• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.151-163
• /
• 2019

As smart devices and communication technologies have developed rapidly, the healthcare industry in the globe is seeing remarkable issues on medical security. At the same time, personal medical records are being shared in the network, which would raise the risk of information security. This thesis aims to develop the curriculum to raise the awareness of information security among workers in medical institutions by referring to NCS(National Competency Standards) International standards, medical institutions' requirements and educational institutions' curriculums on information security based on proven results from medical devices and systems introduced in the public health centers, territorial branches, community health posts and primary, secondary, tertiary hospitals. Thus, this thesis offers the method to improve information security in healthcare institutions through validation testing conducted by medical practitioners and ICT experts.

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.35-41
• /
• 2013

What is an alternative to medical information security of medical information more secure preservation and safety of various types of security threats should be taken, starting from the software design. Interspersed with medical information systems medical information to be able to integrate the real-time exchange of medical information must be reliable data communication. The software architecture design of medical information systems and sharing of medical information security issues and communication phase allows the user to identify the requirements reflected in the software design. Software framework design, message standard design, design a web-based inter-process communication procedures, access control algorithm design, architecture, writing descriptions, evaluation of various will procedure the establishing architecture. The initial decision is a software architecture design, development, testing, maintenance, ongoing impact. In addition, the project will be based on the decision in detail. Medical information security method based on the design software architecture of today's medical information security has become an important task of the framework will be able to provide.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.10
• /
• pp.185-195
• /
• 2014

In this paper, we designed a role-based emergency medical information security system REMISS added the security concept to the existing emergency medical information system. Also we suggested a REMISS protocol based on HL7 for using the emergency medical information and the security information. The procedure of security consists of user authentication phase and role/permission assign phase in the REMISS. The REMISS can supply proper security service since the REMISS assign proper permissions to each users of emergency medical information system and allow the user to access the permitted emergency medical information by using security information of the REMISS. There are some advantages that REMISS can adapt to the changing of the role of each user by dynamic exchanging the security information and assigning permissions to each user.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.25-32
• /
• 2006

MIR system is a nationwide medical record information system that makes medical information available to any hospital and health institution at any time, and information in the system mostly requires high security. In particular, personal information related to patients and doctors, medical technology information and each hospital's digital information are used very frequently and are likely to be modified for illegal use. Thus we need to develop a system equipped with security measures to prevent information leakage while providing medical information service effectively.

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.77-83
• /
• 2011

In addition to the rapid development of health information technology services for the development of new medical information, a lot of research is underway. Improve health care services for patients are many ways to help them. However, no information about the security, if only the technology advances in health care systems will create an element of risk and threat. Today's issues and access issues are stable over a public network. Ad hocsensor network using secure, non-integrated health information system's security vulnerabilities does not solve the security vulnerabilities. In the development and utilization of health information systems to be subject to greater restrictions. Different security policies in an environment with a medical information system security policy mechanism that can be resolved if people get here are needed. Context-aware and flexible policy of integration and confidential medical information through the resistance should be guaranteed. Other cross-domain access control policy for telecommunications should be protected. In this paper, that the caller's medical information system, diversification, diversification Security agent in the environment, architecture, design, plan, role-based security system are proposed. The proposed system architecture, design work in the field and in the utilization of one model are expected to be.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.11
• /
• pp.2683-2688
• /
• 2015

Internet of Things(IoT) using a variety of technologies in combination provides a convenient, elevated range of services to users. IoT has been noted in combining the fields of medical service in particular. However, with the advent and growing of IoT, the more medical services are evolving, security problems caused by leakage of personal health information will become more serious. U-Health and medical devices, which deal mainly the personal health information, is required to a high level of privacy and security of health information. Therefore, the introduction of the IoT in the healthcare industry requires the medical information security as a prerequisite. This study analyzes security status and trend of IoT, personal medical information leakage cases, the health information protection measures in accordance with the life cycle of medical information, and the standardized protection technologies.

• Convergence Security Journal
• /
• v.11 no.3
• /
• pp.91-98
• /
• 2011

Medical information system based on ad hoc network designed for general information systems and information networks have different security requirements. Malicious code infiltration and security features are performed on same medical information network architecture along the route. Security domain of medical information systems is the ground of penetration and defense performed over the network architecture and it is also the traffic handling areas separated by a concept of differentiated group. Ad hoc-based medical information systems in the network security domain, set some standards about what should be the methodology of this study. In this paper, medical information system network configuration, the determining factor based on the security domain, the structure selection criteria and blocking positionings are presented according to the traffic route configuration. If you apply this methodology designed to increase security, efficiency can be possible. Health information systems in accordance with the security domain areas requires differentiated protection needs of the security mechanism that is proposed by this study.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.10a
• /
• pp.973-976
• /
• 2015

Inernet of Things(IoT) is interaction with each other, collecting, sharing, and analysing the data. IoT has been noted in combining the fields of medical service in particular. However, the security issue is caused, while IoT is receiving attention. U-Health and medical devices, which deal mainly the personal health information, is required to a high level of privacy and security of health information. This study analyzes cases of leakage of personal medical information, security of IoT, privacy flow, and the response strategies.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.79-87
• /
• 2023

Precision Medicine, which utilizes personal health information, genetic information, clinical information, etc., is growing as the next-generation medical industry. In Korea, medical institutions and information communication companies have coll aborated to provide cloud-based Precision Medicine Hospital Information Systems (P-HIS) to about 90 primary medical ins titutions over the past five years, and plan to continue promoting and expanding it to primary and secondary medical insti tutions for the next four years. Precision medicine is directly related to human health and life, making information protecti on and healthcare information protection very important. Therefore, this paper analyzes the preliminary research on inform ation protection models that can be utilized in cloud-based Precision Medicine Hospital Information Systems and ultimately proposes research on ways to improve information protection in P-HIS.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.2
• /
• pp.59-65
• /
• 2012

Emergency medical information center performs role of medical direction about disease consult and pre-hospital emergency handling scheme work to people. Emergency medical information system plays a major role to be decreased mortality and disability of emergency patient by providing information of medical institution especially when emergency patient has appeared. But, various attacks as a hacking have been happened in Emergency medical information system recently. In this paper, we proposed security structure which can protect the system securely by detecting attacks from outside effectively. Intrusion detection was performed using rule based detection technique according to protocol for every packet to detect attack and intrusion was reported to control center if intrusion was detected also. Intrusion detection was performed again using decision tree for packet which intrusion detection was not done. We experimented effectiveness using attacks as TCP-SYN, UDP flooding and ICMP flooding for proposed security structure in this paper.