In this lab, a series of labs are designed to help you develop a healthcare related mobile
application with step by step instructions.
The mobile application is a patient-centric healthcare record with integration of existing
techniques such as secure outsourcing framework, cloud-based storage service,
proximity based access control, machine learning service, etc.
Lab Project 1: Secure Mobile Application Development
The goal of this project is to learn the basic skills for developing a secure mobile health
app.
This project will involve the following tasks.
Build a basic health app in mobile platform
Implement basic security features such as registration, authentication,
authentication reset, etc.
Lab Project 2: Integration with the Google Cloud Service
The goal of this project is to learn the basic skills for developing a secure mobile health
app.
This project will involve the following tasks.
Secure the outsourced medical record: (1) learn to use common widgets of the app;
(2) Learn to use cloud key management service provided by Google Cloud;
(3) Secure the medical record before outsourcing to the Firebase cloud
Learn to use nearby service as the proximity -based access control approach
In this lab, you will gain understanding about multiple types of anonymization techniques
and their tradeoffs. Additionaly, you will learn to anonymize a dataset using k-anonymity and
l-diversity.
The goal of this lab project is to illustrate the motivation of differential privacy technique in the healthcare domain and introduce two types of approaches for practical differential privacy: generic mechanisms for differential privacy and sensitivity sampling for random differential privacy.
The objective of the exercises presented here is to familiarize the students with the role
based access control features available in OpenMRS, which is an open source EHR system.
In this lab, you will develop an advanced crypto system that supports
attribute-based access control to protect the users’ sensitive EHR data and provide access control features.
In this lab, you will do exercise about issues of Incident Response (IR), Disaster Recovery (DR),
and Business Continuity (BC) planning in healthcare domain.
In this lab exercise, you will learn how to extract policy patterns from HIPPA
regulations and policies in health care systems, and then formulate a generic policy
specification scheme to accommodate those identified patterns
In this lab, you will familiarize with risk assessment in a healthcare organization,
in particular one that has adopted a cloud system and with risk management features available in SimpleRisk,
which is an open source risk management system.
Machine Learning in Healthcare - ABAC Policy Extraction
With the rapid advances in computing and information technologies, traditional access control models have become inadequate in terms of capturing fine-grained, expressive security requirements of newly emerging applications. An attribute-based access control (ABAC) model provides a more flexible approach for addressing access control needs of complex and dynamic systems. While organizations are interested in employing such newer access control approaches, the challenge of migrating to such AC approaches pose as a significant obstacle.
In this lab, the students will learn how to automatically extract ABAC policy rules from access logs of the system. The students will employ an unsupervised learning-based algorithm for detecting patterns in access logs and extracting ABAC authorization rules from these patterns.
Decentralized Application using Smart Contracts and IPFS: Healthcare Scenario
The goal of this lab is to illustrate how to manage personal healthcare records using the decentralized application that are related on Ethereum smart contract and IPFS.
In this lab, given a decentralized application demo, you will learn the following objects:
1) The overview and usage of IPFS; 2) The principle/usage/development of Ethereum smart contract; 3) The combination of IPFS and smart contract to manage the healthcare records
Access Control and Security Issues in Smart Contracts: Healthcare Scenario
The goal of this lab is to illustrate how to manage access control and security issues of using Ethereum smart contract in healthcare scenarios.
In this lab, you will learn the following objects:
1) The access control in smart contracts; 2) The common security issues in smart contracts and their countermeasures