Application of Intelligent Multi Agent Based Systems For E-Healthcare Security

04/02/2020 ∙ by Faizal Khan, et al. ∙ 0

In recent years, availability and usage of extensive systems for Electronic Healthcare Record (EHR) is increased. In medical centers such hospitals and other laboratories, more health data sets were formed during the treatment process. In order to enhance the standard of the services provided in healthcare, these records where shared and can be used by various users depends on their requirements. As a result, notable issues in the security and privacy where obtained which should be monitored and removed in order to make the use of EHR more effectively. Various researches have been done in the past literature for improving the standards of the security and privacy in E-health systems. In spite of this, it is not completely enhanced. In this paper, a comprehensive analysis is done by selecting the existing approaches and models which were proposed for the security and privacy of the E-healthcare systems. Also, a novel Intelligent-based Access Control Security Model (IBAC) based on multi agents is proposed to maintain and support the security and privacy of E-healthcare systems. This system uses agents in order to maintain security and privacy while accessing the E-health data between the users.



There are no comments yet.


page 1

page 2

page 3

page 4

page 5

page 6

This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

1 Introduction

The influence of Information Technology (IT) has induced and combined numerous electronic health information from various places such as laboratories of medical research, hospitals and health care firms [1, 2]. This led to the formation of a novel concept called Electronic health (E-health). This can be defined as the application of IT based technologies and the practices of E-commerce for the entire sharing and processing, of the health information. This information is called as the EHR. The sensors based medical systems can be controlled by various controls in order to record of patient endlessly throughout the medical process. Hence, users like medical staff can access these collected health records since it contains most of the confidential and sensitive health data. Different methodologies have been proposed earlier in for maintaining the privacy and security of the EHR [3, 4]. But, these methods need more security in order to distribute the health data. The E-healthcare systems are real-time and has patient information which is in digital format. These are maintained by licenced persons. These data sets where formed by acquiring various data from different patients. In these EHRs, the authorised persons can be the patients or the doctors. The data present in the servers can be available in local or cloud based which stores, analyse the stored health data [5]. The components which are present in the networks can be the inter connector between the patients and the medical staff for enhancing the broadcasting and distribution of data [6]

. Though there are many benefits in these systems, more treats are there in terms of the security and the privacy for the data used in it. These security threats are caused because of their design [20]. These threats can be classified into various categories such as the data collection level

[7, 8, 9, 10, 11, 12], transmission level [13, 14, 15, 16], and storage level [17, 18, 19, 20, 21] which are described more clearly in section 3. Due to these threats in security and privacy of the EHR data, some users are not ready to use these applications. Hence, it is necessary to make sure that the users should be ready to use the system without any hesitation. Therefore, it is important to propose a system for maintaining the privacy and security in the EHR data.

In this paper, a detailed survey is done for analysing the security and privacy threats present in the healthcare system. Then, a novel agent based system for providing the security and privacy for EHR data is also proposed. The agent based system consists of various intelligent agents such as the user interface agent, authentication agent, connection establishment agent and the connection management agent with distinct and expedient working features. These intelligent agents make ease of use, effective communication between patients / users and the E-service providers. Various functions such as interface framing, user registration, user authentication, connection establishment and connection maintenance where carried out by the agent based system.

The remainder of this paper is organized as follows. Section 2 presents the various types of attacks and the methods proposed earlier to avoid it. Section 3 presents the intelligent agents and the proposed agent based method for providing the privacy and security in the E healthcare systems. Comparison with other methods are discussed in Section 4. Conclusions and the future work are depicted in Section 5.

2 Related Studies

Obtaining security and privacy in E-health data is a crucial part in maintaining the objectives of this advanced methodology. There is a possibility of different forms of attacks while making the health related data to be shared among the users and the medical persons [13]. Hence, majority of the healthcare institutions have already developed the advanced framework for making the data as highly secured. Various guidelines have been proposed earlier for maintaining the requirements of privacy and security in the field of E-health. Generally, the healthcare systems can be easily accessed by intruders. This sort of unauthorised access affects the overall performance of healthcare systems [6]. Networks present in the hospitals [21, 5] can be easily accessed by the hackers. Jamming based attack, collision based attack, de-synchronization based attacks, spoofing and selective forwarding based attacks are the common types of attacks that is done so far during the stage data collection. Threats such as altering the overall information, embedding unwanted data, can be done at the level of data collection. Various security models have been proposed by earlier researchers in order to avoid these types of attacks at the stage of data collection.

Shin et al. [14] studied the different types of security models proposed already for the health-care platform and tried to find out how to avoid the leakage of information in this health-care platform. The framed various requirements of the security in order to make sure that the overall security and privacy in electronic health are up to the standard. As a solution to the above mentioned problem, the authors used a modified security model called as the Role Based Access Control (RBAC). They proposed a novel architecture by using the improved RBAC model. This model is proposed for maintaining the privacy and security in the health care data mainly at the stage of transferring the data between the user and the health care provider. Their algorithm can be applied in smart devices also. The results obtained revealed that their proposed algorithm provides more security and privacy in securing the health care data.

Morchon and K. Wehrle in [20] proposed a novel modular based privacy and security mechanism for the healthcare applications. Their algorithm is a modified version of the already available RBAC system. This system is developed because of two main conditions. First one is to assign and share the access control policies of mechanisms proposed for access control to the entire nodes of a sensor. Secondly, for storing the data which are related to the user such as the location, time, information about the user’s health. It can be classified into critical condition, emergency condition or normal condition. Various attacks such as altering the patient’s medical information, intruding in the middle, data tampering, scrambling, signalling, unfairness in resource allocation, modification of message, data interception can be done in the networks. Other threats such as spying of the data, altering the overall information, interrupting in between the communication, sending additional and unwanted signals to block the source of the message where caused by the attackers at the data transmission level. It is easy for an unauthorised developer to construct the systems for intruding or changing the data of the patient through the wireless based technology. Hence, a mechanism for controlling the overall transfer should be there whenever the patient’s information is transferred [10].

Fadoua Khennou et al. [22] proposed a novel framework for secure authentication and transmission of health data using advanced encryption techniques. This methodology is proposed for the security of two purposed such as the data and channel. The security of channel is provided by utilizing the Secure Sockets Layer (SSL) on the Hypertext Transfer Protocol (HTTP) layer present in the networks, while the data security is provided on the Simple Object Access Protocol (SOAP) layer which is present above the HTTP. The authors proposed that their methodology can be used along with multi-factor authentication in order to provide authentication in the health data. Kahani et al. [5] framed a new scheme of access control in health data. Their methodology is based on a zero-knowledge protocol for verifying and maintaining the the user’s identity. Their framework combines the public key and a secret session key which is generated by Derive Unique Key Per-Transaction (DUKPT) scheme in order to establish secure communication between different health entities.

Gajanayake et al. [19] proposed new mechanism access control for enabling the privacy and security of the E-health data. Their method is a combination of three security based models. Such as the Discretionary Access Control (DAC), Mandatory Access Control (MAC) and the Role Based Access Control (RBAC) [18] in order to form a novel architecture. Their methodology allows the user as well as the healthcare providers to access the data in a privileged manner. The mail disadvantage of this methodology is it can be used only with in one type of network model while accessing the health data. Access level based attacks can be a threat for the storage. It can change the health information of a patient, changing the overall configuration of system or servers which is involved in the monitoring purposes. These attacks can be done in the Interference of Patient’s Information, accessing of medical information of patient without approval etc. can be done in the storage level of patient’s medical records. Various issues based on the hardware and software present in maintaining the patient’s medical record can cause an intervention in the healthcare system. Also it is also possible that the health care system can be easily accessed by various types of threats such as viruses, Trojans, and spyware etc. [21]. Lili Sun and Hua Wang [3] proposed an improved access control usage and model. Main task of this method is to give the privilege to access private data more securely. It consists of six important components such as, attributes of subject, object attributes, rights, authorizations, obligations, and conditions. In these attributes, the authorizations, obligations, and conditions are components of usage control decisions which are further applied to determine whether a user is allowed to access the data. The presence of other attributes paves the way for solving certain shortcomings that have been common in access controls. The main disadvantage of this model is that it represents only a first step for authorization model.

2.1 Motivation of The Proposed Framework

Challenges faced by the conventional learning techniques are as follows:

  1. Various methods were proposed earlier for improving the EHR. Majority of the EHR systems are still in process, but with poor accuracy.

  2. Artificial Intelligence (AI) algorithm based methods was utilized for improving the accuracy of the EHR model. Though, it was highly scalable, but the performance was poor in terms of accuracy.

  3. The methods based on fuzzy systems were proposed later on for the health records. The errors where evaluated. The method was more efficient and robust, but resulted in poor accuracy.

In order to rectify the drawbacks present in the existing methodologies, this framework is proposed.

3 Intelligent Agents

An agent is an autonomous and flexible computer based system that can receive input and output from the environment. There are many other advantages of the agents. For example, agents can be given knowledge to do specific task, collaborate with each other, and extendible which are very useful when developing secure systems. An agent can represent a user and do tasks on behalf of the user. Moreover, agent systems are extendible in nature. A new agent can be created instantly and added to the existing system in order to represent a new user such as a network monitoring agent, without changing the entire system.

3.1 Proposed IBAC Security Model

A Multi-Agent System for providing effective and secure E-health security services has been projected in this section. Architecture of the Intelligent-based Access Control Security Model (IBAC) using the agent based systems in order to enhance the security in the access of healthcare systems is shown in Figure 1. The Multi-agent system proposed in this work consists of various intelligent agents with distinct and expedient working features such as the user interface agent, authentication agent, connection establishment agent and the connection management agent. These intelligent agents make ease of use, effective communication between patients / users and the E-service providers. Various functionalities such as forming the interface, registration of the user, authentication of the user, establishing the connection and maintaining the connection where done by the multi-agent system. It also uses a database in order to store and retrieve the health information in the form of electronic health record.

Figure 1: Architecture of the Proposed IBAC Model

The proposed methodology consists of three main phases such as the User phase, Agent phase and the Information phase. The user phase consists of all the users who are dealing with this system. Users can be doctors, patients and the authorised professional for handling the health records for further processing. The agent phase consists of multi agents which is responsible for maintaining the security in accessing the health records. The protocols and policies were defined by the user interface agent. A health database is used to store all the username and the passwords provided and used by the patients, physicians and the authorised person for accessing and further processing data. A user authentication agent is used to validate the user. It is also used to verify the user credentials present in the health database. A connection establishment agent along with the connection management agent is used to establish the authenticated connection.

3.2 Working Principle

The proposed system accepts the service request from the customer through the user interface agent. It accepts the username and password of users. The user interface agent is connected through a website or a mobile based application. The authentication agent validates the username and password of the customer. After authenticating the user, a connection is established between the user and the server side by the connection establishment agent. This paves the way for effective and secure access of the E-health care data. The information about the established connection will be also stored in the database so that it can be to use for further references. After establishing the connection, the authentication agent grants the permission for users to access the credentials of the person who requested the data.

The information phase present in the health database consists of the basic and all the necessary information and data regarding the patient. It has the environment information such as location of the patient and time of the data collected. Information regarding the patient such as Age, Status, Blood Group, Height, Weight, BGM etc. where present in the patient information field of the database. Current medical information such as Heart rate, Blood Pressure, Sugar level, Operation history etc. where present in the current medical data field. All the username and the passwords provided and used by the patients, physicians and the authorised person for accessing and further processing data is also stored in the health database.

For every user U in the user set UT
    if (UN \in U) and
       AP = <UR, M, FI, FS>
            Establish connection;
            No connection;
    End if,
End for
For every UT in U
    Compute the authentication policy
      if (AP = FALSE)
      end if;
      if(AP = TRUE), then;
      if FA = <U, M, FI, FS>
            Access the files along
            with all the fields;
      end if;
End for

3.3 The Algorithm

Health systems have complicated accessing protocols since there exists many actors in the system. The health care system should support many users, their roles, files present in the database and permissions to access the contents present in the health database. In this section, algorithm for authenticating the user, establishing the connection between users as given in LABEL:list1 while in LABEL:list2 the system, accessing the files for the authorised users algorithm is presented.

3.4 Research Findings

  1. The proposed framework based on agent based system can provide an effective and secure E-health security services

  2. This framework is controlled by the patient who is considered a major part of the E-health system

  3. The two types of intelligent agents such as the user interface agent, authentication agent make ease of use, effective communication between patients / users and the E-service providers

  4. The user interface agent is connected through a website or a mobile based application so that it will be easy to handle for the users.

4 Comparison With Existing Methods

In this section, the proposed model for providing security in E-health data is compared with the existing approaches. Table 1 shows the performance comparison of various techniques in E-health security.

E-health security methods Technique used
CARE Model [5] Modules for each actors and their role
Patient-Centered Multi Agent System [10] Agents for individual Users
Body Sensor Network and Agent based Medical Server [c28] Agents for Patient, Supervisor, Doctor and manager
Biometric based Method [23] Electrocardiogram and fingerprint for the authentication purpose
Biometrics based Method [24] Electrocardiogram and photoplethysmography for the authentication purpose.
Proposed method Multi Agents for all functionalities
Table 1: Comparison of techniques for various E-health security methods

Drawbacks present in the existing methods where rectified in this proposed method using intelligent agent based systems. The performance remains higher in securing the health data. From the Table 1, it can be observed that the proposed method uses multiple agents for all functionalities in the process of securing the E-health data more effectively.

5 Conclusion

Patient’s health information should be kept secure in medical based servers so that the healthcare specialists and the doctors can access and use it at the time of treatments. Attacks at these health data servers can alter the information, modify the overall data and make unauthorised person as an accessed user. In order to make sure the data is secure, a novel agent based technology is proposed in this paper. The proposed security model IBAC aims to avoid these using the intelligent agent based systems. This model is novel since it uses the intelligent agents for the entire process of providing access control and sharing. The proposed model consists of agents, each of which is in charge for different task. This method is a simple and efficient access control mechanism based on the agents functionalities. Future work can be the implementation of the proposed model with more agents in real-time health datasets and also to calculate its efficiency and accuracy.


  • [1] M. Barua et al., PEACE: An efficient and secure patient-centric access control scheme for eHealth care system, IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 970–975 (2011).
  • [2] M. A. Khfagy, O. Reyad, Y. AbdelSatar and N. F Omran, Multi-filter score-level fusion for fingerprint verification, In A. E. Hassanien et al. (Eds.): AMLTA 2018, AISC 723, Springer Cham, 624–633 (2018).
  • [3] J. L. Fernandez-Aleman et al., Security and privacy in electronic health records: A systematic literature review, J. of Biomedical Informatics 46, 541–562 (2013).
  • [4] W. M. Abd-Elhafiez, O. Reyad, M. A. Mofaddel and M. Fathy, Image Encryption Algorithm Methodology Based on Multi-mapping Image Pixel, In: A. Hassanien, et al. (eds.): AMLTA 2019. AISC 921, Springer Cham, 645–655 (2020).
  • [5] Z. F. Khan, Automated Segmentation of Lung Parenchyma using Colour based Fuzzy C-Means Clustering, Springer J. of Electrical Engineering and Technology 14, 2163–2169 (2019).
  • [6] S. S. Shinde and D. Patil, Review on Security and Privacy For Mobile Healthcare Networks: From A Quality Of Protection Perspective, Int. J. of Engineering Research-Online Peer Reviewed International Journal, 3(6), (2015).
  • [7] K. Habib, A. Torjusen, and W. Leister, Security analysis of a patient monitoring system for the Internet of Things in eHealth, in Proceedings of the International Conference on eHealth, Telemedicine, and Social Medicine (eTELEMED’15), 73–80 (2015).
  • [8] Z. F. Khan, A. Kannan, Intelligent Approach for Segmenting CT Lung Images Using Fuzzy Logic with Bitplane, J. of Electrical Engineering and Technology 9, 1426-1436 (2014).
  • [9] Z. F. Khan, A. Kannan, Intelligent Segmentation of Medical images using Fuzzy Bitplane Thresholding, Measurement science and Review 14, 94–101 (2014).
  • [10] A. Manirabona, L. C. Fourati, S. Boudjit, Investigation on Healthcare Monitoring Systems: Innovative Services and Applications, Int. J. of E-Health and Medical Communications 8, 1–18 (2017).
  • [11] S. Han, S. Zhao, Q. Li, C.H. Ju, and W. Zhou, PPM-HDA: privacy-preserving and multifunctional health data aggregation with fault tolerance, IEEE Transactions on Information Forensics and Security 11, 1940–1955 (2016).
  • [12] J. Tang, A. Liu, M. Zhao, and T. Wang, An aggregate signature based trust routing for data gathering in sensor networks, Security and Communication Networks 2018, 1–30 (2018).
  • [13] W. Sun, Z. Cai, F. Liu et al., A survey of data mining technology on electronic medical records, in Proceedings of the International Conference on E-Health Networking, Application and Services, IEEE, 1–6 (2017).
  • [14] M. Shin, H. Jeon, Y. Ju, B. Lee, S. Jeong, Constructing RBAC based security model in u-healthcare service platform, Sci World J, 1–13 (2014).
  • [15] S. Chandrasekhar, A. Ibrahim, and M. Singhal, A novel access control protocol using proxy signatures for cloud-based health information exchange, Computers Security 67, 73–88 (2017).
  • [16] T.H. Bonab and M. Masdari, Security attacks in wireless body area networks: challenges and issues, Academie Royale Des Sciences D Outre-Mer Bulletin Des Seances 4, 100–107 (2015).
  • [17] C. Santos-Pereira et al., A secure RBAC mobile agent access control model for healthcare institutions, in Proceedings of the 26th IEEE International Symposium on Computer-Based Medical Systems (2013).
  • [18] N. Azeez, O. Ademolu, CyberProtector: Identifying Compromised URLs in Electronic Mails with Bayesian Classification, In: International Conference Computational Science and Computational Intelligence (CSCI), Las Vegas, NV,USA, 959–965 (2016).
  • [19] R. Gajanayake, R. Iannella, T. Sahama, Privacy Oriented Access Control for Electronic Health Records, e-Journal of Health Informatics 8, 175–186 (2014).
  • [20] T. MuthamilSelvan, B. Balamurugan, Comparative Performance Analysis of Various Classifiers for Cloud E-Health Users, Int. J. of E-Health and Medical Communications 10, 86–101 (2019).
  • [21] K. B. Wellington, Cyberattacks on Medical Devices and Hospital Networks: Legal Gaps and Regulatory Solutions, Santa Clara High Tech. L. J. 30, 139–198 (2013).
  • [22] F. Khennou, C. M. El Houda and Y. I. Khamlichi, A Mogration Methodology from Legacy to New Electronic Health Record based Open EHR, Int. J. of E-Health and Medical Communications 10, 55–75 (2019).
  • [23] J. Zhou, Z. Cao and X. Dong, BDK: secure and efficient biometric based deterministic key agreement in wireless body area networks, In: Proceedings of the 8th International Conference on Body Area Networks, 488–494 (2013).
  • [24] M. Gund, S. Andhalkar, D. Patil and V. M. Wadhai, An Intelligent Architecture for Multi-Agent Based m-Health Care System, Int. J. of Computer Trends and Technology 1, 1–5 (2011).