vitally important to save patients’ life, it could potentially lead to security breaches and violating patients’ privacy. In this regards, getting access to patients’ medical records in emergency situations is one of the issues that emergency responder teams are facing. This access can be temporary until patients reach hospitals or healthcare centers. In this paper, we aim to explore different technology-based solutions to give responders temporary access to patients\u27 medical records in emergency situations. The core of this study is patients and responders authentication methods that can save precious emergency time and protect the privacy and confidentiality of patients data to the utmost. We also have explored control access mechanism and security audits to increase the security of the procedure and patient privacy

Digital object rights management: Interoperable client-side DRM middleware

In a more and more interconnected world where the available bandwidths are increasing at a pace hard to imagine some time ago, multimedia e-content distribution over digital networks has become one of the biggest available services online. Powered not only by the network high availability but also by the emergence of new compression techniques and digital content consumer device, digital content is gaining momentum. However the same factors that power this emergence are also causing some problems, specially related with the digital content IPR management and protection. These problems are being handled employing DRM - Digital Rights Management technology which lack interoperability. This paper presents and discusses a solution that provides interoperability to DRM-protected content through the employment of a client-side DRM middleware layer. This middleware layer sits at the client-side of a broader DRM system (called DoRM) providing the necessary mechanisms to achieve interoperability between the different digital content rendering applications that the users possesses.info:eu-repo/semantics/acceptedVersio

A reference architecture for software protection

This paper describes the ASPIRE reference architecture designed to tackle one major problem in this domain: the lack of a clear process and an open software architecture for the composition and deployment of multiple software protections on software application

A Reference Architecture for Software Protection

This paper describes the ASPIRE reference architecture designed to tackle one major problem in this domain: the lack of a clear process and an open software architecture for the composition and deployment of multiple software protections on software applications

Privacy-preserving digital rights management

Digital Rights Management (DRM) is a technology that provides content protection by enforcing the use of digital content according to granted rights. DRM can be privacy-invasive due to many reasons. The solution is not easy: there are econòmic and legitimate reasons for distributors and network operators to collect data about users and their activities, such as traffic modelling for infrastructure planning or statistical sampling. Furthermore, traditional PET -such as encryption, anonymity and pseudonymity- cannot solve all the privacy problems raised by DRM, even if they can help. Privacy and security considerations should be included in th e design of DRM from the beginning, and they should not be considered as a property that can be added on. PET is considered as technology for privacy protection, in different fields. However, PET solutions are not the only ones to be considered useful to complement DRM systems. The contrary is also true: DRM systems are adapted as technical platforms for privacy. In short, there is a deep change in PET related to the web 2.0, and it is also true for P2DRM: transparency and other new techniques are preferred, or at least added, to anonymity, authentication and other traditional protection

Specifications for a Componetised Digital Rights Management (DRM) Framework

This document lays out the specifications for a componentised DRM system. Requirements for a general DRM system are discussed, and we detail a set of components that address these requirements. This document also details the specific services that should be offered by each component and specifies the communication protocols and contents of these messages. Each of the components of the DRM system are fully fledged web services, and thus some of these components can be used in areas other than DRM. Furthermore, we envisage existing services, such as Certificate Authorities, easily fitting into our proposed framework

A framework for cascading payment and content exchange within P2P systems

Advances in computing technology and the proliferation of broadband in the home have opened up the Internet to wider use. People like the idea of easy access to information at their fingertips, via their personal networked devices. This has been established by the increased popularity of Peer-to-Peer (P2P) file-sharing networks. P2P is a viable and cost effective model for content distribution. Content producers require modest resources by today's standards to act as distributors of their content and P2P technology can assist in further reducing this cost, thus enabling the development of new business models for content distribution to realise market and user needs. However, many other consequences and challenges are introduced; more notably, the issues of copyright violation, free-riding, the lack of participation incentives and the difficulties associated with the provision of payment services within a decentralised heterogeneous and ad hoc environment. Further issues directly relevant to content exchange also arise such as transaction atomicity, non-repudiation and data persistence. We have developed a framework to address these challenges. The novel Cascading Payment Content Exchange (CasPaCE) framework was designed and developed to incorporate the use of cascading payments to overcome the problem of copyright violation and prevent free-riding in P2P file-sharing networks. By incorporating the use of unique identification, copyright mobility and fair compensation for both producers and distributors in the content distribution value chain, the cascading payments model empowers content producers and enables the creation of new business models. The system allows users to manage their content distribution as well as purchasing activities by mobilising payments and automatically gathering royalties on behalf of the producer. The methodology used to conduct this research involved the use of advances in service-oriented architecture development as well as the use of object-oriented analysis and design techniques. These assisted in the development of an open and flexible framework which facilitates equitable digital content exchange without detracting from the advantages of the P2P domain. A prototype of the CasPaCE framework (developed in Java) demonstrates how peer devices can be connected to form a content exchange environment where both producers and distributors benefit from participating in the system. This prototype was successfully evaluated within the bounds of an E-learning Content Exchange (EIConE) case study, which allows students within a large UK university to exchange digital content for compensation enabling the better use of redundant resources in the university