Browsing by Author "Dong, Yibin"

Now showing 1 - 4 of 4
  • Thumbnail Image
    Blockchain-Enabled Next Generation Access Control
    Dong, Yibin; Mun, Seong K.; Wang, Yue (Springer, 2022-01-01)
    In the past two decades, longitudinal personal health record (LPHR) adoption rate has been low in the United States. Patients’ privacy and security concerns was the primary negative factor impacting LPHR adoption. Patients desire to control the privacy of their own LPHR in multiple information systems at various facilities. However, little is known how to model and construct a scalable and interoperable LPHR with patient-controlled privacy and confidentiality that preserves patients’ health information integrity and availability. Understanding this problem and proposing a practical solution are considered important to increase LPHR adoption rate and improve the efficiency as well as the quality of care. Even though having the state-of-the-art encryption methodologies being applied to patients’ data, without a set of secure access control policies being implemented, LPHR patient data privacy is not guaranteed due to insider threats. We proposed a definition of “secure LPHR” and argued LPHR is secure when the security and privacy requirements are fulfilled through adopting an access control security model. In searching for an access control model, we enhanced the National Institute of Standards and Technology (NIST) next generation access control (NGAC) model by replacing the centralized access control policy database with a permissioned blockchain peer-to-peer database, which not only eases the race condition in NGAC, but also provides patient-managed access control policy update capability. We proposed a novel blockchain-enabled next generation access control (BeNGAC) model to protect security and privacy of LPHR. We sketched BeNGAC and LPHR architectures and identified limitations of the design.
  • Thumbnail Image
    Blockchain-enabled Secure and Trusted Personalized Health Record
    Dong, Yibin (Virginia Tech, 2022-12-20)
    Longitudinal personalized electronic health record (LPHR) provides a holistic view of health records for individuals and offers a consistent patient-controlled information system for managing the health care of patients. Except for the patients in Veterans Affairs health care service, however, no LPHR is available for the general population in the U.S. that can integrate the existing patients' electronic health records throughout life of care. Such a gap may be contributed mainly by the fact that existing patients' electronic health records are scattered across multiple health care facilities and often not shared due to privacy and security concerns from both patients and health care organizations. The main objective of this dissertation is to address these roadblocks by designing a scalable and interoperable LPHR with patient-controlled and mutually-trusted security and privacy. Privacy and security are complex problems. Specifically, without a set of access control policies, encryption alone cannot secure patient data due to insider threat. Moreover, in a distributed system like LPHR, so-called race condition occurs when access control policies are centralized while decisions making processes are localized. We propose a formal definition of secure LPHR and develop a blockchain-enabled next generation access control (BeNGAC) model. The BeNGAC solution focuses on patient-managed secure authorization for access, and NGAC operates in open access surroundings where users can be centrally known or unknown. We also propose permissioned blockchain technology - Hyperledger Fabric (HF) - to ease the shortcoming of race condition in NGAC that in return enhances the weak confidentiality protection in HF. Built upon BeNGAC, we further design a blockchain-enabled secure and trusted (BEST) LPHR prototype in which data are stored in a distributed yet decentralized database. The unique feature of the proposed BEST-LPHR is the use of blockchain smart contracts allowing BeNGAC policies to govern the security, privacy, confidentiality, data integrity, scalability, sharing, and auditability. The interoperability is achieved by using a health care data exchange standard called Fast Health Care Interoperability Resources. We demonstrated the feasibility of the BEST-LPHR design by the use case studies. Specifically, a small-scale BEST-LPHR is built for sharing platform among a patient and health care organizations. In the study setting, patients have been raising additional ethical concerns related to consent and granular control of LPHR. We engineered a Web-delivered BEST-LPHR sharing platform with patient-controlled consent granularity, security, and privacy realized by BeNGAC. Health organizations that holding the patient's electronic health record (EHR) can join the platform with trust based on the validation from the patient. The mutual trust is established through a rigorous validation process by both the patient and built-in HF consensus mechanism. We measured system scalability and showed millisecond-range performance of LPHR permission changes. In this dissertation, we report the BEST-LPHR solution to electronically sharing and managing patients' electronic health records from multiple organizations, focusing on privacy and security concerns. While the proposed BEST-LPHR solution cannot, expectedly, address all problems in LPHR, this prototype aims to increase EHR adoption rate and reduce LPHR implementation roadblocks. In a long run, the BEST-LPHR will contribute to improving health care efficiency and the quality of life for many patients.
  • Thumbnail Image
    Gene Selection for Multiclass Prediction by Weighted Fisher Criterion
    Xuan, Jianhua; Wang, Yue; Dong, Yibin; Feng, Yuanjian; Wang, Bin; Khan, Javed; Bakay, Maria; Wang, Zuyi; Pachman, Lauren; Winokur, Sara; Chen, Yi-Wen; Clarke, Robert; Hoffman, Eric P. (2007-07-10)
    Gene expression profiling has been widely used to study molecular signatures of many diseases and to develop molecular diagnostics for disease prediction. Gene selection, as an important step for improved diagnostics, screens tens of thousands of genes and identifies a small subset that discriminates between disease types. A two-step gene selection method is proposed to identify informative gene subsets for accurate classification of multiclass phenotypes. In the first step, individually discriminatory genes (IDGs) are identified by using one-dimensional weighted Fisher criterion (wFC). In the second step, jointly discriminatory genes (JDGs) are selected by sequential search methods, based on their joint class separability measured by multidimensional weighted Fisher criterion (wFC). The performance of the selected gene subsets for multiclass prediction is evaluated by artificial neural networks (ANNs) and/or support vector machines (SVMs). By applying the proposed IDG/JDG approach to two microarray studies, that is, small round blue cell tumors (SRBCTs) and muscular dystrophies (MDs), we successfully identified a much smaller yet efficient set of JDGs for diagnosing SRBCTs and MDs with high prediction accuracies (96.9% for SRBCTs and 92.3% for MDs, resp.). These experimental results demonstrated that the two-step gene selection method is able to identify a subset of highly discriminative genes for improved multiclass prediction.
  • Thumbnail Image
    Perspective Chapter: Blockchain-Enabled Trusted Longitudinal Health Record
    Dong, Yibin; Mun, Seong K.; Wang, Yue (2022-09)
    In the United States, longitudinal personal health record (LPHR) adoption rate has been low in the past two decades. Patients’ privacy and security concern is a major roadblock. Patients like to control the privacy and security of their own LPHR distributed across multiple information systems at various facilities. However, little is known how a scalable and interoperable LPHR can be constructed with patient-controlled security and privacy that both patients and providers trust. As an effort to increase LPHR adoption rate and improve the efficiency and quality of care, we propose a blockchain-enabled trusted LPHR (BET-LPHR) design in which security and privacy are protected while patients have full control of the access permissions. Two limitations associated with the proposed design are discussed. Options and practical resolutions are presented to stimulate future research.