• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.437-454
• /
• 2020

According to the privacy regulations of the health insurance portability and accountability act (HIPAA), patients' control over electronic health data is one of the major concern issues. Currently, remote access authorization is considered as the best solution to guarantee the patients' control over their health data. In this paper, a new biometric-based key management scheme is proposed to facilitate remote access authorization anytime and anywhere. First, patients and doctors can use their biometric information to verify the authenticity of communication partners through real-time video communication technology. Second, a safety channel is provided in delivering their access authorization and secret data between patient and doctor. In the designed scheme, the user's public key is authenticated by the corresponding biometric information without the help of public key infrastructure (PKI). Therefore, our proposed scheme does not have the costs of certificate storage, certificate delivery, and certificate revocation. In addition, the implementation time of our proposed system can be significantly reduced.

• Korean Journal of Health Education and Promotion
• /
• v.20 no.1
• /
• pp.61-76
• /
• 2003

As people get broader access to health information through the internet, there is a greater need for measure to maximize the social advantages of the internet and to minimize negative side-effects. With this concern, this paper classifies internet health information services sites into : on-line supply of health information, on-line consultation, on-line diagnosis, and on-line sales. As well this paper analyzes domestic laws supporting and/or regulating these services. The efficient provision of internet health services requires comprehensive laws on individual privacy protection, prevention and handling of medical accidents, an electronic prescription form for internet diagnosis, electronic signing, payment for medical expenses, qualifications for internet medical practitioners. Additional laws are required to establish internet pharmacies and internet health goods stores. These new laws can be prepared either separately or through revision of existing laws governing medical practice, pharmacies, and public health promotion. However, as the legal control by the government on cyber processes and entities has a fairly minimal effect, consumers should be encouraged to improve their own capacity for wisely using internet health services and health-service providers should be encouraged to promote voluntary supervision and control of their own services and practices.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.3 s.35
• /
• pp.119-132
• /
• 2005

The health care system revolutionized by the use of information and communication technologies. Computer information processing and electronic communication technologies play an increasingly important role in the area of health care. We propose a new role based access control model for pervasive health care systems, which changed location, time, environment information. Also our model can be solved the occurrence of an reduction authority problem to pervasive health care system at emergency environment. We propose a new role based access control model for pervasive health care systems, which combines role-to-role delegations, negative permission, context concept and dynamic context aware access control. With out approach we aim to preserver the advantages of RBAC and offer groat flexibility and fine-grained access control in pervasive healthcare information systems.

• International journal of advanced smart convergence
• /
• v.8 no.2
• /
• pp.204-210
• /
• 2019

Mobile Crowd Computing is one of the most efficient and effective way to collect the Electronic health records and they are very intelligent in processing them. Mobile Crowd Computing can handle, analyze and process the huge volumes of Electronic Health Records (EHR) from the high-performance Cloud Environment. Electronic Health Records are very sensitive, so they need to be secured, authenticated and processed efficiently. However, security, privacy and authentication of Electronic health records(EHR) and Patient health records(PHR) in the Mobile Crowd Computing Environment have become a critical issue that restricts many healthcare services from using Crowd Computing services .Our proposed Efficient Multi-layer Encryption Framework(MLEF) applies a set of multiple security Algorithms to provide access control over integrity, confidentiality, privacy and authentication with cost efficient to the Electronic health records(HER)and Patient health records(PHR). Our system provides the efficient way to create an environment that is capable of capturing, storing, searching, sharing, analyzing and authenticating electronic healthcare records efficiently to provide right intervention to the right patient at the right time in the Mobile Crowd Computing Environment.

• Convergence Security Journal
• /
• v.9 no.2
• /
• pp.49-58
• /
• 2009

In medical Institution, Electronic Health Record (EHR) is "must access information" to medical staff considering it as medical information. However, this unnecessary exploration of personal information must be treated confidentially because the information is highly related to other's private concerns. It is necessary that medical workers should be also restricted to their access to EHR depending on their roles and duties. As the result, this article explains that "EHR access control will be executed by differentiating authorized medical staff from non medical-related staff as well as EHR access will be only permitted to authorized medical staff depending on their work status conditions. By using Advanced RBAC model on medical situation, we expect to minimize unnecessary leak of EHR information; especially, emergency medical care is needed, access control is highly required depending on a person in charge of the cases or not, and restricted medical information defined by the patient one-self is only allowed to be accessed.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.18 no.5
• /
• pp.971-980
• /
• 2023

Safety accidents and industrial accidents are constantly occurring in existing industrial sites. In addition, the probability of accidents occurring due to physical and mental fatigue of workers is increasing. Accordingly, it is required to introduce systematic management and various systems for the safety of workers. In this paper, by developing an access control system using bio-metric information at industrial sites, we develop efficient health management and access control management functions for workers. Workers are identified through face recognition for access control, and health status is determined through iris recognition. It aims to improve accuracy and develop a more efficient management system by diagnosing signs of health abnormalities through the congestion of the iris and eyes of workers. Finally, the contents of the development consist of an on-site access control system, an access control program for administrators, and a main server system that diagnoses signs of abnormal health of users.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.1
• /
• pp.323-342
• /
• 2021

Personal health records (PHRs) is an electronic medical system that enables patients to acquire, manage and share their health data. Nevertheless, data confidentiality and user privacy in PHRs have not been handled completely. As a fine-grained access control over health data, ciphertext-policy attribute-based encryption (CP-ABE) has an ability to guarantee data confidentiality. However, existing CP-ABE solutions for PHRs are facing some new challenges in access control, such as policy privacy disclosure and dynamic policy update. In terms of addressing these problems, we propose a privacy protection and dynamic share system (PPADS) based on CP-ABE for PHRs, which supports full policy hiding and flexible access control. In the system, attribute information of access policy is fully hidden by attribute bloom filter. Moreover, data user produces a transforming key for the PHRs Cloud to change access policy dynamically. Furthermore, relied on security analysis, PPADS is selectively secure under standard model. Finally, the performance comparisons and simulation results demonstrate that PPADS is suitable for PHRs.

• Journal of Preventive Medicine and Public Health
• /
• v.55 no.6
• /
• pp.539-548
• /
• 2022

Objectives: The purpose of this study was to assess the organizational effectiveness of the introduction of a healthcare information system (electronic medical records and databases) in healthcare in Kazakhstan. Methods: The authors used a combination of 2 methods: expert assessment and strengths, weaknesses, opportunities, and threats (SWOT) analysis. SWOT analysis is a necessary element of research, constituting a mandatory preliminary stage both when drawing up strategic plans and for taking corrective measures in the future. The expert survey was conducted using 2 questionnaires. Results: The study involved 40 experts drawn from specialists in primary healthcare in Aktobe: 15 representatives of administrative and managerial personnel (chief doctors and their deputies, heads of medical statistics offices, organizational and methodological offices, and internal audit services) and 25 general practitioners. Conclusions: The following functional indicators of the medical and organizational effectiveness of the introduction of information systems in polyclinics were highlighted: first, improvement of administrative control, followed in descending order by registration and movement of medical documentation, statistical reporting and process results, and the cost of employees' working time. There has been no reduction in financial costs, namely in terms of the costs of copying, delivery of information in paper form, technical equipment, and paper.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.63 no.10
• /
• pp.1328-1336
• /
• 2014

This paper proposes Power System Health Index(PSHI) newly. The paper describes several kind of power system health indices based on two main categories, which are adequacy and security. In adequacy, four kinds of health indices of Frequency, Voltage, Reserve(Operating Reserve Power and Frequency Regulation Reserve Power) and Overload of lines and transformers are proposed. In security, four kinds of health indices of Voltage(154kV, 345kV and 765kV), Overload of lines and transformers, Power flow constraint among areas and SPS are proposed. All indices are mapped with three domains, which are indicated as Health, Margin and Risk, defined with expert interview. While domains of health, margin and risk is defined similar with the conventional well being analysis of power system. The criterion of the domains is proposed using an interview with expert operators and practical reliability codes in Korea. The several kinds of health index functions, which are linear ratio, piecewise linear ration and reverse ratio function etc. are developed in this paper. It will be expected that the developed health indices can help operators to control power system more successfully and also prevent power system from accident as like as black out in future because operator can make a decision immediately based on more easily visual information of system conditions from too much indices acquisition of complex power system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.699-700
• /
• 2014

The use of Radio Frequency Identification technology (RFID) in medical context enables not only drug identification, but also a rapid and precise identification of patients, physicians, nurses or any other healthcare giver. The combination of RFID tag identification with structured and secured Internet of Things (IoT) solutions enables ubiquitous and easy access to medical related records, while providing control and security to all interactions. This paper defines a basic security architecture, easily deployable on mobile platforms, which would allow to establish and manage a medication prescription service in mobility context making use of electronic Personal Health Records. This security architecture is aimed to be used with a mobile e-health application (m-health) through a simple and intuitive interface, supported by RFID technology. This architecture, able to support secured and authenticated interactions, will enable an easy deployment of m-health applications. The special case of drug administration and ubiquitous medication control system, along with the corresponding Internet of Things context, is presented.