scispace - formally typeset
Search or ask a question
Author

Chien-Ding Lee

Bio: Chien-Ding Lee is an academic researcher from Feng Chia University. The author has contributed to research in topics: Information privacy & Key management. The author has an hindex of 3, co-authored 3 publications receiving 171 citations.

Papers
More filters
Journal ArticleDOI
01 Jan 2008
TL;DR: In this paper, a flexible cryptographic key management solution is proposed to facilitate interoperations among the applied cryptographic mechanisms to comply with the HIPAA regulations.
Abstract: The Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations are two crucial provisions in the protection of healthcare privacy. Privacy regulations create a principle to assure that patients have more control over their health information and set limits on the use and disclosure of health information. The security regulations stipulate the provisions implemented to guard data integrity, confidentiality, and availability. Undoubtedly, the cryptographic mechanisms are well defined to provide suitable solutions. In this paper, to comply with the HIPAA regulations, a flexible cryptographic key management solution is proposed to facilitate interoperations among the applied cryptographic mechanisms. In addition, case of consent exceptions intended to facilitate emergency applications and other possible exceptions can also be handled easily.

157 citations

Journal ArticleDOI
01 Jul 2011
TL;DR: The model proposed in this paper provides a way to integrate several cryptographic mechanisms and develops a key management scheme to facilitate the interoperation among these mechanisms, so the risk of illegal distribution can be reduced.
Abstract: Digitizing medical records facilitates the healthcare process. However, it can also cause serious security and privacy problems, which are the major concern in the Health Insurance Portability and Accountability Act (HIPAA). While various conventional encryption mechanisms can solve some aspects of these problems, they cannot address the illegal distribution of decrypted medical images, which violates the regulations defined in the HIPAA. To protect decrypted medical images from being illegally distributed by an authorized staff member, the model proposed in this paper provides a way to integrate several cryptographic mechanisms. In this model, the malicious staff member can be tracked by a watermarked clue. By combining several well-designed cryptographic mechanisms and developing a key management scheme to facilitate the interoperation among these mechanisms, the risk of illegal distribution can be reduced.

25 citations

Journal ArticleDOI
TL;DR: A new key management scheme is proposed to facilitate control by providing two functionalities: a patient can authorize more than one healthcare institute within a designated time period to access his or her ePHIs.

8 citations

Journal ArticleDOI
TL;DR: In this paper , a cooperative authenticated key agreement scheme is developed to address the various security scenarios when providing tele-medicine care to patients with a disability, and an enhanced version scheme with group key exchange functionality is proposed to satisfy situations where more than one physician is involved in providing services during a medical consultation situation.

Cited by
More filters
01 Apr 1997
TL;DR: The objective of this paper is to give a comprehensive introduction to applied cryptography with an engineer or computer scientist in mind on the knowledge needed to create practical systems which supports integrity, confidentiality, or authenticity.
Abstract: The objective of this paper is to give a comprehensive introduction to applied cryptography with an engineer or computer scientist in mind. The emphasis is on the knowledge needed to create practical systems which supports integrity, confidentiality, or authenticity. Topics covered includes an introduction to the concepts in cryptography, attacks against cryptographic systems, key use and handling, random bit generation, encryption modes, and message authentication codes. Recommendations on algorithms and further reading is given in the end of the paper. This paper should make the reader able to build, understand and evaluate system descriptions and designs based on the cryptographic components described in the paper.

2,188 citations

Journal Article
TL;DR: The Health Insurance Portability and Accountability Act, also known as HIPAA, was designed to protect health insurance coverage for workers and their families while between jobs and establishes standards for electronic health care transactions.
Abstract: The Health Insurance Portability and Accountability Act, also known as HIPAA, was first delivered to congress in 1996 and consisted of just two Titles. It was designed to protect health insurance coverage for workers and their families while between jobs. It establishes standards for electronic health care transactions and addresses the issues of privacy and security when dealing with Protected Health Information (PHI). HIPAA is applicable only in the United States of America.

561 citations

Proceedings ArticleDOI
08 Oct 2010
TL;DR: It is shown how new primitives in attribute-based cryptography can be used to construct a secure and privacy-preserving EHR system that enables patients to share their data among healthcare providers in a flexible, dynamic and scalable manner.
Abstract: Secure management of Electronic Health Records (EHR) in a distributed computing environment such as cloud computing where computing resources including storage is provided by a third party service provider is a challenging task. In this paper, we explore techniques which guarantees security and privacy of medical data stored in the cloud. We show how new primitives in attribute-based cryptography can be used to construct a secure and privacy-preserving EHR system that enables patients to share their data among healthcare providers in a flexible, dynamic and scalable manner.

276 citations

Journal ArticleDOI
TL;DR: This work proposes an improved scheme for authentication scheme for mobile devices in telecare medicine information system that is not only more secure than Wu et al.
Abstract: It is important to guarantee the privacy and the security of the users in the telecare medicine information system. Recently, Wu et al.'s proposed an authentication scheme for mobile devices in telecare medicine information system. They added the pre-computing idea within the communication process to avoid the time-consuming exponential computations. They also claimed their scheme can withstand various attacks. We will show that their scheme suffers from the impersonation attack to the insider's attack. In order to overcome the weaknesses, we propose an improved scheme to eliminate the weakness. Our scheme is not only more secure than Wu et al.'s scheme, but also has better performance. Then our scheme is more efficient and appropriate to collocating with low power mobile devices for the telecare medicine information system.

248 citations

Journal ArticleDOI
TL;DR: A novel authentication scheme is proposed that is added the pre-computing idea within the communication process to avoid the time-consuming exponential computations and is shown to be more secure and practical for telecare medicine environments.
Abstract: The telecare medicine information system enables or supports health-care delivery services. In recent years, the increased availability of lower-cost telecommunications systems and custom made physiological monitoring devices for patients have made it possible to bring the advantages of telemedicine directly into the patient's home. These systems are moving towards an environment where automated patient medical records and electronically interconnected telecare facilities are prevalent. A secure authentication scheme will thus be needed to safeguard data integrity, confidentiality, and availability. Many schemes based on cryptography have been proposed for the goals. However, much of the schemes are vulnerable to various attacks, and are neither efficient, nor user friendly. Specially, in terms of efficiency, some schemes need the exponential computation resulting in high time cost. Therefore, we propose a novel authentication scheme that is added the pre-computing idea within the communication process to avoid the time-consuming exponential computations. Finally, it is shown to be more secure and practical for telecare medicine environments.

234 citations