Technical Viewpoint of Challenges, Opportunities, and Future Directions of Policy Change and Information-Flow in Digital Healthcare Systems

Source: https://www.thinkmind.org/.Digital healthcare systems often run on heterogeneous devices in a distributed multi-cluster environment, and maintain their healthcare policies for managing data, securing information flow, and controlling interactions among systems components. As healthcare systems become more digitally distributed, lack of integration and safe interpretation between heterogeneous systems clusters become problematic and might lead to healthcare policy violations. Communication overhead and high computation consumption might impact the system at different levels and affect the flow of information among system clusters. This paper provides a technical viewpoint of the challenges, opportunities, and future work in digital healthcare systems, focusing on the mechanisms of monitoring, detecting, and recovering healthcare policy change/update and its imprint on information flow

Malware in the Future? Forecasting of Analyst Detection of Cyber Events

There have been extensive efforts in government, academia, and industry to anticipate, forecast, and mitigate cyber attacks. A common approach is time-series forecasting of cyber attacks based on data from network telescopes, honeypots, and automated intrusion detection/prevention systems. This research has uncovered key insights such as systematicity in cyber attacks. Here, we propose an alternate perspective of this problem by performing forecasting of attacks that are analyst-detected and -verified occurrences of malware. We call these instances of malware cyber event data. Specifically, our dataset was analyst-detected incidents from a large operational Computer Security Service Provider (CSSP) for the U.S. Department of Defense, which rarely relies only on automated systems. Our data set consists of weekly counts of cyber events over approximately seven years. Since all cyber events were validated by analysts, our dataset is unlikely to have false positives which are often endemic in other sources of data. Further, the higher-quality data could be used for a number for resource allocation, estimation of security resources, and the development of effective risk-management strategies. We used a Bayesian State Space Model for forecasting and found that events one week ahead could be predicted. To quantify bursts, we used a Markov model. Our findings of systematicity in analyst-detected cyber attacks are consistent with previous work using other sources. The advanced information provided by a forecast may help with threat awareness by providing a probable value and range for future cyber events one week ahead. Other potential applications for cyber event forecasting include proactive allocation of resources and capabilities for cyber defense (e.g., analyst staffing and sensor configuration) in CSSPs. Enhanced threat awareness may improve cybersecurity.Comment: Revised version resubmitted to journa

Dokspot : securely linking healthcare products with online instructions

Printed instructions for products get replaced more and more by digital versions that are made available over the internet. In safety-sensitive fields such as healthcare products, availability and integrity of these instructions is of highest importance. However, providing and managing instructions online opens the door to a wide range of potential attacks, which may negatively affect availability and integrity. In this paper, dokspot is presented, which is an internet-based service that aims at solving this problem by securely linking healthcare products with online instructions. The key to achieve this is a sophisticated security architecture and the focus of this paper is on the core components of this architecture. This includes a secure workflow to manage online instructions, which prevents, e.g., attacks by malicious insiders. Also, the traditionally monolithic web application architecture was split into role-based microservices, which provides protection even if parts of the system are compromised. Furthermore, digital signatures are utilized to continuously safeguard the lifecycle of online instructions to guarantee their genuineness and integrity. And finally, a passwordless signature scheme is introduced to hide inconvenient extra steps from the users while still maintaining security. Overall, this security architecture makes dokspot highly resistant to a wide range of attacks