22,287 research outputs found
Evaluation of Attribute-Based Access Control (ABAC) for EHR in Fog Computing Environment
Fog computing - a connection of billions of devices nearest to the network edge- was recently proposed to support latency-sensitive and real time applications. Electronic Medical Record (EMR) systems are latency-sensitive in nature therefore fog computing considered as appropriate choice for it. This paper proposes a fog environment for E-health system that contains highly confidential information of patients Electronic Health Records (EHR). The proposed E-health system has two main goals: (1) Manage and share EHRs between multiple fog nodes and the cloud,(2) Secure access into EHR on Fog computing without effecting the performance of fog nodes. This system will serve different users based on their attributes and thus providing Attribute Based Access Control ABAC into the EHR in fog to prevent unauthorized access. We focus on reducing the storing and processes in fog nodes to support low capabilities of storage and computing of fog nodes and improve its performance. There are three major contributions in this paper first; a simulator of an E-health system is implemented using both iFogSim and our iFogSimEhealthSystem simulator. Second, the ABAC was applied at the fog to secure the access to patients EHR. Third, the performance of the proposed securing access in E-health system in fog computing was evaluated. The results showed that the performance of fog computing in the secure E-health system is higher than the performance of cloud computing
A Methodology for Secure Sharing of Personal Health Records in the Cloud
In the health care sector has resulted in value effective and convenient exchange of non-public Health Records (PHRs) among many taking part entities of the e-Health systems. still, storing the confidential health data to cloud servers is prone to revelation or larceny and demand the event of methodologies that make sure the privacy of the PHRs. Therefore, we tend to propose a technique referred to as SeSPHR for secure sharing of the PHRs within the cloud. The SeSPHR theme ensures patient-centric management on the PHRs and preserves the confidentiality of the PHRs. The patients store the encrypted PHRs on the un-trusted cloud servers and by selection grant access to differing types of users on totally different parts of the PHRs. A semi-trusted proxy referred to as Setup and Re-encryption Server (SRS) is introduced to line up the public/private key pairs and to supply the re-encryption keys. Moreover, the methodology is secure against business executive threats and conjointly enforces a forward and backward access management. Moreover, we tend to formally analyze and verify the operating of SeSPHR methodology through the High Level Petri Nets (HLPN). Performance analysis concerning time consumption indicates that the SeSPHR methodology has potential to use for firmly sharing the PHRs within the cloud. conjointly we tend to Implement as a contribution during this paper time Server, Secure Auditing Storage, in Time Server PHR Owner add the start and Ending time attach to uploaded Encrypted files, and conjointly implement the TPA Module for verify the PHR Record its hack or corrupted for the other hacker and wrongdoer if information hack from hacker facet discover all system details of wrongdoer like Macintosh Address and information science Address its our contribution in our project.
Secure and Trustable Electronic Medical Records Sharing using Blockchain
Electronic medical records (EMRs) are critical, highly sensitive private
information in healthcare, and need to be frequently shared among peers.
Blockchain provides a shared, immutable and transparent history of all the
transactions to build applications with trust, accountability and transparency.
This provides a unique opportunity to develop a secure and trustable EMR data
management and sharing system using blockchain. In this paper, we present our
perspectives on blockchain based healthcare data management, in particular, for
EMR data sharing between healthcare providers and for research studies. We
propose a framework on managing and sharing EMR data for cancer patient care.
In collaboration with Stony Brook University Hospital, we implemented our
framework in a prototype that ensures privacy, security, availability, and
fine-grained access control over EMR data. The proposed work can significantly
reduce the turnaround time for EMR sharing, improve decision making for medical
care, and reduce the overall costComment: AMIA 2017 Annual Symposium Proceeding
Systematizing Genome Privacy Research: A Privacy-Enhancing Technologies Perspective
Rapid advances in human genomics are enabling researchers to gain a better
understanding of the role of the genome in our health and well-being,
stimulating hope for more effective and cost efficient healthcare. However,
this also prompts a number of security and privacy concerns stemming from the
distinctive characteristics of genomic data. To address them, a new research
community has emerged and produced a large number of publications and
initiatives.
In this paper, we rely on a structured methodology to contextualize and
provide a critical analysis of the current knowledge on privacy-enhancing
technologies used for testing, storing, and sharing genomic data, using a
representative sample of the work published in the past decade. We identify and
discuss limitations, technical challenges, and issues faced by the community,
focusing in particular on those that are inherently tied to the nature of the
problem and are harder for the community alone to address. Finally, we report
on the importance and difficulty of the identified challenges based on an
online survey of genome data privacy expertsComment: To appear in the Proceedings on Privacy Enhancing Technologies
(PoPETs), Vol. 2019, Issue
Towards A Well-Secured Electronic Health Record in the Health Cloud
The major concerns for most cloud implementers particularly in the health care industry have remained data security
and privacy. A prominent and major threat that constitutes a hurdle for practitioners within the health industry from exploiting and
benefiting from the gains of cloud computing is the fear of theft of patients health data in the cloud. Investigations and surveys
have revealed that most practitioners in the health care industry are concerned about the risk of health data mix-up amongst the
various cloud providers, hacking to comprise the cloud platform and theft of vital patients’ health data.An overview of the
diverse issues relating to health data privacy and overall security in the cloud are presented in this technical report. Based on
identifed secure access requirements, an encryption-based eHR security model for securing and enforcing authorised access to
electronic health data (records), eHR is also presented. It highlights three core functionalities for managing issues relating to
health data privacy and security of eHR in health care cloud
A systematic literature review of cloud computing in eHealth
Cloud computing in eHealth is an emerging area for only few years. There
needs to identify the state of the art and pinpoint challenges and possible
directions for researchers and applications developers. Based on this need, we
have conducted a systematic review of cloud computing in eHealth. We searched
ACM Digital Library, IEEE Xplore, Inspec, ISI Web of Science and Springer as
well as relevant open-access journals for relevant articles. A total of 237
studies were first searched, of which 44 papers met the Include Criteria. The
studies identified three types of studied areas about cloud computing in
eHealth, namely (1) cloud-based eHealth framework design (n=13); (2)
applications of cloud computing (n=17); and (3) security or privacy control
mechanisms of healthcare data in the cloud (n=14). Most of the studies in the
review were about designs and concept-proof. Only very few studies have
evaluated their research in the real world, which may indicate that the
application of cloud computing in eHealth is still very immature. However, our
presented review could pinpoint that a hybrid cloud platform with mixed access
control and security protection mechanisms will be a main research area for
developing citizen centred home-based healthcare applications
On the Deployment of Healthcare Applications over Fog Computing Infrastructure
Fog computing is considered as the most promising enhancement of the traditional cloud computing paradigm in order to handle potential issues introduced by the emerging Interned of Things (IoT) framework at the network edge. The heterogeneous nature, the extensive distribution and the hefty number of deployed IoT nodes will disrupt existing functional models, creating confusion. However, IoT will facilitate the rise of new applications, with automated healthcare monitoring platforms being amongst them. This paper presents the pillars of design for such applications, along with the evaluation of a working prototype that collects ECG traces from a tailor-made device and utilizes the patient's smartphone as a Fog gateway for securely sharing them to other authorized entities. This prototype will allow patients to share information to their physicians, monitor their health status independently and notify the authorities rapidly in emergency situations. Historical data will also be available for further analysis, towards identifying patterns that may improve medical diagnoses in the foreseeable future
Secure spontaneous emergency access to personal health record
We propose a system which enables access to the user's Personal Health Record (PHR) in the event of emergency. The
access typically occurs in an ad-hoc and spontaneous manner and the user is usually unconscious, hence rendering the
unavailability of the user's password to access the PHR. The
proposed system includes a smart card carried by the user
at all time and it is personalized with a pseudo secret, an
URL to the PHR Server, a secret key shared with the PHR
Server and a number of redemption tokens generated using
a hash chain. In each emergency session, a one-time use
redemption token is issued by the smart card, allowing the
emergency doctor to retrieve the user's PHR upon successful authentication of his credentials and validation of the
redemption token. The server returns the PHR encrypted
with a one-time session key which can only be decrypted by
the emergency doctor. The devised interaction protocol to
facilitate emergency access to the user's PHR is secure and
efficient
- …