Restricted Research - Award List, Note/Discussion Page

Fiscal Year: 2018

2025  The University of Texas at San Antonio  (75843)

Principal Investigator: Chen, Qian (Principal Investigator)  

Total Amount of Contract, Award, or Gift (Annual before 2011): $ 280,221

Exceeds $250,000 (Is it flagged?): Yes

Start and End Dates: 9/1/17 - 8/31/20

Restricted Research: YES


Department, Center, School, or Institute: Cyber Center for Security and Analytics (CCSA)  

Title of Contract, Award, or Gift: RIA:Towards Realizing a Self-Protecting Healthcare Information System for the Internet of Medical Things

Name of Granting or Contracting Agency/Entity: Natl Science Fdn

Program Title: N/A
CFDA Linked: Education and Human Resources


With the fast development of information and communication technologies over the past decade, Healthcare Information Systems (HIS) has been widely implemented for health stakeholders to access, modify, and share Electronic Health Records (EHR) with a low cost of the facility, data, and application maintenance. Due to the high value of healthcare data and lack of investment in cyber security, vulnerabilities of HISs, especially data of EHR systems, are exposed to attackers. Recent cyber attacks that compromised HISs have had catastrophic impacts on information security, national economic security and public health or safety. The biggest barriers of healthcare organizations to mitigate cyber security events are lack of financial resources and appropriate cyber security professionals. The large amount of emerging threats and the complex nature of current network infrastructure make HIS protection even harder. The PI's long-term research goal is to realize self-protecting information systems in all 16 critical infrastructure sectors. This work develops an autonomic security management framework and applies the framework to realize a self-protecting HIS. The comprehensive self-protection will enable HISs to autonomously assess their potential security risks, initiate prevention mechanisms, detect realtime intrusions and react to cyber attacks and eventually maintain HIS normal performance and enhance patient data security and privacy. The Self-Protecting Healthcare Information System (SPHIS) is expected to help solve the current barriers in healthcare cyber security. The SPHIS approach is cost-effective. It defends the HIS in depth and learns zero-day attack patterns with little or no human intervention. Thus, the application of the SPHIS into healthcare organizations will help to decrease financial commitments to mitigating such attacks. Moreover, fewer cyber security professionals will be required to secure the HISs, which will leverage the current cyber security workforce and lessen HIS management errors caused by humans.

Discussion: No discussion notes


Close Window