Demonstrating accountable-eHealth systems

The security and privacy of patient information is one of the biggest hindrances to the wide adoption of eHealth systems. For eHealth systems to be successful they must provide protection for patients’ privacy while ensuring healthcare professionals are able to access the information necessary to provide appropriate care. Accountable-eHealth systems are a proposed solution to these potentially competing concerns by enforcing appropriate use and after-the-fact accountability measures. We have developed a Web-based prototype to demonstrate scenarios of how both appropriate and inappropriate use of patient information would be handled in an Accountable-eHealth system.

Security analysis of Australian and E.U. e-passport implementation

This paper makes a formal security analysis of the current Australian e-passport implementation using model checking tools CASPER/CSP/FDR. We highlight security issues in the current implementation and identify new threats when an e-passport system is integrated with an automated processing system like SmartGate. The paper also provides a security analysis of the European Union (EU) proposal for Extended Access Control (EAC) that is intended to provide improved security in protecting biometric information of the e-passport bearer. The current e-passport specification fails to provide a list of adequate security goals that could be used for security evaluation. We fill this gap; we present a collection of security goals for evaluation of e-passport protocols. Our analysis confirms existing security weaknesses that were previously identified and shows that both the Australian e-passport implementation and the EU proposal fail to address many security and privacy aspects that are paramount in implementing a secure border control mechanism. ACM Classification C.2.2 (Communication/Networking and Information Technology – Network Protocols – Model Checking), D.2.4 (Software Engineering – Software/Program Verification – Formal Methods), D.4.6 (Operating Systems – Security and Privacy Protection – Authentication)

An on-line secure e-passport protocol

The first generation e-passport standard is proven to be insecure and prone to various attacks. To strengthen, the European Union (EU) has proposed an Extended Access Control (EAC) mechanism for e-passports that intends to provide better security in protecting biometric information of the e-passport bearer. But, our analysis shows, the EU proposal fails to address many security and privacy issues that are paramount in implementing a strong security mechanism. In this paper we propose an on-line authentication mechanism for electronic passports that addresses the weakness in existing implementations, of both The International Civil Aviation Organisation (ICAO) and EU. Our proposal utilises ICAO PKI implementation, thus requiring very little modifications to the existing infrastructure which is already well established.

A multi-hierarchical motorway ramp signalling strategy

Ramp signalling is an access control for motorways, in which a traffic signal is placed at on-ramps to regulate the rate of vehicles entering the motorway and thus to preserve the motorway capacity. In general, ramp signalling algorithms fall into two categories: local control and coordinated control by their effective scope. Coordinated ramp signalling strategies make use of measurements from the entire motorway network to operate individual ramp signals for the optimal performances at the network level. This study proposes a multi-hierarchical strategy for coordinated ramp signalling. The strategy is structured in two layers. At the higher layer with a longer update interval, coordination group is assembled and disassembled based on the location of high-risk breakdown flow. At the lower layer with a shorter update interval, individual ramps are hired to serve the coordination and are also released based on the prevailing congestion level on the ramp. This strategy is modelled and applied to the northbound Pacific Motorway micro-simulation platform (AIMSUN). The simulation results show an effective congestion mitigation of the proposed strategy.

Privacy by design for social networks

This research has established a new privacy framework, privacy model, and privacy architecture to create more transparent privacy for social networking users. The architecture is designed into three levels: Business, Data, and Technology, which is based on The Open Group Architecture Framework (TOGAF®). This framework and architecture provides a novel platform for investigating privacy in Social Networks (SNs). This approach mitigates many current SN privacy issues, and leads to a more controlled form of privacy assessment. Ultimately, more privacy will encourage more connections between people across SN services.

Monitoring spatiotemporal dynamics of human movement based on MAC address data

This thesis was a step forward in extracting valuable features from human's movement behaviour in terms of space utilisation based on Media-Access-Control data. This research offered a low-cost and less computational complexity approach compared to existing human's movement tracking methods. This research was successfully applied in QUT's Gardens Point campus and can be scaled to bigger environments and societies. Extractable information from human's movement by this approach can add a significant value to studying human's movement behaviour, enhancing future urban and interior design, improving crowd safety and evacuation plans.

Designing and implementing usable and useful Accountable-eHealth systems

This tutorial primarily focuses on the technical challenges surrounding the design and implementation of Accountable-eHealth (AeH) systems. The potential benefits of shared eHealth records systems are promising for the future of improved healthcare; however, their uptake is hindered by concerns over the privacy and security of patient information. In the current eHealth environment, there are competing requirements between healthcare consumers' (i.e. patients) requirements and healthcare professionals' requirements. While consumers want control over their information, healthcare professionals want access to as much information as required in order to make well informed decisions. This conflict is evident in the review of Australia's PCEHR system. Accountable-eHealth systems aim to balance these concerns by implementing Information Accountability (IA) mechanisms. AeH systems create an eHealth environment where health information is available to the right person at the right time without rigid barriers whilst empowering the consumers with information control and transparency, thus, enabling the creation of shared eHealth records that can be useful to both patients and HCPs. In this half-day tutorial, we will discuss and describe the technical challenges surrounding the implementation of AeH systems and the solutions we have devised. A prototype AeH system will be used to demonstrate the functionality of AeH systems, and illustrate some of the proposed solutions. The topics that will be covered include: designing for usability in AeH systems, the privacy and security of audit mechanisms, providing for diversity of users, the scalability of AeH systems, and finally the challenges of enabling research and Big Data Analytics on shared eHealth Records while ensuring accountability and privacy are maintained.

BP-XACML: An authorisation policy language for business processes

XACML has become the defacto standard for enterprise- wide, policy-based access control. It is a structured, extensible language that can express and enforce complex access control policies. There have been several efforts to extend XACML to support specific authorisation models, such as the OASIS RBAC profile to support Role Based Access Control. A number of proposals for authorisation models that support business processes and workflow systems have also appeared in the literature. However, there is no published work describing an extension to allow XACML to be used as a policy language with these models. This paper analyses the specific requirements of a policy language to express and enforce business process authorisation policies. It then introduces BP-XACML, a new profile that extends the RBAC profile for XACML so it can support business process authorisation policies. In particular, BP-XACML supports the notion of tasks, and constraints at the level of a task instance, which are important requirements in enforcing business process authorisation policies.

Country review on the main building energy-efficiency policy instrument

Building energy-efficiency (BEE) is the key to drive the promotion of energy saving in building sector. A large variety of building energy-efficiency policy instrument exist. Some are mandatory, some are soft scheme, and some use economic incentives from country to country. This paper presents the current development of implementing BEE policy instruments by examining the practices of BEE in seven selected countries and regions. In the study, BEE policy instruments are classified into three groups, including mandatory administration control instruments, economic incentive instruments and voluntary scheme instruments. The study shows that different countries have adopted different instruments in their practices for achieving the target of energy-saving and gained various kinds of experiences. It is important to share these experiences gained.

Verification and Operation of Adaptive Materials in Space

Piezoelectric polymers based on polyvinylidene fluoride (PVDF) are of interest as smart materials for novel space-based telescope applications. Dimensional adjustments of adaptive thin polymer films are achieved via controlled charge deposition. Predicting their long-term performance requires a detailed understanding of the piezoelectric property changes that develop during space environmental exposure. The overall materials performance is governed by a combination of chemical and physical degradation processes occurring in low Earth orbit as established by our past laboratory-based materials performance experiments (see report SAND 2005-6846). Molecular changes are primarily induced via radiative damage, and physical damage from temperature and atomic oxygen exposure is evident as depoling, loss of orientation and surface erosion. The current project extension has allowed us to design and fabricate small experimental units to be exposed to low Earth orbit environments as part of the Materials International Space Station Experiments program. The space exposure of these piezoelectric polymers will verify the observed trends and their degradation pathways, and provide feedback on using piezoelectric polymer films in space. This will be the first time that PVDF-based adaptive polymer films will be operated and exposed to combined atomic oxygen, solar UV and temperature variations in an actual space environment. The experiments are designed to be fully autonomous, involving cyclic application of excitation voltages, sensitive film position sensors and remote data logging. This mission will provide critically needed feedback on the long-term performance and degradation of such materials, and ultimately the feasibility of large adaptive and low weight optical systems utilizing these polymers in space.

Assessment of antenna characteristic effects on pedestrian and cyclists travel-time estimation based on Bluetooth and WiFi MAC addresses

Monitoring pedestrian and cyclists movement is an important area of research in transport, crowd safety, urban design and human behaviour assessment areas. Media Access Control (MAC) address data has been recently used as potential information for extracting features from people’s movement. MAC addresses are unique identifiers of WiFi and Bluetooth wireless technologies in smart electronics devices such as mobile phones, laptops and tablets. The unique number of each WiFi and Bluetooth MAC address can be captured and stored by MAC address scanners. MAC addresses data in fact allows for unannounced, non-participatory, and tracking of people. The use of MAC data for tracking people has been focused recently for applying in mass events, shopping centres, airports, train stations etc. In terms of travel time estimation, setting up a scanner with a big value of antenna’s gain is usually recommended for highways and main roads to track vehicle’s movements, whereas big gains can have some drawbacks in case of pedestrian and cyclists. Pedestrian and cyclists mainly move in built distinctions and city pathways where there is significant noises from other fixed WiFi and Bluetooth. Big antenna’s gains will cover wide areas that results in scanning more samples from pedestrians and cyclists’ MAC device. However, anomalies (such fixed devices) may be captured that increase the complexity and processing time of data analysis. On the other hand, small gain antennas will have lesser anomalies in the data but at the cost of lower overall sample size of pedestrian and cyclist’s data. This paper studies the effect of antenna characteristics on MAC address data in terms of travel-time estimation for pedestrians and cyclists. The results of the empirical case study compare the effects of small and big antenna gains in order to suggest optimal set up for increasing the accuracy of pedestrians and cyclists’ travel-time estimation.

Information accountability and health big data analytics: A consent-based model

With the ever increasing amount of eHealth data available from various eHealth systems and sources, Health Big Data Analytics promises enticing benefits such as enabling the discovery of new treatment options and improved decision making. However, concerns over the privacy of information have hindered the aggregation of this information. To address these concerns, we propose the use of Information Accountability protocols to provide patients with the ability to decide how and when their data can be shared and aggregated for use in big data research. In this paper, we discuss the issues surrounding Health Big Data Analytics and propose a consent-based model to address privacy concerns to aid in achieving the promised benefits of Big Data in eHealth.

Managing and sharing health data through information accountability protocols

Concerns over the security and privacy of patient information are one of the biggest hindrances to sharing health information and the wide adoption of eHealth systems. At present, there are competing requirements between healthcare consumers' (i.e. patients) requirements and healthcare professionals' (HCP) requirements. While consumers want control over their information, healthcare professionals want access to as much information as required in order to make well-informed decisions and provide quality care. In order to balance these requirements, the use of an Information Accountability Framework devised for eHealth systems has been proposed. In this paper, we take a step closer to the adoption of the Information Accountability protocols and demonstrate their functionality through an implementation in FluxMED, a customisable EHR system.

The design and implementation of an Information Accountability Framework for eHealth systems

This tutorial primarily focuses on the implementation of Information Accountability (IA) protocols defined in an Information Accountability Framework (IAF) in eHealth systems. Concerns over the security and privacy of patient information are one of the biggest hindrances to sharing health information and the wide adoption of eHealth systems. At present, there are competing requirements between healthcare consumers' (i.e. patients) requirements and healthcare professionals' (HCP) requirements. While consumers want control over their information, healthcare professionals want access to as much information as required in order to make well-informed decisions and provide quality care. This conflict is evident in the review of Australia's PCEHR system and in recent studies of patient control of access to their eHealth information. In order to balance these requirements, the use of an Information Accountability Framework devised for eHealth systems has been proposed. Through the use of IA protocols, so-called Accountable-eHealth systems (AeH) create an eHealth environment where health information is available to the right person at the right time without rigid barriers whilst empowering the consumers with information control and transparency. In this half-day tutorial, we will discuss and describe the technical challenges surrounding the implementation of the IAF protocols into existing eHealth systems and demonstrate their use. The functionality of the protocols and AeH systems will be demonstrated, and an example of the implementation of the IAF protocols into an existing eHealth system will be presented and discussed.

Authorisation management in business process environments: An authorisation model and a policy model

This thesis provides two main contributions. The first one is BP-TRBAC, a unified authorisation model that can support legacy systems as well as business process systems. BP-TRBAC supports specific features that are required by business process environments. BP-TRBAC is designed to be used as an independent enterprise-wide authorisation model, rather than having it as part of the workflow system. It is designed to be the main authorisation model for an organisation. The second contribution is BP-XACML, an authorisation policy language that is designed to represent BPM authorisation policies for business processes. The contribution also includes a policy model for BP-XACML. Using BP-TRBAC as an authorisation model together with BP-XACML as an authorisation policy language will allow an organisation to manage and control authorisation requests from workflow systems and other legacy systems.