Dependable and secure computing in medical information systems

Junbeom Hur, Kyungtae Kang

Research output: Contribution to journalArticle

10 Citations (Scopus)

Abstract

Medical information systems facilitate ambulatory patient care, and increase safer and more intelligent diagnostic and therapeutic capabilities through automated interoperability among distributed medical devices. In modern medical information systems, dependability is one of the most important factors for patient safety in the presence of delayed or lost system alarm and data streams due to the intermittent medical device network connection or failure. In addition, since the medical information need to be frequently audited by many human operators as well as the automated medical devices, secure access control is another pivotal factor for patient privacy and data confidentiality against inside or outside adversaries. In this study, we propose a dependable and secure access policy enforcement scheme for disruption-tolerant medical information systems. The proposed scheme exploits the external storage node operated by the device controller, which enables reliable communications between medical devices. Fine-grained data access control is also achieved, while the key escrow problem is resolved such that any curious device controller or key generation center cannot decrypt the private medical data of patients. The proposed scheme allows the device controller to partially decrypt the encrypted medical information for the authorized receivers with their corresponding attributes without leaking any confidential information to it. Thus, computational efficiency at the medical devices is also enhanced by enabling the medical devices to delegate most laborious tasks of decryption to the device controller.

Original languageEnglish
Pages (from-to)20-28
Number of pages9
JournalComputer Communications
Volume36
Issue number1
DOIs
Publication statusPublished - 2012 Dec 1
Externally publishedYes

Fingerprint

Medical information systems
Controllers
Access control
Alarm systems
Computational efficiency
Interoperability
Communication

Keywords

  • Access control
  • Medical device network
  • Medical information system
  • Reliability
  • Security

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this

Dependable and secure computing in medical information systems. / Hur, Junbeom; Kang, Kyungtae.

In: Computer Communications, Vol. 36, No. 1, 01.12.2012, p. 20-28.

Research output: Contribution to journalArticle

@article{e214e3d8ef1640d284337c4d8ec420aa,
title = "Dependable and secure computing in medical information systems",
abstract = "Medical information systems facilitate ambulatory patient care, and increase safer and more intelligent diagnostic and therapeutic capabilities through automated interoperability among distributed medical devices. In modern medical information systems, dependability is one of the most important factors for patient safety in the presence of delayed or lost system alarm and data streams due to the intermittent medical device network connection or failure. In addition, since the medical information need to be frequently audited by many human operators as well as the automated medical devices, secure access control is another pivotal factor for patient privacy and data confidentiality against inside or outside adversaries. In this study, we propose a dependable and secure access policy enforcement scheme for disruption-tolerant medical information systems. The proposed scheme exploits the external storage node operated by the device controller, which enables reliable communications between medical devices. Fine-grained data access control is also achieved, while the key escrow problem is resolved such that any curious device controller or key generation center cannot decrypt the private medical data of patients. The proposed scheme allows the device controller to partially decrypt the encrypted medical information for the authorized receivers with their corresponding attributes without leaking any confidential information to it. Thus, computational efficiency at the medical devices is also enhanced by enabling the medical devices to delegate most laborious tasks of decryption to the device controller.",
keywords = "Access control, Medical device network, Medical information system, Reliability, Security",
author = "Junbeom Hur and Kyungtae Kang",
year = "2012",
month = "12",
day = "1",
doi = "10.1016/j.comcom.2012.01.006",
language = "English",
volume = "36",
pages = "20--28",
journal = "Computer Communications",
issn = "0140-3664",
publisher = "Elsevier",
number = "1",

}

TY - JOUR

T1 - Dependable and secure computing in medical information systems

AU - Hur, Junbeom

AU - Kang, Kyungtae

PY - 2012/12/1

Y1 - 2012/12/1

N2 - Medical information systems facilitate ambulatory patient care, and increase safer and more intelligent diagnostic and therapeutic capabilities through automated interoperability among distributed medical devices. In modern medical information systems, dependability is one of the most important factors for patient safety in the presence of delayed or lost system alarm and data streams due to the intermittent medical device network connection or failure. In addition, since the medical information need to be frequently audited by many human operators as well as the automated medical devices, secure access control is another pivotal factor for patient privacy and data confidentiality against inside or outside adversaries. In this study, we propose a dependable and secure access policy enforcement scheme for disruption-tolerant medical information systems. The proposed scheme exploits the external storage node operated by the device controller, which enables reliable communications between medical devices. Fine-grained data access control is also achieved, while the key escrow problem is resolved such that any curious device controller or key generation center cannot decrypt the private medical data of patients. The proposed scheme allows the device controller to partially decrypt the encrypted medical information for the authorized receivers with their corresponding attributes without leaking any confidential information to it. Thus, computational efficiency at the medical devices is also enhanced by enabling the medical devices to delegate most laborious tasks of decryption to the device controller.

AB - Medical information systems facilitate ambulatory patient care, and increase safer and more intelligent diagnostic and therapeutic capabilities through automated interoperability among distributed medical devices. In modern medical information systems, dependability is one of the most important factors for patient safety in the presence of delayed or lost system alarm and data streams due to the intermittent medical device network connection or failure. In addition, since the medical information need to be frequently audited by many human operators as well as the automated medical devices, secure access control is another pivotal factor for patient privacy and data confidentiality against inside or outside adversaries. In this study, we propose a dependable and secure access policy enforcement scheme for disruption-tolerant medical information systems. The proposed scheme exploits the external storage node operated by the device controller, which enables reliable communications between medical devices. Fine-grained data access control is also achieved, while the key escrow problem is resolved such that any curious device controller or key generation center cannot decrypt the private medical data of patients. The proposed scheme allows the device controller to partially decrypt the encrypted medical information for the authorized receivers with their corresponding attributes without leaking any confidential information to it. Thus, computational efficiency at the medical devices is also enhanced by enabling the medical devices to delegate most laborious tasks of decryption to the device controller.

KW - Access control

KW - Medical device network

KW - Medical information system

KW - Reliability

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=84869096404&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84869096404&partnerID=8YFLogxK

U2 - 10.1016/j.comcom.2012.01.006

DO - 10.1016/j.comcom.2012.01.006

M3 - Article

AN - SCOPUS:84869096404

VL - 36

SP - 20

EP - 28

JO - Computer Communications

JF - Computer Communications

SN - 0140-3664

IS - 1

ER -