TY - JOUR
T1 - A new security model using multilayer approach for E-health services
AU - Sulaiman, Rossilawati
AU - SHARMA, Dharmendra
AU - MA, Wanli
AU - TRAN, Dat
PY - 2011
Y1 - 2011
N2 - Problem statement: Delivering services online is important in e-health. Services that are delivered through online communications between engaging parties, often involve sensitive information transmitted over the Internet. However, while the Internet successfully facilitates these services, significant threats also come in parallel. Network attacks, information breaches and malicious software on a computer system are common threats to the Internet. These threats can cause severe damage to computer systems and also the information. As we study current security technologies particularly that provide security to online communications, we found out that these technologies do not cater for different kinds of security needs because of the rigid way the security mechanisms are constructed. Therefore, we are interested in developing a security model that facilitates these needs, specifically in e-health. Approach: First, the area where different security requirements are needed are explored, such as the information classification found in ISO17799. This classification is based on the sensitivity levels of the information, where the more sensitive information requires higher security measures compared to the less sensitive information. Then, the information classification is applied to the e-health environment, so that our security model can handle the security processes for each classification. Results: The multilayer communication approach or MLC is the proposed security model. MLC classifies communications in e-health into five categories: Layer 1 to Layer 5 representing extremely sensitive, highly sensitive, medium sensitive, low sensitive and no sensitive data. This classification refers to the different sensitivity of the information exchanged during communications. For example, Extremely Sensitive communication involves exchanging extremely sensitive information, which requires highest security mechanisms, while Low Sensitive communication requires lower security mechanism. Conclusion: MLC provides five different types of security needs, where users can flexibly choose their own security preferences for their online communications, which the current technologies are lacking. © 2011 Science Publications.
AB - Problem statement: Delivering services online is important in e-health. Services that are delivered through online communications between engaging parties, often involve sensitive information transmitted over the Internet. However, while the Internet successfully facilitates these services, significant threats also come in parallel. Network attacks, information breaches and malicious software on a computer system are common threats to the Internet. These threats can cause severe damage to computer systems and also the information. As we study current security technologies particularly that provide security to online communications, we found out that these technologies do not cater for different kinds of security needs because of the rigid way the security mechanisms are constructed. Therefore, we are interested in developing a security model that facilitates these needs, specifically in e-health. Approach: First, the area where different security requirements are needed are explored, such as the information classification found in ISO17799. This classification is based on the sensitivity levels of the information, where the more sensitive information requires higher security measures compared to the less sensitive information. Then, the information classification is applied to the e-health environment, so that our security model can handle the security processes for each classification. Results: The multilayer communication approach or MLC is the proposed security model. MLC classifies communications in e-health into five categories: Layer 1 to Layer 5 representing extremely sensitive, highly sensitive, medium sensitive, low sensitive and no sensitive data. This classification refers to the different sensitivity of the information exchanged during communications. For example, Extremely Sensitive communication involves exchanging extremely sensitive information, which requires highest security mechanisms, while Low Sensitive communication requires lower security mechanism. Conclusion: MLC provides five different types of security needs, where users can flexibly choose their own security preferences for their online communications, which the current technologies are lacking. © 2011 Science Publications.
U2 - 10.3844/jcssp.2011.1691.1703
DO - 10.3844/jcssp.2011.1691.1703
M3 - Article
SN - 1549-3636
VL - 7
SP - 1691
EP - 1703
JO - Journal of Computer Science
JF - Journal of Computer Science
IS - 11
ER -