Introduction: Integrated Hospital Information System (HIS) is vital to decision making and plays a crucial role in the success of the organization. Computerization of the medical records and documentation has resulted...Introduction: Integrated Hospital Information System (HIS) is vital to decision making and plays a crucial role in the success of the organization. Computerization of the medical records and documentation has resulted in efficient data management and information dissemination for the users. Hospital Information System addresses the entire major functional areas of modern multi-specialty hospitals. The package enables improved patient care, patient safety, efficiency and reduced costs. It provides easy access to critical information, thereby enabling management to make better decisions on time. Aims: The short-term objectives of the on-line computerized system are to reduce costs and improve the accuracy and timeliness of patient care, accounting and administration, record keeping, and management reporting. The long-term goal is to build and maintain patient database for analysis of data to facilitate decision-making process. Methods: To run the system it requires some Hardware & Database for IT Department. The technique involves Patient Registration System, Finance & Accounts, Human Resource Management System, Laboratory, Out Patient Management System, and Inpatient Management System. Results: In the mid seventies, a complex was established at Shahbag area in the name of Bangladesh Institute of Research and Rehabilitation in Diabetes, Endocrine and Metabolic Disorders (BIRDEM). From 1982 BIRDEM was designated as the WHO collaborating centre for research on prevention and control of diabetes. It is first of its kind outside Europe. Now from 2000 BIRDEM has successfull developed & implemented some crucial part of HIS System like Patient Admission & Billing System, Finanace & Account System, Human Resourse Management & Payroll System, Store Inventory & Procurement Management System, Labrotary Management System, Assets Management System, Radiology & Imaging Management System. Conclusions: It can thus be seen that deploying IT can help the medical profession in improving its quality of service and thus automatically increasing the preparedness and defensiveness. Of course, it is of vital importance that the software must have the right type of modularity and openness so that it is manageable, maintainable and upgradeable. They can perform the complex task of matching, tabulating, calculating, retrieving, printing and securing the data as required. Well designed, integrated computer system can be a great tool in the hands of the hospital management in improving services, controlling cost, and ensuring optimal utilization of facilities.展开更多
The fourth international conference on Web information systems and applications (WISA 2007) has received 409 submissions and has accepted 37 papers for publication in this issue. The papers cover broad research area...The fourth international conference on Web information systems and applications (WISA 2007) has received 409 submissions and has accepted 37 papers for publication in this issue. The papers cover broad research areas, including Web mining and data warehouse, Deep Web and Web integration, P2P networks, text processing and information retrieval, as well as Web Services and Web infrastructure. After briefly introducing the WISA conference, the survey outlines the current activities and future trends concerning Web information systems and applications based on the papers accepted for publication.展开更多
Currently,the majority of institutions have made use of information technologies to improve and develop their diverse educational methods to attract more learners.Through information technologies,e-learning and learni...Currently,the majority of institutions have made use of information technologies to improve and develop their diverse educational methods to attract more learners.Through information technologies,e-learning and learning-on-the go have been adopted by the institutions to provide affordability and flexibility of educational services.Most of the educational institutes are offering online teaching classes using the technologies like cloud computing,networking,etc.Educational institutes have developed their e-learning platforms for the online learning process,through this way they have paved the way for distance learning.But e-learning platform has to face a lot of security challenges in terms of cyberattacks and data hacking through unauthorized access.Fog computing is one of the new technologies that facilitate control over access to big data,as it acts as a mediator between the cloud and the user to bring services closer and reduce their latency.This report presents the use of fog computing for the development of an e-learning platform.and introduced different algorithms to secure the data and information sharing through e-learning platforms.Moreover,this report provides a comparison among RSA,AES,and ECC algorithms for fog-enabled cybersecurity systems.These Algorithms are compared by developing them using python-based language program,in terms of encryption/decryption time,key generations techniques,and other features offered.In addition,we proposed to use a hybrid cryptography system of two types of encryption algorithms such as RSA with AES to fulfill the security,file size,and latency required for the communication between the fog and the e-learning system.we tested our proposed system and highlight the pros and cons of the Integrated Encryption Schemes by performing a testbed for e-learning website scenario using ASP.net and C#.展开更多
Based on the principle of information theory, a novel scheme of unequal-interval frequency-hopping (FH) systems was proposed. For cases of spectrum overlapping systems and non-overlapping systems, the implementation m...Based on the principle of information theory, a novel scheme of unequal-interval frequency-hopping (FH) systems was proposed. For cases of spectrum overlapping systems and non-overlapping systems, the implementation methods were presented and the security performances were discussed theoretically. Firstly, the definitions of absolute and relative key amounts of FH systems, equal-interval and unequal-interval FH systems were given. Then, the absolute key amount and relative key amount were analyzed for equal-interval and unequal-interval FH systems. The results indicated that the absolute key amount had become the key point in improving the security and secrecy of FH systems, especially in today's epoch of highly developed computer science and IC design technology. Theoretical analysis and practical examples showed that the absolute key amount of unequal-interval FH systems was generally over two orders larger than that of equal-interval ones when spectrum overlapping was allowable. Therefore, there was great superiority in enhancing the security and secrecy for the scheme mentioned.展开更多
This paper presents an in-depth understanding of Availability, which is one of the important pillars of Information Security and yet is not taken too seriously while talking about the security of an information system...This paper presents an in-depth understanding of Availability, which is one of the important pillars of Information Security and yet is not taken too seriously while talking about the security of an information system. The paper highlights the importance of Availability w.r.t. Security of information and the other attributes of security and also gives a realistic shape to the existing CIA triad security model. An in-depth understanding of the various factors that can impact the Availability of an information system (Software, Hardware and Network) is given. The paper also gives a categorization of the type of Availability that a system can have. The paper also explains the relation between Availability and other security attributes and also explains through what issues an information system may go while providing Availability.展开更多
Hyper-connectivity in Industry 4.0 has resulted in not only a rapid increase in the amount of information,but also the expansion of areas and assets to be protected.In terms of information security,it has led to an en...Hyper-connectivity in Industry 4.0 has resulted in not only a rapid increase in the amount of information,but also the expansion of areas and assets to be protected.In terms of information security,it has led to an enormous economic cost due to the various and numerous security solutions used in protecting the increased assets.Also,it has caused difficulties in managing those issues due to reasons such as mutual interference,countless security events and logs’data,etc.Within this security environment,an organization should identify and classify assets based on the value of data and their security perspective,and then apply appropriate protection measures according to the assets’security classification for effective security management.But there are still difficulties stemming from the need to manage numerous security solutions in order to protect the classified assets.In this paper,we propose an information classification management service based on blockchain,which presents and uses a model of the value of data and the security perspective.It records transactions of classifying assets and managing assets by each class in a distributed ledger of blockchain.The proposed service reduces assets to be protected and security solutions to be applied,and provides security measures at the platform level rather than individual security solutions,by using blockchain.In the rapidly changing security environment of Industry 4.0,this proposed service enables economic security,provides a new integrated security platform,and demonstrates service value.展开更多
This paper proposes a redundant network communication structure for the patient integrated circuit(IC)card payment system in a hospital information system(HIS),compares it with the network structure of normal hospital...This paper proposes a redundant network communication structure for the patient integrated circuit(IC)card payment system in a hospital information system(HIS),compares it with the network structure of normal hospital IC card system,and calculates the reliabilities of the related communications like the RS485communication and the Ethernet communication.The new structure can efectively promote the reliability of the hospital operation and ensure the payment collection when the Ethernet network is broken.The system is applied to a local hospital and the cost-performance rate is satisfactory during the application.展开更多
随着大数据时代的来临,以大数据为基础的云计算技术在社会各个领域得到了越来越多的应用,对社会各领域的发展起到了巨大的推进作用。信息安全技术极大地提高了医院的工作效率,也是医院信息安全工作的重要方法。近几年,随着医疗制度的不...随着大数据时代的来临,以大数据为基础的云计算技术在社会各个领域得到了越来越多的应用,对社会各领域的发展起到了巨大的推进作用。信息安全技术极大地提高了医院的工作效率,也是医院信息安全工作的重要方法。近几年,随着医疗制度的不断深入,医院的发展也面临着越来越多的挑战和机会。在医院日常信息安全技术中,统计信息的信息安全技术工作是非常重要的一环。它牵扯到了大量的用户数据,将会对医院未来的发展产生重大影响。但是,随着信息技术的发展,人类生活的方方面面都面临着信息安全的各种问题。在大数据环境下,如何提升网络环境中的信息安全水平,保证信息的安全传输和存储,这已成为当前研究的热点问题。通过对医院信息系统(Hospital Information System,HIS)存在的安全隐患和目前HIS的信息安全技术状况进行分析,提出了HIS的安全保障措施,以确保HIS系统稳定、高效、安全地运行。展开更多
随着信息化与工业化的融合不断加深,工业控制系统中信息域与物理域交叉部分越来越多,传统信息系统的网络攻击会威胁工业控制系统网络。传统的工业控制系统安全评估方法只考虑功能安全的风险,而忽略了信息安全风险对功能安全的影响。文...随着信息化与工业化的融合不断加深,工业控制系统中信息域与物理域交叉部分越来越多,传统信息系统的网络攻击会威胁工业控制系统网络。传统的工业控制系统安全评估方法只考虑功能安全的风险,而忽略了信息安全风险对功能安全的影响。文中提出一种基于改进petri网的工业控制系统功能安全和信息安全一体化风险建模方法(Safety and Security Petri Net Risk Assessment,SSPN-RA),其中包括一体化风险识别、一体化风险分析、一体化风险评估3个步骤。所提方法首先识别并抽象化工业控制系统中的功能安全与信息安全数据,然后在风险分析过程中通过构造结合Kill Chain的petri网模型,分析出功能安全与信息安全中所存在的协同攻击路径,对petri网中功能安全与信息安全节点进行量化。同时,通过安全事件可能性以及其造成的各类损失计算出风险值,实现对工业控制系统的一体化风险评估。在开源的仿真化工工业控制系统下验证该方法的可行性,并与功能安全故障树分析和信息安全攻击树分析进行对比。实验结果表明,所提方法能够定量地得到工业控制系统的风险值,同时也解决了功能安全与信息安全单一领域分析无法识别的信息物理协同攻击和安全风险问题。展开更多
文摘Introduction: Integrated Hospital Information System (HIS) is vital to decision making and plays a crucial role in the success of the organization. Computerization of the medical records and documentation has resulted in efficient data management and information dissemination for the users. Hospital Information System addresses the entire major functional areas of modern multi-specialty hospitals. The package enables improved patient care, patient safety, efficiency and reduced costs. It provides easy access to critical information, thereby enabling management to make better decisions on time. Aims: The short-term objectives of the on-line computerized system are to reduce costs and improve the accuracy and timeliness of patient care, accounting and administration, record keeping, and management reporting. The long-term goal is to build and maintain patient database for analysis of data to facilitate decision-making process. Methods: To run the system it requires some Hardware & Database for IT Department. The technique involves Patient Registration System, Finance & Accounts, Human Resource Management System, Laboratory, Out Patient Management System, and Inpatient Management System. Results: In the mid seventies, a complex was established at Shahbag area in the name of Bangladesh Institute of Research and Rehabilitation in Diabetes, Endocrine and Metabolic Disorders (BIRDEM). From 1982 BIRDEM was designated as the WHO collaborating centre for research on prevention and control of diabetes. It is first of its kind outside Europe. Now from 2000 BIRDEM has successfull developed & implemented some crucial part of HIS System like Patient Admission & Billing System, Finanace & Account System, Human Resourse Management & Payroll System, Store Inventory & Procurement Management System, Labrotary Management System, Assets Management System, Radiology & Imaging Management System. Conclusions: It can thus be seen that deploying IT can help the medical profession in improving its quality of service and thus automatically increasing the preparedness and defensiveness. Of course, it is of vital importance that the software must have the right type of modularity and openness so that it is manageable, maintainable and upgradeable. They can perform the complex task of matching, tabulating, calculating, retrieving, printing and securing the data as required. Well designed, integrated computer system can be a great tool in the hands of the hospital management in improving services, controlling cost, and ensuring optimal utilization of facilities.
文摘The fourth international conference on Web information systems and applications (WISA 2007) has received 409 submissions and has accepted 37 papers for publication in this issue. The papers cover broad research areas, including Web mining and data warehouse, Deep Web and Web integration, P2P networks, text processing and information retrieval, as well as Web Services and Web infrastructure. After briefly introducing the WISA conference, the survey outlines the current activities and future trends concerning Web information systems and applications based on the papers accepted for publication.
基金This work was supported at Taif University by TRUSP(2020/150).
文摘Currently,the majority of institutions have made use of information technologies to improve and develop their diverse educational methods to attract more learners.Through information technologies,e-learning and learning-on-the go have been adopted by the institutions to provide affordability and flexibility of educational services.Most of the educational institutes are offering online teaching classes using the technologies like cloud computing,networking,etc.Educational institutes have developed their e-learning platforms for the online learning process,through this way they have paved the way for distance learning.But e-learning platform has to face a lot of security challenges in terms of cyberattacks and data hacking through unauthorized access.Fog computing is one of the new technologies that facilitate control over access to big data,as it acts as a mediator between the cloud and the user to bring services closer and reduce their latency.This report presents the use of fog computing for the development of an e-learning platform.and introduced different algorithms to secure the data and information sharing through e-learning platforms.Moreover,this report provides a comparison among RSA,AES,and ECC algorithms for fog-enabled cybersecurity systems.These Algorithms are compared by developing them using python-based language program,in terms of encryption/decryption time,key generations techniques,and other features offered.In addition,we proposed to use a hybrid cryptography system of two types of encryption algorithms such as RSA with AES to fulfill the security,file size,and latency required for the communication between the fog and the e-learning system.we tested our proposed system and highlight the pros and cons of the Integrated Encryption Schemes by performing a testbed for e-learning website scenario using ASP.net and C#.
文摘Based on the principle of information theory, a novel scheme of unequal-interval frequency-hopping (FH) systems was proposed. For cases of spectrum overlapping systems and non-overlapping systems, the implementation methods were presented and the security performances were discussed theoretically. Firstly, the definitions of absolute and relative key amounts of FH systems, equal-interval and unequal-interval FH systems were given. Then, the absolute key amount and relative key amount were analyzed for equal-interval and unequal-interval FH systems. The results indicated that the absolute key amount had become the key point in improving the security and secrecy of FH systems, especially in today's epoch of highly developed computer science and IC design technology. Theoretical analysis and practical examples showed that the absolute key amount of unequal-interval FH systems was generally over two orders larger than that of equal-interval ones when spectrum overlapping was allowable. Therefore, there was great superiority in enhancing the security and secrecy for the scheme mentioned.
文摘This paper presents an in-depth understanding of Availability, which is one of the important pillars of Information Security and yet is not taken too seriously while talking about the security of an information system. The paper highlights the importance of Availability w.r.t. Security of information and the other attributes of security and also gives a realistic shape to the existing CIA triad security model. An in-depth understanding of the various factors that can impact the Availability of an information system (Software, Hardware and Network) is given. The paper also gives a categorization of the type of Availability that a system can have. The paper also explains the relation between Availability and other security attributes and also explains through what issues an information system may go while providing Availability.
基金supported by the MSIT(Ministry of Science and ICT),Korea,under the ITRC(Information Technology Research Center)support program(IITP-2020-2018-0-01799)supervised by the IITP(Institute for Information&communications Technology Planning&Evaluation).
文摘Hyper-connectivity in Industry 4.0 has resulted in not only a rapid increase in the amount of information,but also the expansion of areas and assets to be protected.In terms of information security,it has led to an enormous economic cost due to the various and numerous security solutions used in protecting the increased assets.Also,it has caused difficulties in managing those issues due to reasons such as mutual interference,countless security events and logs’data,etc.Within this security environment,an organization should identify and classify assets based on the value of data and their security perspective,and then apply appropriate protection measures according to the assets’security classification for effective security management.But there are still difficulties stemming from the need to manage numerous security solutions in order to protect the classified assets.In this paper,we propose an information classification management service based on blockchain,which presents and uses a model of the value of data and the security perspective.It records transactions of classifying assets and managing assets by each class in a distributed ledger of blockchain.The proposed service reduces assets to be protected and security solutions to be applied,and provides security measures at the platform level rather than individual security solutions,by using blockchain.In the rapidly changing security environment of Industry 4.0,this proposed service enables economic security,provides a new integrated security platform,and demonstrates service value.
基金the National Natural Science Foundation of China(No.81170507)the Project of Shanghai Committee of Science and Technology(Nos.11140903700 and 12142201200)
文摘This paper proposes a redundant network communication structure for the patient integrated circuit(IC)card payment system in a hospital information system(HIS),compares it with the network structure of normal hospital IC card system,and calculates the reliabilities of the related communications like the RS485communication and the Ethernet communication.The new structure can efectively promote the reliability of the hospital operation and ensure the payment collection when the Ethernet network is broken.The system is applied to a local hospital and the cost-performance rate is satisfactory during the application.
文摘随着大数据时代的来临,以大数据为基础的云计算技术在社会各个领域得到了越来越多的应用,对社会各领域的发展起到了巨大的推进作用。信息安全技术极大地提高了医院的工作效率,也是医院信息安全工作的重要方法。近几年,随着医疗制度的不断深入,医院的发展也面临着越来越多的挑战和机会。在医院日常信息安全技术中,统计信息的信息安全技术工作是非常重要的一环。它牵扯到了大量的用户数据,将会对医院未来的发展产生重大影响。但是,随着信息技术的发展,人类生活的方方面面都面临着信息安全的各种问题。在大数据环境下,如何提升网络环境中的信息安全水平,保证信息的安全传输和存储,这已成为当前研究的热点问题。通过对医院信息系统(Hospital Information System,HIS)存在的安全隐患和目前HIS的信息安全技术状况进行分析,提出了HIS的安全保障措施,以确保HIS系统稳定、高效、安全地运行。
文摘随着信息化与工业化的融合不断加深,工业控制系统中信息域与物理域交叉部分越来越多,传统信息系统的网络攻击会威胁工业控制系统网络。传统的工业控制系统安全评估方法只考虑功能安全的风险,而忽略了信息安全风险对功能安全的影响。文中提出一种基于改进petri网的工业控制系统功能安全和信息安全一体化风险建模方法(Safety and Security Petri Net Risk Assessment,SSPN-RA),其中包括一体化风险识别、一体化风险分析、一体化风险评估3个步骤。所提方法首先识别并抽象化工业控制系统中的功能安全与信息安全数据,然后在风险分析过程中通过构造结合Kill Chain的petri网模型,分析出功能安全与信息安全中所存在的协同攻击路径,对petri网中功能安全与信息安全节点进行量化。同时,通过安全事件可能性以及其造成的各类损失计算出风险值,实现对工业控制系统的一体化风险评估。在开源的仿真化工工业控制系统下验证该方法的可行性,并与功能安全故障树分析和信息安全攻击树分析进行对比。实验结果表明,所提方法能够定量地得到工业控制系统的风险值,同时也解决了功能安全与信息安全单一领域分析无法识别的信息物理协同攻击和安全风险问题。
