Authentication Architecture for eHealth Professionals

2008 Third International Conference on Availability, Reliability and Security, 2008

Telehealth applications can deliver medical services to patients at remote locations using telecommunications technologies, such as the Internet. At the same time, such applications also pose unique security challenges. First, the trust issue becomes more severe due to the lack of visual proofs in telehealth applications. The public key infrastructure (PKI) is insufficient for providing the same kind of trust a patient may attain during a face-to-face service. Second, telehealth services, such as tele-monitoring or tele-consultant, naturally demand a systematic organization of users, roles, resources, and flows of information. Existing access control mechanisms in an e-health system are usually incapable of dealing with such workflow-based services. This paper provides cost-efficient solutions to those issues in the context of a Web-based e-health portal system. First, we propose a PKI-like infrastructure for establishing trust between users using biometrics-based authentication and hierarchies of trust. Second, we develop an access control method for workflow-based telehealth services using a rule-based module already available in the portal system.

International Journal of Medical Informatics, 2003

Healthcare environments are a representative case of collaborative environments since individuals (e.g. doctors) in many cases collaborate in order to provide care to patients in a more proficient way. At the same time modern healthcare institutions are increasingly interested in sharing access of their information resources in the networked environment. Healthcare applications over the Internet offer an attractive communication infrastructure at worldwide level but with a noticeably great factor of risk. Security has, therefore, become a major concern. However, although an adequate level of security can be relied upon digital certificates, if an appropriate security model is used, additional security considerations are needed in order to deal efficiently with the above team-work concerns. The already known Hybrid Access Control (HAC) security model supports and handles efficiently healthcare teams with active security capabilities and is capable to exploit the benefits of certificate technology. In this paper we present the way for encoding the appropriate authoritative information in various types of certificates, as well as the overall operational architecture of the implemented access control system for healthcare collaborative environments over the Internet. A pilot implementation of the proposed methodology in a major Greek hospital has shown the applicability of the proposals and the flexibility of the access control provided.

Health and Technology, 2018

Group-based systems, such as e-health systems, have been introduced since the last few decades. E-health systems can be used anytime and anywhere for patient monitoring. Wireless networks are continuously used to monitor patients' conditions and recovery progress. The confidentiality, integrity and authenticity of patients' health records are important to secure in such applications. Efficient key management and distribution are required to secure e-health applications in a wireless mobile environment. However, existing key management protocols cannot route e-health applications securely due to the resource-constrained architecture of the wireless mobile environment. A novel and enhanced key management scheme which aims to identify the challenges related to the security and privacy issues of patients' sensitive information through a strong encryption management is proposed in this study. The proposed model also aims to provide a well-organised and lightweight key management mechanism. This system requires few computations of keys and offers a null rekeying mechanism to ensure forward and backward secrecies. As a result, a secure and privacy-preserving key management scheme for e-health systems, which is known as the healthcare key management (HCKM) framework and aims to decrypt the ciphertext of the same plain text with different keys, is acquired. HCKM minimises the rekeying overhead of group members and the overhead expressed in terms of the number of exchanged messages whilst achieving a sufficiently high security level. The proposed protocol also can operate on dynamic scenarios with a large number (thousands) of nodes and exhibits an excellent performance under the assumption of low rate of evictions.

Health Informatics Journal, 2002

Computing and Control Engineering

While the widespread adoption of Internet and Intranet technology has been one of the exciting developments of recent years, many hospitals are finding that their data and legacy applications do not naturally fit into the new methods of dissemination. Existing applications often rely on isolation or trusted networks for their access control or security, whereas untrusted wide area networks pay little attention to the authenticity, integrity or confidentiality of the data they transport. Many hospitals do not have the resources to develop new "network-ready" versions of existing centralised applications.

2005

Recent research works examine the potential employment of public-key cryptography schemes in e-health environments. In such systems, where a Public Key Infrastructure (PKI) is established beforehand, Attribute Certificates (ACs) and public key enabled protocols like TLS, can provide the appropriate mechanisms to effectively support authentication, authorization and confidentiality services.

2007

In both developing and developed countries, the costs of delivering health care are increasingly tak- ing a large proportion of the national gross domestic product (GDP). GDP, is one of several measures of the size of a regions’ economy. While developed countries have a good doctor to patient ratio, in developing countries the ratios are alarming (e.g., in Uganda

2009 16th International Conference on Systems, Signals and Image Processing, 2009

As mobile devices are enhanced continuously with more resources, wireless infrastructures provide support to a growing number of assistive environments. Among the potential domains which can suffice from their deployment, is the ehealthcare sector. The increased sensitivity requirements imposed by the US and EU legislation, urge towards the design and incorporation of strict security standards in the deployment process of wireless e-healthcare infrastructures. Even though mobile devices are characterized by an increase in processing and autonomy capacity, the necessity to encrypt all communications consists of a significant burden. In this paper we present W-EHR, a wireless architecture that enables authorized medical personnel to access medical records in a secure and transparent manner, utilizing an agent based architecture. Ubiquitous access to medical information -within the hospital range -is achieved using mobile devices; security management is achieved using a hierarchical policy based approach in compatibility with the IETF policy-based management model. In order to comply with the strict privacy requirements, all the transactions are encrypted using a hybrid approach that employs symmetric and asymmetric encryption techniques. We describe our experiments that prove the effective operation of our infrastructure (by means of device resources consumption and network bandwidth). In our calculations we consider the encryption overhead when transmitting medical records in a compatible with medical codification standards form.

Health Informatics Journal, 2003

Throughout the healthcare domain, paper records and forms are being supplanted by electronic records, which are now routinely transmitted over intranets (within organizations), extranets (between organizations) and the Internet (to multiple organizations, worldwide). The potential for greater efficiency, lower costs and enhanced quality of care afforded by electronic versus paper-based records and communication in healthcare is vast. Electronic messaging is quickly becoming the standard for transmitting information in the healthcare industry. The security of transmitted information is a very critical issue. In this article, we report on the development of a Lightweight Authentication Protocol (LAP), which makes a mobile and distributed system more secure and flexible, and we implement it in a healthcare environment where the clinicians use mobile and wireless devices like PDAs. The implementation scenario and the special characteristics of healthcare information systems are described in detail. We also propose a monitoring system that involves patient credentials in order to monitor doctor access to the medical records. Our work shows that it is possible for a PDA to have access to a system like a healthcare Web database system with reasonable performance according to the theoretical analysis.

Throughout the healthcare domain, paper records and forms are being supplanted by electronic records, which are now routinely transmitted over intranets (within organizations), extranets (between organizations) and the Internet (to multiple organizations, worldwide). The potential for greater efficiency, lower costs and enhanced quality of care afforded by electronic versus paper-based records and communication in healthcare is vast. Electronic messaging is quickly becoming the standard for transmitting information in the healthcare industry. The security of transmitted information is a very critical issue. In this article, we report on the development of a Lightweight Authentication Protocol (LAP), which makes a mobile and distributed system more secure and flexible, and we implement it in a healthcare environment where the clinicians use mobile and wireless devices like PDAs. The implementation scenario and the special characteristics of healthcare information systems are described in detail. We also propose a monitoring system that involves patient credentials in order to monitor doctor access to the medical records. Our work shows that it is possible for a PDA to have access to a system like a healthcare Web database system with reasonable performance according to the theoretical analysis.