29,507 research outputs found
A study on information induced medication errors
The electronic health record (eHR) system has recently been considered one of the biggest advancements in healthcare services. A personally controlled electronic health record (PCEHR) system is proposed by the Australian government to make the health system more agile, secure, and sustainable. Although the PCEHR system claims the electronic health records can be controlled by the patients, healthcare professionals and database/system operators may assist in disclosing the patients’ eHRs for retaliation or other ill purposes. As the conventional methods for preserving the privacy of eHRs solely trust the system operators, these data are vulnerable to be exploited by the authorised personnel in an immoral/unethical way. Furthermore, issues such as the sheer number of eHRs, their sensitive nature, flexible access, and efficient user revocation have remained the most important challenges towards fine-grained, cryptographically enforced data access control. In this paper we propose a patient centric cloud-based PCEHR framework, which employs a homomorphic encryption technique in storing the eHRs. The proposed system ensures the control of both access and privacy of eHRs stored in the cloud database
A Privacy-Preserving Framework for Personally Controlled Electronic Health Record (PCEHR) System
The electronic health record (eHR) system has recently been considered one of the biggest advancements in healthcare services. A personally controlled electronic health record (PCEHR) system is proposed by the Australian government to make the health system more agile, secure, and sustainable. Although the PCEHR system claims the electronic health records can be controlled by the patients, healthcare professionals and database/system operators may assist in disclosing the patients’ eHRs for retaliation or other ill purposes. As the conventional methods for preserving the privacy of eHRs solely trust the system operators, these data are vulnerable to be exploited by the authorised personnel in an immoral/unethical way. Furthermore, issues such as the sheer number of eHRs, their sensitive nature, flexible access, and efficient user revocation have remained the most important challenges towards fine-grained, cryptographically enforced data access control. In this paper we propose a patient centric cloud-based PCEHR framework, which employs a homomorphic encryption technique in storing the eHRs. The proposed system ensures the control of both access and privacy of eHRs stored in the cloud database
End-to-End Privacy for Open Big Data Markets
The idea of an open data market envisions the creation of a data trading
model to facilitate exchange of data between different parties in the Internet
of Things (IoT) domain. The data collected by IoT products and solutions are
expected to be traded in these markets. Data owners will collect data using IoT
products and solutions. Data consumers who are interested will negotiate with
the data owners to get access to such data. Data captured by IoT products will
allow data consumers to further understand the preferences and behaviours of
data owners and to generate additional business value using different
techniques ranging from waste reduction to personalized service offerings. In
open data markets, data consumers will be able to give back part of the
additional value generated to the data owners. However, privacy becomes a
significant issue when data that can be used to derive extremely personal
information is being traded. This paper discusses why privacy matters in the
IoT domain in general and especially in open data markets and surveys existing
privacy-preserving strategies and design techniques that can be used to
facilitate end to end privacy for open data markets. We also highlight some of
the major research challenges that need to be address in order to make the
vision of open data markets a reality through ensuring the privacy of
stakeholders.Comment: Accepted to be published in IEEE Cloud Computing Magazine: Special
Issue Cloud Computing and the La
Secure data sharing and processing in heterogeneous clouds
The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors
- …