Displaying publications 1 - 20 of 88 in total

Abstract:
Sort:
  1. Goh A
    PMID: 10724956
    In this paper, we present a Java-based framework for the processing, storage and delivery of Electronic Medical Records (EMR). The choice of Java as a developmental and operational environment ensures operability over a wide-range of client-side platforms, with our on-going work emphasising migration towards Extensible Markup Language (XML) capable Web browser clients. Telemedicine in support of womb-to-tomb healthcare as articulated by the Multimedia Supercorridor (MSC) Telemedicine initiative--which motivated this project--will require high-volume data exchange over an insecure public-access Wide Area Network (WAN), thereby requiring a hybrid cryptosystem with both symmetric and asymmetric components. Our prototype framework features a pre-transaction authentication and key negotiation sequence which can be readily modified for client-side environments ranging from Web browsers without local storage capability to workstations with serial connectivity to a tamper-proof device, and also for point-to-multipoint transaction processes.
    Matched MeSH terms: Computer Security*
  2. Goh A
    Stud Health Technol Inform, 2000;77:1069-73.
    PMID: 11187485
    Multiparty transactional frameworks--i.e. Electronic Data Interchange (EDI) or Health Level (HL) 7--often result in composite documents which can be accurately modelled using hyperlinked document-objects. The structural complexity arising from multiauthor involvement and transaction-specific sequencing would be poorly handled by conventional digital signature schemes based on a single evaluation of a one-way hash function and asymmetric cryptography. In this paper we outline the generation of structure-specific authentication hash-trees for the the authentication of transactional document-objects, followed by asymmetric signature generation on the hash-tree value. Server-side multi-client signature verification would probably constitute the single most compute-intensive task, hence the motivation for our usage of the Rabin signature protocol which results in significantly reduced verification workloads compared to the more commonly applied Rivest-Shamir-Adleman (RSA) protocol. Data privacy is handled via symmetric encryption of message traffic using session-specific keys obtained through key-negotiation mechanisms based on discrete-logarithm cryptography. Individual client-to-server channels can be secured using a double key-pair variation of Diffie-Hellman (DH) key negotiation, usage of which also enables bidirectional node authentication. The reciprocal server-to-client multicast channel is secured through Burmester-Desmedt (BD) key-negotiation which enjoys significant advantages over the usual multiparty extensions to the DH protocol. The implementation of hash-tree signatures and bi/multidirectional key negotiation results in a comprehensive cryptographic framework for multiparty document-objects satisfying both authentication and data privacy requirements.
    Matched MeSH terms: Computer Security*
  3. Mohan J, Razali Raja Yaacob R
    Int J Med Inform, 2004 Mar 31;73(3):217-27.
    PMID: 15066550
    Telehealth refers to the integration of information, telecommunication, human-machine interface technologies and health technologies to deliver health care, to promote the heath status of the people and to create health. The Malaysian Telehealth Application will, on completion, provide every resident of the country an electronic Lifetime Health Record (LHR) and Lifetime Health Plan (LHP). He or she will also hold a smart card that will contain a subset of the data in the Lifetime Health Record. These will be the means by which Malaysians will receive "seamless continuous quality care" across a range of health facilities and health care providers, and by which Malaysia's health goal of a nation of "healthy individuals, families and communities" is achieved. The challenges to security and privacy in providing access to an electronic Lifetime Health Record at private and government health facilities and to the electronic Lifetime Health Plan at homes of consumers require not only technical mechanisms but also national policies and practices addressing threats while facilitating access to health data during health encounters in different care settings. Organisational policies establish the goals that technical mechanisms serve. They should outline appropriate uses and access to information, create mechanisms for preventing and detecting violations, and set sanctions for violations. Some interesting innovations have been used to address these issues against the background of the launching of the multimedia supercorridor (MSC) in Malaysia.
    Matched MeSH terms: Computer Security*
  4. Teoh AB, Goh A, Ngo DC
    IEEE Trans Pattern Anal Mach Intell, 2006 Dec;28(12):1892-901.
    PMID: 17108365
    Biometric analysis for identity verification is becoming a widespread reality. Such implementations necessitate large-scale capture and storage of biometric data, which raises serious issues in terms of data privacy and (if such data is compromised) identity theft. These problems stem from the essential permanence of biometric data, which (unlike secret passwords or physical tokens) cannot be refreshed or reissued if compromised. Our previously presented biometric-hash framework prescribes the integration of external (password or token-derived) randomness with user-specific biometrics, resulting in bitstring outputs with security characteristics (i.e., noninvertibility) comparable to cryptographic ciphers or hashes. The resultant BioHashes are hence cancellable, i.e., straightforwardly revoked and reissued (via refreshed password or reissued token) if compromised. BioHashing furthermore enhances recognition effectiveness, which is explained in this paper as arising from the Random Multispace Quantization (RMQ) of biometric and external random inputs.
    Matched MeSH terms: Computer Security*
  5. Sudha R, Thiagarajan AS, Seetharaman A
    Pak J Biol Sci, 2007 Jan 01;10(1):102-6.
    PMID: 19069993
    The existing literatures highlights that the security is the primary factor which determines the adoption of Internet banking technology. The secondary information on Internet banking development in Malaysia shows a very slow growth rate. Hence, this study aims to study the banking customers perception towards security concern and Internet banking adoption through the information collected from 150 sample respondents. The data analysis reveals that the customers have much concern about security and privacy issue in adoption of Internet banking, whether the customers are adopted Internet banking or not. Hence, it infers that to popularize Internet banking system there is a need for improvement in security and privacy issue among the banking customers.
    Matched MeSH terms: Computer Security*
  6. Zain JM, Fauzi AM
    Conf Proc IEEE Eng Med Biol Soc, 2007 10 20;2006:3270-3.
    PMID: 17945763
    This paper discussed security of medical images and reviewed some work done regarding them. A fragile watermarking scheme was then proposed that could detect tamper and subsequently recover the image. Our scheme required a secret key and a public chaotic mixing algorithm to embed and recover a tampered image. The scheme was also resilient to VQ attack. The purposes were to verify the integrity and authenticity of medical images. We used 800 x 600 x 8 bits ultrasound (US) greyscale images in our experiment. We tested our algorithm for up to 50% tampered block and obtained 100% recovery for spread-tampered block.
    Matched MeSH terms: Computer Security
  7. Zain JM, Fauzi AM, Aziz AA
    Conf Proc IEEE Eng Med Biol Soc, 2007 10 20;2006:5459-62.
    PMID: 17946306
    Digital watermarking medical images provides security to the images. The purpose of this study was to see whether digitally watermarked images changed clinical diagnoses when assessed by radiologists. We embedded 256 bits watermark to various medical images in the region of non-interest (RONI) and 480K bits in both region of interest (ROI) and RONI. Our results showed that watermarking medical images did not alter clinical diagnoses. In addition, there was no difference in image quality when visually assessed by the medical radiologists. We therefore concluded that digital watermarking medical images were safe in terms of preserving image quality for clinical purposes.
    Matched MeSH terms: Computer Security
  8. Zain JM, Fauzi AR
    PMID: 18003297
    This paper will study and evaluate watermarking technique by Zain and Fauzi [1]. Recommendations will then be made to enhance the technique especially in the aspect of recovery or reconstruction rate for medical images. A proposal will also be made for a better distribution of watermark to minimize the distortion of the Region of Interest (ROI). The final proposal will enhance AW-TDR in three aspects; firstly the image quality in the ROI will be improved as the maximum change is only 2 bits in every 4 pixels, or embedding rate of 0.5 bits/pixel. Secondly the recovery rate will also be better since the recovery bits are located outside the region of interest. The disadvantage in this is that, only manipulation done in the ROI will be detected. Thirdly the quality of the reconstructed image will be enhanced since the average of 2 x 2 pixels would be used to reconstruct the tampered image.
    Matched MeSH terms: Computer Security*
  9. Samy GN, Ahmad R, Ismail Z
    Health Informatics J, 2010 Sep;16(3):201-9.
    PMID: 20889850 DOI: 10.1177/1460458210377468
    This article attempts to investigate the various types of threats that exist in healthcare information systems (HIS). A study has been carried out in one of the government-supported hospitals in Malaysia.The hospital has been equipped with a Total Hospital Information System (THIS). The data collected were from three different departments, namely the Information Technology Department (ITD), the Medical Record Department (MRD), and the X-Ray Department, using in-depth structured interviews. The study identified 22 types of threats according to major threat categories based on ISO/IEC 27002 (ISO 27799:2008). The results show that the most critical threat for the THIS is power failure followed by acts of human error or failure and other technological factors. This research holds significant value in terms of providing a complete taxonomy of threat categories in HIS and also an important component in the risk analysis stage.
    Matched MeSH terms: Computer Security*
  10. Al-Qershi OM, Khoo BE
    J Digit Imaging, 2011 Feb;24(1):114-25.
    PMID: 19937363 DOI: 10.1007/s10278-009-9253-1
    Authenticating medical images using watermarking techniques has become a very popular area of research, and some works in this area have been reported worldwide recently. Besides authentication, many data-hiding techniques have been proposed to conceal patient's data into medical images aiming to reduce the cost needed to store data and the time needed to transmit data when required. In this paper, we present a new hybrid watermarking scheme for DICOM images. In our scheme, two well-known techniques are combined to gain the advantages of both and fulfill the requirements of authentication and data hiding. The scheme divides the images into two parts, the region of interest (ROI) and the region of non-interest (RONI). Patient's data are embedded into ROI using a reversible technique based on difference expansion, while tamper detection and recovery data are embedded into RONI using a robust technique based on discrete wavelet transform. The experimental results show the ability of hiding patient's data with a very good visual quality, while ROI, the most important area for diagnosis, is retrieved exactly at the receiver side. The scheme also shows some robustness against certain levels of salt and pepper and cropping noise.
    Matched MeSH terms: Computer Security*
  11. Hilyatihanina Zazali, Wan Ainun Mior Othman
    Sains Malaysiana, 2012;41:907-910.
    In this paper, we presented a new key exchange method based on decomposition problem for elliptic curve cryptography. We showed that our key exchange method was not only an alternative method for designing keys in cryptography, but it also has improved security condition from the previous key exchange based on decomposition problem over noncommutative groups. We proposed elliptic an curve cryptography to be the new platform for our key exchange protocol and showed how it was implemented. The security of our protocol was based on discrete logarithm problem, which was not infeasible and strictly difficult to retrieve in elliptic curve cryptography without any prior knowledge.
    Matched MeSH terms: Computer Security
  12. Liew SC, Liew SW, Zain JM
    J Digit Imaging, 2013 Apr;26(2):316-25.
    PMID: 22555905 DOI: 10.1007/s10278-012-9484-4
    Tamper localization and recovery watermarking scheme can be used to detect manipulation and recover tampered images. In this paper, a tamper localization and lossless recovery scheme that used region of interest (ROI) segmentation and multilevel authentication was proposed. The watermarked images had a high average peak signal-to-noise ratio of 48.7 dB and the results showed that tampering was successfully localized and tampered area was exactly recovered. The usage of ROI segmentation and multilevel authentication had significantly reduced the time taken by approximately 50 % for the tamper localization and recovery processing.
    Matched MeSH terms: Computer Security
  13. Tan CH, Teh YW
    J Med Syst, 2013 Aug;37(4):9950.
    PMID: 23709190 DOI: 10.1007/s10916-013-9950-7
    The main obstacles in mass adoption of cloud computing for database operations in healthcare organization are the data security and privacy issues. In this paper, it is shown that IT services particularly in hardware performance evaluation in virtual machine can be accomplished effectively without IT personnel gaining access to actual data for diagnostic and remediation purposes. The proposed mechanisms utilized the hypothetical data from TPC-H benchmark, to achieve 2 objectives. First, the underlying hardware performance and consistency is monitored via a control system, which is constructed using TPC-H queries. Second, the mechanism to construct stress-testing scenario is envisaged in the host, using a single or combination of TPC-H queries, so that the resource threshold point can be verified, if the virtual machine is still capable of serving critical transactions at this constraining juncture. This threshold point uses server run queue size as input parameter, and it serves 2 purposes: It provides the boundary threshold to the control system, so that periodic learning of the synthetic data sets for performance evaluation does not reach the host's constraint level. Secondly, when the host undergoes hardware change, stress-testing scenarios are simulated in the host by loading up to this resource threshold level, for subsequent response time verification from real and critical transactions.
    Matched MeSH terms: Computer Security*
  14. Kiah ML, Nabi MS, Zaidan BB, Zaidan AA
    J Med Syst, 2013 Oct;37(5):9971.
    PMID: 24037086 DOI: 10.1007/s10916-013-9971-2
    This study aims to provide security solutions for implementing electronic medical records (EMRs). E-Health organizations could utilize the proposed method and implement recommended solutions in medical/health systems. Majority of the required security features of EMRs were noted. The methods used were tested against each of these security features. In implementing the system, the combination that satisfied all of the security features of EMRs was selected. Secure implementation and management of EMRs facilitate the safeguarding of the confidentiality, integrity, and availability of e-health organization systems. Health practitioners, patients, and visitors can use the information system facilities safely and with confidence anytime and anywhere. After critically reviewing security and data transmission methods, a new hybrid method was proposed to be implemented on EMR systems. This method will enhance the robustness, security, and integration of EMR systems. The hybrid of simple object access protocol/extensible markup language (XML) with advanced encryption standard and secure hash algorithm version 1 has achieved the security requirements of an EMR system with the capability of integrating with other systems through the design of XML messages.
    Matched MeSH terms: Computer Security
  15. Yau WC, Phan RC
    J Med Syst, 2013 Dec;37(6):9993.
    PMID: 24194093 DOI: 10.1007/s10916-013-9993-9
    Many authentication schemes have been proposed for telecare medicine information systems (TMIS) to ensure the privacy, integrity, and availability of patient records. These schemes are crucial for TMIS systems because otherwise patients' medical records become susceptible to tampering thus hampering diagnosis or private medical conditions of patients could be disclosed to parties who do not have a right to access such information. Very recently, Hao et al. proposed a chaotic map-based authentication scheme for telecare medicine information systems in a recent issue of Journal of Medical Systems. They claimed that the authentication scheme can withstand various attacks and it is secure to be used in TMIS. In this paper, we show that this authentication scheme is vulnerable to key-compromise impersonation attacks, off-line password guessing attacks upon compromising of a smart card, and parallel session attacks. We also exploit weaknesses in the password change phase of the scheme to mount a denial-of-service attack. Our results show that this scheme cannot be used to provide security in a telecare medicine information system.
    Matched MeSH terms: Computer Security/standards*
  16. Ratnam KA, Dominic PD, Ramayah T
    J Med Syst, 2014 Aug;38(8):82.
    PMID: 24957398 DOI: 10.1007/s10916-014-0082-5
    The investments and costs of infrastructure, communication, medical-related equipments, and software within the global healthcare ecosystem portray a rather significant increase. The emergence of this proliferation is then expected to grow. As a result, information and cross-system communication became challenging due to the detached independent systems and subsystems which are not connected. The overall model fit expending over a sample size of 320 were tested with structural equation modelling (SEM) using AMOS 20.0 as the modelling tool. SPSS 20.0 is used to analyse the descriptive statistics and dimension reliability. Results of the study show that system utilisation and system impact dimension influences the overall level of services of the healthcare providers. In addition to that, the findings also suggest that systems integration and security plays a pivotal role for IT resources in healthcare organisations. Through this study, a basis for investigation on the need to improvise the Malaysian healthcare ecosystem and the introduction of a cloud computing platform to host the national healthcare information exchange has been successfully established.
    Matched MeSH terms: Computer Security
  17. Mat Kiah ML, Al-Bakri SH, Zaidan AA, Zaidan BB, Hussain M
    J Med Syst, 2014 Oct;38(10):133.
    PMID: 25199651 DOI: 10.1007/s10916-014-0133-y
    One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time.
    Matched MeSH terms: Computer Security*
  18. Mousavi SM, Naghsh A, Abu-Bakar SA
    J Digit Imaging, 2014 Dec;27(6):714-29.
    PMID: 24871349 DOI: 10.1007/s10278-014-9700-5
    The ever-growing numbers of medical digital images and the need to share them among specialists and hospitals for better and more accurate diagnosis require that patients' privacy be protected. As a result of this, there is a need for medical image watermarking (MIW). However, MIW needs to be performed with special care for two reasons. Firstly, the watermarking procedure cannot compromise the quality of the image. Secondly, confidential patient information embedded within the image should be flawlessly retrievable without risk of error after image decompressing. Despite extensive research undertaken in this area, there is still no method available to fulfill all the requirements of MIW. This paper aims to provide a useful survey on watermarking and offer a clear perspective for interested researchers by analyzing the strengths and weaknesses of different existing methods.
    Matched MeSH terms: Computer Security/standards*
  19. Tayan O, Kabir MN, Alginahi YM
    ScientificWorldJournal, 2014;2014:514652.
    PMID: 25254247 DOI: 10.1155/2014/514652
    This paper addresses the problems and threats associated with verification of integrity, proof of authenticity, tamper detection, and copyright protection for digital-text content. Such issues were largely addressed in the literature for images, audio, and video, with only a few papers addressing the challenge of sensitive plain-text media under known constraints. Specifically, with text as the predominant online communication medium, it becomes crucial that techniques are deployed to protect such information. A number of digital-signature, hashing, and watermarking schemes have been proposed that essentially bind source data or embed invisible data in a cover media to achieve its goal. While many such complex schemes with resource redundancies are sufficient in offline and less-sensitive texts, this paper proposes a hybrid approach based on zero-watermarking and digital-signature-like manipulations for sensitive text documents in order to achieve content originality and integrity verification without physically modifying the cover text in anyway. The proposed algorithm was implemented and shown to be robust against undetected content modifications and is capable of confirming proof of originality whilst detecting and locating deliberate/nondeliberate tampering. Additionally, enhancements in resource utilisation and reduced redundancies were achieved in comparison to traditional encryption-based approaches. Finally, analysis and remarks are made about the current state of the art, and future research issues are discussed under the given constraints.
    Matched MeSH terms: Computer Security/standards*
  20. Iranmanesh V, Ahmad SM, Adnan WA, Yussof S, Arigbabu OA, Malallah FL
    ScientificWorldJournal, 2014;2014:381469.
    PMID: 25133227 DOI: 10.1155/2014/381469
    One of the main difficulties in designing online signature verification (OSV) system is to find the most distinctive features with high discriminating capabilities for the verification, particularly, with regard to the high variability which is inherent in genuine handwritten signatures, coupled with the possibility of skilled forgeries having close resemblance to the original counterparts. In this paper, we proposed a systematic approach to online signature verification through the use of multilayer perceptron (MLP) on a subset of principal component analysis (PCA) features. The proposed approach illustrates a feature selection technique on the usually discarded information from PCA computation, which can be significant in attaining reduced error rates. The experiment is performed using 4000 signature samples from SIGMA database, which yielded a false acceptance rate (FAR) of 7.4% and a false rejection rate (FRR) of 6.4%.
    Matched MeSH terms: Computer Security*
Filters
Contact Us

Please provide feedback to Administrator (afdal@afpm.org.my)

External Links