Covert channels are not new in computing systems, and have been studied since their first definition four decades ago. New platforms invoke thorough investigations to assess their security. Now is the time for Android platform to analyze its security model, in particular the two key principles: process-isolation and the permissions system. Aside from all sorts of malware, one threat proved intractable by current protection solutions, that is, collusion attacks involving two applications communicating over covert channels. Still no universal solution can countermeasure this sort of attack unless the covert channels are known. This paper is an attempt to reveal a new covert channel, not only being specific to smartphones, but also exploiting an unusual resource as a vehicle to carry covert information: sensors data. Accelerometers generate signals that reflect user motions, and malware applications can apparently only read their data. However, if the vibration motor on the device is used properly, programmatically produced vibration patterns can encode stolen data and hence an application can cause discernible effects on acceleration data to be received and decoded by another application. Our evaluations confirmed a real threat where strings of tens of characters could be transmitted errorless if the throughput is reduced to around 2.5-5 bps. The proposed covert channel is very stealthy as no unusual permissions are required and there is no explicit communication between the colluding applications.
A new computational approach for the determination of 2,2-diphenyl-1-picrylhydrazyl free radical scavenging activity (DPPH-RSA) in food is reported, based on the concept of machine learning. Trolox standard was mix with DPPH at different concentrations to produce different colors from purple to yellow. Artificial neural network (ANN) was trained on a typical set of images of the DPPH radical reacting with different levels of Trolox. This allowed the neural network to classify future images of any sample into the correct class of RSA level. The ANN was then able to determine the DPPH-RSA of cinnamon, clove, mung bean, red bean, red rice, brown rice, black rice and tea extract and the results were compared with data obtained using a spectrophotometer. The application of ANN correlated well to the spectrophotometric classical procedure and thus do not require the use of spectrophotometer, and it could be used to obtain semi-quantitative results of DPPH-RSA.
Evaluating and selecting software packages that meet the requirements of an organization are difficult aspects of software engineering process. Selecting the wrong open-source EMR software package can be costly and may adversely affect business processes and functioning of the organization. This study aims to evaluate and select open-source EMR software packages based on multi-criteria decision-making. A hands-on study was performed and a set of open-source EMR software packages were implemented locally on separate virtual machines to examine the systems more closely. Several measures as evaluation basis were specified, and the systems were selected based a set of metric outcomes using Integrated Analytic Hierarchy Process (AHP) and TOPSIS. The experimental results showed that GNUmed and OpenEMR software can provide better basis on ranking score records than other open-source EMR software packages.
To survey researchers' efforts in response to the new and disruptive technology of smartphone medical apps, mapping the research landscape form the literature into a coherent taxonomy, and finding out basic characteristics of this emerging field represented on: motivation of using smartphone apps in medicine and healthcare, open challenges that hinder the utility, and the recommendations to improve the acceptance and use of medical apps in the literature.
Nationwide health information exchange (NHIE) continues to be a persistent concern for government agencies, despite the many efforts and the conceived benefits of sharing patient data among healthcare providers. Difficulties in ensuring global connectivity, interoperability, and concerns on security have always hampered the government from successfully deploying NHIE. By looking at NHIE from a fresh perspective and bearing in mind the pervasiveness and power of modern mobile platforms, this paper proposes a new approach to NHIE that builds on the notion of consumer-mediated HIE, albeit without the focus on central health record banks. With the growing acceptance of smartphones as reliable, indispensable, and most personal devices, we suggest to leverage the concept of mobile personal health records (PHRs installed on smartphones) to the next level. We envision mPHRs that take the form of distributed storage units for health information, under the full control and direct possession of patients, who can have ready access to their personal data whenever needed. However, for the actual exchange of data with health information systems managed by healthcare providers, the latter have to be interoperable with patient-carried mPHRs. Computer industry has long ago solved a similar problem of interoperability between peripheral devices and operating systems. We borrow from that solution the idea of providing special interfaces between mPHRs and provider systems. This interface enables the two entities to communicate with no change to either end. The design and operation of the proposed approach is explained. Additional pointers on potential implementations are provided, and issues that pertain to any solution to implement NHIE are discussed.