Privacy Protection in Pervasive Healthcare Monitoring Systems with Active Bundles

The main problem in pervasive healthcare monitoring systems is protection of patient privacy without compromising their safety. Current solutions have two main limitations: (1) they require an extensive exchange of messages among patient's caregivers and devices in order to protect data, and (2) they depend on using data decryption keys that must be provided to specific caregivers. The second limitation compromises safety of patients who need urgent help while their ad hoc caregivers have no access to their health data (since they have no needed decryption keys). This paper proposes an approach for protecting privacy of patients based on active bundles. An active bundle encapsulates sensitive data, metadata, and a virtual machine. In healthcare monitoring systems, "sensitive data" are monitored health data. To avoid compromising of safety of patients who need urgent help, our approach does not depend on the use of decryption keys provided to specific caregivers (which is a commonly used approach). Instead, it combines the use of privacy policies and protection mechanisms included within active bundles, such as evaporation and apoptosis. In our approach, ad hoc caregivers are able to access urgently needed patients' data. Their authorizations are provided via privacy policies encapsulated in metadata of an active bundle including health data.

[1]  Wendy Angst Privacy safeguards in PHR adoption. , 2008, Health management technology.

[2]  Bharat K. Bhargava,et al.  An Entity-Centric Approach for Privacy and Identity Management in Cloud Computing , 2010, 2010 29th IEEE Symposium on Reliable Distributed Systems.

[3]  K. Venkatasubramanian,et al.  Ayushman: a secure, usable pervasive health monitoring system , 2008, HealthNet '08.

[4]  Leszek Lilien,et al.  Protecting Privacy of Sensitive Data Dissemination Using Active Bundles , 2009, 2009 World Congress on Privacy, Security, Trust and the Management of e-Business.

[5]  Leszek Lilien,et al.  Active bundles for protecting confidentiality of sensitive data throughout their lifecycle , 2010 .

[6]  Kevin Fu,et al.  Security and Privacy for Implantable Medical Devices , 2008, IEEE Pervasive Comput..

[7]  Klaus Wehrle,et al.  Security for pervasive healthcare , 2009, 2009 6th Annual International Mobile and Ubiquitous Systems: Networking & Services, MobiQuitous.

[8]  C. C. Maher Electrocardiography , 1938, The Indian Medical Gazette.

[9]  Kenneth P. Birman,et al.  Privacy enforcement for distributed healthcare queries , 2009, 2009 3rd International Conference on Pervasive Computing Technologies for Healthcare.