Multidisciplinary cooperation of participating healthcare professionals, use of common standards in diagnostics, and clinical pathways in the treatment of vascular patients should provide for a higher-quality clinical practice. Using telemedicine, a more efficient way of obtaining specialist treatment is achievable. However, its introduction may raise safety and security issues, which originate from its enabling information technology. In this chapter, a model of patient-telemonitoring after revascularization procedures in the lower extremities is presented. A protocol for proper authentication and authorization to access medical equipment and patient medical records has been introduced. The associated clinical study has shown that most post-operative follow-up examinations can successfully be performed by trained nurses. Hence, improvements to healthcare logistics, mainly due to shortening waiting times for specialist treatment and the reduction of follow-up examinations on the secondary healthcare level, can be achieved using telemedicine.
Service oriented enterprise computing is an integration architectural style aimed to expose and consume coarse grained and fine grained modularization of business functionalities as services that are being deployed in the loosely coupled organizational environment. The web service is the implementation technology of service oriented architecture (SOA) where it is built on the existing networking and web interfacing standards as it has to use the web as a medium of communication and does not have any specialized in-built layer for security. The majority of the vendor security products in the market need specialized hardware/software components, eventually, they break the standards and principles of service oriented architecture. The traditional way of problem solving is not effective for developing security solutions for service oriented computing, as its boundaries keep expanding beyond a single organiza-tional environment due to the advent of communication and business technologies such as the Internet of Things (IoT), hyper-personalization, and edge computing. Hence, it is a mandatory entity in this digital age of enterprise computing to have a specialized authentication and authorization solution exclusively for addressing the existing security gaps in SOA in an adaptive way forward approach. In this paper, the security gaps in the existing Identity and Access Management (IDAM) solutions for service oriented enterprise computing are analyzed, and a novel intelligent security engine which is packed with extended authentication and authorization solution model for service consumption is presented. The authentication and authorization security requirements are considered as cross cutting concerns of SOA implementation and the solution is constructed as Aspect-Oriented Programming (AOP) advices, which enables the solution can be attached as a ‘plug & play’ component without changing the underlying source code of the service implementation. For Proof-of-Concept (PoC), the proposed authentication and authorization security model is tested in a large scale service oriented enterprise computing environment and the results have been analyzed statistically. It is evident from the results that the proposed security model addresses security issues comparatively better than existing security solutions.
Internet of Things (IoT) applications bring evolved and intelligent services that can help improve users’ daily lives. These applications include home automation, health care, and smart agriculture. However, IoT development and adoption face various security and privacy challenges that need to be overcome. As a promising security paradigm, context-aware security enables one to enforce security and privacy mechanisms adaptively. Moreover, with the advancements in edge computing, context-aware security services can dynamically be placed close to a user’s location and enable the support of low latency communication and mobility. Therefore, the design of an adaptive and decentralized access control mechanism becomes a necessity. In this paper, we propose a decentralized context-aware authorization management as a service based on the blockchain. The proposed architecture extends the Authentication and Authorization for Constrained Environments (ACE) framework with blockchain technology and context-awareness capabilities. Instead of a classic Open Authorization 2.0 (OAuth) access token, it uses a new contextual access token. The evaluation results show our proposition’s effectiveness and advantages in terms of usability, security, low latency, and energy consumption.
With increased vulnerabilities and vast technology landscapes, it is extremely critical to build systems which are highly resistant to cyber-attacks, to break into systems to exploit. It is almost impossible to build 100% secure authentication & authorization mechanisms merely through standard password / PIN (With all combinations of special characters, numbers & upper/lower case alphabets and by using any of the Graphical password mechanisms). The immense computing capacity and several hacking methods used, make almost every authentication method susceptible to cyber-attacks in one or the other way. Only proven / known system which is not vulnerable in spite of highly sophisticated computing power is, human brain. In this paper, we present a new method of authentication using a combination of computer’s computing ability in combination with human intelligence. In fact this human intelligence is personalized making the overall security method more secure. Text based passwords are easy to be cracked . There is an increased need for an alternate and more complex authentication and authorization methods. Some of the Methods   in the category of Graphical passwords could be susceptible, when Shoulder surfing/cameras/spy devices are used.
Internet of Things (IoT) applications and services are becoming more prevalent in our everyday life. However, such an interconnected network of intelligent physical entities needs appropriate security to sensitive information. That said, the need for proper authentication and authorization is paramount. Access control is in the front line of such mechanisms. Access control determines the use of resources only to the specified and authorized users based on appropriate policy enforcement. IoT demands more sophisticated access control in terms of its usability and efficiency in protecting sensitive information. This conveys the need for access control to serve system-specific requirements and be flexibly combined with other access control approaches. In this paper, we discuss the potential for employing protocol-based and hybrid access control for IoT systems and examine how that can overcome the limitations of traditional access control mechanisms. We also focus on the key benefits and constraints of this integration. Our work further enhances the need to build hierarchical access control for large-scale IoT systems (e.g., Industrial IoT (IIoT) settings) with protocol-based and hybrid access control approaches. We, moreover, list the associated open issues to make such approaches efficient for access control in large-scale IoT systems.
Objective. The objective was to develop and operate a cloud-based federated system for managing, analyzing and sharing patient data for research purposes, while allowing each resource sharing patient data to operate their component based upon their own governance rules. The federated system is called the Biomedical Research Hub (BRH).
Methods. The BRH is a cloud-based federated system built over a core set of software services called framework services. BRH framework services include authentication and authorization, services for generating and assessing FAIR data, and services for importing and exporting bulk clinical data. The BRH includes data resources providing data operated by different entities and workspaces that can access and analyze data from one or more of the data resources in the BRH.
Results. The BRH contains multiple data commons that in aggregate provide access to over 6 PB of research data from over 400,000 research participants.
Discussion and conclusion. With the growing acceptance of using public cloud computing platforms for biomedical research, and the growing use of opaque persistent digital identifiers for datasets, data objects, and other entities, there is now a foundation for systems that federate data from multiple independently operated data resources that expose FAIR APIs, each using a separate data model. Applications can be built that access data from one or more of the data resources.
Healthcare data is very sensitive as many healthcare organizations will be very reluctant to share health data. However, sharing the healthcare data is having many more uses for both the patients as well as the research institutions too. Moreover, the existing Electronic Healthcare Record (EHR) management system will be stored in the central database in the form of plaintext. Whenever the data needs to be accessed from the database, the users will be requesting the required EHRs. However, this mechanism possesses the several challenges such as single point of failure, takes more time for user identification, interoperability issues, data recoverability issues, lack of privacy and security. This paper mainly focuses on providing security for the healthcare data, which can be shared among the various health institutions. Authentication and authorization are provided by establishing multiple certification authorities on the permissioned healthcare blockchain network. In this proposed model data integrity is also achieved by the concept of hashing of the electronic health records rather than storing it directly onto the permissioned healthcare block chain network.
Because of the continued use of mobile, cloud and the internet of things, the possibility of data breaches is on the increase. A secure authentication and authorization strategy is a must for many of today’s applications. Authentication schemes based on knowledge and tokens, although widely used, lead to most security breaches. While providing various advantages, biometrics are also subject to security threats. Using multiple factors together for authentication provides more certainty about a user’s identity; thus, leading to a more reliable, effective and more difficult for an adversary to intrude. This study aims to propose a novel, secure and highly stable multi-factor one-time password (OTP) authentication solution for mobile environments, which uses all three authentication factors for user authentication.
The proposed authentication scheme is implemented as a challenge-response authentication where three factors (username, device number and fingerprint) are used as a secret key between the client and the server. The current scheme adopts application-based authentication and guarantees data confidentiality and improved security because of the integration of biometrics with other factors and each time new challenge value by the server to client for OTP generation.
The proposed authentication scheme is implemented on real android-based mobile devices, tested on real users; experimental results show that the proposed authentication scheme attains improved performance. Furthermore, usability evaluation proves that proposed authentication is effective, efficient and convenient for users in mobile environments.
The proposed authentication scheme can be adapted as an effective authentication scheme to accessing critical information using android smartphones.