A secure identification access control scheme for accessing healthcare information systems

Chao, Hui-Mei; Twu, Shih-Hsiung; Hsu, Chin-Ming

doi:10.1109/itab.2003.1222488

Cited by 7 publications

(9 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…12,13 In our implementation, the identity server is a mobile device accredited by the user. A common solution in literature is to establish an identity service on a trusted server.…”

Section: Cryptographic Primitives and Algorithms Used For Access Controlmentioning

confidence: 99%

“…A common solution in literature is to establish an identity service on a trusted server. 12,13 In our implementation, the identity server is a mobile device accredited by the user. Therefore, there must always be at least one device accredited for each user.…”

Section: Two-factor Authenticationmentioning

confidence: 99%

“…Hence, to ensure privacy, we require a strong authentication procedure.This makes the authentication process a very sensitive precondition to our authorization protocol. A common solution in literature is to establish an identity service on a trusted server . In our implementation, the identity server is a mobile device accredited by the user.…”

Section: Cryptographic Primitives and Algorithms Used For Access Controlmentioning

confidence: 99%

See 2 more Smart Citations

Privacy‐ensuring electronic health records in the cloud

Souza

Gonçãlves

Leonova³

et al. 2017

Concurrency and Computation

View full text Add to dashboard Cite

Despite the evident benefits of the access to virtually unlimited computational resources in cloud environments, enterprises and researchers still face upending challenges when deploying applications that deal with sensitive information to the cloud. That is specially true for medical or tax records, for which there are strong legal restrictions to data escrow. In these cases one must be certain that a third party, such as the cloud provider, will never have access to the data. This work presents a solid access control framework that uses hybrid cryptography at client-side and a two-factor authentication technique to guarantee a secure key management protocol. We also demonstrate the use of homomorphic and order-preserving encryption as a viable solution for the computation of regular searches over electronic health records in the cloud, while preserving the confidentiality of clinical data and the privacy of patients, even in the face of a semi-honest, or "honest, but curious," cloud provider. We introduce a trusted element, a browser extension, to prevent attacks from malicious cloud providers. The result is evaluated through a full-featured prototype that manages health records modeled with a few OpenEHR archetypes.The prototype can be easily extended to handle any data structure modeled with OpenEHR.

show abstract

“…12,13 In our implementation, the identity server is a mobile device accredited by the user. A common solution in literature is to establish an identity service on a trusted server.…”

Section: Cryptographic Primitives and Algorithms Used For Access Controlmentioning

confidence: 99%

Section: Two-factor Authenticationmentioning

confidence: 99%

Section: Cryptographic Primitives and Algorithms Used For Access Controlmentioning

confidence: 99%

See 1 more Smart Citation

Privacy‐ensuring electronic health records in the cloud

Souza

Gonçãlves

Leonova³

et al. 2017

Concurrency and Computation

View full text Add to dashboard Cite

show abstract

“…This paper will look into automating the software testing phase ofthe SDLC and will demonstrate how Workflows can be applied to automate the testing process [19]. In addition, an extensive analysis was performed in the area of healthcare to understand the feasibility of use [3], [10], [15], [16], [17].…”

Section: Workflow Management Systemmentioning

confidence: 99%

A Workflow-Based Test Automation Framework for Web Based Systems

Patil

2007

2007 IEEE Symposium on Computers and Communications

View full text Add to dashboard Cite

Due to the high complexity involved in Web based distributed systems, it has been difficult to effectivelyperform the testing process with limited resources to obtain a more thorough coverage of testing. This might open the doors for potential security attacks. Testing such a system is complicated and expensive, and sometimes some tests may not be possible to perform due to the availability of resources. A workflow based test automation framework system was designed and implemented to conduct the test cases and demonstrate the concept. A tester can launch a testing process against a target system by clicking a few buttons on the user screens, and the framework of the workflow test automation system performs the entire testing job in the background. The workflow framework communicates with the participating testers performing testing processes, andprovides feedback ofeach test in real time. The framework also allows plug-ins of a variety of testing workflow definitions for diferent testing processes.

show abstract

“…Information communication technology has brought about an explosive increase in digital information. As medical record management takes charge of vital information transferred among doctors, nurses, and involved participants in different departments, how to enhance the security of electronic medical records has become an essential challenge in the medical treatment process [1][2][3].…”

Section: Introductionmentioning

confidence: 99%

HORME: hierarchical–object–relational medical management for electronic record

Yang

Wei

et al. 2013

Security Comm Networks

View full text Add to dashboard Cite

Along with widespread information communication technology, digital management has been applied to a variety of fields. Considering the rapidly growing importance of medical treatment, for which medical record management plays a crucial role, it is time to make full use of digital techniques in the medical field. Doctors in different departments and locations can check the electronic records of patients without complex steps and can even consult together via the Internet. In this paper, we design a hierarchical–object–relational management system for electronic records (HORME). HORME can not only achieve the essentials of traditional paper‐based record but can also satisfy the requirements of privacy and security according to the factorization problem, which makes it possible to protect the right of the legal doctors, patients, and hospitals. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

A secure identification access control scheme for accessing healthcare information systems

Cited by 7 publications

References 10 publications

Privacy‐ensuring electronic health records in the cloud

Privacy‐ensuring electronic health records in the cloud

A Workflow-Based Test Automation Framework for Web Based Systems

HORME: hierarchical–object–relational medical management for electronic record

Contact Info

Product

Resources

About