A security extension for the standard SCP-ECG based on metadata

This paper analyzes the structure and content of the SCP-ECG standard to further design a tailor-made security extension. It is proposed to limit the access privileges of the users by means of role-based profiles (teaching/research, examination, diagnosis, storage) which are implemented with cryptographic elements (ciphering, digital certificates and signatures). A new security section is added to extend the SCP-ECG and the remaining sections are ciphered. The application implemented to test this proposal showed its ability to authenticate users, protect the integrity of the files and the privacy of the confidential information, with a low impact on the file size and access time.