Managing security and privacy in ubiquitous eHealth information interchange

Ubiquitous computing has the potential to significantly improve the quality of healthcare delivery by making relevant patient health history and vital signs readily available on-demand to caregivers. However, this promise of the ability to track electronic health information signals from distributed ubiquitous devices, conflicts with the security and privacy concerns that most people have regarding their personal information and medical history. While security and privacy concerns have been dealt with extensively in mainstream computing, there is need for new techniques and tools that can enable ubiquitous system designers in healthcare domains to build in appropriate levels of protection. Such techniques can help ensure that patient information is minimally but sufficiently available to different stakeholders in the care giving chain, and are useful in ubiquitous environments where traditional security mechanisms may be either impractical or insufficient. This paper presents a goal-centric and policy-driven framework for deriving security and privacy risk mitigation strategies in ubiquitous health information interchange. Specifically, we use scenario analysis and goal-oriented techniques to model security and privacy objectives, threats, and mitigation strategies in the form of safeguards or countermeasures. We demonstrate that traditional solutions are insufficient, while introducing the notion of purpose-driven security policies based on sensitivity meta-tags. We also show how administrative safeguards (such as those required by HIPAA rules) can be refined into intermediate specifications that can be analyzed more systematically. To validate the utility of our approach, we illustrate our major concepts using examples from ubiquitous emergency response scenarios.

[1]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[2]  Richard Harper Why do People Wear Active Badges , 1993 .

[3]  M. Weiser,et al.  Hot topics-ubiquitous computing , 1993 .

[4]  D. Brin The Transparent Society: Will Technology Force Us to Choose Between Privacy and Freedom? , 1998 .

[5]  Gaetano Borriello,et al.  Next century challenges: data-centric networking for invisible computing: the Portolano project at the University of Washington , 1999, MobiCom.

[6]  Gregory D. Abowd,et al.  Charting past, present, and future research in ubiquitous computing , 2000, TCHI.

[7]  Emil C. Lupu,et al.  The Ponder Policy Specification Language , 2001, POLICY.

[8]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[9]  Vincent M. Stanford,et al.  Pervasive Health Care Applications Face Tough Security Challenges , 2002, IEEE Pervasive Comput..

[10]  Emil C. Lupu,et al.  A Survey of Policy Specification Approaches , 2002 .

[11]  Jason Hong,et al.  Towards Everyday Privacy for Ubiquitous Computing , 2003 .

[12]  N. Winters Personal Privacy and Popular Ubiquitous Technology , 2004 .

[13]  Frank Stajano,et al.  Security for Ubiquitous Computing , 2002, ICISC.

[14]  James A. Landay,et al.  An architecture for privacy-sensitive ubiquitous computing , 2004, MobiSys '04.

[15]  William Yurcik,et al.  Threat Modeling as a Basis for Security Requirements , 2005 .

[16]  Sam Supakkul,et al.  Security threat modeling and analysis: A goal-oriented approach , 2006, ICSE 2006.

[17]  A Min Tjoa,et al.  Security aspects of ubiquitous computing in health care , 2006, Elektrotech. Informationstechnik.

[18]  Chris J. Mitchell,et al.  Ninja: Non Identity Based, Privacy Preserving Authentication for Ubiquitous Environments , 2007, UbiComp.

[19]  Sam Supakkul,et al.  A Model-driven Approach to Architecting Secure Software , 2007, SEKE.

[20]  Sandeep K. S. Gupta,et al.  Security solutions for pervasive healthcare , 2007 .

[21]  Julio Cesar Sampaio do Prado Leite,et al.  On Non-Functional Requirements in Software Engineering , 2009, Conceptual Modeling: Foundations and Applications.

[22]  Sam Supakkul,et al.  Extending Problem Frames to deal with stakeholder problems: An Agent- and Goal-Oriented Approach , 2009, SAC '09.

[23]  D. Richard Kuhn,et al.  Role-Based Access Controls , 2009, ArXiv.

[24]  Juan Carlos Augusto,et al.  Handbook of Ambient Intelligence and Smart Environments , 2009 .

[25]  Frank Stajano,et al.  Security Issues in Ubiquitous Computing , 2010, Handbook of Ambient Intelligence and Smart Environments.