Displaying publications 41 - 60 of 88 in total

Abstract:
Sort:
  1. Fulltext Seluge++: a secure over-the-air programming scheme in wireless sensor networks
    Doroodgar F, Abdur Razzaque M, Isnin IF
    Sensors (Basel), 2014;14(3):5004-40.
    PMID: 24618781 DOI: 10.3390/s140305004
    Over-the-air dissemination of code updates in wireless sensor networks have been researchers' point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN) nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare). Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge.
    Matched MeSH terms: Computer Security
  2. Maintaining Security and Privacy in Health Care System Using Learning Based Deep-Q-Networks
    Mohamed Shakeel P, Baskar S, Sarma Dhulipala VR, Mishra S, Jaber MM
    J Med Syst, 2018 Aug 31;42(10):186.
    PMID: 30171378 DOI: 10.1007/s10916-018-1045-z
    In the recent past, Internet of Things (IoT) plays a significant role in different applications such as health care, industrial sector, defense and research etc.… It provides effective framework in maintaining the security, privacy and reliability of the information in internet environment. Among various applications as mentioned health care place a major role, because security, privacy and reliability of the medical information is maintained in an effective way. Even though, IoT provides the effective protocols for maintaining the information, several intermediate attacks and intruders trying to access the health information which in turn reduce the privacy, security and reliability of the entire health care system in internet environment. As a result and to solve the issues, in this research Learning based Deep-Q-Networks has been introduced for reducing the malware attacks while managing the health information. This method examines the medical information in different layers according to the Q-learning concept which helps to minimize the intermediate attacks with less complexity. The efficiency of the system has been evaluated with the help of experimental results and discussions.
    Matched MeSH terms: Computer Security*
  3. Fulltext Android Botnets: a serious threat to android devices
    Shahid Anwar, Mohamad Fadli Zolkipli, Julius Odili, Mushtaq Ali, Zakira Inayat, Jasni Mohamad Zain
    Pertanika Journal of Science & Technology, 2018;26(1):37-70.
    MyJurnal
    Android devices have gained a lot of attention in the last few decades due to several reasons including ease of use, effectiveness, availability and games, among others. To take advantage of Android devices, mobile users have begun installing an increasingly substantial number of Android applications on their devices. Rapid growth in many Android devices and applications has led to security and privacy issues. It has, for instance, opened the way for malicious applications to be installed on the Android devices while downloading different applications for different purposes. This has caused malicious applications to execute illegal operations on the devices that result in malfunction outputs. Android botnets are one of these malfunctions. This paper presents Android botnets in various aspects including their security, architecture, infection vectors and techniques. This paper also evaluates Android botnets by categorising them according to behaviour. Furthermore, it investigates the Android botnets with respect to Android device threats. Finally, we investigate different Android botnet detection techniques in depth with respect to the existing solutions deployed to mitigate Android botnets.
    Matched MeSH terms: Computer Security
  4. Fulltext A New Random Walk for Replica Detection in WSNs
    Aalsalem MY, Khan WZ, Saad NM, Hossain MS, Atiquzzaman M, Khan MK
    PLoS One, 2016;11(7):e0158072.
    PMID: 27409082 DOI: 10.1371/journal.pone.0158072
    Wireless Sensor Networks (WSNs) are vulnerable to Node Replication attacks or Clone attacks. Among all the existing clone detection protocols in WSNs, RAWL shows the most promising results by employing Simple Random Walk (SRW). More recently, RAND outperforms RAWL by incorporating Network Division with SRW. Both RAND and RAWL have used SRW for random selection of witness nodes which is problematic because of frequently revisiting the previously passed nodes that leads to longer delays, high expenditures of energy with lower probability that witness nodes intersect. To circumvent this problem, we propose to employ a new kind of constrained random walk, namely Single Stage Memory Random Walk and present a distributed technique called SSRWND (Single Stage Memory Random Walk with Network Division). In SSRWND, single stage memory random walk is combined with network division aiming to decrease the communication and memory costs while keeping the detection probability higher. Through intensive simulations it is verified that SSRWND guarantees higher witness node security with moderate communication and memory overheads. SSRWND is expedient for security oriented application fields of WSNs like military and medical.
    Matched MeSH terms: Computer Security*
  5. Fulltext Authentication and data hiding using a hybrid ROI-based watermarking scheme for DICOM images
    Al-Qershi OM, Khoo BE
    J Digit Imaging, 2011 Feb;24(1):114-25.
    PMID: 19937363 DOI: 10.1007/s10278-009-9253-1
    Authenticating medical images using watermarking techniques has become a very popular area of research, and some works in this area have been reported worldwide recently. Besides authentication, many data-hiding techniques have been proposed to conceal patient's data into medical images aiming to reduce the cost needed to store data and the time needed to transmit data when required. In this paper, we present a new hybrid watermarking scheme for DICOM images. In our scheme, two well-known techniques are combined to gain the advantages of both and fulfill the requirements of authentication and data hiding. The scheme divides the images into two parts, the region of interest (ROI) and the region of non-interest (RONI). Patient's data are embedded into ROI using a reversible technique based on difference expansion, while tamper detection and recovery data are embedded into RONI using a robust technique based on discrete wavelet transform. The experimental results show the ability of hiding patient's data with a very good visual quality, while ROI, the most important area for diagnosis, is retrieved exactly at the receiver side. The scheme also shows some robustness against certain levels of salt and pepper and cropping noise.
    Matched MeSH terms: Computer Security*
  6. Fulltext Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks"
    Alizadeh M, Zamani M, Baharun S, Abdul Manaf A, Sakurai K, Anada H, et al.
    PLoS One, 2015;10(11):e0142716.
    PMID: 26580963 DOI: 10.1371/journal.pone.0142716
    Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.
    Matched MeSH terms: Computer Security*
  7. Fulltext An Improved Vulnerability Exploitation Prediction Model with Novel Cost Function and Custom Trained Word Vector Embedding
    Hoque MS, Jamil N, Amin N, Lam KY
    Sensors (Basel), 2021 Jun 20;21(12).
    PMID: 34202977 DOI: 10.3390/s21124220
    Successful cyber-attacks are caused by the exploitation of some vulnerabilities in the software and/or hardware that exist in systems deployed in premises or the cloud. Although hundreds of vulnerabilities are discovered every year, only a small fraction of them actually become exploited, thereby there exists a severe class imbalance between the number of exploited and non-exploited vulnerabilities. The open source national vulnerability database, the largest repository to index and maintain all known vulnerabilities, assigns a unique identifier to each vulnerability. Each registered vulnerability also gets a severity score based on the impact it might inflict upon if compromised. Recent research works showed that the cvss score is not the only factor to select a vulnerability for exploitation, and other attributes in the national vulnerability database can be effectively utilized as predictive feature to predict the most exploitable vulnerabilities. Since cybersecurity management is highly resource savvy, organizations such as cloud systems will benefit when the most likely exploitable vulnerabilities that exist in their system software or hardware can be predicted with as much accuracy and reliability as possible, to best utilize the available resources to fix those first. Various existing research works have developed vulnerability exploitation prediction models by addressing the existing class imbalance based on algorithmic and artificial data resampling techniques but still suffer greatly from the overfitting problem to the major class rendering them practically unreliable. In this research, we have designed a novel cost function feature to address the existing class imbalance. We also have utilized the available large text corpus in the extracted dataset to develop a custom-trained word vector that can better capture the context of the local text data for utilization as an embedded layer in neural networks. Our developed vulnerability exploitation prediction models powered by a novel cost function and custom-trained word vector have achieved very high overall performance metrics for accuracy, precision, recall, F1-Score and AUC score with values of 0.92, 0.89, 0.98, 0.94 and 0.97, respectively, thereby outperforming any existing models while successfully overcoming the existing overfitting problem for class imbalance.
    Matched MeSH terms: Computer Security
  8. Fulltext Using telemedicine to support care for people with type 2 diabetes mellitus: a qualitative analysis of patients' perspectives
    Lee JY, Chan CKY, Chua SS, Paraidathathu T, Lee KK, Tan CSS, et al.
    BMJ Open, 2019 Oct 22;9(10):e026575.
    PMID: 31640990 DOI: 10.1136/bmjopen-2018-026575
    OBJECTIVE: Telemedicine has been promoted as an economical and effective way to enhance patient care, but its acceptance among patients in low-income and middle-income countries is poorly understood. This study is aimed to explore the experiences and perspectives of people with type 2 diabetes mellitus that used telemedicine to manage their condition.

    DESIGN: In-depth and focus group interviews were conducted with participants who have engaged in telemedicine. Questions included were participants' perception on the programme being used, satisfaction as well as engagement with the telemedicine programme. All interviews and focus groups were audio-recorded and transcribed verbatim. Data were analysed using a thematic approach.

    PARTICIPANTS AND SETTING: People with type 2 diabetes (n=48) who participated in a randomised controlled study which examined the use of telemedicine for diabetes management were recruited from 11 primary care clinics located within the Klang Valley.

    RESULTS: Twelve focus groups and two in-depth interviews were conducted. Four themes emerged from the analysis: (1) generational difference; (2) independence and convenience, (3) sharing of health data and privacy and (4) concerns and challenges. The main obstacles found in patients using the telemedicine systems were related to internet connectivity and difficulties experienced with system interface. Cost was also another significant concern raised by participants. Participants in this study were primarily positive about the benefits of telemedicine, including its ability to provide real-time data and disease monitoring and the reduction in clinic visits.

    CONCLUSION: Despite the potential benefits of telemedicine in the long-term care of diabetes, there are several perceived barriers that may limit the effectiveness of this technology. As such, collaboration between educators, healthcare providers, telecommunication service providers and patients are required to stimulate the adoption and the use of telemedicine.NCT0246680.

    Matched MeSH terms: Computer Security
  9. A variable dimensional chaotic map-based medical image encryption algorithm with multi-mode
    Zhang B, Rahmatullah B, Wang SL, Almutairi HM, Xiao Y, Liu X, et al.
    Med Biol Eng Comput, 2023 Nov;61(11):2971-3002.
    PMID: 37542682 DOI: 10.1007/s11517-023-02874-3
    Since the COVID-19 pandemic, telemedicine or non-face-to-face medicine has increased significantly. In practice, various types of medical images are essential to achieve effective telemedicine. Medical image encryption algorithms play an irreplaceable role in the fast and secure transmission and storage of these medical images. However, most of the existing medical image encryption algorithms are full encryption algorithms, which are inefficient and time-consuming, so they are not suitable for emergency medical scenarios. To improve the efficiency of encryption, a small number of works have focused on partial or selective encryption algorithms for medical images, in which different levels of encryption strategies were adopted for different information content regions of medical images. However, these encryption algorithms have inadequate security more or less. In this paper, based on the Logistic map, we designed an improved variable dimension map. Then, an encryption algorithm for medical images was proposed based on it. This algorithm has two modes: (1) full encryption mode and (2) semi-full encryption mode, which can better adapt to different medical scenarios, respectively. In full encryption mode, all pixels of medical images are encrypted by using the confusion-diffusion structure. In semi-full encryption mode, the region of interest of medical images is extracted. The confusion was first adopted to encrypt the region of interest, and then, the diffusion was adopted to encrypt the entire image. In addition, no matter which encryption mode is used, the algorithm provides the function of medical image integrity verification. The proposed algorithm was simulated and analyzed to evaluate its effectiveness. The results show that in semi-full encryption mode, the algorithm has good security performance and lower time consumption; while in full encryption mode, the algorithm has better security performance and is acceptable in time.
    Matched MeSH terms: Computer Security*
  10. Fulltext Online handwritten signature verification using neural network classifier based on principal component analysis
    Iranmanesh V, Ahmad SM, Adnan WA, Yussof S, Arigbabu OA, Malallah FL
    ScientificWorldJournal, 2014;2014:381469.
    PMID: 25133227 DOI: 10.1155/2014/381469
    One of the main difficulties in designing online signature verification (OSV) system is to find the most distinctive features with high discriminating capabilities for the verification, particularly, with regard to the high variability which is inherent in genuine handwritten signatures, coupled with the possibility of skilled forgeries having close resemblance to the original counterparts. In this paper, we proposed a systematic approach to online signature verification through the use of multilayer perceptron (MLP) on a subset of principal component analysis (PCA) features. The proposed approach illustrates a feature selection technique on the usually discarded information from PCA computation, which can be significant in attaining reduced error rates. The experiment is performed using 4000 signature samples from SIGMA database, which yielded a false acceptance rate (FAR) of 7.4% and a false rejection rate (FRR) of 6.4%.
    Matched MeSH terms: Computer Security*
  11. Fulltext COVID-19 Vehicle Based on an Efficient Mutual Authentication Scheme for 5G-Enabled Vehicular Fog Computing
    Al-Shareeda MA, Manickam S
    Int J Environ Res Public Health, 2022 Nov 24;19(23).
    PMID: 36497709 DOI: 10.3390/ijerph192315618
    The COVID-19 pandemic is currently having disastrous effects on every part of human life everywhere in the world. There have been terrible losses for the entire human race in all nations and areas. It is crucial to take good precautions and prevent COVID-19 because of its high infectiousness and fatality rate. One of the key spreading routes has been identified to be transportation systems. Therefore, improving infection tracking and healthcare monitoring for high-mobility transportation systems is impractical for pandemic control. In order to enhance driving enjoyment and road safety, 5G-enabled vehicular fog computing may gather and interpret pertinent vehicle data, which open the door to non-contact autonomous healthcare monitoring. Due to the urgent need to contain the automotive pandemic, this paper proposes a COVID-19 vehicle based on an efficient mutual authentication scheme for 5G-enabled vehicular fog computing. The proposed scheme consists of two different aspects of the special flag, SF = 0 and SF = 1, denoting normal and COVID-19 vehicles, respectively. The proposed scheme satisfies privacy and security requirements as well as achieves COVID-19 and healthcare solutions. Finally, the performance evaluation section shows that the proposed scheme is more efficient in terms of communication and computation costs as compared to most recent related works.
    Matched MeSH terms: Computer Security*
  12. Fulltext L-CPPA: Lattice-based conditional privacy-preserving authentication scheme for fog computing with 5G-enabled vehicular system
    Almazroi AA, Alqarni MA, Al-Shareeda MA, Manickam S
    PLoS One, 2023;18(10):e0292690.
    PMID: 37889892 DOI: 10.1371/journal.pone.0292690
    The role that vehicular fog computing based on the Fifth Generation (5G) can play in improving traffic management and motorist safety is growing quickly. The use of wireless technology within a vehicle raises issues of confidentiality and safety. Such concerns are optimal targets for conditional privacy-preserving authentication (CPPA) methods. However, current CPPA-based systems face a challenge when subjected to attacks from quantum computers. Because of the need for security and anti-piracy features in fog computing when using a 5G-enabled vehicle system, the L-CPPA scheme is proposed in this article. Using a fog server, secret keys are generated and transmitted to each registered car via a 5G-Base Station (5G-BS) in the proposed L-CPPA system. In the proposed L-CPPA method, the trusted authority, rather than the vehicle's Onboard Unit (OBU), stores the vehicle's master secret data to each fog server. Finally, the computation cost of the suggested L-CPPA system regards message signing, single verification and batch verification is 694.161 ms, 60.118 ms, and 1348.218 ms, respectively. Meanwhile, the communication cost is 7757 bytes.
    Matched MeSH terms: Computer Security
  13. Fulltext ECA-VFog: An efficient certificateless authentication scheme for 5G-assisted vehicular fog computing
    Almazroi AA, Aldhahri EA, Al-Shareeda MA, Manickam S
    PLoS One, 2023;18(6):e0287291.
    PMID: 37352258 DOI: 10.1371/journal.pone.0287291
    Fifth-generation (5G)-enabled vehicular fog computing technologies have always been at the forefront of innovation because they support smart transport like the sharing of traffic data and cooperative processing in the urban fabric. Nevertheless, the most important factors limiting progress are concerns over message protection and safety. To cope with these challenges, several scholars have proposed certificateless authentication schemes with pseudonyms and traceability. These schemes avoid complicated management of certificate and escrow of key in the public key infrastructure-based approaches in the identity-based approaches, respectively. Nevertheless, problems such as high communication costs, security holes, and computational complexity still exist. Therefore, this paper proposes an efficient certificateless authentication called the ECA-VFog scheme for fog computing with 5G-assisted vehicular systems. The proposed ECA-VFog scheme applied efficient operations based on elliptic curve cryptography that is supported by a fog server through a 5G-base station. This work conducts a safety analysis of the security designs to analysis the viability and value of the proposed ECA-VFog scheme. In the performance ovulation section, the computation costs for signing and verification process are 2.3539 ms and 1.5752 ms, respectively. While, the communication costs and energy consumption overhead of the ECA-VFog are 124 bytes and 25.610432 mJ, respectively. Moreover, comparing the ECA-VFog scheme to other existing schemes, the performance estimation reveals that it is more cost-effective with regard to computation cost, communication cost, and energy consumption.
    Matched MeSH terms: Computer Security*
  14. Fulltext Cloud Security Pre-assessment Model For Cloud Service Provider Based On ISO/IEC 27017:2015 Additional Control
    Nur Ahada Kamaruddin, Ibrahim Mohamed, Ahmad Dahari Jarno, Maslina Daud
    International Journal of Innovation and Industrial Revolution, 2020;2(5):1-17.
    MyJurnal
    Cloud computing technology has succeeded in attracting the interest of both academics and industries because of its ability to provide flexible, cost-effective, and adaptable services in IT solution deployment. The services offered to Cloud Service Subscriber (CSS) are based on the concept of on-demand self-service, scalability, and rapid elasticity, which allows fast deployment of IT solutions, whilst leads to possible misconfiguration, un-patched system, etc. which, allows security threats to compromise the cloud services operations. From the viewpoint of Cloud Service Provider (CSP), incidents such as data loss and information breach, will tarnish their reputations, whilst allow them to conserve the issues internally, in which there is no transparency between CSP and CSS. In the aspects of information security, CSP is encouraged to practice cybersecurity in their cloud services by adopting ISO/IEC27017:2015 inclusive of all additional security controls as mandatory requirements. This study was conducted to identify factors that are influencing the CSP readiness level in the cybersecurity implementation of their cloud services by leveraging the developed pre-assessment model to determine the level of cloud security readiness. Approached the study is based on the combination of qualitative and quantitative assessment method in validating the proposed model through interview and prototype testing. The findings of this study had shown that factors that influence the CSP level of cloud security readiness are based on these domains; technology, organisation, policy, stakeholders, culture, knowledge, and environment. The contribution of the study as a Pre-Assessment Model for CSP which is suitable to be used as a guideline to provide a safer cloud computing environment.
    Matched MeSH terms: Computer Security
  15. Fulltext Blockchain-Powered Healthcare Systems: Enhancing Scalability and Security with Hybrid Deep Learning
    Ali A, Ali H, Saeed A, Ahmed Khan A, Tin TT, Assam M, et al.
    Sensors (Basel), 2023 Sep 07;23(18).
    PMID: 37765797 DOI: 10.3390/s23187740
    The rapid advancements in technology have paved the way for innovative solutions in the healthcare domain, aiming to improve scalability and security while enhancing patient care. This abstract introduces a cutting-edge approach, leveraging blockchain technology and hybrid deep learning techniques to revolutionize healthcare systems. Blockchain technology provides a decentralized and transparent framework, enabling secure data storage, sharing, and access control. By integrating blockchain into healthcare systems, data integrity, privacy, and interoperability can be ensured while eliminating the reliance on centralized authorities. In conjunction with blockchain, hybrid deep learning techniques offer powerful capabilities for data analysis and decision making in healthcare. Combining the strengths of deep learning algorithms with traditional machine learning approaches, hybrid deep learning enables accurate and efficient processing of complex healthcare data, including medical records, images, and sensor data. This research proposes a permissions-based blockchain framework for scalable and secure healthcare systems, integrating hybrid deep learning models. The framework ensures that only authorized entities can access and modify sensitive health information, preserving patient privacy while facilitating seamless data sharing and collaboration among healthcare providers. Additionally, the hybrid deep learning models enable real-time analysis of large-scale healthcare data, facilitating timely diagnosis, treatment recommendations, and disease prediction. The integration of blockchain and hybrid deep learning presents numerous benefits, including enhanced scalability, improved security, interoperability, and informed decision making in healthcare systems. However, challenges such as computational complexity, regulatory compliance, and ethical considerations need to be addressed for successful implementation. By harnessing the potential of blockchain and hybrid deep learning, healthcare systems can overcome traditional limitations, promoting efficient and secure data management, personalized patient care, and advancements in medical research. The proposed framework lays the foundation for a future healthcare ecosystem that prioritizes scalability, security, and improved patient outcomes.
    Matched MeSH terms: Computer Security
  16. Smart Home-based IoT for Real-time and Secure Remote Health Monitoring of Triage and Priority System using Body Sensors: Multi-driven Systematic Review
    Talal M, Zaidan AA, Zaidan BB, Albahri AS, Alamoodi AH, Albahri OS, et al.
    J Med Syst, 2019 Jan 15;43(3):42.
    PMID: 30648217 DOI: 10.1007/s10916-019-1158-z
    The Internet of Things (IoT) has been identified in various applications across different domains, such as in the healthcare sector. IoT has also been recognised for its revolution in reshaping modern healthcare with aspiring wide range prospects, including economical, technological and social. This study aims to establish IoT-based smart home security solutions for real-time health monitoring technologies in telemedicine architecture. A multilayer taxonomy is driven and conducted in this study. In the first layer, a comprehensive analysis on telemedicine, which focuses on the client and server sides, shows that other studies associated with IoT-based smart home applications have several limitations that remain unaddressed. Particularly, remote patient monitoring in healthcare applications presents various facilities and benefits by adopting IoT-based smart home technologies without compromising the security requirements and potentially large number of risks. An extensive search is conducted to identify articles that handle these issues, related applications are comprehensively reviewed and a coherent taxonomy for these articles is established. A total number of (n = 3064) are gathered between 2007 and 2017 for most reliable databases, such as ScienceDirect, Web of Science and Institute of Electrical and Electronic Engineer Xplore databases. Then, the articles based on IoT studies that are associated with telemedicine applications are filtered. Nine articles are selected and classified into two categories. The first category, which accounts for 22.22% (n = 2/9), includes surveys on telemedicine articles and their applications. The second category, which accounts for 77.78% (n = 7/9), includes articles on the client and server sides of telemedicine architecture. The collected studies reveal the essential requirement in constructing another taxonomy layer and review IoT-based smart home security studies. Therefore, IoT-based smart home security features are introduced and analysed in the second layer. The security of smart home design based on IoT applications is an aspect that represents a crucial matter for general occupants of smart homes, in which studies are required to provide a better solution with patient security, privacy protection and security of users' entities from being stolen or compromised. Innovative technologies have dispersed limitations related to this matter. The existing gaps and trends in this area should be investigated to provide valuable visions for technical environments and researchers. Thus, 67 articles are obtained in the second layer of our taxonomy and are classified into six categories. In the first category, 25.37% (n = 17/67) of the articles focus on architecture design. In the second category, 17.91% (n = 12/67) includes security analysis articles that investigate the research status in the security area of IoT-based smart home applications. In the third category, 10.44% (n = 7/67) includes articles about security schemes. In the fourth category, 17.91% (n = 12/67) comprises security examination. In the fifth category, 13.43% (n = 9/67) analyses security protocols. In the final category, 14.92% (n = 10/67) analyses the security framework. Then, the identified basic characteristics of this emerging field are presented and provided in the following aspects. Open challenges experienced on the development of IoT-based smart home security are addressed to be adopted fully in telemedicine applications. Then, the requirements are provided to increase researcher's interest in this study area. On this basis, a number of recommendations for different parties are described to provide insights on the next steps that should be considered to enhance the security of smart homes based on IoT. A map matching for both taxonomies is developed in this study to determine the novel risks and benefits of IoT-based smart home security for real-time remote health monitoring within client and server sides in telemedicine applications.
    Matched MeSH terms: Computer Security/standards*
  17. Real-Time Remote Health Monitoring Systems Using Body Sensor Information and Finger Vein Biometric Verification: A Multi-Layer Systematic Review
    Mohsin AH, Zaidan AA, Zaidan BB, Albahri AS, Albahri OS, Alsalem MA, et al.
    J Med Syst, 2018 Oct 16;42(12):238.
    PMID: 30327939 DOI: 10.1007/s10916-018-1104-5
    The development of wireless body area sensor networks is imperative for modern telemedicine. However, attackers and cybercriminals are gradually becoming aware in attacking telemedicine systems, and the black market value of protected health information has the highest price nowadays. Security remains a formidable challenge to be resolved. Intelligent home environments make up one of the major application areas of pervasive computing. Security and privacy are the two most important issues in the remote monitoring and control of intelligent home environments for clients and servers in telemedicine architecture. The personal authentication approach that uses the finger vein pattern is a newly investigated biometric technique. This type of biometric has many advantages over other types (explained in detail later on) and is suitable for different human categories and ages. This study aims to establish a secure verification method for real-time monitoring systems to be used for the authentication of patients and other members who are working in telemedicine systems. The process begins with the sensor based on Tiers 1 and 2 (client side) in the telemedicine architecture and ends with patient verification in Tier 3 (server side) via finger vein biometric technology to ensure patient security on both sides. Multilayer taxonomy is conducted in this research to attain the study's goal. In the first layer, real-time remote monitoring studies based on the sensor technology used in telemedicine applications are reviewed and analysed to provide researchers a clear vision of security and privacy based on sensors in telemedicine. An extensive search is conducted to identify articles that deal with security and privacy issues, related applications are reviewed comprehensively and a coherent taxonomy of these articles is established. ScienceDirect, IEEE Xplore and Web of Science databases are checked for articles on mHealth in telemedicine based on sensors. A total of 3064 papers are collected from 2007 to 2017. The retrieved articles are filtered according to the security and privacy of telemedicine applications based on sensors. Nineteen articles are selected and classified into two categories. The first category, which accounts for 57.89% (n = 11/19), includes surveys on telemedicine articles and their applications. The second category, accounting for 42.1% (n = 8/19), includes articles on the three-tiered architecture of telemedicine. The collected studies reveal the essential need to construct another taxonomy layer and review studies on finger vein biometric verification systems. This map-matching for both taxonomies is developed for this study to go deeply into the sensor field and determine novel risks and benefits for patient security and privacy on client and server sides in telemedicine applications. In the second layer of our taxonomy, the literature on finger vein biometric verification systems is analysed and reviewed. In this layer, we obtain a final set of 65 articles classified into four categories. In the first category, 80% (n = 52/65) of the articles focus on development and design. In the second category, 12.30% (n = 8/65) includes evaluation and comparative articles. These articles are not intensively included in our literature analysis. In the third category, 4.61% (n = 3/65) includes articles about analytical studies. In the fourth category, 3.07% (n = 2/65) comprises reviews and surveys. This study aims to provide researchers with an up-to-date overview of studies that have been conducted on (user/patient) authentication to enhance the security level in telemedicine or any information system. In the current study, taxonomy is presented by explaining previous studies. Moreover, this review highlights the motivations, challenges and recommendations related to finger vein biometric verification systems and determines the gaps in this research direction (protection of finger vein templates in real time), which represent a new research direction in this area.
    Matched MeSH terms: Computer Security*
  18. The Impact of the Security Competency on "Self-Efficacy in Information Security" for Effective Health Information Security in Iran
    Shahri AB, Ismail Z, Mohanna S
    J Med Syst, 2016 Nov;40(11):241.
    PMID: 27681101
    The security effectiveness based on users' behaviors is becoming a top priority of Health Information System (HIS). In the first step of this study, through the review of previous studies 'Self-efficacy in Information Security' (SEIS) and 'Security Competency' (SCMP) were identified as the important factors to transforming HIS users to the first line of defense in the security. Subsequently, a conceptual model was proposed taking into mentioned factors for HIS security effectiveness. Then, this quantitative study used the structural equation modeling to examine the proposed model based on survey data collected from a sample of 263 HIS users from eight hospitals in Iran. The result shows that SEIS is one of the important factors to cultivate of good end users' behaviors toward HIS security effectiveness. However SCMP appears a feasible alternative to providing SEIS. This study also confirms the mediation effects of SEIS on the relationship between SCMP and HIS security effectiveness. The results of this research paper can be used by HIS and IT managers to implement their information security process more effectively.
    Matched MeSH terms: Computer Security*
  19. Fulltext Can dynamic consent facilitate the protection of biomedical big data in biobanking in Malaysia?
    Abdul Aziz MF, Mohd Yusof AN
    Asian Bioeth Rev, 2019 Jun;11(2):209-222.
    PMID: 33717312 DOI: 10.1007/s41649-019-00086-2
    As with many other countries, Malaysia is also developing and promoting biomedical research to increase the understanding of human diseases and possible interventions. To facilitate this development, there is a significant growth of biobanks in the country to ensure continuous collection of biological samples for future research, which contain extremely important personal information and health data of the participants involved. Given the vast amount of samples and data accumulated by biobanks, they can be considered as reservoirs of precious biomedical big data. It is therefore imperative for biobanks to have in place regulatory measures to ensure ethical use of the biomedical big data. Malaysia has yet to introduce specific legislation for the field of biobanking. However, it can be argued that its existing Personal Data Protection Act 2010 (PDPA) has laid down legal principles that can be enforced to protect biomedical big data generated by the biobanks. Consent is a mechanism to enable data subjects to exercise their autonomy by determining how their data can be used and ensure compliance with legal principles. However, there are two main concerns surrounding the current practice of consent in biomedical big data in Malaysia. First, it is uncertain that the current practice would be able to respect the underlying notion of autonomy, and second, it is not in accordance with the legal principles of the PDPA. Scholars have deliberated on different strategies of informed consent, and a more interactive approach has recently been introduced: dynamic consent. It is argued that a dynamic consent approach would be able to address these concerns.
    Matched MeSH terms: Computer Security
  20. A security framework for nationwide health information exchange based on telehealth strategy
    Zaidan BB, Haiqi A, Zaidan AA, Abdulnabi M, Kiah ML, Muzamel H
    J Med Syst, 2015 May;39(5):51.
    PMID: 25732083 DOI: 10.1007/s10916-015-0235-1
    This study focuses on the situation of health information exchange (HIE) in the context of a nationwide network. It aims to create a security framework that can be implemented to ensure the safe transmission of health information across the boundaries of care providers in Malaysia and other countries. First, a critique of the major elements of nationwide health information networks is presented from the perspective of security, along with such topics as the importance of HIE, issues, and main approaches. Second, a systematic evaluation is conducted on the security solutions that can be utilized in the proposed nationwide network. Finally, a secure framework for health information transmission is proposed within a central cloud-based model, which is compatible with the Malaysian telehealth strategy. The outcome of this analysis indicates that a complete security framework for a global structure of HIE is yet to be defined and implemented. Our proposed framework represents such an endeavor and suggests specific techniques to achieve this goal.
    Matched MeSH terms: Computer Security
Related Terms
Filters
Contact Us

Please provide feedback to Administrator (afdal@afpm.org.my)

External Links