Displaying publications 21 - 40 of 88 in total

Abstract:
Sort:
  1. Fulltext Determinants of the willingness to participate in biobanking among Malaysian stakeholders in the Klang Valley
    Amin L, Hashim H, Mahadi Z, Ismail K
    BMC Med Res Methodol, 2018 12 05;18(1):163.
    PMID: 30518344 DOI: 10.1186/s12874-018-0619-2
    BACKGROUND: The demand in biobanking for the collection and maintenance of biological specimens and personal data from civilians to improve the prevention, diagnosis and treatment of diseases has increased notably. Despite the advancement, certain issues, specifically those related to privacy and data protection, have been critically discussed. The purposes of this study are to assess the willingness of stakeholders to participate in biobanking and to determine its predictors.

    METHODS: A survey of 469 respondents from various stakeholder groups in the Klang Valley region of Malaysia was carried out. Based on previous research, a multi-dimensional instrument measuring willingness to participate in biobanking, and its predictors, was constructed and validated. A single step Structural Equation Modelling was performed to analyse the measurements and structural model using the International Business Machines Corporation Software Package for Social Sciences, Analysis of Moment Structures (IBM SPSS Amos) version 20 with a maximum likelihood function.

    RESULTS: Malaysian stakeholders in the Klang Valley were found to be cautious of biobanks. Although they perceived the biobanks as moderately beneficial (mean score of 4.65) and were moderately willing to participate in biobanking (mean score of 4.10), they professed moderate concern about data and specimen protection issues (mean score of 4.33). Willingness to participate in biobanking was predominantly determined by four direct predictors: specific application-linked perceptions of their benefits (β = 0.35, p 
    Matched MeSH terms: Computer Security
  2. Fulltext Watermark Compression in Medical Image Watermarking Using Lempel-Ziv-Welch (LZW) Lossless Compression Technique
    Badshah G, Liew SC, Zain JM, Ali M
    J Digit Imaging, 2016 Apr;29(2):216-25.
    PMID: 26429361 DOI: 10.1007/s10278-015-9822-4
    In teleradiology, image contents may be altered due to noisy communication channels and hacker manipulation. Medical image data is very sensitive and can not tolerate any illegal change. Illegally changed image-based analysis could result in wrong medical decision. Digital watermarking technique can be used to authenticate images and detect as well as recover illegal changes made to teleradiology images. Watermarking of medical images with heavy payload watermarks causes image perceptual degradation. The image perceptual degradation directly affects medical diagnosis. To maintain the image perceptual and diagnostic qualities standard during watermarking, the watermark should be lossless compressed. This paper focuses on watermarking of ultrasound medical images with Lempel-Ziv-Welch (LZW) lossless-compressed watermarks. The watermark lossless compression reduces watermark payload without data loss. In this research work, watermark is the combination of defined region of interest (ROI) and image watermarking secret key. The performance of the LZW compression technique was compared with other conventional compression methods based on compression ratio. LZW was found better and used for watermark lossless compression in ultrasound medical images watermarking. Tabulated results show the watermark bits reduction, image watermarking with effective tamper detection and lossless recovery.
    Matched MeSH terms: Computer Security*
  3. Fulltext Digital signature schemes with strong existential unforgeability
    Chia J, Chin JJ, Yip SC
    F1000Res, 2021;10:931.
    PMID: 36798451 DOI: 10.12688/f1000research.72910.1
    Digital signature schemes (DSS) are ubiquitously used for public authentication in the infrastructure of the internet, in addition to their use as a cryptographic tool to construct even more sophisticated schemes such as those that are identity-based. The security of DSS is analyzed through the existential unforgeability under chosen message attack (EUF-CMA) experiment which promises unforgeability of signatures on new messages even when the attacker has access to an arbitrary set of messages and their corresponding signatures. However, the EUF-CMA model does not account for attacks such as an attacker forging a different signature on an existing message, even though the attack could be devastating in the real world and constitutes a severe breach of the security system. Nonetheless, most of the DSS are not analyzed in this security model, which possibly makes them vulnerable to such an attack. In contrast, a better security notion known as strong EUF-CMA (sEUF-CMA) is designed to be resistant to such attacks. This review aims to identify DSS in the literature that are secure in the sEUF-CMA model. In addition, the article discusses the challenges and future directions of DSS. In our review, we consider the security of existing DSS that fit our criterion in the sEUF-CMA model; our criterion is simple as we only require the DSS to be at least secure against the minimum of existential forgery. Our findings are categorized into two classes: the direct and indirect classes of sEUF-CMA. The former is inherently sEUF-CMA without any modification while the latter requires some transformation. Our comprehensive  review contributes to the security and cryptographic research community by discussing the efficiency and security of DSS that are sEUF-CMA, which aids in selecting robust DSS in future design considerations.
    Matched MeSH terms: Computer Security*
  4. Fulltext Seluge++: a secure over-the-air programming scheme in wireless sensor networks
    Doroodgar F, Abdur Razzaque M, Isnin IF
    Sensors (Basel), 2014;14(3):5004-40.
    PMID: 24618781 DOI: 10.3390/s140305004
    Over-the-air dissemination of code updates in wireless sensor networks have been researchers' point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN) nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare). Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge.
    Matched MeSH terms: Computer Security
  5. Root Exploit Detection and Features Optimization: Mobile Device and Blockchain Based Medical Data Management
    Firdaus A, Anuar NB, Razak MFA, Hashem IAT, Bachok S, Sangaiah AK
    J Med Syst, 2018 May 04;42(6):112.
    PMID: 29728780 DOI: 10.1007/s10916-018-0966-x
    The increasing demand for Android mobile devices and blockchain has motivated malware creators to develop mobile malware to compromise the blockchain. Although the blockchain is secure, attackers have managed to gain access into the blockchain as legal users, thereby comprising important and crucial information. Examples of mobile malware include root exploit, botnets, and Trojans and root exploit is one of the most dangerous malware. It compromises the operating system kernel in order to gain root privileges which are then used by attackers to bypass the security mechanisms, to gain complete control of the operating system, to install other possible types of malware to the devices, and finally, to steal victims' private keys linked to the blockchain. For the purpose of maximizing the security of the blockchain-based medical data management (BMDM), it is crucial to investigate the novel features and approaches contained in root exploit malware. This study proposes to use the bio-inspired method of practical swarm optimization (PSO) which automatically select the exclusive features that contain the novel android debug bridge (ADB). This study also adopts boosting (adaboost, realadaboost, logitboost, and multiboost) to enhance the machine learning prediction that detects unknown root exploit, and scrutinized three categories of features including (1) system command, (2) directory path and (3) code-based. The evaluation gathered from this study suggests a marked accuracy value of 93% with Logitboost in the simulation. Logitboost also helped to predicted all the root exploit samples in our developed system, the root exploit detection system (RODS).
    Matched MeSH terms: Computer Security*
  6. Fulltext Trusted computing strengthens cloud authentication
    Ghazizadeh E, Zamani M, Ab Manan JL, Alizadeh M
    ScientificWorldJournal, 2014;2014:260187.
    PMID: 24701149 DOI: 10.1155/2014/260187
    Cloud computing is a new generation of technology which is designed to provide the commercial necessities, solve the IT management issues, and run the appropriate applications. Another entry on the list of cloud functions which has been handled internally is Identity Access Management (IAM). Companies encounter IAM as security challenges while adopting more technologies became apparent. Trust Multi-tenancy and trusted computing based on a Trusted Platform Module (TPM) are great technologies for solving the trust and security concerns in the cloud identity environment. Single sign-on (SSO) and OpenID have been released to solve security and privacy problems for cloud identity. This paper proposes the use of trusted computing, Federated Identity Management, and OpenID Web SSO to solve identity theft in the cloud. Besides, this proposed model has been simulated in .Net environment. Security analyzing, simulation, and BLP confidential model are three ways to evaluate and analyze our proposed model.
    Matched MeSH terms: Computer Security/standards*; Computer Security/trends
  7. Cryptographic framework for document-objects resulting from multiparty collaborative transactions
    Goh A
    Stud Health Technol Inform, 2000;77:1069-73.
    PMID: 11187485
    Multiparty transactional frameworks--i.e. Electronic Data Interchange (EDI) or Health Level (HL) 7--often result in composite documents which can be accurately modelled using hyperlinked document-objects. The structural complexity arising from multiauthor involvement and transaction-specific sequencing would be poorly handled by conventional digital signature schemes based on a single evaluation of a one-way hash function and asymmetric cryptography. In this paper we outline the generation of structure-specific authentication hash-trees for the the authentication of transactional document-objects, followed by asymmetric signature generation on the hash-tree value. Server-side multi-client signature verification would probably constitute the single most compute-intensive task, hence the motivation for our usage of the Rabin signature protocol which results in significantly reduced verification workloads compared to the more commonly applied Rivest-Shamir-Adleman (RSA) protocol. Data privacy is handled via symmetric encryption of message traffic using session-specific keys obtained through key-negotiation mechanisms based on discrete-logarithm cryptography. Individual client-to-server channels can be secured using a double key-pair variation of Diffie-Hellman (DH) key negotiation, usage of which also enables bidirectional node authentication. The reciprocal server-to-client multicast channel is secured through Burmester-Desmedt (BD) key-negotiation which enjoys significant advantages over the usual multiparty extensions to the DH protocol. The implementation of hash-tree signatures and bi/multidirectional key negotiation results in a comprehensive cryptographic framework for multiparty document-objects satisfying both authentication and data privacy requirements.
    Matched MeSH terms: Computer Security*
  8. Java-based framework for the secure distribution of electronic medical records
    Goh A
    Stud Health Technol Inform, 1999;68:582-7.
    PMID: 10724956
    In this paper, we present a Java-based framework for the processing, storage and delivery of Electronic Medical Records (EMR). The choice of Java as a developmental and operational environment ensures operability over a wide-range of client-side platforms, with our on-going work emphasising migration towards Extensible Markup Language (XML) capable Web browser clients. Telemedicine in support of womb-to-tomb healthcare as articulated by the Multimedia Supercorridor (MSC) Telemedicine initiative--which motivated this project--will require high-volume data exchange over an insecure public-access Wide Area Network (WAN), thereby requiring a hybrid cryptosystem with both symmetric and asymmetric components. Our prototype framework features a pre-transaction authentication and key negotiation sequence which can be readily modified for client-side environments ranging from Web browsers without local storage capability to workstations with serial connectivity to a tamper-proof device, and also for point-to-multipoint transaction processes.
    Matched MeSH terms: Computer Security*
  9. Fulltext Secured and Privacy-Preserving Multi-Authority Access Control System for Cloud-Based Healthcare Data Sharing
    Gupta R, Kanungo P, Dagdee N, Madhu G, Sahoo KS, Jhanjhi NZ, et al.
    Sensors (Basel), 2023 Feb 27;23(5).
    PMID: 36904822 DOI: 10.3390/s23052617
    With continuous advancements in Internet technology and the increased use of cryptographic techniques, the cloud has become the obvious choice for data sharing. Generally, the data are outsourced to cloud storage servers in encrypted form. Access control methods can be used on encrypted outsourced data to facilitate and regulate access. Multi-authority attribute-based encryption is a propitious technique to control who can access encrypted data in inter-domain applications such as sharing data between organizations, sharing data in healthcare, etc. The data owner may require the flexibility to share the data with known and unknown users. The known or closed-domain users may be internal employees of the organization, and unknown or open-domain users may be outside agencies, third-party users, etc. In the case of closed-domain users, the data owner becomes the key issuing authority, and in the case of open-domain users, various established attribute authorities perform the task of key issuance. Privacy preservation is also a crucial requirement in cloud-based data-sharing systems. This work proposes the SP-MAACS scheme, a secure and privacy-preserving multi-authority access control system for cloud-based healthcare data sharing. Both open and closed domain users are considered, and policy privacy is ensured by only disclosing the names of policy attributes. The values of the attributes are kept hidden. Characteristic comparison with similar existing schemes shows that our scheme simultaneously provides features such as multi-authority setting, expressive and flexible access policy structure, privacy preservation, and scalability. The performance analysis carried out by us shows that the decryption cost is reasonable enough. Furthermore, the scheme is demonstrated to be adaptively secure under the standard model.
    Matched MeSH terms: Computer Security
  10. Fulltext E2EE enhanced patient-centric blockchain-based system for EHR management
    Haddad A, Habaebi MH, Elsheikh EAA, Islam MR, Zabidi SA, Suliman FEM
    PLoS One, 2024;19(4):e0301371.
    PMID: 38557695 DOI: 10.1371/journal.pone.0301371
    To secure sensitive medical records in the healthcare clouds, this paper proposes an End-to-End Encryption (E2EE) to enhance a patient-centric blockchain-based system for electronic health record (EHR) management. The suggested system with a focus on the patient enables individuals to oversee their medical records within various involved parties by authorizing or withdrawing permission for access to their records. Utilizing the inter-planetary file system (IPFS) for record storage is chosen due to its decentralized nature and its ability to guarantee the unchangeability of records. Then an E2EE enhancement maintains the medical data integrity using dual level-Hybrid encryption: symmetric Advanced Encryption Standard (AES) and asymmetric Elliptic Curve Cryptography (ECC) cryptographic techniques. The proposed system is implemented using the Ethereum blockchain system for EHR data sharing and integration utilizing a web-based interface for the patient and all users to initiate the EHR sharing transactions over the IPFS cloud. The proposed system performance is evaluated in a working system prototype. For different file sizes between 512 KB to 100 MB, the performance metrics used to evaluate the proposed system were the time consumed for generating key, encryption, and decryption. The results demonstrate the proposed system's superiority over other cutting-edge systems and its practical ability to share secure health data in cloud environments.
    Matched MeSH terms: Computer Security
  11. Key exchange in elliptic curve cryptography based on the decomposition problem
    Hilyatihanina Zazali, Wan Ainun Mior Othman
    Sains Malaysiana, 2012;41:907-910.
    In this paper, we presented a new key exchange method based on decomposition problem for elliptic curve cryptography. We showed that our key exchange method was not only an alternative method for designing keys in cryptography, but it also has improved security condition from the previous key exchange based on decomposition problem over noncommutative groups. We proposed elliptic an curve cryptography to be the new platform for our key exchange protocol and showed how it was implemented. The security of our protocol was based on discrete logarithm problem, which was not infeasible and strictly difficult to retrieve in elliptic curve cryptography without any prior knowledge.
    Matched MeSH terms: Computer Security
  12. Fulltext Preventing shoulder-surfing attack with the concept of concealing the password objects' information
    Ho PF, Kam YH, Wee MC, Chong YN, Por LY
    ScientificWorldJournal, 2014;2014:838623.
    PMID: 24991649 DOI: 10.1155/2014/838623
    Traditionally, picture-based password systems employ password objects (pictures/icons/symbols) as input during an authentication session, thus making them vulnerable to "shoulder-surfing" attack because the visual interface by function is easily observed by others. Recent software-based approaches attempt to minimize this threat by requiring users to enter their passwords indirectly by performing certain mental tasks to derive the indirect password, thus concealing the user's actual password. However, weaknesses in the positioning of distracter and password objects introduce usability and security issues. In this paper, a new method, which conceals information about the password objects as much as possible, is proposed. Besides concealing the password objects and the number of password objects, the proposed method allows both password and distracter objects to be used as the challenge set's input. The correctly entered password appears to be random and can only be derived with the knowledge of the full set of password objects. Therefore, it would be difficult for a shoulder-surfing adversary to identify the user's actual password. Simulation results indicate that the correct input object and its location are random for each challenge set, thus preventing frequency of occurrence analysis attack. User study results show that the proposed method is able to prevent shoulder-surfing attack.
    Matched MeSH terms: Computer Security/standards*
  13. Fulltext Multi-Layer Blockchain-Based Security Architecture for Internet of Things
    Honar Pajooh H, Rashid M, Alam F, Demidenko S
    Sensors (Basel), 2021 Jan 24;21(3).
    PMID: 33498860 DOI: 10.3390/s21030772
    The proliferation of smart devices in the Internet of Things (IoT) networks creates significant security challenges for the communications between such devices. Blockchain is a decentralized and distributed technology that can potentially tackle the security problems within the 5G-enabled IoT networks. This paper proposes a Multi layer Blockchain Security model to protect IoT networks while simplifying the implementation. The concept of clustering is utilized in order to facilitate the multi-layer architecture. The K-unknown clusters are defined within the IoT network by applying techniques that utillize a hybrid Evolutionary Computation Algorithm while using Simulated Annealing and Genetic Algorithms. The chosen cluster heads are responsible for local authentication and authorization. Local private blockchain implementation facilitates communications between the cluster heads and relevant base stations. Such a blockchain enhances credibility assurance and security while also providing a network authentication mechanism. The open-source Hyperledger Fabric Blockchain platform is deployed for the proposed model development. Base stations adopt a global blockchain approach to communicate with each other securely. The simulation results demonstrate that the proposed clustering algorithm performs well when compared to the earlier reported approaches. The proposed lightweight blockchain model is also shown to be better suited to balance network latency and throughput as compared to a traditional global blockchain.
    Matched MeSH terms: Computer Security
  14. Fulltext Hyperledger Fabric Blockchain for Securing the Edge Internet of Things
    Honar Pajooh H, Rashid M, Alam F, Demidenko S
    Sensors (Basel), 2021 Jan 07;21(2).
    PMID: 33430274 DOI: 10.3390/s21020359
    Providing security and privacy to the Internet of Things (IoT) networks while achieving it with minimum performance requirements is an open research challenge. Blockchain technology, as a distributed and decentralized ledger, is a potential solution to tackle the limitations of the current peer-to-peer IoT networks. This paper presents the development of an integrated IoT system implementing the permissioned blockchain Hyperledger Fabric (HLF) to secure the edge computing devices by employing a local authentication process. In addition, the proposed model provides traceability for the data generated by the IoT devices. The presented solution also addresses the IoT systems' scalability challenges, the processing power and storage issues of the IoT edge devices in the blockchain network. A set of built-in queries is leveraged by smart-contracts technology to define the rules and conditions. The paper validates the performance of the proposed model with practical implementation by measuring performance metrics such as transaction throughput and latency, resource consumption, and network use. The results show that the proposed platform with the HLF implementation is promising for the security of resource-constrained IoT devices and is scalable for deployment in various IoT scenarios.
    Matched MeSH terms: Computer Security
  15. Fulltext An Improved Vulnerability Exploitation Prediction Model with Novel Cost Function and Custom Trained Word Vector Embedding
    Hoque MS, Jamil N, Amin N, Lam KY
    Sensors (Basel), 2021 Jun 20;21(12).
    PMID: 34202977 DOI: 10.3390/s21124220
    Successful cyber-attacks are caused by the exploitation of some vulnerabilities in the software and/or hardware that exist in systems deployed in premises or the cloud. Although hundreds of vulnerabilities are discovered every year, only a small fraction of them actually become exploited, thereby there exists a severe class imbalance between the number of exploited and non-exploited vulnerabilities. The open source national vulnerability database, the largest repository to index and maintain all known vulnerabilities, assigns a unique identifier to each vulnerability. Each registered vulnerability also gets a severity score based on the impact it might inflict upon if compromised. Recent research works showed that the cvss score is not the only factor to select a vulnerability for exploitation, and other attributes in the national vulnerability database can be effectively utilized as predictive feature to predict the most exploitable vulnerabilities. Since cybersecurity management is highly resource savvy, organizations such as cloud systems will benefit when the most likely exploitable vulnerabilities that exist in their system software or hardware can be predicted with as much accuracy and reliability as possible, to best utilize the available resources to fix those first. Various existing research works have developed vulnerability exploitation prediction models by addressing the existing class imbalance based on algorithmic and artificial data resampling techniques but still suffer greatly from the overfitting problem to the major class rendering them practically unreliable. In this research, we have designed a novel cost function feature to address the existing class imbalance. We also have utilized the available large text corpus in the extracted dataset to develop a custom-trained word vector that can better capture the context of the local text data for utilization as an embedded layer in neural networks. Our developed vulnerability exploitation prediction models powered by a novel cost function and custom-trained word vector have achieved very high overall performance metrics for accuracy, precision, recall, F1-Score and AUC score with values of 0.92, 0.89, 0.98, 0.94 and 0.97, respectively, thereby outperforming any existing models while successfully overcoming the existing overfitting problem for class imbalance.
    Matched MeSH terms: Computer Security
  16. Indirect effect of management support on users' compliance behaviour towards information security policies
    Humaidi N, Balakrishnan V
    Health Inf Manag, 2018 Jan;47(1):17-27.
    PMID: 28537207 DOI: 10.1177/1833358317700255
    BACKGROUND: Health information systems are innovative products designed to improve the delivery of effective healthcare, but they are also vulnerable to breaches of information security, including unauthorised access, use, disclosure, disruption, modification or destruction, and duplication of passwords. Greater openness and multi-connectedness between heterogeneous stakeholders within health networks increase the security risk.

    OBJECTIVE: The focus of this research was on the indirect effects of management support (MS) on user compliance behaviour (UCB) towards information security policies (ISPs) among health professionals in selected Malaysian public hospitals. The aim was to identify significant factors and provide a clearer understanding of the nature of compliance behaviour in the health sector environment.

    METHOD: Using a survey design and stratified random sampling method, self-administered questionnaires were distributed to 454 healthcare professionals in three hospitals. Drawing on theories of planned behaviour, perceived behavioural control (self-efficacy (SE) and MS components) and the trust factor, an information system security policies compliance model was developed to test three related constructs (MS, SE and perceived trust (PT)) and their relationship to UCB towards ISPs.

    RESULTS: Results showed a 52.8% variation in UCB through significant factors. Partial least squares structural equation modelling demonstrated that all factors were significant and that MS had an indirect effect on UCB through both PT and SE among respondents to this study.

    CONCLUSION: The research model based on the theory of planned behaviour in combination with other human and organisational factors has made a useful contribution towards explaining compliance behaviour in relation to organisational ISPs, with trust being the most significant factor. In adopting a multidimensional approach to management-user interactions via multidisciplinary concepts and theories to evaluate the association between the integrated management-user values and the nature of compliance towards ISPs among selected health professionals, this study has made a unique contribution to the literature.

    Matched MeSH terms: Computer Security*
  17. Fulltext Robust multiple frequency multiple power localization schemes in the presence of multiple jamming attacks
    Hussein AA, Leow CY, Rahman TA
    PLoS One, 2017;12(5):e0177326.
    PMID: 28493977 DOI: 10.1371/journal.pone.0177326
    Localization of the wireless sensor network is a vital area acquiring an impressive research concern and called upon to expand more with the rising of its applications. As localization is gaining prominence in wireless sensor network, it is vulnerable to jamming attacks. Jamming attacks disrupt communication opportunity among the sender and receiver and deeply impact the localization process, leading to a huge error of the estimated sensor node position. Therefore, detection and elimination of jamming influence are absolutely indispensable. Range-based techniques especially Received Signal Strength (RSS) is facing severe impact of these attacks. This paper proposes algorithms based on Combination Multiple Frequency Multiple Power Localization (C-MFMPL) and Step Function Multiple Frequency Multiple Power Localization (SF-MFMPL). The algorithms have been tested in the presence of multiple types of jamming attacks including capture and replay, random and constant jammers over a log normal shadow fading propagation model. In order to overcome the impact of random and constant jammers, the proposed method uses two sets of frequencies shared by the implemented anchor nodes to obtain the averaged RSS readings all over the transmitted frequencies successfully. In addition, three stages of filters have been used to cope with the replayed beacons caused by the capture and replay jammers. In this paper the localization performance of the proposed algorithms for the ideal case which is defined by without the existence of the jamming attack are compared with the case of jamming attacks. The main contribution of this paper is to achieve robust localization performance in the presence of multiple jamming attacks under log normal shadow fading environment with a different simulation conditions and scenarios.
    Matched MeSH terms: Computer Security*
  18. A Systematic Review for Enabling of Develop a Blockchain Technology in Healthcare Application: Taxonomy, Substantially Analysis, Motivations, Challenges, Recommendations and Future Direction
    Hussien HM, Yasin SM, Udzir SNI, Zaidan AA, Zaidan BB
    J Med Syst, 2019 Sep 14;43(10):320.
    PMID: 31522262 DOI: 10.1007/s10916-019-1445-8
    Blockchain in healthcare applications requires robust security and privacy mechanism for high-level authentication, interoperability and medical records sharing to comply with the strict legal requirements of the Health Insurance Portability and Accountability Act of 1996. Blockchain technology in the healthcare industry has received considerable research attention in recent years. This study conducts a review to substantially analyse and map the research landscape of current technologies, mainly the use of blockchain in healthcare applications, into a coherent taxonomy. The present study systematically searches all relevant research articles on blockchain in healthcare applications in three accessible databases, namely, ScienceDirect, IEEE and Web of Science, by using the defined keywords 'blockchain', 'healthcare' and 'electronic health records' and their variations. The final set of collected articles related to the use of blockchain in healthcare application is divided into three categories. The first category includes articles (i.e. 43/58 scientific articles) that attempted to develop and design healthcare applications integrating blockchain, particularly those on new architecture, system designs, framework, scheme, model, platform, approach, protocol and algorithm. The second category includes studies (i.e., 6/58 scientific articles) that attempted to evaluate and analyse the adoption of blockchain in the healthcare system. Finally, the third category comprises review and survey articles (i.e., 6/58 scientific articles) related to the integration of blockchain into healthcare applications. The final articles for review are discussed on the basis of five aspects: (1) year of publication, (2) nationality of authors, (3) publishing house or journal, (4) purpose of using blockchain in health applications and the corresponding contributions and (5) problem types and proposed solutions. Additionally, this study provides identified motivations, open challenges and recommendations on the use of blockchain in healthcare applications. The current research contributes to the literature by providing a detailed review of feasible alternatives and identifying the research gaps. Accordingly, researchers and developers are provided with appealing opportunities to further develop decentralised healthcare applications through a comprehensive discussion of about the importance of blockchain and its integration into various healthcare applications.
    Matched MeSH terms: Computer Security/standards*
  19. Fulltext Blockchain-Based Access Control Scheme for Secure Shared Personal Health Records over Decentralised Storage
    Hussien HM, Yasin SM, Udzir NI, Ninggal MIH
    Sensors (Basel), 2021 Apr 02;21(7).
    PMID: 33918266 DOI: 10.3390/s21072462
    Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie-Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.
    Matched MeSH terms: Computer Security
  20. Fulltext Online handwritten signature verification using neural network classifier based on principal component analysis
    Iranmanesh V, Ahmad SM, Adnan WA, Yussof S, Arigbabu OA, Malallah FL
    ScientificWorldJournal, 2014;2014:381469.
    PMID: 25133227 DOI: 10.1155/2014/381469
    One of the main difficulties in designing online signature verification (OSV) system is to find the most distinctive features with high discriminating capabilities for the verification, particularly, with regard to the high variability which is inherent in genuine handwritten signatures, coupled with the possibility of skilled forgeries having close resemblance to the original counterparts. In this paper, we proposed a systematic approach to online signature verification through the use of multilayer perceptron (MLP) on a subset of principal component analysis (PCA) features. The proposed approach illustrates a feature selection technique on the usually discarded information from PCA computation, which can be significant in attaining reduced error rates. The experiment is performed using 4000 signature samples from SIGMA database, which yielded a false acceptance rate (FAR) of 7.4% and a false rejection rate (FRR) of 6.4%.
    Matched MeSH terms: Computer Security*
Related Terms
Filters
Contact Us

Please provide feedback to Administrator (afdal@afpm.org.my)

External Links