Authentication Systems for Securing Clinical Documentation Workflows

CONTEXT Integration of electronic signatures embedded in health care processes in Germany challenges health care service and supply facilities. The suitability of the signature level of an eligible authentication procedure is confirmed for a large part of documents in clinical practice. However, the concrete design of such a procedure remains unclear. OBJECTIVE To create a summary of usable user authentication systems suitable for clinical workflows. DATA SOURCE A Systematic literature review based on nine online bibliographic databases. Search keywords included authentication, access control, information systems, information security and biometrics with terms user authentication, user identification and login in title or abstract. Searches were run between 7 and 12 September 2011. Relevant conference proceedings were searched manually in February 2013. Backward reference search of selected results was done. SELECTION Only publications fully describing authentication systems used or usable were included. Algorithms or purely theoretical concepts were excluded. Three authors did selection independently. DATA EXTRACTION AND ASSESSMENT: Semi-structured extraction of system characteristics was done by the main author. Identified procedures were assessed for security and fulfillment of relevant laws and guidelines as well as for applicability. Suitability for clinical workflows was derived from the assessments using a weighted sum proposed by Bonneau. RESULTS Of 7575 citations retrieved, 55 publications meet our inclusion criteria. They describe 48 different authentication systems; 39 were biometric and nine graphical password systems. Assessment of authentication systems showed high error rates above European CENELEC standards and a lack of applicability of biometric systems. Graphical passwords did not add overall value compared to conventional passwords. Continuous authentication can add an additional layer of safety. Only few systems are suitable partially or entirely for use in clinical processes. CONCLUSIONS Suitability strongly depends on national or institutional requirements. Four authentication systems seem to fulfill requirements of authentication procedures for clinical workflows. Research is needed in the area of continuous authentication with biometric methods. A proper authentication system should combine all factors of authentication implementing and connecting secure individual measures.

[1]  Feng-jung Liu,et al.  Design and implementation of a RFID-based authentication system by using keystroke dynamics , 2010, 2010 IEEE International Conference on Systems, Man and Cybernetics.

[2]  Nikola Pavesic,et al.  Personal recognition based on an image of the palmar surface of the hand , 2007, Pattern Recognit..

[3]  L. O'Gorman,et al.  Comparing passwords, tokens, and biometrics for user authentication , 2003, Proceedings of the IEEE.

[4]  Volker Roth,et al.  A PIN-entry method resilient against shoulder surfing , 2004, CCS '04.

[5]  Issa Traoré,et al.  Improving Mouse Dynamics Biometric Performance Using Variance Reduction via Extractors With Separate Features , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[6]  Tadanori Mizuno,et al.  A User Authentication System Using Schema of Visual Memory , 2006, BioADIT.

[7]  Patrick Bours,et al.  A Login System Using Mouse Dynamics , 2009, 2009 Fifth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[8]  Benny Pinkas,et al.  SCiFI - A System for Secure Face Identification , 2010, 2010 IEEE Symposium on Security and Privacy.

[9]  Lin Liang,et al.  Scribble-a-Secret: Similarity-based password authentication using sketches , 2008, 2008 19th International Conference on Pattern Recognition.

[10]  Xiao Sun,et al.  A DSP-Based Finger Vein Authentication System , 2011, 2011 Fourth International Conference on Intelligent Computation Technology and Automation.

[11]  Alexander De Luca,et al.  PassShapes: utilizing stroke based authentication to increase password memorability , 2008, NordiCHI.

[12]  S. Malassiotis,et al.  Application and Evaluation of a 2D+3D Face Authentication System , 2007, 2007 3DTV Conference.

[13]  Alexander Roßnagel,et al.  Langfristige Aufbewahrung elektronischer Dokumente: Anforderungen und Trends , 2007 .

[14]  Sandeep Kumar,et al.  Using continuous biometric verification to protect interactive login sessions , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[15]  Sadiq Almuairfi,et al.  IPAS: Implicit Password Authentication System , 2011, 2011 IEEE Workshops of International Conference on Advanced Information Networking and Applications.

[16]  Marcello Ferro,et al.  Event Related Biometrics: Towards an Unobtrusive Sensing Seat System for Continuous Human Authentication , 2009, 2009 Ninth International Conference on Intelligent Systems Design and Applications.

[17]  Nicolas Christin,et al.  Undercover: authentication usable in front of prying eyes , 2008, CHI.

[18]  Wahyudi,et al.  Keystroke pressure based typing biometrics authentication system by combining ANN and ANFIS-based classifiers , 2009, 2009 5th International Colloquium on Signal Processing & Its Applications.

[19]  Wahyudi,et al.  Keystroke Pressure-Based Typing Biometrics Authentication System Using Support Vector Machines , 2007, ICCSA.

[20]  Anil K. Jain,et al.  FVC2000: Fingerprint Verification Competition , 2002, IEEE Trans. Pattern Anal. Mach. Intell..

[21]  D.A. Schulz,et al.  Mouse Curve Biometrics , 2006, 2006 Biometrics Symposium: Special Session on Research at the Biometric Consortium Conference.

[22]  Huijun Gao,et al.  Novel Approaches to Improve Robustness, Accuracy and Rapidity of Iris Recognition Systems , 2012, IEEE Transactions on Industrial Informatics.

[23]  Bogdan Hoanca,et al.  Real-time continuous iris recognition for authentication using an eye tracker , 2012, CCS '12.

[24]  Omar Hamdy,et al.  Cognitive-Based Biometrics System for Static User Authentication , 2009, 2009 Fourth International Conference on Internet Monitoring and Protection.

[25]  Adam J. Gandossi,et al.  A Biometric Approach to Linux Login Access Control , 2006, 2006 9th International Conference on Control, Automation, Robotics and Vision.

[26]  Michael S. Hsiao,et al.  A novel approach to design of user re-authentication systems , 2009, 2009 IEEE 3rd International Conference on Biometrics: Theory, Applications, and Systems.

[27]  Ajay Kumar,et al.  Biometric Authentication using Finger-Back Surface , 2007, 2007 IEEE Conference on Computer Vision and Pattern Recognition.

[28]  Wen-Pinn Fang,et al.  An novel two layer user identification method , 2008, 2008 IEEE International Conference on Intelligence and Security Informatics.

[29]  Steven Furnell,et al.  A non-intrusive biometric authentication mechanism utilising physiological characteristics of the human head , 2007, Comput. Secur..

[30]  David Chandler,et al.  Biometric Product Testing Final Report , 2001 .

[31]  Enzo Pasquale Scilingo,et al.  Strain sensing fabric for hand posture and gesture monitoring , 2005, IEEE Transactions on Information Technology in Biomedicine.

[32]  Dexin Zhang,et al.  DCT-Based Iris Recognition , 2007, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[33]  Ahmad Faris Ismail,et al.  Design and Evaluation of a Pressure-Based Typing Biometric Authentication System , 2008, EURASIP J. Inf. Secur..

[34]  Carla E. Brodley,et al.  User re-authentication via mouse movements , 2004, VizSEC/DMSEC '04.

[35]  Ana L. N. Fred,et al.  A behavioral biometric system based on human-computer interaction , 2004, SPIE Defense + Commercial Sensing.

[36]  Marcello Ferro,et al.  A Sensing Seat for Human Authentication , 2009, IEEE Transactions on Information Forensics and Security.

[37]  Sharath Pankanti,et al.  Biometrics: Personal Identification in Networked Society , 2013 .

[38]  Jun Zhou,et al.  A face and fingerprint identity authentication system based on multi-route detection , 2007, Neurocomputing.

[39]  Michael G. Strintzis,et al.  A 3D face and hand biometric system for robust user-friendly authentication , 2007, Pattern Recognit. Lett..

[40]  Anil K. Jain,et al.  Continuous user authentication using temporal information , 2010, Defense + Commercial Sensing.

[41]  Arun Ross,et al.  An introduction to biometric recognition , 2004, IEEE Transactions on Circuits and Systems for Video Technology.

[42]  Yigitcan Aksari,et al.  Active authentication by mouse movements , 2009, 2009 24th International Symposium on Computer and Information Sciences.

[43]  S. Malassiotis,et al.  A 2D+3D face authentication system robust under pose and illumination variations , 2005, ISPA 2005. Proceedings of the 4th International Symposium on Image and Signal Processing and Analysis, 2005..

[44]  Shiuh-Pyng Shieh,et al.  Keystroke statistical learning model for web authentication , 2007, ASIACCS '07.

[45]  Robert Biddle,et al.  Graphical Password Authentication Using Cued Click Points , 2007, ESORICS.

[46]  Haining Wang,et al.  An efficient user verification system via mouse movements , 2011, CCS '11.

[47]  Ting-Yi Chang,et al.  A Personalized Rhythm Click-Based Authentication System , 2010, Inf. Manag. Comput. Secur..

[48]  Aboul Ella Hassanien,et al.  HSAS: Heart Sound Authentication System , 2010, 2010 Second World Congress on Nature and Biologically Inspired Computing (NaBIC).

[49]  Sotiris Malassiotis,et al.  A Secure and Privacy Friendly 2D+3D Face Authentication System Robust Under Pose and Illumation Variation , 2007, Eighth International Workshop on Image Analysis for Multimedia Interactive Services (WIAMIS '07).

[50]  Sahin Albayrak,et al.  Behavioral biometrics for persistent single sign-on , 2011, DIM '11.

[51]  Ahmed Awad E. Ahmed,et al.  A New Biometric Technology Based on Mouse Dynamics , 2007, IEEE Transactions on Dependable and Secure Computing.

[52]  Hyoungjoo Lee,et al.  Improving Authentication Accuracy of Unfamiliar Passwords with Pauses and Cues for Keystroke Dynamics-Based Authentication , 2006, WISI.

[53]  Anil K. Jain,et al.  Soft Biometric Traits for Continuous User Authentication , 2010, IEEE Transactions on Information Forensics and Security.

[54]  P. Campisi,et al.  Biometric Signature Authentication Using Radon Transform-Based Watermarking Techniques , 2007, 2007 Biometrics Symposium.

[55]  Andrew Beng Jin Teoh,et al.  A secure digital camera based fingerprint verification system , 2010, J. Vis. Commun. Image Represent..

[56]  Khalid Saeed,et al.  A Keystroke Dynamics Based System for User Identification , 2008, 2008 7th Computer Information Systems and Industrial Management Applications.

[57]  B. Miller,et al.  Vital signs of identity [biometrics] , 1994, IEEE Spectrum.

[58]  John Daugman,et al.  New Methods in Iris Recognition , 2007, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[59]  Ken Thompson,et al.  Password security: a case history , 1979, CACM.

[60]  Sig Porter,et al.  A password extension for improved human factors , 1982, Comput. Secur..

[61]  R. Ramnath,et al.  Physical Access Protection using Continuous Authentication , 2008, 2008 IEEE Conference on Technologies for Homeland Security.

[62]  Alvin F. Martin,et al.  The NIST 1999 Speaker Recognition Evaluation - An Overview , 2000, Digit. Signal Process..

[63]  Ajay Kumar,et al.  Comparison and combination of iris matchers for reliable personal authentication , 2010, Pattern Recognit..

[64]  Philip K. Chan,et al.  Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security , 2004, CCS 2004.

[65]  P J. Phillips,et al.  Face Recognition Vendor Test 2000: Evaluation Report , 2001 .

[66]  Jean-Luc Dugelay,et al.  Frontal-to-side face re-identification based on hair, skin and clothes patches , 2011, 2011 8th IEEE International Conference on Advanced Video and Signal Based Surveillance (AVSS).

[67]  Paul C. van Oorschot,et al.  TwoStep: An Authentication Method Combining Text and Graphical Passwords , 2009, MCETECH.

[68]  Frank Stajano,et al.  The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes , 2012, 2012 IEEE Symposium on Security and Privacy.

[69]  Ahmad Almulhem A graphical password authentication system , 2011, 2011 World Congress on Internet Security (WorldCIS-2011).

[70]  Anil K. Jain,et al.  A Multispectral Whole-Hand Biometric Authentication System , 2007, 2007 Biometrics Symposium.

[71]  Roy A. Maxion,et al.  Comparing anomaly-detection algorithms for keystroke dynamics , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.