TY - JOUR
T1 - Data-centric privacy protocol for intensive care grids
AU - Luna, Jesus
AU - Dikaiakos, Marios
AU - Marazakis, Manolis
AU - Kyprianou, Theodoros
PY - 2010/11
Y1 - 2010/11
N2 - Modern e-Health systems require advanced computing and storage capabilities, leading to the adoption of technologies like the grid and giving birth to novel health grid systems. In particular, intensive care medicine uses this paradigm when facing a high flow of data coming from intensive care units (ICU) inpatients just like demonstrated by the ICGrid system prototyped by the University of Cyprus. Unfortunately, moving an ICU patients data from the traditionally isolated hospitals computing facilities to data grids via public networks (i.e., the Internet) makes it imperative to establish an integral and standardized security solution to avoid common attacks on the data and metadata being managed. Particular emphasis must be put on the patients personal data, the protection of which is required by legislations in many countries of the European Union and the world in general. In this paper, we extend our previous research with the following contributions: 1) a mandatory access control model to protect patients metadata; 2) a major security revision to our previously proposed privacy protocol by contributing with a quality of security quantitative metric to improve fragmented datas assurance; and finally, 3) a set of early results to demonstrate that our protocol not only improves a patient personal datas security and privacy but also achieves a performance comparable with existing approaches.
AB - Modern e-Health systems require advanced computing and storage capabilities, leading to the adoption of technologies like the grid and giving birth to novel health grid systems. In particular, intensive care medicine uses this paradigm when facing a high flow of data coming from intensive care units (ICU) inpatients just like demonstrated by the ICGrid system prototyped by the University of Cyprus. Unfortunately, moving an ICU patients data from the traditionally isolated hospitals computing facilities to data grids via public networks (i.e., the Internet) makes it imperative to establish an integral and standardized security solution to avoid common attacks on the data and metadata being managed. Particular emphasis must be put on the patients personal data, the protection of which is required by legislations in many countries of the European Union and the world in general. In this paper, we extend our previous research with the following contributions: 1) a mandatory access control model to protect patients metadata; 2) a major security revision to our previously proposed privacy protocol by contributing with a quality of security quantitative metric to improve fragmented datas assurance; and finally, 3) a set of early results to demonstrate that our protocol not only improves a patient personal datas security and privacy but also achieves a performance comparable with existing approaches.
KW - Data fragmentation
KW - health grids
KW - intensive care grid (ICGrid)
KW - privacy
KW - security
UR - http://www.scopus.com/inward/record.url?scp=78249278133&partnerID=8YFLogxK
U2 - 10.1109/TITB.2010.2073478
DO - 10.1109/TITB.2010.2073478
M3 - Article
C2 - 20875977
AN - SCOPUS:78249278133
SN - 1089-7771
VL - 14
SP - 1327
EP - 1337
JO - IEEE Transactions on Information Technology in Biomedicine
JF - IEEE Transactions on Information Technology in Biomedicine
IS - 6
M1 - 5582285
ER -