Your browser doesn't support javascript.
Show: 20 | 50 | 100
Results 1 - 20 de 80
Filter
Add filters

Document Type
Year range
1.
Sensors (Basel) ; 21(24)2021 Dec 08.
Article in English | MEDLINE | ID: covidwho-1591121

ABSTRACT

Accidentally clicking on a link is a type of human error known as a slip in which a user unintentionally performs an unintended task. The risk magnitude is the probability of occurrences of such error with a possible substantial effect to which even experienced individuals are susceptible. Phishing attacks take advantage of slip-based human error by attacking psychological aspects of the users that lead to unintentionally clicking on phishing links. Such actions may lead to installing tracking software, downloading malware or viruses, or stealing private, sensitive information, to list a few. Therefore, a system is needed that detects whether a click on a link is intentional or unintentional and, if unintentional, can then prevent it. This paper proposes a micro-behavioral accidental click detection system (ACDS) to prevent slip-based human error. A within-subject-based experiment was conducted with 20 participants to test the potential of the proposed system. The results reveal the statistical significance between the two cases of intentional vs. unintentional clicks using a smartphone. Random tree, random forest, and support vector machine classifiers were used, exhibiting 82.6%, 87.2%, and 91.6% accuracy in detecting unintentional clicks, respectively.


Subject(s)
Computer Security , Software , Accidents , Data Collection , Humans
2.
J Med Internet Res ; 23(2): e25120, 2021 02 25.
Article in English | MEDLINE | ID: covidwho-1575528

ABSTRACT

Multisite medical data sharing is critical in modern clinical practice and medical research. The challenge is to conduct data sharing that preserves individual privacy and data utility. The shortcomings of traditional privacy-enhancing technologies mean that institutions rely upon bespoke data sharing contracts. The lengthy process and administration induced by these contracts increases the inefficiency of data sharing and may disincentivize important clinical treatment and medical research. This paper provides a synthesis between 2 novel advanced privacy-enhancing technologies-homomorphic encryption and secure multiparty computation (defined together as multiparty homomorphic encryption). These privacy-enhancing technologies provide a mathematical guarantee of privacy, with multiparty homomorphic encryption providing a performance advantage over separately using homomorphic encryption or secure multiparty computation. We argue multiparty homomorphic encryption fulfills legal requirements for medical data sharing under the European Union's General Data Protection Regulation which has set a global benchmark for data protection. Specifically, the data processed and shared using multiparty homomorphic encryption can be considered anonymized data. We explain how multiparty homomorphic encryption can reduce the reliance upon customized contractual measures between institutions. The proposed approach can accelerate the pace of medical research while offering additional incentives for health care and research institutes to employ common data interoperability standards.


Subject(s)
Computer Security/ethics , Information Dissemination/ethics , Privacy/legislation & jurisprudence , Technology/methods , Humans
3.
Sensors (Basel) ; 21(21)2021 Oct 23.
Article in English | MEDLINE | ID: covidwho-1480942

ABSTRACT

Diverse forms of artificial intelligence (AI) are at the forefront of triggering digital security innovations based on the threats that are arising in this post-COVID world. On the one hand, companies are experiencing difficulty in dealing with security challenges with regard to a variety of issues ranging from system openness, decision making, quality control, and web domain, to mention a few. On the other hand, in the last decade, research has focused on security capabilities based on tools such as platform complacency, intelligent trees, modeling methods, and outage management systems in an effort to understand the interplay between AI and those issues. the dependence on the emergence of AI in running industries and shaping the education, transports, and health sectors is now well known in the literature. AI is increasingly employed in managing data security across economic sectors. Thus, a literature review of AI and system security within the current digital society is opportune. This paper aims at identifying research trends in the field through a systematic bibliometric literature review (LRSB) of research on AI and system security. the review entails 77 articles published in the Scopus® database, presenting up-to-date knowledge on the topic. the LRSB results were synthesized across current research subthemes. Findings are presented. the originality of the paper relies on its LRSB method, together with an extant review of articles that have not been categorized so far. Implications for future research are suggested.


Subject(s)
Artificial Intelligence , COVID-19 , Computer Security , Data Systems , Humans , SARS-CoV-2
4.
Nat Commun ; 12(1): 5757, 2021 10 01.
Article in English | MEDLINE | ID: covidwho-1447304

ABSTRACT

The large amount of biomedical data derived from wearable sensors, electronic health records, and molecular profiling (e.g., genomics data) is rapidly transforming our healthcare systems. The increasing scale and scope of biomedical data not only is generating enormous opportunities for improving health outcomes but also raises new challenges ranging from data acquisition and storage to data analysis and utilization. To meet these challenges, we developed the Personal Health Dashboard (PHD), which utilizes state-of-the-art security and scalability technologies to provide an end-to-end solution for big biomedical data analytics. The PHD platform is an open-source software framework that can be easily configured and deployed to any big data health project to store, organize, and process complex biomedical data sets, support real-time data analysis at both the individual level and the cohort level, and ensure participant privacy at every step. In addition to presenting the system, we illustrate the use of the PHD framework for large-scale applications in emerging multi-omics disease studies, such as collecting and visualization of diverse data types (wearable, clinical, omics) at a personal level, investigation of insulin resistance, and an infrastructure for the detection of presymptomatic COVID-19.


Subject(s)
Data Science/methods , Medical Records Systems, Computerized , Big Data , Computer Security , Data Analysis , Health Information Interoperability , Humans , Information Storage and Retrieval , Software
5.
Comput Math Methods Med ; 2021: 8081276, 2021.
Article in English | MEDLINE | ID: covidwho-1435106

ABSTRACT

The use of Internet technology has led to the availability of different multimedia data in various formats. The unapproved customers misuse multimedia information by conveying them on various web objections to acquire cash deceptively without the first copyright holder's intervention. Due to the rise in cases of COVID-19, lots of patient information are leaked without their knowledge, so an intelligent technique is required to protect the integrity of patient data by placing an invisible signal known as a watermark on the medical images. In this paper, a new method of watermarking is proposed on both standard and medical images. The paper addresses the use of digital rights management in medical field applications such as embedding the watermark in medical images related to neurodegenerative disorders, lung disorders, and heart issues. The various quality parameters are used to figure out the evaluation of the developed method. In addition, the testing of the watermarking scheme is done by applying various signal processing attacks.


Subject(s)
COVID-19/diagnostic imaging , Computer Security , Neurodegenerative Diseases/diagnostic imaging , Neurodegenerative Diseases/genetics , Algorithms , Computational Biology/methods , Humans , Image Interpretation, Computer-Assisted/methods , Internet , Models, Statistical
6.
Health Inf Manag ; 50(1-2): 26-34, 2021.
Article in English | MEDLINE | ID: covidwho-1398798

ABSTRACT

BACKGROUND: The use of information and communication technology (ICT) has tremendous potential to enhance communication among physicians, leading to improvements in service delivery. However, the protection of health information in digital/electronic format is an ongoing concern. OBJECTIVE: The purpose of this study was to examine guidance for the protection of health information when using ICT from all 10 of Canada's provincial regulatory colleges for physicians and to discuss the potential policy and service delivery implications. METHOD: A search of the regulatory college websites was conducted, followed by a document analysis (content and thematic). RESULTS: The college website search identified 522 documents; 12 of these documents (from 8 of the 10 colleges) met the study criteria. These documents were notable for the considerable variation in the scope and detail of guidance provided across the colleges. CONCLUSION: While the federal-provincial division of powers in Canada enables different jurisdictional approaches to health service delivery and, thus, opportunities for policy learning, this governing structure may also contribute to a lack of incentive for collaboration, leading to an absence of standardised guidance for health information protection when using ICT. This, in turn, may result in unequal and inequitable protection of health information across the provinces. Therefore, a macro-level approach to policy development in this area may hold the greatest promise for enhancing the protection of health information and doing so in a more standardised manner in countries with federal systems of governance.


Subject(s)
COVID-19 , Communication , Computer Security , Government Regulation , Medical Informatics , Canada , Health Policy , Medical Informatics/legislation & jurisprudence , Physicians , Policy Making , SARS-CoV-2
7.
Yearb Med Inform ; 30(1): 219-225, 2021 Aug.
Article in English | MEDLINE | ID: covidwho-1392953

ABSTRACT

OBJECTIVES: Provide an overview of the emerging themes and notable papers which were published in 2020 in the field of Bioinformatics and Translational Informatics (BTI) for the International Medical Informatics Association Yearbook. METHODS: A team of 16 individuals scanned the literature from the past year. Using a scoring rubric, papers were evaluated on their novelty, importance, and objective quality. 1,224 Medical Subject Headings (MeSH) terms extracted from these papers were used to identify themes and research focuses. The authors then used the scoring results to select notable papers and trends presented in this manuscript. RESULTS: The search phase identified 263 potential papers and central themes of coronavirus disease 2019 (COVID-19), machine learning, and bioinformatics were examined in greater detail. CONCLUSIONS: When addressing a once in a centruy pandemic, scientists worldwide answered the call, with informaticians playing a critical role. Productivity and innovations reached new heights in both TBI and science, but significant research gaps remain.


Subject(s)
COVID-19 , Computational Biology , Machine Learning , Biological Specimen Banks , Computer Security , Publishing/trends , SARS-CoV-2
8.
Yearb Med Inform ; 30(1): 233-238, 2021 Aug.
Article in English | MEDLINE | ID: covidwho-1392947

ABSTRACT

OBJECTIVES: To summarize key contributions to current research in the field of Clinical Research Informatics (CRI) and to select best papers published in 2020. METHOD: A bibliographic search using a combination of Medical Subject Headings (MeSH) descriptors and free-text terms on CRI was performed using PubMed, followed by a double-blind review in order to select a list of candidate best papers to be then peer-reviewed by external reviewers. After peer-review ranking, a consensus meeting between two section editors and the editorial team was organized to finally conclude on the selected four best papers. RESULTS: Among the 877 papers published in 2020 and returned by the search, there were four best papers selected. The first best paper describes a method for mining temporal sequences from clinical documents to infer disease trajectories and enhancing high-throughput phenotyping. The authors of the second best paper demonstrate that the generation of synthetic Electronic Health Record (EHR) data through Generative Adversarial Networks (GANs) could be substantially improved by more appropriate training and evaluation criteria. The third best paper offers an efficient advance on methods to detect adverse drug events by computer-assisting expert reviewers with annotated candidate mentions in clinical documents. The large-scale data quality assessment study reported by the fourth best paper has clinical research informatics implications, in terms of the trustworthiness of inferences made from analysing electronic health records. CONCLUSIONS: The most significant research efforts in the CRI field are currently focusing on data science with active research in the development and evaluation of Artificial Intelligence/Machine Learning (AI/ML) algorithms based on ever more intensive use of real-world data and especially EHR real or synthetic data. A major lesson that the coronavirus disease 2019 (COVID-19) pandemic has already taught the scientific CRI community is that timely international high-quality data-sharing and collaborative data analysis is absolutely vital to inform policy decisions.


Subject(s)
Biomedical Research , Medical Informatics , Computer Security , Data Mining , Electronic Health Records , Humans , Machine Learning , Pharmacovigilance , Phenotype
9.
Yearb Med Inform ; 30(1): 226-232, 2021 Aug.
Article in English | MEDLINE | ID: covidwho-1392945

ABSTRACT

OBJECTIVE: This survey article presents a literature review of relevant publications aiming to explore whether the EU's General Data Protection Regulation (GDPR) has held true during a time of crisis and the implications that arose during the COVID-19 outbreak. METHOD AND RESULTS: Based on the approach taken and the screening of the relevant articles, the results focus on three themes: a critique on GDPR; the ethics surrounding the use of digital health technologies, namely in the form of mobile applications; and the possibility of cross border transfers of said data outside of Europe. Within this context, the article reviews the arising themes, considers the use of data through mobile health applications, and discusses whether data protection may require a revision when balancing societal and personal interests. CONCLUSIONS: In summary, although it is clear that the GDPR has been applied through a mixed and complex experience with data handling during the pandemic, the COVID-19 pandemic has indeed shown that it was a test the GDPR was designed and prepared to undertake. The article suggests that further review and research is needed to first ensure that an understanding of the state of the art in data protection during the pandemic is maintained and second to subsequently explore and carefully create a specific framework for the ethical considerations involved. The paper echoes the literature reviewed and calls for the creation of a unified and harmonised network or database to enable the secure data sharing across borders.


Subject(s)
COVID-19 , Computer Security/legislation & jurisprudence , Data Collection/ethics , Information Dissemination/ethics , Computer Security/ethics , Confidentiality , Data Collection/legislation & jurisprudence , European Union , Government Regulation , Humans , Information Dissemination/legislation & jurisprudence
10.
Actas Dermosifiliogr (Engl Ed) ; 112(2): 127-133, 2021 Feb.
Article in English, Spanish | MEDLINE | ID: covidwho-1384814

ABSTRACT

Teledermatology is now fully incorporated into our clinical practice. However, after reviewing current legislation on the ethical aspects of teledermatology (data confidentiality, quality of care, patient autonomy, and privacy) as well as insurance and professional responsibility, we observed that a specific regulatory framework is still lacking and related legal aspects are still at a preliminary stage of development. Safeguarding confidentiality and patient autonomy and ensuring secure storage and transfer of data are essential aspects of telemedicine. One of the main topics of debate has been the responsibilities of the physicians involved in the process, with the concept of designating a single responsible clinician emerging as a determining factor in the allocation of responsibility in this setting. A specific legal and regulatory framework must be put in place to ensure the safe practice of teledermatology for medical professionals and their patients.


Subject(s)
Confidentiality , Dermatology , Telemedicine , COVID-19/epidemiology , Computer Security/ethics , Computer Security/legislation & jurisprudence , Confidentiality/ethics , Confidentiality/legislation & jurisprudence , Dermatology/ethics , Dermatology/legislation & jurisprudence , Emergencies , European Union , Humans , Informed Consent/legislation & jurisprudence , Insurance, Liability/legislation & jurisprudence , Pandemics , Personal Autonomy , SARS-CoV-2 , Spain , Telemedicine/ethics , Telemedicine/legislation & jurisprudence
11.
Ann R Coll Surg Engl ; 103(8): 561-568, 2021 Sep.
Article in English | MEDLINE | ID: covidwho-1379819

ABSTRACT

BACKGROUND: The COVID-19 pandemic and the eventual national lockdown in the UK brought a halt to the face-to-face outpatient appointments at most NHS hospitals. Owing to this, clinicians have had to switch to other means of consultation, to maintain continuity of care. This survey was done to see how surgeons perceive telemedicine as part of their surgical consultations. METHODS: A questionnaire was piloted and re-designed following which an improved questionnaire was circulated among all users of telemedicine in surgical specialties through social media platforms. The results were analysed using smart survey software. RESULTS: Seventy per cent of the respondents had never used telemedicine before the COVID-19 pandemic. Three-quarters of the respondents found difficulty in assessing patients preoperatively. A significant proportion were worried about confidentiality and data security. The other concerns expressed were difficulty in building a rapport and the absence of a legal framework to support the surgeons in the transition. Despite some concerns, most of them were in favour of using telemedicine in the future with some improvements. CONCLUSION: As the pandemic prevented people from attending face-to-face appointments, remote consultations were stepped up to help overcome the difficulties. Screening services were suspended and treatment accumulated. Telemedicine will be a corner-stone service as healthcare systems attempt to tackle this backlog. The already existing software need to be further explored. Future studies must address the use of telemedicine in preoperative consultations. Regulatory bodies must ensure that there is adequate legal framework in place so that clinicians continue to embrace telemedicine.


Subject(s)
Attitude of Health Personnel , Remote Consultation , Surgeons , COVID-19 , Computer Security , Confidentiality , Cross-Sectional Studies , Humans , Pandemics , Surveys and Questionnaires , United Kingdom
12.
Sci Rep ; 11(1): 17332, 2021 08 30.
Article in English | MEDLINE | ID: covidwho-1379335

ABSTRACT

Private Set Intersection Cardinality that enable Multi-party to privately compute the cardinality of the set intersection without disclosing their own information. It is equivalent to a secure, distributed database query and has many practical applications in privacy preserving and data sharing. In this paper, we propose a novel quantum private set intersection cardinality based on Bloom filter, which can resist the quantum attack. It is a completely novel constructive protocol for computing the intersection cardinality by using Bloom filter. The protocol uses single photons, so it only need to do some simple single-photon operations and tests. Thus it is more likely to realize through the present technologies. The validity of the protocol is verified by comparing with other protocols. The protocol implements privacy protection without increasing the computational complexity and communication complexity, which are independent with data scale. Therefore, the protocol has a good prospects in dealing with big data, privacy-protection and information-sharing, such as the patient contact for COVID-19.


Subject(s)
COVID-19 , Computer Security , Confidentiality , Computer Communication Networks , Confidentiality/legislation & jurisprudence , Humans , Information Dissemination
14.
Sensors (Basel) ; 21(16)2021 Aug 15.
Article in English | MEDLINE | ID: covidwho-1376959

ABSTRACT

Addressing cyber and privacy risks has never been more critical for organisations. While a number of risk assessment methodologies and software tools are available, it is most often the case that one must, at least, integrate them into a holistic approach that combines several appropriate risk sources as input to risk mitigation tools. In addition, cyber risk assessment primarily investigates cyber risks as the consequence of vulnerabilities and threats that threaten assets of the investigated infrastructure. In fact, cyber risk assessment is decoupled from privacy impact assessment, which aims to detect privacy-specific threats and assess the degree of compliance with data protection legislation. Furthermore, a Privacy Impact Assessment (PIA) is conducted in a proactive manner during the design phase of a system, combining processing activities and their inter-dependencies with assets, vulnerabilities, real-time threats and Personally Identifiable Information (PII) that may occur during the dynamic life-cycle of systems. In this paper, we propose a cyber and privacy risk management toolkit, called AMBIENT (Automated Cyber and Privacy Risk Management Toolkit) that addresses the above challenges by implementing and integrating three distinct software tools. AMBIENT not only assesses cyber and privacy risks in a thorough and automated manner but it also offers decision-support capabilities, to recommend optimal safeguards using the well-known repository of the Center for Internet Security (CIS) Controls. To the best of our knowledge, AMBIENT is the first toolkit in the academic literature that brings together the aforementioned capabilities. To demonstrate its use, we have created a case scenario based on information about cyber attacks we have received from a healthcare organisation, as a reference sector that faces critical cyber and privacy threats.


Subject(s)
Computer Security , Privacy , Risk Assessment , Risk Management
15.
Sensors (Basel) ; 21(15)2021 Aug 03.
Article in English | MEDLINE | ID: covidwho-1346534

ABSTRACT

This paper discusses the valuable role recommender systems may play in cybersecurity. First, a comprehensive presentation of recommender system types is presented, as well as their advantages and disadvantages, possible applications and security concerns. Then, the paper collects and presents the state of the art concerning the use of recommender systems in cybersecurity; both the existing solutions and future ideas are presented. The contribution of this paper is two-fold: to date, to the best of our knowledge, there has been no work collecting the applications of recommenders for cybersecurity. Moreover, this paper attempts to complete a comprehensive survey of recommender types, after noticing that other works usually mention two-three types at once and neglect the others.


Subject(s)
Algorithms , Computer Security , Humans
16.
Sensors (Basel) ; 21(15)2021 Jul 30.
Article in English | MEDLINE | ID: covidwho-1346528

ABSTRACT

The fifth generation (5G) of cellular networks improves the precision of user localization and provides the means to disclose location information to over-the-top (OTT) service providers. The network data analytics function (NWDAF) can further elaborate this information at an aggregated level using artificial intelligence techniques. These powerful features may lead to the improper use of user location information by mobile network operators (MNOs) and OTT service providers. Moreover, vulnerabilities at various layers may also leak user location information to eavesdroppers. Hence, the privacy of users is likely at risk, as location is part of their sensitive data. In this paper, we first go through the evolution of localization in cellular networks and investigate their effects on location privacy. Then, we propose a location-privacy-preserving integrated solution comprising virtual private mobile networks, an independent authentication and billing authority, and functions to protect wireless signals against location information leakage. Moreover, we advocate the continuous and detailed control of localization services by the user.


Subject(s)
Computer Security , Privacy , Artificial Intelligence , Humans
17.
Sensors (Basel) ; 21(15)2021 Jul 28.
Article in English | MEDLINE | ID: covidwho-1346526

ABSTRACT

Background: Cybersecurity is increasingly becoming a prominent concern among healthcare providers in adopting digital technologies for improving the quality of care delivered to patients. The recent reports on cyber attacks, such as ransomware and WannaCry, have brought to life the destructive nature of such attacks upon healthcare. In complement to cyberattacks, which have been targeted against the vulnerabilities of information technology (IT) infrastructures, a new form of cyber attack aims to exploit human vulnerabilities; such attacks are categorised as social engineering attacks. Following an increase in the frequency and ingenuity of attacks launched against hospitals and clinical environments with the intention of causing service disruption, there is a strong need to study the level of awareness programmes and training activities offered to the staff by healthcare organisations. Objective: The objective of this systematic review is to identify commonly encountered factors that cybersecurity postures of a healthcare organisation, resulting from the ignorance of cyber threat to healthcare. The systematic review aims to consolidate the current literature being reported upon human behaviour resulting in security gaps that mitigate the cyber defence strategy adopted by healthcare organisations. Additionally, the paper also reviews the organisational risk assessment methodology implemented and the policies being adopted to strengthen cybersecurity. Methods: The topic of cybersecurity within healthcare and the clinical environment has attracted the interest of several researchers, resulting in a broad range of literature. The inclusion criteria for the articles in the review stem from the scope of the five research questions identified. To this end, we conducted seven search queries across three repositories, namely (i) PubMed®/MED-LINE; (ii) Cumulative Index to Nursing and Allied Health Literature (CINAHL); and (iii) Web of Science (WoS), using key words related to cybersecurity awareness, training, organisation risk assessment methodologies, policies and recommendations adopted as counter measures within health care. These were restricted to around the last 12 years. Results: A total of 70 articles were selected to be included in the review, which addresses the complexity of cybersecurity measures adopted within the healthcare and clinical environments. The articles included in the review highlight the evolving nature of cybersecurity threats stemming from exploiting IT infrastructures to more advanced attacks launched with the intent of exploiting human vulnerability. A steady increase in the literature on the threat of phishing attacks evidences the growing threat of social engineering attacks. As a countermeasure, through the review, we identified articles that provide methodologies resulting from case studies to promote cybersecurity awareness among stakeholders. The articles included highlight the need to adopt cyber hygiene practices among healthcare professionals while accessing social media platforms, which forms an ideal test bed for the attackers to gain insight into the life of healthcare professionals. Additionally, the review also includes articles that present strategies adopted by healthcare organisations in countering the impact of social engineering attacks. The evaluation of the cybersecurity risk assessment of an organisation is another key area of study reported in the literature that recommends the organisation of European and international standards in countering social engineering attacks. Lastly, the review includes articles reporting on national case studies with an overview of the economic and societal impact of service disruptions encountered due to cyberattacks. Discussion: One of the limitations of the review is the subjective ranking of the authors associated to the relevance of literature to each of the research questions identified. We also acknowledge the limited amount of literature that focuses on human factors of cybersecurity in health care in general; therefore, the search queries were formulated using well-established cybersecurity related topics categorised according to the threats, risk assessment and organisational strategies reported in the literature.


Subject(s)
Computer Security , Social Media , Delivery of Health Care , Hospitals , Humans
18.
J Med Internet Res ; 23(7): e26371, 2021 07 12.
Article in English | MEDLINE | ID: covidwho-1311341

ABSTRACT

BACKGROUND: Various techniques are used to support contact tracing, which has been shown to be highly effective against the COVID-19 pandemic. To apply the technology, either quarantine authorities should provide the location history of patients with COVID-19, or all users should provide their own location history. This inevitably exposes either the patient's location history or the personal location history of other users. Thus, a privacy issue arises where the public good (via information release) comes in conflict with privacy exposure risks. OBJECTIVE: The objective of this study is to develop an effective contact tracing system that does not expose the location information of the patient with COVID-19 to other users of the system, or the location information of the users to the quarantine authorities. METHODS: We propose a new protocol called PRivacy Oriented Technique for Epidemic Contact Tracing (PROTECT) that securely shares location information of patients with users by using the Brakerski/Fan-Vercauteren homomorphic encryption scheme, along with a new, secure proximity computation method. RESULTS: We developed a mobile app for the end-user and a web service for the quarantine authorities by applying the proposed method, and we verified their effectiveness. The proposed app and web service compute the existence of intersections between the encrypted location history of patients with COVID-19 released by the quarantine authorities and that of the user saved on the user's local device. We also found that this contact tracing smartphone app can identify whether the user has been in contact with such patients within a reasonable time. CONCLUSIONS: This newly developed method for contact tracing shares location information by using homomorphic encryption, without exposing the location information of patients with COVID-19 and other users. Homomorphic encryption is challenging to apply to practical issues despite its high security value. In this study, however, we have designed a system using the Brakerski/Fan-Vercauteren scheme that is applicable to a reasonable size and developed it to an operable format. The developed app and web service can help contact tracing for not only the COVID-19 pandemic but also other epidemics.


Subject(s)
COVID-19/diagnosis , Computer Security , Contact Tracing/ethics , Contact Tracing/methods , Patient Rights , Privacy , Biomedical Technology/ethics , Biomedical Technology/methods , COVID-19/epidemiology , Computer Security/ethics , Computer Security/standards , Confidentiality , Humans , Mobile Applications , Pandemics , Quarantine , SARS-CoV-2
19.
PLoS One ; 16(6): e0252169, 2021.
Article in English | MEDLINE | ID: covidwho-1256037

ABSTRACT

Faced with the emergence of the Covid-19 pandemic, and to better understand and contain the disease's spread, health organisations increased the collaboration with other organisations sharing health data with data scientists and researchers. Data analysis assists such organisations in providing information that could help in decision-making processes. For this purpose, both national and regional health authorities provided health data for further processing and analysis. Shared data must comply with existing data protection and privacy regulations. Therefore, a robust de-identification procedure must be used, and a re-identification risk analysis should also be performed. De-identified data embodies state-of-the-art approaches in Data Protection by Design and Default because it requires the protection of direct and indirect identifiers (not just direct). This article highlights the importance of assessing re-identification risk before data disclosure by analysing a data set of individuals infected by Covid-19 that was made available for research purposes. We stress that it is highly important to make this data available for research purposes and that this process should be based on the state of the art methods in Data Protection by Design and by Default. Our main goal is to consider different re-identification risk analysis scenarios since the information on the intruder side is unknown. Our conclusions show that there is a risk of identity disclosure for all of the studied scenarios. For one, in particular, we proceed to an example of a re-identification attack. The outcome of such an attack reveals that it is possible to identify individuals with no much effort.


Subject(s)
COVID-19/transmission , Confidentiality/ethics , Pandemics/ethics , Civil Rights , Computer Security , Confidentiality/trends , Disclosure , Humans , Privacy , SARS-CoV-2/metabolism , SARS-CoV-2/pathogenicity
20.
Sensors (Basel) ; 21(9)2021 Apr 26.
Article in English | MEDLINE | ID: covidwho-1238946

ABSTRACT

The Internet of things (IoT) has emerged as a topic of intense interest among the research and industrial community as it has had a revolutionary impact on human life. The rapid growth of IoT technology has revolutionized human life by inaugurating the concept of smart devices, smart healthcare, smart industry, smart city, smart grid, among others. IoT devices' security has become a serious concern nowadays, especially for the healthcare domain, where recent attacks exposed damaging IoT security vulnerabilities. Traditional network security solutions are well established. However, due to the resource constraint property of IoT devices and the distinct behavior of IoT protocols, the existing security mechanisms cannot be deployed directly for securing the IoT devices and network from the cyber-attacks. To enhance the level of security for IoT, researchers need IoT-specific tools, methods, and datasets. To address the mentioned problem, we provide a framework for developing IoT context-aware security solutions to detect malicious traffic in IoT use cases. The proposed framework consists of a newly created, open-source IoT data generator tool named IoT-Flock. The IoT-Flock tool allows researchers to develop an IoT use-case comprised of both normal and malicious IoT devices and generate traffic. Additionally, the proposed framework provides an open-source utility for converting the captured traffic generated by IoT-Flock into an IoT dataset. Using the proposed framework in this research, we first generated an IoT healthcare dataset which comprises both normal and IoT attack traffic. Afterwards, we applied different machine learning techniques to the generated dataset to detect the cyber-attacks and protect the healthcare system from cyber-attacks. The proposed framework will help in developing the context-aware IoT security solutions, especially for a sensitive use case like IoT healthcare environment.


Subject(s)
Internet of Things , Cities , Computer Security , Confidentiality , Delivery of Health Care , Humans
SELECTION OF CITATIONS
SEARCH DETAIL
...