Abstract
Information technology can improve the quality, efficiency, and cost of healthcare. In this survey, we examine the privacy requirements of mobile computing technologies that have the potential to transform healthcare. Such mHealth technology enables physicians to remotely monitor patients' health and enables individuals to manage their own health more easily. Despite these advantages, privacy is essential for any personal monitoring technology. Through an extensive survey of the literature, we develop a conceptual privacy framework for mHealth, itemize the privacy properties needed in mHealth systems, and discuss the technologies that could support privacy-sensitive mHealth systems. We end with a list of open research questions.
- Ackerman, M. S. and Mainwaring, S. D. 2005. Privacy issues and human-computer interaction. In Security and Usability: Designing Secure Systems that People Can Use, L. F. Cranor and S. Garfinkel, Eds., O'Reilly Media, 381--400. http://oreilly.com/catalog/9780596008277/.Google Scholar
- ACLU 2009, American Civil Liberties Union. The American Recovery and Reinvestment Act of 2009: Health information technology, privacy summary. http://www.aclu.org/images/asset_upload_file625_38771.pdf. (last accessed 3/09).Google Scholar
- Agrafioti, F. and Hatzinakos, D. 2008. Fusion of ECG sources for human identification. In Proceedings of the International Symposium on Communications, Control and Signal Processing (ISCCSP). IEEE Press, 1542--1547. DOI 10.1109/ISCCSP.2008.4537472.Google Scholar
- Al Ameen, M., Liu, J., and Kwak, K. 2010. Security and privacy issues in wireless sensor networks for healthcare applications. J. Medical Syst. 1--9. DOI 10.1007/s10916-010-9449-4. Google ScholarDigital Library
- AllOne Health. 2009. PHR access on mobile phone. http://www.allonemobile.com. (last accessed 3/09)Google Scholar
- American Medical Association. 2009. HR.1, the American Recovery and Reinvestment Act of 2009: Explanation of privacy provisions. http://www.ama-assn.org/ama1/pub/upload/mm/399/arra-privacy-provisions.pdf. (last accessed 3/09).Google Scholar
- Andersen, J. 2009. Secure group formation protocol for a medical sensor network prototype. In Proceedings of the International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP). IEEE, 343--348. DOI 10.1109/ISSNIP.2009.5416771.Google ScholarCross Ref
- Anvita Health. 2009. Google health on mobile phone. http://www.anvitahealth.com. (last accessed 3/09).Google Scholar
- APEC 2005. APEC privacy framework. http://tinyurl.com/cusnax.Google Scholar
- Appari, A. and Johnson, M. E. 2010. Information security and privacy in healthcare: Current state of research. Int. J. Internet Enterprise Manage. 6, 4, 279--314. http://mba.tuck.dartmouth.edu/pages/faculty/eric.johnson/pdfs/AJIJIEM.pdf.Google ScholarCross Ref
- Aylward, R. and Paradiso, J. A. 2007. A compact, high-speed, wearable sensor network for biomotion capture and interactive media. In Proceedings of the International Workshop on Information Processing in Sensor Networks (IPSN). ACM, 380--389. DOI 10.1145/1236360.1236408. Google ScholarDigital Library
- Baker, C. R., Armijo, K., Belka, S., Benhabib, M., Bhargava, V., Burkhart, N., Der Minassians, A., Dervisoglu, G., Gutnik, L., Haick, B. M., Ho, C., Koplow, M., Mangold, J., Robinson, S., Rosa, M., Schwartz, M., Sims, C., Stoffregen, H., Waterbury, A., Leland, E. S., Pering, T., and Wright, P. K. 2007. Wireless sensor networks for home health care. In Proceedings of the International Conference on Advanced Information Networking and Applications Workshops. IEEE Computer Society, 832--837. DOI 10.1109/AINAW.2007.376. Google ScholarDigital Library
- Baldus, H., Klabunde, K., and Müsch, G. 2004. Reliable set-up of medical body-sensor networks. In Proceedings of the 1st European Workshop on Wireless Sensor Networks. Lecture Notes in Computer Science, vol. 2920. Springer, 353--363. DOI 10.1007/978-3-540-24606-0-24.Google Scholar
- Barth, A., Datta, A., Mitchell, J. C., and Nissenbaum, H. 2006. Privacy and contextual integrity: Framework and applications. In Proceedings of the IEEE Symposium on Security and Privacy (S&P). IEEE Press, 15--29. DOI 10.1109/SP.2006.32. Google ScholarDigital Library
- Barth, A. T., Hanson, M. A., Powell, H. C., Unluer, D., Wilson, S. G., and Lach, J. 2008. Body-coupled communication for body sensor networks. In Proceedings of the ICST International Conference on Body Area Networks (BodyNets). Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering (ICST), 1--4. Online at http://portal.acm.org/citation.cfm?id=1460257.1460273. Google ScholarDigital Library
- Becher, E., Benenson, Z., and Dornseif, M. 2006. Tampering with motes: Real-world physical attacks on wireless sensor networks. In Proceedings of the International Conference on Security in Pervasive Computing (SPC). Springer-Verlag, 104--118. DOI 10.1007/11734666 9. Google ScholarDigital Library
- Bekiaris, E., Damousis, I. G., and Tzovaras, D. 2008. Unobtrusive multimodal biometric authentication: The HUMABIO project concept. EURASIP J. Adv. Sig. Process. DOI 10.1155/2008/265767. Google ScholarDigital Library
- Bellman, S., Johnson, E. J., and Lohse, G. L. 2001. To opt-in or opt-out? it depends on the question. Comm. ACM 44, 2, 25--27. DOI 10.1145/359205.359241. Google ScholarDigital Library
- Bichler, D., Stromberg, G., Huemer, M., and Löw, m. 2007. Key generation based on acceleration data of shaking processes. In Proceedings of Ubiquitous Computing (UbiComp). Lecture Notes in Computer Science Series, vol. 4717. Springer-Verlag, 304--317. DOI 10.1007/978-3-540-74853-3 18. Google ScholarDigital Library
- Blough, D., Ahamad, M., Liu, L., and Chopra, P. 2008. MedVault: Ensuring security and privacy for electronic medical records. NSF CyberTrust Principal Investigators Meeting. Online at http://www.cs.yale.edu/cybertrust08/posters/posters/158 medvault_poster_CT08.pdf.Google Scholar
- Boric-Lubecke, O. and Lubecke, V. M. 2002.Wireless house calls: using communications technology for health care and monitoring. IEEE Microwave Magazine 3, 3, 43--48. DOI 10.1109/MMW.2002.1028361.Google ScholarCross Ref
- Brahmbhatt, B. 2010. Position and perspective of privacy laws in India. In AAAI Spring Symposium Series: Intelligent Information Privacy Management. AAAI. Online at http://www.aaai.org/ocs/index.php/SSS/SSS10/paper/view/1197/1474.Google Scholar
- Bratus, S., Cornelius, C., Kotz, D., and Peebles, D. 2008. Active behavioral fingerprinting of wireless devices. In Proceedings of the ACM Conference on Wireless Network Security (WiSec). ACM, 56--61. DOI 10.1145/1352533.1352543. Google ScholarDigital Library
- Breaux, T. D. and Antón, A. I. 2008. Analyzing regulatory rules for privacy and security requirements. IEEE Trans. Softw. Eng. 34, 1, 5--20. DOI 10.1109/TSE.2007.70746. Google ScholarDigital Library
- Brik, V., Banerjee, S., Gruteser, M., and Oh, S. 2008. Wireless device identification with radiometric signatures. In Proceedings of the ACM International Conference on Mobile Computing and Networking (MobiCom). ACM, 116--127. DOI 10.1145/1409944.1409959. Google ScholarDigital Library
- Buckovich, S. A., Rippen, H. E., and Rozen, M. J. 1999. Driving toward guiding principles: A goal for privacy, confidentiality, and security of health information. J. AMIA 6, 2, 122--133. DOI 10.1136/jamia.1999.0060122.Google Scholar
- CCHIT 2008. Consumer's guide to certification of personal health records. Booklet. Online at http://cchit. org/files/CCHITPHRConsumerGuide08.pdf.Google Scholar
- CDT 2008. Comprehensive privacy and security: Critical for health information technology. White paper. Online at http://www.cdt.org/healthprivacy/20080514HPframe.pdf.Google Scholar
- CDT 2009. Summary of health privacy provisions in the 2009 economic stimulus legislation. White paper. Online at http://www.cdt.org/healthprivacy/20090324_ARRAPrivacy.pdf.Google Scholar
- CHCF 2008. Whose data is it anyway? Expanding consumer control over personal health information. California Healthcare Foundation. Online at http://ehealth.chcf.org/topics/view. cfm?itemID=133577.Google Scholar
- Cherukuri, S., Venkatasubramanian, K. K., and Gupta, S. K. S. 2003. BioSec: A biometric based approach for securing communication in wireless networks of biosensors implanted in the human body. In Proceedings of the International Conference on Parallel Processing Workshops. IEEE Computer Society, 432--439. DOI 10.1109/ICPPW.2003.1240399.Google Scholar
- Choi, Y. B., Capitan, K. E., Krause, J. S., and Streeper, M. M. 2006. Challenges associated with privacy in healthcare industry: Implementation of HIPAA and security rules. J. Med. Syst. 30, 1, 57--64. DOI 10.1007/s10916-006-7405-0. Google ScholarDigital Library
- Cohn, S. P. 2006. Privacy and confidentiality in the nationwide health information network. Online at http://www.ncvhs.hhs.gov/060622lt.htm.Google Scholar
- Collins, T. 2006. NHS trust uncovers password sharing risk to patient data. Computer Weekly. Online at http://www.computerweekly.com/Articles/2006/07/11/216882/nhs-trust-uncovers-password-sharing-risk-to-patient.htm.Google Scholar
- Cornelius, C., and Kotz, D. 2010. On usable authentication for wireless body area networks. In Proceedings of the USENIX Workshop on Health Security and Privacy. USENIX Association. Online at http://www.cs.dartmouth. edu/_dfk/papers/abstracts/cornelius-healthsec10.html.Google Scholar
- Cornelius, C. and Kotz, D. 2011. Recognizing whether sensors are on the same body. In Proceedings of the International Conference on Pervasive Computing. Lecture Notes in Computer Science. Springer, 332--349. DOI 10.1007/978-3-642-21726-5 21. Google ScholarDigital Library
- Covington, M., Moyer, M., and Ahamad, M. 2000. Generalized role-based access control for securing future applications. In Proceedings of the National Information Systems Security Conference. NIST. Online at http://csrc.nist.gov/nissc/2000/proceedings/papers/040.pdf.Google Scholar
- Cranor, L. F. 2003. ‘I didn't buy it for myself’: Privacy and ecommerce personalization. In Proceedings of the ACM Workshop on Privacy in the Electronic Society (WPES). ACM, 111--117. DOI 10.1145/1005140.1005158. Google ScholarDigital Library
- Cranor, L. F. 2005. Privacy policies and privacy preferences. In Security and Usability: Designing Secure Systems that People Can Use. L. F. Cranor and S. Garfinkel, Eds. O'Reilly Media, Chapter 22, 447--469. Online at http://oreilly.com/catalog/9780596008277/.Google Scholar
- Cranor, L. F. 2008. A framework for reasoning about the human in the loop. In Proceedings of the Conference on Usability, Psychology, and Security (UPSEC). USENIX Association, 1--15. Online at http://static.usenix.org/event/upsec08/tech/full_pasess/cranor/cranor.pdf. Google ScholarDigital Library
- Dai Zovi, D. A. and Macaulay, S. A. 2005. Attacking automatic wireless network selection. In Proceedings of the IEEE SMC Information Assurance Workshop. IEEE Press, 365--372. DOI 10.1109/IAW.2005.1495975.Google Scholar
- De Mulder, Y., Danezis, G., Batina, L., and Preneel, B. 2008. Identification via location-profiling in GSM networks. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES). ACM, 23--32. DOI 10.1145/1456403.1456409. Google ScholarDigital Library
- DH 2008, Intel Research. Digital Home project. Online at http://www.intel.com/research/exploratory/digitalhome.htm, visited Mar. 2008.Google Scholar
- DIT 2011, Government of India, Department of Information Technology (DIT). Information Technology Act 2000 {India}. Online at http://www.mit.gov.in/content/information-technology-act-2000, visited Feb. 2011.Google Scholar
- Dixon, P. 2006. Medical identity theft: The information crime that can kill you. Online at http://www.worldprivacyforum.org/pdf/wpfmedicalidtheft2006.pdf.Google Scholar
- Domingo-Ferrer, J., Martínez-Ballesté, A., Mateo-Sanz, J. M. and Sebé, F. 2006. Efficient multivariate data-oriented microaggregation. VLDB J. 15, 4, 355--369. DOI 10.1007/s00778-006-0007-0. Google ScholarDigital Library
- DS 2009, Daily Strength. Dailystrength.org. Online at http://www.dailystrength.org/, visited Oct. 2009.Google Scholar
- Eisenman, S. B., Miluzzo, E., Lane, N. D., Peterson, R. A., Ahn, G.-S., and Campbell, A. T. 2009. BikeNet: A mobile sensing system for cyclist experience mapping. ACM Trans. Sensor Netw. (TOSN) 6, 1, 1--39. DOI http://doi.acm.org/10.1145/1653760.1653766. Google ScholarDigital Library
- Enck, W., Ongtang, M., and Mcdaniel, P. 2009. On lightweight mobile phone application certification. In Proceedings of the ACM Conference on Computer and Communications Security (CCS). ACM, 235--245. DOI 10.1145/1653662.1653691. Google ScholarDigital Library
- EU 2009, Office of the Data Protection Commissioner. EU Directive 95/46/EC: The data protection directive. Online at http://www.dataprotection.ie/viewdoc.asp?DocID=92, visited Mar. 2009.Google Scholar
- Ferraiolo, D. and Kuhn, R. 1992. Role based access control. In Proceedings of the National Computer Security Conference. NIST. Online at http://csrc.nist.gov/rbac/ferraiolo-kuhn-92.pdf.Google Scholar
- Frank, M., Streich, A. P., Basin, D., and Buhmann, J. M. 2009. A probabilistic approach to hybrid role mining. In Proceedings of the ACM Conference on Computer and Communications Security (CCS). ACM, 101--111. DOI 10.1145/1653662.1653675. Google ScholarDigital Library
- Franklin, J., McCoy, D., Tabriz, P., Neagoe, V., Randwyk, J. V., and Sicker, D. 2006. Passive data link layer 802.11 wireless device driver fingerprinting. In Proceedings of the USENIX Security Symposium. USENIX Association, 167--178. Online at http://www.usenix.org/events/sec06/tech/franklin.html. Google ScholarDigital Library
- Friedman, B., Lin, P., and Miller, J. K. 2005. Informed consent by design. In Security and Usability: Designing Secure Systems that People Can Use. L. F. Cranor and S. Garfinkel, Eds. O'Reilly Media, Chapter 24, 495--521. Online at http://oreilly.com/catalog/9780596008277/.Google Scholar
- Garcia-Morchon, O. and Baldus, H. 2008. Efficient distributed security for wireless medical sensor networks. In Proceedings of the International Conference on Intelligent Sensors, Sensor Networks and Information Processing. IEEE, 249--254. DOI 10.1109/ISSNIP.2008.4761995.Google Scholar
- Garcia-Morchon, O., Falck, T., Heer, T., and Wehrle, K. 2009. Security for pervasive medical sensor networks. In Proceedings of the International Conference on Mobile and Ubiquitous Systems: Networking and Services (MobiQuitous). IEEE Press. DOI 10.4108/ICST.MOBIQUITOUS2009.6832.Google Scholar
- GD. 2011. Giesecke and Devrient GmbH. Online at http://www.gi-de.com/, visited Mar. 2011.Google Scholar
- Gedik, B. and Liu, L. 2008. Protecting location privacy with personalized k-anonymity: Architecture and algorithms. IEEE Trans. Mobile Comput. 7, 1, 1--18. DOI 10.1109/TMC.2007.1062. Google ScholarDigital Library
- GH 2008, Google. Google Health. Online at https://www.google.com/health, visited Nov. 2008.Google Scholar
- Georgia Institute of Technology. 2008. Aware Home project. http://www.cc.gatech.edu/fce/ahri/. (last accessed 3/08).Google Scholar
- Giannetsos, T., Dimitriou, T., and Prasad, N. R. 2011. People-centric sensing in assistive healthcare: Privacy challenges and directions. Secur. Commun. Netw. DOI 10.1002/sec.313. Google ScholarDigital Library
- Gilbert, P., Cox, L. P., Jung, J., and Wetherall, D. 2010. Toward trustworthy mobile sensing. In Proceedings of the Workshop on Mobile Computing Systems & Applications (HotMobile). ACM, 31--36. DOI 10.1145/1734583.1734592. Google ScholarDigital Library
- Goldman, J. 1998. Protecting privacy to improve health care. Health Affairs 17, 6, 47--60. DOI 10.1377/hlthaff.17.6.47.Google ScholarCross Ref
- Golle, P. and Partridge, K. 2009. On the anonymity of home/work location pairs. In Proceedings of Pervasive Computing. Lecture Notes in Computer Science Series, vol. 5538. Springer-Verlag, 390--397. DOI 10.1007/978-3-642-01516-8_26. Google ScholarDigital Library
- Goyal, V. 2007. Certificate revocation using fine grained certificate space partitioning. In Proceedings of the International Conference on Financial Cryptography and Data Security (FCDS). S. Dietrich and R. Dhamija, Eds. Lecture Notes in Computer Science Series, vol. 4888. Springer-Verlag, 247--259. DOI 10.1007/978-3-540-77366-5_24. Google ScholarDigital Library
- Goyal, V., Pandey, O., Sahai, A., and Waters, B. 2006. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the ACM Conference on Computer and Communications Security (CCS). ACM, 89--98. DOI 10.1145/1180405.1180418. Google ScholarDigital Library
- Greenstein, B., McCoy, D., Pang, J., Kohno, T., Seshan, S., and Wetherall, D. 2008. Improving wireless privacy with an identifier-free link layer protocol. In Proceedings of the International Conference on Mobile Systems, Applications and Services (MobiSys). ACM Press, 40--53. DOI 10.1145/1378600.1378607. Google ScholarDigital Library
- Gruteser, M. and Grunwald, D. 2003. Anonymous usage of location-based services through spatial and temporal cloaking. In Proceedings of the International Conference on Mobile Systems, Applications and Services (MobiSys). ACM, 31--42. DOI 10.1145/1066116.1189037. Google ScholarDigital Library
- Gutmann, P. 2002. PKI: It's not dead, just resting. IEEE Computer 35, 8, 41--49. DOI 10.1109/MC.2002.1023787. Google ScholarDigital Library
- Halamka, J. 2008. Respecting patient privacy preferences. Blog-- Life as a Healthcare CIO. Online at http://geekdoctor.blogspot.com/2008/01/respecting-patient-privacy-preferences.html.Google Scholar
- Halamka, J., Leavitt, M., and Tooker, J. 2009. A shared roadmap and vision for health IT. Position statement. Online at http://tinyurl.com/c8ztuy.Google Scholar
- Halperin, D., Heydt-Benjamin, T. S., Ransford, B., Clark, S. S., Defend, B., Morgan, W., Fu, K., Kohno, T., and Maisel, W. H. 2008a. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In Proceedings of the IEEE Symposium on Security and Privacy (S&P). IEEE Press, 129--142. DOI 10.1109/SP.2008.31. Google ScholarDigital Library
- Halperin, D., Thomas, Fu, K., Kohno, T., and Maisel, W. H. 2008b. Security and privacy for implantable medical devices. IEEE Pervas. Comput. 7, 1, 30--39. DOI 10.1109/MPRV.2008.16. Google ScholarDigital Library
- HHS 2009, US Department of Human and Health Services. Draft model personal health record (PHR) privacy notice & facts-at-a-glance. Online at http://tinyurl.com/cxm4q3, visited Apr. 2009.Google Scholar
- HIPAA 2010, HHS. HIPAA website. Online at http://www.hhs.gov/ocr/privacy/, visited Mar. 2010.Google Scholar
- HITECH1 2009, Coppersmith Gordon Schermer and Brockelman. HITECH Act expands HIPAA privacy and security rules. Online at http://www.azhha.org/member_and_media_resources/documents/HITECHAct. pdf, visited Nov. 2009.Google Scholar
- HITECH2 2009, HIPAA Survival Guide. HITECH Act text. Online at http://www.hipaasurvivalguide.com/hitech-act-text.php, visited Nov. 2009.Google Scholar
- HITSP 2008. TP-30: HITSP manage consent directives transaction package. Online at http://www.hitsp.org/ConstructSet Details.aspx?&PrefixAlpha=2&PrefixNumeric=30.Google Scholar
- HL 2009, Health Law News and Notes. FAQs on ARRA/Stimulus Bill changes for business associates. Online at http://healthlawoffices. com/blog/?p=85, visited Mar. 2009.Google Scholar
- Hoh, B. and Gruteser, M. 2005. Protecting location privacy through path confusion. In Proceedings of the IEEE/CreateNet International Conference on Security and Privacy for Emerging Areas in Communication Networks (SecureComm). IEEE Press. DOI 10.1109/SECURECOMM.2005.33. Google ScholarDigital Library
- Hoh, B., Gruteser, M., Xiong, H., and Alrabady, A. 2007. Preserving privacy in GPS traces via uncertainty-aware path cloaking. In Proceedings of the ACM Conference on Computer and Communications Security (CCS). ACM, 161--171. DOI 10.1145/1315245.1315266. Google ScholarDigital Library
- HPP 1999. Best principles for health privacy. Georgetown University. Online at http://www.healthprivacy. org/usr doc/33807.pdf.Google Scholar
- HPP 2007. Best practices for employers offering personal health records (PHRs). Developed by the Employers' Working Group on Personal Health Records (PHRs). Online at http://www.cdt.org/healthprivacy/2007Best Practices.pdf.Google Scholar
- Hu, W., Corke, P., Shih, W. C., and Overs, L. 2009. secFleck: A public key technology platform for wireless sensor networks. In Proceedings of the European Conference on Wireless Sensor Networks (EWSN). Springer-Verlag, 296--311. DOI 10.1007/978-3-642-00224-3 19. Google ScholarDigital Library
- Iachello, G. and Hong, J. 2007. End-user privacy in human-computer interaction. Found. Trends Hum.-Comput. Interact. (FTHCI) 1, 1--137. DOI 10.1561/1100000004. Google ScholarDigital Library
- IHE 2009, IHE International. IHE profiles. Online at http://www.ihe.net/profiles/index.cfm, visited Nov. 2009.Google Scholar
- India 2011. Information technology rules GSR 313(E)-316(E). Government of India. http://deity.gov.in/sites/upload_files/dit/files/GSR3_10511(1).pdf.Google Scholar
- Irvine, J. M., Israel, S. A., Scruggs, T. W., and Worek, W. J. 2008. eigenPulse: Robust human identification from cardiovascular function. Patt. Recog. 41, 11, 3427--3435. DOI 10.1016/j.patcog. 2008.04.015. Google ScholarDigital Library
- ISTPA 2007. Analysis of privacy principles: Making privacy operational. Online at http://www.istpa. org/pdfs/ISTPAAnalysisofPrivacyPrinciplesV2.pdf.Google Scholar
- Jain, A. K., Flynn, P., and Ross, A. A., Eds. 2007. Handbook of Biometrics. Springer-Verlag. Online at http://www.springer.com/computer/computer+imaging/book/978-0-387-71040-2. Google ScholarDigital Library
- Jain, A. K., Ross, A., and Prabhakar, S. 2004. An introduction to biometric recognition. IEEE Trans. Circ. Syst. Video Tech. 14, 1, 4--20. DOI 10.1109/TCSVT.2003.818349. Google ScholarDigital Library
- Jana, S., Premnath, S. N., Clark, M., Kasera, S. K., Patwari, N., and Krishnamurthy, S. V. 2009. On the effectiveness of secret key extraction from wireless signal strength in real environments. In Proceedings of the ACM International Conference on Mobile Computing and Networking (MobiCom). ACM, 321--332. DOI 10.1145/1614320.1614356. Google ScholarDigital Library
- Jea, D., Liu, J., Schmid, T., and Srivastava, M. B. 2008. Hassle free fitness monitoring. In Proceedings of the Workshop on Systems and Networking Support for Healthcare and Assisted Living Environments (HealthNet). ACM. DOI 10.1145/1515747.1515756. Google ScholarDigital Library
- Johnson, M. E. 2009. Data hemorrhages in the health-care sector. In Financial Cryptography and Data Security. Springer-Verlag. DOI 10.1007/978-3-642-03549-4_5. Google ScholarDigital Library
- Jones, V., Mei, H., Broens, T., Widya, I., and Peuscher, J. 2007. Context aware body area networks for telemedicine. In Advances in Multimedia Information Processing (PCM). Springer-Verlag, 590--599. DOI 10.1007/978-3-540-77255-2_74. Google ScholarDigital Library
- Kaplan, D. 2009. Group unveils first-of-its-kind standard to secure patient data. SC Magazine. Online at http://www.scmagazineus.com/Group-unveils-first-of-its-kind-standard-to-secure-patient-data/article/128168/.Google Scholar
- Karat, C., Brodie, C., and Karat, J. 2005. Usability design and evaluation for privacy and security solutions. In Security and Usability: Designing Secure Systems that People Can Use, L. F. Cranor and S. Garfinkel, Eds. O'Reilly Media, Chapter 4, 47--74. Online at http://oreilly.com/catalog/9780596008277/.Google Scholar
- Kelley, P. G., Cesca, L., Bresee, J., and Cranor, L. F. 2010. Standardizing privacy notices: an online study of the nutrition label approach. In Proceedings of the International Conference on Human Factors in Computing Systems (CHI). ACM, 1573--1582. DOI 10.1145/1753326.1753561. Google ScholarDigital Library
- Kelley, P. G., Hankes Drielsma, P., Sadeh, N., and Cranor, L. F. 2008. User-controllable learning of security and privacy policies. In Proceedings of the ACM Workshop on Security and Artificial Intelligence (AIsec). ACM, 11--18. DOI 10.1145/1456377.1456380. Google ScholarDigital Library
- Klasnja, P., Consolvo, S., Choudhury, T., and Beckwith, R. 2009. Exploring privacy concerns about personal sensing. In Proceedings of the International Conference on Pervasive Computing (Pervasive). Springer-Verlag. DOI 10.1007/978-3-642-01516-8_13. Google ScholarDigital Library
- Kleidermacher, D. 2008. Next generation secure mobile devices. Inf. Quart. 7, 4, 14--17. Online at http://www.iqmagazineonline.com/article.php?issue=25&article_id=1041.Google Scholar
- Kotz, D. 2011. A threat taxonomy for mHealth privacy. In Proceedings of the Workshop on Networked Healthcare Technology (NetHealth). IEEE Press. DOI 10.1109/COMSNETS.2011.5716518.Google ScholarCross Ref
- Kotz, D., Avancha, S., and Baxi, A. 2009. A privacy framework for mobile health and home-care systems. In Proceedings of the Workshop on Security and Privacy in Medical and Home-Care Systems (SPIMACS). ACM, 1--12. DOI 10.1145/1655084.1655086. Google ScholarDigital Library
- Kuie, T. S. 2003. The impact of data privacy protection in medical practice in Singapore. SGH Proc. 12, 4, 201--207. Online at http://www.pgmi.com.sg/SGHproceeding/12-4/impact%20of%20data%20privacy.pdf.Google Scholar
- Kulkarni, P. and ÖZtürk, Y. 2007. Requirements and design spaces of mobile medical care. SIGMOBILE Mobile Comput. Commun. Rev. 11, 3, 12--30. DOI 10.1145/1317425.1317427. Google ScholarDigital Library
- Kumar, A., Saxena, N., Tsudik, G., and Uzun, E. 2009. A comparative study of secure device pairing methods. Pervas. Mobile Comput. 5, 6, 734--749. DOI 10.1016/j.pmcj.2009.07.008. Google ScholarDigital Library
- Kumaraguru, P. and Cranor, L. 2006. Privacy in India: Attitudes and awareness. In Proceedings of the International Workshop on Privacy Enhancing Technologies (PET), G. Danezis and D. Martin, Eds. Springer, 243--258. DOI 10.1007/11767831_16. Google ScholarDigital Library
- Liu, A. and Ning, P. 2008. TinyECC: A configurable library for elliptic curve cryptography in wireless sensor networks. In Proceedings of the International Workshop on Information Processing in Sensor Networks (IPSN). IEEE Press. DOI 10.1109/IPSN.2008.47. Google ScholarDigital Library
- Lowrance, W. W. 2009. Privacy and health research: New laws in Europe. The HHS Data Council, US Department of Health and Human Services. Online at http://aspe.hhs.gov/datacncl/PHR5.htm.Google Scholar
- Machanavajjhala, A., Gehrke, J., Kifer, D., and Venkitasubramaniam, M. 2006. l-diversity: Privacy beyond k-anonymity. In Proceedings of the International Conference on Data Engineering (ICDE). IEEE Press, 24--85. DOI 10.1109/ICDE.2006.1. Google ScholarDigital Library
- Mack, D. C., Alwan, M., Turner, B., Suratt, P., and Felder, R. A. 2006. A passive and portable system for monitoring heart rate and detecting sleep apnea and arousals: Preliminary validation. In Proceedings of the Transdisciplinary Conference on Distributed Diagnosis and Home Healthcare (D2H2). IEEE Computer Society, 51--54. DOI 10.1109/DDHH.2006.1624795.Google Scholar
- Malan, D. J., Welsh, M., and Smith, M. D. 2008. Implementing public-key infrastructure for sensor networks. ACM Trans. Sensor Netw. (TOSN) 4, 4, 1--23. DOI 10.1145/1387663.1387668. Google ScholarDigital Library
- Malasri, K. and Wang, L. 2007. Addressing security in medical sensor networks. In Proceedings of the Workshop on Systems and Networking Support for Healthcare and Assisted Living Environments (HealthNet). ACM Press, 7--12. DOI 10.1145/1248054.1248058. Google ScholarDigital Library
- Malasri, K. and Wang, L. 2008. Design and implementation of a secure wireless mote-based medical sensor network. In Proceedings of Conference on Ubiquitous Computing (UbiComp). ACM, 172--181. DOI 10.1145/1409635.1409660. Google ScholarDigital Library
- Malin, B. 2006. Re-identification of familial database records. In Proceedings of the AMIA Annual Symposium. AMIA, 524--528. Online at http://view.ncbi.nlm.nih.gov/pubmed/17238396.Google Scholar
- Malin, B. and Airoldi, E. 2007. Confidentiality preserving audits of electronic medical record access. Stud. Health Tech. Informat. 129, Part 1, 320--324. Online at http://view.ncbi.nlm.nih. gov/pubmed/17911731.Google Scholar
- Mare, S. and Kotz, D. 2010. Is Bluetooth the right technology for mHealth? In USENIX Workshop on Health Security and Privacy. USENIX Association. Online at http://www.cs.dartmouth.edu/dfk/papers/abstracts/mare-healthsec10.html.Google Scholar
- Mare, S., Sorber, J., Shin, M., Cornelius, C., and Kotz, D. 2011. Adaptive security and privacy for mHealth sensing. In Proceedings of the USENIX Workshop on Health Security (HealthSec). Online at http://www.cs.dartmouth.edu/dfk/papers/mare-healthsec11.pdf. Google ScholarDigital Library
- Martin, L. 2008. Identity-based encryption and beyond. IEEE Security and Privacy 6, 62--64. Online at DOI 10.1109/MSP,2008.120. Google ScholarDigital Library
- Mary Hitchcock Memorial Hospital and Dartmouth-Hitchcock Clinics. 2009. The Dartmouth-Hitchcock Privacy Group policy statement on the privacy & confidentiality of patient information.Google Scholar
- Mathur, S., Trappe, W., Mandayam, N., Ye, C., and Reznik, A. 2008. Radio-telepathy: extracting a secret key from an unauthenticated wireless channel. In Proceedings of the ACM International Conference on Mobile Computing and Networking (MobiCom). ACM, 128--139. DOI 10.1145/1409944.1409960. Google ScholarDigital Library
- Mayrhofer, R. and Gellersen, H. 2007. Shake well before use: Authentication based on accelerometer data. In Proceedings of the International Conference on Pervasive Computing (Pervasive). Lecture Notes in Computer Science Series, vol. 4480. Springer-Verlag, 144--161. DOI 10.1007/978-3-540-72037-9_9. Google ScholarDigital Library
- McDaniel, P. and Rubin, A. 2000. A response to “Can we eliminate certificate revocation lists?”. In Proceedings of the International Conference on Financial Cryptography (FC), Y. Frankel, Ed. Lecture Notes in Computer Science Series, vol. 1962. Springer-Verlag, 245--258. DOI 10.1007/3-540-45472-1_17. Google ScholarDigital Library
- Merkle, R. 1982. Method of providing digital signatures. US Patent 4309569. Online at http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=4309569.Google Scholar
- Messmer, E. 2008. Health care organizations see cyberattacks as growing threat. Network World. Online at http://tinyurl.com/66b2py.Google Scholar
- MF 2008. Common Framework for networked personal health information: Overview and principles. Connecting for Health. Online at http://connectingforhealth.org/phti/docs/Overview.pdf.Google Scholar
- MFC 2009, Markle Foundation: Connecting for Health. Consumer consent to collections, uses, and disclosures of information. Online at http://connectingforhealth.org/phti/docs/CP3.pdf, visited Nov. 2009.Google Scholar
- mH 2009, Wikipedia. mHealth. Online at http://en.wikipedia.org/wiki/Mhealth, visited Apr. 2009.Google Scholar
- MHV 2008, Microsoft. The HealthVault web-based PHR. Online at http://www.healthvault.com, visited Nov. 2008.Google Scholar
- Micali, S. 2002. NOVOMODO: Scalable certificate validation and simplified PKI management. In Proceedings of the PKI Research Workshop. NIST. Online at http://www.cs.dartmouth.edu/_pki02/Micali/paper.pdf.Google Scholar
- MID. 2009, Wikipedia. Mobile internet device. Online at http://en.wikipedia.org/wiki/Mobile Internet Device, visited May 2009.Google Scholar
- Mišić, J. 2008. Enforcing patient privacy in healthcare WSNs using ECC implemented on 802.15.4 beacon enabled clusters. In Proceedings of the IEEE International Conference on Pervasive Computing and Communications (PerCom). IEEE Computer Society Press, 686--691. DOI 10.1109/PERCOM.2008.28. Google ScholarDigital Library
- Mokbel, M. F., Chow, C.-Y., and Aref, W. G. 2006. The new Casper: query processing for location services without compromising privacy. In Proceedings of the International Conference on Very Large Data Bases (VLDB). VLDB Endowment, 763--774. Online at http://www.vldb.org/conf/2006/p763-mokbel.pdf. Google ScholarDigital Library
- Molina, A. D., Salajegheh, M., and Fu, K. 2009. HICCUPS: Health information collaborative collection using privacy and security. In Proceedings of the Workshop on Security and Privacy in Medical and Home-Care Systems (SPIMACS). ACM Press, 21--30. DOI 10.1145/1655084.1655089. Google ScholarDigital Library
- Mont, M. C., Bramhall, P., and Harrison, K. 2003. A flexible role-based secure messaging service: Exploiting IBE technology for privacy in health care. In Proceedings of the International Workshop on Database and Expert Systems Applications. IEEE Press, 432--437. DOI 10.1109/DEXA.2003.1232060. Google ScholarDigital Library
- Moore, J. 2009. The feds and PHR privacy. Government Health IT. Online at http://www.govhealthit.com/Articles/2009/01/26/The-feds-and-PHR-privacy.aspx.Google Scholar
- Motta, G. H. and Furuie, S. S. 2003. A contextual role-based access control authorization model for electronic patient record. IEEE Trans. Inf. Tech. Biomed. 7, 3, 202--207. DOI 10.1109/TITB.2003.816562. Google ScholarDigital Library
- MPWG. 2009, Trusted Computing Group. Mobile Phone Work Group. Online at http://www. trustedcomputinggroup.org/developers/mobile, visited May 2009.Google Scholar
- MTM. 2008, Trusted Computing Group. Mobile Phone Work Group Mobile Trusted Module Specification, Version 1.0. Online at http://www.trustedcomputinggroup.org/resources/mobile_phone_workgroup_mobile_trusted_module_specification_version_10, visited June 2008.Google Scholar
- Muralidhar, K. and Sarathy, R. 2005. An enhanced data perturbation approach for small data sets. Dec. Sci. 36, 3, 513--529. DOI 10.1111/j.1540-5414.2005.00082.Google Scholar
- NAHIT 2008. Defining key health information technology terms. Report to the Office of the National Coordinator for Health Information Technology. Online at http://www.nahit.org/images/pdfs/HITTermsFinalReport_051508.pdf.Google Scholar
- NCVHS 2008. Individual control of sensitive health information accessible via NHIN. NCVHS letter to HHS Secretary. Online at http://www.ncvhs.hhs gov/080220lt.pdf.Google Scholar
- NHS 2009a, UK National Health Service. Connecting for Health. Online at http://www.connectingforhealth. nhs.uk/, visited Mar. 2009.Google Scholar
- NHS 2009b, UK National Health Service. Connecting for Health: Systems and services. Online at http://www.connectingforhealth.nhs.uk/systemsandservices, visited Mar. 2009.Google Scholar
- Ni, Q., Lin, D., Bertino, E., and Lobo, J. 2007a. Conditional privacy-aware role based access control. In Proceedings of the European Symposium On Research In Computer Security (ESORICS). Lecture Notes in Computer Science Series, vol. 4734. Springer-Verlag, 72--89. DOI 10.1007/978-3-540-74835-9_6. Google ScholarDigital Library
- Ni, Q., Trombetta, A., Bertino, E., and Lobo, J. 2007b. Privacy-aware role based access control. In Proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT). ACM, 41--50. DOI 10.1145/1266840.1266848. Google ScholarDigital Library
- Nissenbaum, H. 2004. Privacy as contextual integrity. Washington Law Review 79, 119--158. Online at http://www.nyu.edu/projects/nissenbaum/papers/washingtonlawreview.pdf.Google Scholar
- NZHIPC. 2008. Health information privacy code 1994. New Zealand. 2008 revised edition. Online at http://www.privacy.org.nz/assets/Files/Codes-of-Practice-materials/HIPC-1994-2008-revised-edition.pdf.Google Scholar
- NZPA. 1993. Privacy act 1993. New Zealand legislature, Public Act 1993 No. 28. Online at http://www. legislation.govt.nz/act/public/1993/0028/latest/096be8ed80604d98.pdf.Google Scholar
- OECD. 1980. OECD guidelines on the protection of privacy and transborder flows of personal data. Online at http://preview.tinyurl.com/2of8ox.Google Scholar
- ONC 2008. The nationwide privacy and security framework for electronic exchange of individually identifiable health information. Online at http://www.hhs.gov/healthit/privacy/framework.html.Google Scholar
- OW 2009, Organized Wisdom. Organizedwisdom.com. Online at http://organizedwisdom.com, visited Oct. 2009.Google Scholar
- Pang, J., Greenstein, B., Gummadi, R., Seshan, S., and Wetherall, D. 2007. 802.11 user fingerprinting. In Proceedings of the ACM International Conference on Mobile Computing and Networking (MobiCom). ACM, 99--110. DOI 10.1145/1287853.1287866. Google ScholarDigital Library
- Paradiso, R., Loriga, G., and Taccini, N. 2005. A wearable health care system based on knitted integrated sensors. IEEE Trans. Inf. Tech. Biomed. 9, 3, 337--344. DOI 10.1109/TITB.2005.854512. Google ScholarDigital Library
- PL 2008, Intel Research. PlaceLab project. Online at http://www.placelab.org/, visited Mar. 2008.Google Scholar
- Pounder, C. 2007. Why the APEC privacy framework is unlikely to protect privacy. Out-Law.com. Online at http://www.out-law.com/default.aspx?page=8550.Google Scholar
- Prasad, A. and Kotz, D. 2010. Can I access your data? Privacy management in mHealth. In Proceedings of the USENIX Workshop on Health Security and Privacy. USENIX Association. Online at http://www.cs.dartmouth.edu/~dfk/papers/abstracts/prasad-healthsec10.html.Google Scholar
- Prasad, A., Sorber, J., Stablein, T., Anthony, D., and Kotz, D. 2011. Exposing privacy concerns in mHealth. In Proceedings of theUSENIX Workshop on Health Security (HealthSec). Online at http://www.cs.dartmouth.edu/~dfk/papers/prasad-healthsec11.pdf. Google ScholarDigital Library
- Ravichandran, R., Benisch, M., Kelley, P. G., and Sadeh, N. M. 2009. Capturing social networking privacy preferences. In Proceedings of the International Symposium on Privacy Enhancing Technologies (PETS). Lecture Notes in Computer Science Series, vol. 5672. Springer-Verlag, 1--18. DOI 10.1007/978-3-642-03168-7_1. Google ScholarDigital Library
- Riedl, B., Neubauer, T., Goluch, G., Boehm, O., Reinauer, G., and Krumboeck, A. 2007. A secure architecture for the pseudonymization of medical data. In Proceedings of the International Conference on Availability, Reliability and Security (ARES). IEEE press, 318--324. DOI 10.1109/ARES.2007.22. Google ScholarDigital Library
- Rivest, R. L. 1998. Can we eliminate certificate revocations lists? In Proceedings of the International Conference on Financial Cryptography (FC), R. Hirschfeld, Ed. Lecture Notes in Computer Science Series, vol. 1465. Springer-Verlag, 178--183. DOI 10.1007/BFb0055482. Google ScholarDigital Library
- Rouse, W. B. 2008. Health care as a complex adaptive system: Implications for design and management. The Bridge 38, 1. Online at http://www.nae.edu/nae/bridgecom.nsf/weblinks/MKEZ-7CLKRV? OpenDocument.Google Scholar
- Safe. 2010. U.S. Department of Commerce.Welcome to the U.S.-EU & Swiss safe harbor frameworks. Online at http://www.export.gov/safeharbor, visited Oct. 2010.Google Scholar
- Sahai, A. and Waters, B. 2005. Fuzzy identity-based encryption. In Proceedings of Advances in Cryptology (EUROCRYPT). Lecture Notes in Computer Science Series, vol. 3494. Springer-Verlag, 457--473. DOI 10.1007/11426639 27. Google ScholarDigital Library
- Saltzer, J. H. and Schroeder, M. D. 1975. The protection of information in computer systems. Proc. IEEE 63, 9, 1278--1308. DOI 10.1109/PROC,1975,9939.Google ScholarCross Ref
- Samarati, P. 2001. Protecting respondents' identities in microdata release. IEEE Trans. Knowl. Data Eng. 13, 6, 1010--1027. DOI 10.1109/69.971193. Google ScholarDigital Library
- Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E. 1996. Role-based access control models. IEEE Comput. 29, 2, 38--47. DOI 10.1109/2.485845. Google ScholarDigital Library
- Sankar, P. and Jones, N. L. 2005. To tell or not to tell: primary care patients' disclosure deliberations. Arch. Intern. Med. 165, 20, 2378--2383. DOI 10.1001/archinte.165.20.2378.Google ScholarCross Ref
- Scholl, M., Stine, K., Hash, J., Bowen, P., Johnson, A., Smith, C. D., and Steinberg, D. I. 2008. An introductory resource guide for implementing the Health Insurance Portability and Accountability Act (HIPAA) security rule. Tech. Rep. 800-66-Rev1, National Institute of Standards and Technology. Oct. Online at http://csrc.nist.gov/publications/nistpubs/800-66-Rev1/SP-800-66-Revision1.pdf. Google ScholarDigital Library
- Schwingenschlögl, C., Eichler, S., and Müller-rathgeber, B. 2006. Performance of PKI-based security mechanisms in mobile ad hoc networks. Int. J. Electron. Commun. 60, 1, 20--24. DOI 10.1016/j.aeue.2005.10.004.Google ScholarCross Ref
- SH 2008, University of Rochester. Smart Home project at Center for Future Health. Online at http://www.futurehealth.rochester.edu/smart_home, visited Mar. 2008.Google Scholar
- Sinclair, S. and Smith, S. W. 2008. Preventative directions for insider threat mitigation via access control. In Insider Attack and Cyber Security: Beyond the Hacker. Advances in Information Security Series, vol. 39. Springer-Verlag, 173--202. DOI 10.1007/978-0-387-77322-3_10.Google Scholar
- Singelée, D. and Preneel, B. 2006. Location privacy in wireless personal area networks. In Proceedings of the ACM Workshop on Wireless Security (WiSe). ACM, 11--18. DOI 10.1145/1161289.1161292. Google ScholarDigital Library
- Solworth, J. A. 2008. Instant revocation. In Public Key Infrastructure. Lecture Notes in Computer ScienceSeries, vol. 5057. Springer-Verlag, 31--48. DOI 10.1007/978-3-540-69485-4_3. Google ScholarDigital Library
- Srinivasan, V., Stankovic, J., and Whitehouse, K. 2008. Protecting your daily in-home activity information from a wireless snooping attack. In Proceedings of the Conference on Ubiquitous Computing (UbiComp). ACM, 202--211. DOI 10.1145/1409635.1409663. Google ScholarDigital Library
- Srinivasan, V., Stankovic, J., and Whitehouse, K. 2010. Using height sensors for biometric identification in multi-resident homes. In Proceedings of the International Conference on Pervasive Computing (Pervasive). Lecture Notes in Computer Science Series, vol. 6030. Springer, Berlin Heidelberg, 337--354. DOI 10.1007/978-3-642-12654-3_20. Google ScholarDigital Library
- Sriram, J., Shin, M., Choudhury, T., and Kotz, D. 2009a. Activity-aware ECG-based patient authentication for remote health monitoring. In Proceedings of the International Conference on Multimodal Interfaces and Workshop on Machine Learning for Multi-modal Interaction (ICMI-MLMI). ACM, 297--304. DOI 10.1145/1647314.1647378. Google ScholarDigital Library
- Sriram, J., Shin, M., Kotz, D., Rajan, A., Sastry, M., and Yarvis, M. 2009b. Challenges in data quality assurance in pervasive health monitoring systems. In Future of Trust in Computing, D. Gawrock, H. Reimer, A.-R. Sadeghi, and C. Vishik, Eds. Vieweg+Teubner Verlag, 129--142. DOI 10.1007/978-3-8348-9324-6 14.Google Scholar
- Stanford, V. 2002. Pervasive health care applications face tough security challenges. IEEE Pervas. Comput. 1, 2, 8--12. DOI 10.1109/MPRV.2002.1012332. Google ScholarDigital Library
- Steinbrook, R. 2009. Health care and the American Recovery and Reinvestment Act. New Eng. J. Med. 360, 11, 1057--1060. DOI 10.1056/NEJMp0900665.Google ScholarCross Ref
- Sun, Y., La porta, T. F., and Kermani, P. 2009. A flexible privacy-enhanced location-based services system framework and practice. IEEE Trans. Mobile Comput. 8, 3, 304--321. DOI 10.1109/TMC.2008.112. Google ScholarDigital Library
- Sundaram, B. and Chapman, B. 2005. A grid authentication system with revocation guarantees. In Proceedings of the Symposium on High Performance Computing (HiPC). Lecture Notes in Computer Science Series, vol. 3769. Springer, 508--517. DOI 10.1007/11602569_52. Google ScholarDigital Library
- Sweeney, L. 2002. k-anonymity: A model for protecting privacy. Int. J. Uncert., Fuzz., Knowl.-Based Syst. 10, 5, 557--570. DOI 10.1142/S0218488502001648. Google ScholarDigital Library
- Tan, C. C., Wang, H., Zhong, S., and Li, Q. 2009. IBE-lite: A lightweight identity-based cryptography for body sensor networks. IEEE Trans. Inf. Tech. Biomed. 13, 6, 926--932. DOI 10.1109/TITB.2009.2033055. Google ScholarDigital Library
- TPM. 2009, Trusted Computing Group (TCG). Trusted Platform Module. Online at http://www. trustedcomputinggroup.org/developers/trusted_platform_module, visited May 2009.Google Scholar
- University of Washington. 2008. Assisted Cognition project. http://www.cs.washington.edu/Assistcog. (last accessed 3/08).Google Scholar
- Vadehra, S. 2011, Kan & Krishme, Attorneys at Law. India: Data protection and the IT Act India. Online at http://www.gala-marketlaw.com/joomla4/index.php?option=com_content&##38; view=article&##38;id=261&##38;Itemid=138, visited Jan. 2011.Google Scholar
- Varshavsky, A., Lamarca, A., and De Lara, E. 2007a. Enabling secure and spontaneous communication between mobile devices using common radio environment. In Proceedings of the Workshop on Mobile Computing Systems and Applications (HotMobile). ACM, 9--13. DOI 10.1109/HotMobile.2007.12. Google ScholarDigital Library
- Varshavsky, A., Scannell, A., Lamarca, A., and De Lara, E. 2007b. Amigo: Proximity-based authentication of mobile devices. In Proceedings of Ubiquitous Computing (UbiComp). Lecture Notes in Computer Science Series, vol. 4717. Springer-Verlag, 253--270. DOI 10.1007/978-3-540-74853-3_15. Google ScholarDigital Library
- Varshney, U. 2007. Pervasive healthcare and wireless health monitoring. Mobile Netw. Appl. 12, 2-3, 113--127. DOI 10.1007/s11036-007-0017-1. Google ScholarDigital Library
- Vitaletti, A. and Palombizio, G. 2007. Rijndael for sensor networks: Is speed the main issue? Electron. Notes Theoret. Comput. Sci. (ENTCS) 171, 1, 71--81. DOI 10.1016/j.entcs.2006.11.010. Google ScholarDigital Library
- Wang, Q., Shin, W., Liu, X., Zeng, Z., Oh, C., Alshebli, B. K., Caccamo, M., Gunter, C. A., Gunter, E., Hou, J., Karahalios, K., and Sha, L. 2006. I-Living: An open system architecture for assisted living. In Proceedings of the IEEE International Conference on Systems, Man and Cybernetics (SMC). Vol. 5. IEEE press, 4268--4275. DOI 10.1109/ICSMC.2006.384805.Google Scholar
- Wang, W., Motani, M., and Srinivasan, V. 2008. Dependent link padding algorithms for low latency anonymity systems. In Proceedings of the ACM Conference on Computer and Communications Security (CCS). ACM, 323--332. DOI 10.1145/1455770.1455812. Google ScholarDigital Library
- Watro, R., Kong, D., Cuti, S.-F., Gardiner, C., Lynn, C., and Kruus, P. 2004. TinyPK: securing sensor networks with public key technology. In Proceedings of the ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN). ACM, 59--64. DOI 10.1145/1029102.1029113. Google ScholarDigital Library
- Weerasinghe, D., Elmufti, K., Rajarajan, M., and Rakocevic, V. 2007. Securing electronic health records with novel mobile encryption schemes. Int. J. Electron. Healthcare 3, 4, 395--416. DOI 10.1504/IJEH.2007.015320.Google ScholarCross Ref
- Wong, F.-L. and Stajano, F. 2005. Location privacy in Bluetooth. In Proceedings of the European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS). Lecture Notes in Computer Science Series, vol. 3813. Springer-Verlag, 176--188. DOI 10.1007/11601494_15. Google ScholarDigital Library
- Wright, C. V., Ballard, L., Coull, S. E., Monrose, F., and Masson, G. M. 2010. Uncovering spoken phrases in encrypted voice over IP conversations. ACM Trans. Inf. Syst. Sec. (TISSEC) 13, 4, 35:1--35:30. DOI 10.1145/1880022.1880029. Google ScholarDigital Library
- Wright, C. V., Coull, S. E., and Monrose, F. 2009. Traffic morphing: An efficient defense against statistical traffic analysis. In Proceedings of the Annual Symposium on Network and Distributed System Security (NDSS). Internet Society. Online at http://www.isoc.org/isoc/conferences/ndss/09/pdf/14.pdf.Google Scholar
- Xiao, Y., Rayi, V. K., Sun, B., Du, X., Hu, F., and Galloway, M. 2007. A survey of key management schemes in wireless sensor networks. Computer Communications 30, 11-12, 2314--2341. Special issue on security on wireless ad hoc and sensor networks, DOI 10.1016/j.comcom.2007.04.009. Google ScholarDigital Library
Index Terms
- Privacy in mobile technology for personal healthcare
Recommendations
A privacy framework for mobile health and home-care systems
SPIMACS '09: Proceedings of the first ACM workshop on Security and privacy in medical and home-care systemsIn this paper, we consider the challenge of preserving patient privacy in the context of mobile healthcare and home-care systems, that is, the use of mobile computing and communications technologies in the delivery of healthcare or the provision of at-...
Design and application of a Health Insurance Portability and Accountability Act-compliant privacy framework for pervasive healthcare
With an increasing emphasis on pervasive healthcare services, providing a high degree of privacy to patients is becoming a major challenge due to: (a) an increased number of avenues, such as device, access points, switches and database; (b) more threats ...
Improving The Usability of Personal Health Record in Mobile Health Application for People with Autoimmune Disease
Asian CHI '21: Proceedings of the Asian CHI Symposium 2021Personal Health Record (PHR) is a technology that usually is targeted to people with chronic illness or in the elderly and designed to supplement medical care with health monitoring outside traditional care environments in hospitals such as in person-...
Comments