Kambombo Mtonga | University Of Rwanda (original) (raw)
Uploads
Papers by Kambombo Mtonga
Due to overcrowding in hospital waiting rooms, queue abandonment by frustrated patients remains a... more Due to overcrowding in hospital waiting rooms, queue abandonment by frustrated patients remains a great problem. In the out-patient department, patients are normally served on a first-come-first-serve policy. Since there exists a distance decay association, whereby patients living further away from healthcare facilities experience worse health outcomes, it is these patients that are likely to return home without medical assistance. In the developing world, health facilities are few and scattered such that patients walk long distance to reach to the nearest health center. Triage can play an important role to ensure that such patients have a better chance to access medical care. Unfortunately, all the existing triage systems do not consider patient distance. In this paper, we propose a distance integrated triage system. We propose using patient distance as a queue shuffling variable. The patient’s vitals are captured by a kit of bio-sensors. This is unlike the existing triage systems that are associated with mis-triage due to lack of discriminator use or numerical miscalculations. Our work is based on the Charlotte Maxeke Johannesburg Academic Hospital triage system which is based on the Cape Triage System.
Future Internet-1999-5903, 2019
A mismatch between staffing ratios and service demand leads to overcrowding of patients in waitin... more A mismatch between staffing ratios and service demand leads to overcrowding of patients in waiting rooms of health centers. Overcrowding consequently leads to excessive patient waiting times, incomplete preventive service delivery and disgruntled medical staff. Worse, due to the limited patient load that a health center can handle, patients may leave the clinic before the medical examination is complete. It is true that as one health center may be struggling with an excessive patient load, another facility in the vicinity may have a low patient turn out. A centralized hospital management system, where hospitals are able to timely exchange patient load information would allow excess patient load from an overcrowded health center to be reassigned in a timely way to the nearest health centers. In this paper, a machine learning-based patient load prediction model for forecasting future patient loads is proposed. Given current and historical patient load data as inputs, the model outputs future predicted patient loads. Furthermore, we propose reassigning excess patient loads to nearby facilities that have minimal load as a way to control overcrowding and reduce the number of patients that leave health facilities without receiving medical care as a result of overcrowding. The reassigning of patients will imply a need for transportation for the patient to move from one facility to another. To avoid putting a further strain on the already fragmented ambulatory services, we assume the existence of a scheduled bus system and propose an Internet of Things (IoT) integrated smart bus system. The developed IoT system can be tagged on buses and can be queried by patients through representation state transfer application program interfaces (APIs) to provide them with the position of the buses through web app or SMS relative to their origin and destination stop. The back end of the proposed system is based on message queue telemetry transport, which is lightweight, data efficient and scalable, unlike the traditionally used hypertext transfer protocol.
Lecture Notes in Electrical Engineering, 2013
Peer-to-Peer Networking and Applications, 2014
ABSTRACT The remote health monitoring system enables a doctor to diagnose and monitor health prob... more ABSTRACT The remote health monitoring system enables a doctor to diagnose and monitor health problems anywhere for a patient. However, since the patient health information is very sensitive and the Internet is unsecure and prone to many attacks, data can be easily compromised by adversaries. Worse, the mobile phone is also easy to be compromised. Clearly, these issues have brought different privacy and security requirements in wireless healthcare. To address these challenging issues, in this paper, we propose an efficient privacy-preserving authentication scheme with adaptive key evolution, which can prevent illegal access to the patient’s vital signs. Furthermore, we model the leakage process of the key information to set proper key renewal interval, which can adaptively control the key evolution to balance the trade-off between the communication efficiency and security level. The security analysis demonstrates that our scheme can achieve authenticated key agreement, perfect and strong key insulation, privacy preservation, and other important security goals, e.g. authenticity, integrity and freshness of transmitted messages. The performance evaluation shows that our scheme is computationally efficient for the typical mobile phone with limited resources, and it has low communication overhead.
With the evolution of Wireless Medical Sensor Networks (WMSNs), real-time remote patient monitori... more With the evolution of Wireless Medical Sensor Networks (WMSNs), real-time remote patient monitoring has become more feasible than ever before. Different sensors can be used e.g. at home to monitor patient’s vital signs such as pulse, respiration and blood pressure. However, given the distributed nature of WMSNs for remote patient monitoring, there is a greater challenge in ensuring data security, integrity, confidentiality and access control. This is because the transmission of personal and medical information is done over insecure communication channels i.e. the Internet. At the same time, patient’s physiological data are highly sensitive and remote patient monitoring systems are extremely vulnerable to many attacks. Since there is great need to access the real-time data inside WMSN nodes, proper authentication of entities (e.g. health personnel) must be ensured before allowing them access. To this end, this paper proposes a pairing based authentication and key establishment scheme for remote patient monitoring systems. The scheme is two-factor i.e. combines smartcard and password, and achieves various desirable properties such as mutual authentication, strong access control, patient identity privacy, patient un-traceability, replay attack resistance and forward secrecy.
In the existing proxy re -encryption schemes, the delegatee can decrypt all the ciphertexts for... more In the existing proxy re -encryption schemes, the delegatee can decrypt all the ciphertexts for the delegator after re -encryption by the proxy. In order to imp lement fine -grained access control policies, the delegator needs to either use multiple key pairs or trust the proxy to behave honestly. In practice however, this trust assumption might be unrealistic because the proxy can be corrupted. On the other hand, in type -based proxy re-encryption, the delegator can categorize his/her messages into different types and delegate the decryption right of each type to the delegatee through a pro xy. Hence type -based proxy re-encryption enables the delegator to imp lement fine -grained
policies with one key pair without any additional trust on the proxy. However, in so me applications ,the time (e.g. date, month, year) within wh ich the data was samp led or collected is very critical. In such applications, e.g. healthcare and criminal investigations, the delegatee may be interested in only some of the messages with so me type sampled within some time bound instead of the entire subset. Hence in order to carter for such situations,in this paper we propose a time-and- identity -based proxy re-encryption scheme that takes into account thetime within which the data was collected as a factor to consider when categorizing data in addition to its type . Our scheme is based on Boneh and Boyen identity-based scheme (BB- IBE) and Matsuo ’s pro xy re -encryption s cheme for identity based encryption (IBE to IBE). We prove our scheme semantically secure in the standard model.
Mobile RFID is a new application that uses a mobile phone as an RFID reader with wireless technol... more Mobile RFID is a new application that uses a mobile phone as an RFID reader with wireless technology and provides a new valuable service to users by integrating RFID and ubiquitous sensor network infrastructures with mobile communication and wireless Internet. Whereas the mobile RFID system has many advantages, privacy violation problems on the reader side are very concerning to individuals and researchers. Unlike in regular RFID environments, where the communication channel between the server and reader is assumed to be secure, the communication channel between the backend server and the RFID reader in the mobile RFID system is not assumed to be safe. Therefore it has become necessary to devise a new communication protocol that secures the privacy of mobile RFID-enabled devices. Recently, Lo et al. proposed a mutual key agreement protocol that secures the authenticity and privacy of engaged mobile RFID readers by constructing a secure session key between the reader and server. However, this paper shows that this protocol does not meet all of the necessary security requirements. Therefore we developed an enhanced mutual key agreement protocol for mobile RFID-enabled devices that alleviates these concerns. We further show that our protocol can enhance data security and provide privacy protection for the reader in an unsecured mobile RFID environment, even in the presence of an active adversary.
Key agreement protocols allow multi-parties exchanging public information to create a common secr... more Key agreement protocols allow multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. Since Joux first published the pairing-based one round tripartitekey agreement protocol, many authenticated protocols have been proposed. Unfortunately, many of them have been broken while others have been shown to be deficient in some desirable security attributes. In 2004, Cheng et al. presented two protocols aimed at strengthening Shim’s certificate-based and Zhang et al.’s tripartite identitybased protocols. This paper reports that 1) In Cheng et al.’s identity-based protocol, an adversary can extract long-term private keys of all the parties involved; and 2) Cheng et al.’s certificationbased protocol is weak against key integrity attacks. This paper suggests possible remedies for the security flaws in both protocols and then presents a modified Cheng et al.’s identity-based, oneround tripartite protocol that is more secure than the original protocol.
Due to overcrowding in hospital waiting rooms, queue abandonment by frustrated patients remains a... more Due to overcrowding in hospital waiting rooms, queue abandonment by frustrated patients remains a great problem. In the out-patient department, patients are normally served on a first-come-first-serve policy. Since there exists a distance decay association, whereby patients living further away from healthcare facilities experience worse health outcomes, it is these patients that are likely to return home without medical assistance. In the developing world, health facilities are few and scattered such that patients walk long distance to reach to the nearest health center. Triage can play an important role to ensure that such patients have a better chance to access medical care. Unfortunately, all the existing triage systems do not consider patient distance. In this paper, we propose a distance integrated triage system. We propose using patient distance as a queue shuffling variable. The patient’s vitals are captured by a kit of bio-sensors. This is unlike the existing triage systems that are associated with mis-triage due to lack of discriminator use or numerical miscalculations. Our work is based on the Charlotte Maxeke Johannesburg Academic Hospital triage system which is based on the Cape Triage System.
Future Internet-1999-5903, 2019
A mismatch between staffing ratios and service demand leads to overcrowding of patients in waitin... more A mismatch between staffing ratios and service demand leads to overcrowding of patients in waiting rooms of health centers. Overcrowding consequently leads to excessive patient waiting times, incomplete preventive service delivery and disgruntled medical staff. Worse, due to the limited patient load that a health center can handle, patients may leave the clinic before the medical examination is complete. It is true that as one health center may be struggling with an excessive patient load, another facility in the vicinity may have a low patient turn out. A centralized hospital management system, where hospitals are able to timely exchange patient load information would allow excess patient load from an overcrowded health center to be reassigned in a timely way to the nearest health centers. In this paper, a machine learning-based patient load prediction model for forecasting future patient loads is proposed. Given current and historical patient load data as inputs, the model outputs future predicted patient loads. Furthermore, we propose reassigning excess patient loads to nearby facilities that have minimal load as a way to control overcrowding and reduce the number of patients that leave health facilities without receiving medical care as a result of overcrowding. The reassigning of patients will imply a need for transportation for the patient to move from one facility to another. To avoid putting a further strain on the already fragmented ambulatory services, we assume the existence of a scheduled bus system and propose an Internet of Things (IoT) integrated smart bus system. The developed IoT system can be tagged on buses and can be queried by patients through representation state transfer application program interfaces (APIs) to provide them with the position of the buses through web app or SMS relative to their origin and destination stop. The back end of the proposed system is based on message queue telemetry transport, which is lightweight, data efficient and scalable, unlike the traditionally used hypertext transfer protocol.
Lecture Notes in Electrical Engineering, 2013
Peer-to-Peer Networking and Applications, 2014
ABSTRACT The remote health monitoring system enables a doctor to diagnose and monitor health prob... more ABSTRACT The remote health monitoring system enables a doctor to diagnose and monitor health problems anywhere for a patient. However, since the patient health information is very sensitive and the Internet is unsecure and prone to many attacks, data can be easily compromised by adversaries. Worse, the mobile phone is also easy to be compromised. Clearly, these issues have brought different privacy and security requirements in wireless healthcare. To address these challenging issues, in this paper, we propose an efficient privacy-preserving authentication scheme with adaptive key evolution, which can prevent illegal access to the patient’s vital signs. Furthermore, we model the leakage process of the key information to set proper key renewal interval, which can adaptively control the key evolution to balance the trade-off between the communication efficiency and security level. The security analysis demonstrates that our scheme can achieve authenticated key agreement, perfect and strong key insulation, privacy preservation, and other important security goals, e.g. authenticity, integrity and freshness of transmitted messages. The performance evaluation shows that our scheme is computationally efficient for the typical mobile phone with limited resources, and it has low communication overhead.
With the evolution of Wireless Medical Sensor Networks (WMSNs), real-time remote patient monitori... more With the evolution of Wireless Medical Sensor Networks (WMSNs), real-time remote patient monitoring has become more feasible than ever before. Different sensors can be used e.g. at home to monitor patient’s vital signs such as pulse, respiration and blood pressure. However, given the distributed nature of WMSNs for remote patient monitoring, there is a greater challenge in ensuring data security, integrity, confidentiality and access control. This is because the transmission of personal and medical information is done over insecure communication channels i.e. the Internet. At the same time, patient’s physiological data are highly sensitive and remote patient monitoring systems are extremely vulnerable to many attacks. Since there is great need to access the real-time data inside WMSN nodes, proper authentication of entities (e.g. health personnel) must be ensured before allowing them access. To this end, this paper proposes a pairing based authentication and key establishment scheme for remote patient monitoring systems. The scheme is two-factor i.e. combines smartcard and password, and achieves various desirable properties such as mutual authentication, strong access control, patient identity privacy, patient un-traceability, replay attack resistance and forward secrecy.
In the existing proxy re -encryption schemes, the delegatee can decrypt all the ciphertexts for... more In the existing proxy re -encryption schemes, the delegatee can decrypt all the ciphertexts for the delegator after re -encryption by the proxy. In order to imp lement fine -grained access control policies, the delegator needs to either use multiple key pairs or trust the proxy to behave honestly. In practice however, this trust assumption might be unrealistic because the proxy can be corrupted. On the other hand, in type -based proxy re-encryption, the delegator can categorize his/her messages into different types and delegate the decryption right of each type to the delegatee through a pro xy. Hence type -based proxy re-encryption enables the delegator to imp lement fine -grained
policies with one key pair without any additional trust on the proxy. However, in so me applications ,the time (e.g. date, month, year) within wh ich the data was samp led or collected is very critical. In such applications, e.g. healthcare and criminal investigations, the delegatee may be interested in only some of the messages with so me type sampled within some time bound instead of the entire subset. Hence in order to carter for such situations,in this paper we propose a time-and- identity -based proxy re-encryption scheme that takes into account thetime within which the data was collected as a factor to consider when categorizing data in addition to its type . Our scheme is based on Boneh and Boyen identity-based scheme (BB- IBE) and Matsuo ’s pro xy re -encryption s cheme for identity based encryption (IBE to IBE). We prove our scheme semantically secure in the standard model.
Mobile RFID is a new application that uses a mobile phone as an RFID reader with wireless technol... more Mobile RFID is a new application that uses a mobile phone as an RFID reader with wireless technology and provides a new valuable service to users by integrating RFID and ubiquitous sensor network infrastructures with mobile communication and wireless Internet. Whereas the mobile RFID system has many advantages, privacy violation problems on the reader side are very concerning to individuals and researchers. Unlike in regular RFID environments, where the communication channel between the server and reader is assumed to be secure, the communication channel between the backend server and the RFID reader in the mobile RFID system is not assumed to be safe. Therefore it has become necessary to devise a new communication protocol that secures the privacy of mobile RFID-enabled devices. Recently, Lo et al. proposed a mutual key agreement protocol that secures the authenticity and privacy of engaged mobile RFID readers by constructing a secure session key between the reader and server. However, this paper shows that this protocol does not meet all of the necessary security requirements. Therefore we developed an enhanced mutual key agreement protocol for mobile RFID-enabled devices that alleviates these concerns. We further show that our protocol can enhance data security and provide privacy protection for the reader in an unsecured mobile RFID environment, even in the presence of an active adversary.
Key agreement protocols allow multi-parties exchanging public information to create a common secr... more Key agreement protocols allow multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. Since Joux first published the pairing-based one round tripartitekey agreement protocol, many authenticated protocols have been proposed. Unfortunately, many of them have been broken while others have been shown to be deficient in some desirable security attributes. In 2004, Cheng et al. presented two protocols aimed at strengthening Shim’s certificate-based and Zhang et al.’s tripartite identitybased protocols. This paper reports that 1) In Cheng et al.’s identity-based protocol, an adversary can extract long-term private keys of all the parties involved; and 2) Cheng et al.’s certificationbased protocol is weak against key integrity attacks. This paper suggests possible remedies for the security flaws in both protocols and then presents a modified Cheng et al.’s identity-based, oneround tripartite protocol that is more secure than the original protocol.