Rendezvous-based access control for medical records in the pre-hospital environment

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Rendezvous-based access control for medical records in the pre-hospital environment

Full text

Pdf (205 KB)

Source

International Conference On Mobile Systems, Applications And Services archive
Proceedings of the 1st ACM SIGMOBILE international workshop on Systems and networking support for healthcare and assisted living environments table of contents

San Juan, Puerto Rico

SESSION: Access and security table of contents

Pages: 1 - 6

Year of Publication: 2007

ISBN:978-1-59593-767-4

Authors

Feike W. Dillema	University of Tromsø
Simone Lupetti	University of Tromsø

Sponsors

ACM: Association for Computing Machinery
SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 15, Downloads (12 Months): 86, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1248054.1248057 What is a DOI?

ABSTRACT

We present rendezvous-based access control for access control in the pre-hospital environment. Rendezvous-based access control is a simple cryptographic access control method that provides access if and only if patient and health worker meet in the physical world. Access is provided locally and does not depend on connectivity with remote systems. It is therefore suitable in an environment with small mobile devices that have local connectivity but may be disconnected now and then from remote systems. It is designed to protect against aggregation threats without letting the patients carry their own medical data. A system can then be implemented where the tokens carried by the patients are simple and robust which is easily managed. We believe that our mechanism provides a useful alternative to remote access to a centralized system and to patients carrying their own medical record (on a smartcard e.g.).

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	R. Anderson. Security in clinical information systems. Published by the British Medical Association, 1996.
	2	R. J. Anderson. NHS-wide networking and patient confidentiality. BMJ, 311(6996):5--6, 1995.
	3	R. J. Anderson. Clinical system security: interim guidelines. BMJ, 312(7023):109--111, 1996.
	4	R. J. Anderson, A security policy model for clinical information systems, Proceedings of the 1996 IEEE Symposium on Security and Privacy, p.30, May 06-08, 1996
	5	T. Beale, S. Heard, D. Kalra, and D. Lloyd. openEHR Architecture Overview. http://www.openEHR.org Mar 2006.
	6	Susan B. Davidson , Hector Garcia-Molina , Dale Skeen, Consistency in a partitioned network: a survey, ACM Computing Surveys (CSUR), v.17 n.3, p.341-370, Sept. 1985 [doi>10.1145/5505.5508]
	7	M. A. C. Dekker , S. Etalle, Audit-Based Access Control for Electronic Health Records, Electronic Notes in Theoretical Computer Science (ENTCS), 168, p.221-236, February, 2007 [doi>10.1016/j.entcs.2006.08.028]
	8	Jack B. Dennis , Earl C. Van Horn, Programming semantics for multiprogrammed computations, Communications of the ACM, v.9 n.3, p.143-155, March 1966 [doi>10.1145/365230.365252]
	9	Department of Defense. DoD 5200. 28-STD: Department of defense (DoD) trusted computer system evaluation criteria (TCSEC), 1985.
	10	Marco Eichelberg , Thomas Aden , Jörg Riesmeier , Asuman Dogac , Gokce B. Laleci, A survey and analysis of Electronic Healthcare Record standards, ACM Computing Surveys (CSUR), v.37 n.4, p.277-315, December 2005 [doi>10.1145/1118890.1118891]
	11	Peter G. Goldschmidt, HIT and MIS: implications of health information technology and medical information systems, Communications of the ACM, v.48 n.10, October 2005 [doi>10.1145/1089107.1089141]
	12	Joan Daemen , Vincent Rijmen, The Design of Rijndael, Springer-Verlag New York, Inc., Secaucus, NJ, 2002
	13	Butler W. Lampson, Protection, ACM SIGOPS Operating Systems Review, v.8 n.1, p.18-24, January 1974 [doi>10.1145/775265.775268]
	14	Jonathan M. McCune , Adrian Perrig , Michael K. Reiter, Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication, Proceedings of the 2005 IEEE Symposium on Security and Privacy, p.110-124, May 08-11, 2005 [doi>10.1109/SP.2005.19]
	15	B. Neuman. Proxy-based authorization and accounting for distributed systems. In Proceedings of the 13th International Conference on Distributed Computing Systems, pages 283--291, Pittsburgh, May 1993.
	16	Bruce Schneier, Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish), Fast Software Encryption, Cambridge Security Workshop, p.191-204, December 09-11, 1993
	17	A. Tanenbaum, S. Mullender, and R. van Renesse. Using sparse capabilities in a distributed operating system. In Proceedings of the 6th International Conference on Distributed Computing Systems (ICDCS), pages 558--563, Washington, DC, 1986. IEEE Computer Society.
	18	M. V Wilkes, The Cambridge CAP computer and its operating system (Operating and programming systems series), North-Holland Publishing Co., Amsterdam, The Netherlands, 1979