1. NCCU Academic Hub
  2. Publications
  3. College of Informatics
  4. Theses
  5. Item

Publications-Theses

Article View/Open

Publication Export

Google ScholarTM

NCCU Library

Citation Infomation

Related Publications in TAIR

題名 整合資料在雲端環境上的分享與 隱私保護-以電子病歷資料為例
Sharing and Protection of Integrated Data in the Cloud : Electronic Health Record as an Example
作者 楊竣展
Yang, Jiun Jan
貢獻者 胡毓忠
Hu, Yuh Jong
楊竣展
Yang, Jiun Jan
關鍵詞 隱私保護
語意網
資料整合
雲端運算
data integration
privacy protection
cloud computing
semantic web
日期 2010
上傳時間 4-Sep-2013 17:09:29 (UTC+8)
摘要 由於電子化病歷逐漸取代了傳統的紙本病歷,在流通分享上面比傳統的紙本病歷更加來的方便及快速,另外電子病歷的整合性,也是比傳統的紙本來的有效。近年來雲端運算的發展,使得醫療系統在電子病歷上能夠更快速的發展,但是取而代之的是卻是雲端運算所產生隱私權的問題,在快速發展的雲端運算環境中,目前似乎無法完全確保資料的隱私性。即使現有的研究中可以讓資料擁有者表示自己的隱私偏好,卻因為設計時缺乏語意的考量,造成執行上有語意的落差。
本研究將探討電子病歷存放在雲端環境上,設計一套三層整合平台系統並使用語意化技術本體論整合來自多方的資料,達成在資料庫上使用OWL2作為整合的語言,並在此整合平台進行本體論整合,能夠讓使用者可以從多方的醫療中心快速查詢整合的資料,經由整合平台的改寫,到下層的規範擷取到上層平台進行管理與落實動作,最終在資料庫查詢資料,達成整合分享的目標,並同時能夠兼顧資料擁有者的隱私期待,完成在雲端環境上資料分享、整合、隱私保護的目標。
The Electronic Health Records (EHRs) have replaced the traditional paper Health Records gradually and they are more rapid and more convenient in data sharing. Furthermore, the EHRs are also better than paper health records when health records need to be integrated on the computer.
In recent years, the rapid development of cloud computing can help Health Information System to be more dynamic and provide a better service, but the problem of privacy is a critical issue. Although recent research can let data owner expresses his own personal privacy preference in to policy to protect privacy, it is lacked of semantics and that will result in the gap between the real meaning of personal privacy preference and of policy.
In our research, we will using semantic technology to express personal privacy preference in to polices and also design the 3-layer integration platform to achieve semantics data integration so that polices can be enforced without loss of real meaning of personal privacy preference and polices will have interoperability with others when we are using semantic data integration.
參考文獻 D. Calvanese, et al., "Data Integration through DL-LiteA Ontologies," in Revised Selected Papers of the 3rd Int. Workshop on Semantics
in Data and Knowledge Bases (SDKB 2008). vol. 4925, K.-D. Schewe and B. Thalheim, Eds., ed: Springer, 2008, pp. 26-47.

[2] D. Calvanese, et al., "Using OWL in Data Integration," in Semantic Web Information Management - a Model Based Perspective, D. Virgilio, et al., Eds., ed: Springer, 2009, pp. 397-424.

[3] B. Katt, et al., "Privacy and Access Control for IHE-Based Systems," in Electronic Healthcare. vol. 0001, D. Weerasinghe, Ed., ed: Springer Berlin Heidelberg, 2009, pp. 145-153.

[4] H. Pérez-Urbina, et al., "Efficient Query Answering for OWL 2," in The Semantic Web - ISWC 2009. vol. 5823, A. Bernstein, et al., Eds., ed: Springer Berlin / Heidelberg, 2009, pp. 489-504.

[5] S. D. C. d. Vimercati, et al., "Privacy of outsourced data," in Digital Privacy: Theory, Technologies and Practices, ed: Auerbach Publications (Taylor and Francis Group) 2007.

[6] M. Lenzerini, "Data integration: a theoretical perspective," Proceedings of the twenty-first ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, Madison, Wisconsin, 2002.

[7] A. Y. Levy, et al., "Querying Heterogeneous Information Sources Using Source Descriptions," presented at the Proceedings of the 22th International Conference on Very Large Data Bases, 1996.

[8] C. Lutz, et al., "Conjunctive query answering in the description logic EL using a relational database system," presented at the Proceedings of the 21st international jont conference on Artifical intelligence, Pasadena, California, USA, 2009.


[9] J. Euzenat and P. Valtchev, "Similarity-based ontology alignment in OWL-Lite," 2004.

[10] P. Hitzler, et al., "OWL 2 Rules," in ESEC, 2009.

[11] M. A. C. Dekker, et al., "Audit-based Compliance Control (AC2) for EHR Systems," ed. Enschede: Centre for Telematics and Information Technology, University of Twente, 2007.

[12] G. J. Annas, "HIPAA Regulations — A New Era of Medical-Record Privacy?," New England Journal of Medicine, vol. 348, pp. 1486-1490, 2003.

[13] C. A. Ardagna, et al., "Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project," J. Comput. Secur., vol. 18, pp. 123-160, 2010.

[14] C. A. Ardagna, et al., "XML-based access control languages," Information Security Technical Report, vol. 9, pp. 35-46.

[15] D. Calvanese, et al., "Tractable Reasoning and Efficient Query Answering in Description Logics: The DL-LiteFamily," Journal of Automated Reasoning, vol. 39, pp. 385-429, 2007.

[16] D. Calvanese and G. D. Giacomo, "Data integration: a logic-based perspective," AI Magazine, vol. 26, pp. 59-70, 2005.

[17] Fran, et al., "Answering queries using views: A KRDB perspective for the semantic Web," ACM Trans. Internet Technol., vol. 4, pp. 255-288, 2004.

[18] P. T. Jaeger, et al., "Cloud Computing and Information Policy: Computing in a Policy Cloud?," Journal of Information Technology & Politics, vol. 5, pp. 269 - 283, 2008.

[19] Y. KALFOGLOU and M. SCHORLEMMER, "Ontology mapping: the state of the art," The Knowledge Engineering Review, vol. 18, pp. 1-31, 2003.

[20] N. F. Noy and M. A. Musen, "The PROMPT suite: interactive tools for ontology merging and mapping," International Journal of Human-Computer Studies, vol. 59, pp. 983-1024, 2003.

[21] H. Takabi, et al., "Security and Privacy Challenges in Cloud Computing Environments," IEEE Security and Privacy, vol. 8, pp. 24-31, 2010.

[22] "First research report on research on next generation policies," Privacy and Identity Management in Europe for LifeFebruary 27, 2009.

[23] M. Armbrust, et al., "Above the Clouds: A Berkeley View of Cloud Computing," EECS Department, University of California, Berkeley UCB/EECS-2009-28, February 10 2009.

[24] H. Garcia-Molina, et al., "Integrating and Accessing Heterogeneous Information Sources in TSIMMIS," Stanford Infolab, Technical Report,1994.

[25] R. Herold, "European Union (EU) Data Protection Directive of 1995 Frequently Asked Questions " Computer Security Institute,2002.

[26] 郭弘毅, "使用本體論與規則執行企業隱私保護規範," 碩士, 資訊科學學系, 國立政治大學.

[27] Google Health. https://health.google.com

[28] Safe Habor. EUR LEX. . http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32000D0520:EN:HTML

[29] The Health Insurance Portability and Accountability Act. U.S. Department of Health & Human Services. http://www.hhs.gov/ocr/privacy/

[30] Fair Information Practice Principle, Federal Trade Commission http://www.ftc.gov/reports/privacy3/fairinfo.shtm


[31] P. Ashley, et al. Enterprise Privacy Authorization Language (EPAL 1.2). http://www.w3.org/Submission/2003/SUBM-EPAL-20031110/,2003

[32] I. Horrocks, et al. SWRL: A Semantic Web Rule Language
Combining OWL and RuleML. http://www.daml.org/2004/11/fol/rules-all,2004

[33] B. Motik, et al. OWL 2 Web Ontology Language Profiles. http://www.w3.org/TR/owl2-profiles/,2009
描述 碩士
國立政治大學
資訊科學學系
98753036
99
資料來源 http://thesis.lib.nccu.edu.tw/record/#G0098753036
資料類型 thesis
dc.contributor.advisor 胡毓忠zh_TW
dc.contributor.advisor Hu, Yuh Jongen_US
dc.contributor.author (Authors) 楊竣展zh_TW
dc.contributor.author (Authors) Yang, Jiun Janen_US
dc.creator (作者) 楊竣展zh_TW
dc.creator (作者) Yang, Jiun Janen_US
dc.date (日期) 2010en_US
dc.date.accessioned 4-Sep-2013 17:09:29 (UTC+8)-
dc.date.available 4-Sep-2013 17:09:29 (UTC+8)-
dc.date.issued (上傳時間) 4-Sep-2013 17:09:29 (UTC+8)-
dc.identifier (Other Identifiers) G0098753036en_US
dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/60257-
dc.description (描述) 碩士zh_TW
dc.description (描述) 國立政治大學zh_TW
dc.description (描述) 資訊科學學系zh_TW
dc.description (描述) 98753036zh_TW
dc.description (描述) 99zh_TW
dc.description.abstract (摘要) 由於電子化病歷逐漸取代了傳統的紙本病歷,在流通分享上面比傳統的紙本病歷更加來的方便及快速,另外電子病歷的整合性,也是比傳統的紙本來的有效。近年來雲端運算的發展,使得醫療系統在電子病歷上能夠更快速的發展,但是取而代之的是卻是雲端運算所產生隱私權的問題,在快速發展的雲端運算環境中,目前似乎無法完全確保資料的隱私性。即使現有的研究中可以讓資料擁有者表示自己的隱私偏好,卻因為設計時缺乏語意的考量,造成執行上有語意的落差。
本研究將探討電子病歷存放在雲端環境上,設計一套三層整合平台系統並使用語意化技術本體論整合來自多方的資料,達成在資料庫上使用OWL2作為整合的語言,並在此整合平台進行本體論整合,能夠讓使用者可以從多方的醫療中心快速查詢整合的資料,經由整合平台的改寫,到下層的規範擷取到上層平台進行管理與落實動作,最終在資料庫查詢資料,達成整合分享的目標,並同時能夠兼顧資料擁有者的隱私期待,完成在雲端環境上資料分享、整合、隱私保護的目標。		zh_TW
dc.description.abstract (摘要) The Electronic Health Records (EHRs) have replaced the traditional paper Health Records gradually and they are more rapid and more convenient in data sharing. Furthermore, the EHRs are also better than paper health records when health records need to be integrated on the computer.
In recent years, the rapid development of cloud computing can help Health Information System to be more dynamic and provide a better service, but the problem of privacy is a critical issue. Although recent research can let data owner expresses his own personal privacy preference in to policy to protect privacy, it is lacked of semantics and that will result in the gap between the real meaning of personal privacy preference and of policy.
In our research, we will using semantic technology to express personal privacy preference in to polices and also design the 3-layer integration platform to achieve semantics data integration so that polices can be enforced without loss of real meaning of personal privacy preference and polices will have interoperability with others when we are using semantic data integration.		en_US
dc.description.tableofcontents 第一章 10
1.1研究動機 10
1.2研究目的 11
1.3 各章節概述 12
第二章 13
2.1 HIPAA法案 13
2.2 雲端運算 13
2.3 委外隱私權保護 14
2.4 規範的表達及落實 16
2.5 資料整合 18
第三章 21
3.1 EXTENSIBLE ACCESS CONTROL MARKUP LANGUAGE 21
3.2 AUDIT-BASED ACCESS CONTROL 21
3.3 GOOGLE HEALTH 22
3.4 資料整合 22
第四章 24
4.1研究架構設計 24
4.2 資料整合 27
4.2.1資料庫的整合 29
4.2.2本體論的整合 30
4.2.3重複資料的整合 32
4.3 隱私偏好的表示與落實 35
4.3.1隱私偏好的表示 35
4.3.2規範的取得、管理與落實 36
4.3.2.1規範取得 36
4.3.2.2規範管理 37
4.3.2.3規範的落實 39
4.3.3 OWL2 RL與SWRL的比較 41
第五章 43
5.1資料整合的驗證 43
5.2系統實作 44
第六章 47
參考文獻 48
附錄 51
附件 本體論的整合及改寫方式 51		zh_TW
dc.format.extent 873769 bytes-
dc.format.mimetype application/pdf-
dc.language.iso en_US-
dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0098753036en_US
dc.subject (關鍵詞) 隱私保護zh_TW
dc.subject (關鍵詞) 語意網zh_TW
dc.subject (關鍵詞) 資料整合zh_TW
dc.subject (關鍵詞) 雲端運算zh_TW
dc.subject (關鍵詞) data integrationen_US
dc.subject (關鍵詞) privacy protectionen_US
dc.subject (關鍵詞) cloud computingen_US
dc.subject (關鍵詞) semantic weben_US
dc.title (題名) 整合資料在雲端環境上的分享與 隱私保護-以電子病歷資料為例zh_TW
dc.title (題名) Sharing and Protection of Integrated Data in the Cloud : Electronic Health Record as an Exampleen_US
dc.type (資料類型) thesisen
dc.relation.reference (參考文獻) D. Calvanese, et al., "Data Integration through DL-LiteA Ontologies," in Revised Selected Papers of the 3rd Int. Workshop on Semantics
in Data and Knowledge Bases (SDKB 2008). vol. 4925, K.-D. Schewe and B. Thalheim, Eds., ed: Springer, 2008, pp. 26-47.

[2] D. Calvanese, et al., "Using OWL in Data Integration," in Semantic Web Information Management - a Model Based Perspective, D. Virgilio, et al., Eds., ed: Springer, 2009, pp. 397-424.

[3] B. Katt, et al., "Privacy and Access Control for IHE-Based Systems," in Electronic Healthcare. vol. 0001, D. Weerasinghe, Ed., ed: Springer Berlin Heidelberg, 2009, pp. 145-153.

[4] H. Pérez-Urbina, et al., "Efficient Query Answering for OWL 2," in The Semantic Web - ISWC 2009. vol. 5823, A. Bernstein, et al., Eds., ed: Springer Berlin / Heidelberg, 2009, pp. 489-504.

[5] S. D. C. d. Vimercati, et al., "Privacy of outsourced data," in Digital Privacy: Theory, Technologies and Practices, ed: Auerbach Publications (Taylor and Francis Group) 2007.

[6] M. Lenzerini, "Data integration: a theoretical perspective," Proceedings of the twenty-first ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, Madison, Wisconsin, 2002.

[7] A. Y. Levy, et al., "Querying Heterogeneous Information Sources Using Source Descriptions," presented at the Proceedings of the 22th International Conference on Very Large Data Bases, 1996.

[8] C. Lutz, et al., "Conjunctive query answering in the description logic EL using a relational database system," presented at the Proceedings of the 21st international jont conference on Artifical intelligence, Pasadena, California, USA, 2009.


[9] J. Euzenat and P. Valtchev, "Similarity-based ontology alignment in OWL-Lite," 2004.

[10] P. Hitzler, et al., "OWL 2 Rules," in ESEC, 2009.

[11] M. A. C. Dekker, et al., "Audit-based Compliance Control (AC2) for EHR Systems," ed. Enschede: Centre for Telematics and Information Technology, University of Twente, 2007.

[12] G. J. Annas, "HIPAA Regulations — A New Era of Medical-Record Privacy?," New England Journal of Medicine, vol. 348, pp. 1486-1490, 2003.

[13] C. A. Ardagna, et al., "Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project," J. Comput. Secur., vol. 18, pp. 123-160, 2010.

[14] C. A. Ardagna, et al., "XML-based access control languages," Information Security Technical Report, vol. 9, pp. 35-46.

[15] D. Calvanese, et al., "Tractable Reasoning and Efficient Query Answering in Description Logics: The DL-LiteFamily," Journal of Automated Reasoning, vol. 39, pp. 385-429, 2007.

[16] D. Calvanese and G. D. Giacomo, "Data integration: a logic-based perspective," AI Magazine, vol. 26, pp. 59-70, 2005.

[17] Fran, et al., "Answering queries using views: A KRDB perspective for the semantic Web," ACM Trans. Internet Technol., vol. 4, pp. 255-288, 2004.

[18] P. T. Jaeger, et al., "Cloud Computing and Information Policy: Computing in a Policy Cloud?," Journal of Information Technology & Politics, vol. 5, pp. 269 - 283, 2008.

[19] Y. KALFOGLOU and M. SCHORLEMMER, "Ontology mapping: the state of the art," The Knowledge Engineering Review, vol. 18, pp. 1-31, 2003.

[20] N. F. Noy and M. A. Musen, "The PROMPT suite: interactive tools for ontology merging and mapping," International Journal of Human-Computer Studies, vol. 59, pp. 983-1024, 2003.

[21] H. Takabi, et al., "Security and Privacy Challenges in Cloud Computing Environments," IEEE Security and Privacy, vol. 8, pp. 24-31, 2010.

[22] "First research report on research on next generation policies," Privacy and Identity Management in Europe for LifeFebruary 27, 2009.

[23] M. Armbrust, et al., "Above the Clouds: A Berkeley View of Cloud Computing," EECS Department, University of California, Berkeley UCB/EECS-2009-28, February 10 2009.

[24] H. Garcia-Molina, et al., "Integrating and Accessing Heterogeneous Information Sources in TSIMMIS," Stanford Infolab, Technical Report,1994.

[25] R. Herold, "European Union (EU) Data Protection Directive of 1995 Frequently Asked Questions " Computer Security Institute,2002.

[26] 郭弘毅, "使用本體論與規則執行企業隱私保護規範," 碩士, 資訊科學學系, 國立政治大學.

[27] Google Health. https://health.google.com

[28] Safe Habor. EUR LEX. . http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32000D0520:EN:HTML

[29] The Health Insurance Portability and Accountability Act. U.S. Department of Health & Human Services. http://www.hhs.gov/ocr/privacy/

[30] Fair Information Practice Principle, Federal Trade Commission http://www.ftc.gov/reports/privacy3/fairinfo.shtm


[31] P. Ashley, et al. Enterprise Privacy Authorization Language (EPAL 1.2). http://www.w3.org/Submission/2003/SUBM-EPAL-20031110/,2003

[32] I. Horrocks, et al. SWRL: A Semantic Web Rule Language
Combining OWL and RuleML. http://www.daml.org/2004/11/fol/rules-all,2004

[33] B. Motik, et al. OWL 2 Web Ontology Language Profiles. http://www.w3.org/TR/owl2-profiles/,2009		zh_TW