IJCNIS Vol. 3, No. 4, 8 Jun. 2011
Cover page and Table of Contents: PDF (size: 255KB)
Full Text (PDF, 255KB), PP.53-60
Views: 0 Downloads: 0
Telemedicine:privacy perservation, identity-based encryption, identity-based digital signature, wireless health monitoring system
Privacy preservation is an important challenge for wireless health monitoring system. This paper analyses the privacy threat types based on the wireless health monitoring system architecture, and built the key system model for identity threat and context privacy preservation based on traffic analysis threat. To resist these threat , the integrated message encryption, identity authentication and traffic context privacy preservation, based on identity-based cryptography(IBC) and identity-based signature(IBS), is carried out at one time during the process of sending, receiving and accessing the patients’ health information. Extensive analysis demonstrates the effectiveness of the proposed scheme.
Qiming Huang, Xing Yang, Shuang Li, "Identity Authentication and Context Privacy Preservation in Wireless Health Monitoring System", International Journal of Computer Network and Information Security(IJCNIS), vol.3, no.4, pp.53-60, 2011. DOI:10.5815/ijcnis.2011.04.08
[1]Rash, M.C. Privacy concerns hinder electronic medical records. The Business Journal of the Greater Triad Area (Apr. 4, 2005).
[2]Lin X, Lu R, Shen X, Nemoto Y, Kato N.SAGE: a strong privacy preserving scheme against global eavesdropping for ehealth systems. IEEE Journal of Selected Areas of Communications.
[3]Ou, C.-M. and Ou, C. R., “A High-Level 3G Wireless PKI Solution for Secure Healthcare Communications”, EuroPKI 2006, Lecture Notes in Computer Science 4043, Springer-Verlag, 2006, pp. 254-256.
[4]Yuhai Zhang, Yongyong Xu, Lei Shang, etc.An investigation into health informatics and related standards in China. International Journal of Medical Informatics[J]. 2007(76),614–620.
[5]M. Layouni, K. Verslype, M. T. Sandikkaya. Privacy-Preserving Telemonitoring for eHealth. Data and Applications Security 2009, LNCS 5645, pp. 95–110, 2009.
[6]Md. Mokammel Haque, Al-Sakib Khan Pathan, and Choong Seon Hong, Securing U-Healthcare Sensor Networks using Public Key Based Scheme, ICACT 2008:17-20.
[7]U. Sax, I. Kohane, and K.D. Mandl, “Wireless Technology Infrastructures for Authentication of Patients: PKI That Rings,” J. Am. Medical Informatics Assoc., vol. 12, no. 3, pp. 263-268, 2005.
[8]Health Insurance Portability Accountability Act (HIPAA).
[9]D. Boneh and M. Franklin, Identity-based encryption from the weil pairings. Advances in Cryptology-Asiacrypt Springer-Verlag, 2001. LNCS 2248, pp.514-532.
[10]J. Cha and J. Cheon, An identity-based signature from gap diffie-hellman groups. in Prof. Practice and Theory in Public Key Cryptography– PKC’2003, Springer-Verlag, 2003. LNCS 21392567 pp. 18-30.
[11]P. Kamat, Y. Zhang, W. Trappe, and C. Ozturk, “Enhancing sourcelocation privacy in sensor network routing”, in Proc. 25th IEEE International Conference on Distributed Computing Systems - ICDCS 2005, Columbus, Ohio, USA, June 2005, pp. 599-608.
[12]K. Mehta, D. Liu, and M. Wright, “Location privacy in sensor networks against a global eavesdropper”, in Proc. IEEE International Conference on Network Protocols, 2007 - ICNP 2007, Beijing, China, 2007, pp. 314-323.
[13]Y. Ouyang, Z. Le, G. Chen, J. Ford, and F. Makedon, “Entrapping adversaries for source protection in sensor networks”, in Proc. International Symposium on on Word of Wireless, Mobile and Multimedia Networks (WoWMoM), pp. 23 -24, June 2006.
[14]Shinyoung Lim, Tae Hwan Oh, Young B. Choi, Tamil Lakshman, Security issues on wireless body area network for remote healthcare monitoring, 2010 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing.
[15]Health Insurance Portability Accountability Act (HIPAA).
[16]P. Dixon, “Medical identity theft: The information crime that can kill you,” The World Privacy Forum, May 2006. Available at http://www.worldprivacyforum.org/pdf/wpf_medicalidtheft2006.pdf
[17]M. E. Johnson, “Data hemorrhages in the health-care sector,” in Financial Cryptography and Data Security. Springer-Verlag, Feb. 2009. DOI 10.1007/978-3-642-03549-4 5
[18]B. Malin, “Re-identification of familial database records,” in AMIA Annual Symposium Proc.. AMIA, Nov. 2006, pp. 524–528. Available at http://view.ncbi.nlm.nih.gov/pubmed/17238396
[19]S. Sinclair and S. W. Smith, “Preventative directions for insider threat mitigation via access control,” in Insider Attack and Cyber Security: Beyond the Hacker. Springer-Verlag, 2008, vol. 39, pp. 173–202. DOI 10.1007/978-0-387-77322-3 10
[20]A. Appari and M. E. Johnson, “Information security and privacy in healthcare: Current state of research,” Proc. Workshop on Information Security and Privacy (WISP), Aug. 2008. Available at http://www.ists.dartmouth.edu/library/416.pdf
[21]E. Messmer, “Health care organizations see cyberattacks as growing threat,” Network World, Feb. 2008. Available at http://tinyurl.com/66b2py
[22]P. Dixon, “Medical identity theft: The information crime that can kill you,” The World Privacy Forum, May 2006. Available at http://www.worldprivacyforum.org/pdf/wpf_medicalidtheft2006.pdf
[23]C. V. Wright, F. Monrose, and G. M. Masson, “On inferring application protocol behaviors in encrypted network traffic,” Journal of Machine Learning Research, vol. 7, pp. 2745–2769, Dec. 2006. Available at http://portal.acm.org/citation.cfm?id=1248547.1248647
[24]P. Kamat, Y. Zhang, W. Trappe, and C. Ozturk, “Enhancing sourcelocation privacy in sensor network routing”, in Proc. 25th IEEE International Conference on Distributed Computing Systems - ICDCS 2005, Columbus, Ohio, USA, June 2005, pp. 599-608.
[25]K. Mehta, D. Liu, and M. Wright, “Location privacy in sensor networks against a global eavesdropper”, in Proc. IEEE International Conference on Network Protocols, 2007 - ICNP 2007, Beijing, China, 2007, pp.314-323.
[26]W. Mao, Modern Cryptography: Theory and Practice, Prentice Hall PTR, 2003.
[27]Y. Jian, S. Chen, Z. Zhang, and L. Zhang, “Protecting receiver-location privacy in wireless sensor networks”, Proc. IEEE INFOCOM 2007, Anchorage, Alaska, USA, May 2007.