• Annual Conference of KIPS
• /
• 2018.05a
• /
• pp.161-163
• /
• 2018

환자의 의료데이터를 각 의료기관에서 통합적으로 저장, 연람 시에 메타데이터를 사용, 리소스 간의 연관관계를 이용한 온톨로지 방식을 사용하여 의료정보를 체계적으로 접근, 열람 할 수 있게 한다. 데이터들을 저장 연람 시에 환자의 생체정보를 사용해야만 저장, 연람할 수 있게 만들어 정보를 환자의 인지 하에서만 접근할 수 있도록 한다. 또한, 생체 인증 시 생성되는 공개키로 블록을 생성, 저장하는 기법을 사용해 외부의 접근으로부터 보호 할 수 있도록 하였다.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.3 s.35
• /
• pp.119-132
• /
• 2005

The health care system revolutionized by the use of information and communication technologies. Computer information processing and electronic communication technologies play an increasingly important role in the area of health care. We propose a new role based access control model for pervasive health care systems, which changed location, time, environment information. Also our model can be solved the occurrence of an reduction authority problem to pervasive health care system at emergency environment. We propose a new role based access control model for pervasive health care systems, which combines role-to-role delegations, negative permission, context concept and dynamic context aware access control. With out approach we aim to preserver the advantages of RBAC and offer groat flexibility and fine-grained access control in pervasive healthcare information systems.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.3
• /
• pp.605-614
• /
• 2012

Nowadays u-healthcare which is very sensitive to the character of user's information among other ubiquitous computing field is popular in medical field. u-healthcare deals extremely personal information including personal health/medical information so it is exposed to various weaknees and threats in the part of security and privacy. In this paper, RFID based patient's information protecting protocol that prevents to damage the information using his or her mobile unit illegally by others is proposed. The protocol separates the authority of hospital(doctor, nurse, pharmacy) to access to patient's information by level of access authority of hospital which is registered to management server and makes the hospital do the minimum task. Specially, the management server which plays the role of gateway makes access permission key periodically not to be accessed by others about unauthorized information except authorized information and improves patient's certification and management.

• Journal of Korean Physical Therapy Science
• /
• v.7 no.2
• /
• pp.427-437
• /
• 2000

편마비 환자의 물리치료는 장애 결과를 완화시키는 것에 초점을 두고 있다. 본 연구는 신경생리학적 개념을 기초로 한 중재 접근 방법 중 편마비 환자에게 신경 발달 치료와 신경근 균형 접근 기법의 중재 효과를 비교 하였다. 연구 대상은 서울특별시와 전라북도에 소재한 종합병원 및 정형외과 의원에 입원 및 통원하고 있는 47-71세의 연령 범위에 있는 편마비 환자 30명 이다. 중재 집단의 기능적 능력 향상을 평가하기 위해 편마비 환자를 위한 운동 평가 척도와 수정된 바델 척도를 평가도구로 사용하였다. 편마비 환자의 기능적 능력 향성을 평가도구에 의해 측정된 결과를 분석한 바 운동평가 척도 항목중 바로누운 자세에서 옆으로 눕기와 앉아서 균형 취하기 영역에서, 수정된 바델 척도 항목 중 식사하기 영역에서 통계적으로 유의한 차이를 보였다(P<.05). 편마비 환자의 손상 부위, 손상 형태, 마비 부위 등의 손상의 본질에 따른 대상의 선정과 운동 조절 형태에 관한 지식 그리고 신경학적 결함 정도를 심도있게 다루어 기능적 능력 향상의 임상적 효과를 검증하는 것이 중요하다.

• Convergence Security Journal
• /
• v.9 no.2
• /
• pp.49-58
• /
• 2009

In medical Institution, Electronic Health Record (EHR) is "must access information" to medical staff considering it as medical information. However, this unnecessary exploration of personal information must be treated confidentially because the information is highly related to other's private concerns. It is necessary that medical workers should be also restricted to their access to EHR depending on their roles and duties. As the result, this article explains that "EHR access control will be executed by differentiating authorized medical staff from non medical-related staff as well as EHR access will be only permitted to authorized medical staff depending on their work status conditions. By using Advanced RBAC model on medical situation, we expect to minimize unnecessary leak of EHR information; especially, emergency medical care is needed, access control is highly required depending on a person in charge of the cases or not, and restricted medical information defined by the patient one-self is only allowed to be accessed.

• Journal of Internet Computing and Services
• /
• v.19 no.6
• /
• pp.31-40
• /
• 2018

With the development of IT technology recently, medical information systems are being constructed in an integrated u-health environment through cloud services, IoT technologies, and mobile applications. These kinds of medical information systems should provide the medical staff with authorities to access patients' medical information for emergency status treatments or therapeutic purposes. Therefore, in the medical information systems, the reliable and prompt authentication processes are necessary to access the biometric information and the medical information of the patients in charge of the medical staff. However, medical information systems are accessing with simple and static user authentication mechanism using only medical ID / PWD in the present system environment. For this reason, in this paper, we suggest a dynamic situation authentication mechanism that provides transparency of medical information access including various authentication factors considering patient's emergency status condition and dynamic situation authentication system supporting it. Our dynamic Situation Authentication is a combination of user authentication and mobile device authentication, which includes various authentication factor attributes such as emergency status, role of medical staff, their working hours, and their working positions and so forth. We designed and implemented a dynamic situation authentication system including emergency status decision, dynamic situation authentication, and authentication support DB construction. Finally, in order to verify the serviceability of the suggested dynamic situation authentication system, the medical staffs download the mobile application from the medical information server to the medical staff's own mobile device together with the dynamic situation authentication process and the permission to access medical information to the patient and showed access to medical information.

• Journal of Internet Computing and Services
• /
• v.23 no.3
• /
• pp.87-95
• /
• 2022

Recently, with the development of smart technology, in medical information platform, patient's biometric data is measured in real time and accumulated into database, and it is possible to determine the patient's emergency situations. Medical staff can easily access patient information after simple authentication using a mobile terminal. However, in accessing medical information using the mobile terminal, it is necessary to study authentication in consideration of the patient situations and mobile terminal. In this paper, we studied on medical information platforms based on big data processing and edge computing for supporting automatic authentication in emergency situations. The automatic authentication system that we had studied is an authentication system that simultaneously performs user authentication and mobile terminal authentication in emergency situations, and grants upper-level access rights to certified medical staff and mobile terminal. Big data processing and analysis techniques were applied to the proposed platform in order to determine emergency situations in consideration of patient conditions such as high blood pressure and diabetes. To quickly determine the patient's emergency situations, edge computing was placed in front of the medical information server so that the edge computing determine patient's situations instead of the medical information server. The medical information server derived emergency situation decision values using the input patient's information and accumulated biometric data, and transmit them to the edge computing to determine patient-customized emergency situation. In conclusion, the proposed medical information platform considers the patient's conditions and determine quick emergency situations through big data processing and edge computing, and enables rapid authentication in emergency situations through automatic authentication, and protects patient's information by granting access rights according to the patient situations and the role of the medical staff.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.6
• /
• pp.1256-1264
• /
• 2009

When unapproved users access to healthcare system and use medical information for other malicious purposes, it could severely threaten important information related to patients' life, because in ubiquitous environment healthcare service makes patient's various examination results, medical records or most information of a patient into data. Therefore, to solve these problems, we design RBAC(Role Based Access Control) for U-healthcare that can access control with location, time and context-awareness information like status information of user and protect patient's privacy. With implementation of the proposed model, we verify effectiveness of the access control model for healthcare in ubiquitous environment.

• Journal of Digital Convergence
• /
• v.12 no.7
• /
• pp.279-284
• /
• 2014

Recently, m-health care is be a problem that the patient's information is easily exposed to third parties in case of emergency situation. This paper propose an attribute-based access control protocol to minimize the exposure to patient privacy using patient information in the emergency environment. Proposed protocol, the patient's sensitive information to a third party do not expose sensitive information to the patient's personal health information, including hospital staff and patients on a random number to generate cryptographic keys to sign hash. In addition, patient information from a third party that is in order to prevent the illegal exploitation of the patient and the hospital staff to maintain synchronization between to prevent the leakage of personal health information.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.5
• /
• pp.233-242
• /
• 2009

The security of medical information need continued research about steady and flexible security model because of privacy of patient's as well as directly relation in the patient's life. In particular, u-healthcare environment is need flexible and detailed access control by variety changes of context. Control model analyzed relation of resource and authority, and analyzed authority about all accessible resource from access point using K2BASE. The context-based access control model can change flexibly authority change and role, and can obtain resource of authority granted and meaningly connected resource. As a result, this thesis can apply flexible and adaptive access control model at u-healthcare domain which context change various.