• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.25-32
• /
• 2006

MIR system is a nationwide medical record information system that makes medical information available to any hospital and health institution at any time, and information in the system mostly requires high security. In particular, personal information related to patients and doctors, medical technology information and each hospital's digital information are used very frequently and are likely to be modified for illegal use. Thus we need to develop a system equipped with security measures to prevent information leakage while providing medical information service effectively.

• Journal of information and communication convergence engineering
• /
• v.9 no.5
• /
• pp.562-566
• /
• 2011

As telecommunication technologies in telemedicine services are developed, the expeditious development of wireless and mobile networks has stimulated wide applications of mobile electronic healthcare systems. However, security is an essential system requirement since many patients have privacy concerns when it comes to releasing their personal information over the open wireless channels. Due to the invisible feature of mobile signals, hackers have easier access to hospital networks than wired network systems. This may result in several security incidents unless security protocols are well prepared. In this paper, we analyzed authentication and authorization procedures for healthcare system architecture to apply secure M-health systems in the hospital environment. From the analyses, we estimate optimal requirements as a countermeasure to its vulnerabilities.

• International Commerce and Information Review
• /
• v.13 no.3
• /
• pp.325-351
• /
• 2011

This paper is focused on problem in the law and system caused by the infringement of medical information and in the law and system indicate the solution. Interests in the medical service are increasing in internet environment as life quality of the people improves because of development in information and medical technology. The current main issues of the legislative system and the law improvement suggestion for telemedicine activation which is related to the ubiquitous health in which the medicine field and IT technology convergence appearance. In particular, South Korea in the privacy-related legislation should be amended. The reason, Medical information record contains a lot of patient's private secrets. Therefore, if privacy protection is not enough this could cause problem violate a patient's privacy. Thus we need consequently the maintenance of the health medical treatment field to suit a telemedicine environment of a law system. Specifically, this law enacted to protect medical treatment information and the technical security services with confidence and stability against security treats are necessary.

• Knowledge Management Research
• /
• v.11 no.1
• /
• pp.1-17
• /
• 2010

As information technology had shown tremendous development in late 20th century, various service opportunities appeared in many industries. Also, new types of service are becoming available such as, reservation, teleconsultation, telemedicine. In health care industry, in which, many hospitals are faced operational difficulties and competing impetuously, a web site has become a effective tool to attract patients and transfer tremendous health information to the patients. This study is based on many previous researches on online service quality, try to figure out e-service quality factors of health information sites, and the factors' effect on users' satisfaction on the web site via providing knowledge and trust on the web site. As a result, usability, site aesthetic, responsiveness and security are the 4 factors to measure e-service quality of health information web site. All factors except site aesthetic have significant effects on providing knowledge, security only effects on trust on the web site.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.21-29
• /
• 2016

Our society is currently exposed to environment of various information that is exchanged real time through networks. Especially regarding medical policy, the government rushes to practice remote medical treatment to improve the quality of medical services for citizens. The remote medical practice requires establishment of medical information based on big data for customized treatment regardless of where patients are. This study suggests establishment of regional medical cluster along with defense and protection cooperation models that in case service availability is harmed, and attacks occur, the attacks can be detected, and proper measures can be taken. For this, the study suggested forming networks with nationwide local government hospitals as regional virtual medical cluster bases by the same medical information system. The study also designed a mutual cooperation security model that can real time cope with IP Spoofing attack that can occur in the medical cluster and DDoS attacks accordingly, so that the limit that sole system and sole security policy have can be overcome.

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.14 no.4
• /
• pp.268-275
• /
• 2014

In future, hospitals are expected to automatically issue remote transcriptions. Many general hospitals are planning to encrypt their medical database to secure personal information as mandated by law. The electronic medical record system, picture archiving communication system, and the clinical data warehouse, amongst others, are the preferred targets for which stronger security is planned. In the near future, medical systems can be assumed to be automated and connected to remote locations, such as rural areas, and islands. Connecting patients who are in remote locations to medical complexes that are usually based in larger cities requires not only automatic processing, but also a certain amount of security in terms of medical data that is of a sensitive and critical nature. Unauthorized access to patients' transcription data could result in the data being modified, with possible lethal results. Hence, personal and sensitive data on telemedicine and medical information systems should be encrypted to protect patients from these risks. Login passwords, personal identification information, and biological information should similarly be protected in a systematic way. This paper proposes the use of electronic acupuncture with a built-in multi-pad, which has the advantage of being able to establish a patient's physical condition, while simultaneously treating the patient with acupuncture. This system implements a sensing pad, amplifier, a small signal drive circuit, and a digital signal processing system, while the use of a built-in fuzzy technique and a control algorithm have been proposed for performing analyses.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.155-165
• /
• 2018

As medical healthcare industry is growing up rapidly these days, providing various new healthcare service is considered carefully. Health information is considered to be more important than financial information; therefore, protecting health information becomes a very significant task. Ransomware is now targeting industry groups that have high information value. Especially, ransomware has grown in various ways since entering maturity in 2017. Healthcare industry is highly vulnerable to ransomeware since most healthcare organizations are configured in closed network with lack of malware protection. Only meeting the security criteria is not the solution. In the case of a successful attack, restoration process must be prepared to minimize damages as soon as possible. Ransomware is growing rapidly and becoming more complex that protection must be improved much faster. Based on ISO 27799 and 27002 standard, we extract and present security measures against advanced ransomware to maintain and manage healthcare system more effectively.

• Journal of Information Technology Services
• /
• v.11 no.sup
• /
• pp.27-39
• /
• 2012

As many applications are possible now in mobile environment with the trend of mobile convergence, diverse applications in healthcare industry are also possible in mobile devices. Though lots of researches on mobile and health services are introduced, they are limited to specific area or techniques. This study shows possible directions of fusion between mobile technologies and health services in the future using a data mining technique called association rule analysis. The data used in this study is collected from web pages containing key words related to mobile technologies and health services. The analysis shows that current cases of fusion between monitoring based telemedicine and patients. It also shows another case of fusion between mobile hospital and medical screen charts. These show that fusion between mobile technologies and health services already began in industry. Association rules are found between well-being, city, diet, and sleep. The association rules containing security and privacy, though their associations are not so strong, also show that security and privacy of patient information should be protected in the future. The results show that the fusion of mobile technologies and health services is expected to provide health services to more users and larger areas. It is also expected to create new diverse business models in the future.

• Journal of Information Processing Systems
• /
• v.11 no.4
• /
• pp.601-615
• /
• 2015

Region of interest (ROI) is the most informative part of a medical image and mostly has been used as a major part of watermark. Various shapes ROIs selection have been reported in region-based watermarking techniques. In region-based watermarking schemes an image region of non-interest (RONI) is the second important part of the image and is used mostly for watermark encapsulation. In online healthcare systems the ROI wrong selection by missing some important portions of the image to be part of ROI can create problem at the destination. This paper discusses the complete medical image availability in original at destination using the whole image as a watermark for authentication, tamper localization and lossless recovery (WITALLOR). The WITALLOR watermarking scheme ensures the complete image security without of ROI selection at the source point as compared to the other region-based watermarking techniques. The complete image is compressed using the Lempel-Ziv-Welch (LZW) lossless compression technique to get the watermark in reduced number of bits. Bits reduction occurs to a number that can be completely encapsulated into image. The watermark is randomly encapsulated at the least significant bits (LSBs) of the image without caring of the ROI and RONI to keep the image perceptual degradation negligible. After communication, the watermark is retrieved, decompressed and used for authentication of the whole image, tamper detection, localization and lossless recovery. WITALLOR scheme is capable of any number of tampers detection and recovery at any part of the image. The complete authentic image gives the opportunity to conduct an image based analysis of medical problem without restriction to a fixed ROI.

• The Korean Society of Law and Medicine
• /
• v.7 no.2
• /
• pp.137-178
• /
• 2006

The purpose of this paper is to analyse the present situation and legal problems of u-health. U-health plays an important role in enlarging the healthcare service and making the healthcare service efficient. The use of Korean excellent IT technology can lead us to a world wide competitive healthcare industry. Although u-health has the weakness in privacy protection, the usefulness and convenience of u-health is great. Therefore we must analyse the legal issues of security technology, RFID, telemedicine and EMR pertaining to u-health and construct the appropriate legislative structure to resolve the legal problems of u-health.