Managing security and privacy in ubiquitous eHealth information interchange

Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2011

Volumn , Issue , 2011, Pages

  Oladimeji, Ebenezer A ^a   Chung, Lawrence ^b   Jung, Hyo Taeg ^c   Kim, Jaehyoun ^d  

^a Verizon Communications   (United States)

^b The University of Texas at Dallas   (United States)

^c Electronics and Telecommunications Research Institute (ETRI)   (South Korea)

^d Sungkyunkwan University   (South Korea)

Author keywords

Goal centric risk mitigation; Purpose driven policies; Sensitivity metatags; Ubiquitous eHealth; Vulnerability points

Indexed keywords

EHEALTH; META-TAGS; PURPOSE-DRIVEN POLICIES; RISK MITIGATION; VULNERABILITY POINTS;

DATA PRIVACY; HEALTH; HEALTH CARE; HEALTH RISKS; INFORMATION MANAGEMENT; SYSTEMS ANALYSIS;

UBIQUITOUS COMPUTING;

EID: 79955982545     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1968613.1968645     Document Type: Conference Paper

References (30)

1. G. D. Abowd and E. Mynatt. Charting past, present and future research in ubiquitous computing. ACM Trans. on Computer-Human Interaction, Special issue on HCI in the new Millenium, 7(1):29-58, Mar. 2000.
2. D. Brin. The Transparent Society: Will Technology Force us to Choose Between Privacy and Freedom? Basic Books, 1999.
3. L. Chung, B. A. Nixon, E. Yu, and J. Mylopolos. Non-Functional Requirements in Software Engineering. Kluwer Academic Publishers, 2000.
4. D. D. Clark and D. R. Wilson. A comparison of commercial and military computer security policies. In Proceedings of IEEE Symposium on Security and Privacy, pages 184-194, 1987.
5. CNN. 911 Caller Ignored, Killed. Available from CNN over the Internet, Oct. 2010. http://www.cnn.com/video/#/video/us/2008/05/02/.
6. P. C. I. Council. Payment card industry (pci) data security standard. Available over the Internet - July 2010. https://www.pcisecuritystandards.org.
7. N. Damianou, A. K. B, M. Sloman, and E. C. Lupu. A Survey of Policy Specification Approaches. Technical report, Department of Computing, Imperial College, London, 2002.
8. N. Damianou, N. Dulay, E. Lupu, and M. Sloman. The Ponder Policy Specification Language. Policy Workshop 2001, Bristol, U.K., Springer-Verlag, LNCS, Jan. 2001.
9. S. Doheny-Farina. The Last Link: Default = Offine, Or Why Ubicomp Scares Me. Computer-mediated Communication, 1(6):18-20, Oct. 1994.
10. M. Esler, J. Hightower, T. Anderson, and G. Borriello. Next century challenges: Data-centric networking for invisible computing. In Proceedings of MobiComS99, Seattle, WA, 1999.
11. D. Ferraiolo and R. Kuhn. Role-based access controls. In 15th NIST-NCSC National Computer Security Conference, pages 554-563, 1992.
12. R. H. R. Harper. Why Do People Wear Active Badges? Technical Report EPC-1993-120, Rank Xerox, Cambridge, MA, 1993.
13. HHS. Hipaa privacy rule. Available from Health and Human Services Department over the Internet - July 2010. www.hhs.gov/ocr/privacy/hipaa/ administrative/privacyrule/index.html.
14. J. I. Hong and J. A. Landay. An architecture for Privacy-sensitive Ubiquitous Computing. In Proc. 2nd Inter'l Conference on Mobile Systems, Applications, and Services, pages 177-189, New York, 2004.
15. M. Langheinrich. Privacy by Design - Principles of Privacy-aware Ubiquitous Systems. In Proc. Inter'l Conference on Ubiquitous Computing, pages 273-291, Gresham College, London, 2001. (Pubitemid 33347314)
16. S. Lederer, J. Hong, X. Jiang, A. Dey, J. Landay, and J. Mankoff. Towards everyday privacy for ubiquitous computing. Tech.Report UCBCSD-03-1283, Computer Sc. Division, Univ. of California, Berkeley, 2003.
17. A. Leung and C. J. Mitchell. Ninja: Non Identity Based, Privacy Preserving Authentication for Ubiquitous Environments. UbiComp 2007: Ubiquitous Computing, Lecture Notes in Computer Science, LNCS-4717:73-90, Sept. 2007.
18. A. Mihailidis, B. Carmichael, J. Boger, and G. Fernie. An intelligent environment to support aging-in-place, safety, and independence of older adults with dementia. In Proc. 2nd Inter'l Workshop on Ubiquitous Computing for Pervasive Healthcare Applications (UbiHealth-2003), Seattle, WA, 2003.
19. S. Myagmar, A. Lee, and W. Yurcik. Threat Modeling as a Basis for Security Requirements. In Proc. of the Symposium on Requirements Engineering for Info. Security (SREIS'05), Paris, France, Aug. 2005.
20. E. Oladimeji, S. Supakkul, and L. Chung. Security Threat Modeling and Analysis: A Goal-Oriented Approach. In Proc. of the 10th IASTED International Conference on Software Engineering and Applications (SEA 2006), pages 13-15, Dallas, USA, Nov. 2006.
21. E. Oladimeji, S. Supakkul, and L. Chung. A Model-driven Approach to Architecting Secure Software. In The 19th International Conference on Software Engineering and Knowledge Engineering (SEKE'07), pages 535-540, Boston, USA, July 2007.
22. R. Sasaki, S. Qing, E. Okamoto, and H. Yoshiura. Security and Privacy in the Age of Ubiquitous Computing. In Proc. IFIP TC11 20th Inter'l Information Security Conference, Chiba, Japan, 2005.
23. F. Stajano. Security for Ubiquitous Computing. John Wiley & Sons Ltd, 2002.
24. F. Stajano. Security Issues in Ubiquitous Computing. In H. Nakashima, H. Aghajan, J. C. Augusto (Eds.). Handbook of Ambient Intelligence and Smart Environments, Springer 2010.
25. V. Stanford. Pervasive Health Care Applications Face Tough Security Challenges. IEEE Pervasive Computing, 8(12), April-June 2002.
26. S. Supakkul and L. Chung. Extending Problem Frames to Deal with Stakeholder Problems: An Agent- and Goal-Oriented Approach. In Proc. of the 24th ACM Symposium on Applied Computing (RE Track), pages 389-394, Honolulu, Hawai, Mar. 9-12 2006.
27. K. Venkatasubramanian and S. K. S. Gupta. Security Solutions for Pervasive Healthcare. In Proc. of 3rd Inter'l Conference on Security in Pervasive Computing, York, UK, April 18-21 2006.
28. E. Weippl, A. Holzinger, and A. Tjoa. Security Aspects of Ubiquitous Computing in Health Care. E&I Journal, pages 156-161, 2006. (Pubitemid 43734490)
29. M. Weiser. Hot Topics: Ubiquitous Computing. IEEE Computer, pages 71-72, Oct. 1993.
30. N. Winters. Personal Privacy and Popular Ubiquitous Technology. In Proc. of UbiComp 2004: The 2nd Inter'l Workshop on Ubiquitous Computing for Pervasive Healthcare Applications, London, UK, 2004.