CONTEXT-AWARE SECURITY IN CLOUD EMERGENCY MEDICAL SERVICES

Vassiliki Koufi, Flora Malamateniou, George Vassilacopoulos

2011

Abstract

Recently, there has been a remarkable upsurge in activity surrounding the adoption of Personal Health Records (PHRs). Since PHRs contain global patient information and not certain pieces collected by individual healthcare providers, they can be used as basic infrastructures for building and operating several important systems for both healthcare and the tax payers. Emergency medical systems (EMS) are among the most crucial ones as they involve a variety of activities which are performed from the time of a call to an ambulance service till the time of patient’s discharge from the emergency department of a hospital and are closely interrelated so that collaboration and coordination becomes a vital issue for patients and for emergency healthcare service performance. This paper is concerned with the development of a PHR-based EMS in a cloud computing environment and focuses on the security aspect of delivering this particular service. Although cloud-based services can prove important in healthcare delivery, the inherent nature of medical service delivery underscores the need for ensuring that data security is better maintained. Moreover, high expectations for emergency care delivery can be achieved only if provider organizations select systems with the appropriate features, security being among the most prominent ones. Thus, the proposed EMS system comes with a suitable security mechanism in order to ensure secure access to medical information when and where needed. To this end, context-aware authorization has been embedded into the emergency care process, enabling authorization to be based not only on static rules and roles but also to be influenced by the process execution context to ensure precise and tight access control.

References

  1. Communications of the ACM, 2003. Service-Oriented Computing, 46 (10).
  2. Anantharaman, V., Han, L., 2001. Hospital and emergency ambulance link: IT to enhance emergency pre-hospital care, International Journal of Medical Informatics, 61: 147-161.
  3. Ash, J. S., Berg, M., Coiera, E., 2004. Some Unintended Consequences of Information Technology in Health Care: The Nature of Patient Care Information System Related Errors. Journal of American Medical Informatics Association, 11(2): 104-112.
  4. Bates, D. W., Leape, L. L., Cullen, D. J., Laird, N., Petersen, L. A., Teich, J. M., et.al., 1998. Effect of Computerized Physician Order Entry and a Team Intervention on Prevention of Serious Medication Errors. Journal of the American Medical Association, 280(15): 1311-1316.
  5. Bruening, P., Treacy, B, 2009. Cloud Computing: Privacy, Security Challenges. In The Bureau of National Affairs.
  6. Buyya, R., Yeoa, C. S., Venugopala, S., Broberga, J., and Ivona Brandicc, I., 2009. Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Generation Computer Systems, 25: 599-616.
  7. Care2X Integrated Healthcare Environment, http://www.care2x.org/
  8. IBM, 2009. IBM Point of View: Security and Cloud Computing, Cloud Computing White paper, ftp:// public.dhe.ibm.com/common/ssi/sa/wh/n/tiw14045use n/TIW14045USEN_HR.PDF
  9. JSR-168 Portlet Specification, http://www.jcp.org/ aboutJava/communityprocess/final/ jsr168/
  10. Lauer, G., 2009. Health Record Banks Gaining Traction in Regional Projects, http://www.ihealthbeat.org/ features/2009/health-record-banks-gaining-traction-inregional-projects.aspx
  11. Muttig I., Burton C., 2009. Cloud Security Technologies. Information Security Technical Report, 14: 1-6.
  12. OASIS, 2007. OASIS Web Services Business Process Execution Language (WSBPEL) v.2, http://docs.oasisopen.org/wsbpel/2.0/wsbpel-v2.0.pdf
  13. Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S., 2002. A Community Authorization Service for Group Collaboration. In the 3rd IEEE International Workshop on Policies for Distributed Systems and Networks.
  14. Raines, G., 2009. Cloud Computing and SOA. ServiceOriented Architecture (SOA) Series, Systems Engineering at MITRE.
  15. Reddy, M. C., Paul, S. A., Abraham, J., McNeese,M., DeFlitch, C., Yen, J., 2009. Challenges to effective crisis management: Using information and communication technologies to coordinate emergency medical services and emergency department teams. International Journal of Medical Informatics, 78 (4): 259-269.
  16. Rosenthal A., Mork, P., Lia, M. H., Stanforda, J., Koestera, D., Reynolds, P., 2010. Cloud computing: A new business paradigm for biomedical information sharing. Journal of Biomedical Informatics, 43: 342- 253.
  17. Shimrat, O., 2009. Cloud Computing and Healthcare, San Diego Physician.org.
  18. Tang, P. C., Ash, J. S., Bates, D. W., Overhage, J. M., Sands, D. Z., 2006. Personal health records: definitions, benefits, and strategies for overcoming barriers to adoption. Journal of American Medical Informatics Association, 13 (2): 121-126.
  19. Tentori, M., Favela, J., Rodriguez, M. D., 2006. PrivacyAware Autonomous Agents for Pervasive Healthcare, IEEE Intelligent Systems Magazine, 21 (6): 55-62.
  20. U.S. Department of Health and Human Services: Personal Health Records and Personal Health Record Systems, A Report and Recommendations from the National Committee on Vital and Health Statistics, 2006.
  21. Van der Burg, S., Dolstra, E., 2009. Software Development in a Dynamic Cloud: From Device to Service Orientation in a Hospital. Environment, In 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing.
  22. Wiljer, D., Urowitz, S., Apatu, E., DeLenardo, C., Eysenbach, G., Harth, T., Pai, H., Leonard, K. J., 2008. Patient accessible electronic health records: exploring recommendations for successful implementation strategies. Journal of Medical Internet Research,. 10 (4).
  23. Win, K. T., Susilo, W., Mu, Y., 2006. Personal Health Record Systems and Their Security Protection. Journal of Medical Systems, 30: 309-315.
Download


Paper Citation


in Harvard Style

Koufi V., Malamateniou F. and Vassilacopoulos G. (2011). CONTEXT-AWARE SECURITY IN CLOUD EMERGENCY MEDICAL SERVICES . In Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2011) ISBN 978-989-8425-34-8, pages 121-130. DOI: 10.5220/0003106001210130


in Bibtex Style

@conference{healthinf11,
author={Vassiliki Koufi and Flora Malamateniou and George Vassilacopoulos},
title={CONTEXT-AWARE SECURITY IN CLOUD EMERGENCY MEDICAL SERVICES},
booktitle={Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2011)},
year={2011},
pages={121-130},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003106001210130},
isbn={978-989-8425-34-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2011)
TI - CONTEXT-AWARE SECURITY IN CLOUD EMERGENCY MEDICAL SERVICES
SN - 978-989-8425-34-8
AU - Koufi V.
AU - Malamateniou F.
AU - Vassilacopoulos G.
PY - 2011
SP - 121
EP - 130
DO - 10.5220/0003106001210130