Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

27.4 State of the Art Design for Health ... > 27.4.6 Controlling Access to Patient... - Pg. 689

CHAPTER 27 Security and Privacy for Mobile Health-Care (m-Health) Systems 689 The above example indicates the possibili- ties of finding common trust for information sharing in the health-care system, supporting the proposed solution that leverages HIBC for cross-domain authentication. In addition, Lim and Paterson [42] showed the feasibility of imple- menting HIBC in practice, and the performance superiority of HIBC over certificate-based cryp- tosystem (i.e., RSA) in terms of communication costs. Another advantage of HIBC is the capa- bility of directly authenticating a public key. If the certificate-based hierarchical cryptosystem is deployed, the verification of a certificate usually involves verifying all certificates along the certifi- cation path until a trusted certification authority is reached [31]. We apply the domain initialization of HIBC [43]. According to the above discussion, we let NHIN locate at level 0 of the hierarchy. VHA and RHIOs, and their affiliated health-care providers, public key tuple. The private key j is generated for cross-domain authentication, where S j -1 is the parent's secret information. Due to the hard- ness of discrete logarithm problem (DLP), it is intractable to solve for S j -1 given any pri- vate key calculated from it with non-negligible probability. 27.4.5. Protecting Patient Privacy This procedure guarantees the privacy require- ment by providing privacy protection for patient during the PHI storage and future retrieval. It is executed by the patient whenever the PHI is cre- ated, updated, or modified (e.g., after diagnosis or tests). The patient breaks the PHI into files for different categories of health information (e.g., allergy lists, drug history, X-ray data, surgeries, etc.).