Publications
Below are details on selected background publications by members of the SHARPS team.
Privacy in Mobile Technology for Personal Healthcare
Sasikanth Avancha, Amit Baxi, and David Kotz
ACM Computing Surveys, to appear in 2013.
Formalizing and Enforcing Purpose Restrictions in Privacy Policies
Michael Carl Tschantz, Anupam Datta, and Jeannette M. Wing
IEEE Symposium on Security and Privacy, May 2012.
[full version] [software]
Active Monitoring Using Real-Time Metric Linear Temporal Logic Specifications
Gabor Simko and Janos Sztipanovits
International Joint Conference on Biomedical Engineering Systems and Technologies (BIOSTEC12), February 2012.
Charm: A Framework for Rapidly Protyping Cryptosystems
Joseph A. Akinyele, Matthew D. Green, and Aviel D. Rubin
Annual Network & Distributed System Security Symposium, February 2012.
Regulation of Medical Devices in the United States and European Union
Daniel B. Kramer, Shuai Xu, and Aaron Kesselheim
The New England Journal of Medicine, February 2012.
Declarative Privacy Policy: Finite Models and Attribute-Based Encryption
Peifung E. Lam, John C. Mitchell, Andre Scedrov, Sharada Sundaram, and Frank Wang
ACM SIGHIT International Health Informatics Symposium (IHI12), January 2012.
[video] [source code] [virtual machine]
Learning from Negative Examples in Set-Expansion
Prateek Jindal and Dan Roth
IEEE International Conference on Data Mining (ICDM11), December 2011.
The Financial Impact of Health Information Exchange on Emergency Department Care
Mark E. Frisse, Kevin B. Johnson, Hui Nian, Coda L. Davison, Cynthia S. Gadd, Kim M. Unertl, Pat A. Turri, and Qingxia Chen
Journal of the American Medical Informatics Association (JAMIA), November 2011.
A Review of the Security of Insulin Pump Infusion Systems
Nathanael Paul, Tadayoshi Kohno, and David C. Klonoff
Journal of Diabetes Science and Technology, volume 5, issue 6, pages 1557-1562, November 2011.
Recent Results in Computer Security for Medical Devices
Shane S. Clark and Kevin Fu
ICST Conference on Wireless Mobile Communication and Healthcare (MobiHealth), October 2011.
Medication Administration Quality and Health Information Technology: A National Study of Hospitals
Ajit Appari, Emily K. Carian, M. Eric Johnson, and Denise L. Anthony
Journal of the American Medical Informatics Association (JAMIA), October 2011.
Reasoning about Metamodeling with Formal Specifications and Automatic Proofs
Ethan K. Jackson, Tihamer Levendovszky, and Daniel Balasubramanian
Model Driven Engineering Languages and Systems (MoDELS11), October 2011.
Role Prediction using Electronic Medical Record System Audits
Wen Zhang, Carl A. Gunter, David Liebovitz, Jian Tian, and Bradley Malin
AMIA 2011 Annual Symposium, October 2011.
Adapt-lite: Privacy-aware, Secure, and Efficient mHealth Sensing
Shrirang Mare, Jacob Sorber, Minho Shin, Cory Cornelius, and David Kotz
Workshop on Privacy in the Electronic Society (WPES11), October 2011.
Securing Electronic Medical Records Using Attribute-Based Encryption On Mobile Devices
Joseph A. Akinyele, Matthew W. Pagano, Matthew D. Green, Christoph U. Lehmann, Zachary N. J. Peterson, and Aviel D. Rubin
ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM11), October 2011.
Policy Auditing over Incomplete Logs: Theory, Implementation and Applications
Deepak Garg, Limin Jia, and Anupam Datta
ACM Conference on Computer and Communications Security (CCS11), October 2011.
Experienced-Based Access Management: A Life-Cycle Framework for Identity and Access Management Systems
Carl A. Gunter, David M. Liebovitz, and Bradley Malin
IEEE Security & Privacy, September/October 2011.
Hide-n-Sense: Privacy-aware Secure mHealth Sensing
Shrirang Mare, Jacob Sorber, Minho Shin, Cory Cornelius, and David Kotz
Technical Report TR2011-702, Department of Computer Science, Dartmouth College, September 2011.
A Contextual Approach to Privacy Online
Helen Nissenbaum
Dædalus, the Journal of the American Academy of Arts & Sciences, volume 140, issue 4, September 2011.
Outsourcing the Decryption of ABE Ciphertexts
Matthew Green, Susan Hohenberger, and Brent Waters
USENIX Security Symposium, August 2011.
They Can Hear Your Heartbeats: Non-Invasive Security for Implantable Medical Devices (Awarded Best Paper)
Shyamnath Gollakota, Haitham Hassanieh, Benjamin Ransford, Dina Katabi, and Kevin Fu
ACM Special Interest Group on Data Communication (SIGCOMM11), August 2011.
Adaptive Security and Privacy for mHealth Sensing
Shrirang Mare, Jacob Sorber, Minho Shin, Cory Cornelius, and David Kotz
USENIX Workshop on Health Security and Privacy (HealthSec11), August 2011.
Audit Mechanisms for Privacy Protection in Healthcare Environments
Jeremiah Blocki, Nicolas Christin, Anupam Datta, and Arunesh Sinha
USENIX Workshop on Health Security and Privacy (HealthSec11), August 2011.
Exposing Privacy Concerns in mHealth
Aarathi Prasad, Jacob Sorber, Timothy Stablein, Denise Anthony, and David Kotz
USENIX Workshop on Health Security and Privacy (HealthSec11), August 2011.
A Research Roadmap for Healthcare IT Security Inspired by the PCAST Health Information Technology Report
Matthew D. Green and Aviel D. Rubin
USENIX Workshop on Health Security and Privacy (HealthSec11), August 2011.
Take Two Software Updates and See Me in the Morning: The Case for Software Security Evaluations of Medical Devices
Steven Hanna, Rolf Rolles, Andres Molina-Markham, Pongsin Poosankam, Kevin Fu, and Dawn Song
USENIX Workshop on Health Security and Privacy (HealthSec11), August 2011.
Computerized Provider Order Entry in Pediatric Oncology: Design, Implementation, and Outcomes
Allen R. Chen and Christoph U. Lehmann
Journal of Oncology Practice, volume 7, issue 4, July 2011.
Regret Minimizing Audits: A Learning-theoretic Basis for Privacy Protection
Jeremiah Blocki, Nicolas Christin, Anupam Datta, and Arunesh Sinha
IEEE Computer Security Foundations Symposium, June 2011.
Metadata Analysis Power Team Letter to the National Coordinator
Jonathan Perlin (Chair), John Halamka (Vice Chair) and the Metadata Analysis Power Team Committee Members
Office of the National Coordinator for Health and Human Services Health Information Policy Committee, June 2011.
Recognizing Whether Sensors are on the Same Body
Cory Cornelius and David Kotz
International Conference on Pervasive Computing, Lecture Notes in Computer Science, June 2011.
PCAST Workgroup Letter to the National Coordinator
Paul Egerman (Chair), Bill Stead (Vice Chair) and the PCAST Workgroup Members
Office of the National Coordinator for Health and Human Services Health Information Policy Committee, April 2011.
Software Issues for the Medical Device Approval Process
Kevin Fu
Testimony submitted to the Special Committee on Aging US Senate Hearing
A Delicate Balance: FDA and the Reform of the Medical Device Approval Process, April 2011.
A Threat Taxonomy for mHealth Privacy
David Kotz
International Conference on Communication Systems and Networks (COMSNETS11), pages 1-6, January 2011.
Experiences in the Logical Specification of the HIPAA and GLBA Privacy Laws
Henry DeYoung, Deepak Garg, Limin Jia, Dilsun Kaynar, and Anupam Datta
Workshop on Privacy in the Electronic Society (WPES10), October 2010.
Logical Specification of the GLBA and HIPAA Privacy Laws
Henry DeYoung, Deepak Garg, Dilsun Kaynar, and Anupam Datta
Carnegie Mellon University, CyLab Technical Report 10-007, April 2010.
Patients, Pacemakers, and Implantable Defibrillators: Human Values and Security for Wireless Implantable Medical Devices
Tamara Denning, Alan Borning, Batya Friedman, Brian T. Gill, Tadayoshi Kohno, and William H. Maisel
ACM Conference on Human Factors in Computing Systems (CHI10), April 2010.
Privacy in Context: Technology, Policy, and the Integrity of Social Life
Helen Nissenbaum
Palo Alto, CA: Stanford University Press, 2009.
Activity-Aware ECG-based Patient Authentication for Remote Health Monitoring
Janani C. Sriram, Minho Shin, Tanzeem Choudhury, and David Kotz
International Conference on Multimodal Interfaces (ICMI09), pages 297-304, November 2009.
A Method for Extracting Temporal Parameters Based on Hidden Markov Models in Body Sensor Networks With Inertial Sensors
Eric Guenterberg, Allen Y. Yang, Hassan Ghasemzadeh, Roozbeh Jafari, Ruzena Bajcsy, and Shankar Sastry
IEEE Transactions on Information Technology in Biomedicine, Volume 13, Number 6, pages 1019-1030, November 2009.
A Privacy Framework for Mobile Health and Home-Care Systems
David Kotz, Sasikanth Avancha and Amit Baxi
ACM Workshop on Security and Privacy in Medical and Home-Care Systems (SPIMACS09), Chicago, IL, pages 1-12, November 2009.
On Notice: The Trouble with Notice and Consent
Solon Barocas and Helen Nissenbaum
International Forum on the Application and Management of Personal Electronic Information, Cambridge, MA, October 2009.
DexterNet: An Open Platform for Heterogeneous Body Sensor Networks and Its Applications
Philip Kuryloski, Annarita Giani, Roberta Giannantonio, Katherine Gilani, Raffaele Gravina, Ville-Pekka Seppa, Edmund Y. W. Seto, Victor Shia, Curtis Wang, Posu Yan, Allen Y. Yang, Jari Hyttinen, Shankar Sastry, Stephen B. Wicker, and Ruzena Bajcsy
International Workshop on Wearable and Implantable Body Sensor Networks (BSN09), pages 92-97, June 2009.
Inside Risks: Reducing Risks of Implantable Medical Devices
Kevin Fu
Communication of the ACM, Volume 52, Number 6, pages 25-27, June 2009.
How Much Do Patients’ Preferences Contribute To Resource Use?
Denise L. Anthony, M. Brooke Herndon, Patricia M. Gallagher, Amber E. Barnato, Damiel J. Gottlieb, Julie P.W. Bynum, Elliott S. Fisher, and Jonathan S. Skinner
Health Affairs, Volume 28, Number 3, pages 864-871, May/June 2009.
Multi-camera Tele-immersion System with Real-time Model Driven Data Compression
Jyh-Ming Lien, Gregorij Kurillo, and Ruzena Bajcsy
The Visual Computer, Volume 26, Number 1, pages 3-15, May 2009.
Health Information Technology: One Step At A Time
Mark E. Frisse
Health Affairs, Volume 28, Number 2, pages 379-384, March 2009.
A Regional Health Information Exchange: Architecture and Implementation
Mark E. Frisse et al.
AMIA 2008 Annual Symposium, pages 212-216, November 2008.
Older Patients Perceptions of “Unnecessary” Tests and Referrals: A National Survey of Medicare Beneficiaries
M. Brooke Herndon, Lisa M. Schwartz, Steven Woloshin, Denise L. Anthony, Patricia Gallagher, Floyd J. Fowler, and Elliott Fisher
Journal of General Internal Medicine, Volume 23, Number 10, pages 1547-1554, October 2008.
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses
Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin Ransford, Shane S. Clark, Benessa Defend, Will Morgan, Kevin Fu, Tadayoshi Kohno, and William H. Maisel
IEEE Symposium on Security and Privacy, pages 129-142, May 2008.
Security and Privacy for Implantable Medical Devices
Daniel Halperin, Thomas S. Heydt-Benjamin, Kevin Fu, Tadayoshi Kohno, and William H. Maisel
IEEE Pervasive Computing, Volume 7, Number 1, pages 30-39, January-March 2008.
Estimated Financial Savings Associated with Health Information Exchange and Ambulatory Care Referral
Mark E. Frisse and Rodney L. Holmes
Journal of Biomedical Informatics, Volume 40, Issue 6, Supplement 1, pages S27-32, December 2007.
An Independent Audit Framework for Software Dependent Voting Systems
Sujata Garera and Aviel D. Rubin
ACM Conference on Computer and Communications Security, (CCS 2007) page 256-265, November 2007.
Privacy and Utility in Business Processes
Adam Barth, John C. Mitchell, Anupam Datta, and Sharada Sundaram
IEEE Computer Security Foundations Symposium (CSF 20), page 279-294, July 2007.
Privacy and Contextual Integrity: Framework and Applications
Adam Barth, Anupam Datta, John C. Mitchell, and Helen Nissenbaum
IEEE Symposium on Security and Privacy, page 184-198, May 2006.
Securing the Drop-Box Architecture for Assisted Living
Michael J. May, Wook Shin, Carl A. Gunter, and Insup Lee
ACM Formal Methods in Security Engineering (FMSE06), pages 1-12, November 2006.
Privacy APIs: Access Control Techniques to Analyze and Verify Legal Privacy Policies
Michael J. May, Carl A. Gunter, and Insup Lee
IEEE Computer Security Foundations Workshop (CSFW06), pages 85-97, July 2006.