• Journal of Internet Computing and Services
• /
• v.19 no.6
• /
• pp.31-40
• /
• 2018

With the development of IT technology recently, medical information systems are being constructed in an integrated u-health environment through cloud services, IoT technologies, and mobile applications. These kinds of medical information systems should provide the medical staff with authorities to access patients' medical information for emergency status treatments or therapeutic purposes. Therefore, in the medical information systems, the reliable and prompt authentication processes are necessary to access the biometric information and the medical information of the patients in charge of the medical staff. However, medical information systems are accessing with simple and static user authentication mechanism using only medical ID / PWD in the present system environment. For this reason, in this paper, we suggest a dynamic situation authentication mechanism that provides transparency of medical information access including various authentication factors considering patient's emergency status condition and dynamic situation authentication system supporting it. Our dynamic Situation Authentication is a combination of user authentication and mobile device authentication, which includes various authentication factor attributes such as emergency status, role of medical staff, their working hours, and their working positions and so forth. We designed and implemented a dynamic situation authentication system including emergency status decision, dynamic situation authentication, and authentication support DB construction. Finally, in order to verify the serviceability of the suggested dynamic situation authentication system, the medical staffs download the mobile application from the medical information server to the medical staff's own mobile device together with the dynamic situation authentication process and the permission to access medical information to the patient and showed access to medical information.

• Journal of Internet Computing and Services
• /
• v.16 no.1
• /
• pp.47-55
• /
• 2015

Recently, the environment of a hospital information system is a trend to combine various SMART technologies. Accordingly, various smart devices, such as a smart phone, Tablet PC is utilized in the medical information system. Also, these environments consist of various applications executing on heterogeneous sensors, devices, systems and networks. In these hospital information system environment, applying a security service by traditional access control method cause a problems. Most of the existing security system uses the access control list structure. It is only permitted access defined by an access control matrix such as client name, service object method name. The major problem with the static approach cannot quickly adapt to changed situations. Hence, we needs to new security mechanisms which provides more flexible and can be easily adapted to various environments with very different security requirements. In addition, for addressing the changing of service medical treatment of the patient, the researching is needed. In this paper, we suggest a dynamic approach to medical information systems in smart mobile environments. We focus on how to access medical information systems according to dynamic access control methods based on the existence of the hospital's information system environments. The physical environments consist of a mobile x-ray imaging devices, dedicated mobile/general smart devices, PACS, EMR server and authorization server. The software environment was developed based on the .Net Framework for synchronization and monitoring services based on mobile X-ray imaging equipment Windows7 OS. And dedicated a smart device application, we implemented a dynamic access services through JSP and Java SDK is based on the Android OS. PACS and mobile X-ray image devices in hospital, medical information between the dedicated smart devices are based on the DICOM medical image standard information. In addition, EMR information is based on H7. In order to providing dynamic access control service, we classify the context of the patients according to conditions of bio-information such as oxygen saturation, heart rate, BP and body temperature etc. It shows event trace diagrams which divided into two parts like general situation, emergency situation. And, we designed the dynamic approach of the medical care information by authentication method. The authentication Information are contained ID/PWD, the roles, position and working hours, emergency certification codes for emergency patients. General situations of dynamic access control method may have access to medical information by the value of the authentication information. In the case of an emergency, was to have access to medical information by an emergency code, without the authentication information. And, we constructed the medical information integration database scheme that is consist medical information, patient, medical staff and medical image information according to medical information standards.y Finally, we show the usefulness of the dynamic access application service based on the smart devices for execution results of the proposed system according to patient contexts such as general and emergency situation. Especially, the proposed systems are providing effective medical information services with smart devices in emergency situation by dynamic access control methods. As results, we expect the proposed systems to be useful for u-hospital information systems and services.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.1
• /
• pp.323-342
• /
• 2021

Personal health records (PHRs) is an electronic medical system that enables patients to acquire, manage and share their health data. Nevertheless, data confidentiality and user privacy in PHRs have not been handled completely. As a fine-grained access control over health data, ciphertext-policy attribute-based encryption (CP-ABE) has an ability to guarantee data confidentiality. However, existing CP-ABE solutions for PHRs are facing some new challenges in access control, such as policy privacy disclosure and dynamic policy update. In terms of addressing these problems, we propose a privacy protection and dynamic share system (PPADS) based on CP-ABE for PHRs, which supports full policy hiding and flexible access control. In the system, attribute information of access policy is fully hidden by attribute bloom filter. Moreover, data user produces a transforming key for the PHRs Cloud to change access policy dynamically. Furthermore, relied on security analysis, PPADS is selectively secure under standard model. Finally, the performance comparisons and simulation results demonstrate that PPADS is suitable for PHRs.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.77-84
• /
• 2016

In general RBAC(Role-Based-Access Control) model, senior role has junior role's permissions by virtue of role hierarchy. But although the opposite case is needed partially in medical institutions, such case cannot be performed in medical information systems. This is because inheritances of permissions in role hierarchies are static. In order to tackle this problem, this paper defined a dynamic role assignment, thereby proposed the way for the junior temporarily to be able to perform the permissions of the senior, and showed the applications of medical information systems.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.10
• /
• pp.185-195
• /
• 2014

In this paper, we designed a role-based emergency medical information security system REMISS added the security concept to the existing emergency medical information system. Also we suggested a REMISS protocol based on HL7 for using the emergency medical information and the security information. The procedure of security consists of user authentication phase and role/permission assign phase in the REMISS. The REMISS can supply proper security service since the REMISS assign proper permissions to each users of emergency medical information system and allow the user to access the permitted emergency medical information by using security information of the REMISS. There are some advantages that REMISS can adapt to the changing of the role of each user by dynamic exchanging the security information and assigning permissions to each user.

• Asian Pacific Journal of Cancer Prevention
• /
• v.14 no.12
• /
• pp.7757-7759
• /
• 2013

Physicians, in order to study the causes of cancer, detect cancer earlier, prevent or determine the effectiveness of treatment, and specify the reasons for the treatment ineffectiveness, need to access accurate, comprehensive, and timely cancer data. The cancer care environment has become more complex because of the need for coordination and communication among health care professionals with different skills in a variety of roles and the existence of large amounts of data with various formats. The goals of health care systems in such a complex environment are correct health data management, providing appropriate information needs of users to enhance the integrity and quality of health care, timely access to accurate information and reducing medical errors. These roles in new systems with use of agents efficiently perform well. Because of the potential capability of agent systems to solve complex and dynamic health problems, health care system, in order to gain full advantage of E- health, steps must be taken to make use of this technology. Multi-agent systems have effective roles in health service quality improvement especially in telemedicine, emergency situations and management of chronic diseases such as cancer. In the design and implementation of agent based systems, planning items such as information confidentiality and privacy, architecture, communication standards, ethical and legal aspects, identification opportunities and barriers should be considered. It should be noted that usage of agent systems only with a technical view is associated with many problems such as lack of user acceptance. The aim of this commentary is to survey applications, opportunities and barriers of this new artificial intelligence tool for cancer care information as an approach to improve cancer care management.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.1321-1322
• /
• 2012

With the advance of Information Technology (IT) and dynamic requirements, diverse application services have been provided for end users. With huge volume of these services and information, users are required to acquire customized services that provide personalized information and decision at particular extent of time. The case is more appealing in healthcare, where patients wish to have access to their medical record where they have control and provided with recommendation on the medical information. PHR (Personal Health Record) is most prevailing initiative that gives secure access on patient record at anytime and anywhere. PHR should also incorporate decision support to help patients in self-management of their diseases. Available PHR system incorporates basic recommendations based on patient routine data. We have proposed decision support service called "Smart CDSS" that provides recommendations on PHR data for diabetic patients. Smart CDSS follows HL7 vMR (Virtual Medical Record) to help in integration with diverse application including PHR. PHR shares patient data with Smart CDSS through standard interfaces that pass through Adaptability Engine (AE). AE transforms the PHR CCR/CCD (Continuity of Care Record/Document) into standard HL7 vMR format. Smart CDSS produces recommendation on PHR datasets based on diabetic knowledge base represented in shareable HL7 Arden Syntax format. The Smart CDSS service is deployed on public cloud over MS Azure environment and PHR is maintaining on private cloud. The system has been evaluated for recommendation for 100 diabetic patients from Saint's Mary Hospital. The recommendations were compared with physicians' guidelines which complement the self-management of the patient.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.1
• /
• pp.63-70
• /
• 2008

As the number of cell phone users become growing, some researchers have presented that the imprudent use of mobile phones exerts harmful influence on electronic devices such as medical appliances, takeoff and landing system of aircraft. In this paper, we propose a usage model based on context-awareness which can be applied to mobile devices. The model controls the usage of both mobile devices themselves and mobile contents according to some context information like location, time, the circumference noise, etc. The proposed usage control model includes a dynamic role-based access control approach. To show the effectiveness of the proposed model, we have implemented a prototype system on an embedded board and PC server, and evaluated the performance of the system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.11
• /
• pp.3751-3774
• /
• 2014

With the rapid development of wireless communication, the confliction between the scarce frequency resources and the low spectral efficiency caused by the stationary spectrum sharing strategies seriously restricts the evolution of the future mobile communication. For this purpose, cognitive radio (CR) emerges as one of the most promising inventions which can overcome the spectrum shortage. As the key technology and main objective of CR, spectrum sharing can make full use of the limited spectrum, alleviate the scarcity of frequency resources and improve the system utilities, playing thereby an important role in improving the system performance of cognitive radio networks (CRNs). In this survey, the spectrum sharing in CRNs is discussed in terms of the sharing process, mainstream sharing technologies and spectrum sharing models. In particular, comparisons of different spectrum sharing strategies are concluded, as well as that of different spectrum sensing schemes in sharing procedure. Moreover, some application examples of the spectrum sharing in CRNs, such as smart grid, public safety, cellular network and medical body area networks are also introduced. In addition, our previous related works are presented and the open research issues in the field of spectrum sharing are stated as well.