• Journal of Digital Convergence
• /
• v.10 no.2
• /
• pp.153-159
• /
• 2012

Now a days, U-healthcare comes into the spotlight as a new business model which combines RFID technology with medical service in the well-being era and IT popularization. U-healthcare service needs a method that can deals with hand-writing, overlap data, forgery and falsification of data, difference between information version that happen in medical process because of graft between RFID technology and u-healthcare. This paper proposes RFID based user certification protocol to protect user's privacy who gets medical service through U-healthcare. In the protocol, secret information of patient does the XOR with the secret key that is created in the hospital to reconsider the stability of security system of U-healthcare and user's data forgery and falsification and privacy and then saves it in the secret key field of patient in DB table. Also, it informs the case of illegal access to certification server and make it approved the access of u-healthcare service by differentiating whether u-healthcare is illegal or not.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.49-60
• /
• 2019

Medical record is part of the personal information that values the dignity and value of an individual, and can lead to serious social prejudice and disadvantage to an individual when it is breached illegally. In addition, the medical record has been highly threatened because its value is relatively high, and external threats are continuing. In this paper, we propose a medical record sharing framework that guarantees patient's privacy based on blockchain using ciphertext policy-based attribute based proxy re-encryption scheme. The proposed framework first uses the blockchain technology to ensure the integrity and transparency of medical records, and uses the stealth address to build the unlinkability between physician and patient. Besides, the ciphertext policy attribute-based proxy re-encryption scheme is used to enable fine-grained access control, and it is possible to share information in emergency situations without patient's agreement.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.2
• /
• pp.924-944
• /
• 2017

Telecare Medical Information System (TMIS) helps the patients to gain the health monitoring information at home and access medical services over the mobile Internet. In 2015, Das et al proposed a secure and robust user AKA scheme for hierarchical multi-medical server environment in TMIS, referred to as DAKA protocol, and claimed that their protocol is against all possible attacks. In this paper, we first analyze and show DAKA protocol is vulnerable to internal attacks, impersonation attacks and stolen smart card attack. Furthermore, DAKA protocol also cannot provide confidentiality. We then propose a lightweight pseudonym AKA protocol for multi-medical server architecture in TMIS (short for PAKA). Our PAKA protocol not only keeps good security features declared by DAKA protocol, but also truly provides patient's anonymity by using pseudonym to protect sensitive information from illegal interception. Besides, our PAKA protocol can realize authentication and key agreement with energy-saving, extremely low computation cost, communication cost and fewer storage resources in smart card, medical servers and physical servers. What's more, the PAKA protocol is proved secure against known possible attacks by using Burrows-Abadi-Needham (BAN) logic. As a result, these features make PAKA protocol is very suitable for computation-limited mobile device.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.6
• /
• pp.1256-1264
• /
• 2009

When unapproved users access to healthcare system and use medical information for other malicious purposes, it could severely threaten important information related to patients' life, because in ubiquitous environment healthcare service makes patient's various examination results, medical records or most information of a patient into data. Therefore, to solve these problems, we design RBAC(Role Based Access Control) for U-healthcare that can access control with location, time and context-awareness information like status information of user and protect patient's privacy. With implementation of the proposed model, we verify effectiveness of the access control model for healthcare in ubiquitous environment.

• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.225-234
• /
• 2023

In this era of information and communication technology (ICT), tremendous improvements have been witnessed in our daily lives. The impact of these technologies is subjective and negative or positive. For instance, ICT has brought a lot of ease and versatility in our lifestyles, on the other hand, its excessive use brings around issues related to physical and mental health etc. In this study, we are bridging these both aspects by proposing the idea of AI based mental healthcare (AIMS). In this regard, we aim to provide a platform where the patient can register to the system and take consultancy by providing their assessment by means of a chatbot. The chatbot will send the gathered information to the machine learning block. The machine learning model is already trained and predicts whether the patient needs a treatment by classifying him/her based on the assessment. This information is provided to the mental health practitioner (doctor, psychologist, psychiatrist, or therapist) as clinical decision support. Eventually, the practitioner will provide his/her suggestions to the patient via the proposed system. Additionally, the proposed system prioritizes care, support, privacy, and patient autonomy, all while using a friendly chatbot interface. By using technology like natural language processing and machine learning, the system can predict a patient's condition and recommend the right professional for further help, including in-person appointments if necessary. This not only raises awareness about mental health but also makes it easier for patients to start therapy.

• International Commerce and Information Review
• /
• v.13 no.3
• /
• pp.325-351
• /
• 2011

This paper is focused on problem in the law and system caused by the infringement of medical information and in the law and system indicate the solution. Interests in the medical service are increasing in internet environment as life quality of the people improves because of development in information and medical technology. The current main issues of the legislative system and the law improvement suggestion for telemedicine activation which is related to the ubiquitous health in which the medicine field and IT technology convergence appearance. In particular, South Korea in the privacy-related legislation should be amended. The reason, Medical information record contains a lot of patient's private secrets. Therefore, if privacy protection is not enough this could cause problem violate a patient's privacy. Thus we need consequently the maintenance of the health medical treatment field to suit a telemedicine environment of a law system. Specifically, this law enacted to protect medical treatment information and the technical security services with confidence and stability against security treats are necessary.

• Journal of Biomedical Engineering Research
• /
• v.24 no.6 s.81
• /
• pp.533-541
• /
• 2003

In the paper. the health card system to integrate several cards into one card for protecting patient's privacy and security problems is proposed. Firstly, it is defined the minimal data set for integrating several patient cards into one card using IC card, and developed the issuing system to issue the integrated patient IC card. In order to secure and certificate a patient's personal information. the integrated patient IC card has applied 3-DES and the PKI certificate authority based Windows 2000 is established. The receipt and reservation system for taking care of a healthcare has developed to cooperate with the existing hospital computer system. The integrating patient IC card system proposed in this paper is implemented to 11 hospitals and used for 1.000 patients. On the result of the simulation. the proposed system can receive or reserve for a patient to take care of healthcare in the simulated hospitals and also establish the basis of the mechanism to share a medical information.

• Journal of Sensor Science and Technology
• /
• v.16 no.4
• /
• pp.277-285
• /
• 2007

In this paper, we outline the research issues that we are pursuing towards building of location aware environments for mainly ubiquitous healthcare applications. Such location aware application can provide what is happening in this space. To locate an object, such as patient or elderly person, the active ceiling-mounted reference beacons were placed throughout the building. Reference beacons periodically publish location information on RF and ultrasonic signals to allow application running on mobile or static nodes to study and determine their physical location. Once object-carried passive listener receives the information, it subsequently determines it's location from reference beacons. The cost of the system was reduced while the accuracy in our experiments was fairly good and fine grained between 7 and 12 cm for location awareness in indoor environments by using only the sensor nodes and wireless sensor network technology. Passive architecture used here provides the security of the user privacy while at the server the privacy was secured by providing the authentication using Geopriv approach. This information from sensor nodes is further forwarded to base station where further computation is performed to determine the current position of object.

• Journal of Digital Convergence
• /
• v.16 no.1
• /
• pp.217-229
• /
• 2018

Electronic Health Record (EHR) systems are widely adopted worldwide in hospitals for generating and exchanging records of patient information. Recent developments are moving towards implementing interoperable EHR systems that enable information to be shared seamlessly across healthcare organizations. In this context, this paper explores the factors that cause medical information privacy concerns, identifies how people react to privacy invasion and what their perceptions are towards the acceptance of the EHR system. Interviews were conducted to draw a grounded theory on medical information privacy concerns in the use of EHRs. Medical information privacy concerns are caused by perceived sensitivity of medical information and the weaknesses in security technologies. Trust in medical professionals, medical institutions and technologies plays an important role in determining people's reaction to privacy invasion and their perceptions on the use of EHRs.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.379-388
• /
• 2011

Ensuring the security of medical records is becoming an increasingly important problem as modern technology is integrated into existing medical services. As a consequence of the adoption of EMR(Electronic Medical Records) in the health care sector, it is becoming more and more common for a health professional to edit and view a patient's record. In order to protect the patient's privacy, a secure authentication model to access the electronic medical records system must be used. A traditional identity based digital certificate for the authenticity of EMR has private key management and key escrow of a user's private key. In order to protect the EMR, The traditional authentication system is based on the digital certificate. The identity based digital certificate has many disadvantages, for example, the private key can be forgotten or stolen, and can be easily escrow of the private key. Nowadays, authentication model using fingerprint recognition technology for EMR has become more prevalent because of the advantages over digital certificate -based authentication model. Because identity-based fingerprint recognition can eliminate disadvantages of identity-based digital certificate, the proposed authentication model provide high security for access control in EMR.