GEMSS: Privacy and Security for a Medical Grid

Summary Objectives: The GEMSS project is developing a secure Grid infrastructure through which six medical simulations services can be invoked. We examine the legal and security framework within which GEMSS operates. Methods: We provide a legal qualification to the operations performed upon patient data, in view of EU directive 95/46, when using medical applications on the GEMSS Grid. We identify appropriate measures to ensure security and describe the legal rationale behind our choice of security technology. Results: Our legal analysis demonstrates there must be an identified controller (typically a hospital) of patient data. The controller must then choose a processor (in this context a Grid service provider) that provides sufficient guarantees with respect to the security of their technical and organizational data processing procedures. These guarantees must ensure a level of security appropriate to the risks, with due regard to the state of the art and the cost of their implementation.Our security solutions are based on a public key infrastructure (PKI), transport level security and end-to-end security mechanisms in line with the web service (WS Security, WS Trust and SecureConversation) security specifications. Conclusion: The GEMSS infrastructure ensures a degree of protection of patient data that is appropriate for the health care sector, and is in line with the European directives. We hope that GEMSS will become synonymous with high security data processing, providing a framework by which GEMSS service providers can provide the security guarantees required by hospitals with regard to the processing of patient data.

Download Full-text

Evaluation of compliance of existing forest machine information systems for the implementation of the standard StanForD 2010

10.22616/rrd.26.2020.010 ◽

2020 ◽

Author(s):

Aigars Strubergs ◽

◽

Andis Lazdins ◽

Linards Sisenis ◽

◽

...

Keyword(s):

Information Systems ◽

Data Processing ◽

Control Agency ◽

Service Providers ◽

Reliable Information ◽

State Technical ◽

Private Forests ◽

Standard Work ◽

Technical Control ◽

The Cost

The aim of the study is to clarify the compliance of machinery information systems used by Latvian logging service providers with the requirements of the Forest Machine Data and Communications Standard StanForD 2010. For determining the number of logging machines and structure registered in Latvia, data from the State Technical Control Agency of Latvia (VTUA) has been used. This dataset includes 2094 registered machinery units from which 1663 units recorded as harvesters and forwarders are distributed for data processing. Using the national AS Latvian State Forests (LSF) database, where 541 machinery units have been recorded, of which 239 harvesters and 302 forwarders, it is determined what and how many machines already use the standard StanForD 2010, how many machines can implement it and which machines are not suitable for the implementation of StanForD 2010. The study showed that the VTUA register does not fully reflect the true quantity of harvesting machines in Latvia and does not provide information about the use of machines. The LSF data provide reliable information on the possibilities of using StanForD 2010 in harvesters in national forests. From the harvesters working in the country’s forests, 52% of the machines uses the StanForD 2010 standard. Work should be continued to clarify the possible use of the standard in the machines working in private forests. Similarly, work should be continued with dealers of harvesting machines to identify models for which it is possible to adjust the StanForD 2010 standard and what the cost of adapting the indicative information systems is.

Download Full-text

A Tale of Two Trees: One Writes, and Other Reads

Proceedings on Privacy Enhancing Technologies ◽

10.2478/popets-2020-0039 ◽

2020 ◽

Vol 2020 (2) ◽

pp. 519-536

Author(s):

Duc V. Le ◽

Lizzy Tengana Hurtado ◽

Adil Ahmad ◽

Mohsen Minaei ◽

Byoungyoung Lee ◽

...

Keyword(s):

Random Access ◽

Malicious Nodes ◽

Privacy And Security ◽

Trusted Hardware ◽

Security Guarantees ◽

Access Patterns ◽

The Cost ◽

Financial Transactions ◽

Personal Devices ◽

Trusted Execution Environment

AbstractThe Bitcoin network has offered a new way of securely performing financial transactions over the insecure network. Nevertheless, this ability comes with the cost of storing a large (distributed) ledger, which has become unsuitable for personal devices of any kind. Although the simplified payment verification (SPV) clients can address this storage issue, a Bitcoin SPV client has to rely on other Bitcoin nodes to obtain its transaction history and the current approaches offer no privacy guarantees to the SPV clients.This work presents T3, a trusted hardware-secured Bitcoin full client that supports efficient oblivious search/update for Bitcoin SPV clients without sacrificing the privacy of the clients. In this design, we leverage the trusted execution and attestation capabilities of a trusted execution environment (TEE) and the ability to hide access patterns of oblivious random access machine (ORAM) to protect SPV clients’ requests from potentially malicious nodes. The key novelty of T3 lies in the optimizations introduced to conventional ORAM, tailored for expected SPV client usages. In particular, by making a natural assumption about the access patterns of SPV clients, we are able to propose a two-tree ORAM construction that overcomes the concurrency limitation associated with traditional ORAMs. We have implemented and tested our system using the current Bitcoin Unspent Transaction Output (UTXO) Set. Our experiment shows that T3 is feasible to be deployed in practice while providing strong privacy and security guarantees to Bitcoin SPV clients.

Download Full-text

Data-driven sector coupling in 5G-based smart networks

Competition and Regulation in Network Industries ◽

10.1177/1783591721992762 ◽

2021 ◽

Vol 22 (1) ◽

pp. 53-68

Author(s):

Guenter Knieps

Keyword(s):

Data Privacy ◽

Service Providers ◽

Policy Implications ◽

Network Industries ◽

5G Networks ◽

Privacy And Security ◽

Open Set ◽

Application Service ◽

Downstream Application

5G attains the role of a GPT for an open set of downstream IoT applications in various network industries and within the app economy more generally. Traditionally, sector coupling has been a rather narrow concept focusing on the horizontal synergies of urban system integration in terms of transport, energy, and waste systems, or else the creation of new intermodal markets. The transition toward 5G has fundamentally changed the framing of sector coupling in network industries by underscoring the relevance of differentiating between horizontal and vertical sector coupling. Due to the fixed mobile convergence and the large open set of complementary use cases, 5G has taken on the characteristics of a generalized purpose technology (GPT) in its role as the enabler of a large variety of smart network applications. Due to this vertical relationship, characterized by pervasiveness and innovational complementarities between upstream 5G networks and downstream application sectors, vertical sector coupling between the provider of an upstream GPT and different downstream application industries has acquired particular relevance. In contrast to horizontal sector coupling among different application sectors, the driver of vertical sector coupling is that each of the heterogeneous application sectors requires a critical input from the upstream 5G network provider and combines this with its own downstream technology. Of particular relevance for vertical sector coupling are the innovational complementarities between upstream GPT and downstream application sectors. The focus on vertical sector coupling also has important policy implications. Although the evolution of 5G networks strongly depends on the entrepreneurial, market-driven activities of broadband network operators and application service providers, the future of 5G as a GPT is heavily contingent on the role of frequency management authorities and European regulatory policy with regard to data privacy and security regulations.

Download Full-text

Comparison of LPWAN Technologies: Cost Structure and Scalability

Wireless Personal Communications ◽

10.1007/s11277-021-08664-0 ◽

2021 ◽

Author(s):

Mohammad Istiak Hossain ◽

Jan I. Markendahl

Keyword(s):

Communication Technology ◽

Service Providers ◽

Communication Technologies ◽

Cost Structure ◽

Small Scale ◽

Area Network ◽

Wide Area Network ◽

Generic Framework ◽

Cost Efficient ◽

The Cost

AbstractSmall-scale commercial rollouts of Cellular-IoT (C-IoT) networks have started globally since last year. However, among the plethora of low power wide area network (LPWAN) technologies, the cost-effectiveness of C-IoT is not certain for IoT service providers, small and greenfield operators. Today, there is no known public framework for the feasibility analysis of IoT communication technologies. Hence, this paper first presents a generic framework to assess the cost structure of cellular and non-cellular LPWAN technologies. Then, we applied the framework in eight deployment scenarios to analyze the prospect of LPWAN technologies like Sigfox, LoRaWAN, NB-IoT, LTE-M, and EC-GSM. We consider the inter-technology interference impact on LoRaWAN and Sigfox scalability. Our results validate that a large rollout with a single technology is not cost-efficient. Also, our analysis suggests the rollout possibility of an IoT communication Technology may not be linear to cost-efficiency.

Download Full-text

Cost of groundwater protection: major groundwater basin protection zones in Poland

International Environmental Agreements Politics Law and Economics ◽

10.1007/s10784-021-09525-8 ◽

2021 ◽

Author(s):

Ewa Krogulec ◽

Jacek Gurwin ◽

Mirosław Wąsik

Keyword(s):

Urban Areas ◽

Groundwater Protection ◽

Social Economy ◽

Land Development ◽

Cost Benefit ◽

Legal Framework ◽

Legal Analysis ◽

Protection Zones ◽

Groundwater Basins ◽

The Cost

AbstractThis paper describes the complex hydrogeological, legal framework and socioeconomic costs of the groundwater protection in major groundwater basins (MGBs) in Poland in accordance with European directives. The hydrogeological criteria developed in Poland for establishing MGBs and the principles of their protection provide more details to the directives that are in force in Europe, which define the general principles for groundwater protection. The procedure of establishing MGB protection zones is connected with a change in local plans and land development and requires an analysis of the cost–benefit relationship in the sphere of social economy in the sector of public economics. The cost assessment was performed on the basis of data from hydrogeological documentations, and the aggregation of subareas to which the same existing and planned development can be attributed. A legal analysis of bans, orders and restrictions together with the identification of the risk of claims in specific hydrogeological and development conditions was a fundamental issue of research. These costs depend on the acreage and land use of the protected area. The unit costs of MGB protection, calculated per 1 km2 of the protection area, for six sample basins were estimated at €120 to €208,000/2 years/1 km2. The highest costs are generated by establishing protection in urban areas, while the lowest costs are generated in forest areas.

Download Full-text

Design and Development of a Low Cost Personal Computer Based ECG Monitor

Bangladesh Journal of Medical Physics ◽

10.3329/bjmp.v4i1.14701 ◽

2013 ◽

Vol 4 (1) ◽

pp. 115-125 ◽

Cited By ~ 1

Author(s):

K Siddique-e Rabbani ◽

A Raihan Abir ◽

AKM Bodiuzzaman

Keyword(s):

Service Providers ◽

Human Subjects ◽

Medical Physics ◽

Low Cost ◽

Large Population ◽

Telemedicine System ◽

The Rich ◽

Safety Features ◽

The Third World ◽

The Cost

ECG equipment is vital for diagnosis of cardiac problems. However, such equipment come from the rich Western countries at a huge cost in both procurement and maintenance, and therefore cannot offer services to a large population in the Third World countries. The only solution is to design and develop such equipment in individual countries by developing local expertise. With three decades of experience, the Dhaka University group has taken a step towards developing prototypes of ECG equipment for dissemination to the healthcare service providers. This paper presents the detailed design of an PC based ECG equipment where optimized choice of components and of the design have been made keeping the cost and maintenance in view, but not sacrificing the quality, and incorporating necessary safety features to protect the patient from known hazards. Both the hardware and the software have been developed locally and are detailed in this paper. Outputs obtained from human subjects are shown which are of reasonable good quality, and have been verified using standard ECG equipment. The PC based ECG system will allow digital post processing of signals for improved diagnosis through software. Besides, this can also become part of a nationwide telemedicine system. DOI: http://dx.doi.org/10.3329/bjmp.v4i1.14701 Bangladesh Journal of Medical Physics Vol.4 No.1 2011 115-125

Download Full-text

Privacy and Security Issues in Online Social Networks

Future Internet ◽

10.3390/fi10120114 ◽

2018 ◽

Vol 10 (12) ◽

pp. 114 ◽

Cited By ~ 14

Author(s):

Shaukat Ali ◽

Naveed Islam ◽

Azhar Rauf ◽

Ikram Din ◽

Mohsen Guizani ◽

...

Keyword(s):

Social Networks ◽

Online Social Networks ◽

Virtual Communities ◽

Service Providers ◽

Security And Privacy ◽

Security Issue ◽

Sensitive Data ◽

Privacy And Security ◽

Security Issues ◽

Social Sphere

The advent of online social networks (OSN) has transformed a common passive reader into a content contributor. It has allowed users to share information and exchange opinions, and also express themselves in online virtual communities to interact with other users of similar interests. However, OSN have turned the social sphere of users into the commercial sphere. This should create a privacy and security issue for OSN users. OSN service providers collect the private and sensitive data of their customers that can be misused by data collectors, third parties, or by unauthorized users. In this paper, common security and privacy issues are explained along with recommendations to OSN users to protect themselves from these issues whenever they use social media.

Download Full-text

Continuous K Nearest Neighbor Query Scheme with Privacy and Security Guarantees in Road Networks

2018 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI) ◽

10.1109/smartworld.2018.00153 ◽

2018 ◽

Author(s):

Changli Zhou ◽

Tian Wang ◽

Hui Tian ◽

Wenxian Jiang

Keyword(s):

Nearest Neighbor ◽

Road Networks ◽

K Nearest Neighbor ◽

Privacy And Security ◽

Nearest Neighbor Query ◽

Security Guarantees

Download Full-text

Examining Cross-Industry Collaboration in Sharing Economy Based On Social Exchange and Social Network Theories

10.47260/amae/1062 ◽

2020 ◽

pp. 29-41

Author(s):

Cheng-Wen Lee ◽

Hao-Yuan Yu

Keyword(s):

Content Analysis ◽

Social Network ◽

Social Exchange ◽

Service Providers ◽

Secondary Data ◽

Sharing Economy ◽

Jel Classification ◽

Industry Collaboration ◽

Multiple Case ◽

The Cost

Information technology and advanced online environments have reduced the cost of these exchange activities and triggered the emergence of the sharing economy. Con-sequently, public attitude toward the sharing economy has gradually shifted from re-luctance to acceptance. Moreover, the sharing economy has revolutionized the busi-ness models and viewpoints of conventional industries, and sharing service providers have gradually shifted from an independent to a collaborative stance, thereby affect-ing conventional economies. This study interprets the phenomenon of cross-industry collaboration in the sharing economy through social exchange and social network the-ories. A multiple-case research framework is used to examine tourism and service in-dustries. Secondary data of service providers and users on sharing platforms are ana-lyzed using content analysis, supplemented with a content analysis of the interview data of three hotel executives. The varying phenomena of the conventional and shar-ing economies on social exchange and social network were compared. Finally, this paper proposes conclusions and practical recommendations according to the analytical results. JEL classification numbers: D85, M31, L14. Keywords: Cross-Industry Collaboration, Sharing Economy, Social Exchange, Social Network.

Download Full-text

Perceived Knowledge of Scheme Members and Their Satisfaction with Their Medical Schemes: A Cross-Sectional Study in South Africa.

10.21203/rs.3.rs-951531/v1 ◽

2021 ◽

Author(s):

Francis M’bouaffou ◽

Eric Buch ◽

Evelyn Thsehla ◽

Steve Olorunju

Keyword(s):

South Africa ◽

Service Providers ◽

Primary Source ◽

Cross Sectional Study ◽

Cross Sectional Survey ◽

Perceived Knowledge ◽

Cross Sectional ◽

Perceived Satisfaction ◽

Private And Public ◽

The Cost

Abstract Background: South Africa has a dual healthcare system comprised of private and public sectors covering 16% and 84% of the population, respectively. Medical schemes are the primary source of health insurance in the private sector. The aim of this study was to assess the perceived knowledge and satisfaction of open medical schemes members. Methods: A cross-sectional survey was conducted using a stratified systematic sample of members from 22 open medical schemes. Nine hundred and sixty members were requested to complete an online semi-structured questionnaire to determine their perceived knowledge and satisfaction with their schemes. We tested to see if variables such as age, gender, years of membership, education, income or having a chronic disease were associated with better-perceived knowledge or satisfaction. We calculated a composite perceived knowledge and satisfaction score, for which a score above 60th percentile for perceived knowledge and 60th for perceived satisfaction were considered good perceived knowledge and good perceived satisfaction with their schemes.Results: Respondents, generally perceived themselves to have good knowledge and were satisfied with their schemes except for accessibility to doctors under the designated service providers arrangement. Overall, members were satisfied, especially with the quality of service from their designated service providers (DSPs) and their schemes. However, only 9% were satisfied with accessibility to doctors under their DSP arrangement, 25% were satisfied with the cost of scheme membership and only 46% were satisfied with the prescribed minimum benefit package. The test for association showed that years of medical schemes membership, perceived knowledge of the prescribed minimum benefits, better income and laying a complaint were associated with better-perceived knowledge. Conclusion: Medical schemes remain a key element of private healthcare in South Africa. The analysis shows that medical schemes, should put more effort into the accessibility of general practitioner under their designated service providers. Furthermore, the PMBS should be reviewed to provide a comprehensive benefits basket without co-payment for members as recommended by the Medical Schemes Act Amendment Bill of 2018.

Download Full-text