Displaying publications 1 - 20 of 88 in total

Abstract:
Sort:
  1. Clinical evaluation of watermarked medical images
    Zain JM, Fauzi AM, Aziz AA
    Conf Proc IEEE Eng Med Biol Soc, 2007 10 20;2006:5459-62.
    PMID: 17946306
    Digital watermarking medical images provides security to the images. The purpose of this study was to see whether digitally watermarked images changed clinical diagnoses when assessed by radiologists. We embedded 256 bits watermark to various medical images in the region of non-interest (RONI) and 480K bits in both region of interest (ROI) and RONI. Our results showed that watermarking medical images did not alter clinical diagnoses. In addition, there was no difference in image quality when visually assessed by the medical radiologists. We therefore concluded that digital watermarking medical images were safe in terms of preserving image quality for clinical purposes.
    Matched MeSH terms: Computer Security
  2. A structural equation modeling approach for the adoption of cloud computing to enhance the Malaysian healthcare sector
    Ratnam KA, Dominic PD, Ramayah T
    J Med Syst, 2014 Aug;38(8):82.
    PMID: 24957398 DOI: 10.1007/s10916-014-0082-5
    The investments and costs of infrastructure, communication, medical-related equipments, and software within the global healthcare ecosystem portray a rather significant increase. The emergence of this proliferation is then expected to grow. As a result, information and cross-system communication became challenging due to the detached independent systems and subsystems which are not connected. The overall model fit expending over a sample size of 320 were tested with structural equation modelling (SEM) using AMOS 20.0 as the modelling tool. SPSS 20.0 is used to analyse the descriptive statistics and dimension reliability. Results of the study show that system utilisation and system impact dimension influences the overall level of services of the healthcare providers. In addition to that, the findings also suggest that systems integration and security plays a pivotal role for IT resources in healthcare organisations. Through this study, a basis for investigation on the need to improvise the Malaysian healthcare ecosystem and the introduction of a cloud computing platform to host the national healthcare information exchange has been successfully established.
    Matched MeSH terms: Computer Security
  3. Fulltext Tamper localization and lossless recovery watermarking scheme with ROI segmentation and multilevel authentication
    Liew SC, Liew SW, Zain JM
    J Digit Imaging, 2013 Apr;26(2):316-25.
    PMID: 22555905 DOI: 10.1007/s10278-012-9484-4
    Tamper localization and recovery watermarking scheme can be used to detect manipulation and recover tampered images. In this paper, a tamper localization and lossless recovery scheme that used region of interest (ROI) segmentation and multilevel authentication was proposed. The watermarked images had a high average peak signal-to-noise ratio of 48.7 dB and the results showed that tampering was successfully localized and tampered area was exactly recovered. The usage of ROI segmentation and multilevel authentication had significantly reduced the time taken by approximately 50 % for the tamper localization and recovery processing.
    Matched MeSH terms: Computer Security
  4. Systematic Review of Real-time Remote Health Monitoring System in Triage and Priority-Based Sensor Technology: Taxonomy, Open Challenges, Motivation and Recommendations
    Albahri OS, Albahri AS, Mohammed KI, Zaidan AA, Zaidan BB, Hashim M, et al.
    J Med Syst, 2018 Mar 22;42(5):80.
    PMID: 29564649 DOI: 10.1007/s10916-018-0943-4
    The new and ground-breaking real-time remote monitoring in triage and priority-based sensor technology used in telemedicine have significantly bounded and dispersed communication components. To examine these technologies and provide researchers with a clear vision of this area, we must first be aware of the utilised approaches and existing limitations in this line of research. To this end, an extensive search was conducted to find articles dealing with (a) telemedicine, (b) triage, (c) priority and (d) sensor; (e) comprehensively review related applications and establish the coherent taxonomy of these articles. ScienceDirect, IEEE Xplore and Web of Science databases were checked for articles on triage and priority-based sensor technology in telemedicine. The retrieved articles were filtered according to the type of telemedicine technology explored. A total of 150 articles were selected and classified into two categories. The first category includes reviews and surveys of triage and priority-based sensor technology in telemedicine. The second category includes articles on the three-tiered architecture of telemedicine. Tier 1 represents the users. Sensors acquire the vital signs of the users and send them to Tier 2, which is the personal gateway that uses local area network protocols or wireless body area network. Medical data are sent from Tier 2 to Tier 3, which is the healthcare provider in medical institutes. Then, the motivation for using triage and priority-based sensor technology in telemedicine, the issues related to the obstruction of its application and the development and utilisation of telemedicine are examined on the basis of the findings presented in the literature.
    Matched MeSH terms: Computer Security
  5. Fulltext Using telemedicine to support care for people with type 2 diabetes mellitus: a qualitative analysis of patients' perspectives
    Lee JY, Chan CKY, Chua SS, Paraidathathu T, Lee KK, Tan CSS, et al.
    BMJ Open, 2019 Oct 22;9(10):e026575.
    PMID: 31640990 DOI: 10.1136/bmjopen-2018-026575
    OBJECTIVE: Telemedicine has been promoted as an economical and effective way to enhance patient care, but its acceptance among patients in low-income and middle-income countries is poorly understood. This study is aimed to explore the experiences and perspectives of people with type 2 diabetes mellitus that used telemedicine to manage their condition.

    DESIGN: In-depth and focus group interviews were conducted with participants who have engaged in telemedicine. Questions included were participants' perception on the programme being used, satisfaction as well as engagement with the telemedicine programme. All interviews and focus groups were audio-recorded and transcribed verbatim. Data were analysed using a thematic approach.

    PARTICIPANTS AND SETTING: People with type 2 diabetes (n=48) who participated in a randomised controlled study which examined the use of telemedicine for diabetes management were recruited from 11 primary care clinics located within the Klang Valley.

    RESULTS: Twelve focus groups and two in-depth interviews were conducted. Four themes emerged from the analysis: (1) generational difference; (2) independence and convenience, (3) sharing of health data and privacy and (4) concerns and challenges. The main obstacles found in patients using the telemedicine systems were related to internet connectivity and difficulties experienced with system interface. Cost was also another significant concern raised by participants. Participants in this study were primarily positive about the benefits of telemedicine, including its ability to provide real-time data and disease monitoring and the reduction in clinic visits.

    CONCLUSION: Despite the potential benefits of telemedicine in the long-term care of diabetes, there are several perceived barriers that may limit the effectiveness of this technology. As such, collaboration between educators, healthcare providers, telecommunication service providers and patients are required to stimulate the adoption and the use of telemedicine.NCT0246680.

    Matched MeSH terms: Computer Security
  6. Determinants of RFID adoption in Malaysia's healthcare industry: occupational level as a moderator
    Zailani S, Iranmanesh M, Nikbin D, Beng JK
    J Med Syst, 2015 Jan;39(1):172.
    PMID: 25503418 DOI: 10.1007/s10916-014-0172-4
    With today's highly competitive market in the healthcare industry, Radio Frequency Identification (RFID) is a technology that can be applied by hospitals to improve operational efficiency and to gain a competitive advantage over their competitors. The purpose of this study is to investigate the factors that may effect RFID adoption in Malaysia's healthcare industry. In addition, the moderating role of occupational level was tested. Data was collected from 223 managers as well as healthcare and supporting staffs. This data was analyzed using the partial least squares technique. The results show that perceived ease of use and usefulness, government policy, top management support, and security and privacy concerns have an effect on the intent to adopt RFID in hospitals. There is a wide gap between managers and healthcare staff in terms of the factors that influence RFID adoption. The results of this study will help decision makers as well as managers in the healthcare industry to better understand the determinants of RFID adoption. Additionally, it will assist in the process of RFID adoption, and therefore, spread the usage of RFID technology in more hospitals.
    Matched MeSH terms: Computer Security
  7. A security framework for nationwide health information exchange based on telehealth strategy
    Zaidan BB, Haiqi A, Zaidan AA, Abdulnabi M, Kiah ML, Muzamel H
    J Med Syst, 2015 May;39(5):51.
    PMID: 25732083 DOI: 10.1007/s10916-015-0235-1
    This study focuses on the situation of health information exchange (HIE) in the context of a nationwide network. It aims to create a security framework that can be implemented to ensure the safe transmission of health information across the boundaries of care providers in Malaysia and other countries. First, a critique of the major elements of nationwide health information networks is presented from the perspective of security, along with such topics as the importance of HIE, issues, and main approaches. Second, a systematic evaluation is conducted on the security solutions that can be utilized in the proposed nationwide network. Finally, a secure framework for health information transmission is proposed within a central cloud-based model, which is compatible with the Malaysian telehealth strategy. The outcome of this analysis indicates that a complete security framework for a global structure of HIE is yet to be defined and implemented. Our proposed framework represents such an endeavor and suggests specific techniques to achieve this goal.
    Matched MeSH terms: Computer Security
  8. Medical image watermarking with tamper detection and recovery
    Zain JM, Fauzi AM
    Conf Proc IEEE Eng Med Biol Soc, 2007 10 20;2006:3270-3.
    PMID: 17945763
    This paper discussed security of medical images and reviewed some work done regarding them. A fragile watermarking scheme was then proposed that could detect tamper and subsequently recover the image. Our scheme required a secret key and a public chaotic mixing algorithm to embed and recover a tampered image. The scheme was also resilient to VQ attack. The purposes were to verify the integrity and authenticity of medical images. We used 800 x 600 x 8 bits ultrasound (US) greyscale images in our experiment. We tested our algorithm for up to 50% tampered block and obtained 100% recovery for spread-tampered block.
    Matched MeSH terms: Computer Security
  9. Fulltext Invariant domain watermarking using heaviside function of order alpha and fractional Gaussian field
    Abbasi A, Woo CS, Ibrahim RW, Islam S
    PLoS One, 2015;10(4):e0123427.
    PMID: 25884854 DOI: 10.1371/journal.pone.0123427
    Digital image watermarking is an important technique for the authentication of multimedia content and copyright protection. Conventional digital image watermarking techniques are often vulnerable to geometric distortions such as Rotation, Scaling, and Translation (RST). These distortions desynchronize the watermark information embedded in an image and thus disable watermark detection. To solve this problem, we propose an RST invariant domain watermarking technique based on fractional calculus. We have constructed a domain using Heaviside function of order alpha (HFOA). The HFOA models the signal as a polynomial for watermark embedding. The watermark is embedded in all the coefficients of the image. We have also constructed a fractional variance formula using fractional Gaussian field. A cross correlation method based on the fractional Gaussian field is used for watermark detection. Furthermore the proposed method enables blind watermark detection where the original image is not required during the watermark detection thereby making it more practical than non-blind watermarking techniques. Experimental results confirmed that the proposed technique has a high level of robustness.
    Matched MeSH terms: Computer Security
  10. Fulltext Understanding employees' perception towards personal data protection through their work processes in privacy enhancing technologies (pets) adoption
    May, Fen Gan, Hui, Na Chua, Siew, Fan Wong, Irene, Ai Lian Tan
    Malaysian Journal of Qualitative Research, 2019;5(2):6-21.
    MyJurnal
    With the increase of consumers’ privacy concerns and the government-enforced regulations on data protection, it is necessary for organizations to implement Privacy Enhancing Technologies (PETs) to protect consumers’ personal data. PETs refer to any protection in the form of technology. Since employees are the main stakeholders who are directly involved in the PETs implementation and execution process, it is important to understand employees’ perceptions especially those daily tasks involving the process of collecting and processing consumers’ data. Prior literature showed limited research on the effects of PETs implementation through employees’ work process and their perception on the implementation in protection personal data. Hence, the purpose of this research is to explore how PETs adoption affects employees’ work process and their perception. A qualitative single case study was adopted in a telecommunications company in Malaysia. Data were collected through in-depth interviews from nine respondents who were involved in data collecting, data processing and data controlling in their daily tasks. The results showed that employees experience difference levels of change depending on their work nature. The affected areas of change in implementing PETs are workload, communication level and data access. Employees also raised their concerns on vendors’ accountability. This research provides an insight into employees’ perception towards personal data protection based on their experience in implementing PETs. Continuous awareness, updates, monitoring and evaluating of system are perceived as the key to successful PETs implementation in protecting personal data.
    Matched MeSH terms: Computer Security
  11. Fulltext A chaotic cryptosystem for images based on Henon and Arnold cat map
    Soleymani A, Nordin MJ, Sundararajan E
    ScientificWorldJournal, 2014;2014:536930.
    PMID: 25258724 DOI: 10.1155/2014/536930
    The rapid evolution of imaging and communication technologies has transformed images into a widespread data type. Different types of data, such as personal medical information, official correspondence, or governmental and military documents, are saved and transmitted in the form of images over public networks. Hence, a fast and secure cryptosystem is needed for high-resolution images. In this paper, a novel encryption scheme is presented for securing images based on Arnold cat and Henon chaotic maps. The scheme uses Arnold cat map for bit- and pixel-level permutations on plain and secret images, while Henon map creates secret images and specific parameters for the permutations. Both the encryption and decryption processes are explained, formulated, and graphically presented. The results of security analysis of five different images demonstrate the strength of the proposed cryptosystem against statistical, brute force and differential attacks. The evaluated running time for both encryption and decryption processes guarantee that the cryptosystem can work effectively in real-time applications.
    Matched MeSH terms: Computer Security*
  12. Evaluation of medical image watermarking with tamper detection and recovery (AW-TDR)
    Zain JM, Fauzi AR
    Annu Int Conf IEEE Eng Med Biol Soc, 2007;2007:5662-5.
    PMID: 18003297
    This paper will study and evaluate watermarking technique by Zain and Fauzi [1]. Recommendations will then be made to enhance the technique especially in the aspect of recovery or reconstruction rate for medical images. A proposal will also be made for a better distribution of watermark to minimize the distortion of the Region of Interest (ROI). The final proposal will enhance AW-TDR in three aspects; firstly the image quality in the ROI will be improved as the maximum change is only 2 bits in every 4 pixels, or embedding rate of 0.5 bits/pixel. Secondly the recovery rate will also be better since the recovery bits are located outside the region of interest. The disadvantage in this is that, only manipulation done in the ROI will be detected. Thirdly the quality of the reconstructed image will be enhanced since the average of 2 x 2 pixels would be used to reconstruct the tampered image.
    Matched MeSH terms: Computer Security*
  13. Random multispace quantization as an analytic mechanism for BioHashing of biometric and random identity inputs
    Teoh AB, Goh A, Ngo DC
    IEEE Trans Pattern Anal Mach Intell, 2006 Dec;28(12):1892-901.
    PMID: 17108365
    Biometric analysis for identity verification is becoming a widespread reality. Such implementations necessitate large-scale capture and storage of biometric data, which raises serious issues in terms of data privacy and (if such data is compromised) identity theft. These problems stem from the essential permanence of biometric data, which (unlike secret passwords or physical tokens) cannot be refreshed or reissued if compromised. Our previously presented biometric-hash framework prescribes the integration of external (password or token-derived) randomness with user-specific biometrics, resulting in bitstring outputs with security characteristics (i.e., noninvertibility) comparable to cryptographic ciphers or hashes. The resultant BioHashes are hence cancellable, i.e., straightforwardly revoked and reissued (via refreshed password or reissued token) if compromised. BioHashing furthermore enhances recognition effectiveness, which is explained in this paper as arising from the Random Multispace Quantization (RMQ) of biometric and external random inputs.
    Matched MeSH terms: Computer Security*
  14. The Malaysian Telehealth Flagship Application: a national approach to health data protection and utilisation and consumer rights
    Mohan J, Razali Raja Yaacob R
    Int J Med Inform, 2004 Mar 31;73(3):217-27.
    PMID: 15066550
    Telehealth refers to the integration of information, telecommunication, human-machine interface technologies and health technologies to deliver health care, to promote the heath status of the people and to create health. The Malaysian Telehealth Application will, on completion, provide every resident of the country an electronic Lifetime Health Record (LHR) and Lifetime Health Plan (LHP). He or she will also hold a smart card that will contain a subset of the data in the Lifetime Health Record. These will be the means by which Malaysians will receive "seamless continuous quality care" across a range of health facilities and health care providers, and by which Malaysia's health goal of a nation of "healthy individuals, families and communities" is achieved. The challenges to security and privacy in providing access to an electronic Lifetime Health Record at private and government health facilities and to the electronic Lifetime Health Plan at homes of consumers require not only technical mechanisms but also national policies and practices addressing threats while facilitating access to health data during health encounters in different care settings. Organisational policies establish the goals that technical mechanisms serve. They should outline appropriate uses and access to information, create mechanisms for preventing and detecting violations, and set sanctions for violations. Some interesting innovations have been used to address these issues against the background of the launching of the multimedia supercorridor (MSC) in Malaysia.
    Matched MeSH terms: Computer Security*
  15. Root Exploit Detection and Features Optimization: Mobile Device and Blockchain Based Medical Data Management
    Firdaus A, Anuar NB, Razak MFA, Hashem IAT, Bachok S, Sangaiah AK
    J Med Syst, 2018 May 04;42(6):112.
    PMID: 29728780 DOI: 10.1007/s10916-018-0966-x
    The increasing demand for Android mobile devices and blockchain has motivated malware creators to develop mobile malware to compromise the blockchain. Although the blockchain is secure, attackers have managed to gain access into the blockchain as legal users, thereby comprising important and crucial information. Examples of mobile malware include root exploit, botnets, and Trojans and root exploit is one of the most dangerous malware. It compromises the operating system kernel in order to gain root privileges which are then used by attackers to bypass the security mechanisms, to gain complete control of the operating system, to install other possible types of malware to the devices, and finally, to steal victims' private keys linked to the blockchain. For the purpose of maximizing the security of the blockchain-based medical data management (BMDM), it is crucial to investigate the novel features and approaches contained in root exploit malware. This study proposes to use the bio-inspired method of practical swarm optimization (PSO) which automatically select the exclusive features that contain the novel android debug bridge (ADB). This study also adopts boosting (adaboost, realadaboost, logitboost, and multiboost) to enhance the machine learning prediction that detects unknown root exploit, and scrutinized three categories of features including (1) system command, (2) directory path and (3) code-based. The evaluation gathered from this study suggests a marked accuracy value of 93% with Logitboost in the simulation. Logitboost also helped to predicted all the root exploit samples in our developed system, the root exploit detection system (RODS).
    Matched MeSH terms: Computer Security*
  16. Smart Home-based IoT for Real-time and Secure Remote Health Monitoring of Triage and Priority System using Body Sensors: Multi-driven Systematic Review
    Talal M, Zaidan AA, Zaidan BB, Albahri AS, Alamoodi AH, Albahri OS, et al.
    J Med Syst, 2019 Jan 15;43(3):42.
    PMID: 30648217 DOI: 10.1007/s10916-019-1158-z
    The Internet of Things (IoT) has been identified in various applications across different domains, such as in the healthcare sector. IoT has also been recognised for its revolution in reshaping modern healthcare with aspiring wide range prospects, including economical, technological and social. This study aims to establish IoT-based smart home security solutions for real-time health monitoring technologies in telemedicine architecture. A multilayer taxonomy is driven and conducted in this study. In the first layer, a comprehensive analysis on telemedicine, which focuses on the client and server sides, shows that other studies associated with IoT-based smart home applications have several limitations that remain unaddressed. Particularly, remote patient monitoring in healthcare applications presents various facilities and benefits by adopting IoT-based smart home technologies without compromising the security requirements and potentially large number of risks. An extensive search is conducted to identify articles that handle these issues, related applications are comprehensively reviewed and a coherent taxonomy for these articles is established. A total number of (n = 3064) are gathered between 2007 and 2017 for most reliable databases, such as ScienceDirect, Web of Science and Institute of Electrical and Electronic Engineer Xplore databases. Then, the articles based on IoT studies that are associated with telemedicine applications are filtered. Nine articles are selected and classified into two categories. The first category, which accounts for 22.22% (n = 2/9), includes surveys on telemedicine articles and their applications. The second category, which accounts for 77.78% (n = 7/9), includes articles on the client and server sides of telemedicine architecture. The collected studies reveal the essential requirement in constructing another taxonomy layer and review IoT-based smart home security studies. Therefore, IoT-based smart home security features are introduced and analysed in the second layer. The security of smart home design based on IoT applications is an aspect that represents a crucial matter for general occupants of smart homes, in which studies are required to provide a better solution with patient security, privacy protection and security of users' entities from being stolen or compromised. Innovative technologies have dispersed limitations related to this matter. The existing gaps and trends in this area should be investigated to provide valuable visions for technical environments and researchers. Thus, 67 articles are obtained in the second layer of our taxonomy and are classified into six categories. In the first category, 25.37% (n = 17/67) of the articles focus on architecture design. In the second category, 17.91% (n = 12/67) includes security analysis articles that investigate the research status in the security area of IoT-based smart home applications. In the third category, 10.44% (n = 7/67) includes articles about security schemes. In the fourth category, 17.91% (n = 12/67) comprises security examination. In the fifth category, 13.43% (n = 9/67) analyses security protocols. In the final category, 14.92% (n = 10/67) analyses the security framework. Then, the identified basic characteristics of this emerging field are presented and provided in the following aspects. Open challenges experienced on the development of IoT-based smart home security are addressed to be adopted fully in telemedicine applications. Then, the requirements are provided to increase researcher's interest in this study area. On this basis, a number of recommendations for different parties are described to provide insights on the next steps that should be considered to enhance the security of smart homes based on IoT. A map matching for both taxonomies is developed in this study to determine the novel risks and benefits of IoT-based smart home security for real-time remote health monitoring within client and server sides in telemedicine applications.
    Matched MeSH terms: Computer Security/standards*
  17. The Impact of the Security Competency on "Self-Efficacy in Information Security" for Effective Health Information Security in Iran
    Shahri AB, Ismail Z, Mohanna S
    J Med Syst, 2016 Nov;40(11):241.
    PMID: 27681101
    The security effectiveness based on users' behaviors is becoming a top priority of Health Information System (HIS). In the first step of this study, through the review of previous studies 'Self-efficacy in Information Security' (SEIS) and 'Security Competency' (SCMP) were identified as the important factors to transforming HIS users to the first line of defense in the security. Subsequently, a conceptual model was proposed taking into mentioned factors for HIS security effectiveness. Then, this quantitative study used the structural equation modeling to examine the proposed model based on survey data collected from a sample of 263 HIS users from eight hospitals in Iran. The result shows that SEIS is one of the important factors to cultivate of good end users' behaviors toward HIS security effectiveness. However SCMP appears a feasible alternative to providing SEIS. This study also confirms the mediation effects of SEIS on the relationship between SCMP and HIS security effectiveness. The results of this research paper can be used by HIS and IT managers to implement their information security process more effectively.
    Matched MeSH terms: Computer Security*
  18. Indirect effect of management support on users' compliance behaviour towards information security policies
    Humaidi N, Balakrishnan V
    Health Inf Manag, 2018 Jan;47(1):17-27.
    PMID: 28537207 DOI: 10.1177/1833358317700255
    BACKGROUND: Health information systems are innovative products designed to improve the delivery of effective healthcare, but they are also vulnerable to breaches of information security, including unauthorised access, use, disclosure, disruption, modification or destruction, and duplication of passwords. Greater openness and multi-connectedness between heterogeneous stakeholders within health networks increase the security risk.

    OBJECTIVE: The focus of this research was on the indirect effects of management support (MS) on user compliance behaviour (UCB) towards information security policies (ISPs) among health professionals in selected Malaysian public hospitals. The aim was to identify significant factors and provide a clearer understanding of the nature of compliance behaviour in the health sector environment.

    METHOD: Using a survey design and stratified random sampling method, self-administered questionnaires were distributed to 454 healthcare professionals in three hospitals. Drawing on theories of planned behaviour, perceived behavioural control (self-efficacy (SE) and MS components) and the trust factor, an information system security policies compliance model was developed to test three related constructs (MS, SE and perceived trust (PT)) and their relationship to UCB towards ISPs.

    RESULTS: Results showed a 52.8% variation in UCB through significant factors. Partial least squares structural equation modelling demonstrated that all factors were significant and that MS had an indirect effect on UCB through both PT and SE among respondents to this study.

    CONCLUSION: The research model based on the theory of planned behaviour in combination with other human and organisational factors has made a useful contribution towards explaining compliance behaviour in relation to organisational ISPs, with trust being the most significant factor. In adopting a multidimensional approach to management-user interactions via multidisciplinary concepts and theories to evaluate the association between the integrated management-user values and the nature of compliance towards ISPs among selected health professionals, this study has made a unique contribution to the literature.

    Matched MeSH terms: Computer Security*
  19. Real-Time Remote Health Monitoring Systems Using Body Sensor Information and Finger Vein Biometric Verification: A Multi-Layer Systematic Review
    Mohsin AH, Zaidan AA, Zaidan BB, Albahri AS, Albahri OS, Alsalem MA, et al.
    J Med Syst, 2018 Oct 16;42(12):238.
    PMID: 30327939 DOI: 10.1007/s10916-018-1104-5
    The development of wireless body area sensor networks is imperative for modern telemedicine. However, attackers and cybercriminals are gradually becoming aware in attacking telemedicine systems, and the black market value of protected health information has the highest price nowadays. Security remains a formidable challenge to be resolved. Intelligent home environments make up one of the major application areas of pervasive computing. Security and privacy are the two most important issues in the remote monitoring and control of intelligent home environments for clients and servers in telemedicine architecture. The personal authentication approach that uses the finger vein pattern is a newly investigated biometric technique. This type of biometric has many advantages over other types (explained in detail later on) and is suitable for different human categories and ages. This study aims to establish a secure verification method for real-time monitoring systems to be used for the authentication of patients and other members who are working in telemedicine systems. The process begins with the sensor based on Tiers 1 and 2 (client side) in the telemedicine architecture and ends with patient verification in Tier 3 (server side) via finger vein biometric technology to ensure patient security on both sides. Multilayer taxonomy is conducted in this research to attain the study's goal. In the first layer, real-time remote monitoring studies based on the sensor technology used in telemedicine applications are reviewed and analysed to provide researchers a clear vision of security and privacy based on sensors in telemedicine. An extensive search is conducted to identify articles that deal with security and privacy issues, related applications are reviewed comprehensively and a coherent taxonomy of these articles is established. ScienceDirect, IEEE Xplore and Web of Science databases are checked for articles on mHealth in telemedicine based on sensors. A total of 3064 papers are collected from 2007 to 2017. The retrieved articles are filtered according to the security and privacy of telemedicine applications based on sensors. Nineteen articles are selected and classified into two categories. The first category, which accounts for 57.89% (n = 11/19), includes surveys on telemedicine articles and their applications. The second category, accounting for 42.1% (n = 8/19), includes articles on the three-tiered architecture of telemedicine. The collected studies reveal the essential need to construct another taxonomy layer and review studies on finger vein biometric verification systems. This map-matching for both taxonomies is developed for this study to go deeply into the sensor field and determine novel risks and benefits for patient security and privacy on client and server sides in telemedicine applications. In the second layer of our taxonomy, the literature on finger vein biometric verification systems is analysed and reviewed. In this layer, we obtain a final set of 65 articles classified into four categories. In the first category, 80% (n = 52/65) of the articles focus on development and design. In the second category, 12.30% (n = 8/65) includes evaluation and comparative articles. These articles are not intensively included in our literature analysis. In the third category, 4.61% (n = 3/65) includes articles about analytical studies. In the fourth category, 3.07% (n = 2/65) comprises reviews and surveys. This study aims to provide researchers with an up-to-date overview of studies that have been conducted on (user/patient) authentication to enhance the security level in telemedicine or any information system. In the current study, taxonomy is presented by explaining previous studies. Moreover, this review highlights the motivations, challenges and recommendations related to finger vein biometric verification systems and determines the gaps in this research direction (protection of finger vein templates in real time), which represent a new research direction in this area.
    Matched MeSH terms: Computer Security*
  20. Fulltext DAD-match; Security technique to prevent denial of service attack on duplicate address detection process in IPv6 link-local network
    Al-Ani AK, Anbar M, Manickam S, Al-Ani A
    PLoS One, 2019;14(4):e0214518.
    PMID: 30939154 DOI: 10.1371/journal.pone.0214518
    An efficiently unlimited address space is provided by Internet Protocol version 6 (IPv6). It aims to accommodate thousands of hundreds of unique devices on a similar link. This can be achieved through the Duplicate Address Detection (DAD) process. It is considered one of the core IPv6 network's functions. It is implemented to make sure that IP addresses do not conflict with each other on the same link. However, IPv6 design's functions are exposed to security threats like the DAD process, which is vulnerable to Denial of Service (DoS) attack. Such a threat prevents the host from configuring its IP address by responding to each Neighbor Solicitation (NS) through fake Neighbor Advertisement (NA). Various mechanisms have been proposed to secure the IPv6 DAD procedure. The proposed mechanisms, however, suffer from complexity, high processing time, and the consumption of more resources. The experiments-based findings revealed that all the existing mechanisms had failed to secure the IPv6 DAD process. Therefore, DAD-match security technique is proposed in this study to efficiently secure the DAD process consuming less processing time. DAD-match is built based on SHA-3 to hide the exchange tentative IP among hosts throughout the process of DAD in an IPv6 link-local network. The obtained experimental results demonstrated that the DAD-match security technique achieved less processing time compared with the existing mechanisms as it can resist a range of different threats like collision and brute-force attacks. The findings concluded that the DAD-match technique effectively prevents the DoS attack during the DAD process. The DAD-match technique is implemented on a small area IPv6 network; hence, the author future work is to implement and test the DAD-match technique on a large area IPv6 network.
    Matched MeSH terms: Computer Security*
Related Terms
Filters
Contact Us

Please provide feedback to Administrator (afdal@afpm.org.my)

External Links