Although Radio Frequency Identification (RFID) is poised to displace barcodes, security vulnerabilities pose serious challenges for global adoption of the RFID technology. Specifically, RFID tags are prone to basic cloning and counterfeiting security attacks. A successful cloning of the RFID tags in many commercial applications can lead to many serious problems such as financial losses, brand damage, safety and health of the public. With many industries such as pharmaceutical and businesses deploying RFID technology with a variety of products, it is important to tackle RFID tag cloning problem and improve the resistance of the RFID systems. To this end, we propose an approach for detecting cloned RFID tags in RFID systems with high detection accuracy and minimal overhead thus overcoming practical challenges in existing approaches. The proposed approach is based on consistency of dual hash collisions and modified count-min sketch vector. We evaluated the proposed approach through extensive experiments and compared it with existing baseline approaches in terms of execution time and detection accuracy under varying RFID tag cloning ratio. The results of the experiments show that the proposed approach outperforms the baseline approaches in cloned RFID tag detection accuracy.
The ever-growing numbers of medical digital images and the need to share them among specialists and hospitals for better and more accurate diagnosis require that patients' privacy be protected. As a result of this, there is a need for medical image watermarking (MIW). However, MIW needs to be performed with special care for two reasons. Firstly, the watermarking procedure cannot compromise the quality of the image. Secondly, confidential patient information embedded within the image should be flawlessly retrievable without risk of error after image decompressing. Despite extensive research undertaken in this area, there is still no method available to fulfill all the requirements of MIW. This paper aims to provide a useful survey on watermarking and offer a clear perspective for interested researchers by analyzing the strengths and weaknesses of different existing methods.
This study has two objectives. First, it aims to develop a system with a highly secured approach to transmitting electronic medical records (EMRs), and second, it aims to identify entities that transmit private patient information without permission. The NTRU and the Advanced Encryption Standard (AES) cryptosystems are secured encryption methods. The AES is a tested technology that has already been utilized in several systems to secure sensitive data. The United States government has been using AES since June 2003 to protect sensitive and essential information. Meanwhile, NTRU protects sensitive data against attacks through the use of quantum computers, which can break the RSA cryptosystem and elliptic curve cryptography algorithms. A hybrid of AES and NTRU is developed in this work to improve EMR security. The proposed hybrid cryptography technique is implemented to secure the data transmission process of EMRs. The proposed security solution can provide protection for over 40 years and is resistant to quantum computers. Moreover, the technique provides the necessary evidence required by law to identify disclosure or misuse of patient records. The proposed solution can effectively secure EMR transmission and protect patient rights. It also identifies the source responsible for disclosing confidential patient records. The proposed hybrid technique for securing data managed by institutional websites must be improved in the future.
The new and groundbreaking real-time remote healthcare monitoring system on sensor-based mobile health (mHealth) authentication in telemedicine has considerably bounded and dispersed communication components. mHealth, an attractive part in telemedicine architecture, plays an imperative role in patient security and privacy and adapts different sensing technologies through many built-in sensors. This study aims to improve sensor-based defence and attack mechanisms to ensure patient privacy in client side when using mHealth. Thus, a multilayer taxonomy was conducted to attain the goal of this study. Within the first layer, real-time remote monitoring studies based on sensor technology for telemedicine application were reviewed and analysed to examine these technologies and provide researchers with a clear vision of security- and privacy-based sensors in the telemedicine area. An extensive search was conducted to find articles about security and privacy issues, review related applications comprehensively and establish the coherent taxonomy of these articles. ScienceDirect, IEEE Xplore and Web of Science databases were investigated for articles on mHealth in telemedicine-based sensor. A total of 3064 papers were collected from 2007 to 2017. The retrieved articles were filtered according to the security and privacy of sensor-based telemedicine applications. A total of 19 articles were selected and classified into two categories. The first category, 57.89% (n = 11/19), included survey on telemedicine articles and their applications. The second category, 42.1% (n = 8/19), included articles contributed to the three-tiered architecture of telemedicine. The collected studies improved the essential need to add another taxonomy layer and review the sensor-based smartphone authentication studies. This map matching for both taxonomies was developed for this study to investigate sensor field comprehensively and gain access to novel risks and benefits of the mHealth security in telemedicine application. The literature on sensor-based smartphones in the second layer of our taxonomy was analysed and reviewed. A total of 599 papers were collected from 2007 to 2017. In this layer, we obtained a final set of 81 articles classified into three categories. The first category of the articles [86.41% (n = 70/81)], where sensor-based smartphones were examined by utilising orientation sensors for user authentication, was used. The second category [7.40% (n = 6/81)] included attack articles, which were not intensively included in our literature analysis. The third category [8.64% (n = 7/81)] included 'other' articles. Factors were considered to understand fully the various contextual aspects of the field in published studies. The characteristics included the motivation and challenges related to sensor-based authentication of smartphones encountered by researchers and the recommendations to strengthen this critical area of research. Finally, many studies on the sensor-based smartphone in the second layer have focused on enhancing accurate authentication because sensor-based smartphones require sensors that could authentically secure mHealth.
This paper addresses the problems and threats associated with verification of integrity, proof of authenticity, tamper detection, and copyright protection for digital-text content. Such issues were largely addressed in the literature for images, audio, and video, with only a few papers addressing the challenge of sensitive plain-text media under known constraints. Specifically, with text as the predominant online communication medium, it becomes crucial that techniques are deployed to protect such information. A number of digital-signature, hashing, and watermarking schemes have been proposed that essentially bind source data or embed invisible data in a cover media to achieve its goal. While many such complex schemes with resource redundancies are sufficient in offline and less-sensitive texts, this paper proposes a hybrid approach based on zero-watermarking and digital-signature-like manipulations for sensitive text documents in order to achieve content originality and integrity verification without physically modifying the cover text in anyway. The proposed algorithm was implemented and shown to be robust against undetected content modifications and is capable of confirming proof of originality whilst detecting and locating deliberate/nondeliberate tampering. Additionally, enhancements in resource utilisation and reduced redundancies were achieved in comparison to traditional encryption-based approaches. Finally, analysis and remarks are made about the current state of the art, and future research issues are discussed under the given constraints.
Cloud computing (CC) is a magnificent service-based delivery with gigantic computer processing power and data storage across connected communications channels. It imparted overwhelming technological impetus in the internet (web) mediated IT industry, where users can easily share private data for further analysis and mining. Furthermore, user affable CC services enable to deploy sundry applications economically. Meanwhile, simple data sharing impelled various phishing attacks and malware assisted security threats. Some privacy sensitive applications like health services on cloud that are built with several economic and operational benefits necessitate enhanced security. Thus, absolute cyberspace security and mitigation against phishing blitz became mandatory to protect overall data privacy. Typically, diverse applications datasets are anonymized with better privacy to owners without providing all secrecy requirements to the newly added records. Some proposed techniques emphasized this issue by re-anonymizing the datasets from the scratch. The utmost privacy protection over incremental datasets on CC is far from being achieved. Certainly, the distribution of huge datasets volume across multiple storage nodes limits the privacy preservation. In this view, we propose a new anonymization technique to attain better privacy protection with high data utility over distributed and incremental datasets on CC. The proficiency of data privacy preservation and improved confidentiality requirements is demonstrated through performance evaluation.
With today's highly competitive market in the healthcare industry, Radio Frequency Identification (RFID) is a technology that can be applied by hospitals to improve operational efficiency and to gain a competitive advantage over their competitors. The purpose of this study is to investigate the factors that may effect RFID adoption in Malaysia's healthcare industry. In addition, the moderating role of occupational level was tested. Data was collected from 223 managers as well as healthcare and supporting staffs. This data was analyzed using the partial least squares technique. The results show that perceived ease of use and usefulness, government policy, top management support, and security and privacy concerns have an effect on the intent to adopt RFID in hospitals. There is a wide gap between managers and healthcare staff in terms of the factors that influence RFID adoption. The results of this study will help decision makers as well as managers in the healthcare industry to better understand the determinants of RFID adoption. Additionally, it will assist in the process of RFID adoption, and therefore, spread the usage of RFID technology in more hospitals.
Background: Without any doubt, the combo of user ID and password are the most used authentication method in the computing and internet environment. However, due to the enormous number of accounts that require password authentication, users tend to develop bad habits in their password practices which in turn will put their account security at risk. With the increasing use of computing in health-care settings and the use of EMR in hospitals, such practices are a cause for concern.
Methods: This is a cross-sectional study using self-administered questionnaires, investigating the practice of the respondents in keeping their passwords secure. Respondents in this survey are the undergraduate students of Faculty of Medicine, Universiti Kebangsaan Malaysia.
Results: Among the findings are that 87.4% of the respondents used the same password for more than one account. If a user used the same password for several accounts, it might trigger a domino effect if any of the account passwords were compromised. A total of 98.9% of the respondents memorised their password only in their mind, without writing down the password anywhere. This may lead to using easily guessable passwords which may introduce additional security risk to their accounts. The majority of the respondents (96.6%) never or rarely change their passwords. The study also showed that 82.7% of the respondents used passwords which are 6-8 characters in length. Longer passwords are usually safer but harder to remember. The questionnaire also explored the users’ password combination style, whether they used numbers only or combination of numbers and alphabets or some other pattern. A total of 39.1% used letters only but 27.6% used combination of numbers only which is less secure. About 77% of the respondents used personal information such as their birthday date or a person’s name as part of their password.
Conclusions: This habit may make their password guessable to people who are close to them. In conclusion, most medical students are not practising safe password conduct and they should be educated on this. If not, patients’ data confidentiality may be compromised in the future due to such practices.
This paper discusses the possibility of promoting public health and implementing educational health services using Facebook. We discuss the challenges and strengths of using such a platform as a tool for public health care systems from two different perspectives, namely, the view of IT developers and that of physicians. We present a new way of evaluating user interactivity in health care systems from tools provided by Facebook that measure statistical traffic in the Internet. Findings show that Facebook is a very promising tool in promoting e-health services in Web 2.0. Results from statistical traffic show that a Facebook page is more efficient than other pages in promoting public health.
In real-time medical systems, the role of biometric technology is significant in authentication systems because it is used in verifying the identity of people through their biometric features. The biometric technology provides crucial properties for biometric features that can support the process of personal identification. The storage of biometric template within a central database makes it vulnerable to attack which can also occur during data transmission. Therefore, an alternative mechanism of protection becomes important to develop. On this basis, this study focuses on providing a detailed analysis of the extant literature (2013-2018) to identify the taxonomy and research distribution. Furthermore, this study also seeks to ascertain the challenges and motivations associated with biometric steganography in real-time medical systems to provide recommendations that can enhance the efficient use of real-time medical systems in biometric steganography and its applications. A review of articles on human biometric steganography in real-time medical systems obtained from three main databases (IEEE Xplore, ScienceDirect and Web of Science) is conducted according to an appropriate review protocol. Then, 41 related articles are selected by using exclusion and inclusion criteria. Majority of the studies reviewed had been conducted in the field of data-hiding (particularly steganography) technologies. In this review, various steganographic methods that have been applied in different human biometrics are investigated. Thereafter, these methods are categorised according to taxonomy, and the results are presented on the basis of human steganography biometric real-time medical systems, testing and evaluation methods, significance of use and applications and techniques. Finally, recommendations on how the challenges associated with data hiding can be addressed are provided to enhance the efficiency of using biometric information processed in any authentication real-time medical system. These recommendations are expected to be immensely helpful to developers, company users and researchers.
One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time.
Medical ethics issues encountered in rehabilitation medicine differ from those in an acute care setting due to the complex relationships among the parties involved in rehabilitative care. The study examined the attitudes of Malaysian rehabilitation doctors toward medical ethics issues commonly encountered during patient care.
A qualitative research was carried out in Besut and Kuala Terengganu to identyy adolescents’ health problems and needs jiom adolescent perspective, and to establish a priority area in the development of Adolescent Health Clinic in the district. A total of 61 adolescents were selected and divided into four groups and stratified according to age, 13-15 years old and 16 - 17 years old. Generally all participants wished to live in an environment free hom negative health risk factors. The obstacles they perceived were mainly related to lack of care or too much control by their parents. Some of them perceived that their parents in general had inadequate knowledge and skills on parenting. Among local behavioural problems mentioned were loafing, running away from home, vandalism, school absenteeism, aggressive behaviour, substance abuse, pre-marital sexual activities, "bohsia", “bohjan" and even involvement in crimes. More than hah' agreed that counselling service is important for adolescents, and it should be made available in the community preferably outside the schools. They perceived an adolescent friendly health clinic concept as an important concept that should be introduced. To them adolescent friendly health clinic is a clinic run by professionals who are knowledgeable, caring, good listeners, non—judgemental, and who exercise confidentiality. The clinic preferably should be situated in a location which is away from the present health facilities to avoid the image of a place for sick people. Clinic hours preferably during weekends, should provide appropriate technologies and situated in a comfortable ambience. Adolescent participation in the clinic was also mentioned as an important entity for adolescent friendly health services.
Community-based HIV voluntary counseling and testing (VCT) services is an effective alternative for mapping the local demographics of at-risk populations for HIV as well as provide an acceptable and reliable means of early detection of HIV. We describe the profiles of men-who-have-sex-with-men (MSM) who sought VCT services in a community based centre in Kuala Lumpur.
The duty of confidentiality in the normal doctor-patient relationship is well recognized. However, the duty of confidentiality between the pathologist who performs the autopsy and the requesting authorities and the next-of-kin is not as clearly spelt out. This article discusses the problems faced by the pathologist with regards to hospital and medico-legal autopsies in Malaysia. A proposed ethical guideline is included on how to deal with peculiar issues regarding confidentiality and the pathologist.
We describe the findings from a survey assessing the beliefs regarding testing, confidentiality, disclosure, and environment of care and attitudes towards care of people with HIV/AIDS (PLHWA), in 1020, 4th and 5th year medical students, from public and private medical universities in Malaysia. A self-administered validated questionnaire based on the UNAIDS Model Questionnaire with a 5-point Likert scale (5, strongly disagree; 4, disagree; 3, neutral; 2, agree; 1, strongly agree) was used as a survey tool. The survey included demographic data and data on undergraduate training received on HIV/AIDS. Statistical significance in the demographic data and training received by respondents was evaluated using the chi-square test while the independent Student's t-test was used for comparison of means between public and private universities. A P value of <0.05 was considered statistically significant with 95% confidence interval. Our study revealed less than 20% of medical students received adequate training to care for PLHWA. They had prevalent negative beliefs regarding testing, confidentiality, disclosure and environment of care towards PLHWA although in giving care to PLHWA, their attitudes were largely positive and nondiscriminatory.
Young men who have sex with men (YMSM) are a group at high risk for HIV infection, yet no research has been conducted to understand this population in Malaysia. Semistructured interviews from a combination of YMSM aged 18-25 (n = 20) and local service providers of sexual health services (n = 4) were conducted from May to June 2015. Thematic analysis was used to identify common themes in participant responses from transcripts. Participants reported societal and internalized homophobia, an absence of sex education and difficulty accessing confidential HIV testing. This study provides insights into how homophobia in Malaysian society influences individual risk behavior for HIV in Malaysian YMSM, and makes practical suggestions for more effective HIV prevention in this population.