Fifth-generation (5G)-enabled vehicular fog computing technologies have always been at the forefront of innovation because they support smart transport like the sharing of traffic data and cooperative processing in the urban fabric. Nevertheless, the most important factors limiting progress are concerns over message protection and safety. To cope with these challenges, several scholars have proposed certificateless authentication schemes with pseudonyms and traceability. These schemes avoid complicated management of certificate and escrow of key in the public key infrastructure-based approaches in the identity-based approaches, respectively. Nevertheless, problems such as high communication costs, security holes, and computational complexity still exist. Therefore, this paper proposes an efficient certificateless authentication called the ECA-VFog scheme for fog computing with 5G-assisted vehicular systems. The proposed ECA-VFog scheme applied efficient operations based on elliptic curve cryptography that is supported by a fog server through a 5G-base station. This work conducts a safety analysis of the security designs to analysis the viability and value of the proposed ECA-VFog scheme. In the performance ovulation section, the computation costs for signing and verification process are 2.3539 ms and 1.5752 ms, respectively. While, the communication costs and energy consumption overhead of the ECA-VFog are 124 bytes and 25.610432 mJ, respectively. Moreover, comparing the ECA-VFog scheme to other existing schemes, the performance estimation reveals that it is more cost-effective with regard to computation cost, communication cost, and energy consumption.
With today's highly competitive market in the healthcare industry, Radio Frequency Identification (RFID) is a technology that can be applied by hospitals to improve operational efficiency and to gain a competitive advantage over their competitors. The purpose of this study is to investigate the factors that may effect RFID adoption in Malaysia's healthcare industry. In addition, the moderating role of occupational level was tested. Data was collected from 223 managers as well as healthcare and supporting staffs. This data was analyzed using the partial least squares technique. The results show that perceived ease of use and usefulness, government policy, top management support, and security and privacy concerns have an effect on the intent to adopt RFID in hospitals. There is a wide gap between managers and healthcare staff in terms of the factors that influence RFID adoption. The results of this study will help decision makers as well as managers in the healthcare industry to better understand the determinants of RFID adoption. Additionally, it will assist in the process of RFID adoption, and therefore, spread the usage of RFID technology in more hospitals.
One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time.
The data presented in this article examine the relationship between the subcomponents of emotional intelligence (emotional perception and expression, emotional facilitation of thinking, emotional understanding and emotional management) and the stages of change (pre-contemplation, contemplation, action and maintenance). The final data were obtained from 429 Malaysian inmates (374 male and 55 female) recruited from eight Malaysian prisons in four different zones. The two instruments used were the Self-Rated Malaysian Emotional Intelligence Scale (SRMEIS) and the University Rhodes Island Change Assessment Scale (URICA). Both instruments underwent expert validation through construct and test-retest validity. The researcher randomly distributed a total of 550 questionnaires, of which 429 were accepted and 121 were rejected due to missing data and outliers, resulting in 78% of participants providing data that could be used in the analyses. All participants were informed of the confidentiality of their data, and their participation was voluntary. SPSS and Excel files are provided as supplementary material.
This survey set out to describe patient registries available in the country, to determine their security features, data confidentiality, extent of outputs produced and data quality of the registries.
The duty of confidentiality in the normal doctor-patient relationship is well recognized. However, the duty of confidentiality between the pathologist who performs the autopsy and the requesting authorities and the next-of-kin is not as clearly spelt out. This article discusses the problems faced by the pathologist with regards to hospital and medico-legal autopsies in Malaysia. A proposed ethical guideline is included on how to deal with peculiar issues regarding confidentiality and the pathologist.
Wearable health tech provides doctors with the ability to remotely supervise their patients' wellness. It also makes it much easier to authorize someone else to take appropriate actions to ensure the person's wellness than ever before. Information Technology may soon change the way medicine is practiced, improving the performance, while reducing the price of healthcare. We analyzed the secrecy demands of wearable devices, including Smartphone, smart watch and their computing techniques, that can soon change the way healthcare is provided. However, before this is adopted in practice, all devices must be equipped with sufficient privacy capabilities related to healthcare service. In this paper, we formulated a new improved conceptual framework for wearable healthcare systems. This framework consists of ten principles and nine checklists, capable of providing complete privacy protection package to wearable device owners. We constructed this framework based on the analysis of existing mobile technology, the results of which are combined with the existing security standards. The approach also incorporates the market share percentage level of every app and its respective OS. This framework is evaluated based on the stringent CIA and HIPAA principles for information security. This evaluation is followed by testing the capability to revoke rights of subjects to access objects and ability to determine the set of available permissions for a particular subject for all models Finally, as the last step, we examine the complexity of the required initial setup.
Although Radio Frequency Identification (RFID) is poised to displace barcodes, security vulnerabilities pose serious challenges for global adoption of the RFID technology. Specifically, RFID tags are prone to basic cloning and counterfeiting security attacks. A successful cloning of the RFID tags in many commercial applications can lead to many serious problems such as financial losses, brand damage, safety and health of the public. With many industries such as pharmaceutical and businesses deploying RFID technology with a variety of products, it is important to tackle RFID tag cloning problem and improve the resistance of the RFID systems. To this end, we propose an approach for detecting cloned RFID tags in RFID systems with high detection accuracy and minimal overhead thus overcoming practical challenges in existing approaches. The proposed approach is based on consistency of dual hash collisions and modified count-min sketch vector. We evaluated the proposed approach through extensive experiments and compared it with existing baseline approaches in terms of execution time and detection accuracy under varying RFID tag cloning ratio. The results of the experiments show that the proposed approach outperforms the baseline approaches in cloned RFID tag detection accuracy.
This paper discusses the possibility of promoting public health and implementing educational health services using Facebook. We discuss the challenges and strengths of using such a platform as a tool for public health care systems from two different perspectives, namely, the view of IT developers and that of physicians. We present a new way of evaluating user interactivity in health care systems from tools provided by Facebook that measure statistical traffic in the Internet. Findings show that Facebook is a very promising tool in promoting e-health services in Web 2.0. Results from statistical traffic show that a Facebook page is more efficient than other pages in promoting public health.
Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie-Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.
We describe the findings from a survey assessing the beliefs regarding testing, confidentiality, disclosure, and environment of care and attitudes towards care of people with HIV/AIDS (PLHWA), in 1020, 4th and 5th year medical students, from public and private medical universities in Malaysia. A self-administered validated questionnaire based on the UNAIDS Model Questionnaire with a 5-point Likert scale (5, strongly disagree; 4, disagree; 3, neutral; 2, agree; 1, strongly agree) was used as a survey tool. The survey included demographic data and data on undergraduate training received on HIV/AIDS. Statistical significance in the demographic data and training received by respondents was evaluated using the chi-square test while the independent Student's t-test was used for comparison of means between public and private universities. A P value of <0.05 was considered statistically significant with 95% confidence interval. Our study revealed less than 20% of medical students received adequate training to care for PLHWA. They had prevalent negative beliefs regarding testing, confidentiality, disclosure and environment of care towards PLHWA although in giving care to PLHWA, their attitudes were largely positive and nondiscriminatory.
Study site: 7 public and private universities in Malaysia
Medical ethics issues encountered in rehabilitation medicine differ from those in an acute care setting due to the complex relationships among the parties involved in rehabilitative care. The study examined the attitudes of Malaysian rehabilitation doctors toward medical ethics issues commonly encountered during patient care.
Cloud computing (CC) is a magnificent service-based delivery with gigantic computer processing power and data storage across connected communications channels. It imparted overwhelming technological impetus in the internet (web) mediated IT industry, where users can easily share private data for further analysis and mining. Furthermore, user affable CC services enable to deploy sundry applications economically. Meanwhile, simple data sharing impelled various phishing attacks and malware assisted security threats. Some privacy sensitive applications like health services on cloud that are built with several economic and operational benefits necessitate enhanced security. Thus, absolute cyberspace security and mitigation against phishing blitz became mandatory to protect overall data privacy. Typically, diverse applications datasets are anonymized with better privacy to owners without providing all secrecy requirements to the newly added records. Some proposed techniques emphasized this issue by re-anonymizing the datasets from the scratch. The utmost privacy protection over incremental datasets on CC is far from being achieved. Certainly, the distribution of huge datasets volume across multiple storage nodes limits the privacy preservation. In this view, we propose a new anonymization technique to attain better privacy protection with high data utility over distributed and incremental datasets on CC. The proficiency of data privacy preservation and improved confidentiality requirements is demonstrated through performance evaluation.
This study aims to provide security solutions for implementing electronic medical records (EMRs). E-Health organizations could utilize the proposed method and implement recommended solutions in medical/health systems. Majority of the required security features of EMRs were noted. The methods used were tested against each of these security features. In implementing the system, the combination that satisfied all of the security features of EMRs was selected. Secure implementation and management of EMRs facilitate the safeguarding of the confidentiality, integrity, and availability of e-health organization systems. Health practitioners, patients, and visitors can use the information system facilities safely and with confidence anytime and anywhere. After critically reviewing security and data transmission methods, a new hybrid method was proposed to be implemented on EMR systems. This method will enhance the robustness, security, and integration of EMR systems. The hybrid of simple object access protocol/extensible markup language (XML) with advanced encryption standard and secure hash algorithm version 1 has achieved the security requirements of an EMR system with the capability of integrating with other systems through the design of XML messages.
A qualitative research was carried out in Besut and Kuala Terengganu to identyy adolescents’ health problems and needs jiom adolescent perspective, and to establish a priority area in the development of Adolescent Health Clinic in the district. A total of 61 adolescents were selected and divided into four groups and stratified according to age, 13-15 years old and 16 - 17 years old. Generally all participants wished to live in an environment free hom negative health risk factors. The obstacles they perceived were mainly related to lack of care or too much control by their parents. Some of them perceived that their parents in general had inadequate knowledge and skills on parenting. Among local behavioural problems mentioned were loafing, running away from home, vandalism, school absenteeism, aggressive behaviour, substance abuse, pre-marital sexual activities, "bohsia", “bohjan" and even involvement in crimes. More than hah' agreed that counselling service is important for adolescents, and it should be made available in the community preferably outside the schools. They perceived an adolescent friendly health clinic concept as an important concept that should be introduced. To them adolescent friendly health clinic is a clinic run by professionals who are knowledgeable, caring, good listeners, non—judgemental, and who exercise confidentiality. The clinic preferably should be situated in a location which is away from the present health facilities to avoid the image of a place for sick people. Clinic hours preferably during weekends, should provide appropriate technologies and situated in a comfortable ambience. Adolescent participation in the clinic was also mentioned as an important entity for adolescent friendly health services.
This study presents a systematic literature review of access control for electronic health record systems to protect patient's privacy. Articles from 2006 to 2016 were extracted from the ACM Digital Library, IEEE Xplore Digital Library, Science Direct, MEDLINE, and MetaPress using broad eligibility criteria, and chosen for inclusion based on analysis of ISO22600. Cryptographic standards and methods were left outside the scope of this review. Three broad classes of models are being actively investigated and developed: access control for electronic health records, access control for interoperability, and access control for risk analysis. Traditional role-based access control models are extended with spatial, temporal, probabilistic, dynamic, and semantic aspects to capture contextual information and provide granular access control. Maintenance of audit trails and facilities for overriding normal roles to allow full access in emergency cases are common features. Access privilege frameworks utilizing ontology-based knowledge representation for defining the rules have attracted considerable interest, due to the higher level of abstraction that makes it possible to model domain knowledge and validate access requests efficiently.
Background: Without any doubt, the combo of user ID and password are the most used authentication method in the computing and internet environment. However, due to the enormous number of accounts that require password authentication, users tend to develop bad habits in their password practices which in turn will put their account security at risk. With the increasing use of computing in health-care settings and the use of EMR in hospitals, such practices are a cause for concern.
Methods: This is a cross-sectional study using self-administered questionnaires, investigating the practice of the respondents in keeping their passwords secure. Respondents in this survey are the undergraduate students of Faculty of Medicine, Universiti Kebangsaan Malaysia.
Results: Among the findings are that 87.4% of the respondents used the same password for more than one account. If a user used the same password for several accounts, it might trigger a domino effect if any of the account passwords were compromised. A total of 98.9% of the respondents memorised their password only in their mind, without writing down the password anywhere. This may lead to using easily guessable passwords which may introduce additional security risk to their accounts. The majority of the respondents (96.6%) never or rarely change their passwords. The study also showed that 82.7% of the respondents used passwords which are 6-8 characters in length. Longer passwords are usually safer but harder to remember. The questionnaire also explored the users’ password combination style, whether they used numbers only or combination of numbers and alphabets or some other pattern. A total of 39.1% used letters only but 27.6% used combination of numbers only which is less secure. About 77% of the respondents used personal information such as their birthday date or a person’s name as part of their password.
Conclusions: This habit may make their password guessable to people who are close to them. In conclusion, most medical students are not practising safe password conduct and they should be educated on this. If not, patients’ data confidentiality may be compromised in the future due to such practices.
Introduction: Continuous quality improvement of system is essential to improve efficiency of working environ- ment. Limited financial allocation in low resource setting results in the vicious circle of having inadequate money to purchase a new system and print paper documents that are required for the operation of clinic. A staff-initiated system improvement with the name of “PRW UMS Staff Portal” was attempted to break-free from the vicious cycle. Methods: An online system covering different aspects of routine clinical work of healthcare workers was created in Dec 2019 and implemented in Feb 2020 using Google SiteTM by the nurses of a local university community clinic, which included: submission of daily reports of nurses and assistant medical officers, submission of reports of all programmes conducted by the clinic, surveillance of health status of working staffs, announcement and request of working roster, archiving of documents, and medication inventory. The system could only be accessed using official working email for general documents while accesses to sensitive documents were restricted to relevant staffs to pro- tect privacy and confidentiality of information. Qualitative interviews were performed with all nursing staff involved. Results: Qualitative feeling of improvement in coordination of workflow was reported by all 23 staffs working in the clinic in view of the easy access of system using smartphone and computer at workstation. It also reduced the need to move away from the working station in order to access, replenish, or submit the printed documents and reports. Significant amount of paper and printing were saved monthly. Conclusions: Despite positive feedback from the staffs, the system requires further improvement in terms of function and security. Further evaluation on cost-efficiency of the system can be done to promote the system to other universities.
This study focuses on the situation of health information exchange (HIE) in the context of a nationwide network. It aims to create a security framework that can be implemented to ensure the safe transmission of health information across the boundaries of care providers in Malaysia and other countries. First, a critique of the major elements of nationwide health information networks is presented from the perspective of security, along with such topics as the importance of HIE, issues, and main approaches. Second, a systematic evaluation is conducted on the security solutions that can be utilized in the proposed nationwide network. Finally, a secure framework for health information transmission is proposed within a central cloud-based model, which is compatible with the Malaysian telehealth strategy. The outcome of this analysis indicates that a complete security framework for a global structure of HIE is yet to be defined and implemented. Our proposed framework represents such an endeavor and suggests specific techniques to achieve this goal.