Displaying publications 1 - 20 of 65 in total

Abstract:
Sort:
  1. Schröder M, Muller SHA, Vradi E, Mielke J, Lim YMF, Couvelard F, et al.
    Big Data, 2023 Dec;11(6):399-407.
    PMID: 37889577 DOI: 10.1089/big.2022.0178
    Sharing individual patient data (IPD) is a simple concept but complex to achieve due to data privacy and data security concerns, underdeveloped guidelines, and legal barriers. Sharing IPD is additionally difficult in big data-driven collaborations such as Bigdata@Heart in the Innovative Medicines Initiative, due to competing interests between diverse consortium members. One project within BigData@Heart, case study 1, needed to pool data from seven heterogeneous data sets: five randomized controlled trials from three different industry partners, and two disease registries. Sharing IPD was not considered feasible due to legal requirements and the sensitive medical nature of these data. In addition, harmonizing the data sets for a federated data analysis was difficult due to capacity constraints and the heterogeneity of the data sets. An alternative option was to share summary statistics through contingency tables. Here it is demonstrated that this method along with anonymization methods to ensure patient anonymity had minimal loss of information. Although sharing IPD should continue to be encouraged and strived for, our approach achieved a good balance between data transparency while protecting patient privacy. It also allowed a successful collaboration between industry and academia.
    Matched MeSH terms: Confidentiality*
  2. Kumar V, Kumar S, AlShboul R, Aggarwal G, Kaiwartya O, Khasawneh AM, et al.
    Sensors (Basel), 2021 Jun 08;21(12).
    PMID: 34201100 DOI: 10.3390/s21123948
    Recently, green computing has received significant attention for Internet of Things (IoT) environments due to the growing computing demands under tiny sensor enabled smart services. The related literature on green computing majorly focuses on a cover set approach that works efficiently for target coverage, but it is not applicable in case of area coverage. In this paper, we present a new variant of a cover set approach called a grouping and sponsoring aware IoT framework (GS-IoT) that is suitable for area coverage. We achieve non-overlapping coverage for an entire sensing region employing sectorial sensing. Non-overlapping coverage not only guarantees a sufficiently good coverage in case of large number of sensors deployed randomly, but also maximizes the life span of the whole network with appropriate scheduling of sensors. A deployment model for distribution of sensors is developed to ensure a minimum threshold density of sensors in the sensing region. In particular, a fast converging grouping (FCG) algorithm is developed to group sensors in order to ensure minimal overlapping. A sponsoring aware sectorial coverage (SSC) algorithm is developed to set off redundant sensors and to balance the overall network energy consumption. GS-IoT framework effectively combines both the algorithms for smart services. The simulation experimental results attest to the benefit of the proposed framework as compared to the state-of-the-art techniques in terms of various metrics for smart IoT environments including rate of overlapping, response time, coverage, active sensors, and life span of the overall network.
    Matched MeSH terms: Confidentiality
  3. Hilyatihanina Zazali, Wan Ainun Mior Othman
    Sains Malaysiana, 2012;41:907-910.
    In this paper, we presented a new key exchange method based on decomposition problem for elliptic curve cryptography. We showed that our key exchange method was not only an alternative method for designing keys in cryptography, but it also has improved security condition from the previous key exchange based on decomposition problem over noncommutative groups. We proposed elliptic an curve cryptography to be the new platform for our key exchange protocol and showed how it was implemented. The security of our protocol was based on discrete logarithm problem, which was not infeasible and strictly difficult to retrieve in elliptic curve cryptography without any prior knowledge.
    Matched MeSH terms: Confidentiality
  4. Almazroi AA, Aldhahri EA, Al-Shareeda MA, Manickam S
    PLoS One, 2023;18(6):e0287291.
    PMID: 37352258 DOI: 10.1371/journal.pone.0287291
    Fifth-generation (5G)-enabled vehicular fog computing technologies have always been at the forefront of innovation because they support smart transport like the sharing of traffic data and cooperative processing in the urban fabric. Nevertheless, the most important factors limiting progress are concerns over message protection and safety. To cope with these challenges, several scholars have proposed certificateless authentication schemes with pseudonyms and traceability. These schemes avoid complicated management of certificate and escrow of key in the public key infrastructure-based approaches in the identity-based approaches, respectively. Nevertheless, problems such as high communication costs, security holes, and computational complexity still exist. Therefore, this paper proposes an efficient certificateless authentication called the ECA-VFog scheme for fog computing with 5G-assisted vehicular systems. The proposed ECA-VFog scheme applied efficient operations based on elliptic curve cryptography that is supported by a fog server through a 5G-base station. This work conducts a safety analysis of the security designs to analysis the viability and value of the proposed ECA-VFog scheme. In the performance ovulation section, the computation costs for signing and verification process are 2.3539 ms and 1.5752 ms, respectively. While, the communication costs and energy consumption overhead of the ECA-VFog are 124 bytes and 25.610432 mJ, respectively. Moreover, comparing the ECA-VFog scheme to other existing schemes, the performance estimation reveals that it is more cost-effective with regard to computation cost, communication cost, and energy consumption.
    Matched MeSH terms: Confidentiality*
  5. Wolffers I
    Lancet, 1996 Mar 02;347(9001):620.
    PMID: 8596348
    Matched MeSH terms: Confidentiality*
  6. Safavi S, Shukur Z
    PLoS One, 2014;9(12):e114306.
    PMID: 25478915 DOI: 10.1371/journal.pone.0114306
    Wearable health tech provides doctors with the ability to remotely supervise their patients' wellness. It also makes it much easier to authorize someone else to take appropriate actions to ensure the person's wellness than ever before. Information Technology may soon change the way medicine is practiced, improving the performance, while reducing the price of healthcare. We analyzed the secrecy demands of wearable devices, including Smartphone, smart watch and their computing techniques, that can soon change the way healthcare is provided. However, before this is adopted in practice, all devices must be equipped with sufficient privacy capabilities related to healthcare service. In this paper, we formulated a new improved conceptual framework for wearable healthcare systems. This framework consists of ten principles and nine checklists, capable of providing complete privacy protection package to wearable device owners. We constructed this framework based on the analysis of existing mobile technology, the results of which are combined with the existing security standards. The approach also incorporates the market share percentage level of every app and its respective OS. This framework is evaluated based on the stringent CIA and HIPAA principles for information security. This evaluation is followed by testing the capability to revoke rights of subjects to access objects and ability to determine the set of available permissions for a particular subject for all models Finally, as the last step, we examine the complexity of the required initial setup.
    Matched MeSH terms: Confidentiality*
  7. Abbasi IA, Jan SU, Alqahtani AS, Khan AS, Algarni F
    PLoS One, 2024;19(1):e0294429.
    PMID: 38289970 DOI: 10.1371/journal.pone.0294429
    Cloud computing is vital in various applications, such as healthcare, transportation, governance, and mobile computing. When using a public cloud server, it is mandatory to be secured from all known threats because a minor attacker's disturbance severely threatens the whole system. A public cloud server is posed with numerous threats; an adversary can easily enter the server to access sensitive information, especially for the healthcare industry, which offers services to patients, researchers, labs, and hospitals in a flexible way with minimal operational costs. It is challenging to make it a reliable system and ensure the privacy and security of a cloud-enabled healthcare system. In this regard, numerous security mechanisms have been proposed in past decades. These protocols either suffer from replay attacks, are completed in three to four round trips or have maximum computation, which means the security doesn't balance with performance. Thus, this work uses a fuzzy extractor method to propose a robust security method for a cloud-enabled healthcare system based on Elliptic Curve Cryptography (ECC). The proposed scheme's security analysis has been examined formally with BAN logic, ROM and ProVerif and informally using pragmatic illustration and different attacks' discussions. The proposed security mechanism is analyzed in terms of communication and computation costs. Upon comparing the proposed protocol with prior work, it has been demonstrated that our scheme is 33.91% better in communication costs and 35.39% superior to its competitors in computation costs.
    Matched MeSH terms: Confidentiality*
  8. Mathiharan K
    Natl Med J India, 2014 Jan-Feb;27(1):39-42.
    PMID: 25403126
    The concept of informed consent specific to medical research and treatment is still alien to many medical researchers and practitioners and to millions of Indians. The doctor-patient relationship in India is governed more by trust where the doctor is the authoritative person. Therefore, the benefit of informed consent does not reach all patients in day-to-day medical practice. To complicate the issue, the Indian law is not specific about the age at which a person can give valid consent. The Indian Penal Code is silent about the legal validity of consent given by persons between 12 and 18 years of age. Similarly, the age at which the 'Right to Confidentiality' begins is yet to be defined either by the statute or by the courts. Hence, there is a need for a clear statutory provision to remove the anomalies and ambiguities regarding the age of consent to undergo invasive therapeutic or investigative procedures, participate in clinical trials, as well as define the age at which a person's right to medical confidentiality begins.
    Matched MeSH terms: Confidentiality/legislation & jurisprudence*
  9. Gupta R, Kanungo P, Dagdee N, Madhu G, Sahoo KS, Jhanjhi NZ, et al.
    Sensors (Basel), 2023 Feb 27;23(5).
    PMID: 36904822 DOI: 10.3390/s23052617
    With continuous advancements in Internet technology and the increased use of cryptographic techniques, the cloud has become the obvious choice for data sharing. Generally, the data are outsourced to cloud storage servers in encrypted form. Access control methods can be used on encrypted outsourced data to facilitate and regulate access. Multi-authority attribute-based encryption is a propitious technique to control who can access encrypted data in inter-domain applications such as sharing data between organizations, sharing data in healthcare, etc. The data owner may require the flexibility to share the data with known and unknown users. The known or closed-domain users may be internal employees of the organization, and unknown or open-domain users may be outside agencies, third-party users, etc. In the case of closed-domain users, the data owner becomes the key issuing authority, and in the case of open-domain users, various established attribute authorities perform the task of key issuance. Privacy preservation is also a crucial requirement in cloud-based data-sharing systems. This work proposes the SP-MAACS scheme, a secure and privacy-preserving multi-authority access control system for cloud-based healthcare data sharing. Both open and closed domain users are considered, and policy privacy is ensured by only disclosing the names of policy attributes. The values of the attributes are kept hidden. Characteristic comparison with similar existing schemes shows that our scheme simultaneously provides features such as multi-authority setting, expressive and flexible access policy structure, privacy preservation, and scalability. The performance analysis carried out by us shows that the decryption cost is reasonable enough. Furthermore, the scheme is demonstrated to be adaptively secure under the standard model.
    Matched MeSH terms: Confidentiality*
  10. Sharmini S, Jamaiyah H, Jaya Purany SP
    Malays Fam Physician, 2010;5(1):13-8.
    PMID: 25606180 MyJurnal
    This survey set out to describe patient registries available in the country, to determine their security features, data confidentiality, extent of outputs produced and data quality of the registries.
    Matched MeSH terms: Confidentiality
  11. Vijayananthan A, Nawawi O
    Biomed Imaging Interv J, 2008 Jan;4(1):e5.
    PMID: 21614316 MyJurnal DOI: 10.2349/biij.4.1.e5
    Good Clinical Practice (GCP) is an international ethical and scientific quality standard for the design, conduct, performance, monitoring, auditing, recording, analyses and reporting of clinical trials. It also serves to protect the rights, integrity and confidentiality of trial subjects. It is very important to understand the background of the formation of the ICH-GCP guidelines as this, in itself, explains the reasons and the need for doing so. In this paper, we address the historical background and the events that led up to the formation of these guidelines. Today, the ICH-GCP guidelines are used in clinical trials throughout the globe with the main aim of protecting and preserving human rights.
    Matched MeSH terms: Confidentiality
  12. Liau QY, Leow CY, Ding Z
    Sensors (Basel), 2016 Jun 09;16(6).
    PMID: 27294924 DOI: 10.3390/s16060846
    Relaying is one of the useful techniques to enhance wireless physical-layer security. Existing literature shows that employing full-duplex relay instead of conventional half-duplex relay improves secrecy capacity and secrecy outage probability, but this is at the price of sophisticated implementation. As an alternative, two-path successive relaying has been proposed to emulate operation of full-duplex relay by scheduling a pair of half-duplex relays to assist the source transmission alternately. However, the performance of two-path successive relaying in secrecy communication remains unexplored. This paper proposes a secrecy two-path successive relaying protocol for a scenario with one source, one destination and two half-duplex relays. The relays operate alternately in a time division mode to forward messages continuously from source to destination in the presence of an eavesdropper. Analytical results reveal that the use of two half-duplex relays in the proposed scheme contributes towards a quadratically lower probability of interception compared to full-duplex relaying. Numerical simulations show that the proposed protocol achieves the ergodic achievable secrecy rate of full-duplex relaying while delivering the lowest probability of interception and secrecy outage probability compared to the existing half duplex relaying, full duplex relaying and full duplex jamming schemes.
    Matched MeSH terms: Confidentiality
  13. Nur Azien Yazid, Kamilah Abdullah, Suhaila Abd Halim
    ESTEEM Academic Journal, 2019;15(1):44-55.
    MyJurnal
    Image watermarking embeds identifying information in an image in such a manner that it cannot easily be removed. For the past several years, image digital watermarking has become a necessary element used for hiding secret image and enabling secured communication such as
    privacy, confidentiality, authentication and data integrity. Although numerous watermarking schemes are present in grayscale images, the present work focuses on the RGB color image. This study proposed a new hybrid method that would satisfy the essential needs of modern image watermarking. The color image watermarking is based on the 2D Discrete Cosine Transform and Elgamal cryptosystem. The 2D Discrete Cosine Transform depends on the matrix products, while the Elgamal cryptosystem depends on the discrete logarithm problem. The cryptosystem is combined with existing Arnold transform in watermarking algorithm to enhance the security of secret image. Value of Peak Signal to Noise Ratio was taken as performance evaluation parameters. On the whole, the performance evaluation shows that combining the two algorithms improved the performance of image watermarking.
    Matched MeSH terms: Confidentiality
  14. Khalid H, Hashim SJ, Ahmad SMS, Hashim F, Chaudhary MA
    Sensors (Basel), 2021 Feb 18;21(4).
    PMID: 33670675 DOI: 10.3390/s21041428
    The development of the industrial Internet of Things (IIoT) promotes the integration of the cross-platform systems in fog computing, which enable users to obtain access to multiple application located in different geographical locations. Fog users at the network's edge communicate with many fog servers in different fogs and newly joined servers that they had never contacted before. This communication complexity brings enormous security challenges and potential vulnerability to malicious threats. The attacker may replace the edge device with a fake one and authenticate it as a legitimate device. Therefore, to prevent unauthorized users from accessing fog servers, we propose a new secure and lightweight multi-factor authentication scheme for cross-platform IoT systems (SELAMAT). The proposed scheme extends the Kerberos workflow and utilizes the AES-ECC algorithm for efficient encryption keys management and secure communication between the edge nodes and fog node servers to establish secure mutual authentication. The scheme was tested for its security analysis using the formal security verification under the widely accepted AVISPA tool. We proved our scheme using Burrows Abdi Needham's logic (BAN logic) to prove secure mutual authentication. The results show that the SELAMAT scheme provides better security, functionality, communication, and computation cost than the existing schemes.
    Matched MeSH terms: Confidentiality
  15. Nassiri Abrishamchi MA, Zainal A, Ghaleb FA, Qasem SN, Albarrak AM
    Sensors (Basel), 2022 Nov 07;22(21).
    PMID: 36366261 DOI: 10.3390/s22218564
    Smart home technologies have attracted more users in recent years due to significant advancements in their underlying enabler components, such as sensors, actuators, and processors, which are spreading in various domains and have become more affordable. However, these IoT-based solutions are prone to data leakage; this privacy issue has motivated researchers to seek a secure solution to overcome this challenge. In this regard, wireless signal eavesdropping is one of the most severe threats that enables attackers to obtain residents' sensitive information. Even if the system encrypts all communications, some cyber attacks can still steal information by interpreting the contextual data related to the transmitted signals. For example, a "fingerprint and timing-based snooping (FATS)" attack is a side-channel attack (SCA) developed to infer in-home activities passively from a remote location near the targeted house. An SCA is a sort of cyber attack that extracts valuable information from smart systems without accessing the content of data packets. This paper reviews the SCAs associated with cyber-physical systems, focusing on the proposed solutions to protect the privacy of smart homes against FATS attacks in detail. Moreover, this work clarifies shortcomings and future opportunities by analyzing the existing gaps in the reviewed methods.
    Matched MeSH terms: Confidentiality
  16. Ranak MSAN, Azad S, Nor NNHBM, Zamli KZ
    PLoS One, 2017;12(10):e0186940.
    PMID: 29084262 DOI: 10.1371/journal.pone.0186940
    Due to recent advancements and appealing applications, the purchase rate of smart devices is increasing at a higher rate. Parallely, the security related threats and attacks are also increasing at a greater ratio on these devices. As a result, a considerable number of attacks have been noted in the recent past. To resist these attacks, many password-based authentication schemes are proposed. However, most of these schemes are not screen size independent; whereas, smart devices come in different sizes. Specifically, they are not suitable for miniature smart devices due to the small screen size and/or lack of full sized keyboards. In this paper, we propose a new screen size independent password-based authentication scheme, which also offers an affordable defense against shoulder surfing, brute force, and smudge attacks. In the proposed scheme, the Press Touch (PT)-a.k.a., Force Touch in Apple's MacBook, Apple Watch, ZTE's Axon 7 phone; 3D Touch in iPhone 6 and 7; and so on-is transformed into a new type of code, named Press Touch Code (PTC). We design and implement three variants of it, namely mono-PTC, multi-PTC, and multi-PTC with Grid, on the Android Operating System. An in-lab experiment and a comprehensive survey have been conducted on 105 participants to demonstrate the effectiveness of the proposed scheme.
    Matched MeSH terms: Confidentiality
  17. Almazroi AA, Alqarni MA, Al-Shareeda MA, Manickam S
    PLoS One, 2023;18(10):e0292690.
    PMID: 37889892 DOI: 10.1371/journal.pone.0292690
    The role that vehicular fog computing based on the Fifth Generation (5G) can play in improving traffic management and motorist safety is growing quickly. The use of wireless technology within a vehicle raises issues of confidentiality and safety. Such concerns are optimal targets for conditional privacy-preserving authentication (CPPA) methods. However, current CPPA-based systems face a challenge when subjected to attacks from quantum computers. Because of the need for security and anti-piracy features in fog computing when using a 5G-enabled vehicle system, the L-CPPA scheme is proposed in this article. Using a fog server, secret keys are generated and transmitted to each registered car via a 5G-Base Station (5G-BS) in the proposed L-CPPA system. In the proposed L-CPPA method, the trusted authority, rather than the vehicle's Onboard Unit (OBU), stores the vehicle's master secret data to each fog server. Finally, the computation cost of the suggested L-CPPA system regards message signing, single verification and batch verification is 694.161 ms, 60.118 ms, and 1348.218 ms, respectively. Meanwhile, the communication cost is 7757 bytes.
    Matched MeSH terms: Confidentiality
  18. Alanazi HO, Zaidan AA, Zaidan BB, Kiah ML, Al-Bakri SH
    J Med Syst, 2015 Jan;39(1):165.
    PMID: 25481568 DOI: 10.1007/s10916-014-0165-3
    This study has two objectives. First, it aims to develop a system with a highly secured approach to transmitting electronic medical records (EMRs), and second, it aims to identify entities that transmit private patient information without permission. The NTRU and the Advanced Encryption Standard (AES) cryptosystems are secured encryption methods. The AES is a tested technology that has already been utilized in several systems to secure sensitive data. The United States government has been using AES since June 2003 to protect sensitive and essential information. Meanwhile, NTRU protects sensitive data against attacks through the use of quantum computers, which can break the RSA cryptosystem and elliptic curve cryptography algorithms. A hybrid of AES and NTRU is developed in this work to improve EMR security. The proposed hybrid cryptography technique is implemented to secure the data transmission process of EMRs. The proposed security solution can provide protection for over 40 years and is resistant to quantum computers. Moreover, the technique provides the necessary evidence required by law to identify disclosure or misuse of patient records. The proposed solution can effectively secure EMR transmission and protect patient rights. It also identifies the source responsible for disclosing confidential patient records. The proposed hybrid technique for securing data managed by institutional websites must be improved in the future.
    Matched MeSH terms: Confidentiality*
  19. Tayan O, Kabir MN, Alginahi YM
    ScientificWorldJournal, 2014;2014:514652.
    PMID: 25254247 DOI: 10.1155/2014/514652
    This paper addresses the problems and threats associated with verification of integrity, proof of authenticity, tamper detection, and copyright protection for digital-text content. Such issues were largely addressed in the literature for images, audio, and video, with only a few papers addressing the challenge of sensitive plain-text media under known constraints. Specifically, with text as the predominant online communication medium, it becomes crucial that techniques are deployed to protect such information. A number of digital-signature, hashing, and watermarking schemes have been proposed that essentially bind source data or embed invisible data in a cover media to achieve its goal. While many such complex schemes with resource redundancies are sufficient in offline and less-sensitive texts, this paper proposes a hybrid approach based on zero-watermarking and digital-signature-like manipulations for sensitive text documents in order to achieve content originality and integrity verification without physically modifying the cover text in anyway. The proposed algorithm was implemented and shown to be robust against undetected content modifications and is capable of confirming proof of originality whilst detecting and locating deliberate/nondeliberate tampering. Additionally, enhancements in resource utilisation and reduced redundancies were achieved in comparison to traditional encryption-based approaches. Finally, analysis and remarks are made about the current state of the art, and future research issues are discussed under the given constraints.
    Matched MeSH terms: Confidentiality/standards*
  20. Yau WC, Phan RC
    J Med Syst, 2013 Dec;37(6):9993.
    PMID: 24194093 DOI: 10.1007/s10916-013-9993-9
    Many authentication schemes have been proposed for telecare medicine information systems (TMIS) to ensure the privacy, integrity, and availability of patient records. These schemes are crucial for TMIS systems because otherwise patients' medical records become susceptible to tampering thus hampering diagnosis or private medical conditions of patients could be disclosed to parties who do not have a right to access such information. Very recently, Hao et al. proposed a chaotic map-based authentication scheme for telecare medicine information systems in a recent issue of Journal of Medical Systems. They claimed that the authentication scheme can withstand various attacks and it is secure to be used in TMIS. In this paper, we show that this authentication scheme is vulnerable to key-compromise impersonation attacks, off-line password guessing attacks upon compromising of a smart card, and parallel session attacks. We also exploit weaknesses in the password change phase of the scheme to mount a denial-of-service attack. Our results show that this scheme cannot be used to provide security in a telecare medicine information system.
    Matched MeSH terms: Confidentiality/standards*
Filters
Contact Us

Please provide feedback to Administrator (afdal@afpm.org.my)

External Links