The medical community is moving towards an environment where automated patient medical records and electronically interconnected healthcare facilities are prevalent. The primary reason is that the electronic healthcare record, coupled with the electronic networking of hospitals, can provide healthcare organizations with more efficient, seamless service, resulting in higher quality care and reduced costs. The information contained in electronic records is an important and valuable asset of a healthcare organization. Thus, it needs to be protected to ensure its confidentiality, integrity and availability. A critical point in security is to set up efficient and flexible access control policies and procedures for protecting information. However, user authentication remains a prerequisite for really secure information services especially in distributed systems. In this paper, an authentication architecture for healthcare environments is presented. The proposed authentication architecture is based on a particular authentication protocol, which exploits the benefits of symmetric and asymmetric cryptography in order to provide a simple and self-confident authentication system.
[1]
G Pangalos,et al.
Developing a Public Key Infrastructure for a secure regional e-Health environment.
,
2002,
Methods of information in medicine.
[2]
Martín Abadi,et al.
A logic of authentication
,
1989,
Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.
[3]
I Mavridis,et al.
Defining Access Control Mechanisms for Privacy Protection in Distributed Medical Databases
,
2001
.
[4]
William Stallings,et al.
Cryptography and Network Security: Principles and Practice
,
1998
.
[5]
Marie Khair,et al.
Design of secure medical database systems
,
1996,
SEC.