DOC PREVIEW
Usable Authentication for Electronic Healthcare Systems

This preview shows page 1 out of 2 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 2 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 2 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Usable Authentication for Electronic Healthcare Systems[Poster Abstract]Qihua WangIBM Almaden Research [email protected] JinIBM Almaden Research [email protected]. INTRODUCTIONAccess control in electronic healthcare systems has gained pop-ularity in the research community. User authentication is a prereq-uisite of access control. However, little work has been done on de-signing authentication schemes in healthcare systems. Most exist-ing healthcare systems require users to login by typing passwords.Even though password authentication has been widely adopted bymany practical applications including online banking systems, inour interviews, healthcare practitioners reported poor usability ofpassword authentication in hospitals due to the following fact.Issue 1: Doctors wear gloves most of the time during their work.Currently, when a doctor wants to access patient records on acomputer, she has to take off her gloves to type in password. Aftershe finishes browsing the information, in order to prevent the spreadof germs, the doctor has to wash her hands and put on her glovesbefore continue to work. This is considered very inconvenient bymany doctors.Another concern administrators in hospitals have relates to lo-gout.Issue 2: Doctors rarely remember to logout after using a computer.Doctors are very busy persons, and oftentimes, they have to rushfrom one room to another. Having to logout from a computer beforeleaving is a burden for them, and when they forget to do so, theunattended computer opens a window of security breach.The above issues, which have been overlooked by researchers,motivated us to propose a usable authentication scheme for health-care systems.2. BACKGROUNDSIn an electronic healthcare system, medical records of patients’are maintained in a centralized manner. A doctor is authorized toaccess the records of her own patients’. There are computer termi-nals all around the hospital that are connected to the central server.Doctors access medical records through those terminals. Terminalslocate in labs, offices, patients’ rooms, etc. There are two kinds ofrooms where most doctors work daily.• Exam rooms for outpatients: Outpatients are people whocome to see the doctors and leave the hospital after a visit.A doctor meet with only one patient in a room at a time. Anda doctor may be assigned several exam rooms a day. A doctormay browse patients’ records using the computer terminal inan exam room or a computer terminal in an office close tothe rooms assigned to her.• Resident rooms for inpatients: Inpatients stay overnight inhospital. Doctors go to these resident rooms to visit theirpatients from time to time. There is a computer terminalin every room so that doctors may access patients’ recordswhenever necessary.To allow doctors to authenticate themselves without having totake off gloves, an authentication process should not require usersto physically touch anything. RFID authentication is a low-cost au-thentication approach that provides the “touch-free” property. Toauthenticate, a user places her badge that contains an RFID tagclose to an RFID reader. Many corporations and government agen-cies use RFID tags as an authentication method for their employeesto control the entrance of restricted areas in their buildings. How-ever, RFID authentication is subject to a number of attacks, such asbadge-stealing, badge-cloning, and relay attack.3. DESCRIPTION OF THE AUTHENTICA-TION SCHEMEOur authentication scheme is based on RFID tags so as to allowdoctors to login without taking off their gloves. The scheme em-ploys a novel two-level timeout approach to address the problemthat doctors often forget to logout. A number of design decisionsare made to enhance the security of the authentication scheme.Furthermore, we adopt a defense-in-depth strategy by specifyinga couple of context-aware access control rules to further restrictaccesses without compromising the system’s usability for honestusers.Equipments Our authentication scheme uses the following equip-ments.• Badges: Every healthcare practitioner in the hospital is givena badge that contains an RFID tag. The RFID tag is rewritableand has maximum reading range of about 50cm.• RFID readers: Every computer terminal in the exam roomsand resident rooms is equipped with an RFID reader.• RFID writers: A number of computer terminals (say, five perfloor) are equipped with an RFID writer. These writers areused for doctors to refresh a secret stored in their RFID tags.• Cameras: Every computer terminal in the exam rooms andresident rooms for patients is equipped with a camera. Thecamera is mainly used as an input device that allows doctorsto control the terminal in a touch-free manner.Note that RFID readers and cameras are equipped only to thecomputer terminals in the working areas where doctors meet withpatients and where they have to wear gloves.Login A doctor may authenticate herself to the system either byusing her badge or by typing password. To authenticate with abadge, the doctor stands close to a terminal equipped with an RFIDreader and wave her hand in front of the camera to indicate theintension to login (so as to avoid unintentional login). The RFIDreader, with a reading range of 50cm, can detect the doctor’s badgewhen she stands close enough.A badge stores an identity information and a secret that is sharedbetween the badge and the central server. Upon authentication,both the identity information and the secret are sent to the reader.The secret expires after 24 hours, so every doctor has to refresh thesecret on her badge every day before working by putting her badgein an RFID writer and authenticate to the system through password.This is to limit the validity time-span of a stolen or cloned badge.To further raise the bar of common attacks against RFID authenti-cation, if one logs in using a badge, she is subject to context-awareaccess control rules, which will be discussed later.Alternatively, a doctor may login by typing password, which re-quires her to take off her gloves. In our authentication scheme,password is considered to be a stronger authentication method thanbadge, as stealing a password is normally more difficult than steal-ing a badge (or luckily find a lost badge on the floor of a corridor).If a doctor logs in using password, she is not subject to context-aware access control rules. This provides flexibility in emergentsituations. But we expect doctors to use badges most of


Usable Authentication for Electronic Healthcare Systems

Download Usable Authentication for Electronic Healthcare Systems
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Usable Authentication for Electronic Healthcare Systems and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Usable Authentication for Electronic Healthcare Systems 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?