Enhancing security in E-health services using agent

摘要

Electronic health (or e-health) and any other e-services use the Internet to enhance healthcare service deliveries. However, while the Internet greatly facilitates and enhances these services, significant threats also come in parallel. Network attacks, information privacy breaches, and malicious software are common types of threats to Internet communication, which can cause damage to computer systems and the information. It is imperative that online communication is secure. Many security mechanisms exist to secure e-services, such as authentication, data integrity, non repudiation, and SSL to provide data confidentiality. However, while these mechanisms have greatly provide security protection, they do not cater for the requirements, which are to provide an automated and a flexible way for the security system to handle (1) end users with lack of security knowledge, and (2) for two communication users in different environments, such as PC to PDA communications. This paper aims to present the advantages of multi-agent system (MAS) to provide better techniques to handle and enhance security processes in the traditional non-agent based systems, to secure services particularly in e-health. The agents are skilled with knowledge to handle the security processes. Mobile agents are used as supporting tools to carry sensitive data from the Sender's side to the Recipient's side. Cryptographic protocols are used to secure the data as well as the mobile agent code. We compare the architectures of both traditional non-agent based approach with our agent-based approach (called MAgSeM) and analyze the results in terms of how the agent can support the automation of the process, how agents help to reduce the burden on the recipient side, and the reusable characteristic of the agent's code. We conclude that MAgSeM has advantages compare to the non-agent based approach.