ZTCloudGuard: Zero Trust Context-Aware Access Management Framework to Avoid Medical Errors in the Era of Generative AI and Cloud-Based Health Information Ecosystems
Managing access between large numbers of distributed medical devices has become a crucial aspect of modern healthcare systems, enabling the establishment of smart hospitals and telehealth infrastructure. However, as telehealth technology continues to evolve and Internet of Things (IoT) devices becom...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2024-07-01
|
| Series: | AI |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2673-2688/5/3/55 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850258793346105344 |
|---|---|
| author | Khalid Al-hammuri Fayez Gebali Awos Kanan |
| author_facet | Khalid Al-hammuri Fayez Gebali Awos Kanan |
| author_sort | Khalid Al-hammuri |
| collection | DOAJ |
| description | Managing access between large numbers of distributed medical devices has become a crucial aspect of modern healthcare systems, enabling the establishment of smart hospitals and telehealth infrastructure. However, as telehealth technology continues to evolve and Internet of Things (IoT) devices become more widely used, they are also increasingly exposed to various types of vulnerabilities and medical errors. In healthcare information systems, about 90% of vulnerabilities emerge from medical error and human error. As a result, there is a need for additional research and development of security tools to prevent such attacks. This article proposes a zero-trust-based context-aware framework for managing access to the main components of the cloud ecosystem, including users, devices, and output data. The main goal and benefit of the proposed framework is to build a scoring system to prevent or alleviate medical errors while using distributed medical devices in cloud-based healthcare information systems. The framework has two main scoring criteria to maintain the chain of trust. First, it proposes a critical trust score based on cloud-native microservices for authentication, encryption, logging, and authorizations. Second, a bond trust scoring system is created to assess the real-time semantic and syntactic analysis of attributes stored in a healthcare information system. The analysis is based on a pre-trained machine learning model that generates the semantic and syntactic scores. The framework also takes into account regulatory compliance and user consent in the creation of the scoring system. The advantage of this method is that it applies to any language and adapts to all attributes, as it relies on a language model, not just a set of predefined and limited attributes. The results show a high <inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><mrow><mi>F</mi><mn>1</mn></mrow></semantics></math></inline-formula> score of 93.5%, which proves that it is valid for detecting medical errors. |
| format | Article |
| id | doaj-art-eec08526b58c4038acbaebb98dd99ef0 |
| institution | OA Journals |
| issn | 2673-2688 |
| language | English |
| publishDate | 2024-07-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | AI |
| spelling | doaj-art-eec08526b58c4038acbaebb98dd99ef02025-08-20T01:56:02ZengMDPI AGAI2673-26882024-07-01531111113110.3390/ai5030055ZTCloudGuard: Zero Trust Context-Aware Access Management Framework to Avoid Medical Errors in the Era of Generative AI and Cloud-Based Health Information EcosystemsKhalid Al-hammuri0Fayez Gebali1Awos Kanan2Department of Electrical and Computer Engineering, University of Victoria, Victoria, BC V8W 2Y2, CanadaDepartment of Electrical and Computer Engineering, University of Victoria, Victoria, BC V8W 2Y2, CanadaDepartment of Computer Engineering, Princess Sumaya University for Technology, Amman 11941, JordanManaging access between large numbers of distributed medical devices has become a crucial aspect of modern healthcare systems, enabling the establishment of smart hospitals and telehealth infrastructure. However, as telehealth technology continues to evolve and Internet of Things (IoT) devices become more widely used, they are also increasingly exposed to various types of vulnerabilities and medical errors. In healthcare information systems, about 90% of vulnerabilities emerge from medical error and human error. As a result, there is a need for additional research and development of security tools to prevent such attacks. This article proposes a zero-trust-based context-aware framework for managing access to the main components of the cloud ecosystem, including users, devices, and output data. The main goal and benefit of the proposed framework is to build a scoring system to prevent or alleviate medical errors while using distributed medical devices in cloud-based healthcare information systems. The framework has two main scoring criteria to maintain the chain of trust. First, it proposes a critical trust score based on cloud-native microservices for authentication, encryption, logging, and authorizations. Second, a bond trust scoring system is created to assess the real-time semantic and syntactic analysis of attributes stored in a healthcare information system. The analysis is based on a pre-trained machine learning model that generates the semantic and syntactic scores. The framework also takes into account regulatory compliance and user consent in the creation of the scoring system. The advantage of this method is that it applies to any language and adapts to all attributes, as it relies on a language model, not just a set of predefined and limited attributes. The results show a high <inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><mrow><mi>F</mi><mn>1</mn></mrow></semantics></math></inline-formula> score of 93.5%, which proves that it is valid for detecting medical errors.https://www.mdpi.com/2673-2688/5/3/55access managementzero-trustdistributed medical devicescloudhealth information systemmedical errors |
| spellingShingle | Khalid Al-hammuri Fayez Gebali Awos Kanan ZTCloudGuard: Zero Trust Context-Aware Access Management Framework to Avoid Medical Errors in the Era of Generative AI and Cloud-Based Health Information Ecosystems AI access management zero-trust distributed medical devices cloud health information system medical errors |
| title | ZTCloudGuard: Zero Trust Context-Aware Access Management Framework to Avoid Medical Errors in the Era of Generative AI and Cloud-Based Health Information Ecosystems |
| title_full | ZTCloudGuard: Zero Trust Context-Aware Access Management Framework to Avoid Medical Errors in the Era of Generative AI and Cloud-Based Health Information Ecosystems |
| title_fullStr | ZTCloudGuard: Zero Trust Context-Aware Access Management Framework to Avoid Medical Errors in the Era of Generative AI and Cloud-Based Health Information Ecosystems |
| title_full_unstemmed | ZTCloudGuard: Zero Trust Context-Aware Access Management Framework to Avoid Medical Errors in the Era of Generative AI and Cloud-Based Health Information Ecosystems |
| title_short | ZTCloudGuard: Zero Trust Context-Aware Access Management Framework to Avoid Medical Errors in the Era of Generative AI and Cloud-Based Health Information Ecosystems |
| title_sort | ztcloudguard zero trust context aware access management framework to avoid medical errors in the era of generative ai and cloud based health information ecosystems |
| topic | access management zero-trust distributed medical devices cloud health information system medical errors |
| url | https://www.mdpi.com/2673-2688/5/3/55 |
| work_keys_str_mv | AT khalidalhammuri ztcloudguardzerotrustcontextawareaccessmanagementframeworktoavoidmedicalerrorsintheeraofgenerativeaiandcloudbasedhealthinformationecosystems AT fayezgebali ztcloudguardzerotrustcontextawareaccessmanagementframeworktoavoidmedicalerrorsintheeraofgenerativeaiandcloudbasedhealthinformationecosystems AT awoskanan ztcloudguardzerotrustcontextawareaccessmanagementframeworktoavoidmedicalerrorsintheeraofgenerativeaiandcloudbasedhealthinformationecosystems |