Evaluation of Attribute-Based Access Control (ABAC) for EHR in Fog Computing Environment

Fog computing - a connection of billions of devices nearest to the network edge- was recently proposed to support latency-sensitive and real time applications. Electronic Medical Record (EMR) systems are latency-sensitive in nature therefore fog computing considered as appropriate choice for it. This paper proposes a fog environment for E-health system that contains highly confidential information of patients Electronic Health Records (EHR). The proposed E-health system has two main goals: (1) Manage and share EHRs between multiple fog nodes and the cloud,(2) Secure access into EHR on Fog computing without effecting the performance of fog nodes. This system will serve different users based on their attributes and thus providing Attribute Based Access Control ABAC into the EHR in fog to prevent unauthorized access. We focus on reducing the storing and processes in fog nodes to support low capabilities of storage and computing of fog nodes and improve its performance. There are three major contributions in this paper first; a simulator of an E-health system is implemented using both iFogSim and our iFogSimEhealthSystem simulator. Second, the ABAC was applied at the fog to secure the access to patients EHR. Third, the performance of the proposed securing access in E-health system in fog computing was evaluated. The results showed that the performance of fog computing in the secure E-health system is higher than the performance of cloud computing

Safeguarding health data with enhanced accountability and patient awareness

Several factors are driving the transition from paper-based health records to electronic health record systems. In the United States, the adoption rate of electronic health record systems significantly increased after "Meaningful Use" incentive program was started in 2009. While increased use of electronic health record systems could improve the efficiency and quality of healthcare services, it can also lead to a number of security and privacy issues, such as identity theft and healthcare fraud. Such incidents could have negative impact on trustworthiness of electronic health record technology itself and thereby could limit its benefits. In this dissertation, we tackle three challenges that we believe are important to improve the security and privacy in electronic health record systems. Our approach is based on an analysis of real-world incidents, namely theft and misuse of patient identity, unauthorized usage and update of electronic health records, and threats from insiders in healthcare organizations. Our contributions include design and development of a user-centric monitoring agent system that works on behalf of a patient (i.e., an end user) and securely monitors usage of the patient's identity credentials as well as access to her electronic health records. Such a monitoring agent can enhance patient's awareness and control and improve accountability for health records even in a distributed, multi-domain environment, which is typical in an e-healthcare setting. This will reduce the risk and loss caused by misuse of stolen data. In addition to the solution from a patient's perspective, we also propose a secure system architecture that can be used in healthcare organizations to enable robust auditing and management over client devices. This helps us further enhance patients' confidence in secure use of their health data.PhDCommittee Chair: Mustaque Ahamad; Committee Member: Douglas M. Blough; Committee Member: Ling Liu; Committee Member: Mark Braunstein; Committee Member: Wenke Le

IoT-Enabled Smart Healthcare Infrastructure Maximises Energy Efficiency

Advancements in IoT-based applications have become the cutting-edge technology among researchers due to the wide availability of the Internet. In order to make the application more user-friendly, Android-based and Web-based technologies have become increasingly important in this cutting-edge technology. Smart cities, Internet of Things(IoT), Smart health care systems are the technology of the future. A combination of numerous systems focusing on monitoring different components of the smart city (such as water, e-health, gas,  power monitoring and emergency scenario detection) can be used to make the city more sustainable and secure. In smart cities, energy consumption is particularly important for e-health. An optimization approach is provided in this paper to reduce total network energy usage. When compared to previous methods, the overall performance has improved by 57.89%

Secure transmission of shared electronic health records

Paper-based health records together with electronic Patient Management Systems remain the norm for hospitals and primary care practices to manage patient health information in Australia. Although the benefits of recording patient health information into an electronic format known as an electronic health record (EHR) are well documented, the use of these systems has not yet been fully realised. The next advancement for EHRs is the ability to share health records for the primary purpose of improved patient care. This may for example enable a primary care physician, with the patient\u27s consent, to electronically share pertinent health information with a specialist, providing timely information transfer and reducing the need for replicated testing. Australia is in the process of adopting a national approach to an integrated health records solution. The Australian National Ehealth Transition Authority (NEHTA) has released their lnteroperability Framework together with specifications and standards for secure messaging in E-health. This is expected to promote an environment in which vendors competing for market share will develop medical applications that are interoperable. With an aging population and the baby boomers preparing for retirement, it is anticipated that these initiatives may Indirectly help to reduce the anticipated strain on the health care budget. Anticipated secondary benefits include the collection of de-identified information for public health research and the development of health management strategies. This paper discusses NEHTA\u27s secure transmission initiatives and the resultant security issues related to the transfer of shared EHRs

‘Enabling Technologies’ and ‘User-Participation’ as main Factors for Success of E-health Systems in Developing Countries like Pakistan

IT-applications in healthcare offers a novel way for improving the standard of healthcare services especially in developing states .In Pakistan both Government and private sector healthcare institutions are trying to take advantage of IT-applications for healthcare services just to come up with the rational-decisions for many healthcare-related problems in the country. ICTs for healthcare services provide opportunities for improvement by providing better, reliable and secure services to the patients, healthcare providers, staff and other stake holders both inside a hospital and also to distant patients where no physical healthcare infrastructure is available. This paper evaluates the effects of two key factors (enabling technologies and user participation) to see their influence on success of e-health systems in hospitals of Pakistan. The healthcare organizations having proper hardware and software and user participation in the development of IS ensures successful adoption and use of e-health systems in healthcare organizations anywhere including developing states. Keywords: Enabling Technologies, User-participation, E-health System, Developing Countrie

Evaluating empowerment and control of HE e-learning in a secure environment

With the increased spread of HE distance learning into a wide variety of contexts it is important for us to understand the factors involved in its successful deployment for students. E-learning has a great potential to support effective and empowering HE distance learning (Wilson, 2007; Adams, 2005; Hughes, 2005). However, within two secure environments, prisons and health service, the factors involved are complex. This paper reviews HE e-learning technology perceptions within these two contrasting contexts from 225 students' and stakeholders' perspectives. Previous research has detailed literature limitations on obtaining students' perspectives of e-learning (Conole et al, 2006). These limitations are compounded when other stakeholder perceptions are not integrated (Sun et al, 2007; Adams et al, 2005; Millen at al, 2002). This paper developed and applied an e-learning framework for student and stakeholder perceptions. This social psychological framework, is based on previous practice based e-learning studies and is used here to synthesise two large-scale case studies. The framework focuses on three concepts learner Access (e.g. learning design, technology design, physical access), Awareness (e.g. of resources, their usage and support for e-learning tasks) and Acceptability (e.g. trust, privacy, aesthetics, engagement). Students' and stakeholders' perceptions identified high levels of students' empowerment through e-learning whilst still requiring a further pedagogical tailoring and an awareness of support. However, serious problems within these contexts have identified blocks to e-learning through stakeholders perceptions and fears of acceptability (i.e. issues of risk and trust). Ultimately, through understanding competing perceptions and needs within these complex environments we can support the effective technological development, pedagogical design and deployment of e-learning systems

Cost-effective secure e-health cloud system using identity based cryptographic techniques

Nowadays E-health cloud systems are more and more widely employed. However the security of these systems needs more consideration for the sensitive health information of patients. Some protocols on how to secure the e-health cloud system have been proposed, but many of them use the traditional PKI infrastructure to implement cryptographic mechanisms, which is cumbersome for they require every user having and remembering its own public/private keys. Identity based encryption (View the MathML sourceIBE) is a cryptographic primitive which uses the identity information of the user (e.g., email address) as the public key. Hence the public key is implicitly authenticated and the certificate management is simplified. Proxy re-encryption is another cryptographic primitive which aims at transforming a ciphertext under the delegator AA into another ciphertext which can be decrypted by the delegatee BB. In this paper, we describe several identity related cryptographic techniques for securing E-health system, which include new View the MathML sourceIBE schemes, new identity based proxy re-encryption (View the MathML sourceIBPRE) schemes. We also prove these schemes’ security and give the performance analysis, the results show our View the MathML sourceIBPRE scheme is especially highly efficient for re-encryption, which can be used to achieve cost-effective cloud usage.Peer ReviewedPostprint (author's final draft

Security and Privacy Issues in IoT Healthcare Application for Disabled Users in Developing Economies

In this paper, we explore the security and privacy issues of Internet of Things (IoT) healthcare applications for special needs users. IoT enables health-related organizations to lift important data from diverse sources in real-time and this helps in precise decision-making. The transformation of the health sector, required enhancement and efficiency of protective systems, thereby reducing data vulnerability and hence, providing opportunities for secure patient data, particularly, for special needs patients. A quantitative method for purposive sampling technique was adopted and eighty-eight respondents provided the process of how the IoT technology was utilised. Data findings indicated that IoT monitoring devices have the detective ability for a person with special needs living alone with problems related to vital signs of diseases or disabilities. Personal patient health records are integrated into the e-health Centre via IoT technologies. For data privacy, security, and confidentiality, patients' records are kept on Personal Health Record Systems (PHRS). The research revealed suspected breaches of information due to cyber-attacks on the probability of false data errors in the PHRS, leading to special needs personal data leakage