Your search keyword '"Computer Security instrumentation"' showing total 251 results

1. Ensuring the integrity assessment of IoT medical sensors using hesitant fuzzy sets.

Author

Obidallah WJ

Subjects

Humans, Saudi Arabia, Delphi Technique, Fuzzy Logic, Internet of Things, Computer Security standards, Computer Security instrumentation

Abstract

Objective: The Internet of Medical Things (IoMT) is transforming healthcare systems, but concerns about device integrity and sensitive data are growing. The study aims to develop a framework for evaluating and prioritizing integrity schemes in healthcare for IoT-based medical sensor devices, addressing the challenges of selecting the right authentication solution due to its complexity and intricacy. Methods: A unified health-hesitant fuzzy expert system for IoMT sensor integrity assessment in Saudi Arabia is described in this paper. Medical sensor integrity literature and professionals are contacted first. Delphi is used to gather attributes of integrity approaches while an Internet of Things medical sensor integrity specialist supervises the operation. After collecting characteristics, good assessment criteria are created and the hesitant fuzzy analytic network procedure is used to assess integrity. Results: Functional integrity and measurement accuracy are the biggest factors in IoMT sensor security and integrity, according to assessment. The framework achieves 93%, 94%, and 95% precision, accuracy, and recall compared to current approaches. The framework helps healthcare integrity security professionals and stakeholders assess and resolve IoT medical sensor authentication issues. Conclusion: This health-hesitant fuzzy expert system will let Saudi Arabian and international healthcare stakeholders safely deploy IoMT sensors in the changing healthcare landscape., Competing Interests: Declaration of conflicting interestsThe author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Published

2024

2. Design of a BIST implemented AES crypto-processor ASIC.

Author

Ali ML, Rahman MS, and Hossain FS

Subjects

Algorithms, Computer Simulation, Industry, Pattern Recognition, Automated, United States, Computer Security instrumentation

Abstract

This paper presents the design of a Built-in-self-Test (BIST) implemented Advanced Encryption Standard (AES) cryptoprocessor Application Specific Integrated Circuit (ASIC). AES has been proved as the strongest symmetric encryption algorithm declared by USA Govt. and it outperforms all other existing cryptographic algorithms. Its hardware implementation offers much higher speed and physical security than that of its software implementation. Due to this reason, a number of AES cryptoprocessor ASIC have been presented in the literature, but the problem of testability in the complex AES chip is not addressed yet. This research introduces a solution to the problem for the AES cryptoprocessor ASIC implementing mixed-mode BIST technique, a hybrid of pseudo-random and deterministic techniques. The BIST implemented ASIC is designed using IEEE industry standard Hardware Description Language(HDL). It has been simulated using Electronic Design Automation (EDA)tools for verification and validation using the input-output data from the National Institute of Standard and Technology (NIST) of the USA Govt. The simulation results show that the design is working as per desired functionalities in different modes of operation of the ASIC. The current research is compared with those of other researchers, and it shows that it is unique in terms of BIST implementation into the ASIC chip., Competing Interests: The authors have declared that no competing interests exist.

Published

2021

3. An improved NFC device authentication protocol.

Author

Lu HJ and Liu D

Subjects

Confidentiality, Algorithms, Computer Security instrumentation

Abstract

Aimed at the security authentication problem between Near Field Communication (NFC) devices, this paper uses the technology of asymmetric encryption algorithm, symmetric encryption algorithm, hash function, timestamp and survival period to improve the confidentiality, performance and security of the protocol. The symmetric encryption algorithm encrypts the transmission content, while the asymmetric encryption algorithm encrypts the shared key. The whole authentication process is secure, and the key distribution is secure. The improved NFC device authentication protocol can effectively resist the brute force attack, man-in-the-middle attack and replay attack in the authentication process, it can reduce the number of message transmission in the authentication process, improve the transmission efficiency, enhance the confidentiality, integrity, non-repudiation and improve the security of NFC device authentication., Competing Interests: The authors declare there are no conflicts of interest regarding the publication of this paper. There is no any commercial affiliation with Hangzhou Anheng Information Technology Co., Ltd. This does not alter our adherence to PLOS ONE policies on sharing data and materials.

Published

2021

4. Zero-knowledge identity authentication for internet of vehicles: Improvement and application.

Author

Han M, Yin Z, Cheng P, Zhang X, and Ma S

Subjects

Algorithms, Automobile Driving, Automobiles, China, Confidentiality, Crime Victims, Excipients, Humans, Information Systems instrumentation, Information Systems trends, Internet, Knowledge, Research Design, Software, Automation methods, Computer Security instrumentation, Computer Security trends

Abstract

The popularity of Internet of Vehicles (IoV) has made people's driving environment more comfortable and convenient. However, with the integration of external networks and the vehicle networks, the vulnerabilities of the Controller Area Network (CAN) are exposed, allowing attackers to remotely invade vehicle networks through external devices. Based on the remote attack model for vulnerabilities of the in-vehicle CAN, we designed an efficient and safe identity authentication scheme based on Feige-Fiat-Shamir (FFS) zero-knowledge identification scheme with extremely high soundness. We used the method of zero-one reversal and two-to-one verification to solve the problem that FFS cannot effectively resist guessing attacks. Then, we carried out a theoretical analysis of the scheme's security and evaluated it on the software and hardware platform. Finally, regarding time overhead, under the same parameters, compared with the existing scheme, the scheme can complete the authentication within 6.1ms without having to go through multiple rounds of interaction, which reduces the additional authentication delay and enables all private keys to participate in one round of authentication, thereby eliminating the possibility that a private key may not be involved in the original protocol. Regarding security and soundness, as long as private keys are not cracked, the scheme can resist guessing attacks, which is more secure than the existing scheme., Competing Interests: The authors have declared that no competing interests exist.

Published

2020

5. Self-Powered Multifunctional Electronic Skin for a Smart Anti-Counterfeiting Signature System.

Author

Guo H, Wan J, Wu H, Wang H, Miao L, Song Y, Chen H, Han M, and Zhang H

Subjects

Electric Power Supplies, Electrodes, Humans, Pressure, Computer Security instrumentation, Fraud prevention & control, Handwriting, Wearable Electronic Devices

Abstract

Self-powered electronic skin is a promising field for human-machine interfaces to the next generation of intelligent and interactive products due to its capability of including multiple physical parameters for sensing without additional energy supply. This paper reports a novel active multifunctional electronic skin capable of independently detecting contact trajectory, acceleration, velocity, and pressure based on the synchronized triboelectrification and piezoelectric effect. Motion trajectories in the full plane can be identified by using a net-cross electrodes configuration design. Under this electrode special structure design, the motion information such as velocity and acceleration can be accurately obtained by the time difference between the peak values of the triboelectric signal. Real-time detection of dynamic pressure with only two electrodes is achieved by a spacer-grid design and a high quality piezoelectric nanofiber film. By virtue of its high sensitivity and precision, a smart anti-counterfeiting signature system (SASS) can be achieved by this self-powered multifunctional electronic skin with the capability of recognizing the writing habits of people within a 100 ms error for security. It is also a promising candidate in terms of human-machine interaction, cyber security, and so on.

Published

2020

6. A framework for secure and decentralized sharing of medical imaging data via blockchain consensus.

Author

Patel V

Subjects

Blockchain, Computer Security instrumentation, Computer Security standards, Diagnostic Imaging methods, Electronic Health Records trends, Humans, Diagnostic Imaging instrumentation, Information Dissemination methods, Politics

Abstract

The electronic sharing of medical imaging data is an important element of modern healthcare systems, but current infrastructure for cross-site image transfer depends on trust in third-party intermediaries. In this work, we examine the blockchain concept, which enables parties to establish consensus without relying on a central authority. We develop a framework for cross-domain image sharing that uses a blockchain as a distributed data store to establish a ledger of radiological studies and patient-defined access permissions. The blockchain framework is shown to eliminate third-party access to protected health information, satisfy many criteria of an interoperable health system, and readily generalize to domains beyond medical imaging. Relative drawbacks of the framework include the complexity of the privacy and security models and an unclear regulatory environment. Ultimately, the large-scale feasibility of such an approach remains to be demonstrated and will depend on a number of factors which we discuss in detail.

Published

2019

7. Construction of RSA-Based Authentication Scheme in Authorized Access to Healthcare Services : Authorized Access to Healthcare Services.

Author

Dharminder D, Mishra D, and Li X

Subjects

Confidentiality, Humans, Computer Security instrumentation, Electronic Health Records organization & administration, Health Information Exchange standards, Health Information Systems standards, Telemedicine instrumentation

Abstract

Modern network technology yields new interface for telecare medicine information systems in short TMIS used for patient's healthcare. This system is used to provide healthcare services to patients at their home. It can be observed, telecare medicine information systems generally suffer several attacks as information being transmitted over a public network. Therefore, various authentication and key agreement schemes are proposed for TMIS to ensure secure and authorized patients communication over given public network. However, most of the schemes fail to achieve essential attributes discussed in this article. Although the key attributes of security and efficiency should be achieved in a common framework. This paper proposes construction of an RSA based authentication scheme for authorized access to healthcare services and achieves desirable key attributes of authentication protocols. Proof of security against polynomial time adversary is given in the random oracle to justify the security of proposed scheme. Communication analysis and computation analysis of proposed scheme indicates that proposed scheme's performance is comparable and having better security.

Published

2019

8. An Artificial Neural Network Framework for Gait-Based Biometrics.

Author

Sun Y and Lo B

Subjects

Adult, Computer Communication Networks, Female, Humans, Male, Wearable Electronic Devices, Wireless Technology instrumentation, Young Adult, Biometry instrumentation, Computer Security instrumentation, Confidentiality, Gait physiology, Neural Networks, Computer

Abstract

As the popularity of wearable and the implantable body sensor network (BSN) devices increases, there is a growing concern regarding the data security of such power-constrained miniaturized medical devices. With limited computational power, BSN devices are often not able to provide strong security mechanisms to protect sensitive personal and health information, such as one's physiological data. Consequently, many new methods of securing wireless body area networks have been proposed recently. One effective solution is the biometric cryptosystem (BCS) approach. BCS exploits physiological and behavioral biometric traits, including face, iris, fingerprints, electrocardiogram, and photoplethysmography. In this paper, we propose a new BCS approach for securing wireless communications for wearable and implantable healthcare devices using gait signal energy variations and an artificial neural network framework. By simultaneously extracting similar features from BSN sensors using our approach, binary keys can be generated on demand without user intervention. Through an extensive analysis on our BCS approach using a gait dataset, the results have shown that the binary keys generated using our approach have high entropy for all subjects. The keys can pass both National Institute of Standards and Technology and Dieharder statistical tests with high efficiency. The experimental results also show the robustness of the proposed approach in terms of the similarity of intraclass keys and the discriminability of the interclass keys.

Published

2019

9. Anonymity preserving and round effective three-party authentication key exchange protocol based on chaotic maps.

Author

Pak K, Pak S, Ho C, Pak M, and Hwang C

Subjects

Algorithms, Communication, Confidentiality, Health Information Exchange, Humans, Trust, Computer Security instrumentation, Information Systems instrumentation, Telemedicine instrumentation

Abstract

Three-party authentication key exchange (3PAKE) is a protocol that allows two users to set up a common session key with the help of a trusted remote server, which is effective for secret communication between clients in a large-scale network environment. Since chaotic maps have superior characteristics, researchers have recently presented some of the studies that apply it to authentication key exchange and cryptography. Providing user anonymity in the authentication key exchange is one of the important security requirements to protect users' personal secrets. We analyse Lu et al.'s scheme which attempts to provide user anonymity and we prove that his scheme has errors in the key exchange phase and password change phase. We propose a round-effective three-party authentication key exchange (3PAKE) protocol that provides user anonymity and we analyse its security properties based on BAN logic and AVISPA tool., Competing Interests: Lu proposed the 3PAKE protocol in the article "An extended chaotic maps-based three-party password-authenticated key agreement with user anonymity" (Plos One. 2016;11(4):e0153870) and attempted to provide user anonymity. We have found in his paper that there is a protocol design flaw and that it does not provide user anonymity. We proposed a computationally effective, round-effective 3PAKE protocol that provides user anonymity. We explicitly agree that you invite authors of the disputed work to sign in the first round of revisions. This does not alter our adherence to PLOS ONE policies on sharing data and materials.

Published

2019

10. Health Care and Cybersecurity: Bibliometric Analysis of the Literature.

Author

Jalali MS, Razak S, Gordon W, Perakslis E, and Madnick S

Subjects

Humans, Bibliometrics, Computer Security instrumentation, Delivery of Health Care methods

Abstract

Background: Over the past decade, clinical care has become globally dependent on information technology. The cybersecurity of health care information systems is now an essential component of safe, reliable, and effective health care delivery., Objective: The objective of this study was to provide an overview of the literature at the intersection of cybersecurity and health care delivery., Methods: A comprehensive search was conducted using PubMed and Web of Science for English-language peer-reviewed articles. We carried out chronological analysis, domain clustering analysis, and text analysis of the included articles to generate a high-level concept map composed of specific words and the connections between them., Results: Our final sample included 472 English-language journal articles. Our review results revealed that majority of the articles were focused on technology: Technology-focused articles made up more than half of all the clusters, whereas managerial articles accounted for only 32% of all clusters. This finding suggests that nontechnological variables (human-based and organizational aspects, strategy, and management) may be understudied. In addition, Software Development Security, Business Continuity, and Disaster Recovery Planning each accounted for 3% of the studied articles. Our results also showed that publications on Physical Security account for only 1% of the literature, and research in this area is lacking. Cyber vulnerabilities are not all digital; many physical threats contribute to breaches and potentially affect the physical safety of patients., Conclusions: Our results revealed an overall increase in research on cybersecurity and identified major gaps and opportunities for future work., (©Mohammad S Jalali, Sabina Razak, William Gordon, Eric Perakslis, Stuart Madnick. Originally published in the Journal of Medical Internet Research (http://www.jmir.org), 15.02.2019.)

Published

2019

11. Protecting contacts against privacy leaks in smartphones.

Author

Cha Y and Pak W

Subjects

Humans, Internet, Mobile Applications, Computer Security instrumentation, Privacy, Smartphone instrumentation

Abstract

Due to recent developments in technologies associated with the Internet of Things (IoT), a large number of people now regularly use smart devices, such as smartwatches and smartphones. However, these devices are prone to data leaks because of security vulnerabilities. In particular, Android devices use permission-based security, which allows users to directly approve permissions requested by an app when installing it. As a result, many malicious apps can obtain and leak private user data by requesting more permissions than are needed. However, it is difficult to identify malicious apps based solely on the requested permissions. A system is hence needed to accurately identify malicious apps and protect private data from them. In this paper, we propose a system for hiding data related to a user's contacts or providing virtual data according to preconfigured policies when an Android app requests access to them. By hiding data related to the contacts, the proposed system can protect them from malicious apps. By using virtual data, it can even detect malicious apps that leak private data. The system requires less storage and provides faster access to user contacts than prevalent solutions to similar problems., Competing Interests: The authors have declared that no competing interests exist.

Published

2018

12. Biometrics: Accessibility challenge or opportunity?

Author

Blanco-Gonzalo R, Lunerti C, Sanchez-Reillo R, and Guest R

Subjects

Adolescent, Adult, Biometric Identification instrumentation, Computer Security instrumentation, Dermatoglyphics, Face anatomy & histology, Female, Humans, Male, Middle Aged, Mobile Applications, Reproducibility of Results, Voice, Young Adult, Biometric Identification methods

Abstract

Biometric recognition is currently implemented in several authentication contexts, most recently in mobile devices where it is expected to complement or even replace traditional authentication modalities such as PIN (Personal Identification Number) or passwords. The assumed convenience characteristics of biometrics are transparency, reliability and ease-of-use, however, the question of whether biometric recognition is as intuitive and straightforward to use is open to debate. Can biometric systems make some tasks easier for people with accessibility concerns? To investigate this question, an accessibility evaluation of a mobile app was conducted where test subjects withdraw money from a fictitious ATM (Automated Teller Machine) scenario. The biometric authentication mechanisms used include face, voice, and fingerprint. Furthermore, we employed traditional modalities of PIN and pattern in order to check if biometric recognition is indeed a real improvement. The trial test subjects within this work were people with real-life accessibility concerns. A group of people without accessibility concerns also participated, providing a baseline performance. Experimental results are presented concerning performance, HCI (Human-Computer Interaction) and accessibility, grouped according to category of accessibility concern. Our results reveal links between individual modalities and user category establishing guidelines for future accessible biometric products.

Published

2018

13. Ten Questions With ….

Author

Domas S

Subjects

History, 21st Century, Humans, Ohio, Computer Security history, Computer Security instrumentation, Computer Security standards, Computer Security trends, Equipment and Supplies standards, Research history, Research organization & administration, Research standards

Published

2018

14. Getting to the Heart of HTM with a 'Back to Basics' Approach.

Author

Stern G

Subjects

Computer Security instrumentation, Computer Security standards, Humans, Product Line Management organization & administration, Product Line Management standards, Professional Role, Workforce, Equipment and Supplies standards, Health Information Management methods, Health Information Management organization & administration, Health Information Management standards

Published

2018

15. Smart Sensing Based on DNA-Metal Interaction Enables a Label-Free and Resettable Security Model of Electrochemical Molecular Keypad Lock.

Author

Du Y, Han X, Wang C, Li Y, Li B, and Duan H

Subjects

DNA chemistry, Electrochemical Techniques, Metals chemistry, Biosensing Techniques instrumentation, Computer Security instrumentation

Abstract

Recently, molecular keypad locks have received increasing attention. As a new subgroup of smart biosensors, they show great potential for protecting information as a molecular security data processor, rather than merely molecular recognition and quantitation. Herein, label-free electrochemically transduced Ag + and cysteine (Cys) sensors were developed. A molecular keypad lock model with reset function was successfully realized based on the balanced interaction of metal ion with its nucleic acid and chemical ligands. The correct input of "1-2-3" (i.e., "Ag + -Cys-cDNA") is the only password of such molecular keypad lock. Moreover, the resetting process of either correct or wrong input order could be easily made by Cys, buffer, and DI water treatment. Therefore, our system provides an even smarter system of molecular keypad lock, which could inhibit illegal access of unauthorized users, holding great promise in information protection at the molecular level.

Published

2018

16. Compact FPGA hardware architecture for public key encryption in embedded devices.

Author

Rodríguez-Flores L, Morales-Sandoval M, Cumplido R, Feregrino-Uribe C, and Algredo-Badillo I

Subjects

Algorithms, Computer Systems, Humans, Computer Security instrumentation, Internet, Wearable Electronic Devices

Abstract

Security is a crucial requirement in the envisioned applications of the Internet of Things (IoT), where most of the underlying computing platforms are embedded systems with reduced computing capabilities and energy constraints. In this paper we present the design and evaluation of a scalable low-area FPGA hardware architecture that serves as a building block to accelerate the costly operations of exponentiation and multiplication in [Formula: see text], commonly required in security protocols relying on public key encryption, such as in key agreement, authentication and digital signature. The proposed design can process operands of different size using the same datapath, which exhibits a significant reduction in area without loss of efficiency if compared to representative state of the art designs. For example, our design uses 96% less standard logic than a similar design optimized for performance, and 46% less resources than other design optimized for area. Even using fewer area resources, our design still performs better than its embedded software counterparts (190x and 697x).

Published

2018

17. Controlled searching in reversibly de-identified medical imaging archives.

Author

Silva JM, Pinho E, Monteiro E, Silva JF, and Costa C

Subjects

Computer Communication Networks, Computer Security instrumentation, Data Anonymization, Humans, Machine Learning, Medical Records Systems, Computerized organization & administration, Radiology Information Systems organization & administration, Radiology Information Systems standards, Search Engine, Confidentiality trends, Diagnostic Imaging standards, Diagnostic Imaging trends, Information Storage and Retrieval methods

Abstract

Nowadays, digital medical imaging in healthcare has become a fundamental tool for medical diagnosis. This growth has been accompanied by the development of technologies and standards, such as the DICOM standard and PACS. This environment led to the creation of collaborative projects where there is a need to share medical data between different institutions for research and educational purposes. In this context, it is necessary to maintain patient data privacy and provide an easy and secure mechanism for authorized personnel access. This paper presents a solution that fully de-identifies standard medical imaging objects, including metadata and pixel data, providing at the same time a reversible de-identifier mechanism that retains search capabilities from the original data. The last feature is important in some scenarios, for instance, in collaborative platforms where data is anonymized when shared with the community but searchable for data custodians or authorized entities. The solution was integrated into an open source PACS archive and validated in a multidisciplinary collaborative scenario., (Copyright © 2017 Elsevier Inc. All rights reserved.)

Published

2018

18. RAIN: A Bio-Inspired Communication and Data Storage Infrastructure.

Author

Monti M and Rasmussen S

Subjects

Internet, Artificial Intelligence, Computer Security instrumentation, Information Dissemination methods, Information Storage and Retrieval methods

Abstract

We summarize the results and perspectives from a companion article, where we presented and evaluated an alternative architecture for data storage in distributed networks. We name the bio-inspired architecture RAIN, and it offers file storage service that, in contrast with current centralized cloud storage, has privacy by design, is open source, is more secure, is scalable, is more sustainable, has community ownership, is inexpensive, and is potentially faster, more efficient, and more reliable. We propose that a RAIN-style architecture could form the backbone of the Internet of Things that likely will integrate multiple current and future infrastructures ranging from online services and cryptocurrency to parts of government administration.

Published

2017

19. A Mutual Authentication Framework for Wireless Medical Sensor Networks.

Author

Srinivas J, Mishra D, and Mukhopadhyay S

Subjects

Biosensing Techniques methods, Computer Security instrumentation, Humans, Biosensing Techniques instrumentation, Computer Communication Networks, Computer Security standards, Confidentiality standards, Wireless Technology instrumentation

Abstract

Wireless medical sensor networks (WMSN) comprise of distributed sensors, which can sense human physiological signs and monitor the health condition of the patient. It is observed that providing privacy to the patient's data is an important issue and can be challenging. The information passing is done via the public channel in WMSN. Thus, the patient, sensitive information can be obtained by eavesdropping or by unauthorized use of handheld devices which the health professionals use in monitoring the patient. Therefore, there is an essential need of restricting the unauthorized access to the patient's medical information. Hence, the efficient authentication scheme for the healthcare applications is needed to preserve the privacy of the patients' vital signs. To ensure secure and authorized communication in WMSN, we design a symmetric key based authentication protocol for WMSN environment. The proposed protocol uses only computationally efficient operations to achieve lightweight attribute. We analyze the security of the proposed protocol. We use a formal security proof algorithm to show the scheme security against known attacks. We also use the Automated Validation of Internet Security Protocols and Applications (AVISPA) simulator to show protocol secure against man-in-the-middle attack and replay attack. Additionally, we adopt an informal analysis to discuss the key attributes of the proposed scheme. From the formal proof of security, we can see that an attacker has a negligible probability of breaking the protocol security. AVISPA simulator also demonstrates the proposed scheme security against active attacks, namely, man-in-the-middle attack and replay attack. Additionally, through the comparison of computational efficiency and security attributes with several recent results, proposed scheme seems to be battered.

Published

2017

20. Parallel point-multiplication architecture using combined group operations for high-speed cryptographic applications.

Author

Hossain MS, Saeedi E, and Kong Y

Subjects

United States, United States Government Agencies, Algorithms, Computer Security instrumentation, Computers

Abstract

In this paper, we propose a novel parallel architecture for fast hardware implementation of elliptic curve point multiplication (ECPM), which is the key operation of an elliptic curve cryptography processor. The point multiplication over binary fields is synthesized on both FPGA and ASIC technology by designing fast elliptic curve group operations in Jacobian projective coordinates. A novel combined point doubling and point addition (PDPA) architecture is proposed for group operations to achieve high speed and low hardware requirements for ECPM. It has been implemented over the binary field which is recommended by the National Institute of Standards and Technology (NIST). The proposed ECPM supports two Koblitz and random curves for the key sizes 233 and 163 bits. For group operations, a finite-field arithmetic operation, e.g. multiplication, is designed on a polynomial basis. The delay of a 233-bit point multiplication is only 3.05 and 3.56 μs, in a Xilinx Virtex-7 FPGA, for Koblitz and random curves, respectively, and 0.81 μs in an ASIC 65-nm technology, which are the fastest hardware implementation results reported in the literature to date. In addition, a 163-bit point multiplication is also implemented in FPGA and ASIC for fair comparison which takes around 0.33 and 0.46 μs, respectively. The area-time product of the proposed point multiplication is very low compared to similar designs. The performance ([Formula: see text]) and Area × Time × Energy (ATE) product of the proposed design are far better than the most significant studies found in the literature.

Published

2017

21. Use of redundant arrays of inexpensive disks in orthodontic practice.

Author

Graham DM, Graham MJ, and Mupparapu M

Subjects

Health Insurance Portability and Accountability Act, Humans, United States, Computer Security instrumentation, Electronic Health Records instrumentation, Orthodontics, Practice Management, Dental

Abstract

In a time when orthodontists are getting away from paper charts and going digital with their patient data and imaging, practitioners need to be prepared for a potential hardware failure in their data infrastructure. Although a backup plan in accordance with the Security Rule of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 may prevent data loss in case of a disaster or hard drive failure, it does little to ensure business and practice continuity. Through the implementation of a common technique used in information technology, the redundant array of inexpensive disks, a practice may continue normal operations without interruption if a hard drive fails., (Copyright © 2017 American Association of Orthodontists. Published by Elsevier Inc. All rights reserved.)

Published

2017

22. A Double Chaotic Layer Encryption Algorithm for Clinical Signals in Telemedicine.

Author

Murillo-Escobar MA, Cardoza-Avendaño L, López-Gutiérrez RM, and Cruz-Hernández C

Subjects

Blood Pressure, Electrocardiography, Electroencephalography, Humans, Algorithms, Computer Security instrumentation, Confidentiality, Telemedicine instrumentation

Abstract

Recently, telemedicine offers medical services remotely via telecommunications systems and physiological monitoring devices. This scheme provides healthcare delivery services between physicians and patients conveniently, since some patients can not attend the hospital due to any reason. However, transmission of information over an insecure channel such as internet or private data storing generates a security problem. Therefore, authentication, confidentiality, and privacy are important challenges in telemedicine, where only authorized users should have access to medical or clinical records. On the other hand, chaotic systems have been implemented efficiently in cryptographic systems to provide confidential and privacy. In this work, we propose a novel symmetric encryption algorithm based on logistic map with double chaotic layer encryption (DCLE) in diffusion process and just one round of confusion-diffusion for the confidentiality and privacy of clinical information such as electrocardiograms (ECG), electroencephalograms (EEG), and blood pressure (BP) for applications in telemedicine. The clinical signals are acquired from PhysioBank data base for encryption proposes and analysis. In contrast with recent schemes in literature, we present a secure cryptographic algorithm based on chaos validated with the most complete security analysis until this time. In addition, the cryptograms are validated with the most complete pseudorandomness tests based on National Institute of Standards and Technology (NIST) 800-22 suite. All results are at MATLAB simulations and all them show the effectiveness, security, robustness, and the potential use of the proposed scheme in telemedicine.

Published

2017

23. A Standard Mutual Authentication Protocol for Cloud Computing Based Health Care System.

Author

Mohit P, Amin R, Karati A, Biswas GP, and Khan MK

Subjects

Algorithms, Humans, Internet, Cloud Computing, Computer Security instrumentation, Confidentiality, Health Information Exchange standards, Telemedicine instrumentation

Abstract

Telecare Medical Information System (TMIS) supports a standard platform to the patient for getting necessary medical treatment from the doctor(s) via Internet communication. Security protection is important for medical records (data) of the patients because of very sensitive information. Besides, patient anonymity is another most important property, which must be protected. Most recently, Chiou et al. suggested an authentication protocol for TMIS by utilizing the concept of cloud environment. They claimed that their protocol is patient anonymous and well security protected. We reviewed their protocol and found that it is completely insecure against patient anonymity. Further, the same protocol is not protected against mobile device stolen attack. In order to improve security level and complexity, we design a light weight authentication protocol for the same environment. Our security analysis ensures resilience of all possible security attacks. The performance of our protocol is relatively standard in comparison with the related previous research.

Published

2017

24. A Selective Group Authentication Scheme for IoT-Based Medical Information System.

Author

Park Y and Park Y

Subjects

Humans, Algorithms, Computer Security instrumentation, Confidentiality, Health Information Exchange standards, Medical Informatics Applications

Abstract

The technology of IoT combined with medical systems is expected to support advanced medical services. However, unsolved security problems, such as misuse of medical devices, illegal access to the medical server and so on, make IoT-based medical systems not be applied widely. In addition, users have a high burden of computation to access Things for the explosive growth of IoT devices. Because medical information is critical and important, but users have a restricted computing power, IoT-based medical systems are required to provide secure and efficient authentication for users. In this paper, we propose a selective group authentication scheme using Shamir's threshold technique. The property of selectivity gives the right of choice to users to form a group which consists of things users select and access. And users can get an access authority for those Things at a time. Thus, our scheme provides an efficient user authentication for multiple Things and conditional access authority for safe IoT-based medical information system. To the best of our knowledge, our proposed scheme is the first in which selectivity is combined with group authentication in IoT environments.

Published

2017

25. Secure and Reliable Wireless Medical Device and Mobile Connectivity.

Author

Hoglund DH

Subjects

Telemedicine methods, Computer Communication Networks instrumentation, Computer Security instrumentation, Confidentiality, Equipment and Supplies, Telemedicine instrumentation, Wireless Technology instrumentation

Published

2017

26. Privacy-Preserving Integration of Medical Data : A Practical Multiparty Private Set Intersection.

Author

Miyaji A, Nakasho K, and Nishida S

Subjects

Algorithms, Humans, Computer Security instrumentation, Confidentiality, Health Information Management instrumentation

Abstract

Medical data are often maintained by different organizations. However, detailed analyses sometimes require these datasets to be integrated without violating patient or commercial privacy. Multiparty Private Set Intersection (MPSI), which is an important privacy-preserving protocol, computes an intersection of multiple private datasets. This approach ensures that only designated parties can identify the intersection. In this paper, we propose a practical MPSI that satisfies the following requirements: The size of the datasets maintained by the different parties is independent of the others, and the computational complexity of the dataset held by each party is independent of the number of parties. Our MPSI is based on the use of an outsourcing provider, who has no knowledge of the data inputs or outputs. This reduces the computational complexity. The performance of the proposed MPSI is evaluated by implementing a prototype on a virtual private network to enable parallel computation in multiple threads. Our protocol is confirmed to be more efficient than comparable existing approaches.

Published

2017

27. ICASME: An Improved Cloud-Based Authentication Scheme for Medical Environment.

Author

Cheng Q, Zhang X, and Ma J

Subjects

Humans, Computer Security instrumentation, Confidentiality, Information Systems instrumentation, Telemedicine instrumentation

Abstract

Unlike the traditional medical system, telecare medicine information system (TMIS) ensures that patients can get health-care services via the Internet at home. Authenticated key agreement protocol is very important for protecting the security in TMIS. Recently scholars have proposed a lot of authenticated key agreement protocols. In 2016, Chiou et al. demonstrated that Chen et al.'s authentication scheme fails to provide user's anonymity and message authentication and then proposed an enhanced scheme (Chiou et al., J. Med. Syst. 40(4):1-15, 2006) to overcome these drawbacks. In this paper, we demonstrate that Chiou et al.'s scheme is defenseless against key compromise impersonation (KCI) attack and also fails to provide forward security. Moreover, we propose a novel authentication scheme namely ICASME to overcome the mentioned weaknesses in this paper. Security analyses show that ICASME achieves the forward security and KCI attack resistance. In addition, it is proved that the time taken to implement the ICASME is not intolerable compared to the original protocol.

Published

2017

28. Boundary-Pushing Healthcare Tech.

Author

Sheffer J

Subjects

Biomedical Technology trends, Computer Security trends, Decision Support Systems, Clinical instrumentation, Disinfection trends, Forecasting, High Fidelity Simulation Training trends, Robotics trends, United States, Biomedical Technology instrumentation, Computer Security instrumentation, Decision Support Systems, Clinical trends, Disinfection instrumentation, High Fidelity Simulation Training methods, Robotics instrumentation

Published

2017

29. An Efficient Remote Authentication Scheme for Wireless Body Area Network.

Author

Omala AA, Kibiwott KP, and Li F

Subjects

Algorithms, Humans, Wireless Technology, Computer Security instrumentation, Confidentiality, Monitoring, Ambulatory instrumentation, Remote Sensing Technology instrumentation

Abstract

Wireless body area network (WBAN) provide a mechanism of transmitting a persons physiological data to application providers e.g. hospital. Given the limited range of connectivity associated with WBAN, an intermediate portable device e.g. smartphone, placed within WBAN's connectivity, forwards the data to a remote server. This data, if not protected from an unauthorized access and modification may be lead to poor diagnosis. In order to ensure security and privacy between WBAN and a server at the application provider, several authentication schemes have been proposed. Recently, Wang and Zhang proposed an authentication scheme for WBAN using bilinear pairing. However, in their scheme, an application provider could easily impersonate a client. In order to overcome this weakness, we propose an efficient remote authentication scheme for WBAN. In terms of performance, our scheme can not only provide a malicious insider security, but also reduce running time of WBAN (client) by 51 % as compared to Wang and Zhang scheme.

Published

2017

30. An Improvement to a Multi-Client Searchable Encryption Scheme for Boolean Queries.

Author

Jiang H, Li X, and Xu Q

Subjects

Cloud Computing, Humans, Information Storage and Retrieval, Algorithms, Computer Security instrumentation, Confidentiality, Health Information Exchange

Abstract

The migration of e-health systems to the cloud computing brings huge benefits, as same as some security risks. Searchable Encryption(SE) is a cryptography encryption scheme that can protect the confidentiality of data and utilize the encrypted data at the same time. The SE scheme proposed by Cash et al. in Crypto2013 and its follow-up work in CCS2013 are most practical SE Scheme that support Boolean queries at present. In their scheme, the data user has to generate the search tokens by the counter number one by one and interact with server repeatedly, until he meets the correct one, or goes through plenty of tokens to illustrate that there is no search result. In this paper, we make an improvement to their scheme. We allow server to send back some information and help the user to generate exact search token in the search phase. In our scheme, there are only two round interaction between server and user, and the search token has [Formula: see text] elements, where n is the keywords number in query expression, and [Formula: see text] is the minimum documents number that contains one of keyword in query expression, and the computation cost of server is [Formula: see text] modular exponentiation operation.

Published

2016

31. An Efficient Searchable Encryption Against Keyword Guessing Attacks for Sharable Electronic Medical Records in Cloud-based System.

Author

Wu Y, Lu X, Su J, and Chen P

Subjects

Cloud Computing, Confidentiality, Costs and Cost Analysis, Algorithms, Computer Security instrumentation, Electronic Health Records organization & administration, Health Information Exchange

Abstract

Preserving the privacy of electronic medical records (EMRs) is extremely important especially when medical systems adopt cloud services to store patients' electronic medical records. Considering both the privacy and the utilization of EMRs, some medical systems apply searchable encryption to encrypt EMRs and enable authorized users to search over these encrypted records. Since individuals would like to share their EMRs with multiple persons, how to design an efficient searchable encryption for sharable EMRs is still a very challenge work. In this paper, we propose a cost-efficient secure channel free searchable encryption (SCF-PEKS) scheme for sharable EMRs. Comparing with existing SCF-PEKS solutions, our scheme reduces the storage overhead and achieves better computation performance. Moreover, our scheme can guard against keyword guessing attack, which is neglected by most of the existing schemes. Finally, we implement both our scheme and a latest medical-based scheme to evaluate the performance. The evaluation results show that our scheme performs much better performance than the latest one for sharable EMRs.

Published

2016

32. Low Power S-Box Architecture for AES Algorithm using Programmable Second Order Reversible Cellular Automata: An Application to WBAN.

Author

Gangadari BR and Ahamed SR

Subjects

Computer Communication Networks, Equipment Design, Humans, Algorithms, Computer Security instrumentation, Telemetry instrumentation, Wireless Technology instrumentation

Abstract

In this paper, we presented a novel approach of low energy consumption architecture of S-Box used in Advanced Encryption Standard (AES) algorithm using programmable second order reversible cellular automata (RCA 2 ). The architecture entails a low power implementation with minimal delay overhead and the performance of proposed RCA 2 based S-Box in terms of security is evaluated using the cryptographic properties such as nonlinearity, correlation immunity bias, strict avalanche criteria, entropy and also found that the proposed architecture is secure enough for cryptographic applications. Moreover, the proposed AES algorithm architecture simulation studies show that energy consumption of 68.726 nJ, power dissipation of 3.856 mW for 0.18- μm at 13.69 MHz and energy consumption of 29.408 nJ, power dissipation of 1.65 mW for 0.13- μm at 13.69 MHz. The proposed AES algorithm with RCA 2 based S-Box shows a reduction power consumption by 50 % and energy consumption by 5 % compared to best classical S-Box and composite field arithmetic based AES algorithm. Apart from that, it is also shown that RCA 2 based S-Boxes are dynamic in nature, invertible, low power dissipation compared to that of LUT based S-Box and hence suitable for Wireless Body Area Network (WBAN) applications.

Published

2016

33. A Novel Reversible Multiple Medical Image Watermarking for Health Information System.

Author

Turuk MP and Dhande AP

Subjects

Electrocardiography, Health Information Exchange, Humans, Computer Security instrumentation, Diagnostic Imaging methods, Image Processing, Computer-Assisted methods, Medical Informatics methods, Wavelet Analysis

Abstract

The exponential augmentation of information and communication technologies has appreciably shifted panorama of Health Information System (HIS), drawing keen interests of the researchers to address the challenges in protecting the medical data. Digital Watermarking therefore gained wide popularity as an entrusted measure to ensure the security. Literature reports wide assortment of imaging approaches for digital watermarking; however its perspectives in the HIS have received meager attention, especially in the reversible watermarking context. This paper presents wavelet based novel reversible watermarking approach which imperceptibly embeds multiple watermarks like patient diagnosis detail, Electrocardiogram (ECG) signal, doctor's digital signature and diagnostic code for image retrieval. The proposed wavelet based approach exploits the quantization function to embed multiple watermarks and uses a novel tracking key to recover the original medical image. The algorithm has been analyzed on various medical imaging modalities (MRI, CT, MRA, US images of size 512 X 512), considering various image processing attacks. Experimental results signify highest hiding capacity of 91,136 bits with PSNR of 44.52 dB. The proposed algorithm adheres to strict necessities concerning the tolerable modifications in the medical images. The technique addresses the issues related with HIS namely data integrity, authentication, confidentiality protection, efficient data management, retrieval of image and additionally fulfill tamper detection on the entire image for ensuring the integrity of the medical image.

Published

2016

34. Patient-Controlled Attribute-Based Encryption for Secure Electronic Health Records System.

Author

Eom J, Lee DH, and Lee K

Subjects

Algorithms, Cloud Computing, Humans, Computer Security instrumentation, Confidentiality, Electronic Health Records instrumentation, Patient Access to Records

Abstract

In recent years, many countries have been trying to integrate electronic health data managed by each hospital to offer more efficient healthcare services. Since health data contain sensitive information of patients, there have been much research that present privacy preserving mechanisms. However, existing studies either require a patient to perform various steps to secure the data or restrict the patient to exerting control over the data. In this paper, we propose patient-controlled attribute-based encryption, which enables a patient (a data owner) to control access to the health data and reduces the operational burden for the patient, simultaneously. With our method, the patient has powerful control capability of his/her own health data in that he/she has the final say on the access with time limitation. In addition, our scheme provides emergency medical services which allow the emergency staffs to access the health data without the patient's permission only in the case of emergencies. We prove that our scheme is secure under cryptographic assumptions and analyze its efficiency from the patient's perspective.

Published

2016

35. Secure and Efficient Two-Factor User Authentication Scheme with User Anonymity for Network Based E-Health Care Applications.

Author

Li X, Niu J, Karuppiah M, Kumari S, and Wu F

Subjects

Algorithms, Confidentiality, Humans, Computer Security instrumentation, Health Information Exchange, Telemedicine

Abstract

Benefited from the development of network and communication technologies, E-health care systems and telemedicine have got the fast development. By using the E-health care systems, patient can enjoy the remote medical service provided by the medical server. Medical data are important privacy information for patient, so it is an important issue to ensure the secure of transmitted medical data through public network. Authentication scheme can thwart unauthorized users from accessing services via insecure network environments, so user authentication with privacy protection is an important mechanism for the security of E-health care systems. Recently, based on three factors (password, biometric and smart card), an user authentication scheme for E-health care systems was been proposed by Amin et al., and they claimed that their scheme can withstand most of common attacks. Unfortunate, we find that their scheme cannot achieve the untraceability feature of the patient. Besides, their scheme lacks a password check mechanism such that it is inefficient to find the unauthorized login by the mistake of input a wrong password. Due to the same reason, their scheme is vulnerable to Denial of Service (DoS) attack if the patient updates the password mistakenly by using a wrong password. In order improve the security level of authentication scheme for E-health care application, a robust user authentication scheme with privacy protection is proposed for E-health care systems. Then, security prove of our scheme are analysed. Security and performance analyses show that our scheme is more powerful and secure for E-health care systems when compared with other related schemes.

Published

2016

36. A bilinear pairing based anonymous authentication scheme in wireless body area networks for mHealth.

Author

Jiang Q, Lian X, Yang C, Ma J, Tian Y, and Yang Y

Subjects

Confidentiality, Humans, Computer Security instrumentation, Monitoring, Ambulatory instrumentation, Telemedicine instrumentation, Telemetry instrumentation, Wireless Technology instrumentation

Abstract

Wireless body area networks (WBANs) have become one of the key components of mobile health (mHealth) which provides 24/7 health monitoring service and greatly improves the quality and efficiency of healthcare. However, users' concern about the security and privacy of their health information has become one of the major obstacles that impede the wide adoption of WBANs. Anonymous and unlinkable authentication is critical to protect the security and privacy of sensitive physiological information in transit from the client to the application provider. We first show that the anonymous authentication scheme of Wang and Zhang based on bilinear pairing is prone to client impersonation attack. Then, we propose an enhanced anonymous authentication scheme to remedy the flaw in Wang and Zhang's scheme. We give the security analysis to demonstrate that the enhanced scheme achieves the desired security features and withstands various known attacks.

Published

2016

37. A Robust and Anonymous Two Factor Authentication and Key Agreement Protocol for Telecare Medicine Information Systems.

Author

Xiong H, Tao J, and Chen Y

Subjects

Confidentiality, Health Information Exchange standards, Humans, Nonlinear Dynamics, Computer Security instrumentation, Health Smart Cards, Information Systems instrumentation, Telemedicine instrumentation

Abstract

Nowadays people can get many services including health-care services from distributed information systems remotely via public network. By considering that these systems are built on public network, they are vulnerable to many malicious attacks. Hence it is necessary to introduce an effective mechanism to protect both users and severs. Recently many two-factor authentication schemes have been proposed to achieve this goal. In 2016, Li et al. demonstrated that Lee et al.'s scheme was not satisfactory to be deployed in practice because of its security weaknesses and then proposed a security enhanced scheme to overcome these drawbacks. In this paper, we analyze Li et al.'s scheme is still not satisfactory to be applied in telecare medicine information systems (TMIS) because it fails to withstand off-line dictionary attack and known session-specific temporary information attack. Moreover, their scheme cannot provide card revocation services for lost smart card. In order to solve these security problems, we propose an improved scheme. Then we analyze our scheme by using BAN-logic model and compare the improved scheme with related schemes to prove that our scheme is advantageous to be applied in practice.

Published

2016

38. A Provably Secure Aggregate Signature Scheme for Healthcare Wireless Sensor Networks.

Author

Shen L, Ma J, Liu X, and Miao M

Subjects

Humans, Computer Security instrumentation, Monitoring, Ambulatory instrumentation, Telemetry instrumentation, Wireless Technology instrumentation

Abstract

Wireless sensor networks (WSNs) are being used in a wide range of applications for healthcare monitoring, like heart rate monitors and blood pressure monitors, which can minimize the need for healthcare professionals. In medical system, sensors on or in patients produce medical data which can be easily compromised by a vast of attacks. Although signature schemes can protect data authenticity and data integrity, when the number of users involved in the medical system becomes huge, the bandwidth and storage cost will rise sharply so that existing signature schemes are inapplicability for WSNs. In this paper, we propose an efficient aggregate signature scheme for healthcare WSNs according to an improved security model, which can combine multiple signatures into a single aggregate signature. The length of such an aggregate signature may be as long as that of an individual one, which can greatly decrease the bandwidth and storage cost for networks.

Published

2016

39. Analysis of Security Protocols for Mobile Healthcare.

Author

Wazid M, Zeadally S, Das AK, and Odelu V

Subjects

Communication, Humans, Wireless Technology, Computer Security instrumentation, Monitoring, Ambulatory instrumentation, Smartphone, Telemedicine instrumentation, Telemetry instrumentation

Abstract

Mobile Healthcare (mHealth) continues to improve because of significant improvements and the decreasing costs of Information Communication Technologies (ICTs). mHealth is a medical and public health practice, which is supported by mobile devices (for example, smartphones) and, patient monitoring devices (for example, various types of wearable sensors, etc.). An mHealth system enables healthcare experts and professionals to have ubiquitous access to a patient's health data along with providing any ongoing medical treatment at any time, any place, and from any device. It also helps the patient requiring continuous medical monitoring to stay in touch with the appropriate medical staff and healthcare experts remotely. Thus, mHealth has become a major driving force in improving the health of citizens today. First, we discuss the security requirements, issues and threats to the mHealth system. We then present a taxonomy of recently proposed security protocols for mHealth system based on features supported and possible attacks, computation cost and communication cost. Our detailed taxonomy demonstrates the strength and weaknesses of recently proposed security protocols for the mHealth system. Finally, we identify some of the challenges in the area of security protocols for mHealth systems that still need to be addressed in the future to enable cost-effective, secure and robust mHealth systems.

Published

2016

40. m 2 -ABKS: Attribute-Based Multi-Keyword Search over Encrypted Personal Health Records in Multi-Owner Setting.

Author

Miao Y, Ma J, Liu X, Wei F, Liu Z, and Wang XA

Subjects

Algorithms, Humans, Cloud Computing, Computer Security instrumentation, Confidentiality, Electronic Health Records instrumentation

Abstract

Online personal health record (PHR) is more inclined to shift data storage and search operations to cloud server so as to enjoy the elastic resources and lessen computational burden in cloud storage. As multiple patients' data is always stored in the cloud server simultaneously, it is a challenge to guarantee the confidentiality of PHR data and allow data users to search encrypted data in an efficient and privacy-preserving way. To this end, we design a secure cryptographic primitive called as attribute-based multi-keyword search over encrypted personal health records in multi-owner setting to support both fine-grained access control and multi-keyword search via Ciphertext-Policy Attribute-Based Encryption. Formal security analysis proves our scheme is selectively secure against chosen-keyword attack. As a further contribution, we conduct empirical experiments over real-world dataset to show its feasibility and practicality in a broad range of actual scenarios without incurring additional computational burden.

Published

2016

41. Design of a Secure Authentication and Key Agreement Scheme Preserving User Privacy Usable in Telecare Medicine Information Systems.

Author

Arshad H and Rasoolzadegan A

Subjects

Humans, Computer Security instrumentation, Confidentiality, Information Systems instrumentation, Telemedicine instrumentation

Abstract

Authentication and key agreement schemes play a very important role in enhancing the level of security of telecare medicine information systems (TMISs). Recently, Amin and Biswas demonstrated that the authentication scheme proposed by Giri et al. is vulnerable to off-line password guessing attacks and privileged insider attacks and also does not provide user anonymity. They also proposed an improved authentication scheme, claiming that it resists various security attacks. However, this paper demonstrates that Amin and Biswas's scheme is defenseless against off-line password guessing attacks and replay attacks and also does not provide perfect forward secrecy. This paper also shows that Giri et al.'s scheme not only suffers from the weaknesses pointed out by Amin and Biswas, but it also is vulnerable to replay attacks and does not provide perfect forward secrecy. Moreover, this paper proposes a novel authentication and key agreement scheme to overcome the mentioned weaknesses. Security and performance analyses show that the proposed scheme not only overcomes the mentioned security weaknesses, but also is more efficient than the previous schemes.

Published

2016

42. A Novel Reference Security Model with the Situation Based Access Policy for Accessing EPHR Data.

Author

Gope P and Amin R

Subjects

Health Information Exchange, Humans, Computer Security instrumentation, Confidentiality, Electronic Health Records instrumentation

Abstract

Electronic Patient Health Record (EPHR) systems may facilitate a patient not only to share his/her health records securely with healthcare professional but also to control his/her health privacy, in a convenient and easy way even in case of emergency. In order to fulfill these requirements, it is greatly desirable to have the access control mechanism which can efficiently handle every circumstance without negotiating security. However, the existing access control mechanisms used in healthcare to regulate and restrict the disclosure of patient data are often bypassed in case of emergencies. In this article, we propose a way to securely share EPHR data under any situation including break-the-glass (BtG) without compromising its security. In this regard, we design a reference security model, which consists of a multi-level data flow hierarchy, and an efficient access control framework based on the conventional Role-Based Access Control (RBAC) and Mandatory Access Control (MAC) policies.

Published

2016

43. A Multiserver Biometric Authentication Scheme for TMIS using Elliptic Curve Cryptography.

Author

Chaudhry SA, Khan MT, Khan MK, and Shon T

Subjects

Confidentiality, Health Information Exchange, Health Smart Cards, Humans, Biometric Identification instrumentation, Computer Security instrumentation, Telemedicine instrumentation

Abstract

Recently several authentication schemes are proposed for telecare medicine information system (TMIS). Many of such schemes are proved to have weaknesses against known attacks. Furthermore, numerous such schemes cannot be used in real time scenarios. Because they assume a single server for authentication across the globe. Very recently, Amin et al. (J. Med. Syst. 39(11):180, 2015) designed an authentication scheme for secure communication between a patient and a medical practitioner using a trusted central medical server. They claimed their scheme to extend all security requirements and emphasized the efficiency of their scheme. However, the analysis in this article proves that the scheme designed by Amin et al. is vulnerable to stolen smart card and stolen verifier attacks. Furthermore, their scheme is having scalability issues along with inefficient password change and password recovery phases. Then we propose an improved scheme. The proposed scheme is more practical, secure and lightweight than Amin et al.'s scheme. The security of proposed scheme is proved using the popular automated tool ProVerif.

Published

2016

44. Fine-grained Database Field Search Using Attribute-Based Encryption for E-Healthcare Clouds.

Author

Guo C, Zhuang R, Jie Y, Ren Y, Wu T, and Choo KR

Subjects

Humans, Information Storage and Retrieval, Cloud Computing, Computer Security instrumentation, Confidentiality, Electronic Health Records instrumentation, Telemedicine instrumentation

Abstract

An effectively designed e-healthcare system can significantly enhance the quality of access and experience of healthcare users, including facilitating medical and healthcare providers in ensuring a smooth delivery of services. Ensuring the security of patients' electronic health records (EHRs) in the e-healthcare system is an active research area. EHRs may be outsourced to a third-party, such as a community healthcare cloud service provider for storage due to cost-saving measures. Generally, encrypting the EHRs when they are stored in the system (i.e. data-at-rest) or prior to outsourcing the data is used to ensure data confidentiality. Searchable encryption (SE) scheme is a promising technique that can ensure the protection of private information without compromising on performance. In this paper, we propose a novel framework for controlling access to EHRs stored in semi-trusted cloud servers (e.g. a private cloud or a community cloud). To achieve fine-grained access control for EHRs, we leverage the ciphertext-policy attribute-based encryption (CP-ABE) technique to encrypt tables published by hospitals, including patients' EHRs, and the table is stored in the database with the primary key being the patient's unique identity. Our framework can enable different users with different privileges to search on different database fields. Differ from previous attempts to secure outsourcing of data, we emphasize the control of the searches of the fields within the database. We demonstrate the utility of the scheme by evaluating the scheme using datasets from the University of California, Irvine.

Published

2016

45. A Secure Dynamic Identity and Chaotic Maps Based User Authentication and Key Agreement Scheme for e-Healthcare Systems.

Author

Li CT, Lee CC, Weng CY, and Chen SJ

Subjects

Communication, Confidentiality, Health Smart Cards, Humans, Algorithms, Computer Security instrumentation, Nonlinear Dynamics, Telemedicine instrumentation

Abstract

Secure user authentication schemes in many e-Healthcare applications try to prevent unauthorized users from intruding the e-Healthcare systems and a remote user and a medical server can establish session keys for securing the subsequent communications. However, many schemes does not mask the users' identity information while constructing a login session between two or more parties, even though personal privacy of users is a significant topic for e-Healthcare systems. In order to preserve personal privacy of users, dynamic identity based authentication schemes are hiding user's real identity during the process of network communications and only the medical server knows login user's identity. In addition, most of the existing dynamic identity based authentication schemes ignore the inputs verification during login condition and this flaw may subject to inefficiency in the case of incorrect inputs in the login phase. Regarding the use of secure authentication mechanisms for e-Healthcare systems, this paper presents a new dynamic identity and chaotic maps based authentication scheme and a secure data protection approach is employed in every session to prevent illegal intrusions. The proposed scheme can not only quickly detect incorrect inputs during the phases of login and password change but also can invalidate the future use of a lost/stolen smart card. Compared the functionality and efficiency with other authentication schemes recently, the proposed scheme satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for e-Healthcare systems.

Published

2016

46. Combining FDA Labeling and LLDP for Securing Networked Medical Devices.

Author

Sayle R

Subjects

Computer Security instrumentation, Guidelines as Topic, Product Labeling methods, Reference Standards, United States, United States Food and Drug Administration, Unithiol, Computer Communication Networks instrumentation, Computer Communication Networks standards, Computer Security standards, Confidentiality standards, Product Labeling standards, Wireless Technology instrumentation, Wireless Technology standards

Published

2016

47. BioMEMS-based coding for secure medical diagnostic devices.

Author

Tuan Le, Salles-Loustau G, Najafizadeh L, Javanmard M, and Zonouz S

Subjects

Humans, Point-of-Care Systems, Biomedical Technology instrumentation, Computer Security instrumentation, Diagnostic Equipment, Micro-Electrical-Mechanical Systems instrumentation

Abstract

Trustworthy and usable point-of-care solutions require not only effective disease diagnostic procedures to ensure delivery of rapid and accurate outcomes, but also lightweight privacy-preserving capabilities. In this paper, we present a Biomedical Microelectromachanical System (BioMEMS)-based sensor for portable, inexpensive smartphone-based biomarker detection. The biosensor presented here provides the ability for signal encryption at the physical sensor level to ensure patient's diagnostic confidentiality. Our results show that this design allow us to protect the samples measurements while accurately distinguish different test samples.

Published

2016

48. Secure access to patient's health records using SpeechXRays a mutli-channel biometrics platform for user authentication.

Author

Spanakis EG, Spanakis M, Karantanas A, and Marias K

Subjects

Access to Information, Acoustics, Biometry, Computer Systems, Confidentiality, Dermatoglyphics, False Positive Reactions, Humans, Internet, Osteoarthritis physiopathology, Pilot Projects, Privacy, Speech Recognition Software, Telemedicine, Voice, Biometric Identification instrumentation, Biometric Identification methods, Computer Security instrumentation, Electronic Health Records, Osteoarthritis diagnosis

Abstract

The most commonly used method for user authentication in ICT services or systems is the application of identification tools such as passwords or personal identification numbers (PINs). The rapid development in ICT technology regarding smart devices (laptops, tablets and smartphones) has allowed also the advance of hardware components that capture several biometric traits such as fingerprints and voice. These components are aiming among others to overcome weaknesses and flaws of password usage under the prism of improved user authentication with higher level of security, privacy and usability. To this respect, the potential application of biometrics for secure user authentication regarding access in systems with sensitive data (i.e. patient's data from electronic health records) shows great potentials. SpeechXRays aims to provide a user recognition platform based on biometrics of voice acoustics analysis and audio-visual identity verification. Among others, the platform aims to be applied as an authentication tool for medical personnel in order to gain specific access to patient's electronic health records. In this work a short description of SpeechXrays implementation tool regarding eHealth is provided and analyzed. This study explores security and privacy issues, and offers a comprehensive overview of biometrics technology applications in addressing the e-Health security challenges. We present and describe the necessary requirement for an eHealth platform concerning biometric security.

Published

2016

49. Evaluation of a proximity card authentication system for health care settings.

Author

Fontaine J, Zheng K, Van De Ven C, Li H, Hiner J, Mitchell K, Gendler S, and Hanauer DA

Subjects

Attitude of Health Personnel, Computer Terminals, Confidentiality, Humans, Surveys and Questionnaires, User-Computer Interface, Computer Security instrumentation, Electronic Health Records instrumentation, Hospital Information Systems

Abstract

Background: Multiple users access computer workstations in busy clinical settings, requiring many logins throughout the day as users switch from one computer to another. This can lead to workflow inefficiencies as well as security concerns resulting from users sharing login sessions to save time. Proximity cards and readers have the potential to improve efficiency and security by allowing users to access clinical workstations simply by bringing the card near the reader, without the need for manual entry of a username and password., Objectives: To assess the perceived impact of proximity cards and readers for rapid user authentication to clinical workstations in the setting of an existing electronic health record with single sign-on software already installed., Methods: Questionnaires were administered to clinical faculty and staff five months before and three months after the installation of proximity card readers in an inpatient birthing center and an outpatient obstetrics clinic. Open-ended feedback was also collected and qualitatively analyzed., Results: There were 71 and 33 responses to the pre- and post-implementation surveys, respectively. There was a significant increase in the perceived speed of login with the proximity cards, and a significant decrease in the self-reported occurrence of shared login sessions between users. Feedback regarding the system was mostly positive, although several caveats were noted, including minimal benefit when used with an obstetric application that did not support single sign-on., Conclusions: Proximity cards and readers, along with single sign-on software, have the potential to enhance workflow efficiency by allowing for faster login times and diminish security concerns by reducing shared logins on clinical workstations. The positive feedback was used by our health system leadership to support the expanded implementation of the proximity card readers throughout the clinical setting., (Copyright © 2016 Elsevier Ireland Ltd. All rights reserved.)

Published

2016

50. Physical security and IT convergence: Managing the cyber-related risks.

Author

McCreight T and Leece D

Subjects

Diffusion of Innovation, Efficiency, Organizational, Humans, Risk Assessment, Commerce organization & administration, Computer Security instrumentation, Computer Systems, Crime prevention & control, Disaster Planning, Security Measures organization & administration

Abstract

The convergence of physical security devices into the corporate network is increasing, due to the perceived economic benefits and efficiencies gained from using one enterprise network. Bringing these two networks together is not without risk. Physical devices like closed circuit television cameras (CCTV), card access readers, and heating, ventilation and air conditioning controllers (HVAC) are typically not secured to the standards we expect for corporate computer networks. These devices can pose significant risks to the corporate network by creating new avenues to exploit vulnerabilities in less-than-secure implementations of physical systems. The ASIS Information Technology Security Council (ITSC) developed a white paper describing steps organisations can take to reduce the risks this convergence can pose, and presented these concepts at the 2015 ASIS/ISC2 Congress in Anaheim, California. 1 This paper expands upon the six characteristics described by ITSC, and provides business continuity planners with information on how to apply these recommendations to physical security devices that use the corporate network.

Published

2016