Personal health record (PHR) enables patients to manage their own electronic medical records (EMR) in a centralized way, and it is oRen outsourced to be stored in a third-party server. In this paper we propose a n...Personal health record (PHR) enables patients to manage their own electronic medical records (EMR) in a centralized way, and it is oRen outsourced to be stored in a third-party server. In this paper we propose a novel secure and scalable system for sharing PHRs. We focus on the multiple data owner scenario, and divide the users in the system into multiple security domains that greatly reduce the key management complexity for owners and users. A high degree of patient privacy is guaranteed by exploiting hierarchical and multi- authority attribute-sets based encryption (HM- ASBE). Our system not only supports compound attributes due to flexible attribute sets combinations, but also achieves fine-grained access control. Our scheme supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios.展开更多
The rapid development of personal health records(PHR)systems enables an individual to collect,create,store and share his PHR to authorized entities.Health care systems within the smart city environment require a patie...The rapid development of personal health records(PHR)systems enables an individual to collect,create,store and share his PHR to authorized entities.Health care systems within the smart city environment require a patient to share his PRH data with a multitude of institutions’repositories located in the cloud.The cloud computing paradigm cannot meet such a massive transformative healthcare systems due to drawbacks including network latency,scalability and bandwidth.Fog computing relieves the load of conventional cloud computing by availing intermediate fog nodes between the end users and the remote servers.Assuming a massive demand of PHR data within a ubiquitous smart city,we propose a secure and fog assisted framework for PHR systems to address security,access control and privacy concerns.Built under a fog-based architecture,the proposed framework makes use of efficient key exchange protocol coupled with ciphertext attribute based encryption(CP-ABE)to guarantee confidentiality and fine-grained access control within the system respectively.We also make use of digital signature combined with CP-ABE to ensure the system authentication and users privacy.We provide the analysis of the proposed framework in terms of security and performance.展开更多
当前个人健康记录(PHR:Personal Health Records)存在着存储不安全和难以共享的问题。为提高PHR的安全性和共享性,提出一种基于超级帐本(Hyperledger)和手指静脉(FV:Finger Vein)特征身份验证的安全共享模型。PHR提供方在录入医疗记录时...当前个人健康记录(PHR:Personal Health Records)存在着存储不安全和难以共享的问题。为提高PHR的安全性和共享性,提出一种基于超级帐本(Hyperledger)和手指静脉(FV:Finger Vein)特征身份验证的安全共享模型。PHR提供方在录入医疗记录时将FV特征与临床医生的私钥签名结合,生成PHR索引。然后将PHR的索引存储在Hyperledger Fabric中,将真正的隐私数据存储在Filecoin中,减少了存储成本和链上存储压力。同时,设计了PHR访问控制合约防止恶意节点攻击。实验结果表明,该模型在性能和存储上有显著的优势。展开更多
随着云存储技术的不断发展,将个人健康记录(personal health records,PHR)信息外包给云服务器获得了人们极大的关注.PHR外包不仅给病人带来了极大的便利,而且实现了各医疗机构之间数据的高效共享.然而,随着将个人敏感信息上传至云服务器...随着云存储技术的不断发展,将个人健康记录(personal health records,PHR)信息外包给云服务器获得了人们极大的关注.PHR外包不仅给病人带来了极大的便利,而且实现了各医疗机构之间数据的高效共享.然而,随着将个人敏感信息上传至云服务器,数据拥有者以及使用者个人身份信息的泄露等一些安全担忧也随之出现.基于匿名的属性加密方案不仅可以保证云端数据的安全,而且能够有效保护数据使用者的个人身份信息.已有工作都着眼于保证数据内容安全和基本的访问控制,却很少关注文件的细粒度权限控制.提出的方案不仅实现了基于关键字容错的云端密文搜索,而且通过赋予云端数据不同的特权,实现了对文件的细粒度权限控制,只有那些被赋予了相应特权的数据用户才能对云端数据作相应的权限操作.最后,安全性分析表明该方案是安全的.展开更多
The article reviews the questions related to building the e-health systems. The key element of the system is electronic healthcare record to be formed according to the modular approach in the form of primary and satel...The article reviews the questions related to building the e-health systems. The key element of the system is electronic healthcare record to be formed according to the modular approach in the form of primary and satellite electronic medical records. Person-centred healthcare is proposed as a foundation for e-health. Such an approach provides a potential opportunity for all the medical doctors to obtain necessary information about their patients at any time via the teleconsultations in particular. Transition to e-health is associated with the creation of new opportunities for making diagnostic and therapeutic decisions based on the use of build-in decision support modules. The computer-assisted software design or hybrid systems are considered as the fourth generation medical information systems. It is reasonable to implement the entire information space of e-health, including the information systems of medical institutions and regional data repositories, based on cloud-optimized storage and computing solutions. This approach is expected to be implemented in Russia as a part of the unified state health information system. The authorized access to integrated databases for medical doctors of various specialties is required. In the framework of e-health, telemedicine is considered as an important component. Main elements comprise the real-time access of medical consultants to personified medical databases and remote follow-up of patients by the means of personal or home-based telemedicine. The use of personal portable devices for the control of vital signs of the organism is especially promising. Electronic stethoscopes and specialized video cameras for acquiring objective information should be increasingly used by remote consultants. Unfortunately, this trend is still underdeveloped in Russia. In perspective, e-health as unified medical space will provide a transition to the integrated analysis of population health by medical doctors of various specialties from different countries and will open new prospects for studying health based on the intelligent analysis of integrated data of patients.展开更多
Home-based records (HBRs) are an important tool for recording and communicating within primary healthcare service delivery. Unfortunately, HBRs are currently unable to fulfil their intended purpose in many communities...Home-based records (HBRs) are an important tool for recording and communicating within primary healthcare service delivery. Unfortunately, HBRs are currently unable to fulfil their intended purpose in many communities either because the HBR is not functionally well-designed to serve its objectives, not made available, not fully adopted and/or not appropriately utilized by caregivers and/or health workers. This brief report describes the occurrence of nationally reported HBR stock-outs and HBR financing patterns during 2014 and 2015 across 195 countries reporting immunization system performance data to the World Health Organization and United Nations Children’s Fund. National level HBR stock-outs were reported by 19 and 22 countries during 2014 and 2015, respectively, with eleven countries reporting stock-outs during both 2014 and 2015. During 2015, 12 of the 22 countries reporting HBR stock-outs were from the African Region and two-thirds of the countries were Gavi-eligible. Information on HBR stock-outs was either not available or not reported by 66 countries (19 were Gavi-eligible) for 2014 and 53 (11 were Gavi-eligible) countries for 2015. Among the 22 countries reporting HBR stock-outs in 2015, 12 (54%) countries reported a single HBR financing source, and nine (41%) countries reported more than one source for HBR financing. The occurrence of HBR stock-outs remains a concern, particularly in Gavi-eligible countries introducing new vaccines where dedicated funding is received for revising and printing new recording tools, including HBRs. Additional attention is needed to understand the root causes for stock-outs and identify solutions to ensure a well-designed, durable HBR is readily available in the right quantity, in the right place at the right time in all countries.展开更多
Personal health records and electronic health records are considered as the most sensitive information in the healthcare domain.Several solutions have been provided for implementing the digital health system using blo...Personal health records and electronic health records are considered as the most sensitive information in the healthcare domain.Several solutions have been provided for implementing the digital health system using blockchain,but there are several challenges,such as secure access control and privacy is one of the prominent issues.Hence,we propose a novel framework and implemented an attribute-based access control system using blockchain.Moreover,we have also integrated artificial intelligence(AI)based approach to identify the behavior and activity for security reasons.The current methods only focus on the related clinical records received from a medical diagnosis.Moreover,existing methods are too inflexible to resourcefully sustenance metadata changes.A secure patient data access framework is proposed in this research,integrating blockchain,trust chain,and blockchain methods to overcome these problems in the literature for sharing and accessing digital healthcare data.We have used a neural network and classifier to categorize the user access to our proposed system.Our proposed scheme provides an intelligent and secure blockchain-based access control system in the digital healthcare system.Experimental results surpass the existing solutions by collecting attributes such as the number of transactions,number of nodes,transaction delay,block creation,and signature verification time.展开更多
Sharing of personal health records(PHR)in cloud computing is an essential functionality in the healthcare system.However,how to securely,efficiently and flexibly share PHRs data of the patient in a multi-receiver sett...Sharing of personal health records(PHR)in cloud computing is an essential functionality in the healthcare system.However,how to securely,efficiently and flexibly share PHRs data of the patient in a multi-receiver setting has not been well addressed.For instance,since the trust domain of the cloud server is not identical to the data owner or data user,the semi-trust cloud service provider may intentionally destroy or tamper shared PHRs data of user or only transform partial ciphertext of the shared PHRs or even return wrong computation results to save its storage and computation resource,to pursue maximum economic interest or other malicious purposes.Thus,the PHRs data storing or sharing via the cloud server should be performed with consistency and integrity verification.Fortunately,the emergence of blockchain technology provides new ideas and prospects for ensuring the consistency and integrity of shared PHRs data.To this end,in this work,we leverage the consortiumblockchain technology to enhance the trustworthiness of each participant and propose a blockchain-based patient-centric data sharing scheme for PHRs in cloud computing(BC-PC-Share).Different from the state-of-art schemes,our proposal can achieve the following desired properties:(1)Realizing patient-centric PHRs sharing with a public verification function,i.e.,which can ensure that the returned shared data is consistent with the requested shared data and the integrity of the shared data is not compromised.(2)Supporting scalable and fine-grained access control and sharing of PHRs data with multiple domain users,such as hospitals,medical research institutes,and medical insurance companies.(3)Achieving efficient user decryption by leveraging the transformation key technique and efficient user revocation by introducing time-controlled access.The security analysis and simulation experiment demonstrate that the proposed BC-PC-Share scheme is a feasible and promising solution for PHRs data sharing via consortium blockchain.展开更多
为解决医疗云平台共享个人健康档案(personal health record,PHR)存在的隐私泄露和加解密效率不理想的问题,以医疗云平台中帕金森病患者的转诊场景为例,提出了一种基于线性秘密共享的改进密文属性代理重加密方案(improved linear secret...为解决医疗云平台共享个人健康档案(personal health record,PHR)存在的隐私泄露和加解密效率不理想的问题,以医疗云平台中帕金森病患者的转诊场景为例,提出了一种基于线性秘密共享的改进密文属性代理重加密方案(improved linear secret sharing based ciphertext attribute proxy re-encryption scheme,LCPS)。该方案利用线性秘密共享技术来隐藏访问策略中的隐私属性,降低因访问策略暴露引发的隐私泄露风险;该方案还对代理重加密算法进行改进,通过减少复杂的双线性运算,提高了加解密效率。结果表明,LCPS在加解密方面的表现要优于其他方案。在判定性q-BDHE(q-decisional bilinear Diffie-Hellman exponent)困难假设下具有选择明文攻击时的不可区分性(indistinguishability under chosen-plaintext attack,IND-CPA)。该方案具有可移植性,同样适用于医疗云中其他病症转诊时的个人健康档案安全共享。展开更多
随着信息技术的不断发展,医疗卫生行业已逐步实现了信息化,HIS、LIS、PACS等系统也已进入较为成熟的发展阶段。然而随着人们对健康问题进一步的重视,传统的健康信息管理模式已经不能满足人们的需求,个人健康档案PHR(Personal Health Rec...随着信息技术的不断发展,医疗卫生行业已逐步实现了信息化,HIS、LIS、PACS等系统也已进入较为成熟的发展阶段。然而随着人们对健康问题进一步的重视,传统的健康信息管理模式已经不能满足人们的需求,个人健康档案PHR(Personal Health Record)这一概念也由此被提出。个人健康档案是一种以拥有人为中心,综合管理个人健康信息的方案,它记录了个人日常生活中的各种健康状态,包括各种病史,用药情况,每次体检情况以及自检情况等。通过这种方式,医疗资源可以被有效地集中起来,这对预防医学的发展无疑也是有益的。在设计个人健康档案的存储标准时,XML是一种较为合适的选择,它的可读性、扩展性、平台无关性恰好解决了健康信息多来源、非结构化等问题。HL7 CDA标准同样选择了XML,这也使得我们在设计符合中国国情的健康档案时有了很好的参考标准。展开更多
基金the National Natural Science Foundation of China under contract NO 61271235 and No.60973146,and the Fundamental Research Funds for the Central Universities under Grant No.BUPT2013RC0308
文摘Personal health record (PHR) enables patients to manage their own electronic medical records (EMR) in a centralized way, and it is oRen outsourced to be stored in a third-party server. In this paper we propose a novel secure and scalable system for sharing PHRs. We focus on the multiple data owner scenario, and divide the users in the system into multiple security domains that greatly reduce the key management complexity for owners and users. A high degree of patient privacy is guaranteed by exploiting hierarchical and multi- authority attribute-sets based encryption (HM- ASBE). Our system not only supports compound attributes due to flexible attribute sets combinations, but also achieves fine-grained access control. Our scheme supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios.
基金the Deanship of Scientific Research at King Saud University for funding this work through Vice Deanship of Scientific Research Chairs:Chair of Pervasive and Mobile Computing.
文摘The rapid development of personal health records(PHR)systems enables an individual to collect,create,store and share his PHR to authorized entities.Health care systems within the smart city environment require a patient to share his PRH data with a multitude of institutions’repositories located in the cloud.The cloud computing paradigm cannot meet such a massive transformative healthcare systems due to drawbacks including network latency,scalability and bandwidth.Fog computing relieves the load of conventional cloud computing by availing intermediate fog nodes between the end users and the remote servers.Assuming a massive demand of PHR data within a ubiquitous smart city,we propose a secure and fog assisted framework for PHR systems to address security,access control and privacy concerns.Built under a fog-based architecture,the proposed framework makes use of efficient key exchange protocol coupled with ciphertext attribute based encryption(CP-ABE)to guarantee confidentiality and fine-grained access control within the system respectively.We also make use of digital signature combined with CP-ABE to ensure the system authentication and users privacy.We provide the analysis of the proposed framework in terms of security and performance.
文摘当前个人健康记录(PHR:Personal Health Records)存在着存储不安全和难以共享的问题。为提高PHR的安全性和共享性,提出一种基于超级帐本(Hyperledger)和手指静脉(FV:Finger Vein)特征身份验证的安全共享模型。PHR提供方在录入医疗记录时将FV特征与临床医生的私钥签名结合,生成PHR索引。然后将PHR的索引存储在Hyperledger Fabric中,将真正的隐私数据存储在Filecoin中,减少了存储成本和链上存储压力。同时,设计了PHR访问控制合约防止恶意节点攻击。实验结果表明,该模型在性能和存储上有显著的优势。
文摘随着云存储技术的不断发展,将个人健康记录(personal health records,PHR)信息外包给云服务器获得了人们极大的关注.PHR外包不仅给病人带来了极大的便利,而且实现了各医疗机构之间数据的高效共享.然而,随着将个人敏感信息上传至云服务器,数据拥有者以及使用者个人身份信息的泄露等一些安全担忧也随之出现.基于匿名的属性加密方案不仅可以保证云端数据的安全,而且能够有效保护数据使用者的个人身份信息.已有工作都着眼于保证数据内容安全和基本的访问控制,却很少关注文件的细粒度权限控制.提出的方案不仅实现了基于关键字容错的云端密文搜索,而且通过赋予云端数据不同的特权,实现了对文件的细粒度权限控制,只有那些被赋予了相应特权的数据用户才能对云端数据作相应的权限操作.最后,安全性分析表明该方案是安全的.
文摘The article reviews the questions related to building the e-health systems. The key element of the system is electronic healthcare record to be formed according to the modular approach in the form of primary and satellite electronic medical records. Person-centred healthcare is proposed as a foundation for e-health. Such an approach provides a potential opportunity for all the medical doctors to obtain necessary information about their patients at any time via the teleconsultations in particular. Transition to e-health is associated with the creation of new opportunities for making diagnostic and therapeutic decisions based on the use of build-in decision support modules. The computer-assisted software design or hybrid systems are considered as the fourth generation medical information systems. It is reasonable to implement the entire information space of e-health, including the information systems of medical institutions and regional data repositories, based on cloud-optimized storage and computing solutions. This approach is expected to be implemented in Russia as a part of the unified state health information system. The authorized access to integrated databases for medical doctors of various specialties is required. In the framework of e-health, telemedicine is considered as an important component. Main elements comprise the real-time access of medical consultants to personified medical databases and remote follow-up of patients by the means of personal or home-based telemedicine. The use of personal portable devices for the control of vital signs of the organism is especially promising. Electronic stethoscopes and specialized video cameras for acquiring objective information should be increasingly used by remote consultants. Unfortunately, this trend is still underdeveloped in Russia. In perspective, e-health as unified medical space will provide a transition to the integrated analysis of population health by medical doctors of various specialties from different countries and will open new prospects for studying health based on the intelligent analysis of integrated data of patients.
文摘Home-based records (HBRs) are an important tool for recording and communicating within primary healthcare service delivery. Unfortunately, HBRs are currently unable to fulfil their intended purpose in many communities either because the HBR is not functionally well-designed to serve its objectives, not made available, not fully adopted and/or not appropriately utilized by caregivers and/or health workers. This brief report describes the occurrence of nationally reported HBR stock-outs and HBR financing patterns during 2014 and 2015 across 195 countries reporting immunization system performance data to the World Health Organization and United Nations Children’s Fund. National level HBR stock-outs were reported by 19 and 22 countries during 2014 and 2015, respectively, with eleven countries reporting stock-outs during both 2014 and 2015. During 2015, 12 of the 22 countries reporting HBR stock-outs were from the African Region and two-thirds of the countries were Gavi-eligible. Information on HBR stock-outs was either not available or not reported by 66 countries (19 were Gavi-eligible) for 2014 and 53 (11 were Gavi-eligible) countries for 2015. Among the 22 countries reporting HBR stock-outs in 2015, 12 (54%) countries reported a single HBR financing source, and nine (41%) countries reported more than one source for HBR financing. The occurrence of HBR stock-outs remains a concern, particularly in Gavi-eligible countries introducing new vaccines where dedicated funding is received for revising and printing new recording tools, including HBRs. Additional attention is needed to understand the root causes for stock-outs and identify solutions to ensure a well-designed, durable HBR is readily available in the right quantity, in the right place at the right time in all countries.
基金This research was supported by Taif University Researchers Supporting Project number(TURSP-2020/98),Taif University,Taif,Saudi Arabia.
文摘Personal health records and electronic health records are considered as the most sensitive information in the healthcare domain.Several solutions have been provided for implementing the digital health system using blockchain,but there are several challenges,such as secure access control and privacy is one of the prominent issues.Hence,we propose a novel framework and implemented an attribute-based access control system using blockchain.Moreover,we have also integrated artificial intelligence(AI)based approach to identify the behavior and activity for security reasons.The current methods only focus on the related clinical records received from a medical diagnosis.Moreover,existing methods are too inflexible to resourcefully sustenance metadata changes.A secure patient data access framework is proposed in this research,integrating blockchain,trust chain,and blockchain methods to overcome these problems in the literature for sharing and accessing digital healthcare data.We have used a neural network and classifier to categorize the user access to our proposed system.Our proposed scheme provides an intelligent and secure blockchain-based access control system in the digital healthcare system.Experimental results surpass the existing solutions by collecting attributes such as the number of transactions,number of nodes,transaction delay,block creation,and signature verification time.
基金supported by the Youth Doctoral Foundation of Gansu Education Committee under Grant No.2022QB-176.
文摘Sharing of personal health records(PHR)in cloud computing is an essential functionality in the healthcare system.However,how to securely,efficiently and flexibly share PHRs data of the patient in a multi-receiver setting has not been well addressed.For instance,since the trust domain of the cloud server is not identical to the data owner or data user,the semi-trust cloud service provider may intentionally destroy or tamper shared PHRs data of user or only transform partial ciphertext of the shared PHRs or even return wrong computation results to save its storage and computation resource,to pursue maximum economic interest or other malicious purposes.Thus,the PHRs data storing or sharing via the cloud server should be performed with consistency and integrity verification.Fortunately,the emergence of blockchain technology provides new ideas and prospects for ensuring the consistency and integrity of shared PHRs data.To this end,in this work,we leverage the consortiumblockchain technology to enhance the trustworthiness of each participant and propose a blockchain-based patient-centric data sharing scheme for PHRs in cloud computing(BC-PC-Share).Different from the state-of-art schemes,our proposal can achieve the following desired properties:(1)Realizing patient-centric PHRs sharing with a public verification function,i.e.,which can ensure that the returned shared data is consistent with the requested shared data and the integrity of the shared data is not compromised.(2)Supporting scalable and fine-grained access control and sharing of PHRs data with multiple domain users,such as hospitals,medical research institutes,and medical insurance companies.(3)Achieving efficient user decryption by leveraging the transformation key technique and efficient user revocation by introducing time-controlled access.The security analysis and simulation experiment demonstrate that the proposed BC-PC-Share scheme is a feasible and promising solution for PHRs data sharing via consortium blockchain.
文摘为解决医疗云平台共享个人健康档案(personal health record,PHR)存在的隐私泄露和加解密效率不理想的问题,以医疗云平台中帕金森病患者的转诊场景为例,提出了一种基于线性秘密共享的改进密文属性代理重加密方案(improved linear secret sharing based ciphertext attribute proxy re-encryption scheme,LCPS)。该方案利用线性秘密共享技术来隐藏访问策略中的隐私属性,降低因访问策略暴露引发的隐私泄露风险;该方案还对代理重加密算法进行改进,通过减少复杂的双线性运算,提高了加解密效率。结果表明,LCPS在加解密方面的表现要优于其他方案。在判定性q-BDHE(q-decisional bilinear Diffie-Hellman exponent)困难假设下具有选择明文攻击时的不可区分性(indistinguishability under chosen-plaintext attack,IND-CPA)。该方案具有可移植性,同样适用于医疗云中其他病症转诊时的个人健康档案安全共享。
文摘随着信息技术的不断发展,医疗卫生行业已逐步实现了信息化,HIS、LIS、PACS等系统也已进入较为成熟的发展阶段。然而随着人们对健康问题进一步的重视,传统的健康信息管理模式已经不能满足人们的需求,个人健康档案PHR(Personal Health Record)这一概念也由此被提出。个人健康档案是一种以拥有人为中心,综合管理个人健康信息的方案,它记录了个人日常生活中的各种健康状态,包括各种病史,用药情况,每次体检情况以及自检情况等。通过这种方式,医疗资源可以被有效地集中起来,这对预防医学的发展无疑也是有益的。在设计个人健康档案的存储标准时,XML是一种较为合适的选择,它的可读性、扩展性、平台无关性恰好解决了健康信息多来源、非结构化等问题。HL7 CDA标准同样选择了XML,这也使得我们在设计符合中国国情的健康档案时有了很好的参考标准。