A SECURE MOBILE HEALTH CARE SYSTEM 1
A SECURE MOBILE HEALTH CARE SYSTEM
1
Abstract
Telecommunication technologies in telemedicine services is the progress of wireless and
portable networks has wide application of mobile electronic healthcare systems. Security is a
fundamental system necessity because many patients have isolation concerns when their
individual information is shared over the open wireless channels.
This project determines the characteristics and security problem with wireless and persistent
information interactions for a mobile healthcare system. Mobile health care system consists
of a number of mobile devices and sensors attached to a patient. These devices form a mobile
adhoc sensor network and assemble data that are sent to a hospital or healthcare center for
monitoring. In this system a protected multicast strategy is engaged to evaluate the activities
of each node, so that only truthful nodes are permitted to involve in interactions. A new trust
evaluation model can efficiently estimate the trustworthiness of movable healthcare devices
and effectively handle medical nodes.
2
CONTENTS
S.NO TITLE NAME PAGE.NO
1.0 Introduction 1
2.0 System Analysis 5
2.1 Existing System
2.2 Proposed System
3.0 Feasibility Study 7
3.1 Economical Feasibility
3.2 Technical Feasibility
3.3 Operational Feasibility
4.0 System Requirements Specification 10
4.1 Modules
4.2 Design Methodologies
4.3 Software Requirements
4.4 Hardware Requirements
4.5 Functional Requirements
4.6 Non-Functional Requirements
5.0 System Design 21
5.1 Data Flow Diagrams
5.2 E-R Diagram
5.3 UML Diagrams
5.4 Data Dictionary
6.0 Technology Description 44
7.0 Coding 51
8.0 System Testing 57
9.0 Output Screens 60
10.0 Implementation 77
11.0 Future Enhancements 79
12.0 Conclusion 81
13.0 Bibliography 83
3
1.0 INTRODUCTION
4
1.0 Introduction
There is much work on how to apply information and communication technologies to
healthcare services, especially with regard to wireless networks and pervasive devices
combined to provide more applications in electronic medical care. Thus, wireless and mobile
communications lead to the emergence of a new type of advanced service for healthcare,
making mobile healthcare systems more realistic and feasible in terms of providing expert-
based medical care. Mobile computing provides new opportunities to personal users of
healthcare services, both technical and non technical.
Many successful case studies are found in areas such as emergency telemedicine,
home monitoring, and transmission of medical records, remote surgery and virtual hospitals.
With the development of mobile computing, one typical application is mobile ad hoc
networks (MANETs), which allow their users to move randomly without any pre-deployed
infrastructure or middleware. Obviously, these typical applications of wireless and mobile
networks revolutionize today’s healthcare systems.
Mobile healthcare (m-healthcare) is an important research direction for the application
of wireless communications in healthcare systems. Therefore, many wireless technologies,
including IEEE 802.11, Bluetooth, and Wi-Fi, are used to form wireless local area networks
(WLAN) and connect to the Internet. Mobile networks not only provide mobility to patients,
but also allow physicians so they can access patients’ data anytime and anywhere. This brings
important benefits to both patient and medical service provider. During the process of
constructing an mobile-healthcare system, working for physicians by sending or receiving
instant messages, either to hospitals to query about the patient’s information, or to the patient
to remind him or her about necessary medication or examinations. In a word, m-healthcare
environments can collect, transfer, and exchange medical information in a distributed
method. This diminishes the administrative and medical costs for both hospital and patient,
monitors the physical state of the patient, such as blood pressure, electroencephalogram
(EEG), electrocardiogram (ECG), and reduces the risks of the patient under unexpected
ailments.
However, security is an essential requirement of the mobile healthcare system, since
many patients have privacy concerns when it comes to releasing their personal information
5
over the open wireless channels. Though real-time monitoring and data transmission provides
necessary information quickly, it can also expose a patient’s medical data to malicious
intruders or eavesdroppers. If an m-healthcare system lacks the necessary protection when
communicating data, unauthorized parties or persons can easily access the private data of a
patient; medical records may be modified freely by malicious attackers, and false information
can be injected into the data stream by a prohibited node. Therefore, when planning mobile
healthcare, security is indispensable because of the shared nature of wireless devices, the
mobility of the patients, and the vulnerabilities of pervasive and ubiquitous environments.
1.1 Scope of the project
The scope of the project is to provide security to the data related to the patient from
the access of the unauthorized persons.
1.2 Literature Survey
Literature Survey
Instant messaging (IM) is suited for immediate communication because messages are
delivered almost in real time. Results from studies of IM use in enterprise work settings
make us believe that IM based services may prove useful also within the healthcare
sector. However, today’s public instant messaging services do not have the level of
information security required for adoption of IM in healthcare. We proposed MedIMob,
our own architecture for a secure enterprise IM service for use in healthcare. MedIMob
supports IM clients on mobile devices in addition to desktop based clients.
Methods: Security threats were identified in a risk analysis of the MedIMob architecture.
The risk analysis process consists of context identification, threat identification, analysis
of consequences and likelihood, risk evaluation, and proposals for risk treatment.
Results: The risk analysis revealed a number of potential threats to the information
security of a service like this. Many of the identified threats are general when dealing
with mobile devices and sensitive data; others are threats which are more specific to our
service and architecture. Individual threats identified in the risks analysis are discussed
and possible counter measures presented.
6
Discussion: The risk analysis showed that most of the proposed risk treatment measures
must be implemented to obtain an acceptable risk level; among others blockingmuch of
the additional functionality of the smartphone. To conclude on the usefulness of this IM
service, it will be evaluated in a trial study of the human–computer interaction. Further
work also includes an improved design of the proposed MedIMob architecture.
The applications of pervasive healthcare services have high requirements for wireless and
mobile networks, such as secure information exchange, reliable remote control,
confidential data storage, effective mobility management, rapid emergency response, and
continuous monitoring of a patient’s medical conditions. Hameed describes the
importance of mobile computing and the benefits of using wireless technologies in
healthcare, since wireless and mobile hand-held or wearable devices help patients obtain
central healthcare services quickly. Varshney discusses the applications and requirements
of telemedicine systems, which include pervasive patient monitoring, remote data access,
and intelligent emergency management. The author then presents a comprehensive
wireless health monitoring concept that provides contextaware and reliable ubiquitous
mobile telemedicine.
Earlier developed a network-based computing application under some existing
international healthcare informatics standards, and use the tele-cardiogram issue as a case
study in distributed cardiac care. Earlier proposed a healthcare system based on a multi-
agent system (MAS) that would provide a series of services, such as mobile telemedicine,
continuous monitoring, emergency processing, etc. These functions are achieved by
various agents in combination with both medical sensors and wireless communication
technologies. Additionally, their proposed healthcare system makes decisions about a
patient’s present health by employing real-time data sensing as well as the patient’s
medical history. System designs a mobile outpatient service system (MOSS) to achieve
illness treatment, illness prevention and patient relation management. By using wireless
and mobile devices, MOSS improves the management efficiency of a hospital and
shortens the response time to emergency cases. Thus, wireless technologies can help
telemedicine systems make mighty advances
7
2.0 SYSTEM ANALYSIS
8
2.1 Existing System
Mobile healthcare services have the potential to become integral components of a
modern healthcare system, in this system propose a healthcare system based on a multi-agent
system(MAS) that would provide a series of services, such as mobile telemedicine,
continuous monitoring, emergency processing. It improves the management efficiency of a
hospital and shortens the response time to emergency cases. It does not concern with security
exchange of information between the hospitals and to the corresponding patients.
Disadvantages of Existing System:
Eavesdroppers can access the patient information
Privacy of the patients information will be affected
Confidentiality and authentication will not be achieved
2.2 Proposed System
In this System, we innovate and design a novel trust evaluation model. We then
propose a secure multicast strategy that employs trust in order to evaluate the behavior of
each node, so that only trustworthy nodes are allowed to participate in communications,
while the misbehavior of malicious nodes is effectively prevented. Data transmission in this
system provides more security. The goals of this secure mobile healthcare system are safely
exchanging the patient’s information issued by mobile Devices, and preventing improper use
of illegal devices, such as intercepting transferred data, eavesdropping communicating data.
TrE (Trust Evaluation Model) is based on the standard DES algorithm for communication.
Advantages of Proposed System:
Confidentiality achieved using symmetric cryptography algorithm, so unauthorized
parties cannot access this information.
Authentication is achieved.
Only particular patients and medical specialist can access their medical information.
9
3.0 FEASIBILITY STUDY
10
3.0 Feasibility Study
The feasibility of the project is analyzed in this phase and business proposal is put
forth with a very general plan for the project and some cost estimates. During system analysis
the feasibility study of the proposed system is to be carried out. This is to ensure that the
proposed system is not a burden to the company. For feasibility analysis, some
understanding of the major requirements for the system is essential.
Three key considerations involved in the feasibility analysis are
ECONOMICAL FEASIBILITY
TECHNICAL FEASIBILITY
OPERATIONAL FEASIBILITY
3.1 ECONOMICAL FEASIBILITY
This study is carried out to check the economic impact that the system will have on
the organization. The amount of fund that the company can pour into the research and
development of the system is limited. The expenditures must be justified. Thus the developed
system as well within the budget and this was achieved because most of the technologies
used are freely available. Only the customized products had to be purchased.
3.2 TECHNICAL FEASIBILITY
This study is carried out to check the technical feasibility, that is, the technical
requirements of the system. Any system developed must not have a high demand on the
available technical resources. This will lead to high demands on the available technical
resources. This will lead to high demands being placed on the client. The developed system
must have a modest requirement, as only minimal or null changes are required for
implementing this system.
11
3.3 OPERATIONAL FEASIBILITY
Proposed projects are beneficial only if they can be turned out into information system.
That will meet the organization’s operating requirements. Operational feasibility aspects of the project
are to be taken as an important part of the project implementation. Some of the important issues raised
are to test the operational feasibility of a project includes the following: -
Is there sufficient support for the management from the users?
Will the system be used and work properly if it is being developed and implemented?
Will there be any resistance from the user that will undermine the possible application benefits?
This system is targeted to be in accordance with the above-mentioned issues. Beforehand, the
management issues and user requirements have been taken into consideration. So there is no question
of resistance from the users that can undermine the possible application benefits.
The well-planned design would ensure the optimal utilization of the computer resources and would
help in the improvement of performance status.
12
4.0 SYSTEM REQUIREMENTS
SPECIFICATIONS
13
4.1 Modules
The project entitled as “A Secure Mobile Health Care System” developed using .NET
using C#. Modules display as follows
Modules
1. User Verification
2. Online Appointment
3. Trust Evaluation
4. Data Transmission
5. Mobile Healthcare System
Module Description
1. User Verification
User verification is needed for every system to keep security and for any other
misuses. Each authorized user will have a user-id /name and a password for login. This is
directly giving from the system admin or manager to the users who are authorized. The users
want to follow some rules and conditions while using the system, and any misbehave will
lead to block of particular user-id/name.
2. Online Appointment
Unlike traditional hospital management schemes, where most patients only can access
medical care or monitoring in a particular place at a specific time, current healthcare
equipment can provide continuous monitoring of patients, as well as maximal mobility for
them. Here, data communications rely on wireless channels instead of wires. However,
mobility takes difficulty for data exchange as well because the requirements of the
deployment of a number of infrastructures are able to increase the cost of mobile healthcare
systems. We are going to simulate with maximum of five systems and it will be in wired
technology.
3. Trust Evaluation
Trust is defined as “the degree to which a node should be trustworthy, secure, or
reliable during any interaction with the node”. The concept of trust has been introduced into
mobile healthcare security with wide application in the realm of network and information
security. Thereby, trust represents a mutual relationship established between any two
14
trustworthy medical nodes (sensors) for a specific purpose: one node, called the Object, can
forward packets for another node, called the Subject. Here we are going to apply algorithm to
find trust based nodes.
4. Data Transmission
Unlike traditional hospital management schemes, where most patients only can access
medical care or monitoring in a particular place at a specific time, current healthcare
equipment can provide continuous monitoring of patients, as well as maximal mobility for
them. Here, data communications rely on wireless channels instead of wires. However,
mobility takes difficulty for data exchange as well because the requirements of the
deployment of a number of infrastructures are able to increase the cost of mobile healthcare
systems. We are going to simulate with maximum of two systems and it will be in wired
technology.
5. Mobile healthcare system
Mobile healthcare (m-healthcare) is an important research direction for the application
of wireless communications in healthcare systems. Therefore, many wireless technologies,
including IEEE 802.11, Bluetooth, and Wi-Fi, are used to form wireless local area networks
(WLAN) and connect to the Internet. Mobile networks not only provide mobility to patients,
but also allow physicians so they can access patients’ data anytime and anywhere.
Combination of given three modules makes a mobile health care system.
15
4.2 Design Methodologies
Software Development Life Cycle Models:-
Software life cycle models describe phases of the software cycle and the order in
which those phases are executed. There are tons of models, and many companies adopt their
own, but all have very similar patterns.
Requirement Analysis and Design
Analysis gathers the requirements for the system. This stage includes a detailed
study of the business needs of the organization. Options for changing the business process
may be considered. Design focuses on high level design like, what programs are needed and
how are they going to interact, low-level design (how the individual programs are going to
work), interface design (what are the interfaces going to look like) and data design (what data
will be required). During these phases, the software's overall structure is defined. Analysis
and Design are very crucial in the whole development cycle. Any glitch in the design phase
could be very expensive to solve in the later stage of the software development. Much care is
taken during this phase. The logical system of the product is developed in this phase.
16
Implementation
In this phase the designs are translated into code. Computer programs are written using a
conventional programming language or an application generator. Programming tools like
Compilers, Interpreters, and Debuggers are used to generate the code. Different high level
programming languages like C, C++, Pascal, Java, .Net are used for coding. With respect to
the type of application, the right programming language is chosen.
Testing
In this phase the system is tested. Normally programs are written as a series of individual
modules, this subject to separate and detailed test. The system is then tested as a whole. The
separate modules are brought together and tested as a complete system. The system is tested
to ensure that interfaces between modules work (integration testing), the system works on the
intended platform and with the expected volume of data (volume testing) and that the system
does what the user requires (acceptance/beta testing).
Maintenance
Inevitably the system will need maintenance. Software will definitely undergo change once it
is delivered to the customer. There are many reasons for the change. Change could happen
because of some unexpected input values into the system. In addition, the changes in the
system could directly affect the software operations. The software should be developed to
accommodate changes that could happen during the post implementation period.
17
4.3 Software Requirements
Operating system : Windows XP Professional
Front End : Microsoft Visual Studio .Net 2008
Coding Language : Visual C# .Net
Backend : SqlServer 2005
4.4 Hardware Requirements
System : Pentium IV 2.4 GHZ
Hard Disk : 40 GB
Floppy Drive : 1.44 Mb
Monitor : 15 Vega Colour
Mouse : Logitech.
RAM : 256 Mb
4.5 Functional Requirements
Output Design
Outputs from computer systems are required primarily to communicate the
results of processing to users. They are also used to provides a permanent copy of the results
for later consultation. The various types of outputs in general are:
External Outputs, whose destination is outside the organization.
Internal Outputs whose destination is within organization and they are the
user’s main interface with the computer.
Operational outputs whose use is purely within the computer department.
18
Interface outputs, which involve the user in communicating directly with
Output Definition
The outputs should be defined in terms of the following points:
Type of the output
Content of the output
Format of the output
Location of the output
Frequency of the output
Volume of the output
Sequence of the output
It is not always desirable to print or display data as it is held on a computer. It should be
decided as which form of the output is the most suitable.
For Example
Will decimal points need to be inserted?
Should leading zeros be suppressed.
Output Media
In the next stage it is to be decided that which medium is the most appropriate for the output.
The main considerations when deciding about the output media are:
The suitability for the device to the particular application.
The need for a hard copy.
The response time required.
The location of the users.
The software and hardware available.
The cost.
Keeping in view the above description the project is to have outputs mainly coming under the
category of internal outputs. The main outputs desired according to the requirement
specification are: The outputs were needed to be generated as a hot copy and as well as
queries to be viewed on the screen. Keeping in view these outputs, the format for the output
19
is taken from the outputs, which are currently being obtained after manual processing. The
standard printer is to be used as output media for hard copies.
Input Design
Input design is a part of overall system design. The main objectives during the input design
are as given below:
To produce a cost-effective method of input.
To achieve the highest possible level of accuracy.
To ensure that the input is acceptable and understood by the user.
Input Stages
The main input stages can be listed as below:
Data recording
Data transcription
Data conversion
Data verification
Data control
Data transmission
Data validation
Data correction
Input Types
It is necessary to determine the various types of inputs. Inputs can be categorized as follows:
External inputs, which are prime inputs for the system.
Internal inputs, which are user communications with the system.
Operational, which are computer department’s communications to the system?
Interactive, which are inputs entered during a dialogue.
Input Media
At this stage choice has to be made about the input media. To conclude about the input
media consideration has to be given to;
20
Type of input
Flexibility of format
Speed
Accuracy
Verification methods
Rejection rates
Ease of correction
Storage and handling requirements
Security
Easy to use
Portability
Keeping in view the above description of the input types and input media, it can be
said that most of the inputs are of the form of internal and interactive. As Input data is to be
the directly keyed in by the user, the keyboard can be considered to be the most suitable input
device.
Error Avoidance
At this stage care is to be taken to ensure that input data remains accurate form the
stage at which it is recorded upto the stage in which the data is accepted by the system. This
can be achieved only by means of careful control each time the data is handled.
Error Detection
Even though every effort is make to around the occurrence of errors, still a small
proportion of errors is always likely to occur, these types of errors can be discovered by using
validations to check the input data.
Data Validation
Procedures are designed to detect errors in data at a lower level of detail. Data
validations have been included in the system in almost every area where there is a possibility
for the user to commit errors. The system will not accept invalid data. Whenever an invalid
data is keyed in, the system immediately prompts the user and the user has to again key in the
data and the system will accept the data only if the data is correct. Validations have been
included where necessary.
21
The system is designed to be a user friendly one. In other words the system has been
designed to communicate effectively with the user. The system has been designed with
popup menus.
User Interface Design
It is essential to consult the system users and discuss their needs while designing the user
interface:
User Interface Systems Can Be Broadly Classified As:
1. User initiated interface
The user is in charge, controlling the progress of the user/computer dialogue. In the
computer-initiated interface, the computer selects the next stage in the interaction.
2. Computer initiated interfaces
In the computer initiated interfaces the computer guides the progress of the user/computer
dialogue. Information is displayed and the user response of the computer takes action or
displays further information.
User Initiated Interfaces
User initiated interfaces fall into tow approximate classes:
1. Command driven interfaces: In this type of interface the user inputs commands or
queries which are interpreted by the computer.
2. Forms oriented interface: The user calls up an image of the form to his/her screen and
fills in the form. The forms oriented interface is chosen because it is the best choice.
Computer Initiated Interfaces
The following computer – initiated interfaces were used:
1. The menu system for the user is presented with a list of alternatives and the user
chooses one; of alternatives.
2. Questions – answer type dialog system where the computer asks question and takes
action based on the basis of the users reply.
22
Right from the start the system is going to be menu driven, the opening menu displays the
available options. Choosing one option gives another popup menu with more options. In this
way every option leads the users to data entry form where the user can key in the data.
Error Message Design
The design of error messages is an important part of the user interface design. As user is
bound to commit some errors or other while designing a system the system should be
designed to be helpful by providing the user with information regarding the error he/she has
committed.
This application must be able to produce output at different modules for different inputs.
4.6 Non Functional Requirements
Performance Requirements
Performance is measured in terms of the output provided by the application.
Requirement specification plays an important part in the analysis of a system. Only
when the requirement specifications are properly given, it is possible to design a system,
which will fit into required environment. It rests largely in the part of the users of the
existing system to give the requirement specifications because they are the people who finally
use the system. This is because the requirements have to be known during the initial stages
so that the system can be designed according to those requirements. It is very difficult to
change the system once it has been designed and on the other hand designing a system, which
does not cater to the requirements of the user, is of no use.
The requirement specification for any system can be broadly stated as given below:
o The system should be able to interface with the existing system
o The system should be accurate
o The system should be better than the existing system
The existing system is completely dependent on the user to perform all the duties.
23
5.0 SYSTEM DESIGN
24
5.1 Data Flow Diagrams
Module Diagram
25
START
SHARED RESOURCESMOBIL DEVICES
TRUST CALCULATION
DATA TRANSMISSION
STOP
Project Flow Diagram
26
5.2 E-R DIAGRAM
27
28
HOSPITALHospitalIdHospitalNameLocationWorkingHrsFromWorkingHrsToTotalNoDoctors Remarks
HOS -DOCTORS
DOCTOR
HospitalIdDoctorId DoctorName DOJ WorkingHrsFromWorkingHrsTo OnDuty –y/n Remarks
DISEASES
DiseaseIDDoctorID
TESTREPORTSTRID PatientID DoctorID EEG ECG SUGAR BP
PATIENT
PatientIdDoctorId PatName Age Sex DOJ
TRUST CALCULATIONS
TCidPidDoctorIDHospitalIDMobileWebsiteIPAddress
APPOINTMENTS
Appointmentid HospitalIdDoctorId PatientIdDateofAppoint From To Status CompletedOrNot Remarks
DOCTOR- DISEASES
DOCTOR - PATIENTS
DOCTOR –TEST REPORTS
DOCTOR - PATIENTS
HOSPITAL - APPOINTMENTS
APPOINT- PATIENTS
DOCTOR -APPOINT
PATIENT-DOCTOR
A
A
DOCTOR TREATS
DOC-SCHEDULE
SchId DoctorId PatientId DiseaseId TreatedonDate Treated From Treated To TestsToBeTaken Status
C
DAILY SCHEDULE
C
TAKES
DOCSPECIALIZATION
DSid HospitalId Specid DoctorId
Specialist
DOCTOR Specialised
Spec-DOCTO
R
PAT_DISEASESDiseaseID PatientID
DP
Pat-Disease
DP
SPECIALIZATION
SpecId HospitalId Spec_Name Description
5.3 UML Diagrams
Use case diagrams
User Verification:
New User
User Name
Password
Registration Form
User
29
Trust Calculation:
Admin/Sender Encrypted Details Patient Decrypted Details
Data Transmission:
Admin Patient Doctor
30
Class Diagram:
Mobile HealthCare Sytem
+hospital name+hid
+Mobility to patients()+Access to Doctors()
User/ Patient
+name-id
+register()+login()+requestapp()+get results()
Doctor
+name-id+spciality
+login()+get pat details()+manage requests()#send reports()
Administrator
-id
+manage specializatons()+Update Doctors()
31
State chart diagram:
connect
trust verification
appointments
transfer results
32
Activity Diagrams: Hospital Specification Management
33
LOGIN
?MANAGE
ENTER UNAME AND PASSWORD
VIEW SPECIFICATIONS
UPDATE SPEC
?EXISTS
DELETE SPEC INSERT SPEC
delete
update
insert
LOGOUT
Doctor Management:
34
LOGIN
?MANAGE
ENTER UNAME AND PASSWORD
VIEW DOCTORS
UPDATE DOCTORS
?EXISTS
DELETE DOCTORSINSERT DOCTORS
delete
update
insert
LOGOUT
Managing Appointments and patients
35
LOGIN
? MANAGE
ENTER UNAME AND PASSWORD
VIEW REQUEST FOR
APPOINTMENTS
EDIT APPOINTMENTS
?VERIFY
REJECT APPOINTMENTS
ACCEPT APPOINTMENTS
REMOVE
EDIT
ALLOCATE
LOGOUT
36
REGISTER
ENTER UNAME AND PASSWORD
SEARCH DOCTORS
FEEDBACKS
? VERIFY
LOGOUT
LOGIN
INVALID
valid
REQUEST APPOINTMENTS
MANAGE TRUST CALCULATIONS
VIEW TEST REPORTS
Doctors Schedule
37
38
REGISTER
ENTER UNAME AND PASSWORD
ACCEPT/REJECT APPOINTMENTS
VIEW FEEDBACKS
?verify
LOGOUT
LOGIN
INVALID
VALID
VIEW PATIENT DETAILS
MANAGE TRUST CALCULATIONS
SEND TEST
REPORTS
? SEND
UPLOAD TEST
REPORTS
UPLOAD TEST
REPORTS
WEBSITE
MOBILE
SYSTEM
Sequence diagram:
3: file
mobile devices sharing hospital
1: connection
6: network
2: trust
5: trust
8: information
4: analyze info
7: result
39
Collaboration Diagram:
mobile devices
sharing
hospital
1: connection
2: trust
3: analyze info
4: file
5: trust
6: network
7: result
8: information
40
Component Diagram:
REGISTRATION LOGIN
PATIENT
DOCTOR
APPOINTMENTS
TRUST CALCULATIONS
TEST REPORTERS
41
Deployment Diagram:
Client Browser
IIS server
web server
windows application
sql server
mobile server
42
5.4 Data Dictionary
1. Table Name: Appointments:It is used for storing all the appointments given to the patients
2. Tablename: Specifications - It maintains the specialization of the Hospital.
43
3. Tablename: Doctor Schedule –It maintains the current schedule of the Doctors.
4. Table name: Doctors - It contains the details of all the doctors registered over the website.
44
5. Table name: Hospital : It contains the master details of the hospital
6. Table name: Patient : It contains the details of all the patients registered over the website.
45
7. Table name: Test reports – It contains all the test reports managed for the patients
8. Table name : Test Calculations : It contains all the details like how the test reports are sent to the patients.
46
6.0 TECHNOLOGY DESCRIPTION
47
Features OF. Net
Microsoft .NET is a set of Microsoft software technologies for rapidly building and
integrating XML Web services, Microsoft Windows-based applications, and Web solutions.
The .NET Framework is a language-neutral platform for writing programs that can easily and
securely interoperate. There’s no language barrier with .NET: there are numerous languages
available to the developer including Managed C++, C#, Visual Basic and Java Script.
The .NET framework provides the foundation for components to interact seamlessly, whether
locally or remotely on different platforms. It standardizes common data types and
communications protocols so that components created in different languages can easily
interoperate.
“.NET” is also the collective name given to various software components built upon
the .NET platform. These will be both products (Visual Studio.NET and Windows.NET
Server, for instance) and services (like Passport, .NET My Services, and so on).
The .Net Framework
The .NET Framework has two main parts:
1. The Common Language Runtime (CLR).
2. A hierarchical set of class libraries.
The CLR is described as the “execution engine” of .NET. It provides the environment within
which programs run. The most important features are
Conversion from a low-level assembler-style language, called Intermediate
Language (IL), into code native to the platform being executed on.
Memory management, notably including garbage collection.
Checking and enforcing security restrictions on the running code.
Loading and executing programs, with version control and other such
features.
48
The following features of the .NET framework are also worth description:
Managed Code
The code that targets .NET, and which contains certain extra
Information - “metadata” to describe itself. Whilst both managed and unmanaged code can
run in the runtime, only managed code contains the information that allows the CLR to
guarantee, for instance, safe execution and interoperability.
Managed Data
With Managed Code comes Managed Data. CLR provides memory allocation and
Deal location facilities, and garbage collection. Some .NET languages use Managed Data by
default, such as C#, Visual Basic.NET and JScript.NET, whereas others, namely C++, do not.
Targeting CLR can, depending on the language you’re using, impose certain constraints on
the features available. As with managed and unmanaged code, one can have both managed
and unmanaged data in .NET applications - data that doesn’t get garbage collected but instead
is looked after by unmanaged code.
Common Type System
The CLR uses something called the Common Type System (CTS) to strictly enforce
type-safety. This ensures that all classes are compatible with each other, by describing types
in a common way. CTS define how types work within the runtime, which enables types in
one language to interoperate with types in another language, including cross-language
exception handling. As well as ensuring that types are only used in appropriate ways, the
runtime also ensures that code doesn’t attempt to access memory that hasn’t been allocated to
it.
Common Language Specification
The CLR provides built-in support for language interoperability. To ensure that you
can develop managed code that can be fully used by developers using any programming
language, a set of language features and rules for using them called the Common Language
Specification (CLS) has been defined. Components that follow these rules and expose only
CLS features are considered CLS-compliant.
49
The Class Library
.NET provides a single-rooted hierarchy of classes, containing over 7000 types. The
root of the namespace is called System; this contains basic types like Byte, Double, Boolean,
and String, as well as Object. All objects derive from System. Object. As well as objects,
there are value types. Value types can be allocated on the stack, which can provide useful
flexibility. There are also efficient means of converting value types to object types if and
when necessary.
The set of classes is pretty comprehensive, providing collections, file, screen, and network
I/O, threading, and so on, as well as XML and database connectivity.
The class library is subdivided into a number of sets (or namespaces), each providing distinct
areas of functionality, with dependencies between the namespaces kept to a minimum.
Languages Supported By .Net
The multi-language capability of the .NET Framework and Visual Studio .NET enables
developers to use their existing programming skills to build all types of applications and
XML Web services. The .NET framework supports new versions of Microsoft’s old favorites
Visual Basic and C++ (as VB.NET and Managed C++), but there are also a number of new
additions to the family.
Visual Basic .NET has been updated to include many new and improved language features
that make it a powerful object-oriented programming language. These features include
inheritance, interfaces, and overloading, among others. Visual Basic also now supports
structured exception handling, custom attributes and also supports multi-threading.
Visual Basic .NET is also CLS compliant, which means that any CLS-compliant language
can use the classes, objects, and components you create in Visual Basic .NET.
Managed Extensions for C++ and attributed programming are just some of the enhancements
made to the C++ language. Managed Extensions simplify the task of migrating existing C++
applications to the new .NET Framework.
C# is Microsoft’s new language. It’s a C-style language that is essentially “C++ for Rapid
Application Development”. Unlike other languages, its specification is just the grammar of
50
the language. It has no standard library of its own, and instead has been designed with the
intention of using the .NET libraries as its own.
Microsoft Visual J# .NET provides the easiest transition for Java-language developers into
the world of XML Web Services and dramatically improves the interoperability of Java-
language programs with existing software written in a variety of other programming
languages.
Active State has created Visual Perl and Visual Python, which enable .NET-aware
applications to be built in either Perl or Python. Both products can be integrated into the
Visual Studio .NET environment. Visual Perl includes support for Active State’s Perl Dev
Kit.
Other languages for which .NET compilers are available include
FORTRAN
COBOL
Eiffel
Fig1 .Net Framework
ASP.NET
XML WEB SERVICES
Windows Forms
Base Class Libraries
Common Language Runtime
Operating System
C#.NET is also compliant with CLS (Common Language Specification) and supports
structured exception handling. CLS is set of rules and constructs that are supported by the
CLR (Common Language Runtime). CLR is the runtime environment provided by the .NET
Framework; it manages the execution of the code and also makes the development process
easier by providing services.
51
C#.NET is a CLS-compliant language. Any objects, classes, or components that created in
C#.NET can be used in any other CLS-compliant language. In addition, we can use objects,
classes, and components created in other CLS-compliant languages in C#.NET .The use of
CLS ensures complete interoperability among applications, regardless of the languages used
to create the application.
Constructors and Destructors
Constructors are used to initialize objects, whereas destructors are used to destroy
them. In other words, destructors are used to release the resources allocated to the object. In
C#.NET the sub finalize procedure is available. The sub finalize procedure is used to
complete the tasks that must be performed when an object is destroyed. The sub finalize
procedure is called automatically when an object is destroyed. In addition, the sub finalize
procedure can be called only from the class it belongs to or from derived classes.
Garbage Collection
Garbage Collection is another new feature in C#.NET. The .NET Framework
monitors allocated resources, such as objects and variables. In addition, the .NET Framework
automatically releases memory for reuse by destroying objects that are no longer in use.
In C#.NET, the garbage collector checks for the objects that are not currently in use by
applications. When the garbage collector comes across an object that is marked for garbage
collection, it releases the memory occupied by the object.
Overloading
Overloading is another feature in C#. Overloading enables us to define multiple
procedures with the same name, where each procedure has a different set of arguments.
Besides using overloading for procedures, we can use it for constructors and properties in a
class.
52
Multithreading
C#.NET also supports multithreading. An application that supports multithreading can
handle multiple tasks simultaneously, we can use multithreading to decrease the time taken
by an application to respond to user interaction.
Structured Exception Handling
C#.NET supports structured handling, which enables us to detect and remove
errors at runtime. In C#.NET, we need to use Try…Catch…Finally statements to create
exception handlers. Using Try…Catch…Finally statements, we can create robust and
effective exception handlers to improve the performance of our application.
The .NET Framework is a new computing platform that simplifies application
development in the highly distributed environment of the Internet.
Objectives of .Net Framework
1. To provide a consistent object-oriented programming environment whether object codes is
stored and executed locally on Internet-distributed, or executed remotely.
2. To provide a code-execution environment to minimizes software deployment and
guarantees safe execution of code.
3. Eliminates the performance problems.
There are different types of application, such as Windows-based applications and Web-based
applications.
53
7.0 CODING
54
Coding:
Home Page
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Windows.Forms;
using System.Data.SqlClient;
public partial class Login : System.Web.UI.Page
{
SqlConnection cn = new SqlConnection("Server=SPIRO16\\SQLEXPRESS;Initial
Catalog=HEALTH;uid=sa;pwd=sudarshan");
SqlCommand cmd;
SqlDataReader dr;
protected void Page_Load(object sender, EventArgs e)
{
if (Session["uname"] == "patient")
{
MessageBox.Show("You are already signed in");
Response.Redirect("Home.aspx");
}
55
}
protected void btn_reg_Click(object sender, EventArgs e)
{
long pid;
cn.Open();
cmd = new SqlCommand("Select max(pid)from patdetail", cn);
dr = cmd.ExecuteReader();
if (dr.Read())
{
pid = Convert.ToInt64(dr[0]);
pid += 1;
}
else
{
pid = 3001;
}
cn.Close();
cmd = null;
string add = txt_add1.Text + txt_add2.Text;
cn.Open();
cmd = new SqlCommand("insert into patdetail values(" + pid + ",'" + txt_fname.Text +
"','" + txt_lname.Text + "','" + txt_email.Text + "','" + txt_pwd.Text + "','" + txt_phn.Text +
"','" + add + "','" + txt_pin.Text + "','" + txt_state.Text + "','" + txt_dob.Text + "','" +
rbl_sex.SelectedItem.Value + "','" + txt_qry.Text + "')", cn);
cmd.ExecuteNonQuery();
cn.Close();
MessageBox.Show("You will get a confirmation through email and Login with your
uname and password");
Response.Redirect("home.aspx");
}
}
56
Login Page
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
//using System.Data.SqlClient;
using System.Windows.Forms;
public partial class AddPat : System.Web.UI.Page
{
SqlConnection cn = new SqlConnection("Server=SPIRO16\\SQLEXPRESS;Initial
Catalog=HEALTH;uid=sa;pwd=sudarshan");
SqlCommand cmd;
protected void Page_Load(object sender, EventArgs e)
{
if ( Session["uname"] == "Patient")
{
MessageBox.Show("You already signed in");
Response.Redirect("Home.aspx");
57
}
}
protected void btn_login_Click(object sender, EventArgs e)
{
string var = Request.Params["var"];
if (var == null)
{
cn.Open();
cmd = new SqlCommand("select pid,fname from patdetail where email='" +
txt_uname.Text + "' and pwd= '" + txt_pwd.Text + "' ", cn);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
string s = dr["fname"].ToString();
Session["n"] = s;
long a = Convert. ToInt64(dr[0]);
MessageBox.Show("Login Success");
Session["uname"] = "Patient";
Session["user"] = a;
Response.Redirect("PatStatus.aspx");
}
else
{
Response.Write("<script>alert('Your not an authorised person')</script>");
cn.Close();
}
58
}
if ((txt_uname.Text == "admin") && (txt_pwd.Text == "admin"))
{
Session["uname"] = "admin";
Response.Redirect("Admin.aspx");
}
else
{
Response.Write("<script>alert('Your not an authorised person')</script>");
}
}
}
59
8.0 SYSTEM TESTING
60
SYSTEM TESTING AND MAINTENANCE
Testing is vital to the success of the system. System testing makes a logical assumption that if
all parts of the system are correct, the goal will be successfully achieved. In the testing
process we test the actual system in an organization and gather errors from the new system
operates in full efficiency as stated. System testing is the stage of implementation, which is
aimed to ensuring that the system works accurately and efficiently.
In the testing process we test the actual system in an organization and gather errors from the
new system and take initiatives to correct the same. All the front-end and back-end
connectivity are tested to be sure that the new system operates in full efficiency as stated.
System testing is the stage of implementation, which is aimed at ensuring that the system
works accurately and efficiently.
The main objective of testing is to uncover errors from the system. For the uncovering
process we have to give proper input data to the system. So we should have more conscious
to give input data. It is important to give correct inputs to efficient testing.
Testing is done for each module. After testing all the modules, the modules are integrated
and testing of the final system is done with the test data, specially designed to show that the
system will operate successfully in all its aspects conditions. Thus the system testing is a
confirmation that all is correct and an opportunity to show the user that the system works.
Inadequate testing or non-testing leads to errors that may appear few months later.
This will create two problems
Time delay between the cause and appearance of the problem. The effect of the system errors
on files and records within the system.
The purpose of the system testing is to consider all the likely variations to which it will be
suggested and push the system to its limits.
The testing process focuses on logical intervals of the software ensuring that all the
statements have been tested and on the function intervals (i.e.,) conducting tests to uncover
errors and ensure that defined inputs will produce actual results that agree with the required
results. Testing has to be done using the two common steps Unit testing and Integration
testing. In the project system testing is made as follows:
61
The procedure level testing is made first. By giving improper inputs, the errors occurred are
noted and eliminated. This is the final step in system life cycle. Here we implement the tested
error-free system into real-life environment and make necessary changes, which runs in an
online fashion. Here system maintenance is done every months or year based on company
policies, and is checked for errors like runtime errors, long run errors and other maintenances
like table verification and reports.
8.1. UNIT TESTING
Unit testing verification efforts on the smallest unit of software design, module. This is
known as “Module Testing”. The modules are tested separately. This testing is carried out
during programming stage itself. In these testing steps, each module is found to be working
satisfactorily as regard to the expected output from the module.
8.2. INTEGRATION TESTING
Integration testing is a systematic technique for constructing tests to uncover error
associated within the interface. In the project, all the modules are combined and then the
entire programmer is tested as a whole. In the integration-testing step, all the error uncovered
is corrected for the next testing steps.
62
9.0 OUTPUT SCREENS
63
OUTPUT SCREENS
Home Page
64
User Login Page
65
Patient Registration
66
Doctor Registration
67
Finding A Doctor
68
Patient Appointment Page
69
Doctor Related Page
70
Patient Request Page
71
72
73
74
75
76
77
78
79
10.0 IMPLEMENTATION
80
IMPLEMENTATION
About Implementation
Implementation is the stage of the project when the theoretical design is turned out
into a working system. Thus it can be considered to be the most critical stage in achieving a
successful new system and in giving the user, confidence that the new system will work and
be effective.
The implementation stage involves careful planning, investigation of the existing system
and it’s constraints on implementation, designing of methods to achieve changeover and
evaluation of changeover methods.
Implementation is the process of converting a new system design into operation. It is the
phase that focuses on user training, site preparation and file conversion for installing a
candidate system. The important factor that should be considered here is that the conversion
should not disrupt the functioning of the organization.
81
11.0 FUTURE ENHANCEMENTS
82
Future Enhancements
A thorough observation and evaluation of the use of a messaging service will be
conducted, focusing on computer-supported cooperative work and the human–computer
interaction. A preliminary experiment will be performed by use of existing technology: a
two-way pager system with the possibility to predefine standard messages. This is additional
functionality that can easily be included in the pager and alarm system in use in the hospital
department today. The purpose of this observation and evaluation is to obtain an
understanding of the communication pattern and identify adequate message types and the
need for presence information.
The results from this study would then be to incorporate the findings into an improved
design and development of our system. An improved design of the system should also focus
on offering a secure use of the built-in functionalities of the smart phone (e.g. web access,
Bluetooth, and MMS). The possibility for automatically storing (parts of) the messages into
the patient’s health record should also be investigated.
Advantages
Confidentiality achieved using symmetric cryptography algorithm, so unauthorized
parties cannot access this information.
Authentication is achieved.
Only particular patients and medical specialist can access their medical information
83
12.0 CONCLUSION
84
Conclusion
The introduction of mobile healthcare systems can greatly improve the benefits for patients
and hospitals, by not only providing better quality of patient care, but by also reducing
administrative and medical costs for both patients and hospitals. The topic of security has
raised interesting research issues in wireless and pervasive healthcare networks. Here, we
introduce the technique of trust evaluation without a centralized trust management authority
and propose a novel trust evaluation model that can efficiently calculate the trustworthiness
of mobile healthcare devices and dynamically manage medical nodes. Furthermore, we
present a secure multicast mechanism based on our trust evaluation model, which offers
flexible protection to dynamic and agile environments and improves the security of a
pervasive and mobile healthcare system.
The analysis of our experimental results clearly demonstrates that, compared to traditional
schemes, such as the linear trust computation model or the group-based management system,
our trust model can genuinely improve the security and reliability of the network while also
reducing the complexity of the traditional trust schemes and thus improving efficiency.
Therefore, our trust-based multicast strategy provides an excellent solution for guaranteeing
secure and reliable communications in wireless and pervasive healthcare networks.
85
13.0 BIBILOGRAPHY
86
BIBILOGRAPHY
[1] E. Bones, P. Hasvold , E. Henriksen , and T. Strandenes , “Risk analysis of
information security in a mobile instant messaging and presence system for healthcare”,
International J. Medical Informatics, Vol. 76, pp. 677–687, 2007.
[2] A. Boukerche , “Performance Evaluation of Routing Protocols for AdHoc Wireless
Networks”, ACM/Springer Mobile Networks and Applications ,Vol. 9, pp. 333–342,
2004.
[3] A. Boukerche , Handbook of Algorithms for Wireless Networking and Mobile
Computing, New York: CRC/Chapman Hall, 2005.
[4] A. Boukerche , K. El-Khatib , L. Xu , and L. Korba , “Performance evaluation of an
anonymity providing protocol for wireless ad hoc networks”, Performance Evaluation,
Vol. 63, pp. 1094–1109, 2006.
87