WorldWideScience

Sample records for health security schemes

  1. A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

    Science.gov (United States)

    Das, Ashok Kumar; Goswami, Adrijit

    2013-06-01

    Connected health care has several applications including telecare medicine information system, personally controlled health records system, and patient monitoring. In such applications, user authentication can ensure the legality of patients. In user authentication for such applications, only the legal user/patient himself/herself is allowed to access the remote server, and no one can trace him/her according to transmitted data. Chang et al. proposed a uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care (Chang et al., J Med Syst 37:9902, 2013). Their scheme uses the user's personal biometrics along with his/her password with the help of the smart card. The user's biometrics is verified using BioHashing. Their scheme is efficient due to usage of one-way hash function and exclusive-or (XOR) operations. In this paper, we show that though their scheme is very efficient, their scheme has several security weaknesses such as (1) it has design flaws in login and authentication phases, (2) it has design flaws in password change phase, (3) it fails to protect privileged insider attack, (4) it fails to protect the man-in-the middle attack, and (5) it fails to provide proper authentication. In order to remedy these security weaknesses in Chang et al.'s scheme, we propose an improvement of their scheme while retaining the original merit of their scheme. We show that our scheme is efficient as compared to Chang et al.'s scheme. Through the security analysis, we show that our scheme is secure against possible attacks. Further, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. In addition, after successful authentication between the user and the server, they establish a secret session key shared between them for future secure communication.

  2. Secure and Efficient Two-Factor User Authentication Scheme with User Anonymity for Network Based E-Health Care Applications.

    Science.gov (United States)

    Li, Xiong; Niu, Jianwei; Karuppiah, Marimuthu; Kumari, Saru; Wu, Fan

    2016-12-01

    Benefited from the development of network and communication technologies, E-health care systems and telemedicine have got the fast development. By using the E-health care systems, patient can enjoy the remote medical service provided by the medical server. Medical data are important privacy information for patient, so it is an important issue to ensure the secure of transmitted medical data through public network. Authentication scheme can thwart unauthorized users from accessing services via insecure network environments, so user authentication with privacy protection is an important mechanism for the security of E-health care systems. Recently, based on three factors (password, biometric and smart card), an user authentication scheme for E-health care systems was been proposed by Amin et al., and they claimed that their scheme can withstand most of common attacks. Unfortunate, we find that their scheme cannot achieve the untraceability feature of the patient. Besides, their scheme lacks a password check mechanism such that it is inefficient to find the unauthorized login by the mistake of input a wrong password. Due to the same reason, their scheme is vulnerable to Denial of Service (DoS) attack if the patient updates the password mistakenly by using a wrong password. In order improve the security level of authentication scheme for E-health care application, a robust user authentication scheme with privacy protection is proposed for E-health care systems. Then, security prove of our scheme are analysed. Security and performance analyses show that our scheme is more powerful and secure for E-health care systems when compared with other related schemes.

  3. An Intelligent and Secure Health Monitoring Scheme Using IoT Sensor Based on Cloud Computing

    Directory of Open Access Journals (Sweden)

    Jin-Xin Hu

    2017-01-01

    Full Text Available Internet of Things (IoT is the network of physical objects where information and communication technology connect multiple embedded devices to the Internet for collecting and exchanging data. An important advancement is the ability to connect such devices to large resource pools such as cloud. The integration of embedded devices and cloud servers offers wide applicability of IoT to many areas of our life. With the aging population increasing every day, embedded devices with cloud server can provide the elderly with more flexible service without the need to visit hospitals. Despite the advantages of the sensor-cloud model, it still has various security threats. Therefore, the design and integration of security issues, like authentication and data confidentiality for ensuring the elderly’s privacy, need to be taken into consideration. In this paper, an intelligent and secure health monitoring scheme using IoT sensor based on cloud computing and cryptography is proposed. The proposed scheme achieves authentication and provides essential security requirements.

  4. An authentication scheme for secure access to healthcare services.

    Science.gov (United States)

    Khan, Muhammad Khurram; Kumari, Saru

    2013-08-01

    Last few decades have witnessed boom in the development of information and communication technologies. Health-sector has also been benefitted with this advancement. To ensure secure access to healthcare services some user authentication mechanisms have been proposed. In 2012, Wei et al. proposed a user authentication scheme for telecare medical information system (TMIS). Recently, Zhu pointed out offline password guessing attack on Wei et al.'s scheme and proposed an improved scheme. In this article, we analyze both of these schemes for their effectiveness in TMIS. We show that Wei et al.'s scheme and its improvement proposed by Zhu fail to achieve some important characteristics necessary for secure user authentication. We find that security problems of Wei et al.'s scheme stick with Zhu's scheme; like undetectable online password guessing attack, inefficacy of password change phase, traceability of user's stolen/lost smart card and denial-of-service threat. We also identify that Wei et al.'s scheme lacks forward secrecy and Zhu's scheme lacks session key between user and healthcare server. We therefore propose an authentication scheme for TMIS with forward secrecy which preserves the confidentiality of air messages even if master secret key of healthcare server is compromised. Our scheme retains advantages of Wei et al.'s scheme and Zhu's scheme, and offers additional security. The security analysis and comparison results show the enhanced suitability of our scheme for TMIS.

  5. Secure RAID Schemes for Distributed Storage

    OpenAIRE

    Huang, Wentao; Bruck, Jehoshua

    2016-01-01

    We propose secure RAID, i.e., low-complexity schemes to store information in a distributed manner that is resilient to node failures and resistant to node eavesdropping. We generalize the concept of systematic encoding to secure RAID and show that systematic schemes have significant advantages in the efficiencies of encoding, decoding and random access. For the practical high rate regime, we construct three XOR-based systematic secure RAID schemes with optimal or almost optimal encoding and ...

  6. Quantum Secure Communication Scheme with W State

    International Nuclear Information System (INIS)

    Wang Jian; Zhang Quan; Tang Chaojng

    2007-01-01

    We present a quantum secure communication scheme using three-qubit W state. It is unnecessary for the present scheme to use alternative measurement or Bell basis measurement. Compared with the quantum secure direct communication scheme proposed by Cao et al. [H.J. Cao and H.S. Song, Chin. Phys. Lett. 23 (2006) 290], in our scheme, the detection probability for an eavesdropper's attack increases from 8.3% to 25%. We also show that our scheme is secure for a noise quantum channel.

  7. Tightly Secure Signatures From Lossy Identification Schemes

    OpenAIRE

    Abdalla , Michel; Fouque , Pierre-Alain; Lyubashevsky , Vadim; Tibouchi , Mehdi

    2015-01-01

    International audience; In this paper, we present three digital signature schemes with tight security reductions in the random oracle model. Our first signature scheme is a particularly efficient version of the short exponent discrete log-based scheme of Girault et al. (J Cryptol 19(4):463–487, 2006). Our scheme has a tight reduction to the decisional short discrete logarithm problem, while still maintaining the non-tight reduction to the computational version of the problem upon which the or...

  8. Security problem on arbitrated quantum signature schemes

    International Nuclear Information System (INIS)

    Choi, Jeong Woon; Chang, Ku-Young; Hong, Dowon

    2011-01-01

    Many arbitrated quantum signature schemes implemented with the help of a trusted third party have been developed up to now. In order to guarantee unconditional security, most of them take advantage of the optimal quantum one-time encryption based on Pauli operators. However, in this paper we point out that the previous schemes provide security only against a total break attack and show in fact that there exists an existential forgery attack that can validly modify the transmitted pair of message and signature. In addition, we also provide a simple method to recover security against the proposed attack.

  9. Security problem on arbitrated quantum signature schemes

    Energy Technology Data Exchange (ETDEWEB)

    Choi, Jeong Woon [Emerging Technology R and D Center, SK Telecom, Kyunggi 463-784 (Korea, Republic of); Chang, Ku-Young; Hong, Dowon [Cryptography Research Team, Electronics and Telecommunications Research Institute, Daejeon 305-700 (Korea, Republic of)

    2011-12-15

    Many arbitrated quantum signature schemes implemented with the help of a trusted third party have been developed up to now. In order to guarantee unconditional security, most of them take advantage of the optimal quantum one-time encryption based on Pauli operators. However, in this paper we point out that the previous schemes provide security only against a total break attack and show in fact that there exists an existential forgery attack that can validly modify the transmitted pair of message and signature. In addition, we also provide a simple method to recover security against the proposed attack.

  10. Anticollusion Attack Noninteractive Security Hierarchical Key Agreement Scheme in WHMS

    Directory of Open Access Journals (Sweden)

    Kefei Mao

    2016-01-01

    Full Text Available Wireless Health Monitoring Systems (WHMS have potential to change the way of health care and bring numbers of benefits to patients, physicians, hospitals, and society. However, there are crucial barriers not only to transmit the biometric information but also to protect the privacy and security of the patients’ information. The key agreement between two entities is an essential cryptography operation to clear the barriers. In particular, the noninteractive hierarchical key agreement scheme becomes an attractive direction in WHMS because each sensor node or gateway has limited resources and power. Recently, a noninteractive hierarchical key agreement scheme has been proposed by Kim for WHMS. However, we show that Kim’s cryptographic scheme is vulnerable to the collusion attack if the physicians can be corrupted. Obviously, it is a more practical security condition. Therefore, we proposed an improved key agreement scheme against the attack. Security proof, security analysis, and experimental results demonstrate that our proposed scheme gains enhanced security and more efficiency than Kim’s previous scheme while inheriting its qualities of one-round communication and security properties.

  11. Alternative health insurance schemes

    DEFF Research Database (Denmark)

    Keiding, Hans; Hansen, Bodil O.

    2002-01-01

    In this paper, we present a simple model of health insurance with asymmetric information, where we compare two alternative ways of organizing the insurance market. Either as a competitive insurance market, where some risks remain uninsured, or as a compulsory scheme, where however, the level...... competitive insurance; this situation turns out to be at least as good as either of the alternatives...

  12. Exploring patient satisfaction levels, self-rated oral health status and associated variables among citizens covered for dental insurance through a National Social Security Scheme in India.

    Science.gov (United States)

    Singh, Abhinav; Purohit, Bharathi M

    2017-06-01

    To assess patient satisfaction, self-rated oral health and associated factors, including periodontal status and dental caries, among patients covered for dental insurance through a National Social Security Scheme in New Delhi, India. A total of 1,498 patients participated in the study. Satisfaction levels and self-rated oral-health scores were measured using a questionnaire comprising 12 closed-ended questions. Clinical data were collected using the Community Periodontal Index (CPI) and the decayed, missing and filled teeth (DMFT) index. Regression analysis was conducted to evaluate factors associated with dental caries, periodontal status and self-rated oral health. Areas of concern included poor cleanliness within the hospital, extensive delays for appointments, waiting time in hospital and inadequate interpersonal and communication skills among health-care professionals. Approximately 51% of the respondents rated their oral health as fair to poor. Younger age, no tobacco usage, good periodontal status and absence of dental caries were significantly associated with higher oral health satisfaction, with odds ratios of 3.94, 2.38, 2.58 and 2.09, respectively (P ≤ 0.001). The study indicates poor satisfaction levels with the current dental care system and a poor self-rated oral health status among the study population. Some specific areas of concern have been identified. These findings may facilitate restructuring of the existing dental services under the National Social Security Scheme towards creating a better patient care system. © 2017 FDI World Dental Federation.

  13. A new chaotic secure communication scheme

    International Nuclear Information System (INIS)

    Hua Changchun; Yang Bo; Ouyang Gaoxiang; Guan Xinping

    2005-01-01

    A new chaotic secure communication scheme is constructed. Unified chaotic system is used to encrypt the emitted signal. Different from the existing chaotic secure communication methods, the useful information is embodied in the parameter of chaotic systems in this Letter. The receiver is designed which can succeed in recovering the former signal. Finally computer simulations are done to verify the proposed methods, and the results show that the obtained theoretic results are feasible and efficient

  14. Consolidation of the health insurance scheme

    CERN Document Server

    Association du personnel

    2009-01-01

    In the last issue of Echo, we highlighted CERN’s obligation to guarantee a social security scheme for all employees, pensioners and their families. In that issue we talked about the first component: pensions. This time we shall discuss the other component: the CERN Health Insurance Scheme (CHIS).

  15. Secure Dynamic access control scheme of PHR in cloud computing.

    Science.gov (United States)

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  16. Understanding security failures of two authentication and key agreement schemes for telecare medicine information systems.

    Science.gov (United States)

    Mishra, Dheerendra

    2015-03-01

    Smart card based authentication and key agreement schemes for telecare medicine information systems (TMIS) enable doctors, nurses, patients and health visitors to use smart cards for secure login to medical information systems. In recent years, several authentication and key agreement schemes have been proposed to present secure and efficient solution for TMIS. Most of the existing authentication schemes for TMIS have either higher computation overhead or are vulnerable to attacks. To reduce the computational overhead and enhance the security, Lee recently proposed an authentication and key agreement scheme using chaotic maps for TMIS. Xu et al. also proposed a password based authentication and key agreement scheme for TMIS using elliptic curve cryptography. Both the schemes provide better efficiency from the conventional public key cryptography based schemes. These schemes are important as they present an efficient solution for TMIS. We analyze the security of both Lee's scheme and Xu et al.'s schemes. Unfortunately, we identify that both the schemes are vulnerable to denial of service attack. To understand the security failures of these cryptographic schemes which are the key of patching existing schemes and designing future schemes, we demonstrate the security loopholes of Lee's scheme and Xu et al.'s scheme in this paper.

  17. Password Authentication Scheme with Secured Login Interface

    Directory of Open Access Journals (Sweden)

    AKINWALE A. Taofiki

    2009-12-01

    Full Text Available This paper presents a novel solution to the age long problem of password security at input level. In our solution, each of the various characters from which a password could be composed is encoded with a random single digit integer and presented to the user via an input interface form. A legitimate user entering his password only needs to carefully study the sequence of code that describe his password, and then enter these code in place of his actual password characters. This approach does not require the input code to be hidden from anyone or converted to placeholder characters for security reasons. Our solution engine regenerates new code for each character each time the carriage return key is struck, producing a hardened password that is convincingly more secure than conventional password entry system against both online and offline attackers. Using empirical data and a prototype implementation of our scheme, we give evidence that our approach is viable in practice, in terms of ease of use, improved security, and performance.

  18. Security and efficiency data sharing scheme for cloud storage

    International Nuclear Information System (INIS)

    Han, Ke; Li, Qingbo; Deng, Zhongliang

    2016-01-01

    With the adoption and diffusion of data sharing paradigm in cloud storage, there have been increasing demands and concerns for shared data security. Ciphertext Policy Attribute-Based Encryption (CP-ABE) is becoming a promising cryptographic solution to the security problem of shared data in cloud storage. However due to key escrow, backward security and inefficiency problems, existing CP-ABE schemes cannot be directly applied to cloud storage system. In this paper, an effective and secure access control scheme for shared data is proposed to solve those problems. The proposed scheme refines the security of existing CP-ABE based schemes. Specifically, key escrow and conclusion problem are addressed by dividing key generation center into several distributed semi-trusted parts. Moreover, secrecy revocation algorithm is proposed to address not only back secrecy but efficient problem in existing CP-ABE based scheme. Furthermore, security and performance analyses indicate that the proposed scheme is both secure and efficient for cloud storage.

  19. Exploring Type-and-Identity-Based Proxy Re-Encryption Scheme to Securely Manage Personal Health Records

    NARCIS (Netherlands)

    Ibraimi, L.; Gangopadhyay, Aryya; Tang, Qiang; Hartel, Pieter H.; Jonker, Willem

    2010-01-01

    Commercial Web-based Personal-Health Record (PHR) systems can help patients to share their personal health records (PHRs) anytime from anywhere. PHRs are very sensitive data and an inappropriate disclosure may cause serious problems to an individual. Therefore commercial Web-based PHR systems have

  20. On the security of two remote user authentication schemes for telecare medical information systems.

    Science.gov (United States)

    Kim, Kee-Won; Lee, Jae-Dong

    2014-05-01

    The telecare medical information systems (TMISs) support convenient and rapid health-care services. A secure and efficient authentication scheme for TMIS provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Kumari et al. proposed a password based user authentication scheme using smart cards for TMIS, and claimed that the proposed scheme could resist various malicious attacks. However, we point out that their scheme is still vulnerable to lost smart card and cannot provide forward secrecy. Subsequently, Das and Goswami proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. They simulated their scheme for the formal security verification using the widely-accepted automated validation of Internet security protocols and applications (AVISPA) tool to ensure that their scheme is secure against passive and active attacks. However, we show that their scheme is still vulnerable to smart card loss attacks and cannot provide forward secrecy property. The proposed cryptanalysis discourages any use of the two schemes under investigation in practice and reveals some subtleties and challenges in designing this type of schemes.

  1. A secure smart-card based authentication and key agreement scheme for telecare medicine information systems.

    Science.gov (United States)

    Lee, Tian-Fu; Liu, Chuan-Ming

    2013-06-01

    A smart-card based authentication scheme for telecare medicine information systems enables patients, doctors, nurses, health visitors and the medicine information systems to establish a secure communication platform through public networks. Zhu recently presented an improved authentication scheme in order to solve the weakness of the authentication scheme of Wei et al., where the off-line password guessing attacks cannot be resisted. This investigation indicates that the improved scheme of Zhu has some faults such that the authentication scheme cannot execute correctly and is vulnerable to the attack of parallel sessions. Additionally, an enhanced authentication scheme based on the scheme of Zhu is proposed. The enhanced scheme not only avoids the weakness in the original scheme, but also provides users' anonymity and authenticated key agreements for secure data communications.

  2. Signature Schemes Secure against Hard-to-Invert Leakage

    DEFF Research Database (Denmark)

    Faust, Sebastian; Hazay, Carmit; Nielsen, Jesper Buus

    2012-01-01

    of the secret key. As a second contribution, we construct a signature scheme that achieves security for random messages assuming that the adversary is given a polynomial-time hard to invert function. Here, polynomial-hardness is required even when given the entire public-key – so called weak auxiliary input......-theoretically reveal the entire secret key. In this work, we propose the first constructions of digital signature schemes that are secure in the auxiliary input model. Our main contribution is a digital signature scheme that is secure against chosen message attacks when given an exponentially hard-to-invert function...... security. We show that such signature schemes readily give us auxiliary input secure identification schemes...

  3. CERN Health Insurance Scheme

    CERN Multimedia

    HR Department

    2011-01-01

    Changes implemented on 1 January 2011 In addition to the information provided in the Official News section of the Bulletin concerning the CHIS, the following changes are in place since 1 January 2011. Benefits The list of benefits including the ceilings will remain initially unchanged while the CHIS Board prepares proposals to the Director-General, who has been authorized by the Council to take timely measures to limit the increase of the CHIS expenses, by encouraging the use of health care providers and treatments which provide the best quality-to-cost ratio. Termination of the agreement with “La Metairie” Attempts to find an agreement with the management of “La Metairie” on the conditions to continue to collaborate failed. The present agreement that CHIS, as well as the other international organisations (WHO, ILO/ITU, UNOG) had signed, therefore came to an end on 31 December 2010. As a result, the rules applicable to hospitals without an agreement will apply to &...

  4. Security of Linear Secret-Sharing Schemes Against Mass Surveillance

    DEFF Research Database (Denmark)

    Giacomelli, Irene; Olimid, Ruxandra; Ranellucci, Samuel

    2015-01-01

    by a proprietary code that the provider (“big brother”) could manipulate to covertly violate the privacy of the users (by implementing Algorithm-Substitution Attacks or ASAs). First, we formalize the security notion that expresses the goal of big brother and prove that for any linear secret-sharing scheme...... there exists an undetectable subversion of it that efficiently allows surveillance. Second, we formalize the security notion that assures that a sharing scheme is secure against ASAs and construct the first sharing scheme that meets this notion....

  5. Secure and Efficient Anonymous Authentication Scheme in Global Mobility Networks

    Directory of Open Access Journals (Sweden)

    Jun-Sub Kim

    2013-01-01

    Full Text Available In 2012, Mun et al. pointed out that Wu et al.’s scheme failed to achieve user anonymity and perfect forward secrecy and disclosed the passwords of legitimate users. And they proposed a new enhancement for anonymous authentication scheme. However, their proposed scheme has vulnerabilities that are susceptible to replay attack and man-in-the-middle attack. It also incurs a high overhead in the database. In this paper, we examine the vulnerabilities in the existing schemes and the computational overhead incurred in the database. We then propose a secure and efficient anonymous authentication scheme for roaming service in global mobility network. Our proposed scheme is secure against various attacks, provides mutual authentication and session key establishment, and incurs less computational overhead in the database than Mun et al.'s scheme.

  6. Security, insecurity and health.

    Science.gov (United States)

    Coupland, Robin

    2007-03-01

    An examination of the nexus of security, insecurity and health shows that security is a prerequisite for health. The many and varied ways that armed violence--including threats of armed violence--can affect people's health can be documented by formal studies; however, valuable data also exist in other reports, such as media reports. The health community needs to recognize that people's insecurity is a massive global health issue. The foreign policies of donor governments should incorporate recognition that documentation, analysis and publication of data describing the impact of insecurity on people's health can lead to the creation of policies to enhance people's security.

  7. Sensor Data Security Level Estimation Scheme for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Alex Ramos

    2015-01-01

    Full Text Available Due to their increasing dissemination, wireless sensor networks (WSNs have become the target of more and more sophisticated attacks, even capable of circumventing both attack detection and prevention mechanisms. This may cause WSN users, who totally trust these security mechanisms, to think that a sensor reading is secure, even when an adversary has corrupted it. For that reason, a scheme capable of estimating the security level (SL that these mechanisms provide to sensor data is needed, so that users can be aware of the actual security state of this data and can make better decisions on its use. However, existing security estimation schemes proposed for WSNs fully ignore detection mechanisms and analyze solely the security provided by prevention mechanisms. In this context, this work presents the sensor data security estimator (SDSE, a new comprehensive security estimation scheme for WSNs. SDSE is designed for estimating the sensor data security level based on security metrics that analyze both attack prevention and detection mechanisms. In order to validate our proposed scheme, we have carried out extensive simulations that show the high accuracy of SDSE estimates.

  8. Sensor Data Security Level Estimation Scheme for Wireless Sensor Networks

    Science.gov (United States)

    Ramos, Alex; Filho, Raimir Holanda

    2015-01-01

    Due to their increasing dissemination, wireless sensor networks (WSNs) have become the target of more and more sophisticated attacks, even capable of circumventing both attack detection and prevention mechanisms. This may cause WSN users, who totally trust these security mechanisms, to think that a sensor reading is secure, even when an adversary has corrupted it. For that reason, a scheme capable of estimating the security level (SL) that these mechanisms provide to sensor data is needed, so that users can be aware of the actual security state of this data and can make better decisions on its use. However, existing security estimation schemes proposed for WSNs fully ignore detection mechanisms and analyze solely the security provided by prevention mechanisms. In this context, this work presents the sensor data security estimator (SDSE), a new comprehensive security estimation scheme for WSNs. SDSE is designed for estimating the sensor data security level based on security metrics that analyze both attack prevention and detection mechanisms. In order to validate our proposed scheme, we have carried out extensive simulations that show the high accuracy of SDSE estimates. PMID:25608215

  9. Sensor data security level estimation scheme for wireless sensor networks.

    Science.gov (United States)

    Ramos, Alex; Filho, Raimir Holanda

    2015-01-19

    Due to their increasing dissemination, wireless sensor networks (WSNs) have become the target of more and more sophisticated attacks, even capable of circumventing both attack detection and prevention mechanisms. This may cause WSN users, who totally trust these security mechanisms, to think that a sensor reading is secure, even when an adversary has corrupted it. For that reason, a scheme capable of estimating the security level (SL) that these mechanisms provide to sensor data is needed, so that users can be aware of the actual security state of this data and can make better decisions on its use. However, existing security estimation schemes proposed for WSNs fully ignore detection mechanisms and analyze solely the security provided by prevention mechanisms. In this context, this work presents the sensor data security estimator (SDSE), a new comprehensive security estimation scheme for WSNs. SDSE is designed for estimating the sensor data security level based on security metrics that analyze both attack prevention and detection mechanisms. In order to validate our proposed scheme, we have carried out extensive simulations that show the high accuracy of SDSE estimates.

  10. A Secure and Scalable Data Communication Scheme in Smart Grids

    Directory of Open Access Journals (Sweden)

    Chunqiang Hu

    2018-01-01

    Full Text Available The concept of smart grid gained tremendous attention among researchers and utility providers in recent years. How to establish a secure communication among smart meters, utility companies, and the service providers is a challenging issue. In this paper, we present a communication architecture for smart grids and propose a scheme to guarantee the security and privacy of data communications among smart meters, utility companies, and data repositories by employing decentralized attribute based encryption. The architecture is highly scalable, which employs an access control Linear Secret Sharing Scheme (LSSS matrix to achieve a role-based access control. The security analysis demonstrated that the scheme ensures security and privacy. The performance analysis shows that the scheme is efficient in terms of computational cost.

  11. Breaking a chaos-noise-based secure communication scheme

    Science.gov (United States)

    Li, Shujun; Álvarez, Gonzalo; Chen, Guanrong; Mou, Xuanqin

    2005-03-01

    This paper studies the security of a secure communication scheme based on two discrete-time intermittently chaotic systems synchronized via a common random driving signal. Some security defects of the scheme are revealed: 1) The key space can be remarkably reduced; 2) the decryption is insensitive to the mismatch of the secret key; 3) the key-generation process is insecure against known/chosen-plaintext attacks. The first two defects mean that the scheme is not secure enough against brute-force attacks, and the third one means that an attacker can easily break the cryptosystem by approximately estimating the secret key once he has a chance to access a fragment of the generated keystream. Yet it remains to be clarified if intermittent chaos could be used for designing secure chaotic cryptosystems.

  12. A security scheme of SMS system

    Science.gov (United States)

    Zhang, Fangzhou; Yang, Hong-Wei; Song, Chuck

    2005-02-01

    With the prosperous development and the use of SMS, more and more important information need to be transferred through the wireless and mobile networks by the users. But in the GSM/GPRS network, the SMS messages are transferred in text mode through the signaling channel and there is no integrality for SMS messages. Because of the speciality of the mobile communications, the security of signaling channel is very weak. So we need to improve and enhance the security and integrality of SMS. At present, developed investigation based on SMS security is still incomplete. The key distribution and management is not perfect to meet the usability in a wide area. This paper introduces a high-level security method to solve this problem. We design the Secure SMS of GSM/GPRS in order to improve the security of the important information that need to be transferred by the mobile networks. Using this method, we can improve the usability of E-payment and other mobile electronic commerce.

  13. A secure communication scheme using projective chaos synchronization

    International Nuclear Information System (INIS)

    Li Zhigang; Xu Daolin

    2004-01-01

    Most secure communication schemes using chaotic dynamics are based on identical synchronization. In this paper, we show the possibility of secure communication using projective synchronization (PS). The unpredictability of the scaling factor in projective synchronization can additionally enhance the security of communication. It is also showed that the scaling factor can be employed to improve the robustness against noise contamination. The feasibility of the communication scheme in high-dimensional chaotic systems, such as the hyperchaotic Roessler system, is demonstrated. Numerical results show the success in transmitting a sound signal through chaotic systems

  14. A secure quantum group signature scheme based on Bell states

    International Nuclear Information System (INIS)

    Zhang Kejia; Song Tingting; Zuo Huijuan; Zhang Weiwei

    2013-01-01

    In this paper, we propose a new secure quantum group signature with Bell states, which may have applications in e-payment system, e-government, e-business, etc. Compared with the recent quantum group signature protocols, our scheme is focused on the most general situation in practice, i.e. only the arbitrator is trusted and no intermediate information needs to be stored in the signing phase to ensure the security. Furthermore, our scheme has achieved all the characteristics of group signature—anonymity, verifiability, traceability, unforgetability and undeniability, by using some current developed quantum and classical technologies. Finally, a feasible security analysis model for quantum group signature is presented. (paper)

  15. A Secure and Efficient Certificateless Short Signature Scheme

    Directory of Open Access Journals (Sweden)

    Lin Cheng

    2013-07-01

    Full Text Available Certificateless public key cryptography combines advantage of traditional public key cryptography and identity-based public key cryptography as it avoids usage of certificates and resolves the key escrow problem. In 2007, Huang et al. classified adversaries against certificateless signatures according to their attack power into normal, strong and super adversaries (ordered by their attack power. In this paper, we propose a new certificateless short signature scheme and prove that it is secure against both of the super type I and the super type II adversaries. Our new scheme not only achieves the strongest security level but also has the shortest signature length (one group element. Compared with the other short certificateless signature schemes which have a similar security level, our new scheme has less operation cost.

  16. Distributed public key schemes secure against continual leakage

    DEFF Research Database (Denmark)

    Akavia, Adi; Goldwasser, Shafi; Hazay, Carmit

    2012-01-01

    -secure against continual memory leakage. Our DPKE scheme also implies a secure storage system on leaky devices, where a value s can be secretely stored on devices that continually leak information about their internal state to an external attacker. The devices go through a periodic refresh protocol......In this work we study distributed public key schemes secure against continual memory leakage. The secret key will be shared among two computing devices communicating over a public channel, and the decryption operation will be computed by a simple 2-party protocol between the devices. Similarly...... against continual memory leakage, under the Bilinear Decisional Diffie-Hellman and $2$-linear assumptions. Our schemes have the following properties: 1. Our DPKE and DIBE schemes tolerate leakage at all times, including during refresh. During refresh the tolerated leakage is a (1/2-o (1),1)-fraction...

  17. XMSS : a practical forward secure signature scheme based on minimal security assumptions

    NARCIS (Netherlands)

    Buchmann, Johannes; Dahmen, Erik; Hülsing, Andreas; Yang, B.-Y.

    2011-01-01

    We present the hash-based signature scheme XMSS. It is the first provably (forward) secure and practical signature scheme with minimal security requirements: a pseudorandom and a second preimage resistant (hash) function family. Its signature size is reduced to less than 25% compared to the best

  18. A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system.

    Science.gov (United States)

    Das, Ashok Kumar

    2015-03-01

    An integrated EPR (Electronic Patient Record) information system of all the patients provides the medical institutions and the academia with most of the patients' information in details for them to make corrective decisions and clinical decisions in order to maintain and analyze patients' health. In such system, the illegal access must be restricted and the information from theft during transmission over the insecure Internet must be prevented. Lee et al. proposed an efficient password-based remote user authentication scheme using smart card for the integrated EPR information system. Their scheme is very efficient due to usage of one-way hash function and bitwise exclusive-or (XOR) operations. However, in this paper, we show that though their scheme is very efficient, their scheme has three security weaknesses such as (1) it has design flaws in password change phase, (2) it fails to protect privileged insider attack and (3) it lacks the formal security verification. We also find that another recently proposed Wen's scheme has the same security drawbacks as in Lee at al.'s scheme. In order to remedy these security weaknesses found in Lee et al.'s scheme and Wen's scheme, we propose a secure and efficient password-based remote user authentication scheme using smart cards for the integrated EPR information system. We show that our scheme is also efficient as compared to Lee et al.'s scheme and Wen's scheme as our scheme only uses one-way hash function and bitwise exclusive-or (XOR) operations. Through the security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks.

  19. Global Health Security

    Centers for Disease Control (CDC) Podcasts

    2017-09-21

    Dr. Jordan Tappero, a CDC senior advisor on global health, discusses the state of global health security.  Created: 9/21/2017 by National Center for Emerging and Zoonotic Infectious Diseases (NCEZID), Center for Global Health (CGH).   Date Released: 9/21/2017.

  20. Secure Biometric E-Voting Scheme

    Science.gov (United States)

    Ahmed, Taha Kh.; Aborizka, Mohamed

    The implementation of the e-voting becomes more substantial with the rapid increase of e-government development. The recent growth in communications and cryptographic techniques facilitate the implementation of e-voting. Many countries introduced e-voting systems; unfortunately most of these systems are not fully functional. In this paper we will present an e-voting scheme that covers most of the e-voting requirements, smart card and biometric recognition technology were implemented to guarantee voter's privacy and authentication.

  1. Security analysis and improvements of arbitrated quantum signature schemes

    International Nuclear Information System (INIS)

    Zou Xiangfu; Qiu Daowen

    2010-01-01

    A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. For signing quantum messages, some arbitrated quantum signature (AQS) schemes have been proposed. It was claimed that these AQS schemes could guarantee unconditional security. However, we show that they can be repudiated by the receiver Bob. To conquer this shortcoming, we construct an AQS scheme using a public board. The AQS scheme not only avoids being disavowed by the receiver but also preserves all merits in the existing schemes. Furthermore, we discover that entanglement is not necessary while all these existing AQS schemes depend on entanglement. Therefore, we present another AQS scheme without utilizing entangled states in the signing phase and the verifying phase. This scheme has three advantages: it does not utilize entangled states and it preserves all merits in the existing schemes; the signature can avoid being disavowed by the receiver; and it provides a higher efficiency in transmission and reduces the complexity of implementation.

  2. A New Quantum Secure Direct Communication Scheme with Authentication

    International Nuclear Information System (INIS)

    Dan, Liu; Chang-Xing, Pei; Dong-Xiao, Quan; Nan, Zhao

    2010-01-01

    A new quantum secure direct communication (QSDC) scheme with authentication is proposed based on polarized photons and EPR pairs. EPR pairs are used to transmit information, while polarized photons are used to detect Eve and their encoding bases are used to transmit authentication information. Alice and Bob have their own identity number which is shared by legal users only. The identity number is encoded on the bases of polarized photons and distilled if there is no Eve. Compared with other QSDC schemes with authentication, this new scheme is considerably easier and less expensive to implement in a practical setting

  3. Towards a security model for computational puzzle schemes

    NARCIS (Netherlands)

    Tang, Qiang; Jeckmans, Arjan

    2011-01-01

    In the literature, computational puzzle schemes have been considered as a useful tool for a number of applications, such as constructing timed cryptography, fighting junk emails, and protecting critical infrastructure from denial-of-service attacks. However, there is a lack of a general security

  4. Joint Schemes for Physical Layer Security and Error Correction

    Science.gov (United States)

    Adamo, Oluwayomi

    2011-01-01

    The major challenges facing resource constraint wireless devices are error resilience, security and speed. Three joint schemes are presented in this research which could be broadly divided into error correction based and cipher based. The error correction based ciphers take advantage of the properties of LDPC codes and Nordstrom Robinson code. A…

  5. A secure user anonymity-preserving three-factor remote user authentication scheme for the telecare medicine information systems.

    Science.gov (United States)

    Das, Ashok Kumar

    2015-03-01

    Recent advanced technology enables the telecare medicine information system (TMIS) for the patients to gain the health monitoring facility at home and also to access medical services over the Internet of mobile networks. Several remote user authentication schemes have been proposed in the literature for TMIS. However, most of them are either insecure against various known attacks or they are inefficient. Recently, Tan proposed an efficient user anonymity preserving three-factor authentication scheme for TMIS. In this paper, we show that though Tan's scheme is efficient, it has several security drawbacks such as (1) it fails to provide proper authentication during the login phase, (2) it fails to provide correct updation of password and biometric of a user during the password and biometric update phase, and (3) it fails to protect against replay attack. In addition, Tan's scheme lacks the formal security analysis and verification. Later, Arshad and Nikooghadam also pointed out some security flaws in Tan's scheme and then presented an improvement on Tan's s scheme. However, we show that Arshad and Nikooghadam's scheme is still insecure against the privileged-insider attack through the stolen smart-card attack, and it also lacks the formal security analysis and verification. In order to withstand those security loopholes found in both Tan's scheme, and Arshad and Nikooghadam's scheme, we aim to propose an effective and more secure three-factor remote user authentication scheme for TMIS. Our scheme provides the user anonymity property. Through the rigorous informal and formal security analysis using random oracle models and the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, we show that our scheme is secure against various known attacks, including the replay and man-in-the-middle attacks. Furthermore, our scheme is also efficient as compared to other related schemes.

  6. A Provably-Secure Transmission Scheme for Wireless Body Area Networks.

    Science.gov (United States)

    Omala, Anyembe Andrew; Robert, Niyifasha; Li, Fagen

    2016-11-01

    Wireless body area network (WBANs) is composed of sensors that collect and transmit a person's physiological data to health-care providers in real-time. In order to guarantee security of this data over open networks, a secure data transmission mechanism between WBAN and application provider's servers is of necessity. Modified medical data does not provide a true reflection of an individuals state of health and its subsequent use for diagnosis could lead to an irreversible medical condition. In this paper, we propose a lightweight certificateless signcryption scheme for secure transmission of data between WBAN and servers. Our proposed scheme not only provides confidentiality of data and authentication in a single logical step, it is lightweight and resistant to key escrow attacks. We further provide security proof that our scheme provides indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model. Compared with two other Diffie-Hellman based signcryption schemes proposed by Barbosa and Farshim (BF) and another by Yin and Liang (YL), our scheme consumes 46 % and 8 % less energy during signcryption than BF and YL scheme respectively.

  7. Building Secure Public Key Encryption Scheme from Hidden Field Equations

    Directory of Open Access Journals (Sweden)

    Yuan Ping

    2017-01-01

    Full Text Available Multivariate public key cryptography is a set of cryptographic schemes built from the NP-hardness of solving quadratic equations over finite fields, amongst which the hidden field equations (HFE family of schemes remain the most famous. However, the original HFE scheme was insecure, and the follow-up modifications were shown to be still vulnerable to attacks. In this paper, we propose a new variant of the HFE scheme by considering the special equation x2=x defined over the finite field F3 when x=0,1. We observe that the equation can be used to further destroy the special structure of the underlying central map of the HFE scheme. It is shown that the proposed public key encryption scheme is secure against known attacks including the MinRank attack, the algebraic attacks, and the linearization equations attacks. The proposal gains some advantages over the original HFE scheme with respect to the encryption speed and public key size.

  8. A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system.

    Science.gov (United States)

    Lee, Tian-Fu; Chang, I-Pin; Lin, Tsung-Hung; Wang, Ching-Cheng

    2013-06-01

    The integrated EPR information system supports convenient and rapid e-medicine services. A secure and efficient authentication scheme for the integrated EPR information system provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Wu et al. proposed an efficient password-based user authentication scheme using smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various malicious attacks. However, their scheme is still vulnerable to lost smart card and stolen verifier attacks. This investigation discusses these weaknesses and proposes a secure and efficient authentication scheme for the integrated EPR information system as alternative. Compared with related approaches, the proposed scheme not only retains a lower computational cost and does not require verifier tables for storing users' secrets, but also solves the security problems in previous schemes and withstands possible attacks.

  9. Efficient and Provable Secure Pairing-Free Security-Mediated Identity-Based Identification Schemes

    Directory of Open Access Journals (Sweden)

    Ji-Jian Chin

    2014-01-01

    Full Text Available Security-mediated cryptography was first introduced by Boneh et al. in 2001. The main motivation behind security-mediated cryptography was the capability to allow instant revocation of a user’s secret key by necessitating the cooperation of a security mediator in any given transaction. Subsequently in 2003, Boneh et al. showed how to convert a RSA-based security-mediated encryption scheme from a traditional public key setting to an identity-based one, where certificates would no longer be required. Following these two pioneering papers, other cryptographic primitives that utilize a security-mediated approach began to surface. However, the security-mediated identity-based identification scheme (SM-IBI was not introduced until Chin et al. in 2013 with a scheme built on bilinear pairings. In this paper, we improve on the efficiency results for SM-IBI schemes by proposing two schemes that are pairing-free and are based on well-studied complexity assumptions: the RSA and discrete logarithm assumptions.

  10. Efficient and provable secure pairing-free security-mediated identity-based identification schemes.

    Science.gov (United States)

    Chin, Ji-Jian; Tan, Syh-Yuan; Heng, Swee-Huay; Phan, Raphael C-W

    2014-01-01

    Security-mediated cryptography was first introduced by Boneh et al. in 2001. The main motivation behind security-mediated cryptography was the capability to allow instant revocation of a user's secret key by necessitating the cooperation of a security mediator in any given transaction. Subsequently in 2003, Boneh et al. showed how to convert a RSA-based security-mediated encryption scheme from a traditional public key setting to an identity-based one, where certificates would no longer be required. Following these two pioneering papers, other cryptographic primitives that utilize a security-mediated approach began to surface. However, the security-mediated identity-based identification scheme (SM-IBI) was not introduced until Chin et al. in 2013 with a scheme built on bilinear pairings. In this paper, we improve on the efficiency results for SM-IBI schemes by proposing two schemes that are pairing-free and are based on well-studied complexity assumptions: the RSA and discrete logarithm assumptions.

  11. Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems.

    Science.gov (United States)

    Sutrala, Anil Kumar; Das, Ashok Kumar; Odelu, Vanga; Wazid, Mohammad; Kumari, Saru

    2016-10-01

    Information and communication and technology (ICT) has changed the entire paradigm of society. ICT facilitates people to use medical services over the Internet, thereby reducing the travel cost, hospitalization cost and time to a greater extent. Recent advancements in Telecare Medicine Information System (TMIS) facilitate users/patients to access medical services over the Internet by gaining health monitoring facilities at home. Amin and Biswas recently proposed a RSA-based user authentication and session key agreement protocol usable for TMIS, which is an improvement over Giri et al.'s RSA-based user authentication scheme for TMIS. In this paper, we show that though Amin-Biswas's scheme considerably improves the security drawbacks of Giri et al.'s scheme, their scheme has security weaknesses as it suffers from attacks such as privileged insider attack, user impersonation attack, replay attack and also offline password guessing attack. A new RSA-based user authentication scheme for TMIS is proposed, which overcomes the security pitfalls of Amin-Biswas's scheme and also preserves user anonymity property. The careful formal security analysis using the two widely accepted Burrows-Abadi-Needham (BAN) logic and the random oracle models is done. Moreover, the informal security analysis of the scheme is also done. These security analyses show the robustness of our new scheme against the various known attacks as well as attacks found in Amin-Biswas's scheme. The simulation of the proposed scheme using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is also done. We present a new user authentication and session key agreement scheme for TMIS, which fixes the mentioned security pitfalls found in Amin-Biswas's scheme, and we also show that the proposed scheme provides better security than other existing schemes through the rigorous security analysis and verification tool. Furthermore, we present the formal security

  12. Information Security Scheme Based on Computational Temporal Ghost Imaging.

    Science.gov (United States)

    Jiang, Shan; Wang, Yurong; Long, Tao; Meng, Xiangfeng; Yang, Xiulun; Shu, Rong; Sun, Baoqing

    2017-08-09

    An information security scheme based on computational temporal ghost imaging is proposed. A sequence of independent 2D random binary patterns are used as encryption key to multiply with the 1D data stream. The cipher text is obtained by summing the weighted encryption key. The decryption process can be realized by correlation measurement between the encrypted information and the encryption key. Due to the instinct high-level randomness of the key, the security of this method is greatly guaranteed. The feasibility of this method and robustness against both occlusion and additional noise attacks are discussed with simulation, respectively.

  13. Health Security and Risk Aversion.

    Science.gov (United States)

    Herington, Jonathan

    2016-09-01

    Health security has become a popular way of justifying efforts to control catastrophic threats to public health. Unfortunately, there has been little analysis of the concept of health security, nor the relationship between health security and other potential aims of public health policy. In this paper I develop an account of health security as an aversion to risky policy options. I explore three reasons for thinking risk avoidance is a distinctly worthwhile aim of public health policy: (i) that security is intrinsically valuable, (ii) that it is necessary for social planning and (iii) that it is an appropriate response to decision-making in contexts of very limited information. Striking the right balance between securing and maximizing population health thus requires a substantive, and hitherto unrecognized, value judgment. Finally, I critically evaluate the current health security agenda in light of this new account of the concept and its relationship to the other aims of public health policy. © 2016 John Wiley & Sons Ltd.

  14. A Secure Trust Establishment Scheme for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Farruh Ishmanov

    2014-01-01

    Full Text Available Trust establishment is an important tool to improve cooperation and enhance security in wireless sensor networks. The core of trust establishment is trust estimation. If a trust estimation method is not robust against attack and misbehavior, the trust values produced will be meaningless, and system performance will be degraded. We present a novel trust estimation method that is robust against on-off attacks and persistent malicious behavior. Moreover, in order to aggregate recommendations securely, we propose using a modified one-step M-estimator scheme. The novelty of the proposed scheme arises from combining past misbehavior with current status in a comprehensive way. Specifically, we introduce an aggregated misbehavior component in trust estimation, which assists in detecting an on-off attack and persistent malicious behavior. In order to determine the current status of the node, we employ previous trust values and current measured misbehavior components. These components are combined to obtain a robust trust value. Theoretical analyses and evaluation results show that our scheme performs better than other trust schemes in terms of detecting an on-off attack and persistent misbehavior.

  15. A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS.

    Science.gov (United States)

    Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

    2015-09-01

    The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to

  16. Review analysis of properties for an ideal secure biometric template scheme

    CSIR Research Space (South Africa)

    Mzila, Phiwa

    2016-02-01

    Full Text Available privacy and system security. To mitigate this problem, various biometric protection techniques have been proposed. Most of these schemes aim to satisfy diversity, revocability, security and performance properties, as requirements for ideal secured...

  17. Securing Health Sensing Using Integrated Circuit Metric

    Science.gov (United States)

    Tahir, Ruhma; Tahir, Hasan; McDonald-Maier, Klaus

    2015-01-01

    Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric) that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware “fingerprints”. The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner. PMID:26492250

  18. Securing Health Sensing Using Integrated Circuit Metric

    Directory of Open Access Journals (Sweden)

    Ruhma Tahir

    2015-10-01

    Full Text Available Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware “fingerprints”. The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner.

  19. Securing health sensing using integrated circuit metric.

    Science.gov (United States)

    Tahir, Ruhma; Tahir, Hasan; McDonald-Maier, Klaus

    2015-10-20

    Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric) that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware "fingerprints". The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner.

  20. An adaptive chaos synchronization scheme applied to secure communication

    International Nuclear Information System (INIS)

    Feki, Moez

    2003-01-01

    This paper deals with the problem of synchronization of a class of continuous-time chaotic systems using the drive-response concept. An adaptive observer-based response system is designed to synchronize with a given chaotic drive system whose dynamical model is subjected to unknown parameters. Using the Lyapunov stability theory an adaptation law is derived to estimate the unknown parameters. We show that synchronization is achieved asymptotically. The approach is next applied to chaos-based secure communication. To demonstrate the efficiency of the proposed scheme numerical simulations are presented

  1. Secure searching of biomarkers through hybrid homomorphic encryption scheme.

    Science.gov (United States)

    Kim, Miran; Song, Yongsoo; Cheon, Jung Hee

    2017-07-26

    As genome sequencing technology develops rapidly, there has lately been an increasing need to keep genomic data secure even when stored in the cloud and still used for research. We are interested in designing a protocol for the secure outsourcing matching problem on encrypted data. We propose an efficient method to securely search a matching position with the query data and extract some information at the position. After decryption, only a small amount of comparisons with the query information should be performed in plaintext state. We apply this method to find a set of biomarkers in encrypted genomes. The important feature of our method is to encode a genomic database as a single element of polynomial ring. Since our method requires a single homomorphic multiplication of hybrid scheme for query computation, it has the advantage over the previous methods in parameter size, computation complexity, and communication cost. In particular, the extraction procedure not only prevents leakage of database information that has not been queried by user but also reduces the communication cost by half. We evaluate the performance of our method and verify that the computation on large-scale personal data can be securely and practically outsourced to a cloud environment during data analysis. It takes about 3.9 s to search-and-extract the reference and alternate sequences at the queried position in a database of size 4M. Our solution for finding a set of biomarkers in DNA sequences shows the progress of cryptographic techniques in terms of their capability can support real-world genome data analysis in a cloud environment.

  2. Fine-Grained Forward-Secure Signature Schemes without Random Oracles

    DEFF Research Database (Denmark)

    Camenisch, Jan; Koprowski, Maciej

    2006-01-01

    We propose the concept of fine-grained forward-secure signature schemes. Such signature schemes not only provide nonrepudiation w.r.t. past time periods the way ordinary forward-secure signature schemes do but, in addition, allow the signer to specify which signatures of the current time period...... remain valid when revoking the public key. This is an important advantage if the signer produces many signatures per time period as otherwise the signer would have to re-issue those signatures (and possibly re-negotiate the respective messages) with a new key.Apart from a formal model for fine......-grained forward-secure signature schemes, we present practical schemes and prove them secure under the strong RSA assumption only, i.e., we do not resort to the random oracle model to prove security. As a side-result, we provide an ordinary forward-secure scheme whose key-update time is significantly smaller than...

  3. On the security of pairing-free certificateless digital signature schemes using ECC

    Directory of Open Access Journals (Sweden)

    Namita Tiwari

    2015-09-01

    Full Text Available I cryptanalyze the pairing-free digital signature scheme of Islam et al. which is proven secure against “adaptive chosen message attacks”. I introduce this type of forgery to analyze their scheme. Furthermore, I comment on general security issues that should be considered when making improvements on their scheme. My security analysis is also applicable to other digital signatures designed in a similar manner.

  4. Security Scheme Based on Parameter Hiding Technic for Mobile Communication in a Secure Cyber World

    Directory of Open Access Journals (Sweden)

    Jong Hyuk Park

    2016-10-01

    Full Text Available Long Term Evolution (LTE and Long Term Evolution-Advanced (LTE-A support a better data transmission service than 3G dose and are globally commercialized technologies in a cyber world that is essential for constructing a future mobile environment, since network traffics have exponentially increased as people have started to use more than just one mobile device. However, when User Equipment (UE is executing initial attach processes to access LTE networks, there is a vulnerability in which identification parameters like International Mobile Subscriber Identity (IMSI and Radio Network Temporary Identities (RNTI are transmitted as plain texts. It can threat various services that are commercialized therewith in a cyber world. Therefore, a security scheme is proposed in this paper where identification parameters can be securely transmitted and hidden in four cases where initial attach occurs between UE and Mobility Management Entity (MME. The proposed security scheme not only supports encrypted transmission of identification parameters but also mutual authentication between Evolved Node B (eNB and MME to make a secure cyber world. Additionally, performance analysis results using an OPNET simulator showed the satisfaction of the average delay rate that is specified in LTE standards.

  5. Identity based Encryption and Biometric Authentication Scheme for Secure Data Access in Cloud Computing

    DEFF Research Database (Denmark)

    Cheng, Hongbing; Rong, Chunming; Tan, Zheng-Hua

    2012-01-01

    Cloud computing will be a main information infrastructure in the future; it consists of many large datacenters which are usually geographically distributed and heterogeneous. How to design a secure data access for cloud computing platform is a big challenge. In this paper, we propose a secure data...... access scheme based on identity-based encryption and biometric authentication for cloud computing. Firstly, we describe the security concern of cloud computing and then propose an integrated data access scheme for cloud computing, the procedure of the proposed scheme include parameter setup, key...... distribution, feature template creation, cloud data processing and secure data access control. Finally, we compare the proposed scheme with other schemes through comprehensive analysis and simulation. The results show that the proposed data access scheme is feasible and secure for cloud computing....

  6. BVS: A Lightweight Forward and Backward Secure Scheme for PMU Communications in Smart Grid

    Directory of Open Access Journals (Sweden)

    Wei Ren

    2011-01-01

    Full Text Available In smart grid, phaser measurement units (PMUs can upload readings to utility centers via supervisory control and data acquisition (SCADA or energy management system (EMS to enable intelligent controlling and scheduling. It is critical to maintain the secrecy of readings so as to protect customers' privacy, together with integrity and source authentication for the reliability and stability of power scheduling. In particular, appealing security scheme needs to perform well in PMUs that usually have computational resource constraints, thus designed security protocols have to remain lightweight in terms of computation and storage. In this paper, we propose a family of schemes to solve this problem. They are public key based scheme (PKS, password based scheme (PWS and billed value-based scheme (BVS. BVS can achieve forward and backward security and only relies on hash functions. Security analysis justifies that the proposed schemes, especially BVS, can attain the security goals with low computation and storage cost.

  7. An efficient and provable secure revocable identity-based encryption scheme.

    Directory of Open Access Journals (Sweden)

    Changji Wang

    Full Text Available Revocation functionality is necessary and crucial to identity-based cryptosystems. Revocable identity-based encryption (RIBE has attracted a lot of attention in recent years, many RIBE schemes have been proposed in the literature but shown to be either insecure or inefficient. In this paper, we propose a new scalable RIBE scheme with decryption key exposure resilience by combining Lewko and Waters' identity-based encryption scheme and complete subtree method, and prove our RIBE scheme to be semantically secure using dual system encryption methodology. Compared to existing scalable and semantically secure RIBE schemes, our proposed RIBE scheme is more efficient in term of ciphertext size, public parameters size and decryption cost at price of a little looser security reduction. To the best of our knowledge, this is the first construction of scalable and semantically secure RIBE scheme with constant size public system parameters.

  8. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

    Science.gov (United States)

    Jung, Jaewook; Kang, Dongwoo; Lee, Donghoon; Won, Dongho

    2017-01-01

    Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

  9. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

    Directory of Open Access Journals (Sweden)

    Jaewook Jung

    Full Text Available Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

  10. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

    Science.gov (United States)

    Kang, Dongwoo; Lee, Donghoon; Won, Dongho

    2017-01-01

    Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency. PMID:28046075

  11. The social security scheme in Thailand: what lessons can be drawn?

    Science.gov (United States)

    Tangcharoensathien, V; Supachutikul, A; Lertiendumrong, J

    1999-04-01

    The Social Security Scheme was launched in 1990, covering formal sector private employees for non-work related sickness, maternity and invalidity including cash benefits and funeral grants. The scheme is financed by tripartite contributions from government, employers and employees, each of 1.5% of payroll (total of 4.5%). The scheme decided to pay health care providers, whether public or private, on a flat rate capitation basis to cover both ambulatory and inpatient care. Registration of the insured with a contractor hospital was a necessary consequence of the chosen capitation payment system. The aim of this paper is to review the operation of the scheme, and to explore the implications of capitation payment and registration for utilisation levels and provider behaviour. A key weakness of the scheme's design is suggested to be the initial decision to give employers not employees the responsibility for choosing the registered hospitals. This was done for administrative reasons, but it contributed to low levels of use of the contractor hospitals. In addition, low levels of use were also probably the result of the potential for cream skimming, cost shifting from inpatient to ambulatory care and under-provision of patient care, though since monitoring mechanisms by the Social Security Office were weak, these effects are difficult to detect conclusively. Mechanisms to improve utilisation levels were gradually introduced, such as employee choice of registered hospitals and the formation of sub-contractor networks to improve access to care. A beneficial effect of the capitation payment system was that the Social Security Fund generated substantial reserves and expenditures on sickness benefits were well stabilised. The paper ends by recommending that future policy amendments should be guided by research and empirical findings and that tougher monitoring and enforcement of quality of care standards are required.

  12. Secure networking quantum key distribution schemes with Greenberger-Horne-Zeilinger states

    Energy Technology Data Exchange (ETDEWEB)

    Guo, Ying; Shi, Ronghua [School of Information Science and Engineering, Central South University, Changsha 410083 (China); Zeng, Guihua [Department of Electronic Engineering, Shanghai Jiaotong University, Shanghai 200030 (China)], E-mail: sdguoying@gmail.com, E-mail: rhshi@mail.edu.com, E-mail: ghzeng@sjtu.edu.cn

    2010-04-15

    A novel approach to quantum cryptography to be called NQKD, networking quantum key distribution, has been developed for secure quantum communication schemes on the basis of the complementary relations of entanglement Greenberger-Horne-Zeilinger (GHZ) triplet states. One scheme distributes the private key among legal participants in a probabilistic manner, while another transmits the deterministic message with some certainty. Some decoy photons are employed for preventing a potential eavesdropper from attacking quantum channels. The present schemes are efficient as there exists an elegant method for key distributions. The security of the proposed schemes is exactly guaranteed by the entanglement of the GHZ quantum system, which is illustrated in security analysis.

  13. Secure networking quantum key distribution schemes with Greenberger-Horne-Zeilinger states

    International Nuclear Information System (INIS)

    Guo, Ying; Shi, Ronghua; Zeng, Guihua

    2010-01-01

    A novel approach to quantum cryptography to be called NQKD, networking quantum key distribution, has been developed for secure quantum communication schemes on the basis of the complementary relations of entanglement Greenberger-Horne-Zeilinger (GHZ) triplet states. One scheme distributes the private key among legal participants in a probabilistic manner, while another transmits the deterministic message with some certainty. Some decoy photons are employed for preventing a potential eavesdropper from attacking quantum channels. The present schemes are efficient as there exists an elegant method for key distributions. The security of the proposed schemes is exactly guaranteed by the entanglement of the GHZ quantum system, which is illustrated in security analysis.

  14. Stochastic Actuarial Modelling of a Defined-Benefit Social Security Pension Scheme: An Analytical Approach

    OpenAIRE

    Iyer, Subramaniam

    2017-01-01

    Among the systems in place in different countries for the protection of the population against the long-term contingencies of old-age (or retirement), disability and death (or survivorship), defined-benefit social security pension schemes, i.e. social insurance pension schemes, by far predominate, despite the recent trend towards defined-contribution arrangements in social security reforms. Actuarial valuations of these schemes, unlike other branches of insurance, continue to be carried out a...

  15. Social security administration in India- study of provident funds and pension scheme

    OpenAIRE

    Rao, Madhava P

    2005-01-01

    Social Security is becoming a distinct part of social policy of India and the time has come to give a serious thought to ever increasing Social Security needs of the population. There are diversified views on extension of Social Security coverage. Some say it should be limited to only working population and to their families and while others say that the entire population should be covered under Social Security programmes. Social Security schemes further have been branched out as protective...

  16. INFORMATION FROM THE CERN HEALTH INSURANCE SCHEME

    CERN Document Server

    Tel : 7-3635

    2002-01-01

    Please note that, from 1 July 2002, the tariff agreement between CERN and the Hôpital de la Tour will no longer be in force. As a result the members of the CERN Health Insurance Scheme will no longer obtain a 5% discount for quick payment of bills. More information on the termination of the agreement and the implications for our Health Insurance Scheme will be provided in the next issue of the CHIS Bull', due for publication in the first half of July. It will be sent to your home address, so, if you have moved recently, please check that your divisional secretariat has your current address. Tel.: 73635 The Organization's Health Insurance Scheme (CHIS) has launched its own Web pages, located on the Website of the Social & Statutory Conditions Group of HR Division (HR-SOC). The address is short and easy-to-remember www.cern.ch/chis The pages currently available concentrate on providing basic information. Over the coming months it is planned to fill out the details and introduce new topics. Please give us ...

  17. Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems.

    Science.gov (United States)

    Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Li, Xiong

    2015-11-01

    The E-health care systems employ IT infrastructure for maximizing health care resources utilization as well as providing flexible opportunities to the remote patient. Therefore, transmission of medical data over any public networks is necessary in health care system. Note that patient authentication including secure data transmission in e-health care system is critical issue. Although several user authentication schemes for accessing remote services are available, their security analysis show that none of them are free from relevant security attacks. We reviewed Das et al.'s scheme and demonstrated their scheme lacks proper protection against several security attacks such as user anonymity, off-line password guessing attack, smart card theft attack, user impersonation attack, server impersonation attack, session key discloser attack. In order to overcome the mentioned security pitfalls, this paper proposes an anonymity preserving remote patient authentication scheme usable in E-health care systems. We then validated the security of the proposed scheme using BAN logic that ensures secure mutual authentication and session key agreement. We also presented the experimental results of the proposed scheme using AVISPA software and the results ensure that our scheme is secure under OFMC and CL-AtSe models. Moreover, resilience of relevant security attacks has been proved through both formal and informal security analysis. The performance analysis and comparison with other schemes are also made, and it has been found that the proposed scheme overcomes the security drawbacks of the Das et al.'s scheme and additionally achieves extra security requirements.

  18. Security enhanced multi-factor biometric authentication scheme using bio-hash function.

    Directory of Open Access Journals (Sweden)

    Younsung Choi

    Full Text Available With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An's scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user's ID during login. Cao and Ge improved upon Younghwa An's scheme, but various security problems remained. This study demonstrates that Cao and Ge's scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge's scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost.

  19. Security enhanced multi-factor biometric authentication scheme using bio-hash function

    Science.gov (United States)

    Lee, Youngsook; Moon, Jongho

    2017-01-01

    With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An’s scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user’s ID during login. Cao and Ge improved upon Younghwa An’s scheme, but various security problems remained. This study demonstrates that Cao and Ge’s scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge’s scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost. PMID:28459867

  20. Security enhanced multi-factor biometric authentication scheme using bio-hash function.

    Science.gov (United States)

    Choi, Younsung; Lee, Youngsook; Moon, Jongho; Won, Dongho

    2017-01-01

    With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An's scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user's ID during login. Cao and Ge improved upon Younghwa An's scheme, but various security problems remained. This study demonstrates that Cao and Ge's scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge's scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost.

  1. mHealth Security.

    Science.gov (United States)

    Bajwa, Mohammad

    2014-07-01

    With the implementation of Electronic Health Record (EHR), the patients' health information will reside on the network of computers that can be accessed through a variety of techniques and technologies. One of the widely used present-day communication technology is the mobile/cell phone that has great potential in the healthcare delivery and management as the healthcare providers can remotely access electronically stored health information of patients from anywhere anytime. One of the greatest advantages of the mobile health technology is convenience of time-independent communication from geographically distant places with the healthcare centers and patients that enhances healthcare quality at reduced cost. However, its equally great disadvantage lies in sending and receiving the health information wirelessly through atmosphere which can be easily intercepted, eavesdropped, interjected, modified or even destroyed.

  2. Security Analysis of a Remote User Authentication Scheme with Smart Cards

    OpenAIRE

    Kumar, Manoj

    2007-01-01

    Yoon et al. proposed a new efficient remote user authentication scheme using smart cards to solve the security problems of W. C. Ku and S. M. Chen scheme. This paper reviews Yoon et al. scheme and then proves that the password change phase of Yoon et al. scheme is still insecure. This paper also proves that the Yoon et al. is still vulnerable to parallel session attack.

  3. A Study on the Security Levels of Spread-Spectrum Embedding Schemes in the WOA Framework.

    Science.gov (United States)

    Wang, Yuan-Gen; Zhu, Guopu; Kwong, Sam; Shi, Yun-Qing

    2017-08-23

    Security analysis is a very important issue for digital watermarking. Several years ago, according to Kerckhoffs' principle, the famous four security levels, namely insecurity, key security, subspace security, and stego-security, were defined for spread-spectrum (SS) embedding schemes in the framework of watermarked-only attack. However, up to now there has been little application of the definition of these security levels to the theoretical analysis of the security of SS embedding schemes, due to the difficulty of the theoretical analysis. In this paper, based on the security definition, we present a theoretical analysis to evaluate the security levels of five typical SS embedding schemes, which are the classical SS, the improved SS (ISS), the circular extension of ISS, the nonrobust and robust natural watermarking, respectively. The theoretical analysis of these typical SS schemes are successfully performed by taking advantage of the convolution of probability distributions to derive the probabilistic models of watermarked signals. Moreover, simulations are conducted to illustrate and validate our theoretical analysis. We believe that the theoretical and practical analysis presented in this paper can bridge the gap between the definition of the four security levels and its application to the theoretical analysis of SS embedding schemes.

  4. A Novel Deterministic Secure Quantum Communication Scheme with Einstein—Podolsky—Rosen Pairs and Single Photons

    International Nuclear Information System (INIS)

    Wang Chao; Liu Jian-Wei; Liu Xiao; Shang Tao

    2013-01-01

    A novel deterministic secure quantum communication (DSQC) scheme is presented based on Einstein-Podolsky-Rosen (EPR) pairs and single photons in this study. In this scheme, the secret message can be encoded directly on the first particles of the prepared Bell states by simple unitary operations and decoded by performing the Bell-basis measurement after the additional classic information is exchanged. In addition, the strategy with two-step transmission of quantum data blocks and the technique of decoy-particle checking both are exploited to guarantee the security of the communication. Compared with some previous DSQC schemes, this scheme not only has a higher resource capacity, intrinsic efficiency and total efficiency, but also is more realizable in practical applications. Security analysis shows that the proposed scheme is unconditionally secure against various attacks over an ideal quantum channel and still conditionally robust over a noisy and lossy quantum channel. (general)

  5. Exclusion from the Health Insurance Scheme

    CERN Multimedia

    2003-01-01

    A CERN pensioner, member of the Organization's Health Insurance Scheme (CHIS), recently provided fake documents in support of claims for medical expenses, in order to receive unjustified reimbursement from the CHIS. The Administrator of the CHIS, UNIQA, suspected a case of fraud: Accordingly, an investigation and interview of the person concerned was carried out and brought the Organization to the conclusion that fraud had actually taken place. Consequently and in accordance with Article VIII 3.12 of the CHIS Rules, it was decided to exclude this member permanently from the CHIS. The Organization takes the opportunity to remind Scheme members that any fraud or attempt to fraud established within the framework of the CHIS exposes them to: - disciplinary action, according to the Staff Rules and Regulations, for CERN members of the personnel; - definitive exclusion from the CHIS for members affiliated on a voluntary basis. Human Resources Division Tel. 73635

  6. Development of Cyber Security Scheme for Nuclear Power Plant

    Energy Technology Data Exchange (ETDEWEB)

    Hong, S. B.; Choi, Y. S.; Cho, J. W. (and others)

    2009-12-15

    Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures.

  7. Development of Cyber Security Scheme for Nuclear Power Plant

    International Nuclear Information System (INIS)

    Hong, S. B.; Choi, Y. S.; Cho, J. W.

    2009-12-01

    Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures

  8. Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment

    Directory of Open Access Journals (Sweden)

    Yan Zhao

    2018-01-01

    Full Text Available The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, cloud computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can only be accessed conveniently by authorized users, many password and smart card based authentication schemes for multiserver architecture have been proposed. Recently, Truong et al. introduced an identity based user authentication scheme on elliptic curve cryptography in multiserver environment and claimed that their scheme is secure against popular attacks. However, in this paper, we point out that their scheme suffers from offline password guessing and impersonation attack and fails to achieve security requirements of this kind of authentication scheme. Moreover, we put forward a new scheme to conquer security pitfalls in the above scheme. Security analysis indicates that the proposed scheme can be free from well-known attacks. Performance discussion demonstrates that our scheme has advantages in terms of both security property and computation efficiency and thus is more desirable for practical applications in multiserver environment.

  9. A robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

    Science.gov (United States)

    Wen, Fengtong

    2013-12-01

    User authentication plays an important role to protect resources or services from being accessed by unauthorized users. In a recent paper, Das et al. proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. This scheme uses three factors, e.g. biometrics, password, and smart card, to protect the security. It protects user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Das et al.'s scheme, and show that the scheme is in fact insecure against the replay attack, user impersonation attacks and off-line guessing attacks. Then, we also propose a robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Compared with the existing schemes, our protocol uses a different user authentication mechanism to resist replay attack. We show that our proposed scheme can provide stronger security than previous protocols. Furthermore, we demonstrate the validity of the proposed scheme through the BAN (Burrows, Abadi, and Needham) logic.

  10. A Novel Secure Transmission Scheme in MIMO Two-Way Relay Channels with Physical Layer Approach

    Directory of Open Access Journals (Sweden)

    Qiao Liu

    2017-01-01

    Full Text Available Security issue has been considered as one of the most pivotal aspects for the fifth-generation mobile network (5G due to the increasing demands of security service as well as the growing occurrence of security threat. In this paper, instead of focusing on the security architecture in the upper layer, we investigate the secure transmission for a basic channel model in a heterogeneous network, that is, two-way relay channels. By exploiting the properties of the transmission medium in the physical layer, we propose a novel secure scheme for the aforementioned channel mode. With precoding design, the proposed scheme is able to achieve a high transmission efficiency as well as security. Two different approaches have been introduced: information theoretical approach and physical layer encryption approach. We show that our scheme is secure under three different adversarial models: (1 untrusted relay attack model, (2 trusted relay with eavesdropper attack model, and (3 untrusted relay with eavesdroppers attack model. We also derive the secrecy capacity of the two different approaches under the three attacks. Finally, we conduct three simulations of our proposed scheme. The simulation results agree with the theoretical analysis illustrating that our proposed scheme could achieve a better performance than the existing schemes.

  11. A provably-secure ECC-based authentication scheme for wireless sensor networks.

    Science.gov (United States)

    Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

    2014-11-06

    A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.

  12. A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

    Science.gov (United States)

    Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

    2014-01-01

    A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes. PMID:25384009

  13. A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Junghyun Nam

    2014-11-01

    Full Text Available A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000. Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC, and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure schemes.

  14. Wireless security in mobile health.

    Science.gov (United States)

    Osunmuyiwa, Olufolabi; Ulusoy, Ali Hakan

    2012-12-01

    Mobile health (m-health) is an extremely broad term that embraces mobile communication in the health sector and data packaging. The four broad categories of wireless networks are wireless personal area network, wireless metropolitan area network, wireless wide area network, and wireless local area network. Wireless local area network is the most notable of the wireless networking tools obtainable in the health sector. Transfer of delicate and critical information on radio frequencies should be secure, and the right to use must be meticulous. This article covers the business opportunities in m-health, threats faced by wireless networks in hospitals, and methods of mitigating these threats.

  15. An efficient deterministic secure quantum communication scheme based on cluster states and identity authentication

    International Nuclear Information System (INIS)

    Wen-Jie, Liu; Han-Wu, Chen; Zhi-Qiang, Li; Zhi-Hao, Liu; Wen-Bo, Hu; Ting-Huai, Ma

    2009-01-01

    A novel efficient deterministic secure quantum communication scheme based on four-qubit cluster states and single-photon identity authentication is proposed. In this scheme, the two authenticated users can transmit two bits of classical information per cluster state, and its efficiency of the quantum communication is 1/3, which is approximately 1.67 times that of the previous protocol presented by Wang et al [Chin. Phys. Lett. 23 (2006) 2658]. Security analysis shows the present scheme is secure against intercept-resend attack and the impersonator's attack. Furthermore, it is more economic with present-day techniques and easily processed by a one-way quantum computer. (general)

  16. Secret-Key-Aided Scheme for Securing Untrusted DF Relaying Networks

    KAUST Repository

    Shafie, Ahmed El

    2017-06-12

    This paper proposes a new scheme to secure the transmissions in an untrusted decode-and-forward (DF) relaying network. A legitimate source node, Alice, sends her data to a legitimate destination node, Bob, with the aid of an untrusted DF relay node, Charlie. To secure the transmissions from Charlie during relaying time slots, each data codeword is secured using a secret-key codeword that has been previously shared between Alice and Bob during the perfectly secured time slots (i.e., when the channel secrecy rate is positive). The secret-key bits exchanged between Alice and Bob are stored in a finite-length buffer and are used to secure data transmission whenever needed. We model the secret-key buffer as a queueing system and analyze its Markov chain. Our numerical results show the gains of our proposed scheme relative to benchmarks. Moreover, the proposed scheme achieves an upper bound on the secure throughput.

  17. Secret-Key-Aided Scheme for Securing Untrusted DF Relaying Networks

    KAUST Repository

    Shafie, Ahmed El; Salem, Ahmed Sultan; Mabrouk, Asma; Tourki, Kamel; Al-Dhahir, Naofal

    2017-01-01

    This paper proposes a new scheme to secure the transmissions in an untrusted decode-and-forward (DF) relaying network. A legitimate source node, Alice, sends her data to a legitimate destination node, Bob, with the aid of an untrusted DF relay node, Charlie. To secure the transmissions from Charlie during relaying time slots, each data codeword is secured using a secret-key codeword that has been previously shared between Alice and Bob during the perfectly secured time slots (i.e., when the channel secrecy rate is positive). The secret-key bits exchanged between Alice and Bob are stored in a finite-length buffer and are used to secure data transmission whenever needed. We model the secret-key buffer as a queueing system and analyze its Markov chain. Our numerical results show the gains of our proposed scheme relative to benchmarks. Moreover, the proposed scheme achieves an upper bound on the secure throughput.

  18. An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

    Science.gov (United States)

    Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

    2018-01-01

    Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

  19. An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

    Science.gov (United States)

    Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

    2018-01-11

    Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

  20. Design of security scheme of the radiotherapy planning administration system based on the hospital information system

    International Nuclear Information System (INIS)

    Zhuang Yongzhi; Zhao Jinzao

    2010-01-01

    Objective: To design a security scheme of radiotherapy planning administration system. Methods: Power Builder 9i language was used to program the system through the model of client-server machine. Oracle 9i was used as the database server. Results In this system, user registration management, user login management, application-level functions of control, database access control, and audit trail were designed to provide system security. Conclusions: As a prototype for the security analysis and protection of this scheme provides security of the system, application system, important data and message, which ensures the system work normally. (authors)

  1. Asynchronous error-correcting secure communication scheme based on fractional-order shifting chaotic system

    Science.gov (United States)

    Chao, Luo

    2015-11-01

    In this paper, a novel digital secure communication scheme is firstly proposed. Different from the usual secure communication schemes based on chaotic synchronization, the proposed scheme employs asynchronous communication which avoids the weakness of synchronous systems and is susceptible to environmental interference. Moreover, as to the transmission errors and data loss in the process of communication, the proposed scheme has the ability to be error-checking and error-correcting in real time. In order to guarantee security, the fractional-order complex chaotic system with the shifting of order is utilized to modulate the transmitted signal, which has high nonlinearity and complexity in both frequency and time domains. The corresponding numerical simulations demonstrate the effectiveness and feasibility of the scheme.

  2. Semi-quantum Secure Direct Communication Scheme Based on Bell States

    Science.gov (United States)

    Xie, Chen; Li, Lvzhou; Situ, Haozhen; He, Jianhao

    2018-06-01

    Recently, the idea of semi-quantumness has been often used in designing quantum cryptographic schemes, which allows some of the participants of a quantum cryptographic scheme to remain classical. One of the reasons why this idea is popular is that it allows a quantum information processing task to be accomplished by using quantum resources as few as possible. In this paper, we extend the idea to quantum secure direct communication(QSDC) by proposing a semi-quantum secure direct communication scheme. In the scheme, the message sender, Alice, encodes each bit into a Bell state |φ+> = 1/{√2}(|00> +|11> ) or |{Ψ }+> = 1/{√ 2}(|01> +|10> ), and the message receiver, Bob, who is classical in the sense that he can either let the qubit he received reflect undisturbed, or measure the qubit in the computational basis |0>, |1> and then resend it in the state he found. Moreover, the security analysis of our scheme is also given.

  3. A light weight secure image encryption scheme based on chaos & DNA computing

    Directory of Open Access Journals (Sweden)

    Bhaskar Mondal

    2017-10-01

    Full Text Available This paper proposed a new light weight secure cryptographic scheme for secure image communication. In this scheme the plain image is permuted first using a sequence of pseudo random number (PRN and encrypted by DeoxyriboNucleic Acid (DNA computation. Two PRN sequences are generated by a Pseudo Random Number Generator (PRNG based on cross coupled chaotic logistic map using two sets of keys. The first PRN sequence is used for permuting the plain image whereas the second PRN sequence is used for generating random DNA sequence. The number of rounds of permutation and encryption may be variable to increase security. The scheme is proposed for gray label images but the scheme may be extended for color images and text data. Simulation results exhibit that the proposed scheme can defy any kind of attack.

  4. Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

    Directory of Open Access Journals (Sweden)

    Youngsook Lee

    2014-01-01

    Full Text Available An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1 it fails to provide user anonymity against any third party as well as the foreign agent, (2 it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3 it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme.

  5. Quantum secure direct communication scheme using a W state and teleportation

    International Nuclear Information System (INIS)

    Cao Haijing; Song Heshan

    2006-01-01

    A theoretical scheme for quantum secure direct communication (QSDC) is proposed, where a three-qubit symmetric W state functions as a quantum channel. Two legitimate communicators can transmit their secret information by using quantum teleportation and local measurements

  6. Enhanced Security and Pairing-free Handover Authentication Scheme for Mobile Wireless Networks

    Science.gov (United States)

    Chen, Rui; Shu, Guangqiang; Chen, Peng; Zhang, Lijun

    2017-10-01

    With the widely deployment of mobile wireless networks, we aim to propose a secure and seamless handover authentication scheme that allows users to roam freely in wireless networks without worrying about security and privacy issues. Given the open characteristic of wireless networks, safety and efficiency should be considered seriously. Several previous protocols are designed based on a bilinear pairing mapping, which is time-consuming and inefficient work, as well as unsuitable for practical situations. To address these issues, we designed a new pairing-free handover authentication scheme for mobile wireless networks. This scheme is an effective improvement of the protocol by Xu et al., which is suffer from the mobile node impersonation attack. Security analysis and simulation experiment indicate that the proposed protocol has many excellent security properties when compared with other recent similar handover schemes, such as mutual authentication and resistance to known network threats, as well as requiring lower computation and communication cost.

  7. A privacy preserving secure and efficient authentication scheme for telecare medical information systems.

    Science.gov (United States)

    Mishra, Raghavendra; Barnwal, Amit Kumar

    2015-05-01

    The Telecare medical information system (TMIS) presents effective healthcare delivery services by employing information and communication technologies. The emerging privacy and security are always a matter of great concern in TMIS. Recently, Chen at al. presented a password based authentication schemes to address the privacy and security. Later on, it is proved insecure against various active and passive attacks. To erase the drawbacks of Chen et al.'s anonymous authentication scheme, several password based authentication schemes have been proposed using public key cryptosystem. However, most of them do not present pre-smart card authentication which leads to inefficient login and password change phases. To present an authentication scheme with pre-smart card authentication, we present an improved anonymous smart card based authentication scheme for TMIS. The proposed scheme protects user anonymity and satisfies all the desirable security attributes. Moreover, the proposed scheme presents efficient login and password change phases where incorrect input can be quickly detected and a user can freely change his password without server assistance. Moreover, we demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham) logic. The proposed scheme is also comparable in terms of computational overheads with relevant schemes.

  8. On the security flaws in ID-based password authentication schemes for telecare medical information systems.

    Science.gov (United States)

    Mishra, Dheerendra

    2015-01-01

    Telecare medical information systems (TMIS) enable healthcare delivery services. However, access of these services via public channel raises security and privacy issues. In recent years, several smart card based authentication schemes have been introduced to ensure secure and authorized communication between remote entities over the public channel for the (TMIS). We analyze the security of some of the recently proposed authentication schemes of Lin, Xie et al., Cao and Zhai, and Wu and Xu's for TMIS. Unfortunately, we identify that these schemes failed to satisfy desirable security attributes. In this article we briefly discuss four dynamic ID-based authentication schemes and demonstrate their failure to satisfy desirable security attributes. The study is aimed to demonstrate how inefficient password change phase can lead to denial of server scenario for an authorized user, and how an inefficient login phase causes the communication and computational overhead and decrease the performance of the system. Moreover, we show the vulnerability of Cao and Zhai's scheme to known session specific temporary information attack, vulnerability of Wu and Xu's scheme to off-line password guessing attack, and vulnerability of Xie et al.'s scheme to untraceable on-line password guessing attack.

  9. On Secure NOMA Systems with Transmit Antenna Selection Schemes

    KAUST Repository

    Lei, Hongjiang; Zhang, Jianming; Park, Kihong; Xu, Peng; Ansari, Imran Shafique; Pan, Gaofeng; Alomair, Basel; Alouini, Mohamed-Slim

    2017-01-01

    This paper investigates the secrecy performance of a two-user downlink non-orthogonal multiple access systems. Both single-input and single-output and multiple-input and singleoutput systems with different transmit antenna selection (TAS) strategies are considered. Depending on whether the base station has the global channel state information of both the main and wiretap channels, the exact closed-form expressions for the secrecy outage probability (SOP) with suboptimal antenna selection and optimal antenna selection schemes are obtained and compared with the traditional space-time transmission scheme. To obtain further insights, the asymptotic analysis of the SOP in high average channel power gains regime is presented and it is found that the secrecy diversity order for all the TAS schemes with fixed power allocation is zero. Furthermore, an effective power allocation scheme is proposed to obtain the nonzero diversity order with all the TAS schemes. Monte-Carlo simulations are performed to verify the proposed analytical results.

  10. On Secure NOMA Systems with Transmit Antenna Selection Schemes

    KAUST Repository

    Lei, Hongjiang

    2017-08-09

    This paper investigates the secrecy performance of a two-user downlink non-orthogonal multiple access systems. Both single-input and single-output and multiple-input and singleoutput systems with different transmit antenna selection (TAS) strategies are considered. Depending on whether the base station has the global channel state information of both the main and wiretap channels, the exact closed-form expressions for the secrecy outage probability (SOP) with suboptimal antenna selection and optimal antenna selection schemes are obtained and compared with the traditional space-time transmission scheme. To obtain further insights, the asymptotic analysis of the SOP in high average channel power gains regime is presented and it is found that the secrecy diversity order for all the TAS schemes with fixed power allocation is zero. Furthermore, an effective power allocation scheme is proposed to obtain the nonzero diversity order with all the TAS schemes. Monte-Carlo simulations are performed to verify the proposed analytical results.

  11. Distributed Scheme to Authenticate Data Storage Security in Cloud Computing

    OpenAIRE

    B. Rakesh; K. Lalitha; M. Ismail; H. Parveen Sultana

    2017-01-01

    Cloud Computing is the revolution in current generation IT enterprise. Cloud computing displaces database and application software to the large data centres, where the management of services and data may not be predictable, where as the conventional solutions, for IT services are under proper logical, physical and personal controls. This aspect attribute, however comprises different security challenges which have not been well understood. It concentrates on cloud data storage security which h...

  12. Improving computer security by health smart card.

    Science.gov (United States)

    Nisand, Gabriel; Allaert, François-André; Brézillon, Régine; Isphording, Wilhem; Roeslin, Norbert

    2003-01-01

    The University hospitals of Strasbourg have worked for several years on the computer security of the medical data and have of this fact be the first to use the Health Care Professional Smart Card (CPS). This new tool must provide security to the information processing systems and especially to the medical data exchanges between the partners who collaborate to the care of the Beyond the purely data-processing aspects of the functions of safety offered by the CPS, safety depends above all on the practices on the users, their knowledge concerning the legislation, the risks and the stakes, of their adhesion to the procedures and protections installations. The aim of this study is to evaluate this level of knowledge, the practices and the feelings of the users concerning the computer security of the medical data, to check the relevance of the step taken, and if required, to try to improve it. The survey by questionnaires involved 648 users. The practices of users in terms of data security are clearly improved by the implementation of the security server and the use of the CPS system, but security breaches due to bad practices are not however completely eliminated. That confirms that is illusory to believe that data security is first and foremost a technical issue. Technical measures are of course indispensable, but the greatest efforts are required after their implementation and consist in making the key players [2], i.e. users, aware and responsible. However, it must be stressed that the user-friendliness of the security interface has a major effect on the results observed. For instance, it is highly probable that the bad practices continued or introduced upon the implementation of the security server and CPS scheme are due to the complicated nature or functional defects of the proposed solution, which must therefore be improved. Besides, this is only the pilot phase and card holders can be expected to become more responsible as time goes by, along with the gradual

  13. New CERN Health Insurance Scheme (CHIS) forms

    CERN Multimedia

    HR Department

    2015-01-01

    New versions of the following forms for claims and requests to the CERN Health Insurance Scheme (CHIS) have been released:   form for claiming reimbursement of medical expenses,   form for requesting advance reimbursement, and   dental estimate form (for treatments foreseen to exceed 800 CHF).   The new forms are available in French and English. They can either be completed electronically before being printed and signed, or completed in paper form. New detailed instructions can be found at the back of the claim form; CHIS members are invited to read them carefully. The electronic versions (PDF) of all the forms are available on the CHIS website and on the UNIQA Member Portal. CHIS Members are requested to use these new forms forthwith and to discard any previous version. Questions regarding the above should be addressed directly to UNIQA (72730 or 022.718 63 00 or uniqa.assurances@cern.ch).

  14. Security problems with a chaos-based deniable authentication scheme

    International Nuclear Information System (INIS)

    Alvarez, Gonzalo

    2005-01-01

    Recently, a new scheme was proposed for deniable authentication. Its main originality lied on applying a chaos-based encryption-hash parallel algorithm and the semi-group property of the Chebyshev chaotic map. Although original and practicable, its insecurity and inefficiency are shown in this paper, thus rendering it inadequate for adoption in e-commerce

  15. Security problems with a chaos-based deniable authentication scheme

    Energy Technology Data Exchange (ETDEWEB)

    Alvarez, Gonzalo [Instituto de Fisica Aplicada, Consejo Superior de Investigaciones Cientificas, Serrano 144, 28006 Madrid (Spain)] e-mail: gonzalo@iec.csic.es

    2005-10-01

    Recently, a new scheme was proposed for deniable authentication. Its main originality lied on applying a chaos-based encryption-hash parallel algorithm and the semi-group property of the Chebyshev chaotic map. Although original and practicable, its insecurity and inefficiency are shown in this paper, thus rendering it inadequate for adoption in e-commerce.

  16. A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems.

    Science.gov (United States)

    Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao

    2014-09-01

    Telecare medicine information system (TMIS) is widely used for providing a convenient and efficient communicating platform between patients at home and physicians at medical centers or home health care (HHC) organizations. To ensure patient privacy, in 2013, Hao et al. proposed a chaotic map based authentication scheme with user anonymity for TMIS. Later, Lee showed that Hao et al.'s scheme is in no provision for providing fairness in session key establishment and gave an efficient user authentication and key agreement scheme using smart cards, in which only few hashing and Chebyshev chaotic map operations are required. In addition, Jiang et al. discussed that Hao et al.'s scheme can not resist stolen smart card attack and they further presented an improved scheme which attempts to repair the security pitfalls found in Hao et al.'s scheme. In this paper, we found that both Lee's and Jiang et al.'s authentication schemes have a serious security problem in that a registered user's secret parameters may be intentionally exposed to many non-registered users and this problem causing the service misuse attack. Therefore, we propose a slight modification on Lee's scheme to prevent the shortcomings. Compared with previous schemes, our improved scheme not only inherits the advantages of Lee's and Jiang et al.'s authentication schemes for TMIS but also remedies the serious security weakness of not being able to withstand service misuse attack.

  17. Bayelsa, in search of a sustainable health financing scheme ...

    African Journals Online (AJOL)

    Journal Home > Vol 23, No 1 (2017) > ... Background: A sustainable health care financing scheme has been difficult to ... These meagre allocations were because the same source that funds patient care services also funds health research, capital ... a sustainable health financing scheme will depend on a health system that ...

  18. Simulation analysis of security performance of DPSKOCDMA network via virtual user scheme

    Directory of Open Access Journals (Sweden)

    Vishav Jyoti

    2012-07-01

    Full Text Available A novel technique to enhance the security of an optical code division multipleaccess (OCDMA system against eavesdropping is proposed. It has been observed that whena single user is active in the network, an eavesdropper can easily sift the data beingtransmitted without decoding. To increase the security, a virtual user scheme is proposed andsimulated on a differential phase shift keying (DPSK OCDMA system. By using the virtualuser scheme, the security of the DPSK-OCDMA system can be effectively improved and themultiple access interference, which is generally considered to be a limitation of the OCDMAsystem, is used to increase the confidentiality of the system.

  19. Improvement of a uniqueness-and-anonymity-preserving user authentication scheme for connected health care.

    Science.gov (United States)

    Xie, Qi; Liu, Wenhao; Wang, Shengbao; Han, Lidong; Hu, Bin; Wu, Ting

    2014-09-01

    Patient's privacy-preserving, security and mutual authentication between patient and the medical server are the important mechanism in connected health care applications, such as telecare medical information systems and personally controlled health records systems. In 2013, Wen showed that Das et al.'s scheme is vulnerable to the replay attack, user impersonation attacks and off-line guessing attacks, and then proposed an improved scheme using biometrics, password and smart card to overcome these weaknesses. However, we show that Wen's scheme is still vulnerable to off-line password guessing attacks, does not provide user's anonymity and perfect forward secrecy. Further, we propose an improved scheme to fix these weaknesses, and use the applied pi calculus based formal verification tool ProVerif to prove the security and authentication.

  20. The nature of international health security.

    Science.gov (United States)

    Chiu, Ya-Wen; Weng, Yi-Hao; Su, Yi-Yuan; Huang, Ching-Yi; Chang, Ya-Chen; Kuo, Ken N

    2009-01-01

    Health issues occasionally intersect security issues. Health security has been viewed as an essential part of human security. Policymakers and health professionals, however, do not share a common definition of health security. This article aims to characterize the notions of health security in order to clarify what constitutes the nexus of health and security. The concept of health security has evolved over time so that it encompasses many entities. Analyzing the health reports of four multilateral organizations (the United Nations, World Health Organization, Asia-Pacific Economic Cooperation, and the European Union) produced eight categories of most significant relevance to contemporary health security, allowing comparison of the definitions. The four categories are: emerging diseases; global infectious disease; deliberate release of chemical and biological materials; violence, conflict, and humanitarian emergencies. Two other categories of common concern are natural disasters and environmental change, as well as chemical and radioactive accidents. The final two categories, food insecurity and poverty, are discussed less frequently. Nevertheless, food security is emerging as an increasingly important issue in public health. Health security is the first line of defence against health emergencies. As globalization brings more complexities, dealing with the increased scale and extent of health security will require greater international effort and political support.

  1. Physical Layer Secret-Key Generation Scheme for Transportation Security Sensor Network.

    Science.gov (United States)

    Yang, Bin; Zhang, Jianfeng

    2017-06-28

    Wireless Sensor Networks (WSNs) are widely used in different disciplines, including transportation systems, agriculture field environment monitoring, healthcare systems, and industrial monitoring. The security challenge of the wireless communication link between sensor nodes is critical in WSNs. In this paper, we propose a new physical layer secret-key generation scheme for transportation security sensor network. The scheme is based on the cooperation of all the sensor nodes, thus avoiding the key distribution process, which increases the security of the system. Different passive and active attack models are analyzed in this paper. We also prove that when the cooperative node number is large enough, even when the eavesdropper is equipped with multiple antennas, the secret-key is still secure. Numerical results are performed to show the efficiency of the proposed scheme.

  2. Security enhanced anonymous multiserver authenticated key agreement scheme using smart cards and biometrics.

    Science.gov (United States)

    Choi, Younsung; Nam, Junghyun; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Won, Dongho

    2014-01-01

    An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen's scheme.

  3. An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems.

    Science.gov (United States)

    Chen, Hung-Ming; Lo, Jung-Wen; Yeh, Chang-Kuo

    2012-12-01

    The rapidly increased availability of always-on broadband telecommunication environments and lower-cost vital signs monitoring devices bring the advantages of telemedicine directly into the patient's home. Hence, the control of access to remote medical servers' resources has become a crucial challenge. A secure authentication scheme between the medical server and remote users is therefore needed to safeguard data integrity, confidentiality and to ensure availability. Recently, many authentication schemes that use low-cost mobile devices have been proposed to meet these requirements. In contrast to previous schemes, Khan et al. proposed a dynamic ID-based remote user authentication scheme that reduces computational complexity and includes features such as a provision for the revocation of lost or stolen smart cards and a time expiry check for the authentication process. However, Khan et al.'s scheme has some security drawbacks. To remedy theses, this study proposes an enhanced authentication scheme that overcomes the weaknesses inherent in Khan et al.'s scheme and demonstrated this scheme is more secure and robust for use in a telecare medical information system.

  4. Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

    Directory of Open Access Journals (Sweden)

    Younsung Choi

    2014-01-01

    Full Text Available An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

  5. A Non-symmetric Digital Image Secure Communication Scheme Based on Generalized Chaos Synchronization System

    International Nuclear Information System (INIS)

    Zhang Xiaohong; Min Lequan

    2005-01-01

    Based on a generalized chaos synchronization system and a discrete Sinai map, a non-symmetric true color (RGB) digital image secure communication scheme is proposed. The scheme first changes an ordinary RGB digital image with 8 bits into unrecognizable disorder codes and then transforms the disorder codes into an RGB digital image with 16 bits for transmitting. A receiver uses a non-symmetric key to verify the authentication of the received data origin, and decrypts the ciphertext. The scheme can encrypt and decrypt most formatted digital RGB images recognized by computers, and recover the plaintext almost without any errors. The scheme is suitable to be applied in network image communications. The analysis of the key space, sensitivity of key parameters, and correlation of encrypted images imply that this scheme has sound security.

  6. HEALTH INSURANCE RULES OF THE CERN HEALTH INSURANCE SCHEME

    CERN Multimedia

    Division HR

    2000-01-01

    A new document which groups together the general principles, the contributions, benefits, reimbursement procedures and other information making up the Rules of the CERN Health Insurance Scheme has been established. It was approved by the Director-General on 7th July 2000 and is being distributed to all contributing members of the Scheme. It has been dispatched by internal mail to members of the personnel and by postal mail to pensioners. These Rules will enter into force on 1st September 2000. Please make sure that you have received your copy. Should this not be the case, an additional copy may be obtained by telephoning 78003

  7. Health Insurance Rules of the CERN Health Insurance scheme

    CERN Multimedia

    Division HR

    2000-01-01

    A new document which groups together the general principles, the contributions, benefits, reimbursement procedures and other information making up the Rules of the CERN Health Insurance Scheme has been established. It was approved by the Director-General on 7th July 2000 and is being distributed to all contributing members of the Scheme. It has been dispatched by internal mail to members of the personnel and by postal mail to pensioners. These Rules will enter into force on 1st September 2000. Please make sure that you have received your copy. Should this not be the case, an additional copy may be obtained by telephoning 78003.

  8. On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems.

    Science.gov (United States)

    Arshad, Hamed; Teymoori, Vahid; Nikooghadam, Morteza; Abbassi, Hassan

    2015-08-01

    Telecare medicine information systems (TMISs) aim to deliver appropriate healthcare services in an efficient and secure manner to patients. A secure mechanism for authentication and key agreement is required to provide proper security in these systems. Recently, Bin Muhaya demonstrated some security weaknesses of Zhu's authentication and key agreement scheme and proposed a security enhanced authentication and key agreement scheme for TMISs. However, we show that Bin Muhaya's scheme is vulnerable to off-line password guessing attacks and does not provide perfect forward secrecy. Furthermore, in order to overcome the mentioned weaknesses, we propose a new two-factor anonymous authentication and key agreement scheme using the elliptic curve cryptosystem. Security and performance analyses demonstrate that the proposed scheme not only overcomes the weaknesses of Bin Muhaya's scheme, but also is about 2.73 times faster than Bin Muhaya's scheme.

  9. Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce.

    Science.gov (United States)

    Mishra, Dheerendra; Mukhopadhyay, Sourav; Kumari, Saru; Khan, Muhammad Khurram; Chaturvedi, Ankita

    2014-05-01

    Telecare medicine information systems (TMIS) present the platform to deliver clinical service door to door. The technological advances in mobile computing are enhancing the quality of healthcare and a user can access these services using its mobile device. However, user and Telecare system communicate via public channels in these online services which increase the security risk. Therefore, it is required to ensure that only authorized user is accessing the system and user is interacting with the correct system. The mutual authentication provides the way to achieve this. Although existing schemes are either vulnerable to attacks or they have higher computational cost while an scalable authentication scheme for mobile devices should be secure and efficient. Recently, Awasthi and Srivastava presented a biometric based authentication scheme for TMIS with nonce. Their scheme only requires the computation of the hash and XOR functions.pagebreak Thus, this scheme fits for TMIS. However, we observe that Awasthi and Srivastava's scheme does not achieve efficient password change phase. Moreover, their scheme does not resist off-line password guessing attack. Further, we propose an improvement of Awasthi and Srivastava's scheme with the aim to remove the drawbacks of their scheme.

  10. Privacy-Preserving Self-Helped Medical Diagnosis Scheme Based on Secure Two-Party Computation in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Yi Sun

    2014-01-01

    Full Text Available With the continuing growth of wireless sensor networks in pervasive medical care, people pay more and more attention to privacy in medical monitoring, diagnosis, treatment, and patient care. On one hand, we expect the public health institutions to provide us with better service. On the other hand, we would not like to leak our personal health information to them. In order to balance this contradiction, in this paper we design a privacy-preserving self-helped medical diagnosis scheme based on secure two-party computation in wireless sensor networks so that patients can privately diagnose themselves by inputting a health card into a self-helped medical diagnosis ATM to obtain a diagnostic report just like drawing money from a bank ATM without revealing patients’ health information and doctors’ diagnostic skill. It makes secure self-helped disease diagnosis feasible and greatly benefits patients as well as relieving the heavy pressure of public health institutions.

  11. ESS-FH: Enhanced Security Scheme for Fast Handover in Hierarchical Mobile IPv6

    Science.gov (United States)

    You, Ilsun; Lee, Jong-Hyouk; Sakurai, Kouichi; Hori, Yoshiaki

    Fast Handover for Hierarchical Mobile IPv6 (F-HMIPv6) that combines advantages of Fast Handover for Mobile IPv6 (FMIPv6) and Hierarchical Mobile IPv6 (HMIPv6) achieves the superior performance in terms of handover latency and signaling overhead compared with previously developed mobility protocols. However, without being secured, F-HMIPv6 is vulnerable to various security threats. In 2007, Kang and Park proposed a security scheme, which is seamlessly integrated into F-HMIPv6. In this paper, we reveal that Kang-Park's scheme cannot defend against the Denial of Service (DoS) and redirect attacks while largely relying on the group key. Then, we propose an Enhanced Security Scheme for F-HMIPv6 (ESS-FH) that achieves the strong key exchange and the key independence as well as addresses the weaknesses of Kang-Park's scheme. More importantly, it enables fast handover between different MAP domains. The proposed scheme is formally verified based on BAN-logic, and its handover latency is analyzed and compared with that of Kang-Park's scheme.

  12. NFC Secure Payment and Verification Scheme with CS E-Ticket

    Directory of Open Access Journals (Sweden)

    Kai Fan

    2017-01-01

    Full Text Available As one of the most important techniques in IoT, NFC (Near Field Communication is more interesting than ever. NFC is a short-range, high-frequency communication technology well suited for electronic tickets, micropayment, and access control function, which is widely used in the financial industry, traffic transport, road ban control, and other fields. However, NFC is becoming increasingly popular in the relevant field, but its secure problems, such as man-in-the-middle-attack and brute force attack, have hindered its further development. To address the security problems and specific application scenarios, we propose a NFC mobile electronic ticket secure payment and verification scheme in the paper. The proposed scheme uses a CS E-Ticket and offline session key generation and distribution technology to prevent major attacks and increase the security of NFC. As a result, the proposed scheme can not only be a good alternative to mobile e-ticket system but also be used in many NFC fields. Furthermore, compared with other existing schemes, the proposed scheme provides a higher security.

  13. Security Analysis and Improvement of ‘a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System’

    Science.gov (United States)

    Islam, SK Hafizul; Khan, Muhammad Khurram; Li, Xiong

    2015-01-01

    Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.’s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this study. We have found that Wen’s scheme still has the following inefficiencies: (1) the correctness of identity and password are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (3) it is designed without the revocation of lost/stolen smart card; (4) the explicit key confirmation and the no key control properties are absent, and (5) user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature. PMID:26263401

  14. Security Analysis and Improvement of 'a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System'.

    Directory of Open Access Journals (Sweden)

    S K Hafizul Islam

    Full Text Available Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.'s scheme for integrated electronic patient record (EPR information system, which has been analyzed in this study. We have found that Wen's scheme still has the following inefficiencies: (1 the correctness of identity and password are not verified during the login and password change phases; (2 it is vulnerable to impersonation attack and privileged-insider attack; (3 it is designed without the revocation of lost/stolen smart card; (4 the explicit key confirmation and the no key control properties are absent, and (5 user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature.

  15. An Unequal Secure Encryption Scheme for H.264/AVC Video Compression Standard

    Science.gov (United States)

    Fan, Yibo; Wang, Jidong; Ikenaga, Takeshi; Tsunoo, Yukiyasu; Goto, Satoshi

    H.264/AVC is the newest video coding standard. There are many new features in it which can be easily used for video encryption. In this paper, we propose a new scheme to do video encryption for H.264/AVC video compression standard. We define Unequal Secure Encryption (USE) as an approach that applies different encryption schemes (with different security strength) to different parts of compressed video data. This USE scheme includes two parts: video data classification and unequal secure video data encryption. Firstly, we classify the video data into two partitions: Important data partition and unimportant data partition. Important data partition has small size with high secure protection, while unimportant data partition has large size with low secure protection. Secondly, we use AES as a block cipher to encrypt the important data partition and use LEX as a stream cipher to encrypt the unimportant data partition. AES is the most widely used symmetric cryptography which can ensure high security. LEX is a new stream cipher which is based on AES and its computational cost is much lower than AES. In this way, our scheme can achieve both high security and low computational cost. Besides the USE scheme, we propose a low cost design of hybrid AES/LEX encryption module. Our experimental results show that the computational cost of the USE scheme is low (about 25% of naive encryption at Level 0 with VEA used). The hardware cost for hybrid AES/LEX module is 4678 Gates and the AES encryption throughput is about 50Mbps.

  16. Dual watermarking scheme for secure buyer-seller watermarking protocol

    Science.gov (United States)

    Mehra, Neelesh; Shandilya, Madhu

    2012-04-01

    A buyer-seller watermarking protocol utilize watermarking along with cryptography for copyright and copy protection for the seller and meanwhile it also preserve buyers rights for privacy. It enables a seller to successfully identify a malicious seller from a pirated copy, while preventing the seller from framing an innocent buyer and provide anonymity to buyer. Up to now many buyer-seller watermarking protocols have been proposed which utilize more and more cryptographic scheme to solve many common problems such as customer's rights, unbinding problem, buyer's anonymity problem and buyer's participation in the dispute resolution. But most of them are infeasible since the buyer may not have knowledge of cryptography. Another issue is the number of steps to complete the protocols are large, a buyer needs to interact with different parties many times in these protocols, which is very inconvenient for buyer. To overcome these drawbacks, in this paper we proposed dual watermarking scheme in encrypted domain. Since neither of watermark has been generated by buyer so a general layman buyer can use the protocol.

  17. An authentication scheme to healthcare security under wireless sensor networks.

    Science.gov (United States)

    Hsiao, Tsung-Chih; Liao, Yu-Ting; Huang, Jen-Yan; Chen, Tzer-Shyong; Horng, Gwo-Boa

    2012-12-01

    In recent years, Taiwan has been seeing an extension of the average life expectancy and a drop in overall fertility rate, initiating our country into an aged society. Due to this phenomenon, how to provide the elderly and patients with chronic diseases a suitable healthcare environment has become a critical issue presently. Therefore, we propose a new scheme that integrates healthcare services with wireless sensor technology in which sensor nodes are employed to measure patients' vital signs. Data collected from these sensor nodes are then transmitted to mobile devices of the medical staff and system administrator, promptly enabling them to understand the patients' condition in real time, which will significantly improve patients' healthcare quality. As per the personal data protection act, patients' vital signs can only be accessed by authorized medical staff. In order to protect patients', the system administrator will verify the medical staff's identity through the mobile device using a smart card and password mechanism. Accordingly, only the verified medical staff can obtain patients' vital signs data such as their blood pressure, pulsation, and body temperature, etc.. Besides, the scheme includes a time-bounded characteristic that allows the verified staff access to data without having to have to re-authenticate and re-login into the system within a set period of time. Consequently, the time-bounded property also increases the work efficiency of the system administrator and user.

  18. On securing wireless sensor network--novel authentication scheme against DOS attacks.

    Science.gov (United States)

    Raja, K Nirmal; Beno, M Marsaline

    2014-10-01

    Wireless sensor networks are generally deployed for collecting data from various environments. Several applications specific sensor network cryptography algorithms have been proposed in research. However WSN's has many constrictions, including low computation capability, less memory, limited energy resources, vulnerability to physical capture, which enforce unique security challenges needs to make a lot of improvements. This paper presents a novel security mechanism and algorithm for wireless sensor network security and also an application of this algorithm. The proposed scheme is given to strong authentication against Denial of Service Attacks (DOS). The scheme is simulated using network simulator2 (NS2). Then this scheme is analyzed based on the network packet delivery ratio and found that throughput has improved.

  19. A Secure Watermarking Scheme for Buyer-Seller Identification and Copyright Protection

    Science.gov (United States)

    Ahmed, Fawad; Sattar, Farook; Siyal, Mohammed Yakoob; Yu, Dan

    2006-12-01

    We propose a secure watermarking scheme that integrates watermarking with cryptography for addressing some important issues in copyright protection. We address three copyright protection issues—buyer-seller identification, copyright infringement, and ownership verification. By buyer-seller identification, we mean that a successful watermark extraction at the buyer's end will reveal the identities of the buyer and seller of the watermarked image. For copyright infringement, our proposed scheme enables the seller to identify the specific buyer from whom an illegal copy of the watermarked image has originated, and further prove this fact to a third party. For multiple ownership claims, our scheme enables a legal seller to claim his/her ownership in the court of law. We will show that the combination of cryptography with watermarking not only increases the security of the overall scheme, but it also enables to associate identities of buyer/seller with their respective watermarked images.

  20. Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards.

    Science.gov (United States)

    An, Younghwa

    2012-01-01

    Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das's authentication scheme, and we have shown that Das's authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das's authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

  1. Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards

    Directory of Open Access Journals (Sweden)

    Younghwa An

    2012-01-01

    Full Text Available Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

  2. A Fingerprint Encryption Scheme Based on Irreversible Function and Secure Authentication

    Directory of Open Access Journals (Sweden)

    Yijun Yang

    2015-01-01

    Full Text Available A fingerprint encryption scheme based on irreversible function has been designed in this paper. Since the fingerprint template includes almost the entire information of users’ fingerprints, the personal authentication can be determined only by the fingerprint features. This paper proposes an irreversible transforming function (using the improved SHA1 algorithm to transform the original minutiae which are extracted from the thinned fingerprint image. Then, Chinese remainder theorem is used to obtain the biokey from the integration of the transformed minutiae and the private key. The result shows that the scheme has better performance on security and efficiency comparing with other irreversible function schemes.

  3. Communication security in open health care networks.

    Science.gov (United States)

    Blobel, B; Pharow, P; Engel, K; Spiegel, V; Krohn, R

    1999-01-01

    Fulfilling the shared care paradigm, health care networks providing open systems' interoperability in health care are needed. Such communicating and co-operating health information systems, dealing with sensitive personal medical information across organisational, regional, national or even international boundaries, require appropriate security solutions. Based on the generic security model, within the European MEDSEC project an open approach for secure EDI like HL7, EDIFACT, XDT or XML has been developed. The consideration includes both securing the message in an unsecure network and the transport of the unprotected information via secure channels (SSL, TLS etc.). Regarding EDI, an open and widely usable security solution has been specified and practically implemented for the examples of secure mailing and secure file transfer (FTP) via wrapping the sensitive information expressed by the corresponding protocols. The results are currently prepared for standardisation.

  4. A lightweight security scheme for wireless body area networks: design, energy evaluation and proposed microprocessor design.

    Science.gov (United States)

    Selimis, Georgios; Huang, Li; Massé, Fabien; Tsekoura, Ioanna; Ashouei, Maryam; Catthoor, Francky; Huisken, Jos; Stuyt, Jan; Dolmans, Guido; Penders, Julien; De Groot, Harmke

    2011-10-01

    In order for wireless body area networks to meet widespread adoption, a number of security implications must be explored to promote and maintain fundamental medical ethical principles and social expectations. As a result, integration of security functionality to sensor nodes is required. Integrating security functionality to a wireless sensor node increases the size of the stored software program in program memory, the required time that the sensor's microprocessor needs to process the data and the wireless network traffic which is exchanged among sensors. This security overhead has dominant impact on the energy dissipation which is strongly related to the lifetime of the sensor, a critical aspect in wireless sensor network (WSN) technology. Strict definition of the security functionality, complete hardware model (microprocessor and radio), WBAN topology and the structure of the medium access control (MAC) frame are required for an accurate estimation of the energy that security introduces into the WBAN. In this work, we define a lightweight security scheme for WBAN, we estimate the additional energy consumption that the security scheme introduces to WBAN based on commercial available off-the-shelf hardware components (microprocessor and radio), the network topology and the MAC frame. Furthermore, we propose a new microcontroller design in order to reduce the energy consumption of the system. Experimental results and comparisons with other works are given.

  5. Security analysis of a chaotic map-based authentication scheme for telecare medicine information systems.

    Science.gov (United States)

    Yau, Wei-Chuen; Phan, Raphael C-W

    2013-12-01

    Many authentication schemes have been proposed for telecare medicine information systems (TMIS) to ensure the privacy, integrity, and availability of patient records. These schemes are crucial for TMIS systems because otherwise patients' medical records become susceptible to tampering thus hampering diagnosis or private medical conditions of patients could be disclosed to parties who do not have a right to access such information. Very recently, Hao et al. proposed a chaotic map-based authentication scheme for telecare medicine information systems in a recent issue of Journal of Medical Systems. They claimed that the authentication scheme can withstand various attacks and it is secure to be used in TMIS. In this paper, we show that this authentication scheme is vulnerable to key-compromise impersonation attacks, off-line password guessing attacks upon compromising of a smart card, and parallel session attacks. We also exploit weaknesses in the password change phase of the scheme to mount a denial-of-service attack. Our results show that this scheme cannot be used to provide security in a telecare medicine information system.

  6. A Security Scheme of 5G Ultradense Network Based on the Implicit Certificate

    Directory of Open Access Journals (Sweden)

    Zhonglin Chen

    2018-01-01

    Full Text Available The ultradense network (UDN is one of the most promising technologies in the fifth generation (5G to address the network system capacity issue. It can enhance spatial reuse through the flexible, intensive deployment of small base stations. A universal 5G UDN architecture is necessary to realize the autonomous and dynamic deployment of small base stations. However, the security of the 5G UDN is still in its infancy, and the data communication security among the network entities is facing new challenges. In this paper, we proposed a new security based on implicit certificate (IC scheme; the scheme solves the security problem among the access points (APs in a dynamic APs group (APG and between the AP and user equipment (UE. We present each phase regarding how two network entities obtain the Elliptic Curve Qu-Vanstone (ECQV implicit certificate scheme, verify each other’s identity, and share keys in an UDN. Finally, we extensively analyze our lightweight security communication model in terms of security and performance. The simulation on network bandwidth evaluation is also conducted to prove the efficiency of the solution.

  7. A Secure and Privacy-Preserving Navigation Scheme Using Spatial Crowdsourcing in Fog-Based VANETs

    Science.gov (United States)

    Wang, Lingling; Liu, Guozhu; Sun, Lijun

    2017-01-01

    Fog-based VANETs (Vehicular ad hoc networks) is a new paradigm of vehicular ad hoc networks with the advantages of both vehicular cloud and fog computing. Real-time navigation schemes based on fog-based VANETs can promote the scheme performance efficiently. In this paper, we propose a secure and privacy-preserving navigation scheme by using vehicular spatial crowdsourcing based on fog-based VANETs. Fog nodes are used to generate and release the crowdsourcing tasks, and cooperatively find the optimal route according to the real-time traffic information collected by vehicles in their coverage areas. Meanwhile, the vehicle performing the crowdsourcing task can get a reasonable reward. The querying vehicle can retrieve the navigation results from each fog node successively when entering its coverage area, and follow the optimal route to the next fog node until it reaches the desired destination. Our scheme fulfills the security and privacy requirements of authentication, confidentiality and conditional privacy preservation. Some cryptographic primitives, including the Elgamal encryption algorithm, AES, randomized anonymous credentials and group signatures, are adopted to achieve this goal. Finally, we analyze the security and the efficiency of the proposed scheme. PMID:28338620

  8. A Secure and Privacy-Preserving Navigation Scheme Using Spatial Crowdsourcing in Fog-Based VANETs.

    Science.gov (United States)

    Wang, Lingling; Liu, Guozhu; Sun, Lijun

    2017-03-24

    Fog-based VANETs (Vehicular ad hoc networks) is a new paradigm of vehicular ad hoc networks with the advantages of both vehicular cloud and fog computing. Real-time navigation schemes based on fog-based VANETs can promote the scheme performance efficiently. In this paper, we propose a secure and privacy-preserving navigation scheme by using vehicular spatial crowdsourcing based on fog-based VANETs. Fog nodes are used to generate and release the crowdsourcing tasks, and cooperatively find the optimal route according to the real-time traffic information collected by vehicles in their coverage areas. Meanwhile, the vehicle performing the crowdsourcing task can get a reasonable reward. The querying vehicle can retrieve the navigation results from each fog node successively when entering its coverage area, and follow the optimal route to the next fog node until it reaches the desired destination. Our scheme fulfills the security and privacy requirements of authentication, confidentiality and conditional privacy preservation. Some cryptographic primitives, including the Elgamal encryption algorithm, AES, randomized anonymous credentials and group signatures, are adopted to achieve this goal. Finally, we analyze the security and the efficiency of the proposed scheme.

  9. Breaking a chaos-based secure communication scheme designed by an improved modulation method

    International Nuclear Information System (INIS)

    Li Shujun; Alvarez, Gonzalo; Chen Guanrong

    2005-01-01

    Recently Bu and Wang [Bu S, Wang B-H. Chaos, Solitons and Fractals 2004;19(4):919-24] proposed a simple modulation method aiming to improve the security of chaos-based secure communications against return-map-based attacks. Soon this modulation method was independently cryptanalyzed by Chee et al. [Chee CY, Xu D, Bishop SR. Chaos, Solitons and Fractals 2004;21(5):1129-34], Wu et al. [Wu X, Hu H, Zhang B. Chaos, Solitons and Fractals 2004;22(2):367-73], and Alvarez et al. [Alvarez G, Montoya F, Romera M, Pastor G. Chaos, Solitons and Fractals, in press, arXiv:nlin/0406065] via different attacks. As an enhancement to the Bu-Wang method, an improving scheme was suggested by Wu et al. by removing the relationship between the modulating function and the zero-points. The present paper points out that the improved scheme proposed by Wu et al. is still insecure against a new attack. Compared with the existing attacks, the proposed attack is more powerful and can also break the original Bu-Wang scheme. Furthermore, it is pointed out that the security of the modulation-based schemes proposed by Wu et al. is not so satisfactory from a pure cryptographical point of view. The synchronization performance of this class of modulation-based schemes is also discussed

  10. Breaking a chaos-based secure communication scheme designed by an improved modulation method

    Energy Technology Data Exchange (ETDEWEB)

    Li Shujun [Department of Electronic Engineering, City University of Hong Kong, Kowloon, Hong Kong (China)]. E-mail: hooklee@mail.com; Alvarez, Gonzalo [Instituto de Fisica Aplicada, Consejo Superior de Investigaciones Cientificas, Serrano 144-28006 Madrid (Spain); Chen Guanrong [Department of Electronic Engineering, City University of Hong Kong, Kowloon, Hong Kong (China)

    2005-07-01

    Recently Bu and Wang [Bu S, Wang B-H. Chaos, Solitons and Fractals 2004;19(4):919-24] proposed a simple modulation method aiming to improve the security of chaos-based secure communications against return-map-based attacks. Soon this modulation method was independently cryptanalyzed by Chee et al. [Chee CY, Xu D, Bishop SR. Chaos, Solitons and Fractals 2004;21(5):1129-34], Wu et al. [Wu X, Hu H, Zhang B. Chaos, Solitons and Fractals 2004;22(2):367-73], and Alvarez et al. [Alvarez G, Montoya F, Romera M, Pastor G. Chaos, Solitons and Fractals, in press, arXiv:nlin/0406065] via different attacks. As an enhancement to the Bu-Wang method, an improving scheme was suggested by Wu et al. by removing the relationship between the modulating function and the zero-points. The present paper points out that the improved scheme proposed by Wu et al. is still insecure against a new attack. Compared with the existing attacks, the proposed attack is more powerful and can also break the original Bu-Wang scheme. Furthermore, it is pointed out that the security of the modulation-based schemes proposed by Wu et al. is not so satisfactory from a pure cryptographical point of view. The synchronization performance of this class of modulation-based schemes is also discussed.

  11. A SCHEME FOR TEMPLATE SECURITY AT FEATURE FUSION LEVEL IN MULTIMODAL BIOMETRIC SYSTEM

    Directory of Open Access Journals (Sweden)

    Arvind Selwal

    2016-09-01

    Full Text Available Biometric is the science of human recognition based upon using their biological, chemical or behavioural traits. These systems are used in many real life applications simply from biometric based attendance system to providing security at very sophisticated level. A biometric system deals with raw data captured using a sensor and feature template extracted from raw image. One of the challenges being faced by designers of these systems is to secure template data extracted from the biometric modalities of the user and protect the raw images. To minimize spoof attacks on biometric systems by unauthorised users one of the solutions is to use multi-biometric systems. Multi-modal biometric system works by using fusion technique to merge feature templates generated from different modalities of the human. In this work a new scheme is proposed to secure template during feature fusion level. Scheme is based on union operation of fuzzy relations of templates of modalities during fusion process of multimodal biometric systems. This approach serves dual purpose of feature fusion as well as transformation of templates into a single secured non invertible template. The proposed technique is cancelable and experimentally tested on a bimodal biometric system comprising of fingerprint and hand geometry. Developed scheme removes the problem of an attacker learning the original minutia position in fingerprint and various measurements of hand geometry. Given scheme provides improved performance of the system with reduction in false accept rate and improvement in genuine accept rate.

  12. Key-Insulated Undetachable Digital Signature Scheme and Solution for Secure Mobile Agents in Electronic Commerce

    Directory of Open Access Journals (Sweden)

    Yang Shi

    2016-01-01

    Full Text Available Considering the security of both the customers’ hosts and the eShops’ servers, we introduce the idea of a key-insulated undetachable digital signature, enabling mobile agents to generate undetachable digital signatures on remote hosts with the key-insulated property of the original signer’s signing key. From the theoretical perspective, we provide the formal definition and security notion of a key-insulated undetachable digital signature. From the practical perspective, we propose a concrete scheme to secure mobile agents in electronic commerce. The scheme is mainly focused on protecting the signing key from leakage and preventing the misuse of the signature algorithm on malicious servers. Agents do not carry the signing key when they generate digital signatures on behalf of the original signer, so the key is protected on remote servers. Furthermore, if a hacker gains the signing key of the original signer, the hacker is still unable to forge a signature for any time period other than the key being accessed. In addition, the encrypted function is combined with the original signer’s requirement to prevent the misuse of signing algorithm. The scheme is constructed on gap Diffie–Hellman groups with provable security, and the performance testing indicates that the scheme is efficient.

  13. Security scheme in IMDD-OFDM-PON system with the chaotic pilot interval and scrambling

    Science.gov (United States)

    Chen, Qianghua; Bi, Meihua; Fu, Xiaosong; Lu, Yang; Zeng, Ran; Yang, Guowei; Yang, Xuelin; Xiao, Shilin

    2018-01-01

    In this paper, a random chaotic pilot interval and permutations scheme without any requirement of redundant sideband information is firstly proposed for the physical layer security-enhanced intensity modulation direct detection orthogonal frequency division multiplexing passive optical network (IMDD-OFDM-PON) system. With the help of the position feature of inserting the pilot, a simple logistic chaos map is used to generate the random pilot interval and scramble the chaotic subcarrier allocation of each column pilot data for improving the physical layer confidentiality. Due to the dynamic chaotic permutations of pilot data, the enhanced key space of ∼103303 is achieved in OFDM-PON. Moreover, the transmission experiment of 10-Gb/s 16-QAM encrypted OFDM data is successfully demonstrated over 20-km single-mode fiber, which indicates that the proposed scheme not only improves the system security, but also can achieve the same performance as in the common IMDD-OFDM-PON system without encryption scheme.

  14. Efficient Secure and Privacy-Preserving Route Reporting Scheme for VANETs

    Science.gov (United States)

    Zhang, Yuanfei; Pei, Qianwen; Dai, Feifei; Zhang, Lei

    2017-10-01

    Vehicular ad-hoc network (VANET) is a core component of intelligent traffic management system which could provide various of applications such as accident prediction, route reporting, etc. Due to the problems caused by traffic congestion, route reporting becomes a prospective application which can help a driver to get optimal route to save her travel time. Before enjoying the convenience of route reporting, security and privacy-preserving issues need to be concerned. In this paper, we propose a new secure and privacy-preserving route reporting scheme for VANETs. In our scheme, only an authenticated vehicle can use the route reporting service provided by the traffic management center. Further, a vehicle may receive the response from the traffic management center with low latency and without violating the privacy of the vehicle. Experiment results show that our scheme is much more efficiency than the existing one.

  15. An Efficient Secure Scheme Based on Hierarchical Topology in the Smart Home Environment

    Directory of Open Access Journals (Sweden)

    Mansik Kim

    2017-08-01

    Full Text Available As the Internet of Things (IoT has developed, the emerging sensor network (ESN that integrates emerging technologies, such as autonomous driving, cyber-physical systems, mobile nodes, and existing sensor networks has been in the limelight. Smart homes have been researched and developed by various companies and organizations. Emerging sensor networks have some issues of providing secure service according to a new environment, such as a smart home, and the problems of low power and low-computing capacity for the sensor that previous sensor networks were equipped with. This study classifies various sensors used in smart homes into three classes and contains the hierarchical topology for efficient communication. In addition, a scheme for establishing secure communication among sensors based on physical unclonable functions (PUFs that cannot be physically cloned is suggested in regard to the sensor’s low performance. In addition, we analyzed this scheme by conducting security and performance evaluations proving to constitute secure channels while consuming fewer resources. We believe that our scheme can provide secure communication by using fewer resources in a smart home environment in the future.

  16. Security Techniques for the Electronic Health Records.

    Science.gov (United States)

    Kruse, Clemens Scott; Smith, Brenna; Vanderlinden, Hannah; Nealand, Alexandra

    2017-08-01

    The privacy of patients and the security of their information is the most imperative barrier to entry when considering the adoption of electronic health records in the healthcare industry. Considering current legal regulations, this review seeks to analyze and discuss prominent security techniques for healthcare organizations seeking to adopt a secure electronic health records system. Additionally, the researchers sought to establish a foundation for further research for security in the healthcare industry. The researchers utilized the Texas State University Library to gain access to three online databases: PubMed (MEDLINE), CINAHL, and ProQuest Nursing and Allied Health Source. These sources were used to conduct searches on literature concerning security of electronic health records containing several inclusion and exclusion criteria. Researchers collected and analyzed 25 journals and reviews discussing security of electronic health records, 20 of which mentioned specific security methods and techniques. The most frequently mentioned security measures and techniques are categorized into three themes: administrative, physical, and technical safeguards. The sensitive nature of the information contained within electronic health records has prompted the need for advanced security techniques that are able to put these worries at ease. It is imperative for security techniques to cover the vast threats that are present across the three pillars of healthcare.

  17. Unequal Probability Marking Approach to Enhance Security of Traceback Scheme in Tree-Based WSNs.

    Science.gov (United States)

    Huang, Changqin; Ma, Ming; Liu, Xiao; Liu, Anfeng; Zuo, Zhengbang

    2017-06-17

    Fog (from core to edge) computing is a newly emerging computing platform, which utilizes a large number of network devices at the edge of a network to provide ubiquitous computing, thus having great development potential. However, the issue of security poses an important challenge for fog computing. In particular, the Internet of Things (IoT) that constitutes the fog computing platform is crucial for preserving the security of a huge number of wireless sensors, which are vulnerable to attack. In this paper, a new unequal probability marking approach is proposed to enhance the security performance of logging and migration traceback (LM) schemes in tree-based wireless sensor networks (WSNs). The main contribution of this paper is to overcome the deficiency of the LM scheme that has a higher network lifetime and large storage space. In the unequal probability marking logging and migration (UPLM) scheme of this paper, different marking probabilities are adopted for different nodes according to their distances to the sink. A large marking probability is assigned to nodes in remote areas (areas at a long distance from the sink), while a small marking probability is applied to nodes in nearby area (areas at a short distance from the sink). This reduces the consumption of storage and energy in addition to enhancing the security performance, lifetime, and storage capacity. Marking information will be migrated to nodes at a longer distance from the sink for increasing the amount of stored marking information, thus enhancing the security performance in the process of migration. The experimental simulation shows that for general tree-based WSNs, the UPLM scheme proposed in this paper can store 1.12-1.28 times the amount of stored marking information that the equal probability marking approach achieves, and has 1.15-1.26 times the storage utilization efficiency compared with other schemes.

  18. Chaos-based CAZAC scheme for secure transmission in OFDM-PON

    Science.gov (United States)

    Fu, Xiaosong; Bi, Meihua; Zhou, Xuefang; Yang, Guowei; Lu, Yang; Hu, Miao

    2018-01-01

    To effectively resist malicious eavesdropping and performance deterioration, a novel chaos-based secure transmission scheme is proposed to enhance the physical layer security and reduce peak-to-average power ratio (PAPR) in orthogonal frequency division multiplexing passive optical network (OFDM-PON). By the randomly extracting operation of common CAZAC values, the specially-designed constant amplitude zero autocorrelation (CAZAC) is created for system encryption and PAPR reduction enhancing the transmission security. This method is verified in {10-Gb/s encrypted OFDM-PON with 20-km fiber transmission. Results show that, compared to common OFDM-PON, our scheme achieves {3-dB PAPR reduction and {1-dB receiver sensitivity improvement.

  19. Awareness and Coverage of the National Health Insurance Scheme ...

    African Journals Online (AJOL)

    Sub- national levels possess a high degree of autonomy in a number of sectors including health. It is important to assess the level of coverage of the scheme among the formal sector workers in Nigeria as a proxy to gauge the extent of coverage of the scheme and derive suitable lessons that could be used in its expansion.

  20. Secure privacy-preserving biometric authentication scheme for telecare medicine information systems.

    Science.gov (United States)

    Li, Xuelei; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

    2014-11-01

    Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges in healthcare information systems, where only authorized patients and doctors can employ telecare medicine facilities and access electronic medical records. Therefore, a secure authentication scheme is urgently required to achieve the goals of entity authentication, data confidentiality and privacy protection. This paper investigates a new biometric authentication with key agreement scheme, which focuses on patient privacy and medical data confidentiality in TMIS. The new scheme employs hash function, fuzzy extractor, nonce and authenticated Diffie-Hellman key agreement as primitives. It provides patient privacy protection, e.g., hiding identity from being theft and tracked by unauthorized participant, and preserving password and biometric template from being compromised by trustless servers. Moreover, key agreement supports secure transmission by symmetric encryption to protect patient's medical data from being leaked. Finally, the analysis shows that our proposal provides more security and privacy protection for TMIS.

  1. FPGA implementation cost and performance evaluation of IEEE 802.11 protocol encryption security schemes

    Science.gov (United States)

    Sklavos, N.; Selimis, G.; Koufopavlou, O.

    2005-01-01

    The explosive growth of internet and consumer demand for mobility has fuelled the exponential growth of wireless communications and networks. Mobile users want access to services and information, from both internet and personal devices, from a range of locations without the use of a cable medium. IEEE 802.11 is one of the most widely used wireless standards of our days. The amount of access and mobility into wireless networks requires a security infrastructure that protects communication within that network. The security of this protocol is based on the wired equivalent privacy (WEP) scheme. Currently, all the IEEE 802.11 market products support WEP. But recently, the 802.11i working group introduced the advanced encryption standard (AES), as the security scheme for the future IEEE 802.11 applications. In this paper, the hardware integrations of WEP and AES are studied. A field programmable gate array (FPGA) device has been used as the hardware implementation platform, for a fair comparison between the two security schemes. Measurements for the FPGA implementation cost, operating frequency, power consumption and performance are given.

  2. FPGA implementation cost and performance evaluation of IEEE 802.11 protocol encryption security schemes

    International Nuclear Information System (INIS)

    Sklavos, N; Selimis, G; Koufopavlou, O

    2005-01-01

    The explosive growth of internet and consumer demand for mobility has fuelled the exponential growth of wireless communications and networks. Mobile users want access to services and information, from both internet and personal devices, from a range of locations without the use of a cable medium. IEEE 802.11 is one of the most widely used wireless standards of our days. The amount of access and mobility into wireless networks requires a security infrastructure that protects communication within that network. The security of this protocol is based on the wired equivalent privacy (WEP) scheme. Currently, all the IEEE 802.11 market products support WEP. But recently, the 802.11i working group introduced the advanced encryption standard (AES), as the security scheme for the future IEEE 802.11 applications. In this paper, the hardware integrations of WEP and AES are studied. A field programmable gate array (FPGA) device has been used as the hardware implementation platform, for a fair comparison between the two security schemes. Measurements for the FPGA implementation cost, operating frequency, power consumption and performance are given

  3. CERTIFICATE REVOCATION SCHEME BASED ON WEIGHTED VOTING GAME AND RATIONAL SECURE MULTIPARTY COMPUTING

    Directory of Open Access Journals (Sweden)

    N Aravinthan

    2017-03-01

    Full Text Available The Mobile Adhoc Network consists of deployed mobile nodes which lead to the frequent changes in network topology. Due to topology changes, required infrastructure is unavailable for communication. Moreover, malicious nodes present in MANET make use of this modification and can easily launch highly vulnerable attacks on the routing path of the network. Hence, Security issue such as removing misbehaving nodes is the primary issue in MANET. Effective certificate revocation scheme was introduced to identify and eliminate the node with malicious activities in the network based on the weighted voting game (ECR-WVG approach. In this approach, weights and quota were two factors, determined for an effective revocation of malicious nodes certificates. However, security during multiparty transmission was not taken into account in ECR-WVG. In Effective Certificate Revocation Scheme based on Weighted Voting Game and Rational Secure Multi-Party Computing (ECR-WVG-RSMPC method, rational secret sharing scheme is introduced along with ECR-WVG approach for securing multiparty transmission. Performance evaluation can be done between ECR-WVG and ECR-WVG-RSMPC in terms of false revocation, malicious node revocation, normalized time for revocation and revocation accuracy ratio.

  4. Seluge++: a secure over-the-air programming scheme in wireless sensor networks.

    Science.gov (United States)

    Doroodgar, Farzan; Abdur Razzaque, Mohammad; Isnin, Ismail Fauzi

    2014-03-11

    Over-the-air dissemination of code updates in wireless sensor networks have been researchers' point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN) nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare). Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge.

  5. A Novel Multiparty Quantum Secret Sharing Scheme of Secure Direct Communication Based on Bell States and Bell Measurements

    International Nuclear Information System (INIS)

    Shi Run-Hua; Huang Liu-Sheng; Yang Wei; Zhong Hong

    2011-01-01

    We present a novel quantum secret sharing scheme of secure direct communication and analyze its security. This scheme takes Einstein—Podolsky—Rosen (EPR) pairs in Bell states as quantum resources. In order to obtain the direct communication message, all agents only need to perform Bell measurements, not to perform any local unitary operation. The total efficiency in this scheme approaches 100% as the classical information exchanged is unnecessary except for the eavesdropping checks. (general)

  6. Economic sustainability, water security and multi-level governance of local water schemes in Nepal

    Directory of Open Access Journals (Sweden)

    Emma Hakala

    2017-07-01

    Full Text Available This article explores the role of multi-level governance and power structures in local water security through a case study of the Nawalparasi district in Nepal. It focuses on economic sustainability as a measure to address water security, placing this thematic in the context of a complicated power structure consisting of local, district and national administration as well as external development cooperation actors. The study aims to find out whether efforts to improve the economic sustainability of water schemes have contributed to water security at the local level. In addition, it will consider the interactions between water security, power structures and local equality and justice. The research builds upon survey data from the Nepalese districts of Nawalparasi and Palpa, and a case study based on interviews and observation in Nawalparasi. The survey was performed in water schemes built within a Finnish development cooperation programme spanning from 1990 to 2004, allowing a consideration of the long-term sustainability of water management projects. This adds a crucial external influence into the intra-state power structures shaping water management in Nepal. The article thus provides an alternative perspective to cross-regional water security through a discussion combining transnational involvement with national and local points of view.

  7. Unconditionally Secure Credit/Debit Card Chip Scheme and Physical Unclonable Function

    Science.gov (United States)

    Kish, Laszlo B.; Entesari, Kamran; Granqvist, Claes-Göran; Kwan, Chiman

    The statistical-physics-based Kirchhoff-law-Johnson-noise (KLJN) key exchange offers a new and simple unclonable system for credit/debit card chip authentication and payment. The key exchange, the authentication and the communication are unconditionally secure so that neither mathematics- nor statistics-based attacks are able to crack the scheme. The ohmic connection and the short wiring lengths between the chips in the card and the terminal constitute an ideal setting for the KLJN protocol, and even its simplest versions offer unprecedented security and privacy for credit/debit card chips and applications of physical unclonable functions (PUFs).

  8. Security analysis and improvement of a privacy authentication scheme for telecare medical information systems.

    Science.gov (United States)

    Wu, Fan; Xu, Lili

    2013-08-01

    Nowadays, patients can gain many kinds of medical service on line via Telecare Medical Information Systems(TMIS) due to the fast development of computer technology. So security of communication through network between the users and the server is very significant. Authentication plays an important part to protect information from being attacked by malicious attackers. Recently, Jiang et al. proposed a privacy enhanced scheme for TMIS using smart cards and claimed their scheme was better than Chen et al.'s. However, we have showed that Jiang et al.'s scheme has the weakness of ID uselessness and is vulnerable to off-line password guessing attack and user impersonation attack if an attacker compromises the legal user's smart card. Also, it can't resist DoS attack in two cases: after a successful impersonation attack and wrong password input in Password change phase. Then we propose an improved mutual authentication scheme used for a telecare medical information system. Remote monitoring, checking patients' past medical history record and medical consultant can be applied in the system where information transmits via Internet. Finally, our analysis indicates that the suggested scheme overcomes the disadvantages of Jiang et al.'s scheme and is practical for TMIS.

  9. A Novel Security Scheme Based on Instant Encrypted Transmission for Internet of Things

    Directory of Open Access Journals (Sweden)

    Chen Wang

    2018-01-01

    Full Text Available Internet of Things (IoT is a research field that has been continuously developed and innovated in recent years and is also an important driving force for the improvement of people’s life in the future. There are lots of scenarios in IoT where we need to collaborate through devices to complete tasks; that is, a device sends data to other devices, and other devices operate on the aid of the data. These transmitted data are often users’ privacy data, such as medical data and grid data. We propose an instant encrypted transmission based security scheme for such scenarios in IoT. The analysis in this paper indicates that our scheme can guarantee the security of users’ data while ensuring rapid transmission and acquisition of instant IoT data.

  10. A secure data outsourcing scheme based on Asmuth-Bloom secret sharing

    Science.gov (United States)

    Idris Muhammad, Yusuf; Kaiiali, Mustafa; Habbal, Adib; Wazan, A. S.; Sani Ilyasu, Auwal

    2016-11-01

    Data outsourcing is an emerging paradigm for data management in which a database is provided as a service by third-party service providers. One of the major benefits of offering database as a service is to provide organisations, which are unable to purchase expensive hardware and software to host their databases, with efficient data storage accessible online at a cheap rate. Despite that, several issues of data confidentiality, integrity, availability and efficient indexing of users' queries at the server side have to be addressed in the data outsourcing paradigm. Service providers have to guarantee that their clients' data are secured against internal (insider) and external attacks. This paper briefly analyses the existing indexing schemes in data outsourcing and highlights their advantages and disadvantages. Then, this paper proposes a secure data outsourcing scheme based on Asmuth-Bloom secret sharing which tries to address the issues in data outsourcing such as data confidentiality, availability and order preservation for efficient indexing.

  11. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing.

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-07-24

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient.

  12. A Secure Scheme for Distributed Consensus Estimation against Data Falsification in Heterogeneous Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Shichao Mi

    2016-02-01

    Full Text Available Heterogeneous wireless sensor networks (HWSNs can achieve more tasks and prolong the network lifetime. However, they are vulnerable to attacks from the environment or malicious nodes. This paper is concerned with the issues of a consensus secure scheme in HWSNs consisting of two types of sensor nodes. Sensor nodes (SNs have more computation power, while relay nodes (RNs with low power can only transmit information for sensor nodes. To address the security issues of distributed estimation in HWSNs, we apply the heterogeneity of responsibilities between the two types of sensors and then propose a parameter adjusted-based consensus scheme (PACS to mitigate the effect of the malicious node. Finally, the convergence property is proven to be guaranteed, and the simulation results validate the effectiveness and efficiency of PACS.

  13. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-01-01

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient. PMID:28737733

  14. A Provably Secure Aggregate Signature Scheme for Healthcare Wireless Sensor Networks.

    Science.gov (United States)

    Shen, Limin; Ma, Jianfeng; Liu, Ximeng; Miao, Meixia

    2016-11-01

    Wireless sensor networks (WSNs) are being used in a wide range of applications for healthcare monitoring, like heart rate monitors and blood pressure monitors, which can minimize the need for healthcare professionals. In medical system, sensors on or in patients produce medical data which can be easily compromised by a vast of attacks. Although signature schemes can protect data authenticity and data integrity, when the number of users involved in the medical system becomes huge, the bandwidth and storage cost will rise sharply so that existing signature schemes are inapplicability for WSNs. In this paper, we propose an efficient aggregate signature scheme for healthcare WSNs according to an improved security model, which can combine multiple signatures into a single aggregate signature. The length of such an aggregate signature may be as long as that of an individual one, which can greatly decrease the bandwidth and storage cost for networks.

  15. A secure transmission scheme of streaming media based on the encrypted control message

    Science.gov (United States)

    Li, Bing; Jin, Zhigang; Shu, Yantai; Yu, Li

    2007-09-01

    As the use of streaming media applications increased dramatically in recent years, streaming media security becomes an important presumption, protecting the privacy. This paper proposes a new encryption scheme in view of characteristics of streaming media and the disadvantage of the living method: encrypt the control message in the streaming media with the high security lever and permute and confuse the data which is non control message according to the corresponding control message. Here the so-called control message refers to the key data of the streaming media, including the streaming media header and the header of the video frame, and the seed key. We encrypt the control message using the public key encryption algorithm which can provide high security lever, such as RSA. At the same time we make use of the seed key to generate key stream, from which the permutation list P responding to GOP (group of picture) is derived. The plain text of the non-control message XORs the key stream and gets the middle cipher text. And then obtained one is permutated according to P. In contrast the decryption process is the inverse process of the above. We have set up a testbed for the above scheme and found our scheme is six to eight times faster than the conventional method. It can be applied not only between PCs but also between handheld devices.

  16. An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System.

    Science.gov (United States)

    Li, Chun-Ta; Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

    2017-06-23

    In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients' physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu-Chung's scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP.

  17. An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System

    Science.gov (United States)

    Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

    2017-01-01

    In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients’ physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu–Chung’s scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP. PMID:28644381

  18. Provably Secure Heterogeneous Access Control Scheme for Wireless Body Area Network.

    Science.gov (United States)

    Omala, Anyembe Andrew; Mbandu, Angolo Shem; Mutiria, Kamenyi Domenic; Jin, Chunhua; Li, Fagen

    2018-04-28

    Wireless body area network (WBAN) provides a medium through which physiological information could be harvested and transmitted to application provider (AP) in real time. Integrating WBAN in a heterogeneous Internet of Things (IoT) ecosystem would enable an AP to monitor patients from anywhere and at anytime. However, the IoT roadmap of interconnected 'Things' is still faced with many challenges. One of the challenges in healthcare is security and privacy of streamed medical data from heterogeneously networked devices. In this paper, we first propose a heterogeneous signcryption scheme where a sender is in a certificateless cryptographic (CLC) environment while a receiver is in identity-based cryptographic (IBC) environment. We then use this scheme to design a heterogeneous access control protocol. Formal security proof for indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model is presented. In comparison with some of the existing access control schemes, our scheme has lower computation and communication cost.

  19. A Dual Key-Based Activation Scheme for Secure LoRaWAN

    Directory of Open Access Journals (Sweden)

    Jaehyu Kim

    2017-01-01

    Full Text Available With the advent of the Internet of Things (IoT era, we are experiencing rapid technological progress. Billions of devices are connected to each other, and our homes, cities, hospitals, and schools are getting smarter and smarter. However, to realize the IoT, several challenging issues such as connecting resource-constrained devices to the Internet must be resolved. Recently introduced Low Power Wide Area Network (LPWAN technologies have been devised to resolve this issue. Among many LPWAN candidates, the Long Range (LoRa is one of the most promising technologies. The Long Range Wide Area Network (LoRaWAN is a communication protocol for LoRa that provides basic security mechanisms. However, some security loopholes exist in LoRaWAN’s key update and session key generation. In this paper, we propose a dual key-based activation scheme for LoRaWAN. It resolves the problem of key updates not being fully supported. In addition, our scheme facilitates each layer in generating its own session key directly, which ensures the independence of all layers. Real-world experimental results compared with the original scheme show that the proposed scheme is totally feasible in terms of delay and battery consumption.

  20. Secure biometric image sensor and authentication scheme based on compressed sensing.

    Science.gov (United States)

    Suzuki, Hiroyuki; Suzuki, Masamichi; Urabe, Takuya; Obi, Takashi; Yamaguchi, Masahiro; Ohyama, Nagaaki

    2013-11-20

    It is important to ensure the security of biometric authentication information, because its leakage causes serious risks, such as replay attacks using the stolen biometric data, and also because it is almost impossible to replace raw biometric information. In this paper, we propose a secure biometric authentication scheme that protects such information by employing an optical data ciphering technique based on compressed sensing. The proposed scheme is based on two-factor authentication, the biometric information being supplemented by secret information that is used as a random seed for a cipher key. In this scheme, a biometric image is optically encrypted at the time of image capture, and a pair of restored biometric images for enrollment and verification are verified in the authentication server. If any of the biometric information is exposed to risk, it can be reenrolled by changing the secret information. Through numerical experiments, we confirm that finger vein images can be restored from the compressed sensing measurement data. We also present results that verify the accuracy of the scheme.

  1. Reinforcement Learning Based Data Self-Destruction Scheme for Secured Data Management

    Directory of Open Access Journals (Sweden)

    Young Ki Kim

    2018-04-01

    Full Text Available As technologies and services that leverage cloud computing have evolved, the number of businesses and individuals who use them are increasing rapidly. In the course of using cloud services, as users store and use data that include personal information, research on privacy protection models to protect sensitive information in the cloud environment is becoming more important. As a solution to this problem, a self-destructing scheme has been proposed that prevents the decryption of encrypted user data after a certain period of time using a Distributed Hash Table (DHT network. However, the existing self-destructing scheme does not mention how to set the number of key shares and the threshold value considering the environment of the dynamic DHT network. This paper proposes a method to set the parameters to generate the key shares needed for the self-destructing scheme considering the availability and security of data. The proposed method defines state, action, and reward of the reinforcement learning model based on the similarity of the graph, and applies the self-destructing scheme process by updating the parameter based on the reinforcement learning model. Through the proposed technique, key sharing parameters can be set in consideration of data availability and security in dynamic DHT network environments.

  2. An adaptive secret key-directed cryptographic scheme for secure transmission in wireless sensor networks

    International Nuclear Information System (INIS)

    Muhammad, K.; Jan, Z.; Khan, Z

    2015-01-01

    Wireless Sensor Networks (WSNs) are memory and bandwidth limited networks whose main goals are to maximize the network lifetime and minimize the energy consumption and transmission cost. To achieve these goals, different techniques of compression and clustering have been used. However, security is an open and major issue in WSNs for which different approaches are used, both in centralized and distributed WSNs' environments. This paper presents an adaptive cryptographic scheme for secure transmission of various sensitive parameters, sensed by wireless sensors to the fusion center for further processing in WSNs such as military networks. The proposed method encrypts the sensitive captured data of sensor nodes using various encryption procedures (bitxor operation, bits shuffling, and secret key based encryption) and then sends it to the fusion center. At the fusion center, the received encrypted data is decrypted for taking further necessary actions. The experimental results with complexity analysis, validate the effectiveness and feasibility of the proposed method in terms of security in WSNs. (author)

  3. Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks.

    Science.gov (United States)

    Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

    2017-03-21

    At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al's method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration.

  4. Consolidating the social health insurance schemes in China: towards an equitable and efficient health system.

    Science.gov (United States)

    Meng, Qingyue; Fang, Hai; Liu, Xiaoyun; Yuan, Beibei; Xu, Jin

    2015-10-10

    Fragmentation in social health insurance schemes is an important factor for inequitable access to health care and financial protection for people covered by different health insurance schemes in China. To fulfil its commitment of universal health coverage by 2020, the Chinese Government needs to prioritise addressing this issue. After analysing the situation of fragmentation, this Review summarises efforts to consolidate health insurance schemes both in China and internationally. Rural migrants, elderly people, and those with non-communicable diseases in China will greatly benefit from consolidation of the existing health insurance schemes with extended funding pools, thereby narrowing the disparities among health insurance schemes in fund level and benefit package. Political commitments, institutional innovations, and a feasible implementation plan are the major elements needed for success in consolidation. Achievement of universal health coverage in China needs systemic strategies including consolidation of the social health insurance schemes. Copyright © 2015 Elsevier Ltd. All rights reserved.

  5. An Improved and Secure Biometric Authentication Scheme for Telecare Medicine Information Systems Based on Elliptic Curve Cryptography.

    Science.gov (United States)

    Chaudhry, Shehzad Ashraf; Mahmood, Khalid; Naqvi, Husnain; Khan, Muhammad Khurram

    2015-11-01

    Telecare medicine information system (TMIS) offers the patients convenient and expedite healthcare services remotely anywhere. Patient security and privacy has emerged as key issues during remote access because of underlying open architecture. An authentication scheme can verify patient's as well as TMIS server's legitimacy during remote healthcare services. To achieve security and privacy a number of authentication schemes have been proposed. Very recently Lu et al. (J. Med. Syst. 39(3):1-8, 2015) proposed a biometric based three factor authentication scheme for TMIS to confiscate the vulnerabilities of Arshad et al.'s (J. Med. Syst. 38(12):136, 2014) scheme. Further, they emphasized the robustness of their scheme against several attacks. However, in this paper we establish that Lu et al.'s scheme is vulnerable to numerous attacks including (1) Patient anonymity violation attack, (2) Patient impersonation attack, and (3) TMIS server impersonation attack. Furthermore, their scheme does not provide patient untraceability. We then, propose an improvement of Lu et al.'s scheme. We have analyzed the security of improved scheme using popular automated tool ProVerif. The proposed scheme while retaining the plusses of Lu et al.'s scheme is also robust against known attacks.

  6. Participation in the National Health Insurance Scheme Among ...

    African Journals Online (AJOL)

    Background: The National Health Insurance Scheme was established under Act 35 of 1999 by the Federal Government of Nigeria and is aimed at providing easy access to health care for all Nigerians at an affordable cost through various prepayment systems. It is totally committed to achieving universal coverage and ...

  7. Risk factors for oral diseases among workers with and without dental insurance in a national social security scheme in India.

    Science.gov (United States)

    Singh, Abhinav; Purohit, Bharathi M; Masih, Nitin; Kahndelwal, Praveen Kumar

    2014-04-01

    The target population for this cross sectional study comprises subjects with and without social security in a national social security scheme. The study aimed to compare and assess the risk factors for oral diseases among insured (organised sector) and non-insured workers (unorganised sector) in New Delhi, India. The sample comprised a total of 2,752 subjects. Of these, 960 workers belonged to the formal or organised sector with a social security and dental health insurance and 1,792 had no social security or dental insurance from the informal or unorganised sector. Significant differences were noted between the two groups for literacy levels, between-meal sugar consumption, tobacco-related habits and utilisation of dental care. Bleeding/calculus and periodontal pockets were present among 25% and 65.4% of insured workers, respectively. Similarly, 13.6% and 84.5% of non-insured workers had bleeding/calculus and periodontal pockets, respectively. The mean DMFT (decayed, missing, filled teeth) value among the insured workers and non-insured workers was 3.27 ± 1.98 and 3.75 ± 1.80, respectively. The association between absence of health insurance and dental caries was evident with an odds ratio (OR) of 1.94. Subjects with below graduate education were more prone to dental caries (OR = 1.62). Subjects who cleaned their teeth two or more times a day were less likely to have dental caries (OR = 1.47). Utilisation of dental care was inversely related to dental caries (OR = 1.25). The major risk factors for oral diseases in both the groups with similar socio-economic status were the lack of social security and health insurance, low literacy levels, high tobacco consumption and low levels of dental care utilisation. © 2013 FDI World Dental Federation.

  8. A Secured Load Mitigation and Distribution Scheme for Securing SIP Server

    Directory of Open Access Journals (Sweden)

    Vennila Ganesan

    2017-01-01

    Full Text Available Managing the performance of the Session Initiation Protocol (SIP server under heavy load conditions is a critical task in a Voice over Internet Protocol (VoIP network. In this paper, a two-tier model is proposed for the security, load mitigation, and distribution issues of the SIP server. In the first tier, the proposed handler segregates and drops the malicious traffic. The second tier provides a uniform load of distribution, using the least session termination time (LSTT algorithm. Besides, the mean session termination time is minimized by reducing the waiting time of the SIP messages. Efficiency of the LSTT algorithm is evaluated through the experimental test bed by considering with and without a handler. The experimental results establish that the proposed two-tier model improves the throughput and the CPU utilization. It also reduces the response time and error rate while preserving the quality of multimedia session delivery. This two-tier model provides robust security, dynamic load distribution, appropriate server selection, and session synchronization.

  9. Secure and Privacy-Preserving Body Sensor Data Collection and Query Scheme

    Directory of Open Access Journals (Sweden)

    Hui Zhu

    2016-02-01

    Full Text Available With the development of body sensor networks and the pervasiveness of smart phones, different types of personal data can be collected in real time by body sensors, and the potential value of massive personal data has attracted considerable interest recently. However, the privacy issues of sensitive personal data are still challenging today. Aiming at these challenges, in this paper, we focus on the threats from telemetry interface and present a secure and privacy-preserving body sensor data collection and query scheme, named SPCQ, for outsourced computing. In the proposed SPCQ scheme, users’ personal information is collected by body sensors in different types and converted into multi-dimension data, and each dimension is converted into the form of a number and uploaded to the cloud server, which provides a secure, efficient and accurate data query service, while the privacy of sensitive personal information and users’ query data is guaranteed. Specifically, based on an improved homomorphic encryption technology over composite order group, we propose a special weighted Euclidean distance contrast algorithm (WEDC for multi-dimension vectors over encrypted data. With the SPCQ scheme, the confidentiality of sensitive personal data, the privacy of data users’ queries and accurate query service can be achieved in the cloud server. Detailed analysis shows that SPCQ can resist various security threats from telemetry interface. In addition, we also implement SPCQ on an embedded device, smart phone and laptop with a real medical database, and extensive simulation results demonstrate that our proposed SPCQ scheme is highly efficient in terms of computation and communication costs.

  10. Secure and Privacy-Preserving Body Sensor Data Collection and Query Scheme.

    Science.gov (United States)

    Zhu, Hui; Gao, Lijuan; Li, Hui

    2016-02-01

    With the development of body sensor networks and the pervasiveness of smart phones, different types of personal data can be collected in real time by body sensors, and the potential value of massive personal data has attracted considerable interest recently. However, the privacy issues of sensitive personal data are still challenging today. Aiming at these challenges, in this paper, we focus on the threats from telemetry interface and present a secure and privacy-preserving body sensor data collection and query scheme, named SPCQ, for outsourced computing. In the proposed SPCQ scheme, users' personal information is collected by body sensors in different types and converted into multi-dimension data, and each dimension is converted into the form of a number and uploaded to the cloud server, which provides a secure, efficient and accurate data query service, while the privacy of sensitive personal information and users' query data is guaranteed. Specifically, based on an improved homomorphic encryption technology over composite order group, we propose a special weighted Euclidean distance contrast algorithm (WEDC) for multi-dimension vectors over encrypted data. With the SPCQ scheme, the confidentiality of sensitive personal data, the privacy of data users' queries and accurate query service can be achieved in the cloud server. Detailed analysis shows that SPCQ can resist various security threats from telemetry interface. In addition, we also implement SPCQ on an embedded device, smart phone and laptop with a real medical database, and extensive simulation results demonstrate that our proposed SPCQ scheme is highly efficient in terms of computation and communication costs.

  11. A Secure Dynamic Identity and Chaotic Maps Based User Authentication and Key Agreement Scheme for e-Healthcare Systems.

    Science.gov (United States)

    Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao; Chen, Song-Jhih

    2016-11-01

    Secure user authentication schemes in many e-Healthcare applications try to prevent unauthorized users from intruding the e-Healthcare systems and a remote user and a medical server can establish session keys for securing the subsequent communications. However, many schemes does not mask the users' identity information while constructing a login session between two or more parties, even though personal privacy of users is a significant topic for e-Healthcare systems. In order to preserve personal privacy of users, dynamic identity based authentication schemes are hiding user's real identity during the process of network communications and only the medical server knows login user's identity. In addition, most of the existing dynamic identity based authentication schemes ignore the inputs verification during login condition and this flaw may subject to inefficiency in the case of incorrect inputs in the login phase. Regarding the use of secure authentication mechanisms for e-Healthcare systems, this paper presents a new dynamic identity and chaotic maps based authentication scheme and a secure data protection approach is employed in every session to prevent illegal intrusions. The proposed scheme can not only quickly detect incorrect inputs during the phases of login and password change but also can invalidate the future use of a lost/stolen smart card. Compared the functionality and efficiency with other authentication schemes recently, the proposed scheme satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for e-Healthcare systems.

  12. Universal health coverage in Latin American countries: how to improve solidarity-based schemes.

    Science.gov (United States)

    Titelman, Daniel; Cetrángolo, Oscar; Acosta, Olga Lucía

    2015-04-04

    In this Health Policy we examine the association between the financing structure of health systems and universal health coverage. Latin American health systems encompass a wide range of financial sources, which translate into different solidarity-based schemes that combine contributory (payroll taxes) and non-contributory (general taxes) sources of financing. To move towards universal health coverage, solidarity-based schemes must heavily rely on countries' capacity to increase public expenditure in health. Improvement of solidarity-based schemes will need the expansion of mandatory universal insurance systems and strengthening of the public sector including increased fiscal expenditure. These actions demand a new model to integrate different sources of health-sector financing, including general tax revenue, social security contributions, and private expenditure. The extent of integration achieved among these sources will be the main determinant of solidarity and universal health coverage. The basic challenges for improvement of universal health coverage are not only to spend more on health, but also to reduce the proportion of out-of-pocket spending, which will need increased fiscal resources. Copyright © 2015 Elsevier Ltd. All rights reserved.

  13. [Universalization of health or of social security?].

    Science.gov (United States)

    Levy-Algazi, Santiago

    2011-01-01

    This article presents an analysis of the architecture of Mexico's health system based on the main economic problem, failing to achieve a GDP growth rate to increase real wages and give workers in formal employment coverage social security. This analysis describes the relationship between social security of the population and employment status of it (either formal or informal employment) and the impact that this situation poses to our health system. Also, it ends with a reform proposal that will give all workers the same social rights, ie to grant universal social security.

  14. Security and privacy issues of personal health.

    Science.gov (United States)

    Blobel, Bernd; Pharow, Peter

    2007-01-01

    While health systems in developed countries and increasingly also in developing countries are moving from organisation-centred to person-centred health service delivery, the supporting communication and information technology is faced with new risks regarding security and privacy of stakeholders involved. The comprehensively distributed environment puts special burden on guaranteeing communication security services, but even more on guaranteeing application security services dealing with privilege management, access control and audit regarding social implication and connected sensitivity of personal information recorded, processed, communicated and stored in an even internationally distributed environment.

  15. Health Information Security in Hospitals: the Application of Security Safeguards.

    Science.gov (United States)

    Mehraeen, Esmaeil; Ayatollahi, Haleh; Ahmadi, Maryam

    2016-02-01

    A hospital information system has potentials to improve the accessibility of clinical information and the quality of health care. However, the use of this system has resulted in new challenges, such as concerns over health information security. This paper aims to assess the status of information security in terms of administrative, technical and physical safeguards in the university hospitals. This was a survey study in which the participants were information technology (IT) managers (n=36) who worked in the hospitals affiliated to the top ranked medical universities (university A and university B). Data were collected using a questionnaire. The content validity of the questionnaire was examined by the experts and the reliability of the questionnaire was determined using Cronbach's coefficient alpha (α=0.75). The results showed that the administrative safeguards were arranged at a medium level. In terms of the technical safeguards and the physical safeguards, the IT managers rated them at a strong level. According to the results, among three types of security safeguards, the administrative safeguards were assessed at the medium level. To improve it, developing security policies, implementing access control models and training users are recommended.

  16. Code-Hopping Based Transmission Scheme for Wireless Physical-Layer Security

    Directory of Open Access Journals (Sweden)

    Liuguo Yin

    2018-01-01

    Full Text Available Due to the broadcast and time-varying natures of wireless channels, traditional communication systems that provide data encryption at the application layer suffer many challenges such as error diffusion. In this paper, we propose a code-hopping based secrecy transmission scheme that uses dynamic nonsystematic low-density parity-check (LDPC codes and automatic repeat-request (ARQ mechanism to jointly encode and encrypt source messages at the physical layer. In this scheme, secret keys at the transmitter and the legitimate receiver are generated dynamically upon the source messages that have been transmitted successfully. During the transmission, each source message is jointly encoded and encrypted by a parity-check matrix, which is dynamically selected from a set of LDPC matrices based on the shared dynamic secret key. As for the eavesdropper (Eve, the uncorrectable decoding errors prevent her from generating the same secret key as the legitimate parties. Thus she cannot select the correct LDPC matrix to recover the source message. We demonstrate that our scheme can be compatible with traditional cryptosystems and enhance the security without sacrificing the error-correction performance. Numerical results show that the bit error rate (BER of Eve approaches 0.5 as the number of transmitted source messages increases and the security gap of the system is small.

  17. A secure communication scheme based generalized function projective synchronization of a new 5D hyperchaotic system

    International Nuclear Information System (INIS)

    Wu, Xiangjun; Fu, Zhengye; Kurths, Jürgen

    2015-01-01

    In this paper, a new five-dimensional hyperchaotic system is proposed based on the Lü hyperchaotic system. Some of its basic dynamical properties, such as equilibria, Lyapunov exponents, bifurcations and various attractors are investigated. Furthermore, a new secure communication scheme based on generalized function projective synchronization (GFPS) of this hyperchaotic system with an uncertain parameter is presented. The communication scheme is composed of the modulation, the chaotic receiver, the chaotic transmitter and the demodulation. The modulation mechanism is to modulate the message signal into the system parameter. Then the chaotic signals are sent to the receiver via a public channel. In the receiver end, by designing the controllers and the parameter update rule, GFPS between the transmitter and receiver systems is achieved and the unknown parameter is estimated simultaneously. The message signal can be finally recovered by the identified parameter and the corresponding demodulation method. There is no any limitation on the message size. Numerical simulations are performed to show the validity and feasibility of the presented secure communication scheme. (paper)

  18. Correct mutual information, quantum bit error rate and secure transmission efficiency in Wojcik's eavesdropping scheme on ping-pong protocol

    OpenAIRE

    Zhang, Zhanjun

    2004-01-01

    Comment: The wrong mutual information, quantum bit error rate and secure transmission efficiency in Wojcik's eavesdropping scheme [PRL90(03)157901]on ping-pong protocol have been pointed out and corrected

  19. High security chaotic multiple access scheme for visible light communication systems with advanced encryption standard interleaving

    Science.gov (United States)

    Qiu, Junchao; Zhang, Lin; Li, Diyang; Liu, Xingcheng

    2016-06-01

    Chaotic sequences can be applied to realize multiple user access and improve the system security for a visible light communication (VLC) system. However, since the map patterns of chaotic sequences are usually well known, eavesdroppers can possibly derive the key parameters of chaotic sequences and subsequently retrieve the information. We design an advanced encryption standard (AES) interleaving aided multiple user access scheme to enhance the security of a chaotic code division multiple access-based visible light communication (C-CDMA-VLC) system. We propose to spread the information with chaotic sequences, and then the spread information is interleaved by an AES algorithm and transmitted over VLC channels. Since the computation complexity of performing inverse operations to deinterleave the information is high, the eavesdroppers in a high speed VLC system cannot retrieve the information in real time; thus, the system security will be enhanced. Moreover, we build a mathematical model for the AES-aided VLC system and derive the theoretical information leakage to analyze the system security. The simulations are performed over VLC channels, and the results demonstrate the effectiveness and high security of our presented AES interleaving aided chaotic CDMA-VLC system.

  20. A secure effective dynamic group password-based authenticated key agreement scheme for the integrated EPR information system

    Directory of Open Access Journals (Sweden)

    Vanga Odelu

    2016-01-01

    Full Text Available With the rapid growth of the Internet, a lot of electronic patient records (EPRs have been developed for e-medicine systems. The security and privacy issues of EPRs are important for the patients in order to understand how the hospitals control the use of their personal information, such as name, address, e-mail, medical records, etc. of a particular patient. Recently, Lee et al. proposed a simple group password-based authenticated key agreement protocol for the integrated EPR information system (SGPAKE. However, in this paper, we show that Lee et al.’s protocol is vulnerable to the off-line weak password guessing attack and as a result, their scheme does not provide users’ privacy. To withstand this security weakness found in Lee et al.’s scheme, we aim to propose an effective dynamic group password-based authenticated key exchange scheme for the integrated EPR information system, which retains the original merits of Lee et al.’s scheme. Through the informal and formal security analysis, we show that our scheme provides users’ privacy, perfect forward security and known-key security, and also protects online and offline password guessing attacks. Furthermore, our scheme efficiently supports the dynamic group password-based authenticated key agreement for the integrated EPR information system. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications tool and show that our scheme is secure against passive and active attacks.

  1. Design of a Secure Authentication and Key Agreement Scheme Preserving User Privacy Usable in Telecare Medicine Information Systems.

    Science.gov (United States)

    Arshad, Hamed; Rasoolzadegan, Abbas

    2016-11-01

    Authentication and key agreement schemes play a very important role in enhancing the level of security of telecare medicine information systems (TMISs). Recently, Amin and Biswas demonstrated that the authentication scheme proposed by Giri et al. is vulnerable to off-line password guessing attacks and privileged insider attacks and also does not provide user anonymity. They also proposed an improved authentication scheme, claiming that it resists various security attacks. However, this paper demonstrates that Amin and Biswas's scheme is defenseless against off-line password guessing attacks and replay attacks and also does not provide perfect forward secrecy. This paper also shows that Giri et al.'s scheme not only suffers from the weaknesses pointed out by Amin and Biswas, but it also is vulnerable to replay attacks and does not provide perfect forward secrecy. Moreover, this paper proposes a novel authentication and key agreement scheme to overcome the mentioned weaknesses. Security and performance analyses show that the proposed scheme not only overcomes the mentioned security weaknesses, but also is more efficient than the previous schemes.

  2. [Information security in health care].

    Science.gov (United States)

    Ködmön, József; Csajbók, Zoltán Ernő

    2015-07-05

    Doctors, nurses and other medical professionals are spending more and more time in front of the computer, using applications developed for general practitioners, specialized care, or perhaps an integrated hospital system. The data they handle during healing and patient care are mostly sensitive data and, therefore, their management is strictly regulated. Finding our way in the jungle of laws, regulations and policies is not simple. Notwithstanding, our lack of information does not waive our responsibility. This study summarizes the most important points of international recommendations, standards and legal regulations of the field, as well as giving practical advices for managing medical and patient data securely and in compliance with the current legal regulations.

  3. Health security as a public health concept: a critical analysis.

    Science.gov (United States)

    Aldis, William

    2008-11-01

    There is growing acceptance of the concept of health security. However, there are various and incompatible definitions, incomplete elaboration of the concept of health security in public health operational terms, and insufficient reconciliation of the health security concept with community-based primary health care. More important, there are major differences in understanding and use of the concept in different settings. Policymakers in industrialized countries emphasize protection of their populations especially against external threats, for example terrorism and pandemics; while health workers and policymakers in developing countries and within the United Nations system understand the term in a broader public health context. Indeed, the concept is used inconsistently within the UN agencies themselves, for example the World Health Organization's restrictive use of the term 'global health security'. Divergent understandings of 'health security' by WHO's member states, coupled with fears of hidden national security agendas, are leading to a breakdown of mechanisms for global cooperation such as the International Health Regulations. Some developing countries are beginning to doubt that internationally shared health surveillance data is used in their best interests. Resolution of these incompatible understandings is a global priority.

  4. A security architecture for interconnecting health information systems.

    Science.gov (United States)

    Gritzalis, Dimitris; Lambrinoudakis, Costas

    2004-03-31

    Several hereditary and other chronic diseases necessitate continuous and complicated health care procedures, typically offered in different, often distant, health care units. Inevitably, the medical records of patients suffering from such diseases become complex, grow in size very fast and are scattered all over the units involved in the care process, hindering communication of information between health care professionals. Web-based electronic medical records have been recently proposed as the solution to the above problem, facilitating the interconnection of the health care units in the sense that health care professionals can now access the complete medical record of the patient, even if it is distributed in several remote units. However, by allowing users to access information from virtually anywhere, the universe of ineligible people who may attempt to harm the system is dramatically expanded, thus severely complicating the design and implementation of a secure environment. This paper presents a security architecture that has been mainly designed for providing authentication and authorization services in web-based distributed systems. The architecture has been based on a role-based access scheme and on the implementation of an intelligent security agent per site (i.e. health care unit). This intelligent security agent: (a). authenticates the users, local or remote, that can access the local resources; (b). assigns, through temporary certificates, access privileges to the authenticated users in accordance to their role; and (c). communicates to other sites (through the respective security agents) information about the local users that may need to access information stored in other sites, as well as about local resources that can be accessed remotely.

  5. Can conditional cash transfers improve the uptake of nutrition interventions and household food security? Evidence from Odisha's Mamata scheme.

    Directory of Open Access Journals (Sweden)

    Kalyani Raghunathan

    Full Text Available There is considerable global evidence on the effectiveness of cash transfers in improving health and nutrition outcomes; however, the evidence from South Asia, particularly India, is limited. In the context of India where more than a third of children are undernourished, and where there is considerable under-utilization of health and nutrition interventions, it is opportune to investigate the impact of cash transfer programs on the use of interventions. We study one conditional cash transfer program, Mamata scheme, implemented in the state of Odisha, in India that targeted pregnant and lactating women. Using survey data on 1161 households from three districts in the state of Odisha, we examine the effect of the scheme on eight outcomes: 1 pregnancy registration; 2 receipt of antenatal services; 3 receipt of iron and folic acid (IFA tablets; 4 exposure to counseling during pregnancy; 5 exposure to postnatal counseling; 6 exclusive breastfeeding; 7 full immunization; and 8 household food security. We conduct regression analyses and correct for endogeneity using nearest-neighbor matching and inverse-probability weighting models. We find that the receipt of payments from the Mamata scheme is associated with a 5 percentage point (pp increase in the likelihood of receiving antenatal services, a 10 pp increase in the likelihood of receiving IFA tablets, and a decline of 0.84 on the Household Food Insecurity Access Scale. These results provide the first quantitative estimates of effects associated with the Mamata scheme, which can inform the design of government policies related to conditional cash transfers.

  6. Smoking: Taxing health and social security

    OpenAIRE

    Armour, Brian S.; Pitts, M. Melinda

    2006-01-01

    Cigarette smoking is costly in terms of not only its effects on smokers' health but also the direct and indirect financial costs it imposes on smokers and their families. For instance, premature death caused by smoking may redistribute Social Security income in unexpected ways that affect behavior and reduce the economic well-being of smokers and their dependents. ; This article examines the effects of smoking-attributable mortality on the net marginal Social Security tax rate (NMSSTR)—the di...

  7. Dynamic Group Management Scheme for Sustainable and Secure Information Sensing in IoT

    Directory of Open Access Journals (Sweden)

    Hyungjoo Kim

    2016-10-01

    Full Text Available The services provided to users in the environment associated with the Internet of Things (hereinafter referred to as IoT begin with the information collected from sensors. It is imperative to transmit high-quality sensor data for providing better services. It is also required to collect data only from those authenticated sensors. Moreover, it is imperative to collect high-quality data on a sustainable and continuous basis in order to provide services anytime and anywhere in the IoT environment. Therefore, high-quality, authenticated sensor networks should be constructed. The most prominent routing protocol to enhance the energy consumption efficiency for the sustainable data collection in a sensor network is the LEACH routing protocol. The LEACH routing protocol transmits sensor data by measuring the energy of sensors and allocating sensor groups dynamically. However, these sensor networks have vulnerabilities such as key leakage, eavesdropping, replay attack and relay attack, given the nature of wireless network communication. A large number of security techniques have been studied in order to solve these vulnerabilities. Nonetheless, these studies still cannot support the dynamic sensor group allocation of the LEACH routing protocol. Furthermore, they are not suitable for the sensor nodes whose hardware computing ability and energy resources are limited. Therefore, this paper proposed a group sensor communication protocol that utilizes only the four fundamental arithmetic operations and logical operation for the sensor node authentication and secure data transmission. Through the security analysis, this paper verified that the proposed scheme was secure to the vulnerabilities resulting from the nature of wireless network communication. Moreover, this paper verified through the performance analysis that the proposed scheme could be utilized efficiently.

  8. Community Based Health Insurance Schemes and Protection of the ...

    African Journals Online (AJOL)

    The objectives of this study are two folds: firstly to explore the magnitude of catastrophic expenditure, and secondly to determine its contributing factor,s including the protective impact of the voluntary community based health insurance schemes in Tanzania. The study covered 274 respondents. Study findings have shown ...

  9. Exploring fraud and abuse in National Health Insurance Scheme ...

    African Journals Online (AJOL)

    This study explored patterns of fraud and abuse that exist in the National Health Insurance Scheme (NHIS) claims in the Awutu-Effutu-Senya District using data mining techniques, with a specific focus on malaria-related claims. The study employed quantitative research approach with survey design as a strategy of enquiry.

  10. Utilization and perception of Community Health Insurance Scheme ...

    African Journals Online (AJOL)

    Shell in collaboration with four communities in Obio-Akpor LGA, Port Harcourt, started a Community Health Insurance Scheme in February 2010. An evaluation of enrollees' utilization and perception of the services provided was done. Methodology: Quantitative data were collected by the use of structured interviewer ...

  11. Evaluation of Rajiv Aarogyasri Health Insurance Scheme in Andrha ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    In 2007, out-of-pocket expenditures accounted for 90% of total private expenditure on healthcare in India. The cost of coping with serious disease can be ruinous for families living below the poverty line. The Rajiv Aarogyasri Health Insurance Scheme was established in Andrha Pradesh to mitigate catastrophic healthcare ...

  12. Three-pass protocol scheme for bitmap image security by using vernam cipher algorithm

    Science.gov (United States)

    Rachmawati, D.; Budiman, M. A.; Aulya, L.

    2018-02-01

    Confidentiality, integrity, and efficiency are the crucial aspects of data security. Among the other digital data, image data is too prone to abuse of operation like duplication, modification, etc. There are some data security techniques, one of them is cryptography. The security of Vernam Cipher cryptography algorithm is very dependent on the key exchange process. If the key is leaked, security of this algorithm will collapse. Therefore, a method that minimizes key leakage during the exchange of messages is required. The method which is used, is known as Three-Pass Protocol. This protocol enables message delivery process without the key exchange. Therefore, the sending messages process can reach the receiver safely without fear of key leakage. The system is built by using Java programming language. The materials which are used for system testing are image in size 200×200 pixel, 300×300 pixel, 500×500 pixel, 800×800 pixel and 1000×1000 pixel. The result of experiments showed that Vernam Cipher algorithm in Three-Pass Protocol scheme could restore the original image.

  13. Personal health record systems and their security protection.

    Science.gov (United States)

    Win, Khin Than; Susilo, Willy; Mu, Yi

    2006-08-01

    The objective of this study is to analyze the security protection of personal health record systems. To achieve this we have investigated different personal health record systems, their security functions, and security issues. We have noted that current security mechanisms are not adequate and we have proposed some security mechanisms to tackle these problems.

  14. Urban environment and health: food security.

    Science.gov (United States)

    Galal, Osman; Corroon, Meghan; Tirado, Cristina

    2010-07-01

    The authors examine the impact of urbanization on food security and human health in the Middle East. Within-urban-population disparities in food security represent one of the most dramatic indicators of economic and health disparities. These disparities are reflected in a double burden of health outcomes: increasing levels of chronic disease as well as growing numbers of undernourished among the urban poor. These require further comprehensive solutions. Some of the factors leading to food insecurity are an overdependence on purchased food commodities, lack of sufficient livelihoods, rapid reductions in peripheral agricultural land, and adverse impacts of climate change. The Food and Agriculture Organization of the United Nations (FAO) Food Security Framework is used to examine and compare 2 cities in the Middle East: Amman, Jordan, and Manama, Bahrain.

  15. Secure Data Aggregation in Wireless Sensor Network-Fujisaki Okamoto(FO) Authentication Scheme against Sybil Attack.

    Science.gov (United States)

    Nirmal Raja, K; Maraline Beno, M

    2017-07-01

    In the wireless sensor network(WSN) security is a major issue. There are several network security schemes proposed in research. In the network, malicious nodes obstruct the performance of the network. The network can be vulnerable by Sybil attack. When a node illicitly assertions multiple identities or claims fake IDs, the WSN grieves from an attack named Sybil attack. This attack threatens wireless sensor network in data aggregation, synchronizing system, routing, fair resource allocation and misbehavior detection. Henceforth, the research is carried out to prevent the Sybil attack and increase the performance of the network. This paper presents the novel security mechanism and Fujisaki Okamoto algorithm and also application of the work. The Fujisaki-Okamoto (FO) algorithm is ID based cryptographic scheme and gives strong authentication against Sybil attack. By using Network simulator2 (NS2) the scheme is simulated. In this proposed scheme broadcasting key, time taken for different key sizes, energy consumption, Packet delivery ratio, Throughput were analyzed.

  16. An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Chun-Ta Li

    2013-07-01

    Full Text Available Wireless sensor networks (WSNs can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs. Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.’s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users’ attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.’s authentication scheme are left unchanged.

  17. An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks.

    Science.gov (United States)

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

    2013-07-24

    Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged.

  18. A security-awareness virtual machine management scheme based on Chinese wall policy in cloud computing.

    Science.gov (United States)

    Yu, Si; Gui, Xiaolin; Lin, Jiancai; Tian, Feng; Zhao, Jianqiang; Dai, Min

    2014-01-01

    Cloud computing gets increasing attention for its capacity to leverage developers from infrastructure management tasks. However, recent works reveal that side channel attacks can lead to privacy leakage in the cloud. Enhancing isolation between users is an effective solution to eliminate the attack. In this paper, to eliminate side channel attacks, we investigate the isolation enhancement scheme from the aspect of virtual machine (VM) management. The security-awareness VMs management scheme (SVMS), a VMs isolation enhancement scheme to defend against side channel attacks, is proposed. First, we use the aggressive conflict of interest relation (ACIR) and aggressive in ally with relation (AIAR) to describe user constraint relations. Second, based on the Chinese wall policy, we put forward four isolation rules. Third, the VMs placement and migration algorithms are designed to enforce VMs isolation between the conflict users. Finally, based on the normal distribution, we conduct a series of experiments to evaluate SVMS. The experimental results show that SVMS is efficient in guaranteeing isolation between VMs owned by conflict users, while the resource utilization rate decreases but not by much.

  19. Secure Testing for Genetic Diseases on Encrypted Genomes with Homomorphic Encryption Scheme

    Directory of Open Access Journals (Sweden)

    Tan Ping Zhou

    2018-01-01

    Full Text Available The decline in genome sequencing costs has widened the population that can afford its cost and has also raised concerns about genetic privacy. Kim et al. present a practical solution to the scenario of secure searching of gene data on a semitrusted business cloud. However, there are three errors in their scheme. We have made three improvements to solve these three errors. (1 They truncate the variation encodings of gene to 21 bits, which causes LPCE error and more than 5% of the entries in the database cannot be queried integrally. We decompose these large encodings by 44 bits and deal with the components, respectively, to avoid LPCE error. (2 We abandon the hash function used in Kim’s scheme, which may cause HCE error with a probability of 2-22 and decompose the position encoding of gene into three parts with the basis 211 to avoid HCE error. (3 We analyze the relationship between the parameters and the CCE error and specify the condition that parameters need to satisfy to avoid the CCE error. Experiments show that our scheme can search all entries, and the probability of searching error is reduced to less than 2-37.4.

  20. A Hybrid Secure Scheme for Wireless Sensor Networks against Timing Attacks Using Continuous-Time Markov Chain and Queueing Model.

    Science.gov (United States)

    Meng, Tianhui; Li, Xiaofan; Zhang, Sha; Zhao, Yubin

    2016-09-28

    Wireless sensor networks (WSNs) have recently gained popularity for a wide spectrum of applications. Monitoring tasks can be performed in various environments. This may be beneficial in many scenarios, but it certainly exhibits new challenges in terms of security due to increased data transmission over the wireless channel with potentially unknown threats. Among possible security issues are timing attacks, which are not prevented by traditional cryptographic security. Moreover, the limited energy and memory resources prohibit the use of complex security mechanisms in such systems. Therefore, balancing between security and the associated energy consumption becomes a crucial challenge. This paper proposes a secure scheme for WSNs while maintaining the requirement of the security-performance tradeoff. In order to proceed to a quantitative treatment of this problem, a hybrid continuous-time Markov chain (CTMC) and queueing model are put forward, and the tradeoff analysis of the security and performance attributes is carried out. By extending and transforming this model, the mean time to security attributes failure is evaluated. Through tradeoff analysis, we show that our scheme can enhance the security of WSNs, and the optimal rekeying rate of the performance and security tradeoff can be obtained.

  1. Provable Secure and Efficient Digital Rights Management Authentication Scheme Using Smart Card Based on Elliptic Curve Cryptography

    Directory of Open Access Journals (Sweden)

    Yuanyuan Zhang

    2015-01-01

    Full Text Available Since the concept of ubiquitous computing is firstly proposed by Mark Weiser, its connotation has been extending and expanding by many scholars. In pervasive computing application environment, many kinds of small devices containing smart cart are used to communicate with others. In 2013, Yang et al. proposed an enhanced authentication scheme using smart card for digital rights management. They demonstrated that their scheme is secure enough. However, Mishra et al. pointed out that Yang et al.’s scheme suffers from the password guessing attack and the denial of service attack. Moreover, they also demonstrated that Yang et al.’s scheme is not efficient enough when the user inputs an incorrect password. In this paper, we analyze Yang et al.’s scheme again, and find that their scheme is vulnerable to the session key attack. And, there are some mistakes in their scheme. To surmount the weakness of Yang et al.’s scheme, we propose a more efficient and provable secure digital rights management authentication scheme using smart card based on elliptic curve cryptography.

  2. Disease Recording Systems and Herd Health Schemes for Production Diseases

    Directory of Open Access Journals (Sweden)

    Østerås O

    2001-03-01

    Full Text Available Disease recording of cattle is compulsory in Sweden and Norway. Sweden and Denmark also have mandatory disease recording for swine, whereas Finland and Norway only have compulsory recording of infectious diseases. Both compulsory and voluntary systems are databased, the first ones developed in the 1970's. Disease recording at pig slaughtering is somewhat older. The veterinary practitioner, and often also the farmer, can report treated cases as well as fertility disturbances to the systems. Disease recording at slaughter is carried out by veterinarians and inspection officers. The databases are handled by the veterinary authorities or the agricultural organisations in each country. Costs are defrayed by the authorities and/or the agricultural industry. The farmers receive periodic reports. Data are stored for three to ten years, often longer. Affiliation to animal health schemes for cattle or swine is voluntary. In Sweden and Denmark (cattle they are run within the scope of government regulations. Affiliation to animal health programmes may also be demanded by organisations within the agricultural industry. These organisations are also responsible for the administration of the programmes. Costs to take part in herd health schemes are covered by the farmers themselves. In certain cases, grants are received from agricultural organisations, authorities, or the European Union. Recording of diseases and the format of animal health schemes in the Nordic countries are described here in order to illustrate the possibilities to compare data between countries.

  3. Strategic purchasing and health system efficiency: A comparison of two financing schemes in Thailand.

    Science.gov (United States)

    Patcharanarumol, Walaiporn; Panichkriangkrai, Warisa; Sommanuttaweechai, Angkana; Hanson, Kara; Wanwong, Yaowaluk; Tangcharoensathien, Viroj

    2018-01-01

    Strategic purchasing is an essential health financing function. This paper compares the strategic purchasing practices of Thailand's two tax-financed health insurance schemes, the Universal Coverage Scheme (UCS) and the Civil Servant Medical Benefit Scheme (CSMBS), and identifies factors contributing to successful universal health coverage outcomes by analysing the relationships between the purchaser and government, providers and members. The study uses a cross-sectional mixed-methods design, including document review and interviews with 56 key informants. The Comptroller General Department (CGD) of Ministry of Finance manages CSMBS as one among civil servant welfare programmes. Their purchasing is passive. Fee for service payment for outpatient care has resulted in rapid cost escalation and overspending of their annual budget. In contrast, National Health Security Office (NHSO) manages purchasing for UCS, which undertakes a range of strategic purchasing actions, including applying closed ended provider payment, promoting primary healthcare's gate keeping functions, exercising collective purchasing power and engaging views of members in decision making process. This difference in purchasing arrangements resulted in expenditure per CSMBS member being 4 times higher than UCS in 2014. The governance of the purchaser organization, the design of the purchasing arrangements including incentives and use of information, and the institutional capacities to implement purchasing functions are essential for effective strategic purchasing which can improve health system efficiency as a whole.

  4. Security for decentralized health information systems.

    Science.gov (United States)

    Bleumer, G

    1994-02-01

    Health care information systems must reflect at least two basic characteristics of the health care community: the increasing mobility of patients and the personal liability of everyone giving medical treatment. Open distributed information systems bear the potential to reflect these requirements. But the market for open information systems and operating systems hardly provides secure products today. This 'missing link' is approached by the prototype SECURE Talk that provides secure transmission and archiving of files on top of an existing operating system. Its services may be utilized by existing medical applications. SECURE Talk demonstrates secure communication utilizing only standard hardware. Its message is that cryptography (and in particular asymmetric cryptography) is practical for many medical applications even if implemented in software. All mechanisms are software implemented in order to be executable on standard-hardware. One can investigate more or less decentralized forms of public key management and the performance of many different cryptographic mechanisms. That of, e.g. hybrid encryption and decryption (RSA+DES-PCBC) is about 300 kbit/s. That of signing and verifying is approximately the same using RSA with a DES hash function. The internal speed, without disk accesses etc., is about 1.1 Mbit/s. (Apple Quadra 950 (MC 68040, 33 MHz, RAM: 20 MB, 80 ns. Length of RSA modulus is 512 bit).

  5. Securing a Right to Health

    Science.gov (United States)

    2017-01-01

    Abstract A national deportation campaign targeting Romanian Roma in France has recently drawn international criticism from human rights organizations and the European Union. In this context, some French municipalities have created villages d’insertion—integration villages—for some of their Roma residents. Proponents of these spaces have declared that they are humanitarian solutions to the existence of Roma slums in the urban peripheries of many French cities. Yet the creation of a “healthy space” for Roma migrants in the city has also legitimated the further eviction and exclusion of people from “unhealthy slums.” This article is based on ethnographic research among residents of an integration village and a number of unauthorized encampments in Strasbourg, France. This article analyzes the village d’insertion as a contemporary setting where the uneven medical citizenship of Roma migrants in France is being articulated in relation to wider debates about Roma inclusion in Europe. Ultimately, the village d’insertion is a local manifestation of state power, where the division between those deserving and undeserving of public support is reconfigured through the provision and exclusion of access to rights such as health care and shelter. PMID:29302162

  6. Cryptanalyzing an improved security modulated chaotic encryption scheme using ciphertext absolute value

    International Nuclear Information System (INIS)

    Alvarez, G.; Montoya, F.; Romera, M.; Pastor, G.

    2005-01-01

    This paper describes the security weakness of a recently proposed improved chaotic encryption method based on the modulation of a signal generated by a chaotic system with an appropriately chosen scalar signal. The aim of the improvement is to avoid the breaking of chaotic encryption schemes by means of the return map attack introduced by Perez and Cerdeira. A method of attack based on taking the absolute value of the ciphertext is presented, that allows for the cancellation of the modulation scalar signal and the determination of some system parameters that play the role of system key. The proposed improved method is shown to be compromised without any knowledge of the chaotic system parameter values and even without knowing the transmitter structure

  7. Federal Funding for Health Security in FY2017.

    Science.gov (United States)

    Boddie, Crystal; Watson, Matthew; Sell, Tara Kirk

    2016-01-01

    This latest article in the Federal Funding for Health Security series assesses FY2017 US government funding in 5 domains critical to strengthening health security: biosecurity, radiological and nuclear security, chemical security, pandemic influenza and emerging infectious disease, and multiple-hazard and general preparedness.

  8. Management initiatives in a community-based health insurance scheme.

    Science.gov (United States)

    Sinha, Tara; Ranson, M Kent; Chatterjee, Mirai; Mills, Anne

    2007-01-01

    Community-based health insurance (CBHI) schemes have developed in response to inadequacies of alternate systems for protecting the poor against health care expenditures. Some of these schemes have arisen within community-based organizations (CBOs), which have strong links with poor communities, and are therefore well situated to offer CBHI. However, the managerial capacities of many such CBOs are limited. This paper describes management initiatives undertaken in a CBHI scheme in India, in the course of an action-research project. The existing structures and systems at the CBHI had several strengths, but fell short on some counts, which became apparent in the course of planning for two interventions under the research project. Management initiatives were introduced that addressed four features of the CBHI, viz. human resources, organizational structure, implementation systems, and data management. Trained personnel were hired and given clear roles and responsibilities. Lines of reporting and accountability were spelt out, and supportive supervision was provided to team members. The data resources of the organization were strengthened for greater utilization of this information. While the changes that were introduced took some time to be accepted by team members, the commitment of the CBHI's leadership to these initiatives was critical to their success. Copyright (c) 2007 John Wiley & Sons, Ltd.

  9. A Framework of Secured Embedding Scheme Using Vector Discrete Wavelet Transformation and Lagrange Interpolation

    Directory of Open Access Journals (Sweden)

    Maheswari Subramanian

    2018-01-01

    Full Text Available Information hiding techniques have a significant role in recent application areas. Steganography is the embedding of information within an innocent cover work in a way which cannot be detected by any person without accessing the steganographic key. The proposed work uses a steganographic scheme for useful information with the help of human skin tone regions as cover image. The proposed algorithm has undergone Lagrange interpolation encryption for enhancement of the security of the hidden information. First, the skin tone regions are identified by using YCbCr color space which can be used as a cover image. Image pixels which belong to the skin regions are used to carry more secret bits, and the secret information is hidden in both horizontal and vertical sequences of the skin areas of the cover image. The secret information will hide behind the human skin regions rather than other objects in the same image because the skin pixels have high intensity value. The performance of embedding is done and is quite invisible by the vector discrete wavelet transformation (VDWT technique. A new Lagrange interpolation-based encryption method is introduced to achieve high security of the hidden information with higher payload and better visual quality.

  10. Health care professionals’ perception of security of personal health devices

    Directory of Open Access Journals (Sweden)

    Ondiege B

    2017-04-01

    Full Text Available Brian Ondiege, Malcolm Clarke Department of Computer Science, College of Engineering, Design and Physical Sciences, Brunel University London, UK Abstract: With the rapid advances in the capabilities of telehealth devices and their increasing connection to the Internet, security is becoming an issue of major concern. Therefore, the perceptions of the health care professionals regarding security are of interest, as the patients trust them to make informed decisions on issues concerning their privacy, data, and health. Eight health care professionals were interviewed to determine their perceptions and knowledge of security in health care. The research further examines one specific aspect of security which is considered of significant concern: the authenticity of a device being from the actual manufacturer and not a counterfeit. This research proposes device registration together with digital signatures and one-time passwords to address the issue of counterfeit remote patient-monitoring devices and identify and authenticate the user of the device. Keywords: telehealth security, health care professionals’ perception, personal health device, authentication

  11. Protecting the Privacy and Security of Your Health Information

    Science.gov (United States)

    ... can be used and shared with others. The Security Rule sets rules for how your health information must be kept secure with administrative, technical, and physical safeguards. You may have additional protections and health information rights under your State's laws. ...

  12. One health security: an important component of the global health security agenda.

    Science.gov (United States)

    Gronvall, Gigi; Boddie, Crystal; Knutsson, Rickard; Colby, Michelle

    2014-01-01

    The objectives of the Global Health Security Agenda (GHSA) will require not only a "One Health" approach to counter natural disease threats against humans, animals, and the environment, but also a security focus to counter deliberate threats to human, animal, and agricultural health and to nations' economies. We have termed this merged approach "One Health Security." It will require the integration of professionals with expertise in security, law enforcement, and intelligence to join the veterinary, agricultural, environmental, and human health experts essential to One Health and the GHSA. Working across such different professions, which occasionally have conflicting aims and different professional cultures, poses multiple challenges, but a multidisciplinary and multisectoral approach is necessary to prevent disease threats; detect them as early as possible (when responses are likely to be most effective); and, in the case of deliberate threats, find who may be responsible. This article describes 2 project areas that exemplify One Health Security that were presented at a workshop in January 2014: the US government and private industry efforts to reduce vulnerabilities to foreign animal diseases, especially foot-and-mouth disease; and AniBioThreat, an EU project to counter deliberate threats to agriculture by raising awareness and implementing prevention and response policies and practices.

  13. An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system.

    Science.gov (United States)

    Das, Ashok Kumar; Bruhadeshwar, Bezawada

    2013-10-01

    Recently Lee and Liu proposed an efficient password based authentication and key agreement scheme using smart card for the telecare medicine information system [J. Med. Syst. (2013) 37:9933]. In this paper, we show that though their scheme is efficient, their scheme still has two security weaknesses such as (1) it has design flaws in authentication phase and (2) it has design flaws in password change phase. In order to withstand these flaws found in Lee-Liu's scheme, we propose an improvement of their scheme. Our improved scheme keeps also the original merits of Lee-Liu's scheme. We show that our scheme is efficient as compared to Lee-Liu's scheme. Further, through the security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against passive and active attacks.

  14. On distributed key distribution centers and unconditionally secure proactive verifiable secret sharing schemes based on general access structure

    NARCIS (Netherlands)

    Nikov, V.S.; Nikova, S.I.; Preneel, B.; Vandewalle, J.; Menezes, A.; Sarkar, P.

    2002-01-01

    A Key Distribution Center of a network is a server enabling private communications within groups of users. A Distributed Key Distribution Center is a set of servers that jointly realizes a Key Distribution Center. In this paper we build a robust Distributed Key Distribution Center Scheme secure

  15. Privacy and Security in Mobile Health (mHealth) Research.

    Science.gov (United States)

    Arora, Shifali; Yttri, Jennifer; Nilse, Wendy

    2014-01-01

    Research on the use of mobile technologies for alcohol use problems is a developing field. Rapid technological advances in mobile health (or mHealth) research generate both opportunities and challenges, including how to create scalable systems capable of collecting unprecedented amounts of data and conducting interventions-some in real time-while at the same time protecting the privacy and safety of research participants. Although the research literature in this area is sparse, lessons can be borrowed from other communities, such as cybersecurity or Internet security, which offer many techniques to reduce the potential risk of data breaches or tampering in mHealth. More research into measures to minimize risk to privacy and security effectively in mHealth is needed. Even so, progress in mHealth research should not stop while the field waits for perfect solutions.

  16. An Energy-Efficient Secure Routing and Key Management Scheme for Mobile Sinks in Wireless Sensor Networks Using Deployment Knowledge

    Directory of Open Access Journals (Sweden)

    Le Xuan Hung

    2008-12-01

    Full Text Available For many sensor network applications such as military or homeland security, it is essential for users (sinks to access the sensor network while they are moving. Sink mobility brings new challenges to secure routing in large-scale sensor networks. Previous studies on sink mobility have mainly focused on efficiency and effectiveness of data dissemination without security consideration. Also, studies and experiences have shown that considering security during design time is the best way to provide security for sensor network routing. This paper presents an energy-efficient secure routing and key management for mobile sinks in sensor networks, called SCODEplus. It is a significant extension of our previous study in five aspects: (1 Key management scheme and routing protocol are considered during design time to increase security and efficiency; (2 The network topology is organized in a hexagonal plane which supports more efficiency than previous square-grid topology; (3 The key management scheme can eliminate the impacts of node compromise attacks on links between non-compromised nodes; (4 Sensor node deployment is based on Gaussian distribution which is more realistic than uniform distribution; (5 No GPS or like is required to provide sensor node location information. Our security analysis demonstrates that the proposed scheme can defend against common attacks in sensor networks including node compromise attacks, replay attacks, selective forwarding attacks, sinkhole and wormhole, Sybil attacks, HELLO flood attacks. Both mathematical and simulation-based performance evaluation show that the SCODEplus significantly reduces the communication overhead, energy consumption, packet delivery latency while it always delivers more than 97 percent of packets successfully.

  17. Efficient Security Mechanisms for mHealth Applications Using Wireless Body Sensor Networks

    Directory of Open Access Journals (Sweden)

    Prasan Kumar Sahoo

    2012-09-01

    Full Text Available Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme.

  18. Efficient Security Mechanisms for mHealth Applications Using Wireless Body Sensor Networks

    Science.gov (United States)

    Sahoo, Prasan Kumar

    2012-01-01

    Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN) for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth) applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme. PMID:23112734

  19. Efficient security mechanisms for mHealth applications using wireless body sensor networks.

    Science.gov (United States)

    Sahoo, Prasan Kumar

    2012-01-01

    Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN) for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth) applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme.

  20. [Extension of health coverage and community based health insurance schemes in Africa: Myths and realities].

    Science.gov (United States)

    Boidin, B

    2015-02-01

    This article tackles the perspectives and limits of the extension of health coverage based on community based health insurance schemes in Africa. Despite their strong potential contribution to the extension of health coverage, their weaknesses challenge their ability to play an important role in this extension. Three limits are distinguished: financial fragility; insufficient adaptation to characteristics and needs of poor people; organizational and institutional failures. Therefore lessons can be learnt from the limits of the institutionalization of community based health insurance schemes. At first, community based health insurance schemes are to be considered as a transitional but insufficient solution. There is also a stronger role to be played by public actors in improving financial support, strengthening health services and coordinating coverage programs.

  1. The old age health security in rural China: where to go?

    Science.gov (United States)

    Dai, Baozhen

    2015-11-04

    The huge number of rural elders and the deepening health problems (e.g. growing threats of infectious diseases and chronic diseases etc.) place enormous pressure on old age health security in rural China. This study aims to provide information for policy-makers to develop effective measures for promoting rural elders' health care service access by examining the current developments and challenges confronted by the old age health security in rural China. Search resources are electronic databases, web pages of the National Bureau of Statistics of China and the National Health and Family Planning Commission of China on the internet, China Population and Employment Statistics Yearbook, China Civil Affairs' Statistical Yearbook and China Health Statistics Yearbooks etc. Articles were identified from Elsevier, Wiley, EBSCO, EMBASE, PubMed, SCI Expanded, ProQuest, and National Knowledge Infrastructure of China (CNKI) which is the most informative database in Chinese. Search terms were "rural", "China", "health security", "cooperative medical scheme", "social medical assistance", "medical insurance" or "community based medical insurance", "old", or "elder", "elderly", or "aged", "aging". Google scholar was searched with the same combination of keywords. The results showed that old age health security in rural China had expanded to all rural elders and substantially improved health care service utilization among rural elders. Increasing chronic disease prevalence rates, pressing public health issues, inefficient rural health care service provision system and lack of sufficient financing challenged the old age health security in rural China. Increasing funds from the central and regional governments for old age health security in rural China will contribute to reducing urban-rural disparities in provision of old age health security and increasing health equity among rural elders between different regions. Meanwhile, initiating provider payment reform may contribute to

  2. Outcome-based health equity across different social health insurance schemes for the elderly in China.

    Science.gov (United States)

    Liu, Xiaoting; Wong, Hung; Liu, Kai

    2016-01-14

    Against the achievement of nearly universal coverage for social health insurance for the elderly in China, a problem of inequity among different insurance schemes on health outcomes is still a big challenge for the health care system. Whether various health insurance schemes have divergent effects on health outcome is still a puzzle. Empirical evidence will be investigated in this study. This study employs a nationally representative survey database, the National Survey of the Aged Population in Urban/Rural China, to compare the changes of health outcomes among the elderly before and after the reform. A one-way ANOVA is utilized to detect disparities in health care expenditures and health status among different health insurance schemes. Multiple Linear Regression is applied later to examine the further effects of different insurance plans on health outcomes while controlling for other social determinants. The one-way ANOVA result illustrates that although the gaps in insurance reimbursements between the Urban Employee Basic Medical Insurance (UEBMI) and the other schemes, the New Rural Cooperative Medical Scheme (NCMS) and Urban Residents Basic Medical Insurance (URBMI) decreased, out-of-pocket spending accounts for a larger proportion of total health care expenditures, and the disparities among different insurances enlarged. Results of the Multiple Linear Regression suggest that UEBMI participants have better self-reported health status, physical functions and psychological wellbeing than URBMI and NCMS participants, and those uninsured. URBMI participants report better self-reported health than NCMS ones and uninsured people, while having worse psychological wellbeing compared with their NCMS counterparts. This research contributes to a transformation in health insurance studies from an emphasis on the opportunity-oriented health equity measured by coverage and healthcare accessibility to concern with outcome-based equity composed of health expenditure and health

  3. PROMISING FINANCING SCHEME OF HEALTH INSURANCE IN UKRAINE

    Directory of Open Access Journals (Sweden)

    Martha Slavitych

    2016-11-01

    Full Text Available The promising financing scheme of health insurance in Ukraine should be found at the present stage of its development. The health care system in Ukraine is cumbersome and outdated. It is based on the Semashko model with rigid management and financing procedures. The disadvantages accumulated in the national health care system due to lack of modernization, disregard of the population needs, non-use of modern global trends, the inefficient operation of the system and the high level of corruption cause the underlying situation. The decision of new government policy in the sector is introduction of new financial mechanisms, in order to ensure human rights in the health sector. Methodology. The study is based on a comparison of systems of financing of medicine in Ukraine and in other countries, provided advantages and disadvantages of each model. Results showed that the availability of medical services is the key problem in any society. The availability of health care services is primarily determined by the proportion of services guaranteed by the government (government guarantees. In some countries such as the United States, practically the whole medicine is funded by voluntary health insurance (VHI. In Europe the mandatory health insurance (MHI and government funding are the most significant source of funds. Practical importance. The improvement of the demographic situation, the preservation and improvement of public health, improvement of social equity and citizens' rights in respect of medical insurance. Value/originality. Premiums for health insurance are the source of funding. Based on the new model requirements it is necessary to create an appropriate regulation, which would determine its organizational and regulatory framework. This process is primarily determined by identification and setting rules governing the relationship between patients, health care providers and insurers, creation of the conditions and the implementation of quality

  4. HEALTH INSURANCE SCHEME -- announcement from the CHIS Board

    CERN Document Server

    2005-01-01

    A number of members of our Health Insurance Scheme are currently experiencing difficulties getting reimbursement for consulting an acupuncture practitioner. The CHIS Board wishes to remind you that in order to be reimbursed, you must receive your acupuncture treatment from doctors recognised by the competent authorities of the country in which they have their medical practice. In Switzerland, these are people possessing the title of doctor of medicine recognised by the Swiss Medical Association (FMH). Treatment provided by medical auxiliaries must be prescribed beforehand by a recognised doctor. As the practitioner in question is currently not recognised as a doctor in Switzerland, his services are not reimbursed. In order to avoid any inconvenience, we advise you to contact uniqa before undergoing such treatment. You will find all details concerning reimbursement of complementary medicine (acupuncture, chiropractic, osteopathy and ethiopathy) in CHISbull’ No. 18 dated November 2004, which can ...

  5. HEALTH INSURANCE SCHEME - announcement from the CHIS Board

    CERN Multimedia

    2005-01-01

    A number of members of our Health Insurance Scheme are currently experiencing difficulties getting reimbursement for consulting an acupuncture practitioner. The CHIS Board wishes to remind you that in order to be reimbursed, you must receive your acupuncture treatment from doctors recognised by the competent authorities of the country in which they have their medical practice. In Switzerland, these are people possessing the title of doctor of medicine recognised by the Swiss Medical Association (FMH). Treatment provided by medical auxiliaries must be prescribed beforehand by a recognised doctor. As the practitioner in question is currently not recognised as a doctor in Switzerland, his services are not reimbursed. In order to avoid any inconvenience, we advise you to contact uniqa before undergoing such treatment. You will find all details concerning reimbursement of complementary medicine (acupuncture, chiropractic, osteopathy and ethiopathy) in CHISbull' No. 18 dated November 2004, which can also be co...

  6. THE CERN HEALTH INSURANCE SCHEME AND THE EURO

    CERN Document Server

    Human Resources Division

    2002-01-01

    Since 1 January 2002, the euro is the common currency of 12 European countries and some 300 million people. Of course, such a change has some consequences on our Health Insurance Scheme. As you know, when filling in the medical expenses claim form, you are required to indicate a currency code, i.e. the currency in which you have incurred medical expenses. You may have noticed that the euro is not yet on the list of currencies which appear on the bottom left of the existing form. This will be changed very soon, once the stock of existing forms has been used up. Until then, please note that the currency code for the euro is 002 (easy to remember since the code for the Swiss franc is 001). If you forget this code, don't worry! Just indicate «euro» next to the amount of your medical bill, or simply use the euro symbol!

  7. Modifications to the Rules of the CERN Health Insurance Scheme

    CERN Multimedia

    HR Department

    2010-01-01

    On the proposal of the CHIS Board, and following examination by the Standing Concertation Committee on 29 April 2010, the Director-General has approved the new Rules of the CERN Health Insurance Scheme, which will come into effect on 1 June 2010. The Rules will shortly be available on the CHIS web site. As the Rules had not been revised since 2003, it had become necessary to make certain changes in order to bring them into line with other texts (such as the Staff Rules and Regulations and Administrative Circulars) and to clarify some practices. The new Rules do not introduce any new benefits or remove any existing ones. The following changes will affect all insured members:   Description of change Articles in the new Rules Time limit for claiming reimbursement The time period is measured from the invoice date (instead of the date of treatment). ...

  8. CERN Health Insurance Scheme (CHIS) Contributions – Changes for 2012

    CERN Multimedia

    HR Department

    2012-01-01

    Following the 2010 five-yearly review of financial and social conditions, which included the CERN Health Insurance Scheme (CHIS), the CERN Council decided in December 2010 to progressively increase the level of contributions over the period 2011-2015.   For 2012, the contribution rate of active and retired CHIS members will be 4.41%. The amounts of the fixed premiums for voluntarily insured members (e.g. users and associates) as well as the supplementary contributions for spouses with income from a professional activity increase accordingly : Voluntary contributions The full contribution based on Reference Salary II is now 1094 CHF per month. This fixed amount contribution is applied to voluntarily affiliated users and associates with normal coverage. Half of this amount (547 CHF) is applied to apprentices as well as to voluntarily affiliated users and associates with reduced coverage. Finally, an amount of 438 CHF is applied to children maintaining their insurance cover on a voluntary and tempo...

  9. Efficient Hybrid Watermarking Scheme for Security and Transmission Bit Rate Enhancement of 3D Color-Plus-Depth Video Communication

    Science.gov (United States)

    El-Shafai, W.; El-Rabaie, S.; El-Halawany, M.; Abd El-Samie, F. E.

    2018-03-01

    Three-Dimensional Video-plus-Depth (3DV + D) comprises diverse video streams captured by different cameras around an object. Therefore, there is a great need to fulfill efficient compression to transmit and store the 3DV + D content in compressed form to attain future resource bounds whilst preserving a decisive reception quality. Also, the security of the transmitted 3DV + D is a critical issue for protecting its copyright content. This paper proposes an efficient hybrid watermarking scheme for securing the 3DV + D transmission, which is the homomorphic transform based Singular Value Decomposition (SVD) in Discrete Wavelet Transform (DWT) domain. The objective of the proposed watermarking scheme is to increase the immunity of the watermarked 3DV + D to attacks and achieve adequate perceptual quality. Moreover, the proposed watermarking scheme reduces the transmission-bandwidth requirements for transmitting the color-plus-depth 3DV over limited-bandwidth wireless networks through embedding the depth frames into the color frames of the transmitted 3DV + D. Thus, it saves the transmission bit rate and subsequently it enhances the channel bandwidth-efficiency. The performance of the proposed watermarking scheme is compared with those of the state-of-the-art hybrid watermarking schemes. The comparisons depend on both the subjective visual results and the objective results; the Peak Signal-to-Noise Ratio (PSNR) of the watermarked frames and the Normalized Correlation (NC) of the extracted watermark frames. Extensive simulation results on standard 3DV + D sequences have been conducted in the presence of attacks. The obtained results confirm that the proposed hybrid watermarking scheme is robust in the presence of attacks. It achieves not only very good perceptual quality with appreciated PSNR values and saving in the transmission bit rate, but also high correlation coefficient values in the presence of attacks compared to the existing hybrid watermarking schemes.

  10. Novel security enhancement technique against eavesdropper for OCDMA system using 2-D modulation format with code switching scheme

    Science.gov (United States)

    Singh, Simranjit; Kaur, Ramandeep; Singh, Amanvir; Kaler, R. S.

    2015-03-01

    In this paper, security of the spectrally encoded-optical code division multiplexed access (OCDMA) system is enhanced by using 2-D (orthogonal) modulation technique. This is an effective approach for simultaneous improvement of the system capacity and security. Also, the results show that the hybrid modulation technique proved to be a better option to enhance the data confidentiality at higher data rates using minimum utilization of bandwidth in a multiuser environment. Further, the proposed system performance is compared with the current state-of-the-art OCDMA schemes.

  11. A Novel Texture-Quantization-Based Reversible Multiple Watermarking Scheme Applied to Health Information System.

    Science.gov (United States)

    Turuk, Mousami; Dhande, Ashwin

    2018-04-01

    The recent innovations in information and communication technologies have appreciably changed the panorama of health information system (HIS). These advances provide new means to process, handle, and share medical images and also augment the medical image security issues in terms of confidentiality, reliability, and integrity. Digital watermarking has emerged as new era that offers acceptable solutions to the security issues in HIS. Texture is a significant feature to detect the embedding sites in an image, which further leads to substantial improvement in the robustness. However, considering the perspective of digital watermarking, this feature has received meager attention in the reported literature. This paper exploits the texture property of an image and presents a novel hybrid texture-quantization-based approach for reversible multiple watermarking. The watermarked image quality has been accessed by peak signal to noise ratio (PSNR), structural similarity measure (SSIM), and universal image quality index (UIQI), and the obtained results are superior to the state-of-the-art methods. The algorithm has been evaluated on a variety of medical imaging modalities (CT, MRA, MRI, US) and robustness has been verified, considering various image processing attacks including JPEG compression. The proposed scheme offers additional security using repetitive embedding of BCH encoded watermarks and ADM encrypted ECG signal. Experimental results achieved a maximum of 22,616 bits hiding capacity with PSNR of 53.64 dB.

  12. Security for 4G and 5G Cellular Networks: A Survey of Existing Authentication and Privacy-preserving Schemes

    OpenAIRE

    Ferrag, Mohamed Amine; Maglaras, Leandros; Argyriou, Antonios; Kosmanos, Dimitrios; Janicke, Helge

    2017-01-01

    This paper presents a comprehensive survey of existing authentication and privacy-preserving schemes for 4G and 5G cellular networks. We start by providing an overview of existing surveys that deal with 4G and 5G communications, applications, standardization, and security. Then, we give a classification of threat models in 4G and 5G cellular networks in four categories, including, attacks against privacy, attacks against integrity, attacks against availability, and attacks against authenticat...

  13. Attribute based encryption for secure sharing of E-health data

    Science.gov (United States)

    Charanya, R.; Nithya, S.; Manikandan, N.

    2017-11-01

    Distributed computing is one of the developing innovations in IT part and information security assumes a real part. It includes sending gathering of remote server and programming that permit the unified information and online access to PC administrations. Distributed computing depends on offering of asset among different clients are additionally progressively reallocated on interest. Cloud computing is a revolutionary computing paradigm which enables flexible, on-demand and low-cost usage of computing resources. The reasons for security and protection issues, which rise on the grounds that the health information possessed by distinctive clients are put away in some cloud servers rather than under their own particular control”z. To deal with security problems, various schemes based on the Attribute-Based Encryption have been proposed. In this paper, in order to make ehealth data’s more secure we use multi party in cloud computing system. Where the health data is encrypted using attributes and key policy. And the user with a particular attribute and key policy alone will be able to decrypt the health data after it is verified by “key distribution centre” and the “secure data distributor”. This technique can be used in medical field for secure storage of patient details and limiting to particular doctor access. To make data’s scalable secure we need to encrypt the health data before outsourcing.

  14. A novel quantum scheme for secure two-party distance computation

    Science.gov (United States)

    Peng, Zhen-wan; Shi, Run-hua; Zhong, Hong; Cui, Jie; Zhang, Shun

    2017-12-01

    Secure multiparty computational geometry is an essential field of secure multiparty computation, which computes a computation geometric problem without revealing any private information of each party. Secure two-party distance computation is a primitive of secure multiparty computational geometry, which computes the distance between two points without revealing each point's location information (i.e., coordinate). Secure two-party distance computation has potential applications with high secure requirements in military, business, engineering and so on. In this paper, we present a quantum solution to secure two-party distance computation by subtly using quantum private query. Compared to the classical related protocols, our quantum protocol can ensure higher security and better privacy protection because of the physical principle of quantum mechanics.

  15. Coherence modulation at the photon-counting level: A new scheme for secure communication

    International Nuclear Information System (INIS)

    Rhodes, William T; Boughanmi, Abdellatif; Moreno, Yezid Torres

    2016-01-01

    When operated at the photon-counting level, coherence modulation can provide quantifiably secure binary signal transmission between two entities, security being based on the nonclonability of photons. (paper)

  16. Health care data security: one size does not fit all.

    Science.gov (United States)

    Krohn, R

    2001-11-01

    In the wake of the Internet, E-commerce, and particularly the Health Insurance Portability and Accountability Act, data security has risen to the top of health care information technology priorities. What is the correct mix of data security tools, policies, and technologies for the doctor, the hospital, the insurer, the vendor, and everyone else who does business in the health care industry?

  17. Design of the national health security preparedness index.

    Science.gov (United States)

    Uzun Jacobson, Evin; Inglesby, Tom; Khan, Ali S; Rajotte, James C; Burhans, Robert L; Slemp, Catherine C; Links, Jonathan M

    2014-01-01

    The importance of health security in the United States has been highlighted by recent emergencies such as the H1N1 influenza pandemic, Superstorm Sandy, and the Boston Marathon bombing. The nation's health security remains a high priority today, with federal, state, territorial, tribal, and local governments, as well as nongovernment organizations and the private sector, engaging in activities that prevent, protect, mitigate, respond to, and recover from health threats. The Association of State and Territorial Health Officials (ASTHO), through a cooperative agreement with the Centers for Disease Control and Prevention (CDC) Office of Public Health Preparedness and Response (OPHPR), led an effort to create an annual measure of health security preparedness at the national level. The collaborative released the National Health Security Preparedness Index (NHSPI(™)) in December 2013 and provided composite results for the 50 states and for the nation as a whole. The Index results represent current levels of health security preparedness in a consistent format and provide actionable information to drive decision making for continuous improvement of the nation's health security. The overall 2013 National Index result was 7.2 on the reported base-10 scale, with areas of greater strength in the domains of health surveillance, incident and information management, and countermeasure management. The strength of the Index relies on the interdependencies of the many elements in health security preparedness, making the sum greater than its parts. Moving forward, additional health security-related disciplines and measures will be included alongside continued validation efforts.

  18. Supplementary contribution payable to the Health Insurance Scheme for spouses

    CERN Multimedia

    HR Department

    2008-01-01

    Staff members, fellows and pensioners are reminded that any change in their marital status, as well as any change in their spouse or registered partner’s income or health insurance cover, must be reported to CERN in writing within 30 calendar days, in accordance with Articles III 6.01 to 6.03 of the Rules of the CERN Health Insurance Scheme (CHIS). Such changes may affect the conditions of the spouse or registered partner’s membership of the CHIS or the payment of the supplementary contribution to it for the spouse or registered partner’s insurance cover. For more information see: http://cern.ch/chis/contribsupp.asp From 1.1.2008, the indexed amounts of the supplementary monthly contribution for the different monthly income brackets are as follows, expressed in Swiss francs: more than 2500 CHF and up to 4250 CHF: 134.- more than 4250 CHF and up to 7500 CHF: 234.- more than 7500 CHF and up to 10,000 CHF: 369.- more than 10,000 CHF: 470.- It is in the member of the ...

  19. [Health security--GMOs in therapeutics].

    Science.gov (United States)

    Trouvin, J-H

    2003-03-01

    The recent progress in human therapeutics has been made possible thanks to molecular biology and its use in producing proteins having the same sequence and structure as that of human proteins. The use of GMOs allows production of proteins with high added value in therapeutics, which are of satisfactory quality. GMOs may also be directly administered to patients as gene therapy vectors. However, the use of GMOs in therapeutics must take into consideration some risks, particularly those of microbiological contamination, of neo-antigenicity as well as environmental risks with regard to the way of use of the GMO. Nevertheless, those risks are taken in due consideration in the development of these new medicinal products; solutions have been found to allow their use in therapeutics with a very positive benefit/risk ratio. Medicinal products from biotechnology have enabled considerable therapeutic progress without compromising health security.

  20. Global health security and the International Health Regulations

    Directory of Open Access Journals (Sweden)

    Oliva Otavio

    2010-12-01

    Full Text Available Abstract Global nuclear proliferation, bioterrorism, and emerging infections have challenged national capacities to achieve and maintain global security. Over the last century, emerging infectious disease threats resulted in the development of the preliminary versions of the International Health Regulations (IHR of the World Health Organization (WHO. The current HR(2005 contain major differences compared to earlier versions, including: substantial shifts from containment at the border to containment at the source of the event; shifts from a rather small disease list (smallpox, plague, cholera, and yellow fever required to be reported, to all public health threats; and shifts from preset measures to tailored responses with more flexibility to deal with the local situations on the ground. The new IHR(2005 call for accountability. They also call for strengthened national capacity for surveillance and control; prevention, alert, and response to international public health emergencies beyond the traditional short list of required reporting; global partnership and collaboration; and human rights, obligations, accountability, and procedures of monitoring. Under these evolved regulations, as well as other measures, such as the Revolving Fund for vaccine procurement of the Pan American Health Organization (PAHO, global health security could be maintained in the response to urban yellow fever in Paraguay in 2008 and the influenza (H1N1 pandemic of 2009-2010.

  1. Securing wide appreciation of health statistics.

    Science.gov (United States)

    PYRRAIT A M DO, A; AUBENQUE, M J; BENJAMIN, B; DE GROOT, M J; KOHN, R

    1954-01-01

    All the authors are agreed on the need for a certain publicizing of health statistics, but do Amaral Pyrrait points out that the medical profession prefers to convince itself rather than to be convinced. While there is great utility in articles and reviews in the professional press (especially for paramedical personnel) Aubenque, de Groot, and Kohn show how appreciation can effectively be secured by making statistics more easily understandable to the non-expert by, for instance, including readable commentaries in official publications, simplifying charts and tables, and preparing simple manuals on statistical methods. Aubenque and Kohn also stress the importance of linking health statistics to other economic and social information. Benjamin suggests that the principles of market research could to advantage be applied to health statistics to determine the precise needs of the "consumers". At the same time, Aubenque points out that the value of the ultimate results must be clear to those who provide the data; for this, Kohn suggests that the enumerators must know exactly what is wanted and why.There is general agreement that some explanation of statistical methods and their uses should be given in the curricula of medical schools and that lectures and postgraduate courses should be arranged for practising physicians.

  2. Efficient Attribute-Based Secure Data Sharing with Hidden Policies and Traceability in Mobile Health Networks

    Directory of Open Access Journals (Sweden)

    Changhee Hahn

    2016-01-01

    Full Text Available Mobile health (also written as mHealth provisions the practice of public health supported by mobile devices. mHealth systems let patients and healthcare providers collect and share sensitive information, such as electronic and personal health records (EHRs at any time, allowing more rapid convergence to optimal treatment. Key to achieving this is securely sharing data by providing enhanced access control and reliability. Typically, such sharing follows policies that depend on patient and physician preferences defined by a set of attributes. In mHealth systems, not only the data but also the policies for sharing it may be sensitive since they directly contain sensitive information which can reveal the underlying data protected by the policy. Also, since the policies usually incur linearly increasing communication costs, mHealth is inapplicable to resource-constrained environments. Lastly, access privileges may be publicly known to users, so a malicious user could illegally share his access privileges without the risk of being traced. In this paper, we propose an efficient attribute-based secure data sharing scheme in mHealth. The proposed scheme guarantees a hidden policy, constant-sized ciphertexts, and traces, with security analyses. The computation cost to the user is reduced by delegating approximately 50% of the decryption operations to the more powerful storage systems.

  3. World population, world health and security: 20th century trends.

    Science.gov (United States)

    Bashford, A

    2008-03-01

    The connection between infectious disease control and national security is now firmly entrenched. This article takes a historical look at another security issue once prominent in debate on foreign policy and international relations, but now more or less absent: overpopulation. It explores the nature of the debate on population as a security question, and its complicated historical relation to the development of world health.

  4. Household perceptions and their implications for enrollment in the National Health Insurance Scheme in Ghana.

    NARCIS (Netherlands)

    Jehu-Appiah, C.; Aryeetey, G.C.; Agyepong, I.; Spaan, E.J.; Baltussen, R.M.

    2012-01-01

    OBJECTIVE: This paper identifies, ranks and compares perceptions of insured and uninsured households in Ghana on health care providers (quality of care, service delivery adequacy, staff attitudes), health insurance schemes (price, benefits and convenience) and community attributes (health 'beliefs

  5. Dynamic Construction Scheme for Virtualization Security Service in Software-Defined Networks.

    Science.gov (United States)

    Lin, Zhaowen; Tao, Dan; Wang, Zhenji

    2017-04-21

    For a Software Defined Network (SDN), security is an important factor affecting its large-scale deployment. The existing security solutions for SDN mainly focus on the controller itself, which has to handle all the security protection tasks by using the programmability of the network. This will undoubtedly involve a heavy burden for the controller. More devastatingly, once the controller itself is attacked, the entire network will be paralyzed. Motivated by this, this paper proposes a novel security protection architecture for SDN. We design a security service orchestration center in the control plane of SDN, and this center physically decouples from the SDN controller and constructs SDN security services. We adopt virtualization technology to construct a security meta-function library, and propose a dynamic security service composition construction algorithm based on web service composition technology. The rule-combining method is used to combine security meta-functions to construct security services which meet the requirements of users. Moreover, the RETE algorithm is introduced to improve the efficiency of the rule-combining method. We evaluate our solutions in a realistic scenario based on OpenStack. Substantial experimental results demonstrate the effectiveness of our solutions that contribute to achieve the effective security protection with a small burden of the SDN controller.

  6. The Politico-Economic Challenges of Ghana’s National Health Insurance Scheme Implementation

    OpenAIRE

    Adam Fusheini

    2016-01-01

    Background National/social health insurance schemes have increasingly been seen in many low- and middle-income countries (LMICs) as a vehicle to universal health coverage (UHC) and a viable alternative funding mechanism for the health sector. Several countries, including Ghana, have thus introduced and implemented mandatory national health insurance schemes (NHIS) as part of reform efforts towards increasing access to health services. Ghana passed mandatory national health insurance (NHI)...

  7. Security of helper data Schemes for SRAM-PUF in multiple enrollment scenarios

    NARCIS (Netherlands)

    Kusters, C.J.; Ignatenko, T.; Maes, R.; van der Sluis, E.; Selimis, G.; Willems, F.M.J.

    2017-01-01

    Fuzzy commitment and syndrome-based schemes are two well-known helper data schemes used to bind and generate, respectively, a secret key to/from SRAM-PUF observations. To allow the decoder to reconstruct this secret key from a new (verification) observation of an SRAM-PUF, an encoder has to generate

  8. Soil, Food Security and Human Health

    Science.gov (United States)

    Oliver, Margaret

    2017-04-01

    "Upon this handful of soil our survival depends. Husband it and it will grow food, our fuel, and our shelter and surround us with beauty. Abuse it and the soil will collapse and die, taking humanity with it" Vedas Sanskrit Scripture, 1500 BC. As the world's population increases issues of food security become more pressing as does the need to sustain soil fertility and to minimize soil degradation. Soil and land are finite resources, and agricultural land is under severe competition from many other uses. Lack of adequate food and food of poor nutritional quality lead to under-nutrition of different degrees, all of which can cause ill- or suboptimal-health. The soil can affect human health directly and indirectly. Direct effects of soil or its constituents result from its ingestion, inhalation or absorption. For example, hook worms enter the body through the skin and cause anaemia, and fungi and dust can be inhaled resulting in respiratory problems. The soil is the source of actinomycetes on which our earliest antibiotics are based (actinomycin, neomycin and streptomycin). Furthermore, it is a potential reservoir of new antibiotics with methods such as functional metagenomics to identify antibiotic resistant genes. Indirect effects of soil arise from the quantity and quality of food that humans consume. Trace elements can have both beneficial and toxic effects on humans, especially where the range for optimal intake is narrow as for selenium. Deficiencies of four trace elements, iodine, iron, selenium and zinc, will be considered because of their substantial effects on human health. Relations between soil and human health are often difficult to extricate because of the many confounding factors present such as the source of food, social factors and so on. Nevertheless, recent scientific understanding of soil processes and factors that affect human health are enabling greater insight into the effects of soil on our health. Multidisciplinary research that includes soil

  9. Applying a Space-Based Security Recovery Scheme for Critical Homeland Security Cyberinfrastructure Utilizing the NASA Tracking and Data Relay (TDRS) Based Space Network

    Science.gov (United States)

    Shaw, Harry C.; McLaughlin, Brian; Stocklin, Frank; Fortin, Andre; Israel, David; Dissanayake, Asoka; Gilliand, Denise; LaFontaine, Richard; Broomandan, Richard; Hyunh, Nancy

    2015-01-01

    Protection of the national infrastructure is a high priority for cybersecurity of the homeland. Critical infrastructure such as the national power grid, commercial financial networks, and communications networks have been successfully invaded and re-invaded from foreign and domestic attackers. The ability to re-establish authentication and confidentiality of the network participants via secure channels that have not been compromised would be an important countermeasure to compromise of our critical network infrastructure. This paper describes a concept of operations by which the NASA Tracking and Data Relay (TDRS) constellation of spacecraft in conjunction with the White Sands Complex (WSC) Ground Station host a security recovery system for re-establishing secure network communications in the event of a national or regional cyberattack. Users would perform security and network restoral functions via a Broadcast Satellite Service (BSS) from the TDRS constellation. The BSS enrollment only requires that each network location have a receive antenna and satellite receiver. This would be no more complex than setting up a DIRECTTV-like receiver at each network location with separate network connectivity. A GEO BSS would allow a mass re-enrollment of network nodes (up to nationwide) simultaneously depending upon downlink characteristics. This paper details the spectrum requirements, link budget, notional assets and communications requirements for the scheme. It describes the architecture of such a system and the manner in which it leverages off of the existing secure infrastructure which is already in place and managed by the NASAGSFC Space Network Project.

  10. CERN Health Insurance Scheme - changes on 1 January 2011

    CERN Multimedia

    HR Department

    2011-01-01

    Changes decided by the Council on 16 December 2010 Following the five-yearly review of financial and social conditions, which included the CERN Health Insurance Scheme (CHIS), the CERN Council has taken certain decisions which affect both active and retired staff. In order to restore the financial equilibrium of the CHIS, the level of contributions will increase progressively over the next five years. In 2011, the contributions of both active and retired members increase from 4.02% to 4.27%. The amounts of the fixed premiums for voluntary insured members (e.g. users and associates) as well as the supplementary contributions for spouses with an income from a professional activity increase accordingly. The amounts of the daily allowance for Long-Term Care have been increased by 20% as of 1 January 2011. The CHIS Rules have been amended according to the above decisions. They entered into force on 1 January 2011 and are available on the CHIS site. Tel. 74125 Members of the personnel shall be deemed to ...

  11. Rural health prepayment schemes in China: towards a more active role for government.

    Science.gov (United States)

    Bloom, G; Shenglan, T

    1999-04-01

    A large majority of China's rural population were members of health prepayment schemes in the 1970's. Most of these schemes collapsed during the transition to a market economy. Some localities subsequently reestablished schemes. In early 1997 a new government policy identified health prepayment as a major potential source of rural health finance. This paper draws on the experience of existing schemes to explore how government can support implementation of this policy. The decision to support the establishment of health prepayment schemes is part of the government's effort to establish new sources of finance for social services. It believes that individuals are more likely to accept voluntary contributions to a prepayment scheme than tax increases. The voluntary nature of the contributions limits the possibilities for risk-sharing and redistribution between rich and poor. This underlines the need for the government to fund a substantial share of health expenditure out of general revenues, particularly in poor localities. The paper notes that many successful prepayment schemes depend on close supervision by local political leaders. It argues that the national programme will have to translate these measures into a regulatory system which defines the responsibilities of scheme management bodies and local governments. A number of prepayment schemes have collapsed because members did not feel they got value for money. Local health bureaux will have to cooperate with prepayment schemes to ensure that health facilities provide good quality services at a reasonable cost. Users' representatives can also monitor performance. The paper concludes that government needs to clarify the relationship between health prepayment schemes and other actors in rural localities in order to increase the chance that schemes will become a major source rural health finance.

  12. A two layer chaotic encryption scheme of secure image transmission for DCT precoded OFDM-VLC transmission

    Science.gov (United States)

    Wang, Zhongpeng; Chen, Fangni; Qiu, Weiwei; Chen, Shoufa; Ren, Dongxiao

    2018-03-01

    In this paper, a two-layer image encryption scheme for a discrete cosine transform (DCT) precoded orthogonal frequency division multiplexing (OFDM) visible light communication (VLC) system is proposed. Firstly, in the proposed scheme the transmitted image is first encrypted by a chaos scrambling sequence,which is generated from the hybrid 4-D hyper- and Arnold map in the upper-layer. After that, the encrypted image is converted into digital QAM modulation signal, which is re-encrypted by chaos scrambling sequence based on Arnold map in physical layer to further enhance the security of the transmitted image. Moreover, DCT precoding is employed to improve BER performance of the proposed system and reduce the PAPR of OFDM signal. The BER and PAPR performances of the proposed system are evaluated by simulation experiments. The experiment results show that the proposed two-layer chaos scrambling schemes achieve image secure transmission for image-based OFDM VLC. Furthermore, DCT precoding can reduce the PAPR and improve the BER performance of OFDM-based VLC.

  13. A Novel Image Encryption Scheme Based on Clifford Attractor and Noisy Logistic Map for Secure Transferring Images in Navy

    Directory of Open Access Journals (Sweden)

    Mohadeseh Kanafchian

    2017-04-01

    In this paper, we first give a brief introduction into chaotic image encryption and then we investigate some important properties and behaviour of the logistic map. The logistic map, aperiodic trajectory, or random-like fluctuation, could not be obtained with some choice of initial condition. Therefore, a noisy logistic map with an additive system noise is introduced. The proposed scheme is based on the extended map of the Clifford strange attractor, where each dimension has a specific role in the encryption process. Two dimensions are used for pixel permutation and the third dimension is used for pixel diffusion. In order to optimize the Clifford encryption system we increase the space key by using the noisy logistic map and a novel encryption scheme based on the Clifford attractor and the noisy logistic map for secure transfer images is proposed. This algorithm consists of two parts: the noisy logistic map shuffle of the pixel position and the pixel value. We use times for shuffling the pixel position and value then we generate the new pixel position and value by the Clifford system. To illustrate the efficiency of the proposed scheme, various types of security analysis are tested. It can be concluded that the proposed image encryption system is a suitable choice for practical applications.

  14. A lightweight security scheme for wireless body area networks: design, energy evaluation and proposed microprocessor design

    NARCIS (Netherlands)

    Selimis, G.; Huang, L.; Massé, F.; Tsekoura, I.; Ashouei, M.; Catthoor, F.; Huisken, J.; Stuyt, J.; Dolmans, G.; Penders, J.; Groot, H. de

    2011-01-01

    In order for wireless body area networks to meet widespread adoption, a number of security implications must be explored to promote and maintain fundamental medical ethical principles and social expectations. As a result, integration of security functionality to sensor nodes is required. Integrating

  15. Health of children and young people in secure settings

    OpenAIRE

    Mooney, Ann; Statham, J.; Storey, P.

    2007-01-01

    This small-scale descriptive study was commissioned by the Children and Young People's Public Health team within the Department of Health, in partnership with Offender Health, in order to inform preparation and implementation of an Offender Health Strategy document for children and young people. The overall aim was to review what is currently known about healthcare for children and young people in the secure estate, covering all three types of settings (Young Offender Institution, Secure Trai...

  16. A chaotic modified-DFT encryption scheme for physical layer security and PAPR reduction in OFDM-PON

    Science.gov (United States)

    Fu, Xiaosong; Bi, Meihua; Zhou, Xuefang; Yang, Guowei; Li, Qiliang; Zhou, Zhao; Yang, Xuelin

    2018-05-01

    This letter proposes a modified discrete Fourier transform (DFT) encryption scheme with multi-dimensional chaos for the physical layer security and peak-to-average power ratio (PAPR) reduction in orthogonal frequency division multiplexing passive optical network (OFDM-PON) system. This multiple-fold encryption algorithm is mainly composed by using the column vectors permutation and the random phase encryption in the standard DFT matrix, which can create ∼10551 key space. The transmission of ∼10 Gb/s encrypted OFDM signal is verified over 20-km standard single mode fiber (SMF). Moreover, experimental results show that, the proposed scheme can achieve ∼2.6-dB PAPR reduction and ∼1-dB improvement of receiver sensitivity if compared with the common OFDM-PON.

  17. Adverse selection in a voluntary Rural Mutual Health Care health insurance scheme in China.

    Science.gov (United States)

    Wang, Hong; Zhang, Licheng; Yip, Winnie; Hsiao, William

    2006-09-01

    This study examines adverse selection in a subsidized voluntary health insurance scheme, the Rural Mutual Health Care (RMHC) scheme, in a poor rural area of China. The study was made possible by a unique longitudinal data set: the total sample includes 3492 rural residents from 1020 households. Logistic regression was employed for the data analysis. The results show that although this subsidized scheme achieved a considerable high enrollment rate of 71% of rural residents, adverse selection still exists. In general, individuals with worse health status are more likely to enroll in RMHC than individuals with better health status. Although the household is set as the enrollment unit for the RMHC for the purpose of reducing adverse selection, nearly 1/3 of enrolled households are actually only partially enrolled. Furthermore, we found that adverse selection mainly occurs in partially enrolled households. The non-enrolled individuals in partially enrolled households have the best health status, while the enrolled individuals in partially enrolled households have the worst health status. Pre-RMHC, medical expenditure for enrolled individuals in partially enrolled households was 206.6 yuan per capita per year, which is 1.7 times as much as the pre-RMHC medical expenditure for non-enrolled individuals in partially enrolled households. The study also reveals that the pre-enrolled medical expenditure per capita per year of enrolled individuals was 9.6% higher than the pre-enrolled medical expenditure of all residents, including both enrolled and non-enrolled individuals. In conclusion, although the subsidized RMHC scheme reached a very high enrollment rate and the household is set as the enrollment unit for the purpose of reducing adverse selection, adverse selection still exists, especially within partially enrolled households. Voluntary RMHC will not be financially sustainable if the adverse selection is not fully taken into account.

  18. ErasuCrypto: A Light-weight Secure Data Deletion Scheme for Solid State Drives

    Directory of Open Access Journals (Sweden)

    Liu Chen

    2017-01-01

    Full Text Available Securely deleting invalid data from secondary storage is critical to protect users’ data privacy against unauthorized accesses. However, secure deletion is very costly for solid state drives (SSDs, which unlike hard disks do not support in-place update. When applied to SSDs, both erasure-based and cryptography-based secure deletion methods inevitably incur large amount of valid data migrations and/or block erasures, which not only introduce extra latency and energy consumption, but also harm SSD lifetime.

  19. Indian community health insurance schemes provide partial protection against catastrophic health expenditure

    Directory of Open Access Journals (Sweden)

    Ranson Kent

    2007-03-01

    Full Text Available Abstract Background More than 72% of health expenditure in India is financed by individual households at the time of illness through out-of-pocket payments. This is a highly regressive way of financing health care and sometimes leads to impoverishment. Health insurance is recommended as a measure to protect households from such catastrophic health expenditure (CHE. We studied two Indian community health insurance (CHI schemes, ACCORD and SEWA, to determine whether insured households are protected from CHE. Methods ACCORD provides health insurance cover for the indigenous population, living in Gudalur, Tamil Nadu. SEWA provides insurance cover for self employed women in the state of Gujarat. Both cover hospitalisation expenses, but only upto a maximum limit of US$23 and US$45, respectively. We reviewed the insurance claims registers in both schemes and identified patients who were hospitalised during the period 01/04/2003 to 31/03/2004. Details of their diagnoses, places and costs of treatment and self-reported annual incomes were obtained. There is no single definition of CHE and none of these have been validated. For this research, we used the following definition; "annual hospital expenditure greater than 10% of annual income," to identify those who experienced CHE. Results There were a total of 683 and 3152 hospital admissions at ACCORD and SEWA, respectively. In the absence of the CHI scheme, all of the patients at ACCORD and SEWA would have had to pay OOP for their hospitalisation. With the CHI scheme, 67% and 34% of patients did not have to make any out-of-pocket (OOP payment for their hospital expenses at ACCORD and SEWA, respectively. Both CHI schemes halved the number of households that would have experienced CHE by covering hospital costs. However, despite this, 4% and 23% of households with admissions still experienced CHE at ACCORD and SEWA, respectively. This was related to the following conditions: low annual income, benefit

  20. Importance Sampling Based Decision Trees for Security Assessment and the Corresponding Preventive Control Schemes: the Danish Case Study

    DEFF Research Database (Denmark)

    Liu, Leo; Rather, Zakir Hussain; Chen, Zhe

    2013-01-01

    Decision Trees (DT) based security assessment helps Power System Operators (PSO) by providing them with the most significant system attributes and guiding them in implementing the corresponding emergency control actions to prevent system insecurity and blackouts. DT is obtained offline from time...... and adopts a methodology of importance sampling to maximize the information contained in the database so as to increase the accuracy of DT. Further, this paper also studies the effectiveness of DT by implementing its corresponding preventive control schemes. These approaches are tested on the detailed model...

  1. Cryptanalysis of Quantum Secure Direct Communication and Authentication Scheme via Bell States

    International Nuclear Information System (INIS)

    Gao Fei; Qin Su-Juan; Guo Fen-Zhuo; Wen Qiao-Yan

    2011-01-01

    The security of the quantum secure direct communication (QSDC) and authentication protocol based on Bell states is analyzed. It is shown that an eavesdropper can invalidate the authentication function, and implement a successful man-in-the-middle attack, where he/she can obtain or even modify the transmitted secret without introducing any error. The particular attack strategy is demonstrated and an improved protocol is presented. (general)

  2. A SCHEME FOR TEMPLATE SECURITY AT FEATURE FUSION LEVEL IN MULTIMODAL BIOMETRIC SYSTEM

    OpenAIRE

    Arvind Selwal; Sunil Kumar Gupta; Surender Kumar

    2016-01-01

    Biometric is the science of human recognition based upon using their biological, chemical or behavioural traits. These systems are used in many real life applications simply from biometric based attendance system to providing security at very sophisticated level. A biometric system deals with raw data captured using a sensor and feature template extracted from raw image. One of the challenges being faced by designers of these systems is to secure template data extracted from the biometric mod...

  3. Securing optical code-division multiple-access networks with a postswitching coding scheme of signature reconfiguration

    Science.gov (United States)

    Huang, Jen-Fa; Meng, Sheng-Hui; Lin, Ying-Chen

    2014-11-01

    The optical code-division multiple-access (OCDMA) technique is considered a good candidate for providing optical layer security. An enhanced OCDMA network security mechanism with a pseudonoise (PN) random digital signals type of maximal-length sequence (M-sequence) code switching to protect against eavesdropping is presented. Signature codes unique to individual OCDMA-network users are reconfigured according to the register state of the controlling electrical shift registers. Examples of signature reconfiguration following state switching of the controlling shift register for both the network user and the eavesdropper are numerically illustrated. Dynamically changing the PN state of the shift register to reconfigure the user signature sequence is shown; this hinders eavesdroppers' efforts to decode correct data sequences. The proposed scheme increases the probability of eavesdroppers committing errors in decoding and thereby substantially enhances the degree of an OCDMA network's confidentiality.

  4. The role of the health physicist in nuclear security.

    Science.gov (United States)

    Waller, Edward J; van Maanen, Jim

    2015-04-01

    Health physics is a recognized safety function in the holistic context of the protection of workers, members of the public, and the environment against the hazardous effects of ionizing radiation, often generically designated as radiation protection. The role of the health physicist as protector dates back to the Manhattan Project. Nuclear security is the prevention and detection of, and response to, criminal or intentional unauthorized acts involving or directed at nuclear material, other radioactive material, associated facilities, or associated activities. Its importance has become more visible and pronounced in the post 9/11 environment, and it has a shared purpose with health physics in the context of protection of workers, members of the public, and the environment. However, the duties and responsibilities of the health physicist in the nuclear security domain are neither clearly defined nor recognized, while a fundamental understanding of nuclear phenomena in general, nuclear or other radioactive material specifically, and the potential hazards related to them is required for threat assessment, protection, and risk management. Furthermore, given the unique skills and attributes of professional health physicists, it is argued that the role of the health physicist should encompass all aspects of nuclear security, ranging from input in the development to implementation and execution of an efficient and effective nuclear security regime. As such, health physicists should transcend their current typical role as consultants in nuclear security issues and become fully integrated and recognized experts in the nuclear security domain and decision making process. Issues regarding the security clearances of health physics personnel and the possibility of insider threats must be addressed in the same manner as for other trusted individuals; however, the net gain from recognizing and integrating health physics expertise in all levels of a nuclear security regime far

  5. Security analysis of boolean algebra based on Zhang-Wang digital signature scheme

    International Nuclear Information System (INIS)

    Zheng, Jinbin

    2014-01-01

    In 2005, Zhang and Wang proposed an improvement signature scheme without using one-way hash function and message redundancy. In this paper, we show that this scheme exits potential safety concerns through the analysis of boolean algebra, such as bitwise exclusive-or, and point out that mapping is not one to one between assembly instructions and machine code actually by means of the analysis of the result of the assembly program segment, and which possibly causes safety problems unknown to the software

  6. Energy-Efficient Relay Selection Scheme for Physical Layer Security in Cognitive Radio Networks

    Directory of Open Access Journals (Sweden)

    Li Jiang

    2015-01-01

    selection and dynamic power allocation in order to maximize SC and to minimize energy consumption. Moreover, we consider finite-state Markov channels and residual relay energy in the relay selection and power allocation process. Specifically, the formulation of the proposed relay selection and power allocation scheme is based on the restless bandit problem, which is solved by the primal-dual index heuristic algorithm. Additionally, the obtained optimal relay selection policy has an indexability property that dramatically reduces the computational complexity. Numerical results are presented to show that our proposed scheme has the maximum SC and minimum energy consumption compared to the existing ones.

  7. Security analysis of boolean algebra based on Zhang-Wang digital signature scheme

    Energy Technology Data Exchange (ETDEWEB)

    Zheng, Jinbin, E-mail: jbzheng518@163.com [School of Mathematics and Computer Science, Long Yan University, Longyan 364012 (China)

    2014-10-06

    In 2005, Zhang and Wang proposed an improvement signature scheme without using one-way hash function and message redundancy. In this paper, we show that this scheme exits potential safety concerns through the analysis of boolean algebra, such as bitwise exclusive-or, and point out that mapping is not one to one between assembly instructions and machine code actually by means of the analysis of the result of the assembly program segment, and which possibly causes safety problems unknown to the software.

  8. Measuring relational security in forensic mental health services.

    Science.gov (United States)

    Chester, Verity; Alexander, Regi T; Morgan, Wendy

    2017-12-01

    Aims and method Relational security is an important component of care and risk assessment in mental health services, but the utility of available measures remains under-researched. This study analysed the psychometric properties of two relational security tools, the See Think Act (STA) scale and the Relational Security Explorer (RSE). Results The STA scale had good internal consistency and could highlight differences between occupational groups, whereas the RSE did not perform well as a psychometric measure. Clinical implications The measures provide unique and complimentary perspectives on the quality of relational security within secure services, but have some limitations. Use of the RSE should be restricted to its intended purpose; to guide team discussions about relational security, and services should refrain from collecting and aggregating this data. Until further research validates their use, relational security measurement should be multidimensional and form part of a wider process of service quality assessment.

  9. Measuring relational security in forensic mental health services

    Science.gov (United States)

    Chester, Verity; Alexander, Regi T.; Morgan, Wendy

    2017-01-01

    Aims and method Relational security is an important component of care and risk assessment in mental health services, but the utility of available measures remains under-researched. This study analysed the psychometric properties of two relational security tools, the See Think Act (STA) scale and the Relational Security Explorer (RSE). Results The STA scale had good internal consistency and could highlight differences between occupational groups, whereas the RSE did not perform well as a psychometric measure. Clinical implications The measures provide unique and complimentary perspectives on the quality of relational security within secure services, but have some limitations. Use of the RSE should be restricted to its intended purpose; to guide team discussions about relational security, and services should refrain from collecting and aggregating this data. Until further research validates their use, relational security measurement should be multidimensional and form part of a wider process of service quality assessment. PMID:29234515

  10. Effectiveness Of Security Controls On Electronic Health Records

    Directory of Open Access Journals (Sweden)

    Everleen Wanyonyi

    2017-12-01

    Full Text Available Electronic Health Record EHR systems enhance efficiency and effectiveness in handling patients information in healthcare. This study focused on the EHR security by initially establishing the nature of threats affecting the system and reviewing the implemented security safeguards. The study was done at a referral hospital level 6 government facility in Kenya. Purposive sampling was used to select a sample of 196 out of 385 staff and a questionnaire designed for qualitative data collection. Data was analyzed using SPSS software. Correlations and binary logistic regression were obtained. Binary Logistic Regression BLR was used to establish the effect of the safeguards predictors on EHR security. It was established that physical security contributes more to the security of an information system than administrative controls and technical controls in that order. BLR helped in predicting effective safeguards to control EHR security threats in limited resourced public health facilities.

  11. A systematic approach for analysis and design of secure health information systems.

    Science.gov (United States)

    Blobel, B; Roger-France, F

    2001-06-01

    A toolset using object-oriented techniques including the nowadays popular unified modelling language (UML) approach has been developed to facilitate the different users' views for security analysis and design of health care information systems. Paradigm and concepts used are based on the component architecture of information systems and on a general layered security model. The toolset was developed in 1996/1997 within the ISHTAR project funded by the European Commission as well as through international standardisation activities. Analysing and systematising real health care scenarios, only six and nine use case types could be found in the health and the security-related view, respectively. By combining these use case types, the analysis and design of any thinkable system architecture can be simplified significantly. Based on generic schemes, the environment needed for both communication and application security can be established by appropriate sets of security services and mechanisms. Because of the importance and the basic character of electronic health care record (EHCR) systems, the understanding of the approach is facilitated by (incomplete) examples for this application.

  12. On the security of the Winternitz one-time signature scheme

    NARCIS (Netherlands)

    Buchmann, Johannes; Dahmen, Erik; Ereth, Sarah; Hülsing, Andreas; Rückert, Markus; Nitaj, A.; Pointcheval, D.

    2011-01-01

    We show that the Winternitz one-time signature scheme is existentially unforgeable under adaptive chosen message attacks when instantiated with a family of pseudo random functions. Compared to previous results, which require a collision resistant hash function, our result provides significantly

  13. Nuclear Security Education in “non-Nuclear” Countries – Inseparable Component of Global Nuclear Security Scheme. Example of Montenegro

    International Nuclear Information System (INIS)

    Jovanovic, S.

    2014-01-01

    • Global regime of nuclear security cannot be complete and functional if all countries are not involved; • Apart from the fact that developed nuclear countries are crucial in this sense (and determining the system), due attention should be paid to small, developing, “nonnuclear” ones; • Small problems in big countries are often big problems in small countries – so it is with HRD in nuclear related fields; • Everything is based on competence, with education being fundamental for building it up; • To that aim, the role of universities is of utmost importance, while networking is another corner stone; • Experience of Montenegro, perhaps exemplary in the above context, is discussed. (author)

  14. Perception of security by health workforce at workplace in Nepal.

    Science.gov (United States)

    Prajapati, R; Baral, B; Karki, K B; Neupane, M

    2013-05-01

    In Nepal, the relationship of health worker and patient or community people is now deteriorating and the security and safety of health worker is becoming emerging issues. The poor relationship between community people and health worker is hampering the health service especially in rural setting. This study was aimed at finding the security perception and situation of health workforce in Nepal. A cross-sectional descriptive study was conducted using both quantitative and qualitative methods. Out of 404 sample health institutions, 747 health workforce from 375 health institutions were interviewed (workplace. Mostly, doctors felt insecure at their workplace 24 (30%) and argued with service users , 26 (32.50%). Feeling of security was highest in central region 160 (83.30%). Nationwide, 121 (16%) of health workers faced some level of arguments with service users, which was highest in Tarai 64 (18.08%). Of the total harassment, both gender based and sexual harassment was higher among female health workers [20 (62.5%) and 13 (56.5%) respectively]. Only, 230 (30.7%) of health workers who suffered from workplace accidents got compensation and treatment. Higher proportions of health workers feel insecurity at workplace whereas provision of compensation was minimal. There is a need of strict implementation of Security of the Health Workers and Health Organizations Act, 2066 (2009) for effective health service delivery.

  15. Development of an Internet Security Policy for health care establishments.

    Science.gov (United States)

    Ilioudis, C; Pangalos, G

    2000-01-01

    The Internet provides unprecedented opportunities for interaction and data sharing among health care providers, patients and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality and integrity of information. This paper defines the basic security requirements that must be addressed in order to use the Internet to safely transmit patient and/or other sensitive Health Care information. It describes a suitable Internet Security Policy for Health Care Establishments and provides the set of technical measures that are needed for its implementation. The proposed security policy and technical approaches have been based on an extensive study of the related recommendations from the security and standard groups both in EU amid USA and our related work and experience. The results have been utilized in the framework of the Intranet Health Clinic project, where the use of the Internet for the transmission of sensitive Health Care information is of vital importance.

  16. Perspectives of frontline health workers on Ghana's National Health Insurance Scheme before and after community engagement interventions

    NARCIS (Netherlands)

    Alhassan, Robert Kaba; Nketiah-Amponsah, Edward; Spieker, Nicole; Arhinful, Daniel Kojo; Rinke de Wit, Tobias F.

    2016-01-01

    Barely a decade after introduction of Ghana's National Health Insurance Scheme (NHIS), significant successes have been recorded in universal access to basic healthcare services. However, sustainability of the scheme is increasingly threatened by concerns on quality of health service delivery in

  17. A Trust-Based Secure Routing Scheme Using the Traceback Approach for Energy-Harvesting Wireless Sensor Networks.

    Science.gov (United States)

    Tang, Jiawei; Liu, Anfeng; Zhang, Jian; Xiong, Neal N; Zeng, Zhiwen; Wang, Tian

    2018-03-01

    The Internet of things (IoT) is composed of billions of sensing devices that are subject to threats stemming from increasing reliance on communications technologies. A Trust-Based Secure Routing (TBSR) scheme using the traceback approach is proposed to improve the security of data routing and maximize the use of available energy in Energy-Harvesting Wireless Sensor Networks (EHWSNs). The main contributions of a TBSR are (a) the source nodes send data and notification to sinks through disjoint paths, separately; in such a mechanism, the data and notification can be verified independently to ensure their security. (b) Furthermore, the data and notification adopt a dynamic probability of marking and logging approach during the routing. Therefore, when attacked, the network will adopt the traceback approach to locate and clear malicious nodes to ensure security. The probability of marking is determined based on the level of battery remaining; when nodes harvest more energy, the probability of marking is higher, which can improve network security. Because if the probability of marking is higher, the number of marked nodes on the data packet routing path will be more, and the sink will be more likely to trace back the data packet routing path and find malicious nodes according to this notification. When data packets are routed again, they tend to bypass these malicious nodes, which make the success rate of routing higher and lead to improved network security. When the battery level is low, the probability of marking will be decreased, which is able to save energy. For logging, when the battery level is high, the network adopts a larger probability of marking and smaller probability of logging to transmit notification to the sink, which can reserve enough storage space to meet the storage demand for the period of the battery on low level; when the battery level is low, increasing the probability of logging can reduce energy consumption. After the level of battery

  18. A Trust-Based Secure Routing Scheme Using the Traceback Approach for Energy-Harvesting Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Jiawei Tang

    2018-03-01

    Full Text Available The Internet of things (IoT is composed of billions of sensing devices that are subject to threats stemming from increasing reliance on communications technologies. A Trust-Based Secure Routing (TBSR scheme using the traceback approach is proposed to improve the security of data routing and maximize the use of available energy in Energy-Harvesting Wireless Sensor Networks (EHWSNs. The main contributions of a TBSR are (a the source nodes send data and notification to sinks through disjoint paths, separately; in such a mechanism, the data and notification can be verified independently to ensure their security. (b Furthermore, the data and notification adopt a dynamic probability of marking and logging approach during the routing. Therefore, when attacked, the network will adopt the traceback approach to locate and clear malicious nodes to ensure security. The probability of marking is determined based on the level of battery remaining; when nodes harvest more energy, the probability of marking is higher, which can improve network security. Because if the probability of marking is higher, the number of marked nodes on the data packet routing path will be more, and the sink will be more likely to trace back the data packet routing path and find malicious nodes according to this notification. When data packets are routed again, they tend to bypass these malicious nodes, which make the success rate of routing higher and lead to improved network security. When the battery level is low, the probability of marking will be decreased, which is able to save energy. For logging, when the battery level is high, the network adopts a larger probability of marking and smaller probability of logging to transmit notification to the sink, which can reserve enough storage space to meet the storage demand for the period of the battery on low level; when the battery level is low, increasing the probability of logging can reduce energy consumption. After the level of

  19. bayelsa, in search of a sustainable health financing scheme

    African Journals Online (AJOL)

    2016-08-19

    Aug 19, 2016 ... Before 2000 less than 0.14% of national budget was allocated to patient .... impact on patient care and these receive very meagre ... But they severed relationship when ..... the customer care unit of the scheme had no vehicle.

  20. Faithful One-way Trip Deterministic Secure Quantum Communication Scheme Against Collective Rotating Noise Based on Order Rearrangement of Photon Pairs

    Science.gov (United States)

    Yuan, Hao; Zhang, Qin; Hong, Liang; Yin, Wen-jie; Xu, Dong

    2014-08-01

    We present a novel scheme for deterministic secure quantum communication (DSQC) over collective rotating noisy channel. Four special two-qubit states are found can constitute a noise-free subspaces, and so are utilized as quantum information carriers. In this scheme, the information carriers transmite over the quantum channel only one time, which can effectively reduce the influence of other noise existing in quantum channel. The information receiver need only perform two single-photon collective measurements to decode the secret messages, which can make the present scheme more convenient in practical application. It will be showed that our scheme has a relatively high information capacity and intrisic efficiency. Foremostly, the decoy photon pair checking technique and the order rearrangement of photon pairs technique guarantee that the present scheme is unconditionally secure.

  1. Security and Correctness Analysis on Privacy-Preserving k-Means Clustering Schemes

    Science.gov (United States)

    Su, Chunhua; Bao, Feng; Zhou, Jianying; Takagi, Tsuyoshi; Sakurai, Kouichi

    Due to the fast development of Internet and the related IT technologies, it becomes more and more easier to access a large amount of data. k-means clustering is a powerful and frequently used technique in data mining. Many research papers about privacy-preserving k-means clustering were published. In this paper, we analyze the existing privacy-preserving k-means clustering schemes based on the cryptographic techniques. We show those schemes will cause the privacy breach and cannot output the correct results due to the faults in the protocol construction. Furthermore, we analyze our proposal as an option to improve such problems but with intermediate information breach during the computation.

  2. 76 FR 17158 - Assumption Buster Workshop: Distributed Data Schemes Provide Security

    Science.gov (United States)

    2011-03-28

    ... national security systems, is seeking expert participants in a day-long workshop on the pros and cons of... AGENCY: The National Coordination Office (NCO) for the Networking and Information Technology Research and... Office for the Networking and Information Technology Research and Development (NITRD) Program on behalf...

  3. Robust Networking Architecture and Secure Communication Scheme for Heterogeneous Wireless Sensor Networks

    Science.gov (United States)

    McNeal, McKenzie, III.

    2012-01-01

    Current networking architectures and communication protocols used for Wireless Sensor Networks (WSNs) have been designed to be energy efficient, low latency, and long network lifetime. One major issue that must be addressed is the security in data communication. Due to the limited capabilities of low cost and small sized sensor nodes, designing…

  4. LKHW: A Directed Diffusion-Based Secure Multicast Scheme for Wireless Sensor Networks

    NARCIS (Netherlands)

    Di Pietro, Roberto; Mancini, Luigi V.; Law, Y.W.; Etalle, Sandro; Havinga, Paul J.M.; Huang, C.H; Ramanujam, J.

    2003-01-01

    We present a mechanism for securing group communications in Wireless Sensor Networks (WSN). First, we derive an extension of Logical Key Hierarchy (LKH). Then we merge the extension with Directed Diffusion (DD). The resulting protocol, LKHW, combines the advantages of both LKH and DD. In particular,

  5. Time Pattern Locking Scheme for Secure Multimedia Contents in Human-Centric Device

    Directory of Open Access Journals (Sweden)

    Hyun-Woo Kim

    2014-01-01

    Full Text Available Among the various smart multimedia devices, multimedia smartphones have become the most widespread due to their convenient portability and real-time information sharing, as well as various other built-in features. Accordingly, since personal and business activities can be carried out using multimedia smartphones without restrictions based on time and location, people have more leisure time and convenience than ever. However, problems such as loss, theft, and information leakage because of convenient portability have also increased proportionally. As a result, most multimedia smartphones are equipped with various built-in locking features. Pattern lock, personal identification numbers, and passwords are the most used locking features on current smartphones, but these are vulnerable to shoulder surfing and smudge attacks, allowing malicious users to bypass the security feature easily. In particular, the smudge attack technique is a convenient way to unlock multimedia smartphones after they have been stolen. In this paper, we propose the secure locking screen using time pattern (SLSTP focusing on improved security and convenience for users to support human-centric multimedia device completely. The SLSTP can provide a simple interface to users and reduce the risk factors pertaining to security leakage to malicious third parties.

  6. Time pattern locking scheme for secure multimedia contents in human-centric device.

    Science.gov (United States)

    Kim, Hyun-Woo; Kim, Jun-Ho; Park, Jong Hyuk; Jeong, Young-Sik

    2014-01-01

    Among the various smart multimedia devices, multimedia smartphones have become the most widespread due to their convenient portability and real-time information sharing, as well as various other built-in features. Accordingly, since personal and business activities can be carried out using multimedia smartphones without restrictions based on time and location, people have more leisure time and convenience than ever. However, problems such as loss, theft, and information leakage because of convenient portability have also increased proportionally. As a result, most multimedia smartphones are equipped with various built-in locking features. Pattern lock, personal identification numbers, and passwords are the most used locking features on current smartphones, but these are vulnerable to shoulder surfing and smudge attacks, allowing malicious users to bypass the security feature easily. In particular, the smudge attack technique is a convenient way to unlock multimedia smartphones after they have been stolen. In this paper, we propose the secure locking screen using time pattern (SLSTP) focusing on improved security and convenience for users to support human-centric multimedia device completely. The SLSTP can provide a simple interface to users and reduce the risk factors pertaining to security leakage to malicious third parties.

  7. An Efficient and Secure m-IPS Scheme of Mobile Devices for Human-Centric Computing

    Directory of Open Access Journals (Sweden)

    Young-Sik Jeong

    2014-01-01

    Full Text Available Recent rapid developments in wireless and mobile IT technologies have led to their application in many real-life areas, such as disasters, home networks, mobile social networks, medical services, industry, schools, and the military. Business/work environments have become wire/wireless, integrated with wireless networks. Although the increase in the use of mobile devices that can use wireless networks increases work efficiency and provides greater convenience, wireless access to networks represents a security threat. Currently, wireless intrusion prevention systems (IPSs are used to prevent wireless security threats. However, these are not an ideal security measure for businesses that utilize mobile devices because they do not take account of temporal-spatial and role information factors. Therefore, in this paper, an efficient and secure mobile-IPS (m-IPS is proposed for businesses utilizing mobile devices in mobile environments for human-centric computing. The m-IPS system incorporates temporal-spatial awareness in human-centric computing with various mobile devices and checks users’ temporal spatial information, profiles, and role information to provide precise access control. And it also can extend application of m-IPS to the Internet of things (IoT, which is one of the important advanced technologies for supporting human-centric computing environment completely, for real ubiquitous field with mobile devices.

  8. LKHW: A Directed Diffusion-Based Secure Multicast Scheme for Wireless Sensor Networks

    NARCIS (Netherlands)

    Di Pietro, Roberto; Mancini, Luigi V.; Law, Y.W.; Etalle, Sandro; Havinga, Paul J.M.

    In this paper, we present a mechanism for securing group communications in Wireless Sensor Networks (WSN). First, we derive an extension of Logical Key Hierarchy (LKH). Then we merge the extension with directed diffusion. The resulting protocol, LKHW, combines the advantages of both LKH and directed

  9. Renewing membership in three community-based health insurance schemes in rural India

    NARCIS (Netherlands)

    P. Panda (Pradeep); A. Chakraborty (Arpita); W.A. Raza (Wameq); A.S. Bedi (Arjun Singh)

    2015-01-01

    textabstractLow renewal rate is a key challenge facing the sustainability of Community-based Health Insurance (CBHI) schemes. While there is a large literature on initial enrolment into such schemes, there is limited evidence on the factors that impede renewal. This paper uses longitudinal data to

  10. Dropping out of Ethiopia’s Community Based Health Insurance scheme

    NARCIS (Netherlands)

    A.D. Mebratie (Anagaw); R.A. Sparrow (Robert); Z.Y. Debebe (Zelalem); G. Alemu (Getnet ); A.S. Bedi (Arjun Singh)

    2014-01-01

    textabstractLow contract renewal rates have been identified as one of the challenges facing the development of community based health insurance schemes (CBHI). This paper uses longitudinal household survey data to examine dropout in the case of Ethiopia’s pilot CBHI scheme, which saw enrolment

  11. Integrating Local Public Health Agencies into the Homeland Security Community

    National Research Council Canada - National Science Library

    Reed, Patricia D

    2007-01-01

    After more than seven years of funding through The Centers for Disease Control and Prevention, local public health agencies have made inconsistent progress in fulfilling their Homeland Security objectives...

  12. Plan for radiological security at a university health center

    International Nuclear Information System (INIS)

    Huiaman Mendoza, G.M.; Sanchez Riojas, M.M.; Felix JImenez, D.

    1998-01-01

    This work shows a radiological security plan applied to a Basic Radiological Service at a university health center. Factors taken into account were installation designs, equipment operation parameters, work procedures, image system and responsibilities

  13. Determinants of enrollment of informal sector workers in cooperative based health scheme in Bangladesh

    Science.gov (United States)

    Sarker, Abdur Razzaque; Sultana, Marufa; Mahumud, Rashidul Alam; Ahmed, Sayem; Islam, Ziaul; Morton, Alec; Khan, Jahangir A. M.

    2017-01-01

    Background Providing access to affordable health care for the informal sector remains a considerable challenge for low income countries striving to make progress towards universal health coverage. The objective of the study is to identify the factors shaping the decision to enroll in a cooperative based health scheme for informal workers in Bangladesh and also help to identify the features of informal workers without health schemes and their likelihood of being insured. Methods Data were derived from a cross-sectional in-house survey within the catchment area of a cooperative based health scheme in Bangladesh during April–June 2014, covering a total of 784 households (458 members and 326 non-members). Multivariate logistic regression model was used to identify factors associated with cooperative based health scheme and explanatory variables. Findings This study found that a number of factors were significant determinants of health scheme participation including sex of household head, household composition, occupational category as well as involvement social financial safety net programs. Conclusion Findings from this study can be suggestive for policy-makers interested in scaling up health insurance for informal workers in Bangladesh. Shared funding from this large informal sector can generate new resources for healthcare, which is in line with the healthcare financing strategy of Bangladesh as well as the recommendation of the World Health Organization for developing social health insurance as part of the path to Universal Health Coverage. PMID:28750052

  14. Utilization of health-care schemes: A ground reality of Indian scenario

    Directory of Open Access Journals (Sweden)

    Aditi Sharma

    2018-01-01

    Full Text Available Health-care system in a society must be built around the term of equity so that each individual should have equal opportunities for maintaining good health, but human societies are characterized by unevenness at every aspect, and it has even not spared the health-care system. Despite great improvements in the oral health status of population across the world, health problems continue to be a major public health concern. India's health system faces the ongoing challenge of responding to the needs of the most disadvantaged groups of the society. Thus, to reduce inequalities in health and ensuring equity in oral health care, India as one of the developing countries in the world have taken steps at center as well as state level to bridge the gap between poor and rich in terms of health care. These schemes are built to touch the lives of the remotest people in the country. The government is boosting its strategies and augmenting its reach mechanisms to ensure that not a soul is dispossessed of any benefits, which arise from the virtue of this scheme. The present review concludes that though these schemes appear to be pro-poor and are inclusive of disadvantaged minorities, the scheme suffers from adverse selection. These schemes have the potential to play an important role in India's move toward universal health coverage.

  15. Determinants of enrollment of informal sector workers in cooperative based health scheme in Bangladesh.

    Directory of Open Access Journals (Sweden)

    Abdur Razzaque Sarker

    Full Text Available Providing access to affordable health care for the informal sector remains a considerable challenge for low income countries striving to make progress towards universal health coverage. The objective of the study is to identify the factors shaping the decision to enroll in a cooperative based health scheme for informal workers in Bangladesh and also help to identify the features of informal workers without health schemes and their likelihood of being insured.Data were derived from a cross-sectional in-house survey within the catchment area of a cooperative based health scheme in Bangladesh during April-June 2014, covering a total of 784 households (458 members and 326 non-members. Multivariate logistic regression model was used to identify factors associated with cooperative based health scheme and explanatory variables.This study found that a number of factors were significant determinants of health scheme participation including sex of household head, household composition, occupational category as well as involvement social financial safety net programs.Findings from this study can be suggestive for policy-makers interested in scaling up health insurance for informal workers in Bangladesh. Shared funding from this large informal sector can generate new resources for healthcare, which is in line with the healthcare financing strategy of Bangladesh as well as the recommendation of the World Health Organization for developing social health insurance as part of the path to Universal Health Coverage.

  16. Fuzzy assessment of health information system users' security awareness.

    Science.gov (United States)

    Aydın, Özlem Müge; Chouseinoglou, Oumout

    2013-12-01

    Health information systems (HIS) are a specific area of information systems (IS), where critical patient data is stored and quality health service is only realized with the correct use and efficient dissemination of this data to health workers. Therefore, a balance needs to be established between the levels of security and flow of information on HIS. Instead of implementing higher levels and further mechanisms of control to increase the security of HIS, it is preferable to deal with the arguably weakest link on HIS chain with respect to security: HIS users. In order to provide solutions and approaches for transforming users to the first line of defense in HIS but also to employ capable and appropriate candidates from the pool of newly graduated students, it is important to assess and evaluate the security awareness levels and characteristics of these existing and future users. This study aims to provide a new perspective to understand the phenomenon of security awareness of HIS users with the use of fuzzy analysis, and to assess the present situation of current and future HIS users of a leading medical and educational institution of Turkey, with respect to their security characteristics based on four different security scales. The results of the fuzzy analysis, the guide on how to implement this fuzzy analysis to any health institution and how to read and interpret these results, together with the possible implications of these results to the organization are provided.

  17. Predictors of Availing Maternal Health Schemes: A community based study in Gujarat, India

    Directory of Open Access Journals (Sweden)

    Kranti Suresh Vora

    2014-06-01

    Full Text Available Background: India continues to face challenges in improving key maternal health indicators with about 1/3rd of global maternal deaths happening in India. Utilization of health care services is an important issue in India with significant proportion of home deliveries and majority of mothers not receiving adequate antenatal care. Mortality among poor rural women is the highest with lowest utilization. To make maternal healthcare more equitable, numerous schemes such as Janani Suraksha Yojana, Chiranjeevi Yojana, Kasturba Poshan Sahay Yojana have been introduced. Studies suggest that utilization of such schemes by target population is low and there is a need to understand factors affecting maternal health care utilization in the context of these schemes. Current community based study was done in rural Gujarat to understand characteristics of women who utilize such schemes and predictors of utilization. Methodology: Data collection was done in two districts of Gujarat from June to August, 2013 as a pilot phase of MATIND project. Community based cross-sectional study included 827 households and socio-demographic details of 1454 women of 15-49 years age groups were collected. 265 mothers, who had delivered after 1st January, 2013 are included in the regression analyses. The data analysis carried out with R version 3.0.1 software.  Results: The analysis indicates socioeconomic variables such as caste, maternal variables such as education and health system variables such as use of government facility are important predictors of maternal health scheme utilization. Results suggest that socioeconomic and health system factors are the best predictors for availing scheme. Conclusion: Health system variables along with individual level variables are important predictors for availing maternal health schemes. The study indicates the need to examine all levels of predictors for utilizing government health schemes to maximize the benefit for underserved

  18. Key management schemes using routing information frames in secure wireless sensor networks

    Science.gov (United States)

    Kamaev, V. A.; Finogeev, A. G.; Finogeev, A. A.; Parygin, D. S.

    2017-01-01

    The article considers the problems and objectives of key management for data encryption in wireless sensor networks (WSN) of SCADA systems. The structure of the key information in the ZigBee network and methods of keys obtaining are discussed. The use of a hybrid key management schemes is most suitable for WSN. The session symmetric key is used to encrypt the sensor data, asymmetric keys are used to encrypt the session key transmitted from the routing information. Three algorithms of hybrid key management using routing information frames determined by routing methods and the WSN topology are presented.

  19. Facilitating Secure Sharing of Personal Health Data in the Cloud.

    Science.gov (United States)

    Thilakanathan, Danan; Calvo, Rafael A; Chen, Shiping; Nepal, Surya; Glozier, Nick

    2016-05-27

    Internet-based applications are providing new ways of promoting health and reducing the cost of care. Although data can be kept encrypted in servers, the user does not have the ability to decide whom the data are shared with. Technically this is linked to the problem of who owns the data encryption keys required to decrypt the data. Currently, cloud service providers, rather than users, have full rights to the key. In practical terms this makes the users lose full control over their data. Trust and uptake of these applications can be increased by allowing patients to feel in control of their data, generally stored in cloud-based services. This paper addresses this security challenge by providing the user a way of controlling encryption keys independently of the cloud service provider. We provide a secure and usable system that enables a patient to share health information with doctors and specialists. We contribute a secure protocol for patients to share their data with doctors and others on the cloud while keeping complete ownership. We developed a simple, stereotypical health application and carried out security tests, performance tests, and usability tests with both students and doctors (N=15). We developed the health application as an app for Android mobile phones. We carried out the usability tests on potential participants and medical professionals. Of 20 participants, 14 (70%) either agreed or strongly agreed that they felt safer using our system. Using mixed methods, we show that participants agreed that privacy and security of health data are important and that our system addresses these issues. We presented a security protocol that enables patients to securely share their eHealth data with doctors and nurses and developed a secure and usable system that enables patients to share mental health information with doctors.

  20. The Best Laid Plans: Access to the Rajiv Aarogyasri community health insurance scheme of Andhra Pradesh

    Directory of Open Access Journals (Sweden)

    H. Narasimhan

    2014-05-01

    Full Text Available This paper is a qualitative assessment of a public health insurance scheme in the state of Andhra Pradesh, south India, called the Rajiv Aarogyasri Community Health Insurance Scheme (or Aarogyasri, using the case-study method. Focusing on inpatient hospital care and especially on surgical treatments leaves the scheme wanting in meeting the health care needs of and addressing the impoverishing health expenditure incurred by the poor, especially those living in rural areas. Though well-intentioned, people from vulnerable sections of society may find the scheme ultimately unhelpful for their needs. Through an in-depth qualitative approach, the paper highlights not just financial difficulties but also the non-financial barriers to accessing health care, despite the existence of a scheme such as Aarogyasri. Narrative evidence from poor households offers powerful insights into why even the most innovative state health insurance schemes may not achieve their goals and systemic corrections needed to address barriers to health care.

  1. Patient-Controlled Attribute-Based Encryption for Secure Electronic Health Records System.

    Science.gov (United States)

    Eom, Jieun; Lee, Dong Hoon; Lee, Kwangsu

    2016-12-01

    In recent years, many countries have been trying to integrate electronic health data managed by each hospital to offer more efficient healthcare services. Since health data contain sensitive information of patients, there have been much research that present privacy preserving mechanisms. However, existing studies either require a patient to perform various steps to secure the data or restrict the patient to exerting control over the data. In this paper, we propose patient-controlled attribute-based encryption, which enables a patient (a data owner) to control access to the health data and reduces the operational burden for the patient, simultaneously. With our method, the patient has powerful control capability of his/her own health data in that he/she has the final say on the access with time limitation. In addition, our scheme provides emergency medical services which allow the emergency staffs to access the health data without the patient's permission only in the case of emergencies. We prove that our scheme is secure under cryptographic assumptions and analyze its efficiency from the patient's perspective.

  2. Incentives in statutory health insurance bonus schemes - Communication as an underrated precondition of success

    OpenAIRE

    Viviane Scherenberg; Gerd Glaeske

    2009-01-01

    Aim - Bonus schemes within German statutory health insurance (GKV) use monetary incentives to promote health-conscious behaviour, particularly amongst risk groups. The idea is to exploit a latent potential for participation in money-saving preventive measures. First studies suggest that incidental effects (good risks) are more common than prevention effects. The purpose of the article is to present factors contributing to the successfulness of incentive schemes. Methods - To outline the findi...

  3. Security Concerns in Android mHealth Apps.

    Science.gov (United States)

    He, Dongjing; Naveed, Muhammad; Gunter, Carl A; Nahrstedt, Klara

    2014-01-01

    Mobile Health (mHealth) applications lie outside of regulatory protection such as HIPAA, which requires a baseline of privacy and security protections appropriate to sensitive medical data. However, mHealth apps, particularly those in the app stores for iOS and Android, are increasingly handling sensitive data for both professionals and patients. This paper presents a series of three studies of the mHealth apps in Google Play that show that mHealth apps make widespread use of unsecured Internet communications and third party servers. Both of these practices would be considered problematic under HIPAA, suggesting that increased use of mHealth apps could lead to less secure treatment of health data unless mHealth vendors make improvements in the way they communicate and store data.

  4. Security Concerns in Android mHealth Apps

    Science.gov (United States)

    He, Dongjing; Naveed, Muhammad; Gunter, Carl A.; Nahrstedt, Klara

    2014-01-01

    Mobile Health (mHealth) applications lie outside of regulatory protection such as HIPAA, which requires a baseline of privacy and security protections appropriate to sensitive medical data. However, mHealth apps, particularly those in the app stores for iOS and Android, are increasingly handling sensitive data for both professionals and patients. This paper presents a series of three studies of the mHealth apps in Google Play that show that mHealth apps make widespread use of unsecured Internet communications and third party servers. Both of these practices would be considered problematic under HIPAA, suggesting that increased use of mHealth apps could lead to less secure treatment of health data unless mHealth vendors make improvements in the way they communicate and store data. PMID:25954370

  5. Secure diversity-multiplexing tradeoff of zero-forcing transmit scheme at finite-SNR

    KAUST Repository

    Rezki, Zouheir

    2012-04-01

    In this paper, we address the finite Signal-to-Noise Ratio (SNR) Diversity-Multiplexing Tradeoff (DMT) of the Multiple Input Multiple Output (MIMO) wiretap channel, where a Zero-Forcing (ZF) transmit scheme, that intends to send the secret information in the orthogonal space of the eavesdropper channel, is used. First, we introduce the secrecy multiplexing gain at finite-SNR that generalizes the definition at high-SNR. Then, we provide upper and lower bounds on the outage probability under secrecy constraint, from which secrecy diversity gain estimates of ZF are derived. Through asymptotic analysis, we show that the upper bound underestimates the secrecy diversity gain, whereas the lower bound is tight at high-SNR, and thus its related diversity gain estimate is equal to the actual asymptotic secrecy diversity gain of the MIMO wiretap channel. © 2012 IEEE.

  6. CLSM: COUPLE LAYERED SECURITY MODEL A HIGH-CAPACITY DATA HIDING SCHEME USING WITH STEGANOGRAPHY

    Directory of Open Access Journals (Sweden)

    Cemal Kocak

    2017-03-01

    Full Text Available Cryptography and steganography are the two significant techniques used in secrecy of communications and in safe message transfer. In this study CLSM – Couple Layered Security Model is suggested which has a hybrid structure enhancing information security using features of cryptography and steganography. In CLSM system; the information which has been initially cryptographically encrypted is steganographically embedded in an image at the next step. The information is encrypted by means of a Text Keyword consisting of maximum 16 digits determined by the user in cryptography method. Similarly, the encrypted information is processed, during the embedding stage, using a 16 digit pin (I-PIN which is determined again by the user. The carrier images utilized in the study have been determined as 24 bit/pixel colour. Utilization of images in .jpeg, .tiff, .pnp format has also been provided. The performance of the CLSM method has been evaluated according to the objective quality measurement criteria of PSNR-dB (Peak Signal-to-Noise Ratio and SSIM (Structural Similarity Index. In the study, 12 different sized information between 1000 and 609,129 bits were embedded into images. Between 34.14 and 65.8 dB PSNR values and between 0.989 and 0.999 SSIM values were obtained. CLSM showed better results compared to Pixel Value Differencing (PVD method, Simulated Annealing (SA Algorithm and Mix column transform based on irreducible polynomial mathematics methods.

  7. Patient Centeredness in Electronic Communication: Evaluation of Patient-to-Health Care Team Secure Messaging

    Science.gov (United States)

    Luger, Tana M; Volkman, Julie E; Rocheleau, Mary; Mueller, Nora; Barker, Anna M; Nazi, Kim M; Houston, Thomas K; Bokhour, Barbara G

    2018-01-01

    Background As information and communication technology is becoming more widely implemented across health care organizations, patient-provider email or asynchronous electronic secure messaging has the potential to support patient-centered communication. Within the medical home model of the Veterans Health Administration (VA), secure messaging is envisioned as a means to enhance access and strengthen the relationships between veterans and their health care team members. However, despite previous studies that have examined the content of electronic messages exchanged between patients and health care providers, less research has focused on the socioemotional aspects of the communication enacted through those messages. Objective Recognizing the potential of secure messaging to facilitate the goals of patient-centered care, the objectives of this analysis were to not only understand why patients and health care team members exchange secure messages but also to examine the socioemotional tone engendered in these messages. Methods We conducted a cross-sectional coding evaluation of a corpus of secure messages exchanged between patients and health care team members over 6 months at 8 VA facilities. We identified patients whose medical records showed secure messaging threads containing at least 2 messages and compiled a random sample of these threads. Drawing on previous literature regarding the analysis of asynchronous, patient-provider electronic communication, we developed a coding scheme comprising a series of a priori patient and health care team member codes. Three team members tested the scheme on a subset of the messages and then independently coded the sample of messaging threads. Results Of the 711 messages coded from the 384 messaging threads, 52.5% (373/711) were sent by patients and 47.5% (338/711) by health care team members. Patient and health care team member messages included logistical content (82.6%, 308/373 vs 89.1%, 301/338), were neutral in tone (70

  8. Patient Centeredness in Electronic Communication: Evaluation of Patient-to-Health Care Team Secure Messaging.

    Science.gov (United States)

    Hogan, Timothy P; Luger, Tana M; Volkman, Julie E; Rocheleau, Mary; Mueller, Nora; Barker, Anna M; Nazi, Kim M; Houston, Thomas K; Bokhour, Barbara G

    2018-03-08

    As information and communication technology is becoming more widely implemented across health care organizations, patient-provider email or asynchronous electronic secure messaging has the potential to support patient-centered communication. Within the medical home model of the Veterans Health Administration (VA), secure messaging is envisioned as a means to enhance access and strengthen the relationships between veterans and their health care team members. However, despite previous studies that have examined the content of electronic messages exchanged between patients and health care providers, less research has focused on the socioemotional aspects of the communication enacted through those messages. Recognizing the potential of secure messaging to facilitate the goals of patient-centered care, the objectives of this analysis were to not only understand why patients and health care team members exchange secure messages but also to examine the socioemotional tone engendered in these messages. We conducted a cross-sectional coding evaluation of a corpus of secure messages exchanged between patients and health care team members over 6 months at 8 VA facilities. We identified patients whose medical records showed secure messaging threads containing at least 2 messages and compiled a random sample of these threads. Drawing on previous literature regarding the analysis of asynchronous, patient-provider electronic communication, we developed a coding scheme comprising a series of a priori patient and health care team member codes. Three team members tested the scheme on a subset of the messages and then independently coded the sample of messaging threads. Of the 711 messages coded from the 384 messaging threads, 52.5% (373/711) were sent by patients and 47.5% (338/711) by health care team members. Patient and health care team member messages included logistical content (82.6%, 308/373 vs 89.1%, 301/338), were neutral in tone (70.2%, 262/373 vs 82.0%, 277/338), and

  9. Public Health Crisis in War and Conflict - Health Security in Aggregate.

    Science.gov (United States)

    Quinn, John; Zelený, Tomáš; Subramaniam, Rammika; Bencko, Vladimír

    2017-03-01

    Public health status of populations is multifactorial and besides other factors it is linked to war and conflict. Public health crisis can erupt when states go to war or are invaded; health security may be reduced for affected populations. This study reviews in aggregate multiple indices of human security, human development and legitimacy of the state in order to describe a predictable global health portrait. Paradigm shift of large global powers to that non-state actors and proxies impact regional influence through scaled conflict and present major global health challenges for policy makers. Small scale conflict with large scale violence threatens health security for at-risk populations. The paper concludes that health security is directly proportional to state security. Copyright© by the National Institute of Public Health, Prague 2017

  10. Secure Authentication and Prescription Safety Protocol for Telecare Health Services Using Ubiquitous IoT

    Directory of Open Access Journals (Sweden)

    Zahid Mahmood

    2017-10-01

    Full Text Available Internet-of-Things (IoT include a large number of devices that can communicate across different networks. Cyber-Physical Systems (CPS also includes a number of devices connected to the internet where wearable devices are also included. Both systems enable researchers to develop healthcare systems with additional intelligence as well as prediction capabilities both for lifestyle and in hospitals. It offers as much persistence as a platform to ubiquitous healthcare by using wearable sensors to transfer the information over servers, smartphones, and other smart devices in the Telecare Medical Information System (TMIS. Security is a challenging issue in TMIS, and resourceful access to health care services requires user verification and confidentiality. Existing schemes lack in ensuring reliable prescription safety along with authentication. This research presents a Secure Authentication and Prescription Safety (SAPS protocol to ensure secure communication between the patient, doctor/nurse, and the trusted server. The proposed procedure relies upon the efficient elliptic curve cryptosystem which can generate a symmetric secure key to ensure secure data exchange between patients and physicians after successful authentication of participants individually. A trusted server is involved for mutual authentication between parties and then generates a common key after completing the validation process. Moreover, the scheme is verified by doing formal modeling using Rubin Logic and validated using simulations in NS-2.35. We have analyzed the SAPS against security attacks, and then performance analysis is elucidated. Results prove the dominance of SAPS over preliminaries regarding mutual authentication, message integrity, freshness, and session key management and attack prevention.

  11. Assessing responsiveness of health care services within a health insurance scheme in Nigeria: users' perspectives.

    Science.gov (United States)

    Mohammed, Shafiu; Bermejo, Justo Lorenzo; Souares, Aurélia; Sauerborn, Rainer; Dong, Hengjin

    2013-12-01

    Responsiveness of health care services in low and middle income countries has been given little attention. Despite being introduced over a decade ago in many developing countries, national health insurance schemes have yet to be evaluated in terms of responsiveness of health care services. Although this responsiveness has been evaluated in many developed countries, it has rarely been done in developing countries. The concept of responsiveness is multi-dimensional and can be measured across various domains including prompt attention, dignity, communication, autonomy, choice of provider, quality of facilities, confidentiality and access to family support. This study examines the insured users' perspectives of their health care services' responsiveness. This retrospective, cross-sectional survey took place between October 2010 and March 2011. The study used a modified out-patient questionnaire from a responsiveness survey designed by the World Health Organization (WHO). Seven hundred and ninety six (796) enrolees, insured for more than one year in Kaduna State-Nigeria, were interviewed. Generalized ordered logistic regression was used to identify factors that influenced the users' perspectives on responsiveness to health services and quantify their effects. Communication (55.4%), dignity (54.1%), and quality of facilities (52.0%) were rated as "extremely important" responsiveness domains. Users were particularly contented with quality of facilities (42.8%), dignity (42.3%), and choice of provider (40.7%). Enrolees indicated lower contentment on all other domains. Type of facility, gender, referral, duration of enrolment, educational status, income level, and type of marital status were most related with responsiveness domains. Assessing the responsiveness of health care services within the NHIS is valuable in investigating the scheme's implementation. The domains of autonomy, communication and prompt attention were identified as priority areas for action to improve

  12. The pharmaceuticalisation of security: Molecular biomedicine, antiviral stockpiles, and global health security.

    Science.gov (United States)

    Elbe, Stefan

    2014-12-01

    Pharmaceuticals are now critical to the security of populations. Antivirals, antibiotics, next-generation vaccines, and antitoxins are just some of the new 'medical countermeasures' that governments are stockpiling in order to defend their populations against the threat of pandemics and bioterrorism. How has security policy come to be so deeply imbricated with pharmaceutical logics and solutions? This article captures, maps, and analyses the 'pharmaceuticalisation' of security. Through an in-depth analysis of the prominent antiviral medication Tamiflu , it shows that this pharmaceutical turn in security policy is intimately bound up with the rise of a molecular vision of life promulgated by the biomedical sciences. Caught in the crosshairs of powerful commercial, political, and regulatory pressures, governments are embracing a molecular biomedicine promising to secure populations pharmaceutically in the twenty-first century. If that is true, then the established disciplinary view of health as a predominantly secondary matter of 'low' international politics is mistaken. On the contrary, the social forces of health and biomedicine are powerful enough to influence the core practices of international politics - even those of security. For a discipline long accustomed to studying macrolevel processes and systemic structures, it is in the end also our knowledge of the minute morass of molecules that shapes international relations.

  13. Strengthening global health security by embedding the International Health Regulations requirements into national health systems.

    Science.gov (United States)

    Kluge, Hans; Martín-Moreno, Jose Maria; Emiroglu, Nedret; Rodier, Guenael; Kelley, Edward; Vujnovic, Melitta; Permanand, Govin

    2018-01-01

    The International Health Regulations (IHR) 2005, as the overarching instrument for global health security, are designed to prevent and cope with major international public health threats. But poor implementation in countries hampers their effectiveness. In the wake of a number of major international health crises, such as the 2014 Ebola and 2016 Zika outbreaks, and the findings of a number of high-level assessments of the global response to these crises, it has become clear that there is a need for more joined-up thinking between health system strengthening activities and health security efforts for prevention, alert and response. WHO is working directly with its Member States to promote this approach, more specifically around how to better embed the IHR (2005) core capacities into the main health system functions. This paper looks at how and where the intersections between the IHR and the health system can be best leveraged towards developing greater health system resilience. This merging of approaches is a key component in pursuit of Universal Health Coverage and strengthened global health security as two mutually reinforcing agendas.

  14. Critical analysis of the Bennett-Riedel attack on secure cryptographic key distributions via the Kirchhoff-Law-Johnson-noise scheme.

    Directory of Open Access Journals (Sweden)

    Laszlo B Kish

    Full Text Available Recently, Bennett and Riedel (BR (http://arxiv.org/abs/1303.7435v1 argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional security of the KLJN method has not been successfully challenged.

  15. Critical analysis of the Bennett-Riedel attack on secure cryptographic key distributions via the Kirchhoff-Law-Johnson-noise scheme.

    Science.gov (United States)

    Kish, Laszlo B; Abbott, Derek; Granqvist, Claes G

    2013-01-01

    Recently, Bennett and Riedel (BR) (http://arxiv.org/abs/1303.7435v1) argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN) classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive) attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional) security of the KLJN method has not been successfully challenged.

  16. Knowledge and uptake of community-based health insurance scheme among residents of Olowora, Lagos

    Directory of Open Access Journals (Sweden)

    O A Ibukun

    2013-01-01

    Full Text Available Background and Objective: The informal sector population in developing nations has low health coverage from Community Based Health Insurance (CBHI and problems such as limited awareness about the potential impact of prepayment health financing and the limited resources to finance health care can impede success. This study assessed the community based health insurance scheme uptake and determinants in Olowora, Lagos State. Methods: This was a descriptive cross sectional study carried out in July 2010 in all households of 12 out of 41 streets in Olowora,by multistage sampling. Four hundred and sixteen interviewer-administered questionnaires were completed and returned. Analysis was by Epi- info version 3.5.1 software. Results: Although 75.5% of respondents were aware of the Community Health Insurance scheme at Olowora, just about half (49.5% of them had good knowledge of the scheme. A substantial proportion (44.2% of respondents did not believe in contributing money for illness yet to come, and majority (72.3% of such respondents prefers payment for health care when ill. While about half (53% of respondentshad enrolled into the community health insurance scheme, 45.6% of those who had not enrolled were not aware of the scheme. Lack of money was the main reason (51.5% why some enrollees had defaulted. Conclusion: The study identified information gaps and poor understanding of the scheme as well as poverty as factors that have negatively affected uptake. The scheme management has to re-evaluate its sensitization programmes, and also strengthen marketing strategies with special emphasis on the poor.

  17. Evaluating School Health Appraisal scheme in Primary Schools ...

    African Journals Online (AJOL)

    Objectives: This study assessed school health appraisal implementation in primary schools within Abakaliki Metropolis. Materials and Methods: This was a cross sectional descriptive study of the forms of health appraisal in all 31 primary schools in Abakaliki metropolis. Relevant information was obtained from the head ...

  18. An Agile Enterprise Regulation Architecture for Health Information Security Management

    Science.gov (United States)

    Chen, Ying-Pei; Hsieh, Sung-Huai; Chien, Tsan-Nan; Chen, Heng-Shuen; Luh, Jer-Junn; Lai, Jin-Shin; Lai, Feipei; Chen, Sao-Jie

    2010-01-01

    Abstract Information security management for healthcare enterprises is complex as well as mission critical. Information technology requests from clinical users are of such urgency that the information office should do its best to achieve as many user requests as possible at a high service level using swift security policies. This research proposes the Agile Enterprise Regulation Architecture (AERA) of information security management for healthcare enterprises to implement as part of the electronic health record process. Survey outcomes and evidential experiences from a sample of medical center users proved that AERA encourages the information officials and enterprise administrators to overcome the challenges faced within an electronically equipped hospital. PMID:20815748

  19. An agile enterprise regulation architecture for health information security management.

    Science.gov (United States)

    Chen, Ying-Pei; Hsieh, Sung-Huai; Cheng, Po-Hsun; Chien, Tsan-Nan; Chen, Heng-Shuen; Luh, Jer-Junn; Lai, Jin-Shin; Lai, Feipei; Chen, Sao-Jie

    2010-09-01

    Information security management for healthcare enterprises is complex as well as mission critical. Information technology requests from clinical users are of such urgency that the information office should do its best to achieve as many user requests as possible at a high service level using swift security policies. This research proposes the Agile Enterprise Regulation Architecture (AERA) of information security management for healthcare enterprises to implement as part of the electronic health record process. Survey outcomes and evidential experiences from a sample of medical center users proved that AERA encourages the information officials and enterprise administrators to overcome the challenges faced within an electronically equipped hospital.

  20. Shared Electronic Health Record Systems: Key Legal and Security Challenges.

    Science.gov (United States)

    Christiansen, Ellen K; Skipenes, Eva; Hausken, Marie F; Skeie, Svein; Østbye, Truls; Iversen, Marjolein M

    2017-11-01

    Use of shared electronic health records opens a whole range of new possibilities for flexible and fruitful cooperation among health personnel in different health institutions, to the benefit of the patients. There are, however, unsolved legal and security challenges. The overall aim of this article is to highlight legal and security challenges that should be considered before using shared electronic cooperation platforms and health record systems to avoid legal and security "surprises" subsequent to the implementation. Practical lessons learned from the use of a web-based ulcer record system involving patients, community nurses, GPs, and hospital nurses and doctors in specialist health care are used to illustrate challenges we faced. Discussion of possible legal and security challenges is critical for successful implementation of shared electronic collaboration systems. Key challenges include (1) allocation of responsibility, (2) documentation routines, (3) and integrated or federated access control. We discuss and suggest how challenges of legal and security aspects can be handled. This discussion may be useful for both current and future users, as well as policy makers.

  1. Mutual Authentication Scheme in Secure Internet of Things Technology for Comfortable Lifestyle.

    Science.gov (United States)

    Park, Namje; Kang, Namhi

    2015-12-24

    The Internet of Things (IoT), which can be regarded as an enhanced version of machine-to-machine communication technology, was proposed to realize intelligent thing-to-thing communications by utilizing the Internet connectivity. In the IoT, "things" are generally heterogeneous and resource constrained. In addition, such things are connected to each other over low-power and lossy networks. In this paper, we propose an inter-device authentication and session-key distribution system for devices with only encryption modules. In the proposed system, unlike existing sensor-network environments where the key distribution center distributes the key, each sensor node is involved with the generation of session keys. In addition, in the proposed scheme, the performance is improved so that the authenticated device can calculate the session key in advance. The proposed mutual authentication and session-key distribution system can withstand replay attacks, man-in-the-middle attacks, and wiretapped secret-key attacks.

  2. Mutual Authentication Scheme in Secure Internet of Things Technology for Comfortable Lifestyle

    Directory of Open Access Journals (Sweden)

    Namje Park

    2015-12-01

    Full Text Available The Internet of Things (IoT, which can be regarded as an enhanced version of machine-to-machine communication technology, was proposed to realize intelligent thing-to-thing communications by utilizing the Internet connectivity. In the IoT, “things” are generally heterogeneous and resource constrained. In addition, such things are connected to each other over low-power and lossy networks. In this paper, we propose an inter-device authentication and session-key distribution system for devices with only encryption modules. In the proposed system, unlike existing sensor-network environments where the key distribution center distributes the key, each sensor node is involved with the generation of session keys. In addition, in the proposed scheme, the performance is improved so that the authenticated device can calculate the session key in advance. The proposed mutual authentication and session-key distribution system can withstand replay attacks, man-in-the-middle attacks, and wiretapped secret-key attacks.

  3. The national health insurance scheme: perceptions and experiences of health care providers and clients in two districts of Ghana

    OpenAIRE

    Dalinjong, Philip Ayizem; Laar, Alexander Suuk

    2012-01-01

    Background: Prepayments and risk pooling through social health insurance has been advocated by international development organizations. Social health insurance is seen as a mechanism that helps mobilize resources for health, pool risk, and provide more access to health care services for the poor. Hence Ghana implemented the National Health Insurance Scheme (NHIS) to help promote access to health care services for Ghanaians. The study examined the influence of the NHIS on the behavior of healt...

  4. Health and Social Security Needs of Rickshaw Pullers in Ranchi.

    Science.gov (United States)

    Kumar, Anant; Thomas, Joe; Wadhwa, Sonal S; Mishra, Aprajita; Dasgupta, Smita

    2016-07-01

    A significant number of "marginalized" population groups are denied their health rights, healthcare access, benefits of government health programs, and other health-related social security benefits. These population groups, particularly the rickshaw pullers of India, are vulnerable because of their poor social and economic status, migration history, lack of permanent settlements, lack of social capital, and so on. These reasons, coupled with other social-political reasons, lead to no or limited access to health services and poor health conditions. This study intends to explore and understand the context and health seeking behavior of rickshaw pullers in Ranchi, the capital city of Jharkhand state in India, with special reference to wider social determinants of health such as, access, affordability, and delivery of health services. The data was collected from 1,000 rickshaw pullers from 40 "rickshaw garages" in Ranchi. The findings of the study show that rickshaw pullers can't afford to "attach" much importance to their health due to various reasons and suffer from a variety of occupational and other illnesses. The health conditions of the rickshaw pullers are affected by poverty, negligence, illiteracy, lack of awareness and unavailability of affordable, quality health services. These are only a symptom of the larger structural issues affecting health. The study suggests that rickshaw pullers, being a marginalized and excluded population group, require special health and social security programs that include safe, affordable, and accessible services along with a special focus on health education, behavior change, and promotion of appropriate health-seeking behavior.

  5. On the security of 3D Cat map based symmetric image encryption scheme

    International Nuclear Information System (INIS)

    Wang Kai; Pei, W.-J.; Zou, Liuhua; Song Aiguo; He Zhenya

    2005-01-01

    A 3D Cat map based symmetric image encryption algorithm, which significantly increases the resistance against statistical and differential attacks, has been proposed recently. It employs a 3D Cat map to shuffle the positions of image pixels and uses the Logistic map to diffuse the relationship between the cipher-image and the plain-image. Based on the factor that it is sufficient to break this cryptosystem only with the equivalent control parameters, some fundamental weaknesses of the cryptosystem are pointed out. With the knowledge of symbolic dynamics and some specially designed plain-images, we can calculate the equivalent initial condition of diffusion process and rebuild a valid equivalent 3D Cat matrix. In this Letter, we will propose a successful chosen-plain-text cryptanalytic attack, which is composed of two mutually independent procedures: the cryptanalysis of the diffusion process and the cryptanalysis of the spatial permutation process. Both theoretical and experimental results show that the lack of security discourages the use of these cryptosystems for practical applications

  6. Secure and Efficient Access Control Scheme for Wireless Sensor Networks in the Cross-Domain Context of the IoT

    Directory of Open Access Journals (Sweden)

    Ming Luo

    2018-01-01

    Full Text Available Nowadays wireless sensor network (WSN is increasingly being used in the Internet of Things (IoT for data collection, and design of an access control scheme that allows an Internet user as part of IoT to access the WSN becomes a hot topic. A lot of access control schemes have been proposed for the WSNs in the context of the IoT. Nevertheless, almost all of these schemes assume that communication nodes in different network domains share common system parameters, which is not suitable for cross-domain IoT environment in practical situations. To solve this shortcoming, we propose a more secure and efficient access control scheme for wireless sensor networks in the cross-domain context of the Internet of Things, which allows an Internet user in a certificateless cryptography (CLC environment to communicate with a sensor node in an identity-based cryptography (IBC environment with different system parameters. Moreover, our proposed scheme achieves known session-specific temporary information security (KSSTIS that most of access control schemes cannot satisfy. Performance analysis is given to show that our scheme is well suited for wireless sensor networks in the cross-domain context of the IoT.

  7. Low enrolment in Ugandan Community Health Insurance Schemes: underlying causes and policy implications

    Directory of Open Access Journals (Sweden)

    Criel Bart

    2007-07-01

    Full Text Available Abstract Background Despite the promotion of Community Health Insurance (CHI in Uganda in the second half of the 90's, mainly under the impetus of external aid organisations, overall membership has remained low. Today, some 30,000 persons are enrolled in about a dozen different schemes located in Central and Southern Uganda. Moreover, most of these schemes were created some 10 years ago but since then, only one or two new schemes have been launched. The dynamic of CHI has apparently come to a halt. Methods A case study evaluation was carried out on two selected CHI schemes: the Ishaka and the Save for Health Uganda (SHU schemes. The objective of this evaluation was to explore the reasons for the limited success of CHI. The evaluation involved review of the schemes' records, key informant interviews and exit polls with both insured and non-insured patients. Results Our research points to a series of not mutually exclusive explanations for this under-achievement at both the demand and the supply side of health care delivery. On the demand side, the following elements have been identified: lack of basic information on the scheme's design and operation, limited understanding of the principles underlying CHI, limited community involvement and lack of trust in the management of the schemes, and, last but not least, problems in people's ability to pay the insurance premiums. On the supply-side, we have identified the following explanations: limited interest and knowledge of health care providers and managers of CHI, and the absence of a coherent policy framework for the development of CHI. Conclusion The policy implications of this study refer to the need for the government to provide the necessary legislative, technical and regulative support to CHI development. The main policy challenge however is the need to reconcile the government of Uganda's interest in promoting CHI with the current policy of abolition of user fees in public facilities.

  8. Health worker preferences for performance-based payment schemes in a rural health district in Burkina Faso

    Directory of Open Access Journals (Sweden)

    Maurice Yé

    2016-01-01

    Full Text Available Background: One promising way to improve the motivation of healthcare providers and the quality of healthcare services is performance-based incentives (PBIs also referred as performance-based financing. Our study aims to explore healthcare providers’ preferences for an incentive scheme based on local resources, which aimed at improving the quality of maternal and child health care in the Nouna Health District. Design: A qualitative and quantitative survey was carried out in 2010 involving 94 healthcare providers within 34 health facilities. In addition, in-depth interviews involving a total of 33 key informants were conducted at health facility levels. Results: Overall, 85% of health workers were in favour of an incentive scheme based on the health district's own financial resources (95% CI: [71.91; 88.08]. Most health workers (95 and 96% expressed a preference for financial incentives (95% CI: [66.64; 85.36] and team-based incentives (95% CI: [67.78; 86.22], respectively. The suggested performance indicators were those linked to antenatal care services, prevention of mother-to-child human immunodeficiency virus transmission, neonatal care, and immunization. Conclusions: The early involvement of health workers and other stakeholders in designing an incentive scheme proved to be valuable. It ensured their effective participation in the process and overall acceptance of the scheme at the end. This study is an important contribution towards the designing of effective PBI schemes.

  9. National Health Insurance Scheme: How Protected Are Households in Oyo State, Nigeria from Catastrophic Health Expenditure?

    Directory of Open Access Journals (Sweden)

    Olayinka Stephen Ilesanmi

    2014-05-01

    Full Text Available Background The major objective of the National Health Insurance Scheme (NHIS in Nigeria is to protect families from the financial hardship of large medical bills. Catastrophic Health Expenditure (CHE is rampart in Nigeria despite the take-off of the NHIS. This study aimed to determine if households enrolled in the NHIS were protected from having CHE. Methods The study took place among 714 households in urban communities of Oyo State. CHE was measured using a threshold of 40% of monthly non-food expenditure. Descriptive statistics were done, Principal Component Analysis was used to divide households into wealth quintiles. Chi-square test and binary logistic regression were done. Results The mean age of household respondent was 33.5 years. The median household income was 43,500 naira (290 US dollars and the range was 7,000–680,000 naira (46.7–4,533 US dollars in 2012. The overall median household healthcare cost was 890 naira (5.9 US dollars and the range was 10-17,700 naira (0.1–118 US dollars in 2012. In all, 67 (9.4% households were enrolled in NHIS scheme. Healthcare services was utilized by 637 (82.9% and CHE occurred in 42 (6.6% households. CHE occurred in 14 (10.9% of the households in the lowest quintile compared to 3 (2.5% in the highest wealth quintile (P= 0.004. The odds of CHE among households in lowest wealth quintile is about 5 times. They had Crude OR (CI: 4.7 (1.3–16.8, P= 0.022. Non enrolled households were two times likely to have CHE, though not significant Conclusion Households in the lowest wealth quintiles were at higher risk of CHE. Universal coverage of health insurance in Nigeria should be fast-tracked to give the expected financial risk protection and decreased incidence of CHE.

  10. Essays on evaluating a community based health insurance scheme in rural Ethiopia

    NARCIS (Netherlands)

    A.D. Mebratie (Anagaw)

    2015-01-01

    markdownabstract__Abstract__ Since the late 1990s, in a move away from user fees for health care and with the aim of creating universal access, several low and middle income countries have set up community-based health insurance (CBHI) schemes. Following this approach, in June 2011, with the

  11. National health insurance scheme and provision of oral care in ...

    African Journals Online (AJOL)

    Though oral diseases are preventable, many people across the globe still suffer from pain and discomfort associated with oral diseases. The attainment of optimum oral health is impeded by a number of obstacles which include the cost and affordability of treatment, poor access due to workforce shortages and inequitable ...

  12. Financial viability of district mutual health insurance schemes of ...

    African Journals Online (AJOL)

    Since its implementation, unsubstantiated reports indicate increasing health care and administra-tive costs of the various DMHIS across the country without any corresponding increase in the premium level. We sought to assess the financial viability of the DMHIS in Lawra (LDMHIS) and Sissala East (SEDMHIS) districts, ...

  13. Security Concerns in Android mHealth Apps

    OpenAIRE

    He, Dongjing; Naveed, Muhammad; Gunter, Carl A.; Nahrstedt, Klara

    2014-01-01

    Mobile Health (mHealth) applications lie outside of regulatory protection such as HIPAA, which requires a baseline of privacy and security protections appropriate to sensitive medical data. However, mHealth apps, particularly those in the app stores for iOS and Android, are increasingly handling sensitive data for both professionals and patients. This paper presents a series of three studies of the mHealth apps in Google Play that show that mHealth apps make widespread use of unsecured Intern...

  14. Security and privacy in electronic health records: a systematic literature review.

    Science.gov (United States)

    Fernández-Alemán, José Luis; Señor, Inmaculada Carrión; Lozoya, Pedro Ángel Oliver; Toval, Ambrosio

    2013-06-01

    To report the results of a systematic literature review concerning the security and privacy of electronic health record (EHR) systems. Original articles written in English found in MEDLINE, ACM Digital Library, Wiley InterScience, IEEE Digital Library, Science@Direct, MetaPress, ERIC, CINAHL and Trip Database. Only those articles dealing with the security and privacy of EHR systems. The extraction of 775 articles using a predefined search string, the outcome of which was reviewed by three authors and checked by a fourth. A total of 49 articles were selected, of which 26 used standards or regulations related to the privacy and security of EHR data. The most widely used regulations are the Health Insurance Portability and Accountability Act (HIPAA) and the European Data Protection Directive 95/46/EC. We found 23 articles that used symmetric key and/or asymmetric key schemes and 13 articles that employed the pseudo anonymity technique in EHR systems. A total of 11 articles propose the use of a digital signature scheme based on PKI (Public Key Infrastructure) and 13 articles propose a login/password (seven of them combined with a digital certificate or PIN) for authentication. The preferred access control model appears to be Role-Based Access Control (RBAC), since it is used in 27 studies. Ten of these studies discuss who should define the EHR systems' roles. Eleven studies discuss who should provide access to EHR data: patients or health entities. Sixteen of the articles reviewed indicate that it is necessary to override defined access policies in the case of an emergency. In 25 articles an audit-log of the system is produced. Only four studies mention that system users and/or health staff should be trained in security and privacy. Recent years have witnessed the design of standards and the promulgation of directives concerning security and privacy in EHR systems. However, more work should be done to adopt these regulations and to deploy secure EHR systems. Copyright

  15. Examining the Impact of Non-Technical Security Management Factors on Information Security Management in Health Informatics

    Science.gov (United States)

    Imam, Abbas H.

    2013-01-01

    Complexity of information security has become a major issue for organizations due to incessant threats to information assets. Healthcare organizations are particularly concerned with security owing to the inherent vulnerability of sensitive information assets in health informatics. While the non-technical security management elements have been at…

  16. Global agenda, local health: including concepts of health security in preparedness programs at the jurisdictional level.

    Science.gov (United States)

    Eby, Chas

    2014-01-01

    The Global Health Security Agenda's objectives contain components that could help health departments address emerging public health challenges that threaten the population. As part of the agenda, partner countries with advanced public health systems will support the development of infrastructure in stakeholder health departments. To facilitate this process and augment local programs, state and local health departments may want to include concepts of health security in their public health preparedness offices in order to simultaneously build capacity. Health security programs developed by public health departments should complete projects that are closely aligned with the objectives outlined in the global agenda and that facilitate the completion of current preparedness grant requirements. This article identifies objectives and proposes tactical local projects that run parallel to the 9 primary objectives of the Global Health Security Agenda. Executing concurrent projects at the international and local levels in preparedness offices will accelerate the completion of these objectives and help prevent disease epidemics, detect health threats, and respond to public health emergencies. Additionally, future funding tied or related to health security may become more accessible to state and local health departments that have achieved these objectives.

  17. Stakeholders Perspectives on the Success Drivers in Ghana's National Health Insurance Scheme - Identifying Policy Translation Issues.

    Science.gov (United States)

    Fusheini, Adam; Marnoch, Gordon; Gray, Ann Marie

    2016-10-01

    Ghana's National Health Insurance Scheme (NHIS), established by an Act of Parliament (Act 650), in 2003 and since replaced by Act 852 of 2012 remains, in African terms, unprecedented in terms of growth and coverage. As a result, the scheme has received praise for its associated legal reforms, clinical audit mechanisms and for serving as a hub for knowledge sharing and learning within the context of South-South cooperation. The scheme continues to shape national health insurance thinking in Africa. While the success, especially in coverage and financial access has been highlighted by many authors, insufficient attention has been paid to critical and context-specific factors. This paper seeks to fill that gap. Based on an empirical qualitative case study of stakeholders' views on challenges and success factors in four mutual schemes (district offices) located in two regions of Ghana, the study uses the concept of policy translation to assess whether the Ghana scheme could provide useful lessons to other African and developing countries in their quest to implement social/NHISs. In the study, interviewees referred to both 'hard and soft' elements as driving the "success" of the Ghana scheme. The main 'hard elements' include bureaucratic and legal enforcement capacities; IT; financing; governance, administration and management; regulating membership of the scheme; and service provision and coverage capabilities. The 'soft' elements identified relate to: the background/context of the health insurance scheme; innovative ways of funding the NHIS, the hybrid nature of the Ghana scheme; political will, commitment by government, stakeholders and public cooperation; social structure of Ghana (solidarity); and ownership and participation. Other developing countries can expect to translate rather than re-assemble a national health insurance programme in an incomplete and highly modified form over a period of years, amounting to a process best conceived as germination as opposed

  18. Role of Reproductive Health Commodity Security on Maternal and ...

    African Journals Online (AJOL)

    Methods: A Medline search and search of other internet search engines for published studies on contraceptive commodity security and maternal and child health in West Africa was done. The journals were accessed online and from public libraries. Results: Contraceptive prevalence rate in West Africa is generally low.

  19. Effect of economic and security challenges on the Nigerian health ...

    African Journals Online (AJOL)

    Effect of economic and security challenges on the Nigerian health sector. Folashade T Alloh1, Pramod R Regmi1,2. 1. ... oil accounts for 75% of Nigeria's economy, so the fall in oil prices, therefore, has a significant impact on ... corruption surrounding many of the country's lawmakers in different scandals over the years have ...

  20. Designing an Health Insurance Scheme for Government Employees in Bangladesh: A Concept Paper

    OpenAIRE

    Hamid, Syed Abdul

    2014-01-01

    Introducing compulsory health insurance for government employees bears immense importance for stepping towards universal healthcare coverage in Bangladesh. Lack of scientific study on designing such scheme, in the Bangladesh context, motivates this paper. The study aims at designing a comprehensive insurance package simultaneously covering health, life and accident related disability risks of the public employees, where the health component would extend to all dependent family members. ...

  1. Health financing reform in Uganda: How equitable is the proposed National Health Insurance scheme?

    Directory of Open Access Journals (Sweden)

    Orem Juliet

    2010-10-01

    Full Text Available Abstract Background Uganda is proposing introduction of the National Health Insurance scheme (NHIS in a phased manner with the view to obtaining additional funding for the health sector and promoting financial risk protection. In this paper, we have assessed the proposed NHIS from an equity perspective, exploring the extent to which NHIS would improve existing disparities in the health sector. Methods We reviewed the proposed design and other relevant documents that enhanced our understanding of contextual issues. We used the Kutzin and fair financing frameworks to critically assess the impact of NHIS on overall equity in financing in Uganda. Results The introduction of NHIS is being proposed against the backdrop of inequalities in the distribution of health system inputs between rural and urban areas, different levels of care and geographic areas. In this assessment, we find that gradual implementation of NHIS will result in low coverage initially, which might pose a challenge for effective management of the scheme. The process for accreditation of service providers during the first phase is not explicit on how it will ensure that a two-tier service provision arrangement does not emerge to cater for different types of patients. If the proposed fee-for-service mechanism of reimbursing providers is pursued, utilisation patterns will determine how resources are allocated. This implies that equity in resource allocation will be determined by the distribution of accredited providers, and checks put in place to prohibit frivolous use. The current design does not explicitly mention how these two issues will be tackled. Lastly, there is no clarity on how the NHIS will fit into, and integrate within existing financing mechanisms. Conclusion Under the current NHIS design, the initial low coverage in the first years will inhibit optimal achievement of the important equity characteristics of pooling, cross-subsidisation and financial protection. Depending

  2. eHealth in Belgium, a new "secure" federal network: role of patients, health professions and social security services.

    Science.gov (United States)

    France, Francis Roger

    2011-02-01

    eHealth platform is the official federal network in Belgium (created by law on 21 August 2008) devoted to a secure exchange of health data in many types of applications, such as health care purposes, simplification of administrative procedures and contribution to health policy. It implies a controlled access to decentralized databases and uses encrypted personal data. The national identification number has been chosen in order to authenticate the requester, the patient, and the receiver of information exchange. Authorizations have to be respected in order to obtain personal health data. Several questions are raised about its security: the lack of mandatory request for systematic journaling on accesses to the electronic patient record as well as the absence of explicit procedures for sanctions in case of unauthorized access, the new role of social security administration in managing security where a eHealth manager can be both judge and party (in the function of trusted third party for health data encryption and of a required lawyer for texts proposed by physicians to the Commission for the protection of private life). Another critic concerns the number of physicians in minority and the absence of patients' delegates in the eHealth Board. At a time when the patient is becoming a partner in the care team, should not he be the gate-keeper for the access to his own health record? How could networks help him to get the appropriate knowledge to contribute to care and to write his testament of life? Recent laws (on private life, patient rights and euthanasia) have contributed to a behavioural change in citizens and physician attitudes. Recommendations are made in order to improve the acceptability of eHealth platform. Copyright © 2010 Elsevier Ireland Ltd. All rights reserved.

  3. [Planning a Health Residence for Prison Security Measures, Tuscany (Italy)].

    Science.gov (United States)

    Porfido, Eugenio; Colombai, Renato; Scarpa, Franco; Totaro, Michele; Tani, Luca; Baldini, Claudio; Baggiani, Angelo

    2016-01-01

    Health Residences for Prison Security Measures are facilities hosting psychotic persons who have committed crimes and providing them with personalized rehabilitation and treatment plans to promote their reinstatement in society. The aim of this study was to describe the criteria for planning and designing a prison health residence in the Tuscany region (Italy), to be managed by the regional healthcare service, in line with current regulations, with dedicated staff for providing specific treatment plans and programmes.

  4. Ghana's National Health insurance scheme and maternal and child health: a mixed methods study.

    Science.gov (United States)

    Singh, Kavita; Osei-Akoto, Isaac; Otchere, Frank; Sodzi-Tettey, Sodzi; Barrington, Clare; Huang, Carolyn; Fordham, Corinne; Speizer, Ilene

    2015-03-17

    Ghana is attracting global attention for efforts to provide health insurance to all citizens through the National Health Insurance Scheme (NHIS). With the program's strong emphasis on maternal and child health, an expectation of the program is that members will have increased use of relevant services. This paper uses qualitative and quantitative data from a baseline assessment for the Maternal and Newborn errals Evaluation from the Northern and Central Regions to describe women's experiences with the NHIS and to study associations between insurance and skilled facility delivery, antenatal care and early care-seeking for sick children. The assessment included a quantitative household survey (n = 1267 women), a quantitative community leader survey (n = 62), qualitative birth narratives with mothers (n = 20) and fathers (n = 18), key informant interviews with health care workers (n = 5) and focus groups (n = 3) with community leaders and stakeholders. The key independent variables for the quantitative analyses were health insurance coverage during the past three years (categorized as all three years, 1-2 years or no coverage) and health insurance during the exact time of pregnancy. Quantitative findings indicate that insurance coverage during the past three years and insurance during pregnancy were associated with greater use of facility delivery but not ANC. Respondents with insurance were also significantly more likely to indicate that an illness need not be severe for them to take a sick child for care. The NHIS does appear to enable pregnant women to access services and allow caregivers to seek care early for sick children, but both the quantitative and qualitative assessments also indicated that the poor and least educated were less likely to have insurance than their wealthier and more educated counterparts. Findings from the qualitative interviews uncovered specific challenges women faced regarding registration for the NHIS and other

  5. China in transition: the new health insurance scheme for the urban employed.

    Science.gov (United States)

    Hindle, D

    2000-01-01

    China has been very successful in achieving good health at a low cost, mostly through national programs for health promotion and illness prevention. However, increased prosperity in recent years has led to higher expectations for therapeutic care, and the change to a socialist market economy has created new risks and opportunities for both financing and care provision. After several years of experimentation, China committed itself in 1996 to a major reform program which includes implementation of a new method of financing of care for the urban employed population. It comprises a mix of government-operated compulsory basic insurance, individual health savings accounts, and optional private health insurance. This paper outlines the new Scheme, and notes some tactical and strategic issues. I conclude that the Chinese government is correctly choosing to balance new and old ideas, but that there are many challenges to be faced including integration of the new Scheme with the rest of the health care system.

  6. A computer science approach to managing security in health care.

    Science.gov (United States)

    Asirelli, P; Braccini, G; Caramella, D; Coco, A; Fabbrini, F

    2002-09-01

    The security of electronic medical information is very important for health care organisations, which have to ensure confidentiality, integrity and availability of the information provided. This paper will briefly outline the legal measures adopted by the European Community, Italy and the United States to regulate the use and disclosure of medical records. It will then go on to highlight how information technology can help to address these issues with special reference to the management of organisation policies. To this end, we will present a modelling example for the security policy of a radiological department.

  7. Security and privacy issues with health care information technology.

    Science.gov (United States)

    Meingast, Marci; Roosta, Tanya; Sastry, Shankar

    2006-01-01

    The face of health care is changing as new technologies are being incorporated into the existing infrastructure. Electronic patient records and sensor networks for in-home patient monitoring are at the current forefront of new technologies. Paper-based patient records are being put in electronic format enabling patients to access their records via the Internet. Remote patient monitoring is becoming more feasible as specialized sensors can be placed inside homes. The combination of these technologies will improve the quality of health care by making it more personalized and reducing costs and medical errors. While there are benefits to technologies, associated privacy and security issues need to be analyzed to make these systems socially acceptable. In this paper we explore the privacy and security implications of these next-generation health care technologies. We describe existing methods for handling issues as well as discussing which issues need further consideration.

  8. National health insurance scheme: How receptive are the private healthcare practitioners in a local government area of Lagos state

    OpenAIRE

    Campbell Princess Christina; Taiwo Toyin Latifat; Nnaji Feziechukwu Collins; Abolarin Thaddeus Olatunbosun

    2014-01-01

    Background: National Health Insurance Scheme (NHIS) is one of the health financing options adopted by Nigeria for improved healthcare access especially to the low income earners. One of the key operators of the scheme is the health care providers, thus their uptake of the scheme is fundamental to the survival of the scheme. The study reviewed the uptake of the NHIS by private health care providers in a Local Government Area in Lagos State. Objective: To assess the uptake of the NHIS by privat...

  9. Social capital and active membership in the Ghana National Health Insurance Scheme - a mixed method study.

    Science.gov (United States)

    Fenenga, Christine J; Nketiah-Amponsah, Edward; Ogink, Alice; Arhinful, Daniel K; Poortinga, Wouter; Hutter, Inge

    2015-11-02

    People's decision to enroll in a health insurance scheme is determined by socio-cultural and socio-economic factors. On request of the National health Insurance Authority (NHIA) in Ghana, our study explores the influence of social relationships on people's perceptions, behavior and decision making to enroll in the National Health Insurance Scheme. This social scheme, initiated in 2003, aims to realize accessible quality healthcare services for the entire population of Ghana. We look at relationships of trust and reciprocity between individuals in the communities (so called horizontal social capital) and between individuals and formal health institutions (called vertical social capital) in order to determine whether these two forms of social capital inhibit or facilitate enrolment of clients in the scheme. Results can support the NHIA in exploiting social capital to reach their objective and strengthen their policy and practice. We conducted 20 individual- and seven key-informant interviews, 22 focus group discussions, two stakeholder meetings and a household survey, using a random sample of 1903 households from the catchment area of 64 primary healthcare facilities. The study took place in Greater Accra Region and Western Regions in Ghana between June 2011 and March 2012. While social developments and increased heterogeneity seem to reduce community solidarity in Ghana, social networks remain common in Ghana and are valued for their multiple benefits (i.e. reciprocal trust and support, information sharing, motivation, risk sharing). Trusting relations with healthcare and insurance providers are, according healthcare clients, based on providers' clear communication, attitude, devotion, encouragement and reliability of services. Active membership of the NHIS is positive associated with community trust, trust in healthcare providers and trust in the NHIS (p-values are .009, .000 and .000 respectively). Social capital can motivate clients to enroll in health insurance

  10. 75 FR 43528 - Seeking Public Comment on Draft National Health Security Strategy Biennial Implementation Plan

    Science.gov (United States)

    2010-07-26

    ... National Health Security Strategy Biennial Implementation Plan AGENCY: Department of Health and Human... National Health Security Strategy (NHSS) of the United States of America (2009) and build upon the NHSS Interim Implementation Guide for the National Health Security Strategy of the United States of America...

  11. A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

    Science.gov (United States)

    Chang, Ya-Fen; Yu, Shih-Hui; Shiao, Ding-Rui

    2013-04-01

    Connected health care provides new opportunities for improving financial and clinical performance. Many connected health care applications such as telecare medicine information system, personally controlled health records system, and patient monitoring have been proposed. Correct and quality care is the goal of connected heath care, and user authentication can ensure the legality of patients. After reviewing authentication schemes for connected health care applications, we find that many of them cannot protect patient privacy such that others can trace users/patients by the transmitted data. And the verification tokens used by these authentication schemes to authenticate users or servers are only password, smart card and RFID tag. Actually, these verification tokens are not unique and easy to copy. On the other hand, biometric characteristics, such as iris, face, voiceprint, fingerprint and so on, are unique, easy to be verified, and hard to be copied. In this paper, a biometrics-based user authentication scheme will be proposed to ensure uniqueness and anonymity at the same time. With the proposed scheme, only the legal user/patient himself/herself can access the remote server, and no one can trace him/her according to transmitted data.

  12. Secure Metering Schemes

    Science.gov (United States)

    Blundo, Carlo; Cimato, Stelvio; Masucci, Barbara

    The current trend on the Internet suggests that the majority of revenues of web sites come from the advertising potential of the World Wide Web. Advertising is arguably the type of commercial information exchange of the greatest economic importance in the real world. Indeed, advertising is what funds most other forms of information exchange, including radio stations, television stations, cable networks, magazines, and newspapers. According to the figures provided by the Internet Advertising Bureau [24] and Price Waterhouse Coopers [43], advertising revenue results for the first 9 months of 2004 totaled slightly over 7.0 billion dollars.

  13. Autonomy and Financial Sources, Key Factors in the Performance of Health Insurance Scheme: Case of Albania

    Directory of Open Access Journals (Sweden)

    Enkelejda Avdi

    2013-12-01

    Full Text Available Autonomy of public health insurance scheme comprises political, financial, organizational, normative and contractual aspects. The paper analyses the role and position of a health insurance scheme (HIS within the overall healthcare system in Albania, the relationship to all other institutions, stakeholders and actors. By analyesing published literature and collected data through secondary sources, the paper focuses on financial autonomy, which refers first of all to a certain level of budgetary independence regarding source generation and spending on health services. For assuring effective and efficient performance of the single payer for health care services in Albania, need effective changes in the legislation do take into account the various levels of autonomy mentioned above.

  14. PKI-based secure mobile access to electronic health services and data.

    Science.gov (United States)

    Kambourakis, G; Maglogiannis, I; Rouskas, A

    2005-01-01

    Recent research works examine the potential employment of public-key cryptography schemes in e-health environments. In such systems, where a Public Key Infrastructure (PKI) is established beforehand, Attribute Certificates (ACs) and public key enabled protocols like TLS, can provide the appropriate mechanisms to effectively support authentication, authorization and confidentiality services. In other words, mutual trust and secure communications between all the stakeholders, namely physicians, patients and e-health service providers, can be successfully established and maintained. Furthermore, as the recently introduced mobile devices with access to computer-based patient record systems are expanding, the need of physicians and nurses to interact increasingly with such systems arises. Considering public key infrastructure requirements for mobile online health networks, this paper discusses the potential use of Attribute Certificates (ACs) in an anticipated trust model. Typical trust interactions among doctors, patients and e-health providers are presented, indicating that resourceful security mechanisms and trust control can be obtained and implemented. The application of attribute certificates to support medical mobile service provision along with the utilization of the de-facto TLS protocol to offer competent confidentiality and authorization services is also presented and evaluated through experimentation, using both the 802.11 WLAN and General Packet Radio Service (GPRS) networks.

  15. A scheme for a flexible classification of dietary and health biomarkers

    DEFF Research Database (Denmark)

    Gao, Qian; Pratico, Giulia; Scalbert, Augustin

    2017-01-01

    to have a solid scheme for biomarker classification that will provide a well-defined ontology for the field. In this manuscript, we provide an improved scheme for biomarker classification based on their intended use rather than the technology or outcomes (six subclasses are suggested: food compound intake...... in the scientific literature. However, the existing concepts for classification of biomarkers in the dietary and health area may be ambiguous, leading to uncertainty about their application. In order to better understand the potential of biomarkers and to communicate their use and application, it is imperative...... with previous biomarker classification for this field of research....

  16. Privacy, security, and the public health researcher in the era of electronic health record research.

    Science.gov (United States)

    Goldstein, Neal D; Sarwate, Anand D

    2016-01-01

    Health data derived from electronic health records are increasingly utilized in large-scale population health analyses. Going hand in hand with this increase in data is an increasing number of data breaches. Ensuring privacy and security of these data is a shared responsibility between the public health researcher, collaborators, and their institutions. In this article, we review the requirements of data privacy and security and discuss epidemiologic implications of emerging technologies from the computer science community that can be used for health data. In order to ensure that our needs as researchers are captured in these technologies, we must engage in the dialogue surrounding the development of these tools.

  17. Blockchain Technology: A new secured Electronic Health Record System

    OpenAIRE

    Tamazirt , Lotfi; Alilat , Farid; Agoulmine , Nazim

    2018-01-01

    International audience; Nowadays, health systems are looking for effective ways to manage more patients in a shorter time, and to increase the quality of care through better coordination to provide quick, accurate and non-invasive diagnostics to patients. This paper aims to solve the dependence on trusted third parties by proposing a new management strategy, storage and security in a decentralized network through Blockchain technology. The proposed system also aims to offer a solution to help...

  18. Family Economic Security Policies and Child and Family Health.

    Science.gov (United States)

    Spencer, Rachael A; Komro, Kelli A

    2017-03-01

    In this review, we examine the effects of family economic security policies (i.e., minimum wage, earned income tax credit, unemployment insurance, Temporary Assistance to Needy Families) on child and family health outcomes, summarize policy generosity across states in the USA, and discuss directions and possibilities for future research. This manuscript is an update to a review article that was published in 2014. Millions of Americans are affected by family economic security policies each year, many of whom are the most vulnerable in society. There is increasing evidence that these policies impact health outcomes and behaviors of adults and children. Further, research indicates that, overall, policies which are more restrictive are associated with poorer health behaviors and outcomes; however, the strength of the evidence differs across each of the four policies. There is significant diversity in state-level policies, and it is plausible that these policy variations are contributing to health disparities across and within states. Despite increasing evidence of the relationship between economic policies and health, there continues to be limited attention to this issue. State policy variations offer a valuable opportunity for scientists to conduct natural experiments and contribute to evidence linking social policy effects to family and child well-being. The mounting evidence will help to guide future research and policy making for evolving toward a more nurturing society for family and child health and well-being.

  19. How is health a security issue? Politics, responses and issues.

    Science.gov (United States)

    Lo Yuk-ping, Catherine; Thomas, Nicholas

    2010-11-01

    In the closing decade of the 20th century the myriad challenges posed by infectious disease in a globalized environment began to be re-conceptualized as threats to national and human security. The most widely applied model for identifying and responding to such threats is securitization theory, as proposed by the Copenhagen School. Although its analytical framework is generally accepted, its utility remains contested; especially in non-European and non-state settings. The papers in this special edition have several aims: (1) to analyse ways by which Asian states and international organizations have identified health challenges as security threats, (2) to draw upon the securitization model as a way of understanding the full extent to which these states and international organizations have responded to the health threat, and (3) to identify areas where the theory might be strengthened so as to provide greater analytical clarity in areas of health security. This paper acts as a broad introduction to a set of papers on 'Unhealthy governance' and explores some of the key findings from the subsequent papers.

  20. Linking payment to health outcomes: a taxonomy and examination of performance-based reimbursement schemes between healthcare payers and manufacturers.

    Science.gov (United States)

    Carlson, Josh J; Sullivan, Sean D; Garrison, Louis P; Neumann, Peter J; Veenstra, David L

    2010-08-01

    To identify, categorize and examine performance-based health outcomes reimbursement schemes for medical technology. We performed a review of performance-based health outcomes reimbursement schemes over the past 10 years (7/98-010/09) using publicly available databases, web and grey literature searches, and input from healthcare reimbursement experts. We developed a taxonomy of scheme types by inductively organizing the schemes identified according to the timing, execution, and health outcomes measured in the schemes. Our search yielded 34 coverage with evidence development schemes, 10 conditional treatment continuation schemes, and 14 performance-linked reimbursement schemes. The majority of schemes are in Europe and Australia, with an increasing number in Canada and the U.S. These schemes have the potential to alter the reimbursement and pricing landscape for medical technology, but significant challenges, including high transaction costs and insufficient information systems, may limit their long-term impact. Future studies regarding experiences and outcomes of implemented schemes are necessary. Copyright 2010 Elsevier Ireland Ltd. All rights reserved.

  1. Psychosocial routes from housing investment to health: Evidence from England's home energy efficiency scheme

    International Nuclear Information System (INIS)

    Gilbertson, Jan; Grimsley, Michael; Green, Geoff

    2012-01-01

    Over the past decade the Warm Front Scheme has been the English Government's principal programme for improving domestic energy efficiency and reducing fuel poverty. This paper reports on a cross-sectional survey of low income householders participating in the Warm Front Scheme in five urban areas of England. Surveys were conducted of 2685 individuals, before and or after intervention. Pathways to self reported health were modelled by logistic regression. Of all the dimensions of health examined, only self reported mental health is directly associated with Warm Front measures. Intermediary variables associated with Warm Front intervention were shown to be significantly correlated with more dimensions of self reported health status. Higher temperatures, satisfaction with the heating system, greater thermal comfort, reductions in fuel poverty and lower stress were significantly correlated with improved health. Alleviating fuel poverty and reducing stress appeared to be the main route to health. We conclude there are complex and indirect relationships linking energy efficiency measures to outcomes on all dimensions of health which contribute to significant material and psychosocial benefits. The impact of the Warm Front Scheme cannot be fully understood by a limited analysis which merely relates indoor temperature and property characteristics to physiological health outcomes. - Highlights: ► Warm Front improvements are linked to significant material and psychosocial benefits. ► The alleviation of fuel poverty and the reduction of stress emerge as the likely route to health. ► The scope for improving health is greater than implied by the UK Government's Fuel Poverty Strategy. ► A dual but integrated approach to alleviating cold living conditions and fuel poverty is required.

  2. The Politico-Economic Challenges of Ghana’s National Health Insurance Scheme Implementation

    Directory of Open Access Journals (Sweden)

    Adam Fusheini

    2016-09-01

    Full Text Available Background National/social health insurance schemes have increasingly been seen in many low- and middle-income countries (LMICs as a vehicle to universal health coverage (UHC and a viable alternative funding mechanism for the health sector. Several countries, including Ghana, have thus introduced and implemented mandatory national health insurance schemes (NHIS as part of reform efforts towards increasing access to health services. Ghana passed mandatory national health insurance (NHI legislation (ACT 650 in 2003 and commenced nationwide implementation in 2004. Several peer review studies and other research reports have since assessed the performance of the scheme with positive rating while challenges also noted. This paper contributes to the literature on economic and political implementation challenges based on empirical evidence from the perspectives of the different category of actors and institutions involved in the process. Methods Qualitative in-depth interviews were held with 33 different category of participants in four selected district mutual health insurance schemes in Southern (two and Northern (two Ghana. This was to ascertain their views regarding the main challenges in the implementation process. The participants were selected through purposeful sampling, stakeholder mapping, and snowballing. Data was analysed using thematic grouping procedure. Results Participants identified political issues of over politicisation and political interference as main challenges. The main economic issues participants identified included low premiums or contributions; broad exemptions, poor gatekeeper enforcement system; and culture of curative and hospital-centric care. Conclusion The study establishes that political and economic factors have influenced the implementation process and the degree to which the policy has been implemented as intended. Thus, we conclude that there is a synergy between implementation and politics; and achieving UHC under

  3. The Politico-Economic Challenges of Ghana's National Health Insurance Scheme Implementation.

    Science.gov (United States)

    Fusheini, Adam

    2016-04-27

    National/social health insurance schemes have increasingly been seen in many low- and middle-income countries (LMICs) as a vehicle to universal health coverage (UHC) and a viable alternative funding mechanism for the health sector. Several countries, including Ghana, have thus introduced and implemented mandatory national health insurance schemes (NHIS) as part of reform efforts towards increasing access to health services. Ghana passed mandatory national health insurance (NHI) legislation (ACT 650) in 2003 and commenced nationwide implementation in 2004. Several peer review studies and other research reports have since assessed the performance of the scheme with positive rating while challenges also noted. This paper contributes to the literature on economic and political implementation challenges based on empirical evidence from the perspectives of the different category of actors and institutions involved in the process. Qualitative in-depth interviews were held with 33 different category of participants in four selected district mutual health insurance schemes in Southern (two) and Northern (two) Ghana. This was to ascertain their views regarding the main challenges in the implementation process. The participants were selected through purposeful sampling, stakeholder mapping, and snowballing. Data was analysed using thematic grouping procedure. Participants identified political issues of over politicisation and political interference as main challenges. The main economic issues participants identified included low premiums or contributions; broad exemptions, poor gatekeeper enforcement system; and culture of curative and hospital-centric care. The study establishes that political and economic factors have influenced the implementation process and the degree to which the policy has been implemented as intended. Thus, we conclude that there is a synergy between implementation and politics; and achieving UHC under the NHIS requires political stewardship. Political

  4. Prevalence of antibiotic resistance in adult septic patients of H. Adam Malik central general hospital, Medan under Indonesia’s mandatory health scheme

    Science.gov (United States)

    Tillasman, N. S.; Saragih, R. H.; Umar, N.

    2018-03-01

    Sepsis is a severe bacterial infection whose treatment still varies in preference. However, for more than 60 years, antibiotics have been regarded as the panacea, as long as they are used wisely and timely. Antibiotic resistance has escalated in recent years, resulting in an accelerating global health security emergency, that is rapidly outpacing available treatment options. In January 2014, the new mandatory health insurance scheme (JKN) was introduced, whose treatments must comply with National Formulary (FORNAS) policy. We aimed to systematically review the prevalence of antibiotic resistance to FORNAS policy’s preferential treatments in adult septic patients who had been in the non-surgical wards. Based on an overall view, 76 out of 90 kinds of antibiotics which had undergone antibiotic susceptibility test (AST) had alarming resistance rate and preferential antibiotics in the current JKN scheme may have become ineffective.

  5. National health insurance scheme: How receptive are the private healthcare practitioners in a local government area of Lagos state.

    Science.gov (United States)

    Christina, Campbell Princess; Latifat, Taiwo Toyin; Collins, Nnaji Feziechukwu; Olatunbosun, Abolarin Thaddeus

    2014-11-01

    National Health Insurance Scheme (NHIS) is one of the health financing options adopted by Nigeria for improved healthcare access especially to the low income earners. One of the key operators of the scheme is the health care providers, thus their uptake of the scheme is fundamental to the survival of the scheme. The study reviewed the uptake of the NHIS by private health care providers in a Local Government Area in Lagos State. To assess the uptake of the NHIS by private healthcare practitioners. This descriptive cross-sectional study recruited 180 private healthcare providers selected by multistage sampling technique with a response rate of 88.9%. Awareness, knowledge and uptake of NHIS were 156 (97.5%), 110 (66.8%) and 97 (60.6%), respectively. Half of the respondents 82 (51.3%) were dissatisfied with the operations of the scheme. Major reasons were failure of entitlement payment by Health Maintenance Organisations 13 (81.3%) and their incurring losses in participating in the scheme 8(50%). There was a significant association between awareness, level of education, knowledge of NHIS and registration into scheme by the respondents P-value NHIS were commendable among the private health care providers. Six out of 10 had registered with the NHIS but half of the respondents 82 (51.3%) were dissatisfied with the scheme and 83 (57.2%) regretted participating in the scheme. There is need to improve payment modalities and ensure strict adherence to laid down policies.

  6. A quantitative study on factors influencing enrolment of dairy farmers in a community health insurance scheme.

    Science.gov (United States)

    Greef, Tineke de Groot-de; Monareng, Lydia V; Roos, Janetta H

    2016-12-09

    Access to affordable and effective health care is a challenge in low- and middle- income countries. Out-of-pocket expenditure for health care is a major cause of impoverishment. One way to facilitate access and overcome catastrophic expenditure is through a health insurance mechanism, whereby risks are shared and financial inputs pooled by way of contributions. This study examined factors that influenced the enrolment status of dairy farmers in Western Kenya to a community health insurance (CHI) scheme. Quantitative, cross-sectional research was used to describe factors influencing the enrolment in the CHI scheme. Quota and convenience sampling was used, recruiting a sample of 135 farmers who supply milk to a dairy cooperation. Data were collected using a structured interview schedule and analysed using Stata SE, Data Analysis and Statistical Software, Version 12. Factors influencing non-enrolment were identified as affordability (40%; n = 47), unfamiliarity with the management of the scheme (37%; n = 44) and a lack of understanding about the scheme (41%; n = 48). An exploratory factor analysis was used to reduce the variables to two factors: information provision and understanding community health insurance (CHI). Logistic regression identified factors associated with enrolment in the Tanykina Community Healthcare Plan (TCHP). Supplies of less than six litres of milk per day (OR: 0.22; 95% CI: 0.06-0.84) and information provision (OR: 8.77; 95% CI: 2.25-34.16) were significantly associated with enrolment in the TCHP. Nearly 30% (29.6%; n = 40) of the respondents remarked that TCHP is expensive and 17% (n = 23) asked for more education on CHI and TCHP in an open-ended question. Recommendations related to marketing strategies, financial approach, information provision and further research were outlined to be made to the management of the TCHP as well as to those involved in public health.

  7. National Disability Insurance Scheme, health, hospitals and adults with intellectual disability.

    Science.gov (United States)

    Wallace, Robyn A

    2018-03-01

    Preventable poor health outcomes for adults with intellectual disability in health settings have been known about for years. Subsequent analysis and the sorts of reasonable adjustments required in health and disability support settings to address these health gaps are well described, but have not really been embedded in practice in any significant way in either setting. As far as health is concerned, implementation of the National Disability Insurance Scheme (NDIS, the Scheme) affords an opportunity to recognise individual needs of people with intellectual disability to provide reasonable and necessary functional support for access to mainstream health services, to build capacity of mainstream health providers to supply services and to increase individual capacity to access services. Together these strands have potential to transform health outcomes. Success of the Scheme, however, rests on as yet incompletely defined operational interaction between NDIS and mainstream health services and inherently involves the disability sector. This interaction is especially relevant for adults with intellectual disability, known high users of hospitals and for whom hospital outcomes are particularly poor and preventable. Keys to better hospital outcomes are first, the receiving of quality person-centred healthcare from physicians and hospitals taking into account significance of intellectual disability and second, formulation of organised quality functional supports during hospitalisation. Achieving these require sophisticated engagement between consumers, the National Disability Insurance Agency, Commonwealth, State and Territory government leaders, senior hospital and disability administrators, NDIS service providers and clinicians and involves cross fertilisation of values, sharing of operational policies and procedures, determination of boundaries of fiscal responsibility for functional supports in hospital. © 2018 Royal Australasian College of Physicians.

  8. Security and health research databases: the stakeholders and questions to be addressed.

    Science.gov (United States)

    Stewart, Sara

    2006-01-01

    Health research database security issues abound. Issues include subject confidentiality, data ownership, data integrity and data accessibility. There are also various stakeholders in database security. Each of these stakeholders has a different set of concerns and responsibilities when dealing with security issues. There is an obvious need for training in security issues, so that these issues may be addressed and health research will move on without added obstacles based on misunderstanding security methods and technologies.

  9. How do patients and providers react to different incentives in the Chinese multiple health security systems?

    Science.gov (United States)

    Zhang, Chun-Yu; Hashimoto, Hideki

    2015-03-05

    China has achieved universal health insurance coverage. This study examined how patients and hospitals react to the different designs of the plans and to monitoring of patients by the local authority in the Chinese multiple health security schemes. The sample for analysis consisted of 1006 orthopedic inpatients who were admitted between January and December 2011 at a tertiary teaching hospital located in Beijing. We conducted general linear regression analyses to investigate whether medical expenditure and length of stay differed according to the different incentives. Patients under plans with lower copayment rates consumed significantly more medication compared with those under plans with higher copayment rates. Under plans with an annual ceiling for insurance coverage, patients spent significantly more in the second half of the year than in the first half of the year. The length of stay was shorter among patients when there were government monitoring and a penalty to the hospital service provider. Our results indicate that the different designs and monitoring of the health security systems in China cause opportunistic behavior by patients and providers. Reformation is necessary to reduce those incentives, and improve equity and efficiency in healthcare use.

  10. Watermarking security

    CERN Document Server

    Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

    2016-01-01

    This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

  11. Tradable schemes

    NARCIS (Netherlands)

    J.K. Hoogland (Jiri); C.D.D. Neumann

    2000-01-01

    textabstractIn this article we present a new approach to the numerical valuation of derivative securities. The method is based on our previous work where we formulated the theory of pricing in terms of tradables. The basic idea is to fit a finite difference scheme to exact solutions of the pricing

  12. Health insurance subsidies and deductible choice: Evidence from regional variation in subsidy schemes.

    Science.gov (United States)

    Kaufmann, Cornel; Schmid, Christian; Boes, Stefan

    2017-09-01

    The extent to which premium subsidies can influence health insurance choices is an open question. In this paper, we explore the regional variation in subsidy schemes in Switzerland, designed as either in-kind or cash transfers, to study their impact on the choice of health insurance deductibles. Using health survey data and a difference-in-differences methodology, we find that in-kind transfers increase the likelihood of choosing a low deductible plan by approximately 4 percentage points (or 7%). Our results indicate that the response to in-kind transfers is strongest among women, middle-aged and unmarried individuals, which we explain by differences in risk-taking behavior, health status, financial constraints, health insurance and financial literacy. We discuss our results in the light of potential extra-marginal effects on the demand for health care services, which are however not supported by our data. Copyright © 2017 Elsevier B.V. All rights reserved.

  13. A secure and efficiently searchable health information architecture.

    Science.gov (United States)

    Yasnoff, William A

    2016-06-01

    Patient-centric repositories of health records are an important component of health information infrastructure. However, patient information in a single repository is potentially vulnerable to loss of the entire dataset from a single unauthorized intrusion. A new health record storage architecture, the personal grid, eliminates this risk by separately storing and encrypting each person's record. The tradeoff for this improved security is that a personal grid repository must be sequentially searched since each record must be individually accessed and decrypted. To allow reasonable search times for large numbers of records, parallel processing with hundreds (or even thousands) of on-demand virtual servers (now available in cloud computing environments) is used. Estimated search times for a 10 million record personal grid using 500 servers vary from 7 to 33min depending on the complexity of the query. Since extremely rapid searching is not a critical requirement of health information infrastructure, the personal grid may provide a practical and useful alternative architecture that eliminates the large-scale security vulnerabilities of traditional databases by sacrificing unnecessary searching speed. Copyright © 2016 Elsevier Inc. All rights reserved.

  14. Assessment of National Health Insurance Scheme's (NHIS) Effectiveness in a Tertiary Teaching Hospital in Southeast Nigeria

    OpenAIRE

    N. Ele Grace; O. Ogbonna Brian; M. Ochei Uche; U. Odili Valentine

    2017-01-01

    Background: The fundamental concept of health insurance is risk sharing and burden bearing. The scheme is undermined by limitations ranging from very frequent use of the services more than necessary by enrollees, to cost escalation, poor management, and skimming. Assessment of services is a quality control measure in patients’ care and service delivery. It helps to identify gaps for improvement of care and services. Objective: This study assessed the effectiveness of NHIS from the perspec...

  15. Factors That Influence Enrolment and Retention in Ghana’ National Health Insurance Scheme

    Science.gov (United States)

    Millicent Kotoh, Agnes; Aryeetey, Genevieve Cecilia; der Geest, Sjaak Van

    2018-01-01

    Background: The government of Ghana introduced the National Health Insurance Scheme (NHIS) in 2004 with the goal of achieving universal coverage within 5 years. Evidence, however, shows that expanding NHIS coverage and especially retaining members have remained a challenge. A multilevel perspective was employed as a conceptual framework and methodological tool to examine why enrolment and retention in the NHIS remains low. Methods: A household survey was conducted after 20 months educational and promotional activities aimed at improving enrolment and retention rates in 15 communities in the Central and Eastern Regions (ERs) of Ghana. Observation, indepth interviews and informal conversations were used to collect qualitative data. Forty key informants (community members, health providers and district health insurance schemes’ [DHISs] staff) purposely selected from two casestudy communities in the Central Region (CR) were interviewed. Several community members, health providers and DHISs’ staff were also engaged in informal conversations in the other five communities in the region. Also, four staff of the Ministry of Health (MoH), Ghana Health Service (GHS) and National Health Insurance Authority (NHIA) were engaged in in-depth interviews. Descriptive statistics was used to analyse quantitative data. Qualitative data was analysed using thematic content analysis. Results: The results show that factors that influence enrolment and retention in the NHIS are multi-dimensional and cut across all stakeholders. People enrolled and renewed their membership because of NHIS’ benefits and health providers’ positive behaviour. Barriers to enrolment and retention included: poverty, traditional risk-sharing arrangements influence people to enrol or renew their membership only when they need healthcare, dissatisfaction about health providers’ behaviour and service delivery challenges. Conclusion: Given the multi-dimensional nature of barriers to enrolment and retention

  16. Ability to Pay for Future National Health Financing Scheme among Malaysian Households.

    Science.gov (United States)

    Aizuddin, Azimatun Noor; Aljunid, Syed Mohamed

    Malaysia is no exception to the challenging health care financing phenomenon of globalization. The objective of the present study was to assess the ability to pay among Malaysian households as preparation for a future national health financing scheme. This was a cross-sectional study involving representative samples of 774 households in Peninsular Malaysia. A majority of households were found to have the ability to pay for their health care. Household expenditure on health care per month was between MYR1 and MYR2000 with a mean (standard deviation [SD]) of 73.54 (142.66), or in a percentage of per-month income between 0.05% and 50% with mean (SD) 2.74 (5.20). The final analysis indicated that ability to pay was significantly higher among younger and higher-income households. Sociodemographic and socioeconomic statuses are important eligibility factors to be considered in planning the proposed national health care financing scheme to shield the needed group from catastrophic health expenditures. Copyright © 2017 Icahn School of Medicine at Mount Sinai. Published by Elsevier Inc. All rights reserved.

  17. Reviewing and reforming policy in health enterprise information security

    Science.gov (United States)

    Sostrom, Kristen; Collmann, Jeff R.

    2001-08-01

    Health information management policies usually address the use of paper records with little or no mention of electronic health records. Information Technology (IT) policies often ignore the health care business needs and operational use of the information stored in its systems. Representatives from the Telemedicine & Advanced Technology Research Center, TRICARE and Offices of the Surgeon General of each Military Service, collectively referred to as the Policies, Procedures and Practices Work Group (P3WG), examined military policies and regulations relating to computer-based information systems and medical records management. Using a system of templates and matrices created for the purpose, P3WG identified gaps and discrepancies in DoD and service compliance with the proposed Health Insurance Portability and Accountability Act (HIPAA) Security Standard. P3WG represents an unprecedented attempt to coordinate policy review and revision across all military health services and the Office of Health Affairs. This method of policy reform can identify where changes need to be made to integrate health management policy and IT policy in to an organizational policy that will enable compliance with HIPAA standards. The process models how large enterprises may coordinate policy revision and reform across broad organizational and work domains.

  18. National health insurance scheme: Are the artisans benefitting in Lagos state, Nigeria?

    Directory of Open Access Journals (Sweden)

    Princess C Campbell

    2016-01-01

    Full Text Available Background: Health insurance (HI can serve as a vital risk protection for families and small businesses and also increase access to priority health services. This study determined the knowledge, attitude of artisans toward HI as well as their health-seeking pattern and willingness to join the HI scheme. Methodology: This descriptive cross-sectional survey used a multistage sampling technique to recruit 260 participants, using self-designed, pretested, interviewer-administered questionnaire. Data were analyzed using Epi-info version 7.0. Chi-square test, Fisher′s exact test, and logistic regression were used for associations; the level of significance was set at 5%. Results: The respondents were predominantly male, i.e., 195 (75.0%, with a mean age of 32.36 + 6.20 years and mean income of N 29,000 + 5798.5 ($1 ~ N 161. Majority of the respondents, i.e., 226 (86.9% were not aware of HI. The overall knowledge was poor (6.5% and the main source of information was through radio/television (41.2%. Nearly, half of the respondents (33 out of 67 identified the concept of HI as a pool of contributors′ fund for only healthcare service. A high proportion of the respondents (27 out of 34 were aware of the benefits of HI, although majority, i.e., 27 (79.4% identified access to medication as the benefit. The majority of the respondents, i.e., 228 (87.7% expressed negative attitude toward the scheme; however, 76.5% were willing to join the HI scheme. Conclusion: The artisans had low awareness/poor knowledge of HI which translated to a negative attitude toward the scheme. There is need for an aggressive stakeholders′ enlightenment campaign for increasing coverage.

  19. System Health Monitoring Using a Novel Method: Security Unified Process

    Directory of Open Access Journals (Sweden)

    Alireza Shameli-Sendi

    2012-01-01

    and change management, and project management. The dynamic dimension, or phases, contains inception, analysis and design, construction, and monitoring. Risk assessment is a major part of the ISMS process. In SUP, we present a risk assessment model, which uses a fuzzy expert system to assess risks in organization. Since, the classification of assets is an important aspect of risk management and ensures that effective protection occurs, a Security Cube is proposed to identify organization assets as an asset classification model. The proposed model leads us to have an offline system health monitoring tool that is really a critical need in any organization.

  20. Health care professionals’ perception of security of personal health devices

    OpenAIRE

    Ondiege,Brian; Clarke,Malcolm

    2017-01-01

    Brian Ondiege, Malcolm Clarke Department of Computer Science, College of Engineering, Design and Physical Sciences, Brunel University London, UK Abstract: With the rapid advances in the capabilities of telehealth devices and their increasing connection to the Internet, security is becoming an issue of major concern. Therefore, the perceptions of the health care professionals regarding security are of interest, as the patients trust them to make informed decisions on issues concerning...

  1. Strengthening global health security capacity--Vietnam demonstration project, 2013.

    Science.gov (United States)

    Tran, Phu Dac; Vu, Long Ngoc; Nguyen, Hien Tran; Phan, Lan Trong; Lowe, Wayne; McConnell, Michelle S; Iademarco, Michael F; Partridge, Jeffrey M; Kile, James C; Do, Trang; Nadol, Patrick J; Bui, Hien; Vu, Diep; Bond, Kyle; Nelson, David B; Anderson, Lauren; Hunt, Kenneth V; Smith, Nicole; Giannone, Paul; Klena, John; Beauvais, Denise; Becknell, Kristi; Tappero, Jordan W; Dowell, Scott F; Rzeszotarski, Peter; Chu, May; Kinkade, Carl

    2014-01-31

    Over the past decade, Vietnam has successfully responded to global health security (GHS) challenges, including domestic elimination of severe acute respiratory syndrome (SARS) and rapid public health responses to human infections with influenza A(H5N1) virus. However, new threats such as Middle East respiratory syndrome coronavirus (MERS-CoV) and influenza A(H7N9) present continued challenges, reinforcing the need to improve the global capacity to prevent, detect, and respond to public health threats. In June 2012, Vietnam, along with many other nations, obtained a 2-year extension for meeting core surveillance and response requirements of the 2005 International Health Regulations (IHR). During March-September 2013, CDC and the Vietnamese Ministry of Health (MoH) collaborated on a GHS demonstration project to improve public health emergency detection and response capacity. The project aimed to demonstrate, in a short period, that enhancements to Vietnam's health system in surveillance and early detection of and response to diseases and outbreaks could contribute to meeting the IHR core capacities, consistent with the Asia Pacific Strategy for Emerging Diseases. Work focused on enhancements to three interrelated priority areas and included achievements in 1) establishing an emergency operations center (EOC) at the General Department of Preventive Medicine with training of personnel for public health emergency management; 2) improving the nationwide laboratory system, including enhanced testing capability for several priority pathogens (i.e., those in Vietnam most likely to contribute to public health emergencies of international concern); and 3) creating an emergency response information systems platform, including a demonstration of real-time reporting capability. Lessons learned included awareness that integrated functions within the health system for GHS require careful planning, stakeholder buy-in, and intradepartmental and interdepartmental coordination and

  2. Factors That Influence Enrolment and Retention in Ghana' National Health Insurance Scheme.

    Science.gov (United States)

    Kotoh, Agnes Millicent; Aryeetey, Genevieve Cecilia; Van der Geest, Sjaak

    2017-10-17

    The government of Ghana introduced the National Health Insurance Scheme (NHIS) in 2004 with the goal of achieving universal coverage within 5 years. Evidence, however, shows that expanding NHIS coverage and especially retaining members have remained a challenge. A multilevel perspective was employed as a conceptual framework and methodological tool to examine why enrolment and retention in the NHIS remains low. A household survey was conducted after 20 months educational and promotional activities aimed at improving enrolment and retention rates in 15 communities in the Central and Eastern Regions (ERs) of Ghana. Observation, indepth interviews and informal conversations were used to collect qualitative data. Forty key informants (community members, health providers and district health insurance schemes' [DHISs] staff) purposely selected from two casestudy communities in the Central Region (CR) were interviewed. Several community members, health providers and DHISs' staff were also engaged in informal conversations in the other five communities in the region. Also, four staff of the Ministry of Health (MoH), Ghana Health Service (GHS) and National Health Insurance Authority (NHIA) were engaged in in-depth interviews. Descriptive statistics was used to analyse quantitative data. Qualitative data was analysed using thematic content analysis. The results show that factors that influence enrolment and retention in the NHIS are multi-dimensional and cut across all stakeholders. People enrolled and renewed their membership because of NHIS' benefits and health providers' positive behaviour. Barriers to enrolment and retention included: poverty, traditional risk-sharing arrangements influence people to enrol or renew their membership only when they need healthcare, dissatisfaction about health providers' behaviour and service delivery challenges. Given the multi-dimensional nature of barriers to enrolment and retention, we suggest that the NHIA should engage DHISs, health

  3. A Study on the Dependable and Secure Relaying Scheme under High Resistance Earth Faults on HV, EHV Line

    Energy Technology Data Exchange (ETDEWEB)

    Kim, I.D.; Han, K.N. [Korea Electric Power Research Institute, Taejeon (Korea, Republic of)

    1997-12-31

    This report contains following items for the purpose of investigating and analyzing characteristics of high impedance ground faults. - Reason and characteristics identification of HIF - Modeling of power system - Testing of protective relays using RTD(Real Time Digital Simulator) - Staged ground faults test - Development of new algorithm to detect HIF - Protective coordination schemes between different types of relays - HIF monitoring and relaying scheme and H/W prototyping. (author). 22 refs., 28 figs., 21 tabs.

  4. Health, food and nutrition security and the SDG 2030

    Directory of Open Access Journals (Sweden)

    Luiz Eduardo Fonseca

    2016-05-01

    Full Text Available This article analyses the most recent action plans set out by different agencies and organizations of the United Nations system, including these in as out of the health or nutrition area but that can produce an impact on the health and nutritional status of population and national systems of health care and food production and distribution. It seeks to find common points between these Plans of Action for possible collaboration in a future common agenda between the two areas. In addition, this exercise can also help in the incorporation of new elements and another analysis of variables that influence global policies and national health and food and nutritional security. More than answers, this article seeks to collaborate with some milestones and guidelines to support the governance of the Agenda 2030 and the SDG implementation at a country level. This article obviously does not exhaust the subject, but draws attention to common points that can influence the health and nutrition situation of the national populations. The political dimension and the governance, the coherence and political coordination can contribute to the implementation of the SDG health and FNS and to achieve common objectives, including greater costeffectiveness, because both processes are synergistic.

  5. Public vs private administration of rural health insurance schemes: a comparative study in Zhejiang of China.

    Science.gov (United States)

    Zhou, Xiaoyuan; Mao, Zhengzhong; Rechel, Bernd; Liu, Chaojie; Jiang, Jialin; Zhang, Yinying

    2013-07-01

    Since 2003, China has experimented in some of the country's counties with the private administration of the New Cooperative Medical Scheme (NCMS), a publicly subsidized health insurance scheme for rural populations. Our study compared the effectiveness and efficiency of private vs public administration in four counties in one of China's most affluent provinces in the initial stage of the NCMS's implementation. The study was undertaken in Ningbo city of Zhejiang province. Out of 10 counties in Ningbo, two counties with private administration for the NCMS (Beilun and Ninghai) were compared with two others counties with public administration (Zhenhai and Fenghua), using the following indicators: (1) proportion of enrollees who were compensated for inpatient care; (2) average reimbursement-expense ratio per episode of inpatient care; (3) overall administration cost; (4) enrollee satisfaction. Data from 2004 to 2006 were collected from the local health authorities, hospitals and the contracted insurance companies, supplemented by a randomized household questionnaire survey covering 176 households and 479 household members. In our sample counties, private administration of the NCMS neither reduced transaction costs, nor improved the benefits of enrollees. Enrollees covered by the publicly administered NCMS were more likely to be satisfied with the insurance scheme than those covered by the privately administered NCMS. Experience in the selected counties suggests that private administration of the NCMS did not deliver the hoped-for results. We conclude that caution needs to be exercised in extending private administration of the NCMS.

  6. Client-Focused Security Assessment of mHealth Apps and Recommended Practices to Prevent or Mitigate Transport Security Issues

    OpenAIRE

    Müthing, Jannis; Jäschke, Thomas; Friedrich, Christoph M

    2017-01-01

    Background Mobile health (mHealth) apps show a growing importance for patients and health care professionals. Apps in this category are diverse. Some display important information (ie, drug interactions), whereas others help patients to keep track of their health. However, insufficient transport security can lead to confidentiality issues for patients and medical professionals, as well as safety issues regarding data integrity. mHealth apps should therefore deploy intensified vigilance to pro...

  7. Optimum wireless sensor deployment scheme for structural health monitoring: a simulation study

    International Nuclear Information System (INIS)

    Liu, Chengyin; Fang, Kun; Teng, Jun

    2015-01-01

    With the rapid advancements in smart sensing technology and wireless communication technology, the wireless sensor network (WSN) offers an alternative solution to structural health monitoring (SHM). In WSNs, dense deployment of wireless nodes aids the identification of structural dynamic characteristics, while data transmission is a significant issue since wireless channels typically have a lower bandwidth and a limited power supply. This paper provides a wireless sensor deployment optimization scheme for SHM, in terms of both energy consumption and modal identification accuracy. A spherical energy model is established to formulate the energy consumption within a WSN. The optimal number of sensors and their locations are obtained through solving a multi-objective function with weighting factors on energy consumption and modal identification accuracy using a genetic algorithm (GA). Simulation and comparison results with traditional sensor deployment methods demonstrate the efficiency of the proposed optimization scheme. (paper)

  8. Who uses outpatient healthcare services under Ghana's health protection scheme and why?

    Science.gov (United States)

    Fenny, Ama P; Asante, Felix A; Arhinful, Daniel K; Kusi, Anthony; Parmar, Divya; Williams, Gemma

    2016-05-10

    The National Health Insurance Scheme (NHIS) was launched in Ghana in 2003 with the main objective of increasing utilisation to healthcare by making healthcare more affordable. Previous studies on the NHIS have repeatedly highlighted that cost of premiums is one of the major barriers for enrollment. However, despite introducing premium exemptions for pregnant women, older people, children and indigents, many Ghanaians are still not active members of the NHIS. In this paper we investigate why there is limited success of the NHIS in improving access to healthcare in Ghana and whether social exclusion could be one of the limiting barriers. The study explores this by looking at the Social, Political, Economic and Cultural (SPEC) dimensions of social exclusion. Using logistic regression, the study investigates the determinants of health service utilisation using SPEC variables including other variables. Data was collected from 4050 representative households in five districts in Ghana covering the 3 ecological zones (coastal, forest and savannah) in Ghana. Among 16,200 individuals who responded to the survey, 54 % were insured. Out of the 1349 who sought health care, 64 % were insured and 65 % of them had basic education and 60 % were women. The results from the logistic regressions show health insurance status, education and gender to be the three main determinants of health care utilisation. Overall, a large proportion of the insured who reported ill, sought care from formal health care providers compared to those who had never insured in the scheme. The paper demonstrates that the NHIS presents a workable policy tool for increasing access to healthcare through an emphasis on social health protection. However, affordability is not the only barrier for access to health services. Geographical, social, cultural, informational, political, and other barriers also come into play.

  9. Security and confidentiality of health information systems: implications for physicians.

    Science.gov (United States)

    Dorodny, V S

    1998-01-01

    Adopting and developing the new generation of information systems will be essential to remain competitive in a quality conscious health care environment. These systems enable physicians to document patient encounters and aggregate the information from the population they treat, while capturing detailed data on chronic medical conditions, medications, treatment plans, risk factors, severity of conditions, and health care resource utilization and management. Today, the knowledge-based information systems should offer instant, around-the-clock access for the provider, support simple order entry, facilitate data capture and retrieval, and provide eligibility verification, electronic authentication, prescription writing, security, and reporting that benchmarks outcomes management based upon clinical/financial decisions and treatment plans. It is an integral part of any information system to incorporate and integrate transactional (financial/administrative) information, as well as analytical (clinical/medical) data in a user-friendly, readily accessible, and secure form. This article explores the technical, financial, logistical, and behavioral obstacles on the way to the Promised Land.

  10. Security and Health Research Databases: The Stakeholders and Questions to Be Addressed

    OpenAIRE

    Stewart, Sara

    2006-01-01

    Health research database security issues abound. Issues include subject confidentiality, data ownership, data integrity and data accessibility. There are also various stakeholders in database security. Each of these stakeholders has a different set of concerns and responsibilities when dealing with security issues. There is an obvious need for training in security issues, so that these issues may be addressed and health research will move on without added obstacles based on misunderstanding s...

  11. A no-key-exchange secure image sharing scheme based on Shamir's three-pass cryptography protocol and the multiple-parameter fractional Fourier transform.

    Science.gov (United States)

    Lang, Jun

    2012-01-30

    In this paper, we propose a novel secure image sharing scheme based on Shamir's three-pass protocol and the multiple-parameter fractional Fourier transform (MPFRFT), which can safely exchange information with no advance distribution of either secret keys or public keys between users. The image is encrypted directly by the MPFRFT spectrum without the use of phase keys, and information can be shared by transmitting the encrypted image (or message) three times between users. Numerical simulation results are given to verify the performance of the proposed algorithm.

  12. Security Attacks and Solutions in Electronic Health (E-health) Systems.

    Science.gov (United States)

    Zeadally, Sherali; Isaac, Jesús Téllez; Baig, Zubair

    2016-12-01

    For centuries, healthcare has been a basic service provided by many governments to their citizens. Over the past few decades, we have witnessed a significant transformation in the quality of healthcare services provided by healthcare organizations and professionals. Recent advances have led to the emergence of Electronic Health (E-health), largely made possible by the massive deployment and adoption of information and communication technologies (ICTs). However, cybercriminals and attackers are exploiting vulnerabilities associated primarily with ICTs, causing data breaches of patients' confidential digital health information records. Here, we review recent security attacks reported for E-healthcare and discuss the solutions proposed to mitigate them. We also identify security challenges that must be addressed by E-health system designers and implementers in the future, to respond to threats that could arise as E-health systems become integrated with technologies such as cloud computing, the Internet of Things, and smart cities.

  13. Communicating Health Risks under Pressure: Homeland Security Applications

    International Nuclear Information System (INIS)

    Garrahan, K.G.; Collie, S.L.

    2006-01-01

    The U.S. Environmental Protection Agency's (EPA) Office of Research and Development (ORD) Threat and Consequence Assessment Division (TCAD) within the National Homeland Security Research Center (NHSRC) has developed a tool for rapid communication of health risks and likelihood of exposure in preparation for terrorist incidents. The Emergency Consequence Assessment Tool (ECAT) is a secure web-based tool designed to make risk assessment and consequence management faster and easier for high priority terrorist threat scenarios. ECAT has been designed to function as 'defensive play-book' for health advisors, first responders, and decision-makers by presenting a series of evaluation templates for priority scenarios that can be modified for site-specific applications. Perhaps most importantly, the risk communication aspect is considered prior to an actual release event, so that management or legal advisors can concur on general risk communication content in preparation for press releases that can be anticipated in case of an actual emergency. ECAT serves as a one-stop source of information for retrieving toxicological properties for agents of concern, estimating exposure to these agents, characterizing health risks, and determining what actions need to be undertaken to mitigate the risks. ECAT has the capability to be used at a command post where inputs can be checked and communicated while the response continues in real time. This front-end planning is intended to fill the gap most commonly identified during tabletop exercises: a need for concise, timely, and informative risk communication to all parties. Training and customization of existing chemical and biological release scenarios with modeling of exposure to air and water, along with custom risk communication 'messages' intended for public, press, shareholders, and other partners enable more effective communication during times of crisis. For DOE, the ECAT could serve as a prototype that would be amenable to

  14. Supplementary contribution payable to the health insurance scheme for the spouse's coverage

    CERN Multimedia

    HR Department

    2007-01-01

    Staff Members, Fellows and Pensioners are reminded that any change in their marital status, as well as any change in the spouse or registered partner's income or health insurance cover, shall be notified in writing to CERN, within 30 calendar days of the change, in accordance with Articles III 6.01 to 6.03 of the Rules of the CERN Health Insurance Scheme. Such changes may have consequences on the conditions of the spouse or registered partner's affiliation to the CERN Health Insurance Scheme (CHIS) or on the payment of the supplementary contribution to the CHIS for the coverage of the spouse or registered partner. From 1.1.2007, for the following monthly income brackets, the indexed amounts in Swiss francs of the monthly supplementary contribution are: more than 2'500 CHF and up to 4'250 CHF: 134.- more than 4'250 CHF and up to 7'500 CHF: 234.- more than 7'500 CHF and up to 10'000 CHF: 369.- more than 10'000 CHF: 461.- It is in the member of the personnel's interest to declare a change in the annual ...

  15. VA INFORMATION SYSTEMS: Computer Security Weaknesses Persist at the Veterans Health Administration

    National Research Council Canada - National Science Library

    2000-01-01

    .... To determine the status of computer security within VHA, we (1) evaluated information system general controls at the VA Maryland Health Cafe System, the New Mexico VA Health Care System, and the VA North Texas Health Care System and (2...

  16. Healthcare information privacy and security regulatory compliance and data security in the age of electronic health records

    CERN Document Server

    Robichau, Bernard Peter

    2014-01-01

    Healthcare is a huge market--20% of yearly GDP in the U.S. It employs tens of thousands of computer programmers and IT administrators Regulations mandate electronic health records by 2015 (for anyone dealing with Medicare/Medicaid), which means new concerns for privacy and security Many medical organizations lagging, putting them at risk for government fines and private lawsuits when a breach in security occurs. Healthcare IT is the growth industry right now, and the need for guidance in regard to privacy and security is huge.

  17. Supporting multi-state collaboration on privacy and security to foster health IT and health information exchange.

    Science.gov (United States)

    Banger, Alison K; Alakoye, Amoke O; Rizk, Stephanie C

    2008-11-06

    As part of the HHS funded contract, Health Information Security and Privacy Collaboration, 41 states and territories have proposed collaborative projects to address cross-state privacy and security challenges related to health IT and health information exchange. Multi-state collaboration on privacy and security issues remains complicated, and resources to support collaboration around these topics are essential to the success of such collaboration. The resources outlined here offer an example of how to support multi-stakeholder, multi-state projects.

  18. A Comparative Study on Two Typical Schemes for Securing Spatial-Temporal Top-k Queries in Two-Tiered Mobile Wireless Sensor Networks.

    Science.gov (United States)

    Ma, Xingpo; Liu, Xingjian; Liang, Junbin; Li, Yin; Li, Ran; Ma, Wenpeng; Qi, Chuanda

    2018-03-15

    A novel network paradigm of mobile edge computing, namely TMWSNs (two-tiered mobile wireless sensor networks), has just been proposed by researchers in recent years for its high scalability and robustness. However, only a few works have considered the security of TMWSNs. In fact, the storage nodes, which are located at the upper layer of TMWSNs, are prone to being attacked by the adversaries because they play a key role in bridging both the sensor nodes and the sink, which may lead to the disclosure of all data stored on them as well as some other potentially devastating results. In this paper, we make a comparative study on two typical schemes, EVTopk and VTMSN, which have been proposed recently for securing Top- k queries in TMWSNs, through both theoretical analysis and extensive simulations, aiming at finding out their disadvantages and advancements. We find that both schemes unsatisfactorily raise communication costs. Specifically, the extra communication cost brought about by transmitting the proof information uses up more than 40% of the total communication cost between the sensor nodes and the storage nodes, and 80% of that between the storage nodes and the sink. We discuss the corresponding reasons and present our suggestions, hoping that it will inspire the researchers researching this subject.

  19. Treatment-seeking behaviour and social health insurance in Africa: the case of Ghana under the National Health Insurance Scheme.

    Science.gov (United States)

    Fenny, Ama P; Asante, Felix A; Enemark, Ulrika; Hansen, Kristian S

    2014-10-27

    Health insurance is attracting more and more attention as a means for improving health care utilization and protecting households against impoverishment from out-of-pocket expenditures. Currently about 52 percent of the resources for financing health care services come from out of pocket sources or user fees in Africa. Therefore, Ghana serves as in interesting case study as it has successfully expanded coverage of the National Health Insurance Scheme (NHIS). The study aims to establish the treatment-seeking behaviour of households in Ghana under the NHI policy. The study relies on household data collected from three districts in Ghana covering the 3 ecological zones namely the coastal, forest and savannah.Out of the 1013 who sought care in the previous 4 weeks, 60% were insured and 71% of them sought care from a formal health facility. The results from the multinomial logit estimations show that health insurance and travel time to health facility are significant determinants of health care demand. Overall, compared to the uninsured, the insured are more likely to choose formal health facilities than informal care including self-medication when ill. We discuss the implications of these results as the concept of the NHIS grows widely in Ghana and serves as a good model for other African countries.

  20. The National Health Insurance Scheme (NHIS) in the Dormaa Municipality, Ghana: why some residents remain uninsured?

    Science.gov (United States)

    Amo, Thompson

    2014-02-21

    The paper presents a quantitative investigation on the national health insurance scheme (nhis) in dormaa municipality, Ghana: why some residents remain uninsured? Since its implementation has been a little over a decade now. The aim is to identify the obstacles to enrollment by the public which would enable policy direction to ensure that all residents are registered with the scheme. A descriptive and cross-sectional study was conducted between May and July, 2013. Both purposive and simple random sampling technique were used to select 210 respondents and data obtained through self-administered and face-to-face interviews guided by structured questionnaire. chi square (X2) test of independence was adopted to show the association between socioeconomic and demographic features and membership. Findings from the research suggest that residents' decision to enrol have significant associated with gender, education, number of children, place of residence, employment and income. It was also observed that membership is highly affected by premium level. The discussion of the findings and recommendations offered, if incorporated into the policy guideline of NHIS could maintain and at the same time increase enrollment level which would guarantee quality, accessible and affordable basic health care protection for the good people of Ghana.

  1. Privacy, security and access with sensitive health information.

    Science.gov (United States)

    Croll, Peter

    2010-01-01

    This chapter gives an educational overview of: * Confidentiality issues and the challenges faced; * The fundamental differences between privacy and security; * The different access control mechanisms; * The challenges of Internet security; * How 'safety and quality' relate to all the above.

  2. Private health insurance and the Pharmaceutical Benefits Scheme: how effective has recent government policy been?

    Science.gov (United States)

    Richardson, Jeff R J; Segal, Leonie

    2004-01-01

    The cost to government of the Pharmaceutical Benefits Scheme (PBS) is rising at over 10 percent per annum. The government subsidy to Private Health Insurance (PHI) is about $2.4 billion and rising. Despite this, the queues facing public patients - which were the primary justification for the assistance to PHI - do not appear to be shortening. Against this backdrop, we seek to evaluate recent policies. It is shown that the reason commonly given for the support of PHI - the need to preserve the market share of private hospitals and relieve pressure upon public hospitals - is based upon a factually incorrect analysis of the hospital sector in the last decade. It is similarly true that the 'problem' of rising pharmaceutical expenditures has been exaggerated. The common element in both sets of policies is that they result in cost shifting from the public to the private purse and have little to do with the quality or quantity of health services.

  3. Impact of Publicly Financed Health Insurance Schemes on Healthcare Utilization and Financial Risk Protection in India: A Systematic Review.

    Science.gov (United States)

    Prinja, Shankar; Chauhan, Akashdeep Singh; Karan, Anup; Kaur, Gunjeet; Kumar, Rajesh

    2017-01-01

    Several publicly financed health insurance schemes have been launched in India with the aim of providing universalizing health coverage (UHC). In this paper, we report the impact of publicly financed health insurance schemes on health service utilization, out-of-pocket (OOP) expenditure, financial risk protection and health status. Empirical research studies focussing on the impact or evaluation of publicly financed health insurance schemes in India were searched on PubMed, Google scholar, Ovid, Scopus, Embase and relevant websites. The studies were selected based on two stage screening PRISMA guidelines in which two researchers independently assessed the suitability and quality of the studies. The studies included in the review were divided into two groups i.e., with and without a comparison group. To assess the impact on utilization, OOP expenditure and health indicators, only the studies with a comparison group were reviewed. Out of 1265 articles screened after initial search, 43 studies were found eligible and reviewed in full text, finally yielding 14 studies which had a comparator group in their evaluation design. All the studies (n-7) focussing on utilization showed a positive effect in terms of increase in the consumption of health services with introduction of health insurance. About 70% studies (n-5) studies with a strong design and assessing financial risk protection showed no impact in reduction of OOP expenditures, while remaining 30% of evaluations (n-2), which particularly evaluated state sponsored health insurance schemes, reported a decline in OOP expenditure among the enrolled households. One study which evaluated impact on health outcome showed reduction in mortality among enrolled as compared to non-enrolled households, from conditions covered by the insurance scheme. While utilization of healthcare did improve among those enrolled in the scheme, there is no clear evidence yet to suggest that these have resulted in reduced OOP expenditures or

  4. Can health insurance protect against out-of-pocket and catastrophic expenditures and also support poverty reduction? Evidence from Ghana's National Health Insurance Scheme

    NARCIS (Netherlands)

    Aryeetey, G.C.; Westeneng, J.; Spaan, E.J.; Jehu-Appiah, C.; Agyepong, I.A.; Baltussen, R.M.

    2016-01-01

    BACKGROUND: Ghana since 2004, begun implementation of a National Health Insurance Scheme (NHIS) to minimize financial barriers to health care at point of use of service. Usually health insurance is expected to offer financial protection to households. This study aims to analyze the effect health

  5. Impact of national health insurance scheme on blood pressure control in Zaria

    Directory of Open Access Journals (Sweden)

    Albert Imhoagene Oyati

    2016-01-01

    Full Text Available Background: National Health Insurance Scheme (NHIS was commenced in Nigeria in 2001 to ensure wider access to health care services. This study determined the impact of NHIS implementation on blood pressure (BP control among patients with systemic hypertension, regularly attending the Cardiac Clinic, Ahmadu Bello University Teaching Hospital, Shika, Zaria, Nigeria. Materials and Methods: Patients with systemic hypertension, both NHIS and non-NHIS beneficiaries attending a tertiary health facility in Zaria, Nigeria, were seen in a prospective cross-sectional study. Demographic and clinical characteristics were obtained. Access to treatment and relevant investigations were compared. BP levels were analyzed and compared in both groups at enrollment in the clinic and at the point of this study. Results: Sixty-five percent, (70/107 of the clinic attendees were on the NHIS scheme and were significantly younger than non-NHIS patients (t = 2.03, P = 0.03. Mean body mass index (BMI was equally high (t = −1.222, P = 0.22 and there was similar access to medications (χ2 = 0.08, P = 0.77. Mean systolic BP (SBP and diastolic BP (DBP at enrollment were significantly higher in NHIS patients (t = −3.064, P = 0.003 for mean SBP and t = −4.115, P = 0.0001 for mean DBP, respectively. However, BP control in both groups at the end of the study did not show any significant difference (χ2 = 0.02, P = 0.89. Conclusion: NHIS uptake among these patients is high. There was no difference in BP control among the insured and nonbeneficiaries. A study of a larger number of patients over a longer period is suggested.

  6. A Systematic Approach for Dynamic Security Assessment and the Corresponding Preventive Control Scheme Based on Decision Trees

    DEFF Research Database (Denmark)

    Liu, Leo; Sun, Kai; Rather, Zakir Hussain

    2014-01-01

    This paper proposes a decision tree (DT)-based systematic approach for cooperative online power system dynamic security assessment (DSA) and preventive control. This approach adopts a new methodology that trains two contingency-oriented DTs on a daily basis by the databases generated from power...... system simulations. Fed with real-time wide-area measurements, one DT of measurable variables is employed for online DSA to identify potential security issues, and the other DT of controllable variables provides online decision support on preventive control strategies against those issues. A cost......-effective algorithm is adopted in this proposed approach to optimize the trajectory of preventive control. The paper also proposes an importance sampling algorithm on database preparation for efficient DT training for power systems with high penetration of wind power and distributed generation. The performance...

  7. Enhancing the NFLs Counter-Terrorism Efforts: Is the Leagues Security Scheme Able to Effectively Thwart Terrorist Attacks

    Science.gov (United States)

    2016-09-01

    24  3.  Legal and Cultural Concerns of WBS Technologies in Aviation...Rudolph, author of the Atlanta bombings, was an “antigovernment fanatic” whose “grievance was anti- abortion ” based.10 Dzhokhar and Tamerlan Tsarnaev...1012690211433479. 16 Richard H. Fallon et al., “Panel I: Legal Issues in Sports Security,” Fordham Intellectual Property, Media and Entertainment Law Journal 13

  8. The capitation payment unit: 17 years in the General Social Security System in Health

    Directory of Open Access Journals (Sweden)

    Diego A. Restrepo

    2012-02-01

    Full Text Available Objective: to analyze the evolution of the Capitation Payment (UPC for its Spanish name “unidad de pago por capitación” as well as the methodologies and variables for defining it that have existed in the Colombian Social Security System in Health since its implementation between 1995 and 2011. Methodology: An observational, longitudinal descriptive study. The reference population was made up of all the papers reviewed, including books, journal articles, databases, and official presentations containing the key concepts. Results: It was found that the Capitation Payment (UPC is valued as an essential element to maintain the financial balance of the health system. From 1995 to 2011 there were a number of methodologies for defining this payment. They ranged from a definition based only on the financial balance and the availability of resources, to a technical study using statistical tools to annually adjust the value of the UPC. Conclusions: The origin of the UPC can be attributed to the system’s orientation toward a market scheme and to the convergence of three basic theories. The variations in the value of the UPC have always resulted in a similar value year after year; this is why even if the methodology for defining it changed, the proportions will be the same when compared to previous years

  9. Client-Focused Security Assessment of mHealth Apps and Recommended Practices to Prevent or Mitigate Transport Security Issues.

    Science.gov (United States)

    Müthing, Jannis; Jäschke, Thomas; Friedrich, Christoph M

    2017-10-18

    Mobile health (mHealth) apps show a growing importance for patients and health care professionals. Apps in this category are diverse. Some display important information (ie, drug interactions), whereas others help patients to keep track of their health. However, insufficient transport security can lead to confidentiality issues for patients and medical professionals, as well as safety issues regarding data integrity. mHealth apps should therefore deploy intensified vigilance to protect their data and integrity. This paper analyzes the state of security in mHealth apps. The objectives of this study were as follows: (1) identification of relevant transport issues in mHealth apps, (2) development of a platform for test purposes, and (3) recommendation of practices to mitigate them. Security characteristics relevant to the transport security of mHealth apps were assessed, presented, and discussed. These characteristics were used in the development of a prototypical platform facilitating streamlined tests of apps. For the tests, six lists of the 10 most downloaded free apps from three countries and two stores were selected. As some apps were part of these top 10 lists in more than one country, 53 unique apps were tested. Out of the 53 apps tested from three European App Stores for Android and iOS, 21/53 (40%) showed critical results. All 21 apps failed to guarantee the integrity of data displayed. A total of 18 apps leaked private data or were observable in a way that compromised confidentiality between apps and their servers; 17 apps used unprotected connections; and two apps failed to validate certificates correctly. None of the apps tested utilized certificate pinning. Many apps employed analytics or ad providers, undermining user privacy. The tests show that many mHealth apps do not apply sufficient transport security measures. The most common security issue was the use of any kind of unprotected connection. Some apps used secure connections only for selected tasks

  10. Client-Focused Security Assessment of mHealth Apps and Recommended Practices to Prevent or Mitigate Transport Security Issues

    Science.gov (United States)

    Müthing, Jannis; Jäschke, Thomas

    2017-01-01

    Background Mobile health (mHealth) apps show a growing importance for patients and health care professionals. Apps in this category are diverse. Some display important information (ie, drug interactions), whereas others help patients to keep track of their health. However, insufficient transport security can lead to confidentiality issues for patients and medical professionals, as well as safety issues regarding data integrity. mHealth apps should therefore deploy intensified vigilance to protect their data and integrity. This paper analyzes the state of security in mHealth apps. Objective The objectives of this study were as follows: (1) identification of relevant transport issues in mHealth apps, (2) development of a platform for test purposes, and (3) recommendation of practices to mitigate them. Methods Security characteristics relevant to the transport security of mHealth apps were assessed, presented, and discussed. These characteristics were used in the development of a prototypical platform facilitating streamlined tests of apps. For the tests, six lists of the 10 most downloaded free apps from three countries and two stores were selected. As some apps were part of these top 10 lists in more than one country, 53 unique apps were tested. Results Out of the 53 apps tested from three European App Stores for Android and iOS, 21/53 (40%) showed critical results. All 21 apps failed to guarantee the integrity of data displayed. A total of 18 apps leaked private data or were observable in a way that compromised confidentiality between apps and their servers; 17 apps used unprotected connections; and two apps failed to validate certificates correctly. None of the apps tested utilized certificate pinning. Many apps employed analytics or ad providers, undermining user privacy. Conclusions The tests show that many mHealth apps do not apply sufficient transport security measures. The most common security issue was the use of any kind of unprotected connection. Some apps

  11. Affiliation of the beneficiaries of a deferred pension to the CERN Health Insurance Scheme

    CERN Multimedia

    2003-01-01

    Subsequent to the modifications to the Rules and Regulations of the Pension Fund allowing members of the personnel having five years of affiliation to the Fund to opt for a deferred retirement pension, the Organization wishes to recall the rules relating to the affiliation of those beneficiaries to the CERN Health Insurance Scheme (CHIS). In accordance with Articles III 2.02 and VIII 4.02 of the CHIS Rules, beneficiaries of a deferred retirement pension can only be Members of the CHIS as CERN pensioners if they applied to remain Members of the Scheme upon termination of their compulsory membership as a member of the personnel and if their membership has been uninterrupted up to the moment they become CERN pensioners. The applicable contribution for this intermediate period is indicated in Articles III 5.03 and X 1.02 of the CHIS Rules. The amount is revised annually, and is set at 936 CHF/ month for 2003. Human Resources Division Tel. 73635

  12. Socioeconomic and programmatic determinants of renewal of membership in a voluntary micro health insurance scheme: evidence from Chakaria, Bangladesh.

    Science.gov (United States)

    Iqbal, Mohammad; Chowdhury, Asiful Haidar; Mahmood, Shehrin Shaila; Mia, Mohammad Nahid; Hanifi, S M A; Bhuiya, Abbas

    2017-01-01

    Out-of-pocket (OOP) healthcare expenditure is a major obstacle for achieving universal health coverage in low-income countries including Bangladesh. Sixty-three percent of the USD 27 annual per-capita healthcare expenditure in Bangladesh comes from individuals' pockets. Although health insurance is a financial tool for reducing OOP, use of such tools in Bangladesh has been limited to some small-scale voluntary micro health insurance (MHI) schemes run by non-governmental organizations (NGO). The MHI, however, can orient people on health insurance concept and provide learning for product development, implementation, barriers to enrolment, membership renewal, and other operational challenges and solutions. Keeping this in mind, icddr,b in 2012 initiated a pilot MHI, Amader Shasthya, in Chakaria, Bangladesh. This paper explores the determinants of membership renewal in this scheme, which is a perpetual challenge for MHI. Identify socioeconomic and programmatic determinants and their effects on membership renewal in a voluntary MHI scheme. Data came from the online management information system of the scheme and Health and Demographic Surveillance System of Chakaria, covering the period February 2012-May 2015. Association between renewal and independent variables was examined using cross-tabular and logistic regression analyses. Nearly 20% of households in the catchment area ever enroled in the scheme, and 38% renewed membership over the initial 3 years of operation. Frequency of consultation with healthcare providers, benefits received, proximity of member's residence to health facility, socioeconomic status, educational level, and age of the household head showed significant positive association with renewal of membership. Villagers' enrolment in the scheme indicated that even in poor economic and literacy conditions people can be motivated to enrol in insurance schemes. Degree of service utilization and benefits received can greatly enhance the probability of

  13. Modifications to the Rules of the CERN Health Insurance Scheme (CHIS) on 1 January 2012

    CERN Multimedia

    HR Department

    2011-01-01

    Following the 2010 five-yearly review of the financial and social conditions of the members of the personnel, the Council decided to make a number of changes to the contributions to the CERN Health Insurance Scheme and to authorise the Director-General to take timely measures to limit the increase of CHIS expenses by encouraging the use of health care providers and treatments which provide the best quality-to-cost ratio. These decisions are intended to allow the general level of cover to be maintained in the future.   The CERN Health Insurance Supervisory Board subsequently gave careful consideration to measures which would not only allow costs to be contained but would also ensure a fairer distribution of benefits while simultaneously providing greater protection for those suffering from serious health problems and hence having to face substantial expenses. On the proposal of the CHIS Board, and following examination by the Standing Concertation Committee at its meetings on 27 April and 1 Septe...

  14. Climate change and food security: health impacts in developed countries.

    Science.gov (United States)

    Lake, Iain R; Hooper, Lee; Abdelhamid, Asmaa; Bentham, Graham; Boxall, Alistair B A; Draper, Alizon; Fairweather-Tait, Susan; Hulme, Mike; Hunter, Paul R; Nichols, Gordon; Waldron, Keith W

    2012-11-01

    Anthropogenic climate change will affect global food production, with uncertain consequences for human health in developed countries. We investigated the potential impact of climate change on food security (nutrition and food safety) and the implications for human health in developed countries. Expert input and structured literature searches were conducted and synthesized to produce overall assessments of the likely impacts of climate change on global food production and recommendations for future research and policy changes. Increasing food prices may lower the nutritional quality of dietary intakes, exacerbate obesity, and amplify health inequalities. Altered conditions for food production may result in emerging pathogens, new crop and livestock species, and altered use of pesticides and veterinary medicines, and affect the main transfer mechanisms through which contaminants move from the environment into food. All these have implications for food safety and the nutritional content of food. Climate change mitigation may increase consumption of foods whose production reduces greenhouse gas emissions. Impacts may include reduced red meat consumption (with positive effects on saturated fat, but negative impacts on zinc and iron intake) and reduced winter fruit and vegetable consumption. Developed countries have complex structures in place that may be used to adapt to the food safety consequences of climate change, although their effectiveness will vary between countries, and the ability to respond to nutritional challenges is less certain. Climate change will have notable impacts upon nutrition and food safety in developed countries, but further research is necessary to accurately quantify these impacts. Uncertainty about future impacts, coupled with evidence that climate change may lead to more variable food quality, emphasizes the need to maintain and strengthen existing structures and policies to regulate food production, monitor food quality and safety, and

  15. Has the Rajiv Aarogyasri Community Health Insurance Scheme of Andhra Pradesh Addressed the Educational Divide in Accessing Health Care?

    Directory of Open Access Journals (Sweden)

    Mala Rao

    Full Text Available Equity of access to healthcare remains a major challenge with families continuing to face financial and non-financial barriers to services. Lack of education has been shown to be a key risk factor for 'catastrophic' health expenditure (CHE, in many countries including India. Consequently, ways to address the education divide need to be explored. We aimed to assess whether the innovative state-funded Rajiv Aarogyasri Community Health Insurance Scheme of Andhra Pradesh state launched in 2007, has achieved equity of access to hospital inpatient care among households with varying levels of education.We used the National Sample Survey Organization 2004 survey as our baseline and the same survey design to collect post-intervention data from 8623 households in the state in 2012. Two outcomes, hospitalisation and CHE for inpatient care, were estimated using education as a measure of socio-economic status and transforming levels of education into ridit scores. We derived relative indices of inequality by regressing the outcome measures on education, transformed as a ridit score, using logistic regression models with appropriate weights and accounting for the complex survey design.Between 2004 and 2012, there was a 39% reduction in the likelihood of the most educated person being hospitalised compared to the least educated, with reductions observed in all households as well as those that had used the Aarogyasri. For CHE the inequality disappeared in 2012 in both groups. Sub-group analyses by economic status, social groups and rural-urban residence showed a decrease in relative indices of inequality in most groups. Nevertheless, inequalities in hospitalisation and CHE persisted across most groups.During the time of the Aarogyasri scheme implementation inequalities in access to hospital care were substantially reduced but not eliminated across the education divide. Universal access to education and schemes such as Aarogyasri have the synergistic potential

  16. Personal, Electronic, Secure National Library of Medicine Hosts Health Records Conference

    Science.gov (United States)

    ... Bar Home Current Issue Past Issues EHR Personal, Electronic, Secure: National Library of Medicine Hosts Health Records ... One suggestion for saving money is to implement electronic personal health records. With this in mind, the ...

  17. 78 FR 2953 - National Cybersecurity Center of Excellence (NCCoE) Secure Exchange of Electronic Health...

    Science.gov (United States)

    2013-01-15

    ... transport standards adopted by the Department of Health and Human Services at 45 CFR 170.202; 3. Access by... violations; and performing system health checks; 5. Support for standardized security automation technologies...

  18. [Experience of international cooperation among Baltic countries in occupational health and security].

    Science.gov (United States)

    Miloutka, E V; Andronova, E R; Dedkova, L E

    2013-01-01

    The article covers longstanding experience of international cooperation in occupational health and security with Baltic countries. The authors describe history of information network creation, its structure, objectives, importance for occupational health services and safety in the region.

  19. CERN Health Insurance Scheme (CHIS) Monthly Contributions – Changes for 2015

    CERN Multimedia

    HR Department

    2015-01-01

    Following the 2010 five-yearly review of financial and social conditions, which included the CERN Health Insurance Scheme (CHIS), the CERN Council decided in December 2010 to progressively increase the level of contributions over the period 2011-2015.   For 2015, the contribution rate of active and retired CHIS members will be 4.86%. The amounts of the fixed premiums for voluntarily insured members (e.g. users and associates) as well as the supplementary contributions for spouses with income from a professional activity or with a retirement pension (including the CERN pension) increase accordingly : 1. Voluntary contributions The full contribution based on Reference Salary II is now 1208 CHF per month. This fixed amount contribution is applied to voluntarily affiliated users and associates with normal coverage. Half of this amount (604 CHF) is applied to voluntarily affiliated users and associates with reduced coverage. Finally, an amount of 483 CHF is applied to children maintaining their insur...

  20. CERN Health Insurance Scheme (CHIS) Monthly Contributions – Changes for 2013

    CERN Multimedia

    Human Resources Department

    2013-01-01

    Following the 2010 five-yearly review of financial and social conditions, which included the CERN Health Insurance Scheme (CHIS), the CERN Council decided in December 2010 to progressively increase the level of contributions over the period 2011-2015.   For 2013, the contribution rate of active and retired CHIS members will be 4.55%. The amounts of the fixed premiums for voluntarily insured members (e.g. users and associates) as well as the supplementary contributions for spouses with income from a professional activity will increase accordingly: 1. Voluntary contributions The full contribution based on Reference Salary II is now 1116 CHF per month. This fixed amount contribution is applied to voluntarily affiliated users and associates with normal coverage. Half of this amount (558 CHF) is applied to voluntarily affiliated users and associates with reduced coverage. Finally, an amount of 446 CHF is applied to children maintaining their insurance cover on a voluntary and temporarily basis. More ...

  1. CERN Health Insurance Scheme (CHIS) Monthly Contributions – Changes for 2014

    CERN Multimedia

    2014-01-01

    Following the 2010 five-yearly review of financial and social conditions, which included the CERN Health Insurance Scheme (CHIS), the CERN Council decided in December 2010 to progressively increase the level of contributions over the period 2011-2015.   For 2014, the contribution rate of active and retired CHIS members will be 4.7%. The amounts of the fixed premiums for voluntarily insured members (e.g. users and associates) as well as the supplementary contributions for spouses with income from a professional activity or with a retirement pension (including the CERN pension) will increase accordingly: Voluntary contributions The full contribution based on Reference Salary II is now 1161 CHF per month. This fixed amount contribution is applied to voluntarily affiliated users and associates with normal coverage. Half of this amount (580 CHF) is applied to voluntarily affiliated users and associates with reduced coverage. Finally, an amount of 464 CHF is applied to children maintaining their ins...

  2. Technical solutions for mitigating security threats caused by health professionals in clinical settings.

    Science.gov (United States)

    Fernandez-Aleman, Jose Luis; Belen Sanchez Garcia, Ana; Garcia-Mateos, Gines; Toval, Ambrosio

    2015-08-01

    The objective of this paper is to present a brief description of technical solutions for health information system security threats caused by inadequate security and privacy practices in healthcare professionals. A literature search was carried out in ScienceDirect, ACM Digital Library and IEEE Digital Library to find papers reporting technical solutions for certain security problems in information systems used in clinical settings. A total of 17 technical solutions were identified: measures for password security, the secure use of e-mail, the Internet, portable storage devices, printers and screens. Although technical safeguards are essential to the security of healthcare organization's information systems, good training, awareness programs and adopting a proper information security policy are particularly important to prevent insiders from causing security incidents.

  3. Secure Cloud-Based Solutions for Different eHealth Services in Spanish Rural Health Centers

    Science.gov (United States)

    2015-01-01

    Background The combination of eHealth applications and/or services with cloud technology provides health care staff—with sufficient mobility and accessibility for them—to be able to transparently check any data they may need without having to worry about its physical location. Objective The main aim of this paper is to put forward secure cloud-based solutions for a range of eHealth services such as electronic health records (EHRs), telecardiology, teleconsultation, and telediagnosis. Methods The scenario chosen for introducing the services is a set of four rural health centers located within the same Spanish region. iCanCloud software was used to perform simulations in the proposed scenario. We chose online traffic and the cost per unit in terms of time as the parameters for choosing the secure solution on the most optimum cloud for each service. Results We suggest that load balancers always be fitted for all solutions in communication together with several Internet service providers and that smartcards be used to maintain identity to an appropriate extent. The solutions offered via private cloud for EHRs, teleconsultation, and telediagnosis services require a volume of online traffic calculated at being able to reach 2 Gbps per consultation. This may entail an average cost of €500/month. Conclusions The security solutions put forward for each eHealth service constitute an attempt to centralize all information on the cloud, thus offering greater accessibility to medical information in the case of EHRs alongside more reliable diagnoses and treatment for telecardiology, telediagnosis, and teleconsultation services. Therefore, better health care for the rural patient can be obtained at a reasonable cost. PMID:26215155

  4. Secure Cloud-Based Solutions for Different eHealth Services in Spanish Rural Health Centers.

    Science.gov (United States)

    de la Torre-Díez, Isabel; Lopez-Coronado, Miguel; Garcia-Zapirain Soto, Begonya; Mendez-Zorrilla, Amaia

    2015-07-27

    The combination of eHealth applications and/or services with cloud technology provides health care staff—with sufficient mobility and accessibility for them—to be able to transparently check any data they may need without having to worry about its physical location. The main aim of this paper is to put forward secure cloud-based solutions for a range of eHealth services such as electronic health records (EHRs), telecardiology, teleconsultation, and telediagnosis. The scenario chosen for introducing the services is a set of four rural health centers located within the same Spanish region. iCanCloud software was used to perform simulations in the proposed scenario. We chose online traffic and the cost per unit in terms of time as the parameters for choosing the secure solution on the most optimum cloud for each service. We suggest that load balancers always be fitted for all solutions in communication together with several Internet service providers and that smartcards be used to maintain identity to an appropriate extent. The solutions offered via private cloud for EHRs, teleconsultation, and telediagnosis services require a volume of online traffic calculated at being able to reach 2 Gbps per consultation. This may entail an average cost of €500/month. The security solutions put forward for each eHealth service constitute an attempt to centralize all information on the cloud, thus offering greater accessibility to medical information in the case of EHRs alongside more reliable diagnoses and treatment for telecardiology, telediagnosis, and teleconsultation services. Therefore, better health care for the rural patient can be obtained at a reasonable cost.

  5. Equitable access to health insurance for socially excluded children? The case of the National Health Insurance Scheme (NHIS) in Ghana.

    Science.gov (United States)

    Williams, Gemma A; Parmar, Divya; Dkhimi, Fahdi; Asante, Felix; Arhinful, Daniel; Mladovsky, Philipa

    2017-08-01

    To help reduce child mortality and reach universal health coverage, Ghana extended free membership of the National Health Insurance Scheme (NHIS) to children (under-18s) in 2008. However, despite the introduction of premium waivers, a substantial proportion of children remain uninsured. Thus far, few studies have explored why enrolment of children in NHIS may remain low, despite the absence of significant financial barriers to membership. In this paper we therefore look beyond economic explanations of access to health insurance to explore additional wider determinants of enrolment in the NHIS. In particular, we investigate whether social exclusion, as measured through a sociocultural, political and economic lens, can explain poor enrolment rates of children. Data were collected from a cross-sectional survey of 4050 representative households conducted in Ghana in 2012. Household indices were created to measure sociocultural, political and economic exclusion, and logistic regressions were conducted to study determinants of enrolment at the individual and household levels. Our results indicate that socioculturally, economically and politically excluded children are less likely to enrol in the NHIS. Furthermore, households excluded in all dimensions were more likely to be non-enrolled or partially-enrolled (i.e. not all children enrolled within the household) than fully-enrolled. These results suggest that equity in access for socially excluded children has not yet been achieved. Efforts should be taken to improve coverage by removing the remaining small, annually renewable registration fee, implementing and publicising the new clause that de-links premium waivers from parental membership, establishing additional scheme administrative offices in remote areas, holding regular registration sessions in schools and conducting outreach sessions and providing registration support to female guardians of children. Ensuring equitable access to NHIS will contribute substantially

  6. One Health in food safety and security education: Subject matter outline for a curricular framework.

    Science.gov (United States)

    Angelos, John A; Arens, Amanda L; Johnson, Heather A; Cadriel, Jessica L; Osburn, Bennie I

    2017-06-01

    Educating students in the range of subjects encompassing food safety and security as approached from a One Health perspective requires consideration of a variety of different disciplines and the interrelationships among disciplines. The Western Institute for Food Safety and Security developed a subject matter outline to accompany a previously published One Health in food safety and security curricular framework. The subject matter covered in this outline encompasses a variety of topics and disciplines related to food safety and security including effects of food production on the environment. This subject matter outline should help guide curriculum development and education in One Health in food safety and security and provides useful information for educators, researchers, students, and public policy-makers facing the inherent challenges of maintaining and/or developing safe and secure food supplies without destroying Earth's natural resources.

  7. One Health in food safety and security education: Subject matter outline for a curricular framework

    Directory of Open Access Journals (Sweden)

    John A. Angelos

    2017-06-01

    Full Text Available Educating students in the range of subjects encompassing food safety and security as approached from a One Health perspective requires consideration of a variety of different disciplines and the interrelationships among disciplines. The Western Institute for Food Safety and Security developed a subject matter outline to accompany a previously published One Health in food safety and security curricular framework. The subject matter covered in this outline encompasses a variety of topics and disciplines related to food safety and security including effects of food production on the environment. This subject matter outline should help guide curriculum development and education in One Health in food safety and security and provides useful information for educators, researchers, students, and public policy-makers facing the inherent challenges of maintaining and/or developing safe and secure food supplies without destroying Earth's natural resources.

  8. The national health insurance scheme: perceptions and experiences of health care providers and clients in two districts of Ghana.

    Science.gov (United States)

    Dalinjong, Philip Ayizem; Laar, Alexander Suuk

    2012-07-23

    Prepayments and risk pooling through social health insurance has been advocated by international development organizations. Social health insurance is seen as a mechanism that helps mobilize resources for health, pool risk, and provide more access to health care services for the poor. Hence Ghana implemented the National Health Insurance Scheme (NHIS) to help promote access to health care services for Ghanaians. The study examined the influence of the NHIS on the behavior of health care providers in their treatment of insured and uninsured clients. The study took place in Bolgatanga (urban) and Builsa (rural) districts in Ghana. Data was collected through exit survey with 200 insured and uninsured clients, 15 in-depth interviews with health care providers and health insurance managers, and 8 focus group discussions with insured and uninsured community members. The NHIS promoted access for insured and mobilized revenue for health care providers. Both insured and uninsured were satisfied with care (survey finding). However, increased utilization of health care services by the insured leading to increased workloads for providers influenced their behavior towards the insured. Most of the insured perceived and experienced long waiting times, verbal abuse, not being physically examined and discrimination in favor of the affluent and uninsured. The insured attributed their experience to the fact that they were not making immediate payments for services. A core challenge of the NHIS was a delay in reimbursement which affected the operations of health facilities and hence influenced providers' behavior as well. Providers preferred clients who would make instant payments for health care services. Few of the uninsured were utilizing health facilities and visit only in critical conditions. This is due to the increased cost of health care services under the NHIS. The perceived opportunistic behavior of the insured by providers was responsible for the difference in the behavior

  9. Real-Time and Secure Wireless Health Monitoring

    Science.gov (United States)

    Dağtaş, S.; Pekhteryev, G.; Şahinoğlu, Z.; Çam, H.; Challa, N.

    2008-01-01

    We present a framework for a wireless health monitoring system using wireless networks such as ZigBee. Vital signals are collected and processed using a 3-tiered architecture. The first stage is the mobile device carried on the body that runs a number of wired and wireless probes. This device is also designed to perform some basic processing such as the heart rate and fatal failure detection. At the second stage, further processing is performed by a local server using the raw data transmitted by the mobile device continuously. The raw data is also stored at this server. The processed data as well as the analysis results are then transmitted to the service provider center for diagnostic reviews as well as storage. The main advantages of the proposed framework are (1) the ability to detect signals wirelessly within a body sensor network (BSN), (2) low-power and reliable data transmission through ZigBee network nodes, (3) secure transmission of medical data over BSN, (4) efficient channel allocation for medical data transmission over wireless networks, and (5) optimized analysis of data using an adaptive architecture that maximizes the utility of processing and computational capacity at each platform. PMID:18497866

  10. Enhancing Global Health Security: US Africa Command's Disaster Preparedness Program.

    Science.gov (United States)

    Morton Hamer, Melinda J; Reed, Paul L; Greulich, Jane D; Beadling, Charles W

    2018-03-07

    US Africa Command's Disaster Preparedness Program (DPP), implemented by the Center for Disaster and Humanitarian Assistance Medicine, partnered with US Government agencies and international organizations to promote stability and security on the African continent by engaging with African Partner Nations' (PN) civil and military authorities to improve disaster management capabilities. From 2008 to 2015, DPP conducted disaster preparedness and response programming with 17 PNs. DPP held a series of engagements with each, including workshops, strategic planning, developing preparedness and response plans, tabletop exercises, and prioritizing disaster management capability gaps identified through the engagements. DPP partners collected data for each PN to further capacity building efforts. Thus far, 9 countries have completed military pandemic plans, 10 have developed national pandemic influenza plans, 9 have developed military support to civil authorities plans, and 11 have developed disaster management strategic work plans. There have been 20 national exercises conducted since 2009. DPP was cited as key in implementation of Ebola response plans in PNs, facilitated development of disaster management agencies in DPP PNs, and trained nearly 800 individuals. DPP enhanced PNs' ability to prepare and respond to crises, fostering relationships between international agencies, and improving civil-military coordination through both national and regional capacity building. (Disaster Med Public Health Preparedness. 2018;page 1 of 11).

  11. Community concepts of poverty: an application to premium exemptions in Ghana's National Health Insurance Scheme.

    Science.gov (United States)

    Aryeetey, Genevieve C; Jehu-Appiah, Caroline; Kotoh, Agnes M; Spaan, Ernst; Arhinful, Daniel K; Baltussen, Rob; van der Geest, Sjaak; Agyepong, Irene A

    2013-03-14

    Poverty is multi dimensional. Beyond the quantitative and tangible issues related to inadequate income it also has equally important social, more intangible and difficult if not impossible to quantify dimensions. In 2009, we explored these social and relativist dimension of poverty in five communities in the South of Ghana with differing socio economic characteristics to inform the development and implementation of policies and programs to identify and target the poor for premium exemptions under Ghana's National Health Insurance Scheme. We employed participatory wealth ranking (PWR) a qualitative tool for the exploration of community concepts, identification and ranking of households into socioeconomic groups. Key informants within the community ranked households into wealth categories after discussing in detail concepts and indicators of poverty. Community defined indicators of poverty covered themes related to type of employment, educational attainment of children, food availability, physical appearance, housing conditions, asset ownership, health seeking behavior, social exclusion and marginalization. The poverty indicators discussed shared commonalities but contrasted in the patterns of ranking per community. The in-depth nature of the PWR process precludes it from being used for identification of the poor on a large national scale in a program such as the NHIS. However, PWR can provide valuable qualitative input to enrich discussions, development and implementation of policies, programs and tools for large scale interventions and targeting of the poor for social welfare programs such as premium exemption for health care.

  12. Network security system for health and medical information using smart IC card

    Science.gov (United States)

    Kanai, Yoichi; Yachida, Masuyoshi; Yoshikawa, Hiroharu; Yamaguchi, Masahiro; Ohyama, Nagaaki

    1998-07-01

    A new network security protocol that uses smart IC cards has been designed to assure the integrity and privacy of medical information in communication over a non-secure network. Secure communication software has been implemented as a library based on this protocol, which is called the Integrated Secure Communication Layer (ISCL), and has been incorporated into information systems of the National Cancer Center Hospitals and the Health Service Center of the Tokyo Institute of Technology. Both systems have succeeded in communicating digital medical information securely.

  13. An Implementation of RC4+ Algorithm and Zig-zag Algorithm in a Super Encryption Scheme for Text Security

    Science.gov (United States)

    Budiman, M. A.; Amalia; Chayanie, N. I.

    2018-03-01

    Cryptography is the art and science of using mathematical methods to preserve message security. There are two types of cryptography, namely classical and modern cryptography. Nowadays, most people would rather use modern cryptography than classical cryptography because it is harder to break than the classical one. One of classical algorithm is the Zig-zag algorithm that uses the transposition technique: the original message is unreadable unless the person has the key to decrypt the message. To improve the security, the Zig-zag Cipher is combined with RC4+ Cipher which is one of the symmetric key algorithms in the form of stream cipher. The two algorithms are combined to make a super-encryption. By combining these two algorithms, the message will be harder to break by a cryptanalyst. The result showed that complexity of the combined algorithm is θ(n2 ), while the complexity of Zig-zag Cipher and RC4+ Cipher are θ(n2 ) and θ(n), respectively.

  14. Security and privacy preserving approaches in the eHealth clouds with disaster recovery plan.

    Science.gov (United States)

    Sahi, Aqeel; Lai, David; Li, Yan

    2016-11-01

    Cloud computing was introduced as an alternative storage and computing model in the health sector as well as other sectors to handle large amounts of data. Many healthcare companies have moved their electronic data to the cloud in order to reduce in-house storage, IT development and maintenance costs. However, storing the healthcare records in a third-party server may cause serious storage, security and privacy issues. Therefore, many approaches have been proposed to preserve security as well as privacy in cloud computing projects. Cryptographic-based approaches were presented as one of the best ways to ensure the security and privacy of healthcare data in the cloud. Nevertheless, the cryptographic-based approaches which are used to transfer health records safely remain vulnerable regarding security, privacy, or the lack of any disaster recovery strategy. In this paper, we review the related work on security and privacy preserving as well as disaster recovery in the eHealth cloud domain. Then we propose two approaches, the Security-Preserving approach and the Privacy-Preserving approach, and a disaster recovery plan. The Security-Preserving approach is a robust means of ensuring the security and integrity of Electronic Health Records, and the Privacy-Preserving approach is an efficient authentication approach which protects the privacy of Personal Health Records. Finally, we discuss how the integrated approaches and the disaster recovery plan can ensure the reliability and security of cloud projects. Copyright © 2016 Elsevier Ltd. All rights reserved.

  15. Model-based security analysis of the German health card architecture.

    Science.gov (United States)

    Jürjens, J; Rumm, R

    2008-01-01

    Health-care information systems are particularly security-critical. In order to make these applications secure, the security analysis has to be an integral part of the system design and IT management process for such systems. This work presents the experiences and results from the security analysis of the system architecture of the German Health Card, by making use of an approach to model-based security engineering that is based on the UML extension UMLsec. The focus lies on the security mechanisms and security policies of the smart-card-based architecture which were analyzed using the UMLsec method and tools. Main results of the paper include a report on the employment of the UMLsec method in an industrial health information systems context as well as indications of its benefits and limitations. In particular, two potential security weaknesses were detected and countermeasures discussed. The results indicate that it can be feasible to apply a model-based security analysis using UMLsec to an industrial health information system like the German Health Card architecture, and that doing so can have concrete benefits (such as discovering potential weaknesses, and an increased confidence that no further vulnerabilities of the kind that were considered are present).

  16. Insured persons dilemma about other family members: a perspective on the national health insurance scheme in Nigeria

    Directory of Open Access Journals (Sweden)

    Nasir Umar

    2011-09-01

    Full Text Available The need for health care reforms and alternative financing mechanism in many low and middle-income countries has been advocated. This led to the introduction of the national health insurance scheme (NHIS in Nigeria, at first with the enrollment of formal sector employees. A qualitative study was conducted to assess enrollee’s perception on the quality of health care before and after enrollment. Initial results revealed that respondents (heads of households have generally viewed the NHIS favorably, but consistently expressed dissatisfaction over the terms of coverage. Specifically, because the NHIS enrollment covers only the primary insured person, their spouse and only up to four biological children (child defined as <18 years of age, in a setting where extended family is common. Dissatisfaction of enrollees could affect their willingness to participate in the insurance scheme, which may potentially affect the success and future extension of the scheme.

  17. Thailand's universal coverage scheme and its impact on health-seeking behavior.

    Science.gov (United States)

    Paek, Seung Chun; Meemon, Natthani; Wan, Thomas T H

    2016-01-01

    Thailand's Universal Coverage Scheme (UCS) has improved healthcare access and utilization since its initial introduction in 2002. However, a substantial proportion of beneficiaries has utilized care outside the UCS boundaries. Because low utilization may be an indication of a policy gap between people's health needs and the services available to them, we investigated the patterns of health-seeking behavior and their social/contextual determinants among UCS beneficiaries in the year 2013. The study findings from the outpatient analysis showed that the use of designated facilities for care was significantly higher in low-income, unemployed, and chronic status groups. The findings from the inpatient analysis showed that the use of designated facilities for care was significantly higher in the low-income, older, and female groups. Particularly, for the low-income group, we found that they (1) had greater health care needs, (2) received a larger number of services from designated facilities, and (3) paid the least for both inpatient and outpatient services. This pro-poor impact indicated that the UCS could adequately respond to beneficiaries' needs in terms of vertical equity. However, we also found that a considerable proportion of beneficiaries utilized out-of-network services, which implied a lack of universal access to policy services from a horizontal equity point of view. Thus, the policy should continue expanding and diversifying its service benefits to strengthen horizontal equity. Particularly, private sector involvement for those who are employed as well as the increased unmet health needs of those in rural areas may be important policy priorities for that. Lastly, methodological issues such as severity adjustment and a detailed categorization of health-seeking behaviors need to be further considered for a better understanding of the policy impact.

  18. Does the National Health Insurance Scheme provide financial protection to households in Ghana?

    Science.gov (United States)

    Kusi, Anthony; Hansen, Kristian Schultz; Asante, Felix A; Enemark, Ulrika

    2015-08-15

    Excessive healthcare payments can impede access to health services and also disrupt the welfare of households with no financial protection. Health insurance is expected to offer financial protection against health shocks. Ghana began the implementation of its National Health Insurance Scheme (NHIS) in 2004. The NHIS is aimed at removing the financial barrier to healthcare by limiting direct out-of-pocket health expenditures (OOPHE). The study examines the effect of the NHIS on OOPHE and how it protects households against catastrophic health expenditures. Data was obtained from a cross-sectional representative household survey involving 2,430 households from three districts across Ghana. All OOPHE associated with treatment seeking for reported illness in the household in the last 4 weeks preceding the survey were analysed and compared between insured and uninsured persons. The incidence and intensity of catastrophic health expenditures (CHE) among households were measured by the catastrophic health payment method. The relative effect of NHIS on the incidence of CHE in the household was estimated by multiple logistic regression analysis. About 36% of households reported at least one illness during the 4 weeks period. Insured patients had significantly lower direct OOPHE for out-patient and in-patient care compared to the uninsured. On financial protection, the incidence of CHE was lower among insured households (2.9%) compared to the partially insured (3.7%) and the uninsured (4.0%) at the 40% threshold. The incidence of CHE was however significantly lower among fully insured households (6.0%) which sought healthcare from NHIS accredited health facilities compared to the partially insured (10.1%) and the uninsured households (23.2%). The likelihood of a household incurring CHE was 4.2 times less likely for fully insured and 2.9 times less likely for partially insured households relative to being uninsured. The NHIS has however not completely eliminated OOPHE for the

  19. Infotech. Cyber security. Health care learns to share scares and solutions.

    Science.gov (United States)

    Colias, Mike

    2004-05-01

    Health care information technology leaders and others are coming together to share scary experiences and develop best practices to guard against crippling computer viruses, scheming hackers and other cyber threats.

  20. Improving Mental Health Reporting Practices in Between Personnel Security Investigations

    Science.gov (United States)

    2017-06-01

    derogatory information, unfavorable administrative actions, and adverse actions to the appropriate personnel security, human resources , and...national security clearance? What type of clearances do people typically have (e.g., Secret, Top Secret, TS/SCI, SAP , etc.)? (2) Does [the

  1. Does the PCEHR mean a new paradigm for information security? Implications for health information management.

    Science.gov (United States)

    Williams, Patricia A H

    Australia is stepping up to the new e-health environment. With this comes new legislation and new demands on information security. The expanded functionality of e-health and the increased legislative requirements, coupled with new uses of technology, means that enhancement of existing security practice will be necessary. This paperanalyses the new operating environment for Australian healthcare and the legislation governing it, and highlights the changes that are required to meet this new context. Individuals are now more responsible for security and organisations should be prompted to review their security measures in light of the new demands of legislative compliance.

  2. [Part-time Work and Men's Health : Results based on Routine Data of a Statutory Health Insurance Scheme].

    Science.gov (United States)

    Grobe, Thomas G

    2016-08-01

    With the introduction of a new occupational classification at the end of 2011, employment characteristics are reported by employees to social insurance agencies in Germany in more detail than in previous years. In addition to other changes, the new classification allows a distinction between full- and part-time work to be made. This provided a reason to consider the health-related aspects of part-time work on the basis of data from a statutory health insurance scheme. Our analysis is based on the data of 3.8 million employees insured with the Techniker Krankenkasse (TK), a statutory health insurance scheme, in 2012. In addition to daily information on employment situations, details of periods and diagnoses of sick leave and the drugs prescribed were available. Although approximately 50 % of women of middle to higher working age worked part-time in 2012, the corresponding percentage of men employed in part-time work was less than 10 %. Overall, part-time employees were on sick leave for fewer days than full-time employees, but among men, sick leave due to mental disorders was longer for part-time employees than for full-time employees, whereas women working part time were affected to a lesser extent by corresponding periods of absence than those working full time. The results provide indications for the assertion that men in gender-specifically atypical employment situations are more frequently affected by mental disorders. Further evidence supports this assertion. With the long-term availability of these new employment characteristics, longitudinal analyses could help to clarify this cause-effect relationship.

  3. Stakeholders Perspectives on the Success Drivers in Ghana’s National Health Insurance Scheme – Identifying Policy Translation Issues

    Science.gov (United States)

    Fusheini, Adam; Marnoch, Gordon; Gray, Ann Marie

    2017-01-01

    Background: Ghana’s National Health Insurance Scheme (NHIS), established by an Act of Parliament (Act 650), in 2003 and since replaced by Act 852 of 2012 remains, in African terms, unprecedented in terms of growth and coverage. As a result, the scheme has received praise for its associated legal reforms, clinical audit mechanisms and for serving as a hub for knowledge sharing and learning within the context of South-South cooperation. The scheme continues to shape national health insurance thinking in Africa. While the success, especially in coverage and financial access has been highlighted by many authors, insufficient attention has been paid to critical and context-specific factors. This paper seeks to fill that gap. Methods: Based on an empirical qualitative case study of stakeholders’ views on challenges and success factors in four mutual schemes (district offices) located in two regions of Ghana, the study uses the concept of policy translation to assess whether the Ghana scheme could provide useful lessons to other African and developing countries in their quest to implement social/NHISs. Results: In the study, interviewees referred to both ‘hard and soft’ elements as driving the "success" of the Ghana scheme. The main ‘hard elements’ include bureaucratic and legal enforcement capacities; IT; financing; governance, administration and management; regulating membership of the scheme; and service provision and coverage capabilities. The ‘soft’ elements identified relate to: the background/context of the health insurance scheme; innovative ways of funding the NHIS, the hybrid nature of the Ghana scheme; political will, commitment by government, stakeholders and public cooperation; social structure of Ghana (solidarity); and ownership and participation. Conclusion: Other developing countries can expect to translate rather than re-assemble a national health insurance programme in an incomplete and highly modified form over a period of years

  4. Stakeholders Perspectives on the Success Drivers in Ghana’s National Health Insurance Scheme – Identifying Policy Translation Issues

    Directory of Open Access Journals (Sweden)

    Adam Fusheini

    2017-05-01

    Full Text Available Background Ghana’s National Health Insurance Scheme (NHIS, established by an Act of Parliament (Act 650, in 2003 and since replaced by Act 852 of 2012 remains, in African terms, unprecedented in terms of growth and coverage. As a result, the scheme has received praise for its associated legal reforms, clinical audit mechanisms and for serving as a hub for knowledge sharing and learning within the context of South-South cooperation. The scheme continues to shape national health insurance thinking in Africa. While the success, especially in coverage and financial access has been highlighted by many authors, insufficient attention has been paid to critical and context-specific factors. This paper seeks to fill that gap. Methods Based on an empirical qualitative case study of stakeholders’ views on challenges and success factors in four mutual schemes (district offices located in two regions of Ghana, the study uses the concept of policy translation to assess whether the Ghana scheme could provide useful lessons to other African and developing countries in their quest to implement social/NHISs. Results In the study, interviewees referred to both ‘hard and soft’ elements as driving the “success” of the Ghana scheme. The main ‘hard elements’ include bureaucratic and legal enforcement capacities; IT; financing; governance, administration and management; regulating membership of the scheme; and service provision and coverage capabilities. The ‘soft’ elements identified relate to: the background/context of the health insurance scheme; innovative ways of funding the NHIS, the hybrid nature of the Ghana scheme; political will, commitment by government, stakeholders and public cooperation; social structure of Ghana (solidarity; and ownership and participation. Conclusion Other developing countries can expect to translate rather than re-assemble a national health insurance programme in an incomplete and highly modified form over a period

  5. A security framework for nationwide health information exchange based on telehealth strategy.

    Science.gov (United States)

    Zaidan, B B; Haiqi, Ahmed; Zaidan, A A; Abdulnabi, Mohamed; Kiah, M L Mat; Muzamel, Hussaen

    2015-05-01

    This study focuses on the situation of health information exchange (HIE) in the context of a nationwide network. It aims to create a security framework that can be implemented to ensure the safe transmission of health information across the boundaries of care providers in Malaysia and other countries. First, a critique of the major elements of nationwide health information networks is presented from the perspective of security, along with such topics as the importance of HIE, issues, and main approaches. Second, a systematic evaluation is conducted on the security solutions that can be utilized in the proposed nationwide network. Finally, a secure framework for health information transmission is proposed within a central cloud-based model, which is compatible with the Malaysian telehealth strategy. The outcome of this analysis indicates that a complete security framework for a global structure of HIE is yet to be defined and implemented. Our proposed framework represents such an endeavor and suggests specific techniques to achieve this goal.

  6. Addressing healthcare needs of people living below the poverty line: a rapid assessment of the Andhra Pradesh Health Insurance Scheme.

    Science.gov (United States)

    Rao, M; Ramachandra, S S; Bandyopadhyay, S; Chandran, A; Shidhaye, R; Tamisettynarayana, S; Thippaiah, A; Sitamma, M; Sunil George, M; Singh, V; Sivasankaran, S; Bangdiwala, S I

    2011-01-01

    Families living below the poverty line in countries which do not have universal healthcare coverage are drawn into indebtedness and bankruptcy. The state of Andhra Pradesh in India established the Rajiv Aarogyasri Community Health Insurance Scheme (RACHIS) in 2007 with the aim of breaking this cycle by improving the access of below the poverty line (BPL) families to secondary and tertiary healthcare. It covered a wide range of surgical and medical treatments for serious illnesses requiring specialist healthcare resources not always available at district-level government hospitals. The impact of this scheme was evaluated by a rapid assessment, commissioned by the government of Andhra Pradesh. The aim of the assessment was to explore the contribution of the scheme to the reduction of catastrophic health expenditure among the poor and to recommend ways by which delivery of the scheme could be improved. We report the findings of this assessment. Two types of data were used for the assessment. Patient data pertaining to 89 699 treatment requests approved by the scheme during its first 18 months were examined. Second, surveys of scheme beneficiaries and providers were undertaken in 6 randomly selected districts of Andhra Pradesh. This novel scheme was beginning to reach the BPL households in the state and providing access to free secondary and tertiary healthcare to seriously ill poor people. An integrated model encompassing primary, secondary and tertiary care would be of greater benefit to families below the poverty line and more cost-effective for the government. There is considerable potential for the government to build on this successful start and to strengthen equity of access and the quality of care provided by the scheme. Copyright 2011, NMJI.

  7. Robust anonymous authentication scheme for telecare medical information systems.

    Science.gov (United States)

    Xie, Qi; Zhang, Jun; Dong, Na

    2013-04-01

    Patient can obtain sorts of health-care delivery services via Telecare Medical Information Systems (TMIS). Authentication, security, patient's privacy protection and data confidentiality are important for patient or doctor accessing to Electronic Medical Records (EMR). In 2012, Chen et al. showed that Khan et al.'s dynamic ID-based authentication scheme has some weaknesses and proposed an improved scheme, and they claimed that their scheme is more suitable for TMIS. However, we show that Chen et al.'s scheme also has some weaknesses. In particular, Chen et al.'s scheme does not provide user's privacy protection and perfect forward secrecy, is vulnerable to off-line password guessing attack and impersonation attack once user's smart card is compromised. Further, we propose a secure anonymity authentication scheme to overcome their weaknesses even an adversary can know all information stored in smart card.

  8. REMINDER: SUPPLEMENTARY CONTRIBUTION PAYABLE TO THE HEALTH INSURANCE SCHEME FOR THE SPOUSE'S COVERAGE

    CERN Document Server

    2003-01-01

    Staff Members, Fellows and Pensioners are reminded that any change in the marital status of members of the personnel, as well as any change in the spouse's income or health insurance cover, shall be notified in writing to CERN, within 30 calendar days of the change, in accordance with Article R IV 1.17 of the Staff Regulations. Such changes may have consequences on the conditions of the spouse's affiliation to the CERN Health Insurance Scheme (CHIS) or on the payment of the supplementary contribution to the CHIS for the coverage of the spouse. In 2003, for the following income brackets, the indexed amounts in Swiss francs of the supplementary contribution are : - more than 30'000 CHF and up to 50'000 CHF: 134.- - more than 50'000 CHF and up to 90'000 CHF: 234.- - more than 90'000 CHF and up to 130'000 CHF: 369.- - more than 130'000 CHF: 468.- It is in the member of the personnel's interest to declare as soon as possible a change in the annual income of his spouse in order that the contribution is adjusted w...

  9. Supplementary contribution payable to the health insurance scheme for the spouse's coverage

    CERN Multimedia

    Human Resources Department

    2005-01-01

    Staff Members, Fellows and Pensioners are reminded that any change in the marital status of members of the personnel, as well as any change in the spouse's income or health insurance cover, shall be notified in writing to CERN, within 30 calendar days of the change, in accordance with Article R IV 1.17 of the Staff Regulations. Such changes may have consequences on the conditions of the spouse's affiliation to the CERN Health Insurance Scheme (CHIS) or on the payment of the supplementary contribution to the CHIS for the coverage of the spouse. Changes to the rules and simplification to the system are currently being prepared and should be operational by mid-2005. Meanwhile from 1.1.2005, for the following income brackets, the indexed amounts in Swiss francs of the monthly supplementary contribution are: more than 30'000 CHF and up to 50'000 CHF: 134.- more than 50'000 CHF and up to 90'000 CHF: 234.- more than 90'000 CHF and up to 130'000 CHF: 369.- more than 130'000 CHF: 459.- It is in the member o...

  10. Supplementary contribution for spouses and registered partners payable to the health insurance scheme

    CERN Multimedia

    HR Department

    2009-01-01

    Staff members, fellows and pensioners are reminded that they must notify CERN of any change in their marital status and any change in the income or health insurance cover of their spouse or registered partner, in writing and within 30 calendar days of the change, in accordance with Articles III 6.01 to 6.03 of the Rules of the CERN Health Insurance Scheme (CHIS). Such changes may affect the conditions of the spouse or registered partner’s membership of the CHIS or the payment of the supplementary contribution to the CHIS. For more information see: http://cern.ch/chis/contribsupp.asp From 1.1.2009 onwards, the following indexed monthly supplementary contributions, expressed in Swiss francs, are payable for the various monthly income brackets: •\tmore than 2’500 CHF and up to 4’250 CHF: 134.- •\tmore than 4’250 CHF and up to 7’500 CHF: 234.- •\tmore than 7’500 CHF and up to 10’000 CHF: 369.- •\tmore than 10’000 CHF: 485.- It is in the member of...

  11. National health insurance scheme enrolment and antenatal care among women in Ghana: is there any relationship?

    Science.gov (United States)

    Dixon, Jenna; Tenkorang, Eric Y; Luginaah, Isaac N; Kuuire, Vincent Z; Boateng, Godfred O

    2014-01-01

    The objective of this study was to examine whether enrolment in the National Health Insurance Scheme (NHIS) affects the likelihood and timing of utilising antenatal care among women in Ghana. Data were drawn from the Ghana Demographic and Health Survey, a nationally representative survey collected in 2008. The study used a cross-sectional design to examine the independent effects of NHIS enrolment on two dependent variables (frequency and timing of antenatal visits) among 1610 Ghanaian women. Negative binomial and logit models were fitted given that count and categorical variables were employed as outcome measures, respectively. Regardless of socio-economic and demographic factors, women enrolled in the NHIS make more antenatal visits compared with those not enrolled; however, there was no statistical association with the timing of the crucial first visit. Women who are educated, living in urban areas and are wealthy were more likely to attend antenatal care than those living in rural areas, uneducated and from poorer households. The NHIS should be strengthened and resourced as it may act as an important tool for increasing antenatal care attendance among women in Ghana. © 2013 John Wiley & Sons Ltd.

  12. Equity of the premium of the Ghanaian National Health Insurance Scheme and the implications for achieving universal coverage.

    Science.gov (United States)

    Amporfu, Eugenia

    2013-01-07

    The Ghanaian National Health Insurance Scheme (NHIS) was introduced to provide access to adequate health care regardless of ability to pay. By law the NHIS is mandatory but because the informal sector has to make premium payment before they are enrolled, the authorities are unable to enforce mandatory nature of the scheme. The ultimate goal of the Scheme then is to provide all residents with access to adequate health care at affordable cost. In other words, the Scheme intends to achieve universal coverage. An important factor for the achievement of universal coverage is that revenue collection be equitable. The purpose of this study is to examine the vertical and horizontal equity of the premium collection of the Scheme. The Kakwani index method as well as graphical analysis was used to study the vertical equity. Horizontal inequity was measured through the effect of the premium on redistribution of ability to pay of members. The extent to which the premium could cause catastrophic expenditure was also examined. The results showed that revenue collection was both vertically and horizontally inequitable. The horizontal inequity had a greater effect on redistribution of ability to pay than vertical inequity. The computation of catastrophic expenditure showed that a small minority of the poor were likely to incur catastrophic expenditure from paying the premium a situation that could impede the achievement of universal coverage. The study provides recommendations to improve the inequitable system of premium payment to help achieve universal coverage.

  13. Equity of the premium of the Ghanaian national health insurance scheme and the implications for achieving universal coverage

    Directory of Open Access Journals (Sweden)

    Amporfu Eugenia

    2013-01-01

    Full Text Available Abstract The Ghanaian National Health Insurance Scheme (NHIS was introduced to provide access to adequate health care regardless of ability to pay. By law the NHIS is mandatory but because the informal sector has to make premium payment before they are enrolled, the authorities are unable to enforce mandatory nature of the scheme. The ultimate goal of the Scheme then is to provide all residents with access to adequate health care at affordable cost. In other words, the Scheme intends to achieve universal coverage. An important factor for the achievement of universal coverage is that revenue collection be equitable. The purpose of this study is to examine the vertical and horizontal equity of the premium collection of the Scheme. The Kakwani index method as well as graphical analysis was used to study the vertical equity. Horizontal inequity was measured through the effect of the premium on redistribution of ability to pay of members. The extent to which the premium could cause catastrophic expenditure was also examined. The results showed that revenue collection was both vertically and horizontally inequitable. The horizontal inequity had a greater effect on redistribution of ability to pay than vertical inequity. The computation of catastrophic expenditure showed that a small minority of the poor were likely to incur catastrophic expenditure from paying the premium a situation that could impede the achievement of universal coverage. The study provides recommendations to improve the inequitable system of premium payment to help achieve universal coverage.

  14. Rajiv Aarogyasri Community Health Insurance Scheme in Andhra Pradesh, India: a comprehensive analytic view of private public partnership model.

    Science.gov (United States)

    Reddy, Sunita; Mary, Immaculate

    2013-01-01

    The Rajiv Aarogyasri Community Health Insurance (RACHI) in Andhra Pradesh (AP) has been very popular social insurance scheme with a private public partnership model to deal with the problems of catastrophic medical expenditures at tertiary level care for the poor households. A brief analysis of the RACHI scheme based on officially available data and media reports has been undertaken from a public health perspective to understand the nature and financing of partnership and the lessons it provides. The analysis of the annual budget spent on the surgeries in private hospitals compared to tertiary public hospitals shows that the current scheme is not sustainable and pose huge burden on the state exchequers. The private hospital association's in AP, further acts as pressure groups to increase the budget or threaten to withdraw services. Thus, profits are privatized and losses are socialized.

  15. Secure Cooperative Spectrum Sensing via a Novel User-Classification Scheme in Cognitive Radios for Future Communication Technologies

    Directory of Open Access Journals (Sweden)

    Muhammad Usman

    2015-05-01

    Full Text Available Future communication networks would be required to deliver data on a far greater scale than is known to us today, thus mandating the maximal utilization of the available radio spectrum using cognitive radios. In this paper, we have proposed a novel cooperative spectrum sensing approach for cognitive radios. In cooperative spectrum sensing, the fusion center relies on reports of the cognitive users to make a global decision. The global decision is obtained by assigning weights to the reports received from cognitive users. Computation of such weights requires prior information of the probability of detection and the probability of false alarms, which are not readily available in real scenarios. Further, the cognitive users are divided into reliable and unreliable categories based on their weighted energy by using some empirical threshold. In this paper, we propose a method to classify the cognitive users into reliable, neutral and unreliable categories without using any pre-defined or empirically-obtained threshold. Moreover, the computation of weights does not require the detection, or false alarm probabilities, or an estimate of these probabilities. Reliable cognitive users are assigned the highest weights; neutral cognitive users are assigned medium weights (less than the reliable and higher than the unreliable cognitive users’ weights; and unreliable users are assigned the least weights. We show the performance improvement of our proposed method through simulations by comparing it with the conventional cooperative spectrum sensing scheme through different metrics, like receiver operating characteristic (ROC curve and mean square error. For clarity, we also show the effect of malicious users on detection probability and false alarm probability individually through simulations.

  16. A Review of the National Health Insurance Scheme in Ghana: What Are the Sustainability Threats and Prospects?

    Science.gov (United States)

    Alhassan, Robert Kaba; Nketiah-Amponsah, Edward; Arhinful, Daniel Kojo

    2016-01-01

    Background The introduction of the national health insurance scheme (NHIS) in Ghana in 2003 significantly contributed to improved health services utilization and health outcomes. However, stagnating active membership, reports of poor quality health care rendered to NHIS-insured clients and cost escalations have raised concerns on the operational and financial sustainability of the scheme. This paper reviewed peer reviewed articles and grey literature on the sustainability challenges and prospects of the NHIS in Ghana. Methods Electronic search was done for literature published between 2003–2016 on the NHIS and its sustainability in Ghana. A total of 66 publications relevant to health insurance in Ghana and other developing countries were retrieved from Cochrane, PubMed, ScienceDirect and Googlescholar for initial screening. Out of this number, 31 eligible peer reviewed articles were selected for final review based on specific relevance to the Ghanaian context. Results Ability of the NHIS to continue its operations in Ghana is threatened financially and operationally by factors such as: cost escalation, possible political interference, inadequate technical capacity, spatial distribution of health facilities and health workers, inadequate monitoring mechanisms, broad benefits package, large exemption groups, inadequate client education, and limited community engagement. Moreover, poor quality care in NHIS-accredited health facilities potentially reduces clients’ trust in the scheme and consequently decreases (re)enrolment rates. These sustainability challenges were reviewed and discussed in this paper. Conclusions The NHIS continues to play a critical role towards attaining universal health coverage in Ghana albeit confronted by challenges that could potentially collapse the scheme. Averting this possible predicament will largely depend on concerted efforts of key stakeholders such as health insurance managers, service providers, insurance subscribers, policy

  17. A Review of the National Health Insurance Scheme in Ghana: What Are the Sustainability Threats and Prospects?

    Science.gov (United States)

    Alhassan, Robert Kaba; Nketiah-Amponsah, Edward; Arhinful, Daniel Kojo

    2016-01-01

    The introduction of the national health insurance scheme (NHIS) in Ghana in 2003 significantly contributed to improved health services utilization and health outcomes. However, stagnating active membership, reports of poor quality health care rendered to NHIS-insured clients and cost escalations have raised concerns on the operational and financial sustainability of the scheme. This paper reviewed peer reviewed articles and grey literature on the sustainability challenges and prospects of the NHIS in Ghana. Electronic search was done for literature published between 2003-2016 on the NHIS and its sustainability in Ghana. A total of 66 publications relevant to health insurance in Ghana and other developing countries were retrieved from Cochrane, PubMed, ScienceDirect and Googlescholar for initial screening. Out of this number, 31 eligible peer reviewed articles were selected for final review based on specific relevance to the Ghanaian context. Ability of the NHIS to continue its operations in Ghana is threatened financially and operationally by factors such as: cost escalation, possible political interference, inadequate technical capacity, spatial distribution of health facilities and health workers, inadequate monitoring mechanisms, broad benefits package, large exemption groups, inadequate client education, and limited community engagement. Moreover, poor quality care in NHIS-accredited health facilities potentially reduces clients' trust in the scheme and consequently decreases (re)enrolment rates. These sustainability challenges were reviewed and discussed in this paper. The NHIS continues to play a critical role towards attaining universal health coverage in Ghana albeit confronted by challenges that could potentially collapse the scheme. Averting this possible predicament will largely depend on concerted efforts of key stakeholders such as health insurance managers, service providers, insurance subscribers, policy makers and political actors.

  18. A Review of the National Health Insurance Scheme in Ghana: What Are the Sustainability Threats and Prospects?

    Directory of Open Access Journals (Sweden)

    Robert Kaba Alhassan

    Full Text Available The introduction of the national health insurance scheme (NHIS in Ghana in 2003 significantly contributed to improved health services utilization and health outcomes. However, stagnating active membership, reports of poor quality health care rendered to NHIS-insured clients and cost escalations have raised concerns on the operational and financial sustainability of the scheme. This paper reviewed peer reviewed articles and grey literature on the sustainability challenges and prospects of the NHIS in Ghana.Electronic search was done for literature published between 2003-2016 on the NHIS and its sustainability in Ghana. A total of 66 publications relevant to health insurance in Ghana and other developing countries were retrieved from Cochrane, PubMed, ScienceDirect and Googlescholar for initial screening. Out of this number, 31 eligible peer reviewed articles were selected for final review based on specific relevance to the Ghanaian context.Ability of the NHIS to continue its operations in Ghana is threatened financially and operationally by factors such as: cost escalation, possible political interference, inadequate technical capacity, spatial distribution of health facilities and health workers, inadequate monitoring mechanisms, broad benefits package, large exemption groups, inadequate client education, and limited community engagement. Moreover, poor quality care in NHIS-accredited health facilities potentially reduces clients' trust in the scheme and consequently decreases (reenrolment rates. These sustainability challenges were reviewed and discussed in this paper.The NHIS continues to play a critical role towards attaining universal health coverage in Ghana albeit confronted by challenges that could potentially collapse the scheme. Averting this possible predicament will largely depend on concerted efforts of key stakeholders such as health insurance managers, service providers, insurance subscribers, policy makers and political actors.

  19. Recent advances to address European Union Health Security from cross border chemical health threats.

    Science.gov (United States)

    Duarte-Davidson, R; Orford, R; Wyke, S; Griffiths, M; Amlôt, R; Chilcott, R

    2014-11-01

    The European Union (EU) Decision (1082/2013/EU) on serious cross border threats to health was adopted by the European Parliament in November 2013, in recognition of the need to strengthen the capacity of Member States to coordinate the public health response to cross border threats, whether from biological, chemical, environmental events or events which have an unknown origin. Although mechanisms have been in place for years for reporting cross border health threats from communicable diseases, this has not been the case for incidents involving chemicals and/or environmental events. A variety of collaborative EU projects have been funded over the past 10 years through the Health Programme to address gaps in knowledge on health security and to improve resilience and response to major incidents involving chemicals. This paper looks at the EU Health Programme that underpins recent research activities to address gaps in resilience, planning, responding to and recovering from a cross border chemical incident. It also looks at how the outputs from the research programme will contribute to improving public health management of transnational incidents that have the potential to overwhelm national capabilities, putting this into context with the new requirements as the Decision on serious cross border threats to health as well as highlighting areas for future development. Crown Copyright © 2014. Published by Elsevier Ltd. All rights reserved.

  20. Costs, equity, efficiency and feasibility of identifying the poor in Ghana's National Health Insurance Scheme: empirical analysis of various strategies.

    NARCIS (Netherlands)

    Aryeetey, G.C.N.O.; Jehu-Appiah, C.; Spaan, E.; Agyepong, I.; Baltussen, R.M.

    2012-01-01

    Objectives To analyse the costs and evaluate the equity, efficiency and feasibility of four strategies to identify poor households for premium exemptions in Ghana's National Health Insurance Scheme (NHIS): means testing (MT), proxy means testing (PMT), participatory wealth ranking (PWR) and

  1. Personal health records: Consumer attitudes toward privacy and security of their personal health information.

    Science.gov (United States)

    Lafky, Deborah Beranek; Horan, Thomas A

    2011-03-01

    Personal health record (PHR) systems are a subject of intense interest in the move to improve healthcare accessibility and quality. Although a number of vendors continue to put forward PHR systems, user-centered design research has lagged, and it has not been clear what features are important to prospective PHR users. Here, we report on a user-centered design study that combines qualitative and quantitative approaches to investigate several dimensions relevant to PHR design, and to look at the effect of health status on user needs. The results indicate that health status, especially disability and chronic illness, is relevant to PHR design. Further, the results provide empirical evidence about the role of privacy and security in users' attitudes toward PHR use. The exact nature of these attitudes differs from widely held perceptions about consumer values in healthcare information management. © The Author(s) 2011.

  2. Private healthcare provider experiences with social health insurance schemes: Findings from a qualitative study in Ghana and Kenya.

    Science.gov (United States)

    Sieverding, Maia; Onyango, Cynthia; Suchman, Lauren

    2018-01-01

    Incorporating private healthcare providers into social health insurance schemes is an important means towards achieving universal health coverage in low and middle income countries. However, little research has been conducted about why private providers choose to participate in social health insurance systems in such contexts, or their experiences with these systems. We explored private providers' perceptions of and experiences with participation in two different social health insurance schemes in Sub-Saharan Africa-the National Health Insurance Scheme (NHIS) in Ghana and the National Hospital Insurance Fund (NHIF) in Kenya. In-depth interviews were held with providers working at 79 facilities of varying sizes in three regions of Kenya (N = 52) and three regions of Ghana (N = 27). Most providers were members of a social franchise network. Interviews covered providers' reasons for (non) enrollment in the health insurance system, their experiences with the accreditation process, and benefits and challenges with the system. Interviews were coded in Atlas.ti using an open coding approach and analyzed thematically. Most providers in Ghana were NHIS-accredited and perceived accreditation to be essential to their businesses, despite challenges they encountered due to long delays in claims reimbursement. In Kenya, fewer than half of providers were NHIF-accredited and several said that their clientele were not NHIF enrolled. Understanding of how the NHIF functioned was generally low. The lengthy and cumbersome accreditation process also emerged as a major barrier to providers' participation in the NHIF in Kenya, but the NHIS accreditation process was not a major concern for providers in Ghana. In expanding social health insurance, coordinated efforts are needed to increase coverage rates among underserved populations while also accrediting the private providers who serve those populations. Market pressure was a key force driving providers to gain and maintain accreditation

  3. Private healthcare provider experiences with social health insurance schemes: Findings from a qualitative study in Ghana and Kenya

    Science.gov (United States)

    Sieverding, Maia; Onyango, Cynthia

    2018-01-01

    Background Incorporating private healthcare providers into social health insurance schemes is an important means towards achieving universal health coverage in low and middle income countries. However, little research has been conducted about why private providers choose to participate in social health insurance systems in such contexts, or their experiences with these systems. We explored private providers’ perceptions of and experiences with participation in two different social health insurance schemes in Sub-Saharan Africa—the National Health Insurance Scheme (NHIS) in Ghana and the National Hospital Insurance Fund (NHIF) in Kenya. Methods In-depth interviews were held with providers working at 79 facilities of varying sizes in three regions of Kenya (N = 52) and three regions of Ghana (N = 27). Most providers were members of a social franchise network. Interviews covered providers’ reasons for (non) enrollment in the health insurance system, their experiences with the accreditation process, and benefits and challenges with the system. Interviews were coded in Atlas.ti using an open coding approach and analyzed thematically. Results Most providers in Ghana were NHIS-accredited and perceived accreditation to be essential to their businesses, despite challenges they encountered due to long delays in claims reimbursement. In Kenya, fewer than half of providers were NHIF-accredited and several said that their clientele were not NHIF enrolled. Understanding of how the NHIF functioned was generally low. The lengthy and cumbersome accreditation process also emerged as a major barrier to providers’ participation in the NHIF in Kenya, but the NHIS accreditation process was not a major concern for providers in Ghana. Conclusions In expanding social health insurance, coordinated efforts are needed to increase coverage rates among underserved populations while also accrediting the private providers who serve those populations. Market pressure was a key force

  4. Private healthcare provider experiences with social health insurance schemes: Findings from a qualitative study in Ghana and Kenya.

    Directory of Open Access Journals (Sweden)

    Maia Sieverding

    Full Text Available Incorporating private healthcare providers into social health insurance schemes is an important means towards achieving universal health coverage in low and middle income countries. However, little research has been conducted about why private providers choose to participate in social health insurance systems in such contexts, or their experiences with these systems. We explored private providers' perceptions of and experiences with participation in two different social health insurance schemes in Sub-Saharan Africa-the National Health Insurance Scheme (NHIS in Ghana and the National Hospital Insurance Fund (NHIF in Kenya.In-depth interviews were held with providers working at 79 facilities of varying sizes in three regions of Kenya (N = 52 and three regions of Ghana (N = 27. Most providers were members of a social franchise network. Interviews covered providers' reasons for (non enrollment in the health insurance system, their experiences with the accreditation process, and benefits and challenges with the system. Interviews were coded in Atlas.ti using an open coding approach and analyzed thematically.Most providers in Ghana were NHIS-accredited and perceived accreditation to be essential to their businesses, despite challenges they encountered due to long delays in claims reimbursement. In Kenya, fewer than half of providers were NHIF-accredited and several said that their clientele were not NHIF enrolled. Understanding of how the NHIF functioned was generally low. The lengthy and cumbersome accreditation process also emerged as a major barrier to providers' participation in the NHIF in Kenya, but the NHIS accreditation process was not a major concern for providers in Ghana.In expanding social health insurance, coordinated efforts are needed to increase coverage rates among underserved populations while also accrediting the private providers who serve those populations. Market pressure was a key force driving providers to gain and maintain

  5. Fragile States, Infectious Disease and Health Security: The Case for Timor-Leste

    Directory of Open Access Journals (Sweden)

    John M. Quinn

    2014-01-01

    Full Text Available Timor-Leste is a very young and developing nation state. Endemic infectious disease and weakened health security coupled with its growing and inclusive public institutions keep Timor-Leste fragile and in transition on the spectrum of state stability. The objective here is to systematically review Timor-Leste's state and public health successes, showing how a fragile state can consistently improve its status on the continuum of stability and improve health security for the population. The case study follows a state case study approach, together with a disease burden review and a basic description of the health portrait in relation to Timor-Leste's fragile state status. Disease burden and health security are directly proportional to state stability and indirectly proportional to state failure. Timor-Leste is a clear example of how public health can feed into increased state stability. Our discussion attempts to describe how the weak and fragile island nation of Timor-Leste can continue on its current path of transition to state stability by increasing health security for its citizens. We surmise that this can be realized when public policy focuses on primary healthcare access, inclusive state institutions, basic hygiene and preventative vaccination programs. Based on our review, the core findings indicate that by increasing health security, a positive feedback loop of state stability follows. The use of Timor-Leste as a case study better describes the connection between public health and health security; and state stability, development and inclusive state institutions that promote health security.

  6. Refusal to enrol in Ghana's National Health Insurance Scheme: is affordability the problem?

    Science.gov (United States)

    Kusi, Anthony; Enemark, Ulrika; Hansen, Kristian S; Asante, Felix A

    2015-01-17

    Access to health insurance is expected to have positive effect in improving access to healthcare and offer financial risk protection to households. Ghana began the implementation of a National Health Insurance Scheme (NHIS) in 2004 as a way to ensure equitable access to basic healthcare for all residents. After a decade of its implementation, national coverage is just about 34% of the national population. Affordability of the NHIS contribution is often cited by households as a major barrier to enrolment in the NHIS without any rigorous analysis of this claim. In light of the global interest in achieving universal health insurance coverage, this study seeks to examine the extent to which affordability of the NHIS contribution is a barrier to full insurance for households and a burden on their resources. The study uses data from a cross-sectional household survey involving 2,430 households from three districts in Ghana conducted between January-April, 2011. Affordability of the NHIS contribution is analysed using the household budget-based approach based on the normative definition of affordability. The burden of the NHIS contributions to households is assessed by relating the expected annual NHIS contribution to household non-food expenditure and total consumption expenditure. Households which cannot afford full insurance were identified. Results show that 66% of uninsured households and 70% of partially insured households could afford full insurance for their members. Enroling all household members in the NHIS would account for 5.9% of household non-food expenditure or 2.0% of total expenditure but higher for households in the first (11.4%) and second (7.0%) socio-economic quintiles. All the households (29%) identified as unable to afford full insurance were in the two lower socio-economic quintiles and had large household sizes. Non-financial factors relating to attributes of the insurer and health system problems also affect enrolment in the NHIS. Affordability

  7. Proposal for a security management in cloud computing for health care.

    Science.gov (United States)

    Haufe, Knut; Dzombeta, Srdan; Brandis, Knud

    2014-01-01

    Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general information security management processes derived from standards of the ISO 27000 family the most important information security processes for health care organizations using cloud computing will be identified considering the main risks regarding cloud computing and the type of information processed. The identified processes will help a health care organization using cloud computing to focus on the most important ISMS processes and establish and operate them at an appropriate level of maturity considering limited resources.

  8. Proposal for a Security Management in Cloud Computing for Health Care

    Directory of Open Access Journals (Sweden)

    Knut Haufe

    2014-01-01

    Full Text Available Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general information security management processes derived from standards of the ISO 27000 family the most important information security processes for health care organizations using cloud computing will be identified considering the main risks regarding cloud computing and the type of information processed. The identified processes will help a health care organization using cloud computing to focus on the most important ISMS processes and establish and operate them at an appropriate level of maturity considering limited resources.

  9. From scheme to system: social health insurance funds and the transformation of health financing in Kyrgyzstan and Moldova.

    Science.gov (United States)

    Kutzin, Joseph; Jakab, Melitta; Shishkin, Sergey

    2009-01-01

    The aim of the paper is to bring evidence and lessons from two low- and middle-income countries (LMIs) of the former USSR into the global debate on health financing in poor countries. In particular, we analyze the introduction of social health insurance (SHI) in Kyrgyzstan and Moldova. To some extent, the intent of SHI introduction in these countries was similar to that in LMIs elsewhere: increase prepaid revenues for health and incorporate the entire population into the new system. But the approach taken to universality was different. In particular, the SHI fund in each country was used as the key instrument in a comprehensive reform of the health financing system, with the new revenues from payroll taxation used in an explicitly complementary manner to general budget revenues. From a functional perspective, the reforms in these countries involved not only the introduction of a new source of funds, but also the centralization of pooling, a shift from input- to output-based provider payment methods, specification of a benefit package, and greater autonomy for public sector health care providers. Hence, their reforms were not simply the introduction of an SHI scheme, but rather the use of an SHI fund as an instrument to transform the entire system of health financing. The study uses administrative and household data to demonstrate the impact of the reforms on regional inequality and household financial burden. The approach used in these two countries led to improved equity in the geographic distribution of government health spending, improved financial protection, and reduced informal payments. The comprehensive approach taken to reform in these two countries, and particularly the redirection of general budget revenues to the new SHI funds, explain much of the success that was achieved. This experience offers potentially useful lessons for LMIs elsewhere in the world, and for shifting the global debate away from what we see as a false dichotomy between SHI and

  10. Information security risk management for computerized health information systems in hospitals: a case study of Iran.

    Science.gov (United States)

    Zarei, Javad; Sadoughi, Farahnaz

    2016-01-01

    In recent years, hospitals in Iran - similar to those in other countries - have experienced growing use of computerized health information systems (CHISs), which play a significant role in the operations of hospitals. But, the major challenge of CHIS use is information security. This study attempts to evaluate CHIS information security risk management at hospitals of Iran. This applied study is a descriptive and cross-sectional research that has been conducted in 2015. The data were collected from 551 hospitals of Iran. Based on literature review, experts' opinion, and observations at five hospitals, our intensive questionnaire was designed to assess security risk management for CHISs at the concerned hospitals, which was then sent to all hospitals in Iran by the Ministry of Health. Sixty-nine percent of the studied hospitals pursue information security policies and procedures in conformity with Iran Hospitals Accreditation Standards. At some hospitals, risk identification, risk evaluation, and risk estimation, as well as risk treatment, are unstructured without any specified approach or methodology. There is no significant structured approach to risk management at the studied hospitals. Information security risk management is not followed by Iran's hospitals and their information security policies. This problem can cause a large number of challenges for their CHIS security in future. Therefore, Iran's Ministry of Health should develop practical policies to improve information security risk management in the hospitals of Iran.

  11. Information security risk management for computerized health information systems in hospitals: a case study of Iran

    Science.gov (United States)

    Zarei, Javad; Sadoughi, Farahnaz

    2016-01-01

    Background In recent years, hospitals in Iran – similar to those in other countries – have experienced growing use of computerized health information systems (CHISs), which play a significant role in the operations of hospitals. But, the major challenge of CHIS use is information security. This study attempts to evaluate CHIS information security risk management at hospitals of Iran. Materials and methods This applied study is a descriptive and cross-sectional research that has been conducted in 2015. The data were collected from 551 hospitals of Iran. Based on literature review, experts’ opinion, and observations at five hospitals, our intensive questionnaire was designed to assess security risk management for CHISs at the concerned hospitals, which was then sent to all hospitals in Iran by the Ministry of Health. Results Sixty-nine percent of the studied hospitals pursue information security policies and procedures in conformity with Iran Hospitals Accreditation Standards. At some hospitals, risk identification, risk evaluation, and risk estimation, as well as risk treatment, are unstructured without any specified approach or methodology. There is no significant structured approach to risk management at the studied hospitals. Conclusion Information security risk management is not followed by Iran’s hospitals and their information security policies. This problem can cause a large number of challenges for their CHIS security in future. Therefore, Iran’s Ministry of Health should develop practical policies to improve information security risk management in the hospitals of Iran. PMID:27313481

  12. [Evolution of worker's health in the social security medical examination in Brazil].

    Science.gov (United States)

    Pinto Júnior, Afrânio Gomes; Braga, Ana Maria Cheble Bahia; Roselli-Cruz, Amadeu

    2012-10-01

    In order to analyze the practice of the social security medical examination starting from the introduction of the worker's health paradigms, data was gathered on the granting of social security disability benefits to assess worker illness based on notification of work-related accidents in the cement industries of Rio de Janeiro. From 2007 to 2009 there was only one notification, which involved a worker handling toxic waste instead of the energy matrix. However, the analysis revealed sources and mechanisms of illness overlooked in the social security medical examination, which is still focused on the one-cause-only logic of occupational medicine. To achieve the worker's health paradigms, changes are required to alter the way of conducting the social security medical examination, by re-establishing partnerships, training human resources, adopting epidemiological indicators, as well as setting and assessing social security goals that transcend the mere granting of disability benefits.

  13. Global Health Security Demands a Strong International Health Regulations Treaty and Leadership From a Highly Resourced World Health Organization.

    Science.gov (United States)

    Burkle, Frederick M

    2015-10-01

    If the Ebola tragedy of West Africa has taught us anything, it should be that the 2005 International Health Regulations (IHR) Treaty, which gave unprecedented authority to the World Health Organization (WHO) to provide global public health security during public health emergencies of international concern, has fallen severely short of its original goal. After encouraging successes with the 2003 severe acute respiratory syndrome (SARS) pandemic, the intent of the legally binding Treaty to improve the capacity of all countries to detect, assess, notify, and respond to public health threats has shamefully lapsed. Despite the granting of 2-year extensions in 2012 to countries to meet core surveillance and response requirements, less than 20% of countries have complied. Today it is not realistic to expect that these gaps will be solved or narrowed in the foreseeable future by the IHR or the WHO alone under current provisions. The unfortunate failures that culminated in an inadequate response to the Ebola epidemic in West Africa are multifactorial, including funding, staffing, and poor leadership decisions, but all are reversible. A rush by the Global Health Security Agenda partners to fill critical gaps in administrative and operational areas has been crucial in the short term, but questions remain as to the real priorities of the G20 as time elapses and critical gaps in public health protections and infrastructure take precedence over the economic and security needs of the developed world. The response from the Global Outbreak Alert and Response Network and foreign medical teams to Ebola proved indispensable to global health security, but both deserve stronger strategic capacity support and institutional status under the WHO leadership granted by the IHR Treaty. Treaties are the most successful means the world has in preventing, preparing for, and controlling epidemics in an increasingly globalized world. Other options are not sustainable. Given the gravity of ongoing

  14. Implementation of RSA 2048-bit and AES 256-bit with Digital Signature for Secure Electronic Health Record Application

    Directory of Open Access Journals (Sweden)

    Mohamad Ali Sadikin

    2016-10-01

    Full Text Available This research addresses the implementation of encryption and digital signature technique for electronic health record to prevent cybercrime such as robbery, modification and unauthorised access. In this research, RSA 2048-bit algorithm, AES 256-bit and SHA 256 will be implemented in Java programming language. Secure Electronic Health Record Information (SEHR application design is intended to combine given services, such as confidentiality, integrity, authentication, and nonrepudiation. Cryptography is used to ensure the file records and electronic documents for detailed information on the medical past, present and future forecasts that have been given only to the intended patients. The document will be encrypted using an encryption algorithm based on NIST Standard. In the application, there are two schemes, namely the protection and verification scheme. This research uses black-box testing and whitebox testing to test the software input, output, and code without testing the process and design that occurs in the system.We demonstrated the implementation of cryptography in SEHR. The implementation of encryption and digital signature in this research can prevent archive thievery.

  15. The Effects of Health Coverage Schemes on Length of Stay and Preventable Hospitalization in Seoul

    Directory of Open Access Journals (Sweden)

    Jungah Kim

    2018-04-01

    Full Text Available The Medical Aid program is government’s medical benefit program to secure the minimum livelihood and medical services for low-income Korean households. In Seoul, the number of Medical Aid beneficiaries has grown, driving an increases in the length of stay (LOS and healthcare cost. Until now, studies have focused on quantity indicators, such as LOS, but only a few studies have been conducted on the service quality. We investigated both LOS and the preventable hospitalization (PH rate as proxy indicators for the quantity and quality of services provided to Medical Aid beneficiaries in Seoul. To understand the program’s impact, we extracted appropriate data of Medical Aid beneficiaries and data of the lower 20% of National Health Insurance (NHI enrollees, performed Propensity Score Matching (PSM, and controlled the variables related to disease severity. The differences between Medical Aid beneficiaries and NHI enrollees were estimated using multilevel analysis. The LOS of Medical Aid beneficiaries was longer, and the preventable hospitalization (PH rate was higher than that of NHI enrollees. It implies that these beneficiaries did not receive timely and adequate healthcare services, despite their high rate of service utilization. Thus, indicators such as patient’s visits and screening related to PHs should be included in management policies to improve primary care.

  16. Cooling off health security hot spots: getting on top of it down under.

    Science.gov (United States)

    Murray, Kris A; Skerratt, Lee F; Speare, Rick; Ritchie, Scott; Smout, Felicity; Hedlefs, Robert; Lee, Jonathan

    2012-11-01

    Australia is free of many diseases, pests and weeds found elsewhere in the world due to its geographical isolation and relatively good health security practices. However, its health security is under increasing pressure due to a number of ecological, climatic, demographic and behavioural changes occurring globally. North Queensland is a high risk area (a health security hot spot) for Australia, due in part to its connection to neighbouring countries via the Torres Strait and the Indo-Papuan conduit, its high diversity of wildlife reservoirs and its environmental characteristics. Major outbreaks of exotic diseases, pests and weeds in Australia can cost in excess of $1 billion; however, most expenditure on health security is reactive apart from preventive measures undertaken for a few high profile diseases, pests and weeds. Large gains in health security could therefore be made by spending more on pre-emptive approaches to reduce the risk of outbreaks, invasion/spread and establishment, despite these gains being difficult to quantify. Although biosecurity threats may initially have regional impacts (e.g. Hendra virus), a break down in security in health security hot spots can have national and international consequences, as has been seen recently in other regions with the emergence of SARS and pandemic avian influenza. Novel approaches should be driven by building research and management capacity, particularly in the regions where threats arise, a model that is applicable both in Australia and in other regions of the world that value and therefore aim to improve their strategies for maintaining health security. Copyright © 2012 Elsevier Ltd. All rights reserved.

  17. Analysis of the security and privacy requirements of cloud-based electronic health records systems.

    Science.gov (United States)

    Rodrigues, Joel J P C; de la Torre, Isabel; Fernández, Gonzalo; López-Coronado, Miguel

    2013-08-21

    The Cloud Computing paradigm offers eHealth systems the opportunity to enhance the features and functionality that they offer. However, moving patients' medical information to the Cloud implies several risks in terms of the security and privacy of sensitive health records. In this paper, the risks of hosting Electronic Health Records (EHRs) on the servers of third-party Cloud service providers are reviewed. To protect the confidentiality of patient information and facilitate the process, some suggestions for health care providers are made. Moreover, security issues that Cloud service providers should address in their platforms are considered. To show that, before moving patient health records to the Cloud, security and privacy concerns must be considered by both health care providers and Cloud service providers. Security requirements of a generic Cloud service provider are analyzed. To study the latest in Cloud-based computing solutions, bibliographic material was obtained mainly from Medline sources. Furthermore, direct contact was made with several Cloud service providers. Some of the security issues that should be considered by both Cloud service providers and their health care customers are role-based access, network security mechanisms, data encryption, digital signatures, and access monitoring. Furthermore, to guarantee the safety of the information and comply with privacy policies, the Cloud service provider must be compliant with various certifications and third-party requirements, such as SAS70 Type II, PCI DSS Level 1, ISO 27001, and the US Federal Information Security Management Act (FISMA). Storing sensitive information such as EHRs in the Cloud means that precautions must be taken to ensure the safety and confidentiality of the data. A relationship built on trust with the Cloud service provider is essential to ensure a transparent process. Cloud service providers must make certain that all security mechanisms are in place to avoid unauthorized access

  18. US Centers for Disease Control and Prevention and Its Partners' Contributions to Global Health Security.

    Science.gov (United States)

    Tappero, Jordan W; Cassell, Cynthia H; Bunnell, Rebecca E; Angulo, Frederick J; Craig, Allen; Pesik, Nicki; Dahl, Benjamin A; Ijaz, Kashef; Jafari, Hamid; Martin, Rebecca

    2017-12-01

    To achieve compliance with the revised World Health Organization International Health Regulations (IHR 2005), countries must be able to rapidly prevent, detect, and respond to public health threats. Most nations, however, remain unprepared to manage and control complex health emergencies, whether due to natural disasters, emerging infectious disease outbreaks, or the inadvertent or intentional release of highly pathogenic organisms. The US Centers for Disease Control and Prevention (CDC) works with countries and partners to build and strengthen global health security preparedness so they can quickly respond to public health crises. This report highlights selected CDC global health protection platform accomplishments that help mitigate global health threats and build core, cross-cutting capacity to identify and contain disease outbreaks at their source. CDC contributions support country efforts to achieve IHR 2005 compliance, contribute to the international framework for countering infectious disease crises, and enhance health security for Americans and populations around the world.

  19. A mapping of information security in health Information Systems in Latin America and Brazil.

    Science.gov (United States)

    Pereira, Samáris Ramiro; Fernandes, João Carlos Lopes; Labrada, Luis; Bandiera-Paiva, Paulo

    2013-01-01

    In health, Information Systems are patient records, hospital administration or other, have advantages such as cost, availability and integration. However, for these benefits to be fully met, it is necessary to guarantee the security of information maintained and provided by the systems. The lack of security can lead to serious consequences such as lawsuits and induction to medical errors. The management of information security is complex and is used in various fields of knowledge. Often, it is left in the background for not being the ultimate goal of a computer system, causing huge financial losses to corporations. This paper by systematic review methodologies, presented a mapping in the literature, in order to identify the most relevant aspects that are addressed by security researchers of health information, as to the development of computerized systems. They conclude through the results, some important aspects, for which the managers of computerized health systems should remain alert.

  20. Health information security: a case study of three selected medical centers in iran.

    Science.gov (United States)

    Hajrahimi, Nafiseh; Dehaghani, Sayed Mehdi Hejazi; Sheikhtaheri, Abbas

    2013-03-01

    Health Information System (HIS) is considered a unique factor in improving the quality of health care activities and cost reduction, but today with the development of information technology and use of internet and computer networks, patients' electronic records and health information systems have become a source for hackers. This study aims at checking health information security of three selected medical centers in Iran using AHP fuzzy and TOPSIS compound model. To achieve that security measures were identified, based on the research literature and decision making matrix using experts' points of view. Among the 27 indicators, seven indicators were selected as effective indicators and Fuzzy AHP technique was used to determine the importance of security indicators. Based on the comparisons made between the three selected medical centers to assess the security of health information, it is concluded that Chamran hospital has the most acceptable level of security and attention in three indicators of "verification and system design, user access management, access control system", Al Zahra Hospital in two indicators of "access management and network access control" and Amin Hospital in "equipment safety and system design". In terms of information security, Chamran Hospital ranked first, Al-Zahra Hospital ranked second and Al- Zahra hospital has the third place.