A Security Oriented Design (SOD) Framework for eHealth Systems
21 Jul 2014-pp 122-127
TL;DR: The pilot design experience and results of a security oriented design framework (SOD) intended for providing a system development environment template to strengthen development tasks of eHealth related systems are discussed.
Abstract: With the advancement in technology and availability of internet access and smart mobile systems, there has been an increasing interest in eHealth related research activities due to the attractive and important benefits that eHealth systems can offer to many. However, the security of the eHealth systems has been a great concern. In this paper, we discuss the pilot design experience and results of a security oriented design framework (SOD). The SOD framework is intended for providing a system development environment template to strengthen development tasks of eHealth related systems. We have selected two major eHealth commonly required features for the pilot experiments. The first feature is to provide capabilities for storing and accessing digitized patient health records. The second feature is to provide scheduling and management in terms of appointments, doctor prescriptions, tests, etc. The paper also discusses the current major concerns in security and privacy and provides some effective security solutions.
Citations
More filters
01 Aug 2017
TL;DR: A security framework for mobile applications in healthcare is proposed to address common security vulnerabilities that appear during the application development process and to maintain an expected level of user functionality and ensure personal health information is secure when using a mobile application.
Abstract: Recent trends indicate a steady rise in cyber attacks targeting the healthcare industry and patient data. Security is one of the most vital requirements for any device that utilizes medical data. Mobile applications within healthcare are becoming increasingly popular, and users presume these applications are secure. However, a lack of security cognizance among developers and a rush to market have introduced a plethora of security vulnerabilities in mobile health applications. Our initial research showed that health-related mobile applications contain numerous vulnerabilities for attackers to potentially obtain medical data. In this paper, we propose a security framework for mobile applications in healthcare to address common security vulnerabilities that appear during the application development process. Our goal is to maintain an expected level of user functionality and ensure personal health information is secure when using a mobile application.
16 citations
Cites background from "A Security Oriented Design (SOD) Fr..."
...The rise in cyber-attacks in healthcare has inspired a notable amount of work and study in health systems and the management of patient medical data [7], [8], [9], [10], [2]....
[...]
05 Jul 2016
TL;DR: A proactive health monitoring system for cardiac patients that will help patients to take proactive measure against any abnormal behavior in their health and also help doctors to monitor the patient health continuously will enhance the quality of life of patients as well as increase the performance of doctors and healthcare providers.
Abstract: with the advancement of human life, there is big increase in chronic diseases especially in heart diseases. This increase is due to environmental pollution, lack of exercise, eating habits and closed environments. We propose a proactive health monitoring system for cardiac patients. This system consists of electronic bands wear by the patients to collect the real-time health status and an e-health system to process the collected data. The e-health system is a complete big data framework that will be develop to solve major healthcare problems. This system will provide a proactive measure to all the patients suffering from heart diseases like Ischemic heart disease or Hypertensive heart disease. The system will monitor the patient health continuously from electronic band and generates alerts to patients and doctor accordingly. This system will also provide a guidance to patients in case of abnormal health readings. The framework of e-health will follow the best practices of software engineering, healthcare and big data. This system will help patients to take proactive measure against any abnormal behavior in their health and also help doctors to monitor the patient health continuously. This development will enhance the quality of life of patients as well as increase the performance of doctors and healthcare providers.
8 citations
Cites background from "A Security Oriented Design (SOD) Fr..."
...[9] presented a security oriented design (SOD) framework for e-health systems....
[...]
01 Aug 2019
TL;DR: This paper proposes a security framework that provides authentication, authorization, secure storage and transmission of medical data and workflows for mHealth applications and proves that the framework can be easily integrated into any mHealth app and reduce its security and privacy risks without compromising user experience.
Abstract: Mobile health (mHealth) applications are growing in popularity due to their effectiveness in delivering healthcare services and improving patient health outcomes. mHealth apps are also increasingly targeted by attackers as they handle sensitive and private medical and personal data. Existing research indicates that lack of security cognizance among app developers is the leading cause of security vulnerabilities in mHealth apps. In this paper, we propose a security framework that provides authentication, authorization, secure storage and transmission of medical data and workflows for mHealth applications. The proposed framework can be easily imported into new and existing mHealth apps to mitigate its security and privacy vulnerabilities. To prove the framework's effectiveness, we use a dummy mHealth app built on top of it and confirm via our findings that the framework can be easily integrated into any mHealth app and reduce its security and privacy risks without compromising user experience.
5 citations
11 Jul 2015
TL;DR: This research paper proposes a data transmission model so that confidentiality of healthcare information is not compromised during transmission process and introduces a secure data Transmission model between mobile device and server to facilitate safer data transmission.
Abstract: Most mobile health management application stores and manages user's health information in local memory. However, in u-Health Service, healthcare information is transmitted to healthcare server and provides integrated analysis and care service. Therefore, in mobile healthcare, it is necessary to transmit healthcare information to server. If healthcare information is not safely transmitted to server, there is a risk of being tapped, counterfeited or modified. In order to solve such problems, it is necessary to introduce a secure data transmission model between mobile device and server to facilitate safer data transmission. Therefore, this research paper proposes a data transmission model so that confidentiality of healthcare information is not compromised during transmission process.
2 citations
Cites background from "A Security Oriented Design (SOD) Fr..."
...Among them, since personal healthcare information can be transmitted to physical monitoring program [6], medical/healthcare information service and physician management program, there is a possibility of infringement on personal information between server and mobile device [7]....
[...]
TL;DR: The proposed security framework secure all the sections of the model following the recommendations of Health Level 7, First Healthcare Interoperability Resources and Health Insurance Portability and Accountability Act and can be implemented in any remote areas of developing countries as like as Bangladesh.
Abstract: Telemedicine is a healthcare system where healthcare professionals have the capability to observe, diagnose, evaluate and treat the patient from a remote location and the patient have the ability to easily access the medical expertise quickly and efficiently. Increasing popularity of Telemedicine increase the security intimidations. In this paper, a security framework is implemented for the developed cost-effective Telemedicine system. The proposed security framework secure all the sections of the model following the recommendations of Health Level 7, First Healthcare Interoperability Resources and Health Insurance Portability and Accountability Act. Implementation of this security framework including authenticating the different types of user, secure connection between mobile and sensors through authentication, protect the mobile application from hackers, ensures data security through encryption, as well as secure server, using secured socket layer called SSL. Finally, we can say that the developed Telemedicine model is more secure and it can be implemented in any remote areas of developing countries as like as Bangladesh.
1 citations
Cites methods from "A Security Oriented Design (SOD) Fr..."
...In their proposed system they use SHA1 algorithm to secure login data as well as use HTTPS secure web server[16]....
[...]
References
More filters
13 Sep 2010
TL;DR: This review presents representative applications in the healthcare domain and describes the challenges they introduce to wireless sensor networks due to the required level of trustworthiness and the need to ensure the privacy and security of medical data.
Abstract: Driven by the confluence between the need to collect data about people's physical, physiological, psychological, cognitive, and behavioral processes in spaces ranging from personal to urban and the recent availability of the technologies that enable this data collection, wireless sensor networks for healthcare have emerged in the recent years. In this review, we present some representative applications in the healthcare domain and describe the challenges they introduce to wireless sensor networks due to the required level of trustworthiness and the need to ensure the privacy and security of medical data. These challenges are exacerbated by the resource scarcity that is inherent with wireless sensor network platforms. We outline prototype systems spanning application domains from physiological and activity monitoring to large-scale physiological and behavioral studies and emphasize ongoing research challenges.
724 citations
05 Jul 2010
TL;DR: An EHR security reference model for managing security issues in healthcare clouds is described, which highlights three important core components in securing an EHR cloud.
Abstract: With the widespread use of electronic health record (EHR), building a secure EHR sharing environment has attracted a lot of attention in both healthcare industry and academic community. Cloud computing paradigm is one of the popular healthIT infrastructure for facilitating EHR sharing and EHR integration. In this paper we discuss important concepts related to EHR sharing and integration in healthcare clouds and analyze the arising security and privacy issues in access and management of EHRs. We describe an EHR security reference model for managing security issues in healthcare clouds, which highlights three important core components in securing an EHR cloud. We illustrate the development of the EHR security reference model through a use-case scenario and describe the corresponding security countermeasures and state of art security techniques that can be applied as basic security guards.
370 citations
"A Security Oriented Design (SOD) Fr..." refers background in this paper
...I. INTRODUCTION In today’s world, eHealth focuses on providing healthcare in digital records and methods such as Electronic Health Records (EHR) [4], [7]....
[...]
TL;DR: The security and privacy issues in healthcare application using WMSNs are discussed, some popular healthcare projects using wireless medical sensor networks are highlighted, and their security is discussed, and a summary of open security research issues that need to be explored for future healthcare applications using W MSNs are explored.
Abstract: Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.
363 citations
16 Nov 2011
TL;DR: This paper reviews two of the most popular NoSQL databases (Cassandra and MongoDB) and outlines their main security features and problems.
Abstract: applications has created the need to store large amount of data in distributed databases that provide high availability and scalability. In recent years, a growing number of companies have adopted various types of non-relational databases, commonly referred to as NoSQL databases, and as the applications they serve emerge, they gain extensive market interest. These new database systems are not relational by definition and therefore they do not support full SQL functionality. Moreover, as opposed to relational databases they trade consistency and security for performance and scalability. As increasingly sensitive data is being stored in NoSQL databases, security issues become growing concerns. This paper reviews two of the most popular NoSQL databases (Cassandra and MongoDB) and outlines their main security features and problems.
171 citations
TL;DR: Despite the substantial progress that geriatric medicine has made, much more remains to be done to meet the healthcare needs of older persons and to provide appropriate palliative care.
Abstract: In response to the needs and demands of an aging population, geriatric medicine has grown rapidly during the past 3 decades. The discipline has defined its core values as well as the knowledge base and clinical skills needed to improve the health, functioning, and well-being of older persons and to provide appropriate palliative care. Geriatric medicine has developed new models of care, advanced the treatment of common geriatric conditions, and advocated for the health and health care of older persons. Nevertheless, at the beginning of the 21st century, the health care of older persons is at a crossroads. Despite the substantial progress that geriatric medicine has made, much more remains to be done to meet the healthcare needs of our aging population. The clinical, educational, and research approaches of the 20th century are unable to keep pace and require major revisions. Maintaining the status quo will mean falling further and further behind. The healthcare delivery and financing systems need fundamental redesign to improve quality and eliminate waste. The American Geriatrics Society (AGS) Task Force on the Future of Geriatric Medicine has identified five goals aimed at optimizing the health of older persons: To ensure that every older person receives high-quality, patient-centered health care; To expand the geriatrics knowledge base; To increase the number of healthcare professionals who employ the principles of geriatric medicine in caring for older persons; To recruit physicians and other healthcare professionals into careers in geriatric medicine; To unite professional and lay groups in the effort to influence public policy to continually improve the health and health care of seniors. Geriatric medicine cannot accomplish these goals alone. Accordingly, the Task Force has articulated a set of recommendations primarily aimed at the government, organizations, agencies, foundations, and other partners whose collaboration will be essential in accomplishing these goals. The vision described in this document and the accompanying recommendations are only the broad outline of an agenda for the future. Geriatric medicine, through its professional organizations and its partners, will need to mobilize resources to identify and implement the specific steps that will make the vision a reality. Doing so will require broad participation, consensus building, creativity, and perseverance. The consequences of inaction will be profound. The combination of a burgeoning number of older persons and an inadequately prepared, poorly organized physician workforce is a recipe for expensive, fragmented health care that does not meet the needs of our older population. By virtue of their unique skills and advocacy for the health of older persons, geriatricians can be key leaders of change to achieve the goals of geriatric medicine and optimize the health of our aging population. Nevertheless, the goals of geriatric medicine will be accomplished only if geriatricians and their partners work in a system that is designed to provide high-quality, efficient care and recognizes the value of geriatrics.
158 citations