Security, Privacy and Legal Issues in Pervasive eHealth Monitoring Systems

Kargl, Frank; Lawrence, Elaine; Fischer, Mona; Lim, Yen Yang

doi:10.1109/icmb.2008.31

Cited by 50 publications

(23 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…All these steps can be done online very efficiently which means a private monitoring system can be established within a few minutes. Although such a system can be useful for healthcare purposes, as studied in Kargl et al (2008), it can come with some privacy issues. Simply, people may not feel comfortable with having their activities always being monitored.…”

Section: Social Implications Of Activitymonitormentioning

confidence: 99%

Motion and audio analysis in mobile devices for remote monitoring of physical activities and user authentication

Ketabdar

Qureshi

Hui

2011

Journal of Location Based Services

View full text Add to dashboard Cite

In this article we propose the use of accelerometer embedded by default in smartphone as a cost-effective, reliable and efficient way to provide remote physical activity monitoring for the elderly and people requiring healthcare service. Mobile phones are regularly carried by users during their dayto-day work routine, physical movement information can be captured by the mobile phone accelerometer, processed and sent to a remote server for monitoring. The acceleration pattern can deliver information related to the pattern of physical activities the user is engaged in. We further show how this technique can be extended to provide implicit real-time security by analysing unexpected movements captured by the phone accelerometer, and automatically locking the phone in such situation to prevent unauthorised access. This technique is also shown to provide implicit continuous user authentication, by capturing regular user movements such as walking, and requesting for re-authentication whenever it detects a nonregular movement.

show abstract

Section: Social Implications Of Activitymonitormentioning

confidence: 99%

Motion and audio analysis in mobile devices for remote monitoring of physical activities and user authentication

Ketabdar

Qureshi

Hui

2011

Journal of Location Based Services

View full text Add to dashboard Cite

show abstract

“…Security and privacy implications were analyzed in the study presented by Kargl et al, 2008 on E-health monitoring. The authors discussed the types of threats and attacks that are likely to occur when considering ubiquitous health monitoring system.…”

Section: Discussionmentioning

confidence: 99%

Ubiquitous Health Monitoring Systems: Addressing Security Concerns

Elkhodr¹

2011

Journal of Computer Science

View full text Add to dashboard Cite

Problem statement:It is important to secure the transmission of patient's EHR in remote health monitoring systems. Security is among the main issues that need to be realized for the adaption of this monitoring technology. The face of healthcare is changing as ubiquitous computing technologies are being incorporated into the existing infrastructure. We specify the requirements, needed security mechanism, outstanding issues and the future challenges as well as the open problems that need to be achieved. Approach: Although there were benefits to technology, approaches that offer reliable privacy and security features must be presented to users in order to make these systems socially accepted. Results: We investigated the privacy and security implications generated from the deployment of remote health monitoring technology. To achieve these security requirements, building on the strengths of Transport Layer Security (TLS) protocol, a trust negotiation approach was proposed. The application of this approach results in significant improvements in overcoming security related concerns compared to the traditional identity-based only access control techniques. Conclusion: We believe these considerations will eventually contribute toward an efficient and practical deployment of remote monitoring systems.

show abstract

“…The approach follows the Hohfeld legal taxonomy (Hohfeld 1913) and nature language patterns (Breaux and Antón 2008) to model and analyze legal text and Secure Tropos to extract and analyze security requirements (Mouratidis 2004); a smart card-based system was used as a case study to evaluate usefulness of the proposed approach. Kargl et al (2008) analyzed the security and privacy requirements of pervasive eHealth monitoring systems (PEMS) which use wireless sensor networks. Based on their experience developing their eHealth system, ReMoteCare, they devised a model of such systems which they use to discuss threats and attacks, address security requirements, and give guidelines for security mechanisms.…”

Section: Related Workmentioning

confidence: 99%

“…Most attempts have focused on healthcare regulations (Bada and Madon 2006;Breaux et al 2006;May et al 2006;Kargl et al 2008;Massey et al 2010;Wu et al 2012;. For this, there is a need to further validate Breaux and Antón methodology, heuristics, and patterns within the context of financial regulations and aviation standards to determine its applicability beyond healthcare.…”

Section: Related Workmentioning

confidence: 99%

Regulatory Rules for Security Requirements of Financial Information Systems: Attempt to Formalize

Ebad

2017

Eur J Secur Res

View full text Add to dashboard Cite

As a result of the economic growth and increasing technology usage, financial systems are becoming pervasive and automate customer processes and data. These systems, like other systems that are governed by law, are required to comply with governmental regulations. However, this requirement is not easy to implement because of the challenge that comes from domain-specific definitions and the ambiguities that exist in laws. Moreover, mining financial data requires a combination of domain and technical knowledge plus an understanding of how the financial markets are manipulated. Thus, there is a business need to formalize security texts, extract rules, and then enforce them throughout the supply chain. Most of the approaches that have tried to achieve this need were validated on healthcare systems. Using a case study from Saudi Arabia, we applied a well-known approach proposed by Breaux and Antón on a quite different domain, Saudi stock exchange (Tadawul). Security in Saudi Arabia is an issue because of the highincome Saudi economy. Without such validation on non-healthcare domains, it is premature to automate Breaux and Antón approach which is currently performed manually. We also used readability analysis of Tadawul's regulations based on proven metrics. As a result, we extracted and formalized two rights, eight obligations, eighteen constraints, and seven rules. From readability view, Tadawul's regulations considerably need reading skills. Our analysis can help standards organizations, requirements engineers, systems administrators, and policy makers by ensuring that their systems conform to law.

show abstract

Security, Privacy and Legal Issues in Pervasive eHealth Monitoring Systems

Cited by 50 publications

References 9 publications

Motion and audio analysis in mobile devices for remote monitoring of physical activities and user authentication

Motion and audio analysis in mobile devices for remote monitoring of physical activities and user authentication

Ubiquitous Health Monitoring Systems: Addressing Security Concerns

Regulatory Rules for Security Requirements of Financial Information Systems: Attempt to Formalize

Contact Info

Product

Resources

About