Security Analysis and Implementation of Web-based Telemedicine Services with a Four-tier Architecture

Maji, Amiya K.; Mukhoty, Arpita; Majumdar, Arun; Mukhopadhyay, Jayanta; Sural, Shamik; Paul, Soubhik; Majumdar, B. C.

doi:10.4108/icst.pervasivehealth2008.2518

Cited by 11 publications

(18 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Threats related to unauthorized access of classified data can be minimized if the data storage is done behind a firewall in a private-public network architecture. The present system has been designed based on a web based multi tire-architecture proposed by Maji et al [22]. It was chosen to implement the system because it supports data security in a privatepublic network setup.…”

Section: Software Architecture and Functionalitiesmentioning

confidence: 99%

A Web Enabled Health Information System for the Neonatal Intensive Care Unit (NICU)

Ray

Dogra

Saha

et al. 2011

2011 IEEE World Congress on Services

View full text Add to dashboard Cite

Information Systems are needed for modernization of ICUs to deliver better health care services. EHR systems can improve the work flow management in health care delivery. This work proposes a secure web enabled system based on a multi-tier architecture for carrying out routine and special operations of Neonatal Intensive Care Unit (NICU). The system adopts a service oriented approach for execution of various tasks that are performed for managing NICU activities. It also facilitates decision support systems for a number of critical tasks of NICU. A prototype of the system has been installed in the neonatology department of SSKM Hospital, Kolkata, India and the staff of the hospital including doctors, nurses, laboratory personals and technicians are using it in a regular manner.

show abstract

Section: Software Architecture and Functionalitiesmentioning

confidence: 99%

A Web Enabled Health Information System for the Neonatal Intensive Care Unit (NICU)

Ray

Dogra

Saha

et al. 2011

2011 IEEE World Congress on Services

View full text Add to dashboard Cite

show abstract

“…Along with this security model, the architecture of the community's ISMS is designed. Multitier architectures (Maji et al, 2008;Chryssanthou et al, 2009) can solve authentication and security issues of the medical community and strengthen the protection of medical data against improper use, unauthorised access or accidental loss.…”

Section: Risk Treatment Planmentioning

confidence: 99%

A risk management model for securing virtual healthcare communities

Chryssanthou¹,

Varlamis

Latsiou³

2011

IJEH

View full text Add to dashboard Cite

Virtual healthcare communities aim to bring together healthcare professionals and patients, improve the quality of healthcare services and assist healthcare professionals and researchers in their everyday activities. In a secure and reliable environment, patients share their medical data with doctors, expect confidentiality and demand reliable medical consultation. Apart from a concrete policy framework, several ethical, legal and technical issues must be considered in order to build a trustful community. This research emphasises on security issues, which can arise inside a virtual healthcare community and relate to the communication and storage of data. It capitalises on a standardised risk management methodology and a prototype architecture for healthcare community portals and justifies a security model that allows the identification, estimation and evaluation of potential security risks for the community. A hypothetical virtual healthcare community is employed in order to portray security risks and the solutions that the security model provides.

show abstract

“…These networked devices provide services such as telemedicine, health information exchange, and precision medicine. As these devices have immediate effects on the lives of patients, security management is critical [2][3][4][5][6][7][8][9][10][11][12]. In particular, data transmission from wired to wireless networks requires specific security guidelines for data processing and management and medical device development [13].…”

Section: Introductionmentioning

confidence: 99%

“…Telemedicine System Architecture A telemedicine system [1] can be divided into two sections according to its components: (1) components accessible to the user (or patient), such as the telemedicine terminal, and (2) components available to the telemedicine service provider only, such as the telemedicine system and medical team. The possible security threat scenarios based on information flow through the various components are summarized below [11,12] (Fig. 1):…”

Section: Introductionmentioning

confidence: 99%

Risk management-based security evaluation model for telemedicine systems

Kim¹,

Choi²,

Han

2020

Preprint

View full text Add to dashboard Cite

Background: Infectious diseases that can cause epidemics, such as COVID-19, SARS-CoV, and MERS-CoV, constitute a major social issue, with healthcare providers fearing secondary, tertiary, and even quaternary infections. To alleviate this problem, telemedicine is increasingly being viewed as an effective means through which patients can be diagnosed and medications prescribed by doctors via untact (i.e., non-face-to-facemedical services. Thus, concomitant with developments in information and communication technology (ICT), medical institutions have actively analyzed and applied ICT to medical systems to provide optimal medical services. However, with the convergence of these diverse technologies, various risks and security threats have emerged. To protect patients and improve telemedicine quality for patient safety, it is necessary to analyze these risks and security threats comprehensively and institute appropriate countermeasures. Methods: The security threats likely to be encountered in each of seven telemedicine service areas were analyzed, and related data were collected directly through on-site surveys by a medical institution. Subsequently, an attack tree, the most popular reliability and risk modeling approach for systematically characterizing the potential risks of telemedicine systems, was examined and utilized with the attack occurrence probability and attack success probability as variables to provide a comprehensive risk assessment method. Results: In this study, the most popular modelling method, an attack tree, was applied to the telemedicine environment, and the security concerns for telemedicine systems were found to be very large. Risk management and evaluation methods suitable for the telemedicine environment were identified, and their benefits and potential limitations were assessed. Conclusion: This research should be beneficial to security experts who wish to investigate the impacts of cybersecurity threats on remote healthcare and researchers who wish to identify new modeling opportunities to apply security risk modeling techniques.

show abstract

Security Analysis and Implementation of Web-based Telemedicine Services with a Four-tier Architecture

Cited by 11 publications

References 10 publications

A Web Enabled Health Information System for the Neonatal Intensive Care Unit (NICU)

A Web Enabled Health Information System for the Neonatal Intensive Care Unit (NICU)

A risk management model for securing virtual healthcare communities

Risk management-based security evaluation model for telemedicine systems

Contact Info

Product

Resources

About