Information Technology Reference
In-Depth Information
them for the long-term. It connects the PHMS to
the out-side world and provides an interface for
clients to access data collected by the PHMS.
Clients (caregivers/family) may access PHMS in
different ways depending upon the environment in
which PHMS is deployed. For example in a hos-
pital emergency department and ICU, the clients
might use a computer on wheels, in home-based
monitoring clients might utilize a PC in the house
or in the doctor's office to access patient data. The
knowledge generation
plane is used for reasoning
on the data in the EHRs. Some of the features it
can provide include detection of - the occurrence
of a medical emergency, the failure of a specific
treatment procedure, and inconsistencies between
the proposed diagnosis and the symptoms. This
capability gives the caregivers feedback pertaining
to their diagnoses and treatment, allowing them
to make appropriate adjustments through the
data
management
plane.
PHMS provide a proactive patient-centric
form of care (as opposed to the reactive caregiver-
centric form of today's care) which permit health
problems to be detected and responded to as soon
as they occur. As they are used to collect sensi-
tive information (health data), it has to be able to
protect it from entities which have no right to see
the information.
mented (Shnayder, Chen, Lorincz, Fulford-Jones,
& Welsh, 2005) (Halperin, Heydt-Benjamin, Fu,
Kohno, & Maisel, 2008). It is understood that
security should be an integral part of any system
and not just an afterthought; the prime example
for this is the Internet and its security failures.
We believe that ensuring user confidence and the
long-term the success of the technology depends
upon addressing security threats.
However, most PHMS, considering its time-
constrained mission critical nature (Venkatasub-
ramanian, Banerjee, & Gupta, EKG-based Key
Agreement in Body Sensor Networks, 2008), are
still designed solely to monitor health conditions
with only the usability goals in mind - achiev-
ing data availability, efficiency, and autonomy/
self-configuration (Halperin, Heydt-Benjamin,
Fu, Kohno, & Maisel, 2008). Any user (and the
environment itself) is considered benign and se-
curity is mostly dispensed with. Such an approach
can have serious consequences especially as the
technology becomes more wide-spread. A case
in point is the recent news on pacemakers which
were shown to communicate sensitive data in clear
channel and were easily programmed by research-
ers posing as potential attackers (Halperin, et al.,
2008). On the other hand, those who do recognize
the potential threats consider security in isolation
resulting in schemes which require: (1) initializa-
tion and setup of keying materials (Eschenauerl
& Gligor, 2002) affecting system autonomy, (2)
large storage space (Eschenauerl & Gligor, 2002)
(Perrig, Szewczyk, Wen, Culler, & Tygar, 2002)
affecting the efficiency, and (3) large computation
and communication requirements (Zhu, Setia, &
S.Jajodia, 2006) (Perrig, Szewczyk, Wen, Culler,
& Tygar, 2002) which affect the efficiency and
availability of the system. A solution is therefore
required which makes security an integral part of
the usability goals, i.e. usable security.
The requirements of providing security in the
domain of pervasive healthcare are not different
from traditional systems and rely on the mainte-
nance of three basic properties. (1)
Data Integrity
:
Security in Pervasive Healthcare
The sensitive nature of health information col-
lected by Pervasive Health Monitoring Systems
(PHMS) mandates that patient's privacy be
protected by securing the medical data from
any unauthorized access. Privacy protection of
the health data is also a legal requirement as per
Health Insurance Portability and Accountabil-
ity Act (HIPAA) (Summary of HIPAA: Health
Insurance Probability and Accountability Act,
May 2003) and EU's Data Protection Directive
(Union, 1995) which mandates all personally
identifiable health information be protected. The
need for security in PHMS has been well docu-
Search WWH ::
Custom Search