• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.04a
• /
• pp.494-496
• /
• 2015

개인의 의료 정보는 개인의 프라이버시에 관련되므로 민감하게 취급되어야 하는 정보이다. 이러한 개인정보 유출은 유출된 정보의 해당 당사자의 사회적 고립과 정보의 질에 따라 당사자의 생명도 위협하게 되므로 철저한 판리가 필요하다. 따라서 의사, 간호사, 환자, 일반인 등의 사용자 식별을 통해 병원 기록의 접근 통제 및 사용 권한에 따른 정보의 암호화 수준과 해당 정보에 특화된 역할기반 접근제어(Role-Based Access Control)를 제정해야 한다. 환자 자신이 자신의 의료정보를 특정한 사람에게 접근 권한을 주어 확인할 수도 있게 하고 그 외의 다른 부분들도 제어 할 수 있게 권한을 부여 할 수 있어야 한다. 본 논문은 현재 의료 및 진찰 정보 관리를 위해 RBAC모델을 기반으로 의료정보보호를 위한 접근제어 방법을 분석하고 각 정보의 객체들과 사용자 간의 효율적인 역할 분담과 한계를 통해 의료 정보의 보호방안을 고찰한다.

• Journal of Digital Convergence
• /
• v.14 no.7
• /
• pp.185-191
• /
• 2016

Recently, various medical services are provided with the advance of IT. However, there is a problem that a third party would exploit medical information when the information is sent and received through wired or wireless connection. In this paper, a patient information management scheme using group index information for the third party not to illegally exploit a patient's medical information without his consent is proposed. This proposed scheme creates index information in each hierarchical level to be used with access information so that not only medical staff can have access to patient's medical information hierarchically but also it can manage access level in groups. The scheme aims to enable the medical staff to minimize the time spent to analyze the type of disease and to prescribe for it so that they can improve patients' satisfaction. Plus, the scheme aims to improve work efficiency by minimizing the medical staff's workload according to the authority to access patients' medical information.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.3
• /
• pp.605-614
• /
• 2012

Nowadays u-healthcare which is very sensitive to the character of user's information among other ubiquitous computing field is popular in medical field. u-healthcare deals extremely personal information including personal health/medical information so it is exposed to various weaknees and threats in the part of security and privacy. In this paper, RFID based patient's information protecting protocol that prevents to damage the information using his or her mobile unit illegally by others is proposed. The protocol separates the authority of hospital(doctor, nurse, pharmacy) to access to patient's information by level of access authority of hospital which is registered to management server and makes the hospital do the minimum task. Specially, the management server which plays the role of gateway makes access permission key periodically not to be accessed by others about unauthorized information except authorized information and improves patient's certification and management.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.6
• /
• pp.1256-1264
• /
• 2009

When unapproved users access to healthcare system and use medical information for other malicious purposes, it could severely threaten important information related to patients' life, because in ubiquitous environment healthcare service makes patient's various examination results, medical records or most information of a patient into data. Therefore, to solve these problems, we design RBAC(Role Based Access Control) for U-healthcare that can access control with location, time and context-awareness information like status information of user and protect patient's privacy. With implementation of the proposed model, we verify effectiveness of the access control model for healthcare in ubiquitous environment.

• Journal of Korean Academy of Fundamentals of Nursing
• /
• v.14 no.2
• /
• pp.204-212
• /
• 2007

Purpose: The purpose of this study was to investigate the patient's perception of the nurse's behavior in protecting patient privacy and to make suggestions for medical facilities to increase protection of patient privacy. Method: The research was a survey study The data on protection of privacy in primary nursing, for physical privacy, of patient information and in private conversations were collected in October 2005 from 187 patients in a university hospital. Frequencies, means, t-test, ANOVA, and $x^2$-test were used to analyze the data. The SPSS 13.0 for Windows program was used. Results: The mean score for patients' perception of nurse protection of their privacy was 3.33. There were significant differences in perception of protecting patients' privacy according to gender for private conversation, according to level of education for all but physical nursing and for number of admissions for total score and for primary nursing. Conclusion: The results of this study suggest the following: a) Institutional polices and nursing guideline should be clearly stated as to the nurses' duty to protect patient privacy. b) Medical facilities should be arranged in a way that allows for the protection of patients' medical information, and should focus on patient privacy. c) It is necessary of nurses to receive periodic in-service education on protecting patient privacy.

• Journal of Digital Convergence
• /
• v.14 no.3
• /
• pp.261-267
• /
• 2016

As IoT technology has gained the attention all around the world, the development for various services of healthcare, smart city, agriculture, and defense based on IoT is in progress. However, it is likely that healthcare services based on IoT have a problem of being leaked of patients' biological information by a third party and that risks patients' lives. In this paper, an IoT health care service managing model based on location sensor is proposed, which secures the biological information of a patient and simplifies the procedure to process the treatment and administration steps by using the data resources sensed. Even when an emergency occurs, this proposed model can respond quickly using the location information of the patient, which enables the staff in the hospital to locate the patient in real time. In addition, there is an advantage to minimize the time and the process of care, because the location of the equipment for necessary treatment is possible to be instantaneously located with attached sensors.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.49-60
• /
• 2019

Medical record is part of the personal information that values the dignity and value of an individual, and can lead to serious social prejudice and disadvantage to an individual when it is breached illegally. In addition, the medical record has been highly threatened because its value is relatively high, and external threats are continuing. In this paper, we propose a medical record sharing framework that guarantees patient's privacy based on blockchain using ciphertext policy-based attribute based proxy re-encryption scheme. The proposed framework first uses the blockchain technology to ensure the integrity and transparency of medical records, and uses the stealth address to build the unlinkability between physician and patient. Besides, the ciphertext policy attribute-based proxy re-encryption scheme is used to enable fine-grained access control, and it is possible to share information in emergency situations without patient's agreement.

• Journal of Digital Convergence
• /
• v.13 no.4
• /
• pp.227-233
• /
• 2015

The recent health care is growing rapidly want to receive offers users a variety of medical services, can be exploited easily exposed to a third party information on the role of the patient's hospital staff (doctors, nurses, pharmacists, etc.) depending on the patient clearly may have to be classified. In this paper, in order to ensure safe use by third parties in the health care environment, classify the attributes of patient information and patient privacy protection technique using hierarchical multi-property rights proposed to classify information according to the role of patient hospital officials The. Hospital patients and to prevent the proposed method is represented by a mathematical model, the information (the data consumer, time, sensor, an object, duty, and the delegation circumstances, and so on) the privacy attribute of a patient from being exploited illegally patient information from a third party the prevention of the leakage of the privacy information of the patient in synchronization with the attribute information between the parties.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.10
• /
• pp.59-67
• /
• 2020

With the development of wearable devices, individuals' health status can be checked in real time and risks can be predicted. For example, an application has been developed to detect an emergency situation of a patient with heart disease and contact a guardian through analysis of health data such as heart rate and electrocardiogram. However, health data is seriously damaging when it is leaked as it relates to life. Therefore, a method to protect personal information is essential in collecting health data, and this study proposes a method of collecting data while protecting the personal information of the data owner through a LDP(Local Differential Privacy). The previous study introduced a technique of transmitting feature point data rather than all data to a data collector as an algorithm for searching for fixed k feature points. Next, this study will explain how to improve the performance by up to 75% using an algorithm that finds the optimal number of feature points k.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.1
• /
• pp.205-214
• /
• 2017

In this paper, we proposed an iris-based authentication for smart healthcare service in secure telemedicine system. The medical and healthcare information's are very important data in telemedicine system from privacy information. thus, the proposed system provides a secure and convenient authentication method than the traditional ID/PW authentication method to a telemedicine system for age-related chronic diseases. When considering the peculiarities of the use of age-related chronic diseases convenience and healthcare environments, the proposed approach is difficult to secure than traditional ID/PW authentication method with the appropriate means to easily change when stolen or lost to others. In addition, the telemedicine system for the smart healthcare services is one of the types of privacy sensitive medical and health data. it is very important security needs in telemedicine system. Thus we protocol are offer high confidentiality and integrity than existing ID/PW method.