A new security model using multilayer approach for E-health services

Rossilawati Sulaiman, Dharmendra SHARMA, Wanli MA, Dat TRAN

    Research output: Contribution to journalArticle

    2 Citations (Scopus)

    Abstract

    Problem statement: Delivering services online is important in e-health. Services that are delivered through online communications between engaging parties, often involve sensitive information transmitted over the Internet. However, while the Internet successfully facilitates these services, significant threats also come in parallel. Network attacks, information breaches and malicious software on a computer system are common threats to the Internet. These threats can cause severe damage to computer systems and also the information. As we study current security technologies particularly that provide security to online communications, we found out that these technologies do not cater for different kinds of security needs because of the rigid way the security mechanisms are constructed. Therefore, we are interested in developing a security model that facilitates these needs, specifically in e-health. Approach: First, the area where different security requirements are needed are explored, such as the information classification found in ISO17799. This classification is based on the sensitivity levels of the information, where the more sensitive information requires higher security measures compared to the less sensitive information. Then, the information classification is applied to the e-health environment, so that our security model can handle the security processes for each classification. Results: The multilayer communication approach or MLC is the proposed security model. MLC classifies communications in e-health into five categories: Layer 1 to Layer 5 representing extremely sensitive, highly sensitive, medium sensitive, low sensitive and no sensitive data. This classification refers to the different sensitivity of the information exchanged during communications. For example, Extremely Sensitive communication involves exchanging extremely sensitive information, which requires highest security mechanisms, while Low Sensitive communication requires lower security mechanism. Conclusion: MLC provides five different types of security needs, where users can flexibly choose their own security preferences for their online communications, which the current technologies are lacking. © 2011 Science Publications.
    Original languageEnglish
    Pages (from-to)1691-1703
    Number of pages13
    JournalJournal of Computer Science
    Volume7
    Issue number11
    DOIs
    Publication statusPublished - 2011

    Fingerprint

    Multilayers
    Health
    Communication
    Internet
    Computer systems

    Cite this

    @article{bd728c713e824fcdaa36c50694b0e437,
    title = "A new security model using multilayer approach for E-health services",
    abstract = "Problem statement: Delivering services online is important in e-health. Services that are delivered through online communications between engaging parties, often involve sensitive information transmitted over the Internet. However, while the Internet successfully facilitates these services, significant threats also come in parallel. Network attacks, information breaches and malicious software on a computer system are common threats to the Internet. These threats can cause severe damage to computer systems and also the information. As we study current security technologies particularly that provide security to online communications, we found out that these technologies do not cater for different kinds of security needs because of the rigid way the security mechanisms are constructed. Therefore, we are interested in developing a security model that facilitates these needs, specifically in e-health. Approach: First, the area where different security requirements are needed are explored, such as the information classification found in ISO17799. This classification is based on the sensitivity levels of the information, where the more sensitive information requires higher security measures compared to the less sensitive information. Then, the information classification is applied to the e-health environment, so that our security model can handle the security processes for each classification. Results: The multilayer communication approach or MLC is the proposed security model. MLC classifies communications in e-health into five categories: Layer 1 to Layer 5 representing extremely sensitive, highly sensitive, medium sensitive, low sensitive and no sensitive data. This classification refers to the different sensitivity of the information exchanged during communications. For example, Extremely Sensitive communication involves exchanging extremely sensitive information, which requires highest security mechanisms, while Low Sensitive communication requires lower security mechanism. Conclusion: MLC provides five different types of security needs, where users can flexibly choose their own security preferences for their online communications, which the current technologies are lacking. {\circledC} 2011 Science Publications.",
    author = "Rossilawati Sulaiman and Dharmendra SHARMA and Wanli MA and Dat TRAN",
    year = "2011",
    doi = "10.3844/jcssp.2011.1691.1703",
    language = "English",
    volume = "7",
    pages = "1691--1703",
    journal = "Journal of Computer Science",
    issn = "1549-3636",
    publisher = "Science Publications",
    number = "11",

    }

    A new security model using multilayer approach for E-health services. / Sulaiman, Rossilawati; SHARMA, Dharmendra; MA, Wanli; TRAN, Dat.

    In: Journal of Computer Science, Vol. 7, No. 11, 2011, p. 1691-1703.

    Research output: Contribution to journalArticle

    TY - JOUR

    T1 - A new security model using multilayer approach for E-health services

    AU - Sulaiman, Rossilawati

    AU - SHARMA, Dharmendra

    AU - MA, Wanli

    AU - TRAN, Dat

    PY - 2011

    Y1 - 2011

    N2 - Problem statement: Delivering services online is important in e-health. Services that are delivered through online communications between engaging parties, often involve sensitive information transmitted over the Internet. However, while the Internet successfully facilitates these services, significant threats also come in parallel. Network attacks, information breaches and malicious software on a computer system are common threats to the Internet. These threats can cause severe damage to computer systems and also the information. As we study current security technologies particularly that provide security to online communications, we found out that these technologies do not cater for different kinds of security needs because of the rigid way the security mechanisms are constructed. Therefore, we are interested in developing a security model that facilitates these needs, specifically in e-health. Approach: First, the area where different security requirements are needed are explored, such as the information classification found in ISO17799. This classification is based on the sensitivity levels of the information, where the more sensitive information requires higher security measures compared to the less sensitive information. Then, the information classification is applied to the e-health environment, so that our security model can handle the security processes for each classification. Results: The multilayer communication approach or MLC is the proposed security model. MLC classifies communications in e-health into five categories: Layer 1 to Layer 5 representing extremely sensitive, highly sensitive, medium sensitive, low sensitive and no sensitive data. This classification refers to the different sensitivity of the information exchanged during communications. For example, Extremely Sensitive communication involves exchanging extremely sensitive information, which requires highest security mechanisms, while Low Sensitive communication requires lower security mechanism. Conclusion: MLC provides five different types of security needs, where users can flexibly choose their own security preferences for their online communications, which the current technologies are lacking. © 2011 Science Publications.

    AB - Problem statement: Delivering services online is important in e-health. Services that are delivered through online communications between engaging parties, often involve sensitive information transmitted over the Internet. However, while the Internet successfully facilitates these services, significant threats also come in parallel. Network attacks, information breaches and malicious software on a computer system are common threats to the Internet. These threats can cause severe damage to computer systems and also the information. As we study current security technologies particularly that provide security to online communications, we found out that these technologies do not cater for different kinds of security needs because of the rigid way the security mechanisms are constructed. Therefore, we are interested in developing a security model that facilitates these needs, specifically in e-health. Approach: First, the area where different security requirements are needed are explored, such as the information classification found in ISO17799. This classification is based on the sensitivity levels of the information, where the more sensitive information requires higher security measures compared to the less sensitive information. Then, the information classification is applied to the e-health environment, so that our security model can handle the security processes for each classification. Results: The multilayer communication approach or MLC is the proposed security model. MLC classifies communications in e-health into five categories: Layer 1 to Layer 5 representing extremely sensitive, highly sensitive, medium sensitive, low sensitive and no sensitive data. This classification refers to the different sensitivity of the information exchanged during communications. For example, Extremely Sensitive communication involves exchanging extremely sensitive information, which requires highest security mechanisms, while Low Sensitive communication requires lower security mechanism. Conclusion: MLC provides five different types of security needs, where users can flexibly choose their own security preferences for their online communications, which the current technologies are lacking. © 2011 Science Publications.

    U2 - 10.3844/jcssp.2011.1691.1703

    DO - 10.3844/jcssp.2011.1691.1703

    M3 - Article

    VL - 7

    SP - 1691

    EP - 1703

    JO - Journal of Computer Science

    JF - Journal of Computer Science

    SN - 1549-3636

    IS - 11

    ER -