Telemedicine – Meaning, Challenges and Opportunities

Medical service is one of the crucial policies and decent medical service is required by the population in every country. There are three main obstacles which prevent people from obtaining proper medical cares and treatments. First, the deficiency of medical staffs especially physicians which occur even in the developed countries. Second, regarding an important demographic issue, an increase in the number of the elderly makes the medical services more demanding. Finally, geographical aspect also plays a major role in healthcare inequality. The population dwelling in rural or remote areas struggle from accessing proper medical services. Information and communication technologies have become an important infrastructure upon which several domains can build in order to achieve more effective solutions. Integrating such technologies into the medical discipline results in telemedicine which is currently available across the globe. This article describes telemedicine in three key aspects including current state, challenges and opportunities based upon existing studies and implementations

Robust access control framework for mobile cloud computing network

Unified communications has enabled seamless data sharing between multiple devices running on various platforms. Traditionally, organizations use local servers to store data and employees access the data using desktops with predefined security policies. In the era of unified communications, employees exploit the advantages of smart devices and 4G wireless technology to access the data from anywhere and anytime. Security protocols such as access control designed for traditional setup are not sufficient when integrating mobile devices with organization’s internal network. Within this context, we exploit the features of smart devices to enhance the security of the traditional access control technique. Dynamic attributes in smart devices such as unlock failures, application usage, location and proximity of devices can be used to determine the risk level of an end-user. In this paper, we seamlessly incorporate the dynamic attributes to the conventional access control scheme. Inclusion of dynamic attributes provides an additional layer of security to the conventional access control. We demonstrate that the efficiency of the proposed algorithm is comparable to the efficiency of the conventional schemes

Access control models for pervasive computing environments

Department Head: L. Darrell Whitley.2010 Summer.Includes bibliographical references.With the growing advancement of pervasive computing technologies, we are moving towards an era where context information will be necessary for access control. Traditional access control models like Mandatory Access Control (MAC), Discretionary Access Control (DAC), and Role-Based Access Control (RBAC) do not work well in this scenario for several reasons. First, unlike traditional applications, pervasive computing applications usually do not have well-defined security perimeter-the entities an application will interact with or the resources that will be accessed may not be known in advance. Second, these applications are also dynamic in nature--the accessing entities may change, resources requiring protection may be created or modified, and an entity's access to resources may change during the course of the application, which make the resources protection during application execution extremely challenging. Third, pervasive computing applications use the knowledge of surrounding physical spaces to provide services; security policies designed for such applications must therefore use contextual information. Thus, new access control models and technologies are needed for pervasive computing applications. In this dissertation, we propose two types of access control models for pervasive computing environments; one determine the accessibility based on the spatio-temporal constraints, and the other determine the accessibility based on the trustworthiness of the entities. The different features of access control models may interact in subtle ways resulting in conflicts. Consequently, it is important to analyze and understand these models before they are widely deployed. The other contribution of this dissertation is to verify the correctness of the model. The results obtained by analyzing the access control models will enable the users of the model to make informed decisions. Toward this end, we propose automated verification techniques for our access control models

A Trust management framework for secure cloud data storage using cryptographic role-based access control

In recent times, there has been an increasing development of storing data securely in the cloud. The Role-based access control (RBAC) model, a widely used access control model, can provide a flexible way for data owners to manage and share their data in the cloud environment. To enforce the access control policies in the cloud, several cryptographic RBAC schemes have been proposed recently, which integrate cryptographic techniques with RBAC models to secure data storage in an outsourced environment such as a cloud. However, these schemes do not address the issue of trust in such a data storage system. In this paper, we introduce a trust management framework which can enhance the security of data in cloud storage systems using cryptographic RBAC schemes. The trust management framework provides an approach for each party in such a cloud storage system to determine the trustworthiness of other parties. The framework consists of a series of trust models, which (i) enable the users and the data owners to decide whether to interact with a particular role for accessing and sharing data in the system and (ii) allow the role managers to evaluate the trustworthiness of users and data owners. These trust models take into account role inheritance and hierarchy in the evaluation of trustworthiness of the roles. In addition, we present a design of a trust-based cloud storage system which shows how the trust models for users and roles can be integrated into a system that uses cryptographic RBAC schemes.26 page(s

Ensuring Spatio-temporal Access Control for Real-world Applications

Traditional access control models, such as Role-Based Access Control (RBAC), do not take into account contextual information, such as location and time, for making access decisions. Consequently, they are inadequate for specifying the access control needs of many complex real-world applications, such as the Dengue Decision Support (DDS) that we discuss in this paper. We need to ensure that such applications are adequately protected using emerging access control models. This requires us to represent the application and its access control requirements in a formal specification language. We choose the Unified Modeling Language (UML) for this purpose, since UML is becoming the defacto specification language in the software industry. We need to analyze this formal specification to get assurance that the application is adequately protected. Manual analysis is error-prone and tedious. Thus, we need automate