Security in healthcare informatics: Design and implementation of a robust authentication and a hybrid access control mechanism

Author

Khan, M. Fahim Ferdous ; Sakamura, K.

Author_Institution

Grad. Sch. of Interdiscipl. Inf. Studies, Univ. of Tokyo, Tokyo, Japan

fYear

2012

fDate

12-14 Oct. 2012

Firstpage

159

Lastpage

164

Abstract

Ensuring adequate security and privacy of health information is a moral and legal mandate of the twenty-first-century healthcare industry that is fast moving towards complete digitalization. As a consequence of increased threats to security of electronic health records, a genuine need for a robust and effective authentication and access control schemes has emerged. Since healthcare systems pose some unique security constraints, especially in case of access control, none of the extant off-the-shelf solutions is directly applicable. In this paper - recognizing the fact that authentication is an indispensable precursor to access control - we address both issues together by proposing a robust authentication scheme and a hybrid access control model for healthcare informatics. We explain the design and implementation of the proposed system, and discuss evaluation results that were found to successfully satisfy various security requirements of the healthcare domain.

Keywords

authorisation; data privacy; health care; medical information systems; electronic health records, security; health information privacy; health information security; healthcare industry; healthcare informatics security; hybrid access control model; indispensable precursor; off-the-shelf solutions; robust authentication; robust authentication scheme; security constraints; Access control; Authentication; Healthcare informatics; privacy; security;

fLanguage

English

Publisher

ieee

Conference_Titel

Communications, Computers and Applications (MIC-CCA), 2012 Mosharaka International Conference on

Conference_Location

Istanbul

Print_ISBN

978-1-4673-5230-7

Type

conf

Filename

6516801