• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1832-1853
• /
• 2018

The personal health record (PHR) system is a promising application that provides precise information and customized services for health care. To flexibly protect sensitive data, attribute-based encryption has been widely applied for PHR access control. However, escrow, exposure and abuse of private keys still hinder its practical application in the PHR system. In this paper, we propose a coordinated ciphertext policy attribute-based access control with user accountability (CCP-ABAC-UA) for the PHR system. Its coordinated mechanism not only effectively prevents the escrow and exposure of private keys but also accurately detects whether key abuse is taking place and identifies the traitor. We claim that CCP-ABAC-UA is a user-side lightweight scheme. Especially for PHR receivers, no bilinear pairing computation is needed to access health records, so the practical mobile PHR system can be realized. By introducing a novel provably secure construction, we prove that it is secure against selectively chosen plaintext attacks. The analysis indicates that CCP-ABAC-UA achieves better performance in terms of security and user-side computational efficiency for a PHR system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.1
• /
• pp.323-342
• /
• 2021

Personal health records (PHRs) is an electronic medical system that enables patients to acquire, manage and share their health data. Nevertheless, data confidentiality and user privacy in PHRs have not been handled completely. As a fine-grained access control over health data, ciphertext-policy attribute-based encryption (CP-ABE) has an ability to guarantee data confidentiality. However, existing CP-ABE solutions for PHRs are facing some new challenges in access control, such as policy privacy disclosure and dynamic policy update. In terms of addressing these problems, we propose a privacy protection and dynamic share system (PPADS) based on CP-ABE for PHRs, which supports full policy hiding and flexible access control. In the system, attribute information of access policy is fully hidden by attribute bloom filter. Moreover, data user produces a transforming key for the PHRs Cloud to change access policy dynamically. Furthermore, relied on security analysis, PPADS is selectively secure under standard model. Finally, the performance comparisons and simulation results demonstrate that PPADS is suitable for PHRs.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.2
• /
• pp.29-35
• /
• 2011

PHR(Personal Health Record) to support the lifelong healthcare of their medical information to consumers anytime, anywhere can view and manage health information to help direct input can be defined as a service. The PHR is to provide services efficiently and PHR systems and health-related information systems should be integrated and linked. However, the current healthcare information systems field in order to meet the growing demand for healthcare construction and operation of various systems, and accordingly continues to increase budget for information, but the current system, although the association between a variety of system integration and linkage is being made. This paper proposes a Integrated information system on Healthcare based on Web service to solve problems mentioned above. SOA(Service Oriented Architecture) is a major method of integrating services on the Web. It enables new requirements to be added to existing systems without modification of legacy services, so it makes rapid adaption to varying business environment. Therefore, In this paper, PHR services based on SOA as a platform for the health care sector to design and implement an integrated information system by web services based PHR services for the construction of a new integrated information system is proving to be a suitable model.

• Journal of Digital Convergence
• /
• v.18 no.11
• /
• pp.337-345
• /
• 2020

The Study was conducted to understand the degree of knowledge, awareness and performance of nursing students' patients' personal information protection and to grasp the relationship between them. A convenience sample 262 nursing students was selected from C do, between 1 November and 8 November 2019. Using SPSS Program t-test, one-way ANOVA, Pearson's correlation analysis were performed. Factors that influenced knowledge, awareness and performance included grade, education of information. It is necessary to develop and test programs to ensure an improvement in knowledge and awareness among nursing students to increase their performance.

• Journal of Computing Science and Engineering
• /
• v.5 no.3
• /
• pp.269-281
• /
• 2011

STEPSTONE is a joint industry-university project to create open source technology that would enable the scalable, "friction-free" integration of device-based healthcare solutions into enterprise systems using a Service Oriented Architecture (SOA). Specifically, STEPSTONE defines a first proposal to a Service Oriented Device Architecture (SODA) framework, and provides for initial reference implementations. STEPSTONE also intends to encourage a broad community effort to further develop the framework and its implementations. In this paper, we present SODA, along with two implementation proposals of SODA's device integration. We demonstrate the ease by which SODA was used to develop an end-to-end personal healthcare monitoring system. We also demonstrate the ease by which the STEPSTONE system was extended by other participants - Washington State University - to include additional devices and end user interfaces. We show clearly how SODA and therefore SODA devices make integration almost automatic, replicable, and scalable. This allows telehealth system developers to focus their energy and attention on the system functionality and other important issues, such as usability, privacy, persuasion and outcome assessment studies.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.11
• /
• pp.746-754
• /
• 2016

Smart healthcare systems, a convergent industry based on information and communications technologies (ICT), has emerged from personal health management to remote medical treatment as a distinguished industry. The smart healthcare environment provides technology to deliver vital information, such as pulse rate, body temperature, health status, and so on, from wearable devices to the hospital network where the physician is located. However, since it deals with the patient's personal medical information, there is a security issue for personal information management, and the system may be vulnerable to cyber-attacks in wireless networks. Therefore, this study focuses on a key-development and device-management system to generate keys in the smart environment to safely manage devices. The protocol is designed to provide safe communications with the generated key and to manage the devices, as well as the generated key. The security level is analyzed against attack methods that may occur in a healthcare environment, and it was compared with existing key methods and coding capabilities. In the performance evaluation, we analyze the security against attacks occurring in a smart healthcare environment, and the security and efficiency of the existing key encryption method, and we confirmed an improvement of about 15%, compared to the existing cipher systems.

• Journal of Preventive Medicine and Public Health
• /
• v.38 no.3
• /
• pp.252-258
• /
• 2005

Major approaches of Social epidemiology; 1)holistic, ecological approach, 2)population based approach, 3)development and life-course approach, 4)contextual multi-level approach, have stressed the importance of not only social context of health and illness, but also the population based strategy in the health interventions. Ultimately, it provides the conceptual guidelines and methodological tools to lead toward the healthy public policies; integrated efforts to improve condition which people live: secure, safe, adequate, and sustainable livelihoods, lifestyles, and environments, including housing, education, nutrition, information exchange, child care, transportation, and necessary community and personal social and health services.

• The Journal of the Korea Contents Association
• /
• v.17 no.6
• /
• pp.600-612
• /
• 2017

The purpose of the research is that how awareness of importance of personal medical data, laws regarding personal medical data and perception gap regarding information of medical data system may affect usage of hospital convenience between a regular patient who has experienced hospital service and medical professionals. Preceding research analysis was conducted previous on establishing research model; 150 questionnaires to a regular patient and 150 questionnaires for a medical professional, total of 300 questionnaires were gathered for conducting a question investigation. First of all, the research concluded that there are a regular perception differences between a regular patient and medical professional. Moreover, there are perception differences among the different gender, age, and area of residence. Furthermore, medical professionals tend to consider that convenience of hospital usage will be increased if user strengthens recognition of security of personal medical data. Results of hypothesis stress that higher awareness of exposure of personal medical data and medical information system affect decision making convenience for a better usage of hospital. On the other side, awareness of laws related with personal medical information security does not affect decision making convenience of hospital usage and transaction. The results of the research analyzes with proof that strengthening awareness of personal medical data security positively increase convenience of decision making and transactions in selection of provided medical service.

• Culinary science and hospitality research
• /
• v.21 no.5
• /
• pp.25-37
• /
• 2015

By studying the awareness level of students, for the need to protect personal information, and also by studying students' level of perception as to which information needs protection, this study aims to show that increased education is beneficial, and necessary, across all university majors. This increased education is necessary to improve information security, and increase the responsible sharing of private data which has many benefits, specifically in the Healthcare field. Utilizing student volunteers across multiple majors at a university in South Korea. These questionnaires measured the students' awareness of private information, their perception of private information and also the students' experience in receiving university level education regarding private information and the need for its protection. This study shows that, when compared to students in other fields, students in the field of public health had a higher level of awareness regarding the consequences of personal information disclosure for both public purposes and medical research. Within the parameters of this study, this outcome can be explained as the result of exposure to educational curriculum which contained information related to personal information protection. This increased education raised the student's awareness of which information is considered private, as well as, which information is valuable when responsibly shared. As a result, this study shows that an increase in education regarding information privacy, should be included in all university majors, and gives us evidence to support that this additional education is valuable to students at all levels and should be encouraged.

• Journal of Digital Convergence
• /
• v.12 no.9
• /
• pp.123-131
• /
• 2014

The demand of the real-time data was promoted by significant development of network and IT technology. In particular, the entry of an aging society and income growth increase the demand for personal health related data which attempt to provide various and evolutional healthcare services by several healthcare institutions. Especially the presentation of the medical examination result is the most basic healthcare services which should be expressed to maximize understanding in personal health records for their own health. However according to absence of systematic visualization framework and visualization model, intuitive understanding of healthcare related data is difficult. Cosequently In this study, customized visualization representation based on the results of medical examination was provided to aviod consistent format for health examinee and establish a variety of data representations.