Skip to main content Accessibility help

The design and implementation of a novel security model for HealthAgents


In this paper, we analyze the special security requirements for software support in health care and the HealthAgents system in particular. Our security solution consists of a link-anonymized data scheme, a secure data transportation service, a secure data sharing and collection service, and a more advanced access control mechanism. The novel security service architecture, as part of the integrated system architecture, provides a secure health-care infrastructure for HealthAgents and can be easily adapted for other health-care applications.



Hide All
Anderson, R. 1996. Clinical system security: interim guidelines. British Medical Journal 312, 109112.
Anderson, R. 2001. Undermining data privacy in health information. British Medical Journal 322, 442443.
Bray, F., Sankila, R., Ferlay, J., Parkin, D. 2002. Estimates of cancer incidence and mortality in Europe in 1995. European Journal of Cancer 38(1), 99166.
Calam, D. (n.d.) Information governance—security, confidentiality and patient identifiable information. URL:
CCRA. 2006. Common criteria for information technology security evaluation. URL:
Choe, J., Yoo, S. K. 2008. Web-based secure access from multiple patient repositories. International Journal of Medical Informatics 77(4), 242248.
Croitoru, M., Xiao, L., Dupplaw, D., Lewis, P. 2008. Expressive security policy rules using layered conceptual graphs. Knowledge-based System 21(3), 209216.
GMSC/RCGP. 1988. GMSC and RCGP Guidelines for the Extraction and Use of Data from General Practitioner Computer Systems by Organisations External to the Practice. Technical report, GMSC/RCGP Joint Computer Group.
González-Vélez, H., Mier, M., Julià-Sapé, M., Arvanitis, T. N., García-Gómez, J. M., Robles, M., Lewis, P. H., Dasmahapatra, S., Dupplaw, D., Peet, A., Arús, C., Celda, B., Huffel, S., Lluch-Ariet, M. 2009. Healthagents: distributed multi-agent brain tumour diagnosis and prognosis. Applied Intelligence 30(3), 191202.
Gritzalis, D., Lambrinoudakis, C. 2004. A security architecture for interconnecting health information systems. International Journal of Medical Informatics 73(3), 305309.
Hawker, A. 1995. Confidentiality of personal information: a patient survey. Journal of Informatics in Primary Care March, 1619.
IEEE. 1996. IEEE Guide for Software Quality Assurance Planning.
Keese, J., Motzo, L. 2005. Pro-active approach to malware for healthcare information and imaging systems. International Congress Series 1281, 943947.
Kirn, S., Heine, C., Herrler, R., Krempels, K.-H. 2003. Agent.Hospital—agent-based open framework for clinical applications. IEEE International Workshops on Enabling Technologies, 36. doi/10.1109/ENABL.2003.1231379.
NIST. 2006. Minimum Security Requirements for Federal Information and Information Systems. Technical report, National Institute of Standards and Technology.
Pfleeger, C., Pfleeger, S. 2002. Security in Computing, 3rd edn. Prentice Hall.
Robertson, D. 2004. A lightweight coordination calculus for agent systems. In Declarative Agent Languages and Technologies Lecture Notes in Computer Science 3476, 183–197. Springer.
Sandhu, R. S., Coyne, E. J., Feinstein, H. L., Youman, C. E. 1996. Role-based access control models. IEEE Computer 29(2), 3847.
Smith, S. W. 2003. Humans in the loop: human–computer interaction and security. IEEE Security and Privacy 1(3), 7579.
Xiao, L., Greer, D. 2007. Towards agent-oriented model-driven architecture. European Journal of Information Systems 16(4), 390406.
Xiao, L., Greer, D. 2009. Adaptive agent model: software adaptivity using an agent-oriented model-driven architecture. Information and Software Technology 51(1), 109137.
Xiao, L., Lewis, P., Gibb, A. 2008a. Developing a security protocol for a distributed decision support system in a healthcare environment. In ICSE '08: Proceedings of the 30th International Conference on Software Engineering, ACM, New York, NY, USA, 673682.
Xiao, L., Lewis, P. H., Dasmahapatra, S. 2008b. Secure interaction models for the HealthAgents system. In ‘SAFECOMP’, Springer, 167–180.
Xiao, L., Peet, A., Lewis, P., Dashmapatra, S., Saez, C., Croitoru, M., Vicente, J., González-Vélez, H., Lluch i Ariet, M. 2007. An adaptive security model for multi-agent systems and application to a clinical trials environment. In Computer Software and Applications Conference, 2007. COMPSAC 2007. 31st Annual International, 2, 261–268.
Zhang, L., Ahn, G.-J., Chu, B.-T. 2002. A role-based delegation framework for healthcare information systems. In SACMAT '02: Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, 125134.

The design and implementation of a novel security model for HealthAgents


Full text views

Total number of HTML views: 0
Total number of PDF views: 0 *
Loading metrics...

Abstract views

Total abstract views: 0 *
Loading metrics...

* Views captured on Cambridge Core between <date>. This data will be updated every 24 hours.

Usage data cannot currently be displayed