Presentation is loading. Please wait.

Presentation is loading. Please wait.

Research Paper Presentation Software Engineering in agent systems.

Published byAlice Clark Modified over 8 years ago

Similar presentations

Presentation on theme: "Research Paper Presentation Software Engineering in agent systems."— Presentation transcript:

1 Research Paper Presentation Software Engineering in agent systems

2 Goal and Motivation Goal Secure communication using PKI, JADE-S Authentication using JAAS Access authorization with policy rules Motivation Providing a DSS that assists physician to classify different cases Providing an approach to security issues arisen from the distributed locations of healthcare facilities Conforming to ethical regulations for handling patients’ health data

3 UK Data Protection Act 1998 Principles “Personal data shall be processed fairly and lawfully,” …and under listed conditions. Patients’ records are for diagnosis or training classifiers only. “Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.”

4 UK Data Protection Act 1998 Principles “Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.” Anonymised data with link-id are used for training. “Personal data shall be accurate and, where necessary, kept up to date.”

5 UK Data Protection Act 1998 Principles “Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.” All training cases will be discarded when the training phase of a classifier is over.

6 UK Data Protection Act 1998 Principles “Personal data shall be processed in accordance with the rights of data subjects under this Act.” Patients can request to withdraw from providing their case data and the data will be removed from corresponding databases.

7 UK Data Protection Act 1998 Principles “Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.” Clinical centers enforce their access policy to conform with the above principle.

8 UK Data Protection Act 1998 Principles “Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.” The network of this project is within the EU boundary, and data provided outside the boundary will be anonymised and protected with an agreement conforming to the principles.

9 The architecture A distributed network containing 60 different centers Figure 1 from Xiao, L., Lewis, P., Gibb, A.: Developing a Security Protocol for a Distributed Decision Support System in a Healthcare Environment. In: 30th International Conference on Software Engineering, pp. 673–682. ACM, New York (2008) A Yellow Page Agent contains a list of trusted principals, which a principal will be verified by Jade Security Service Agent against their access levels (0-9) if a resource or service is requested by the principal. The functional and security requirements can be maintained separately, and the functionality and security are integrated to perform a particular role.

10 Access Sensibility Level “0. Update a private patient record: often only available to the patient’s principle physician.” “1. Read a private patient record: also available to the producers of specific classifiers.” “2. Read a public anonymised patient record: available to classifier producers and under agreements to other hospitals in the HealthAgents network.” “3. Create a classifier: available to specific experienced clinicians with sufficient power who may allow the classifier producers to access required anonymised data and later set the publicity of the classifier.” “4. Update a classifier reputation: available to experienced clinicians who have executed that classifier upon a case and the accurate diagnosis result is known to them at that moment.” “5. Execute a local classifier: often available to local hospitals.” “6. Execute a global classifier: available to all hospitals in the HealthAgents network.” “7. Invoke a system service (Yellow Pages, etc.): may open even to hospitals outside of the HealthAgents network, this allows them to gain better knowledge of the available resources inside the network so they may want to join in later.” This list of access sensibility level is cited from Xiao, L., Lewis, P., Gibb, A.: Developing a Security Protocol for a Distributed Decision Support System in a Healthcare Environment. In: 30th International Conference on Software Engineering, pp. 673–682. ACM, New York (2008)

11 The Secure Messages Figure 6 from Xiao, L., Lewis, P., Gibb, A.: Developing a Security Protocol for a Distributed Decision Support System in a Healthcare Environment. In: 30th International Conference on Software Engineering, pp. 673–682. ACM, New York (2008) The handleMessage() in the HealthAgent sends or recieves message using the methods in JadeMessagingService, and the JadeSecurityService would encrypt or decrypt the message. The protocol compacting the message is Lightweight Coordination Calculus. A message sent has to be signed and encrypted by a sender from the trust list or will be deleted. The Jade Security Service Agent provide services to both Yellow Page Agent and the Jade Security Service class.

12 Authentication & Authorisation Figure 7 from Xiao, L., Lewis, P., Gibb, A.: Developing a Security Protocol for a Distributed Decision Support System in a Healthcare Environment. In: 30th International Conference on Software Engineering, pp. 673–682. ACM, New York (2008) The secure message passing is meaningless without authenticating the senders and receivers, and a LoginModule prompts for a username and a password to identify the principal. The agent interaction model describes the following scenario: a clinician created a classifier as no existing classifier is available, and the clinician evaluate the result given by the new classifier. After the diagnoisis is confirmed, the clinician then updates the patient record and the rank of the classifier.

13 Reviews Strengths Conformance to UK Data Protection Act An architecture allowing the addition of new classifiers. Training classifiers with anonymised data Introduction of resource access levels The use of local and global access policy Private records only available for local access

14 Reviews Shortcomings A patient’s case data used to train a classifier, and that classifier is not updated when that patient requests to remove his or her data. Section 5.5 and Figure 5 are missing.

15 Reference Xiao, L., Lewis, P., Gibb, A.: Developing a Security Protocol for a Distributed Decision Support System in a Healthcare Environment. In: 30th International Conference on Software Engineering, pp. 673–682. ACM, New York (2008)

Download ppt "Research Paper Presentation Software Engineering in agent systems."

Similar presentations

Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.

Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.
Legal & Regulatory Compliance. Overview What types of information should be included? What issues or problems might there be? What benefits could be obtained?

Legal & Regulatory Compliance. Overview What types of information should be included? What issues or problems might there be? What benefits could be obtained?
NATIONAL INFORMATION GOVERNANCE BOARD

NATIONAL INFORMATION GOVERNANCE BOARD
Administrative Systems and the Law What you need to know to produce an oral presentation for Unit 7 When the presentations will take place Resources you.

Administrative Systems and the Law What you need to know to produce an oral presentation for Unit 7 When the presentations will take place Resources you.
TEAM 4 Case Study Mauritius: Mrs Nandini Kissoon-Luckputtya

TEAM 4 Case Study Mauritius: Mrs Nandini Kissoon-Luckputtya
Archive, Records Management and Museum Services Confidentiality, Personal Data and the Data Protection Act 1998 Alan R Bell Records Manager and Information.

Archive, Records Management and Museum Services Confidentiality, Personal Data and the Data Protection Act 1998 Alan R Bell Records Manager and Information.
1 1 30th International Conference on Software Engineering Leipzig, Germany, 10 - 18 May 2008 Dr. Liang Xiao University of Southampton United Kingdom Developing.

1 1 30th International Conference on Software Engineering Leipzig, Germany, May 2008 Dr. Liang Xiao University of Southampton United Kingdom Developing.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Getting data sharing right for every child

Getting data sharing right for every child
Data Protection & Freedom of Information The Practical Implications of Data Protection and Freedom of Information Caroline Dominey Data Protection Officer.

Data Protection & Freedom of Information The Practical Implications of Data Protection and Freedom of Information Caroline Dominey Data Protection Officer.
1 Pertemuan 7 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

1 Pertemuan 7 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.

University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.
Duncan Woodhouse – Assistant Registrar for Information Security, Risk Management and Business Continuity Helen Wollerton – Administrative Officer (Legal.

Duncan Woodhouse – Assistant Registrar for Information Security, Risk Management and Business Continuity Helen Wollerton – Administrative Officer (Legal.
A European View of Privacy Protection John Woulds Director of Operations UK Data Protection Commissioner National Conference on Privacy, Technology & Criminal.

A European View of Privacy Protection John Woulds Director of Operations UK Data Protection Commissioner National Conference on Privacy, Technology & Criminal.
DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales  2074 6677  2074 5626 

DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales   
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview

Data Protection Overview
The Data Protection Act

The Data Protection Act
 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.

 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.
CENTRAL SCOTLAND POLICE Data Protection & Information Security Stuart Macfarlane Information Governance Unit Police Service of Scotland.

CENTRAL SCOTLAND POLICE Data Protection & Information Security Stuart Macfarlane Information Governance Unit Police Service of Scotland.

Similar presentations

Ads by Google