• Journal of Convergence for Information Technology
• /
• v.9 no.9
• /
• pp.27-32
• /
• 2019

Along with the growth of u-Healthcare, we propose a security enhancement based on network separation for CloudHIS with for handling healthcare information to cope with cyber attack. To protect against all security threats and to establish clear data security policies, we apply desktop computing servers to cloud computing services for CloudHIS. Use two PCs with a hypervisor architecture to apply physical network isolation and select the network using KVM switched controller. The other is a logical network separation using one PC with two OSs, but the network is divided through virtualization. Physical network separation is the physical connection of a PC to each network to block the access path from both the Internet and the business network. The proposed system is an independent desktop used to access an intranet or the Internet through server virtualization technology on a user's physical desktop computer. We can implement an adaptive solution to prevent hacking by configuring the CloudHIS, a cloud system that handles medical hospital information, through network separation for handling security enhancement.

• International journal of advanced smart convergence
• /
• v.5 no.1
• /
• pp.1-7
• /
• 2016

Recently, introduced a cloud computing technology to the IT industry, smart phones, it has become possible connection between mobility terminal such as a tablet PC. For dissemination and popularization of movable wireless terminal, the same operation have focused on a viable mobile cloud in various terminal. Also, it evolved Wireless Sensor Network(WSN) technology, utilizing a Body Sensor Network(BSN), which research is underway to build large Ubiquitous Sensor Network(USN). BSN is based on large-scale sensor networks, it integrates the state information of the patient's body, it has been the need to build a managed system. Also, by transferring the acquired sensor information to HIS(Hospital Information System), there is a need to frequently monitor the condition of the patient. Therefore, In this paper, possible sensor information exchange between terminals in a mobile cloud environment, by integrating the data obtained by the body sensor HIS and interoperable data DBaaS (DataBase as a Service) it will provide a base of mBodyCloud System. Therefore, to provide an integrated protocol to include the sensor data to a standard HL7(Health Level7) medical information data.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.79-87
• /
• 2023

Precision Medicine, which utilizes personal health information, genetic information, clinical information, etc., is growing as the next-generation medical industry. In Korea, medical institutions and information communication companies have coll aborated to provide cloud-based Precision Medicine Hospital Information Systems (P-HIS) to about 90 primary medical ins titutions over the past five years, and plan to continue promoting and expanding it to primary and secondary medical insti tutions for the next four years. Precision medicine is directly related to human health and life, making information protecti on and healthcare information protection very important. Therefore, this paper analyzes the preliminary research on inform ation protection models that can be utilized in cloud-based Precision Medicine Hospital Information Systems and ultimately proposes research on ways to improve information protection in P-HIS.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.455-472
• /
• 2020

As a user in modern societies with the rapid growth of Internet environment and more complicated business flow processes in order to be effective at work and accomplish things on time when the manager of the company went for a business trip, he/she need to delegate his/her signing authorities to someone such that, the delegatee can act as a manager and sign a message on his/her behalf. In order to make the delegation process more secure and authentic, we proposed a secure and efficient identity-based proxy signcryption in cloud data sharing (SE-IDPSC-CS), which provides a secure privilege delegation mechanism for a person to delegate his/her signcryption privilege to his/her proxy agent. Our scheme allows the manager of the company to delegate his/her signcryption privilege to his/her proxy agent and the proxy agent can act as a manager and generate signcrypted messages on his/her behalf using special information called "proxy key". Then, the proxy agent uploads the signcrypted ciphertext to a cloud service provider (CSP) which can only be downloaded, decrypted and verified by an authorized user at any time from any place through the Internet. Finally, the security analysis and experiment result determine that the proposed scheme outperforms previous works in terms of functionalities and computational time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2394-2406
• /
• 2016

ABE has become an effective tool for data protection in cloud computing. However, since users possessing the same attributes share the same private keys, there exist some malicious users exposing their private keys deliberately for illegal data sharing without being detected, which will threaten the security of the cloud system. Such issues remain in many current ABE schemes since the private keys are rarely associated with any user specific identifiers. In order to achieve user accountability as well as provide key exposure protection, in this paper, we propose a key-insulated ciphertext policy attribute based encryption with key exposure accountability (KI-CPABE-KEA). In our scheme, data receiver can decrypt the ciphertext if the attributes he owns match with the self-centric policy which is set by the data owner. Besides, a unique identifier is embedded into each user's private key. If a malicious user exposes his private key for illegal data sharing, his identity can be exactly pinpointed by system manager. The key-insulation mechanism guarantees forward and backward security when key exposure happens as well as provides efficient key updating for users in the cloud system. The higher efficiency with proved security make our KI-CPABE-KEA more appropriate for secure data sharing in cloud computing.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.5
• /
• pp.27-35
• /
• 2014

The characteristics of today's health care industry, based on the state of the art IT can be represented as a paradigm of human-oriented ubiquitous and accessible as possible by U-Health care. In addition, the healthcare industry is information and communication technologies (ICT) developments regarding the many advances and applications based on the research being carried out actively. Medical information system has been developed toward combining information systems of medical IT and it sets its sights on the fusion of developed IT and u-healthcare system. So changing distributed medical information systems into a safe PHR integrated system based on IaaS cloud computing is suggested in order to forge u-healthcare system with the times in this paper. Our experimental results show that our proposed system increased the data access time by about 24% and reduces the waiting time for processing service by about 4.3% over the web-based PHR.

• The Journal of Society for e-Business Studies
• /
• v.20 no.3
• /
• pp.89-112
• /
• 2015

Recently, the business environment of healthcare has changed rapidly due to the entering the mobile era, the intensifying global competition, and the explosion of healthcare needs. Despite of necessity in expanding new IT-based medical services and investing IT resources to respond environmental changes, the small and medium sized hospitals could not realize these requirements due to the limited management resources. CHISSMH is designed and presented in this research to provide high valued clouding medical services with reasonable price. CHISMH is designed and presented in this research to provide high valued medical services with reasonable price through cloud computing. CHISME is designed to maximize resource pooling and sharing through the visualization. By doing so, Cloud Service provider could minimize maintenance cost of cloud data center, provide high level services with reasonable pay-per-use price. By doing so, Cloud Service provider could minimize maintenance cost of cloud data center, and could provide high level services with reasonable pay-per-use price. CHISME is expected to be base framework of cloud HIS services and be diffusion factor of cloud HIS services Operational experience in CHISSMH with 15 hospitals is analyzed and presented as well.

• Journal of Internet Computing and Services
• /
• v.11 no.3
• /
• pp.121-129
• /
• 2010

In recent years, Cloud computing is gaining much popularity as it can efficiently utilize the computing resources and hence can contribute to the issue of green IT. So to make the Cloud services commercialized, Cloud markets are necessary and are being developed. As the increasing numbers of various Cloud services are rapidly evolving in the Cloud market, how to select the best and optimal services will be a great challenge. In this paper we present a Cloud service selection framework in the Cloud market that uses a recommender system (RS) which helps a user to select the best services from different Cloud providers (CP) that matches his/her requirements. The RS recommends a service based on the QoS and Virtual Machine (VM) factors of difference CPs. The experimental results show that our Cloud service recommender system (CSRS) can effectively recommend a good combination of Cloud services to consumers.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.507-510
• /
• 2013

Cloud computing is an emerging technology, which allows the user to fulfill his needs by outsourcing the resources. With the passage of time, cloud computing has become an essential part of our lives. But it still requires some sort of standardization, specially in terms of user's trust, privacy, and security related things. This study presents different types of cloud computing services and their working domains along with some key virtualization related issues that are encountered by the cloud service provider as well as the user. Those key issues, related with virtual network are discussed in this paper. This study provides a basis to work further on those issues, so that the key concerns are addressed as soon as possible and cloud computing could become standardized and more prevalent.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.12B
• /
• pp.1498-1508
• /
• 2011

A cloud service customer has no other way but to wait for his lost data to be recovered by the cloud service provider when the data was lost or not accessible for a while due to the provider's system failure, cracking attempt, malfunction, or outage. We consider a solution to address this problem that can be implemented in the cloud client's domain, rather than in the cloud service provider's domain. We propose a high level architecture and scheme for successfully retrieving data units even when several cloud storages are not accessible at the same time. The scheme is based on a clever way of partitioning and partial overlapping of data for being stored on multiple cloud storages. In addition to providing a high level of data availability, the scheme makes it possible to re-encrypt data units with new keys in a user transparent way, and can produce the complete log of every user's data units accessed, for assessing data disclosure, if needed.