• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권1호
• /
• pp.437-454
• /
• 2020

According to the privacy regulations of the health insurance portability and accountability act (HIPAA), patients' control over electronic health data is one of the major concern issues. Currently, remote access authorization is considered as the best solution to guarantee the patients' control over their health data. In this paper, a new biometric-based key management scheme is proposed to facilitate remote access authorization anytime and anywhere. First, patients and doctors can use their biometric information to verify the authenticity of communication partners through real-time video communication technology. Second, a safety channel is provided in delivering their access authorization and secret data between patient and doctor. In the designed scheme, the user's public key is authenticated by the corresponding biometric information without the help of public key infrastructure (PKI). Therefore, our proposed scheme does not have the costs of certificate storage, certificate delivery, and certificate revocation. In addition, the implementation time of our proposed system can be significantly reduced.

• 보건교육건강증진학회지
• /
• 제20권1호
• /
• pp.61-76
• /
• 2003

As people get broader access to health information through the internet, there is a greater need for measure to maximize the social advantages of the internet and to minimize negative side-effects. With this concern, this paper classifies internet health information services sites into : on-line supply of health information, on-line consultation, on-line diagnosis, and on-line sales. As well this paper analyzes domestic laws supporting and/or regulating these services. The efficient provision of internet health services requires comprehensive laws on individual privacy protection, prevention and handling of medical accidents, an electronic prescription form for internet diagnosis, electronic signing, payment for medical expenses, qualifications for internet medical practitioners. Additional laws are required to establish internet pharmacies and internet health goods stores. These new laws can be prepared either separately or through revision of existing laws governing medical practice, pharmacies, and public health promotion. However, as the legal control by the government on cyber processes and entities has a fairly minimal effect, consumers should be encouraged to improve their own capacity for wisely using internet health services and health-service providers should be encouraged to promote voluntary supervision and control of their own services and practices.

• 한국컴퓨터정보학회논문지
• /
• 제10권3호
• /
• pp.119-132
• /
• 2005

헬스 케어 정보 시스템의 데이터는 병원 업무에 필요한 많은 정보들을 포함하고 있다. 이러한 정보들은 전자 분산 환경을 통하여 네트워크 상에서 분산되어 있으며 많은 의료 관계자들은 쉽게 환자들의 정보에 접근할 수가 있다. 또한 모바일 환경의 발달로 모바일 폰을 사용하는 사용자가 급격히 증가하였고 이에 따라서 환자와 의사가 자유롭게 이동하면서 의료서비스를 주고받는 모바일 헬스 케어가 나타나게 되었다. 또한 이는 원래 목적을 위해 사용되지 않을 뿐 아니라 환자 개인의 프라이버시를 침해 할 위험을 가져 올 수 있다. 본 논문에서는 모바일 헬스 케어 정보 시스템에서의 데이터 누출 및 수정 등에 의하여 환자의 생명과 직접적인 관련이 있는 정보들을 안전하게 보호하기 위하여 사용자의 접근을 제어하는 방법을 제시하고 이를 모델링함으로써 환자 개인의 정보 및 시스템 안전을 가져올 수 있는 효과적인 접근제어 방법을 제시한다.

• International journal of advanced smart convergence
• /
• 제8권2호
• /
• pp.204-210
• /
• 2019

Mobile Crowd Computing is one of the most efficient and effective way to collect the Electronic health records and they are very intelligent in processing them. Mobile Crowd Computing can handle, analyze and process the huge volumes of Electronic Health Records (EHR) from the high-performance Cloud Environment. Electronic Health Records are very sensitive, so they need to be secured, authenticated and processed efficiently. However, security, privacy and authentication of Electronic health records(EHR) and Patient health records(PHR) in the Mobile Crowd Computing Environment have become a critical issue that restricts many healthcare services from using Crowd Computing services .Our proposed Efficient Multi-layer Encryption Framework(MLEF) applies a set of multiple security Algorithms to provide access control over integrity, confidentiality, privacy and authentication with cost efficient to the Electronic health records(HER)and Patient health records(PHR). Our system provides the efficient way to create an environment that is capable of capturing, storing, searching, sharing, analyzing and authenticating electronic healthcare records efficiently to provide right intervention to the right patient at the right time in the Mobile Crowd Computing Environment.

• 융합보안논문지
• /
• 제9권2호
• /
• pp.49-58
• /
• 2009

의료기관에서 환자의 개인건강정보는 진료를 위해 의료진의 정보열람이 반드시 필요한 사항이다. 그러나 이러한 정보의 불필요한 노출은 개인정보보호와 관련이 있어 민감하게 취급되어야 하며, 의료기관에 종사하는 사용자들이라 할지라도 접근에 있어 역할에 따른 제한이 필요하다. 따라서 본 논문에서는 의료진과 그 이외의 직원들 간의 사용자 식별을 통한 개인건강정보의 접근 통제뿐만 아니라 업무에 따른 조건을 추가하여 사용자 직종 내에서도 상황에 따른 접근 통제에 대해 연구하였다. 응급상황, 담당과 여부에 따른 접근 통제, 그리고 환자가 정하는 본인의 개인정보에 대한 접근통제를 포함하여 확장된 개념의 역할기반 접근제어를 합으로써 의료기관내에서 환자의 개인건강정보의 불필요한 접근이나 유출을 최소화 할 수 있다.

• 한국전자통신학회논문지
• /
• 제18권5호
• /
• pp.971-980
• /
• 2023

기존의 산업현장에서 안전사고 및 산업재해들이 끊임없이 발생하고 있다. 또한, 근로자의 육체적·정신적 피로로 인해 안전사고가 발생할 확률이 높아지고 있다. 이에 따라, 근로자의 안전을 위해 체계적인 관리 및 다양한 시스템의 도입이 요구되고 있다. 본 논문에서는 산업현장에서 생체정보를 이용한 출입 관리 시스템의 개발로 근로자의 효율적인 건강관리, 출입통제관리 기능 개발을 수행한다. 출입통제를 위해 얼굴인식을 통해 근로자를 확인하고, 건강상태 유무는 홍채인식을 통해 판별한다. 근로자의 홍채 및 눈의 충혈 상태를 통해 건강이상 징후를 진단하여 정확도를 높이고 보다 효율적인 관리 시스템의 개발을 목표로 한다. 최종적으로 개발 내용은 현장 출입관리 시스템, 관리자용 출입통제 프로그램, 사용자 건강이상 징후 진단을 위한 진단하는 메인 서버 시스템으로 구성된다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권1호
• /
• pp.323-342
• /
• 2021

Personal health records (PHRs) is an electronic medical system that enables patients to acquire, manage and share their health data. Nevertheless, data confidentiality and user privacy in PHRs have not been handled completely. As a fine-grained access control over health data, ciphertext-policy attribute-based encryption (CP-ABE) has an ability to guarantee data confidentiality. However, existing CP-ABE solutions for PHRs are facing some new challenges in access control, such as policy privacy disclosure and dynamic policy update. In terms of addressing these problems, we propose a privacy protection and dynamic share system (PPADS) based on CP-ABE for PHRs, which supports full policy hiding and flexible access control. In the system, attribute information of access policy is fully hidden by attribute bloom filter. Moreover, data user produces a transforming key for the PHRs Cloud to change access policy dynamically. Furthermore, relied on security analysis, PPADS is selectively secure under standard model. Finally, the performance comparisons and simulation results demonstrate that PPADS is suitable for PHRs.

• Journal of Preventive Medicine and Public Health
• /
• 제55권6호
• /
• pp.539-548
• /
• 2022

Objectives: The purpose of this study was to assess the organizational effectiveness of the introduction of a healthcare information system (electronic medical records and databases) in healthcare in Kazakhstan. Methods: The authors used a combination of 2 methods: expert assessment and strengths, weaknesses, opportunities, and threats (SWOT) analysis. SWOT analysis is a necessary element of research, constituting a mandatory preliminary stage both when drawing up strategic plans and for taking corrective measures in the future. The expert survey was conducted using 2 questionnaires. Results: The study involved 40 experts drawn from specialists in primary healthcare in Aktobe: 15 representatives of administrative and managerial personnel (chief doctors and their deputies, heads of medical statistics offices, organizational and methodological offices, and internal audit services) and 25 general practitioners. Conclusions: The following functional indicators of the medical and organizational effectiveness of the introduction of information systems in polyclinics were highlighted: first, improvement of administrative control, followed in descending order by registration and movement of medical documentation, statistical reporting and process results, and the cost of employees' working time. There has been no reduction in financial costs, namely in terms of the costs of copying, delivery of information in paper form, technical equipment, and paper.

• 전기학회논문지
• /
• 제63권10호
• /
• pp.1328-1336
• /
• 2014

This paper proposes Power System Health Index(PSHI) newly. The paper describes several kind of power system health indices based on two main categories, which are adequacy and security. In adequacy, four kinds of health indices of Frequency, Voltage, Reserve(Operating Reserve Power and Frequency Regulation Reserve Power) and Overload of lines and transformers are proposed. In security, four kinds of health indices of Voltage(154kV, 345kV and 765kV), Overload of lines and transformers, Power flow constraint among areas and SPS are proposed. All indices are mapped with three domains, which are indicated as Health, Margin and Risk, defined with expert interview. While domains of health, margin and risk is defined similar with the conventional well being analysis of power system. The criterion of the domains is proposed using an interview with expert operators and practical reliability codes in Korea. The several kinds of health index functions, which are linear ratio, piecewise linear ration and reverse ratio function etc. are developed in this paper. It will be expected that the developed health indices can help operators to control power system more successfully and also prevent power system from accident as like as black out in future because operator can make a decision immediately based on more easily visual information of system conditions from too much indices acquisition of complex power system.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2014년도 추계학술대회
• /
• pp.699-700
• /
• 2014

The use of Radio Frequency Identification technology (RFID) in medical context enables not only drug identification, but also a rapid and precise identification of patients, physicians, nurses or any other healthcare giver. The combination of RFID tag identification with structured and secured Internet of Things (IoT) solutions enables ubiquitous and easy access to medical related records, while providing control and security to all interactions. This paper defines a basic security architecture, easily deployable on mobile platforms, which would allow to establish and manage a medication prescription service in mobility context making use of electronic Personal Health Records. This security architecture is aimed to be used with a mobile e-health application (m-health) through a simple and intuitive interface, supported by RFID technology. This architecture, able to support secured and authenticated interactions, will enable an easy deployment of m-health applications. The special case of drug administration and ubiquitous medication control system, along with the corresponding Internet of Things context, is presented.