Abstract :
Security infrastructures are increasingly used in the health care and welfare sector, particularly for providing security such as confidentiality, authenticity, integrity, non-repudiation and auditing. Especially within the health care sector, there is a need for different kinds of certificates, namely public-key certificates and attribute certificates. This necessity is caused by the huge range of processes and procedures deriving front different application areas within the health care sector. This leads to a large amount of specific and different roles, rules, access rights, and permissions for each health professional. An important security token within health care is represented by a smart card, called the health professional card (HPC). Existing solutions e.g. the German HPC, prototypes and European as well as national projects, activities, and initiatives, show the state of the art with respect to certificates. Finally, we point out unsolved problems regarding security infrastructures, jurisdiction, data protection, and advertizing via the Internet
Keywords :
auditing; authorisation; certification; medical administrative data processing; public key cryptography; smart cards; European Data Protection Directive; European Electronic Signature Directive; HARP; Internet; access rights; advertizing; applet; attribute certificates; auditing; authentication protocol; authenticity; certificates; confidentiality; data protection; digital signature; health care; health professional; health professional card; integrity; jurisdiction; nonrepudiation; permissions; public-key certificates; security infrastructures; security token; smart card; state of the art; trust center; trusted third party; x.509; Data security; Digital signatures; Electronic switching systems; Medical services; National security; Permission; Protection; Public key; Public key cryptography; Smart cards;
