Implementing Operations Support Systems in E-Health Based Systems

Information and communication technologies have been introduced in different dimensions of the health care. e-Health is the use of advanced communications technologies such as the Internet, portable, wireless and other sophisticated devices to support health care delivery and education. It has the potentials of improving the efficiency of health care delivery globally. With the increasing demand for information at the point of care, health care providers could explore the advances provided by mobile technologies and the increasing capabilities, compactness and pervasiveness of computing devices to adopt operations supports systems (OSS) in e-Health based systems in order to provide efficient services and enhance their performances. In this paper, we present, the development and implementation of operations supports in e- Health based systems. The system promises to deliver greater productivity for health care practitioner

Identifying Native Applications with High Assurance

The work described in this paper investigates the problem of identifying and deterring stealthy malicious processes on a host. We point out the lack of strong application iden- tication in main stream operating systems. We solve the application identication problem by proposing a novel iden- tication model in which user-level applications are required to present identication proofs at run time to be authenti- cated by the kernel using an embedded secret key. The se- cret key of an application is registered with a trusted kernel using a key registrar and is used to uniquely authenticate and authorize the application. We present a protocol for secure authentication of applications. Additionally, we de- velop a system call monitoring architecture that uses our model to verify the identity of applications when making critical system calls. Our system call monitoring can be integrated with existing policy specication frameworks to enforce application-level access rights. We implement and evaluate a prototype of our monitoring architecture in Linux as device drivers with nearly no modication of the ker- nel. The results from our extensive performance evaluation shows that our prototype incurs low overhead, indicating the feasibility of our model

Perceived risk and sensitive data on mobile devices

This paper reports on a survey to investigate the behaviour and assumptions of smartphone users, with reference to the security practices adopted by such users. The primary objective was to shed light on the level of information security awareness in smartphone users and determine the extent of sensitive information such users typically hold on these mobile devices

Phishing – the threat of internet banking

The attractiveness of Internet banking, the dynamics and the integration with e-business is still growing. The current use of electronic banking is defined by cyberspace and abused in the form of cyber terrorism as well. Therefore it is in the interest of all banks to focus on minimizing the real attacks. This article analyzes and compares the current possibilities against so-called phishing and identifies the area of the safe use of Internet banking in terms of the current potential threats in this area

Secure Communication Architecture for Dynamic Energy Management in Smart Grid

open access articleSmart grid takes advantage of communication technologies for efficient energy management and utilization. It entails sacrifice from consumers in terms of reducing load during peak hours by using a dynamic energy pricing model. To enable an active participation of consumers in load management, the concept of home energy gateway (HEG) has recently been proposed in the literature. However, the HEG concept is rather new, and the literature still lacks to address challenges related to data representation, seamless discovery, interoperability, security, and privacy. This paper presents the design of a communication framework that effectively copes with the interoperability and integration challenges between devices from different manufacturers. The proposed communication framework offers seamless auto-discovery and zero- con figuration-based networking between heterogeneous devices at consumer sites. It uses elliptic-curve-based security mechanism for protecting consumers' privacy and providing the best possible shield against different types of cyberattacks. Experiments in real networking environment validated that the proposed communication framework is lightweight, secure, portable with low-bandwidth requirement, and flexible to be adopted for dynamic energy management in smart grid

A standard-driven communication protocol for disconnected clinics in rural areas

The importance of the Electronic Health Record (EHR), which stores all healthcare-related data belonging to a patient, has been recognized in recent years by governments, institutions, and industry. Initiatives like Integrating the Healthcare Enterprise (IHE) have been developed for the definition of standard methodologies for secure and interoperable EHR exchanges among clinics and hospitals. Using the requisites specified by these initiatives, many large-scale projects have been set up to enable healthcare professionals to handle patients' EHRs. Applications deployed in these settings are often considered safety-critical, thus ensuring such security properties as confidentiality, authentication, and authorization is crucial for their success. In this paper, we propose a communication protocol, based on the IHE specifications, for authenticating healthcare professionals and assuring patients' safety in settings where no network connection is available, such as in rural areas of some developing countries. We define a specific threat model, driven by the experience of use cases covered by international projects, and prove that an intruder cannot cause damages to the safety of patients and their data by performing any of the attacks falling within this threat model. To demonstrate the feasibility and effectiveness of our protocol, we have fully implemented it

NEOREG : design and implementation of an online neonatal registration system to access, follow and analyse data of newborns with congenital cytomegalovirus infection

Today's registration of newborns with congenital cytomegalovirus (cCMV) infection is still performed on paper-based forms in Flanders, Belgium. This process has a large administrative impact. It is imortant that all screening tests are registered to have a complete idea of the impact of cCMV. Although these registrations are usable in computerised data analysis, these data are not available in a format to perform electronic processing. An online Neonatal Registry (NEOREG) System was designed and developed to access, follow and analyse the data of newborns remotely. It allows patients' diagnostic registration and treatment follow-up through a web interface and uses document forms in Portable Document Format (PDF), which incorporate all the elements from the existing forms. Forms are automatically processed to structured EHRs. Modules are included to perform statistical analysis. The design was driven by extendibility, security and usability requirements. The website load time, throughput and execution time of data analysis were evaluated in detail. The NEOREG system is able to replace the existing paper-based CMV records