A password-based user authentication scheme for the integrated EPR information system

Journal of Medical Systems

Volumn 36, Issue 2, 2012, Pages 631-638

  Wu, Zhen Yu ^a,c   Chung, Yufang ^b   Lai, Feipei ^a   Chen, Tzer Shyong ^b  

^a NATIONAL TAIWAN UNIVERSITY   (Taiwan)

^b TUNGHAI UNIVERSITY   (Taiwan)

^c NONE   (Taiwan)

Author keywords

Authentication; E medicine; Electronic patient records; Integrated EPR information system; Password

Indexed keywords

ACCESS TO INFORMATION; ARTICLE; CALCULATION; COMPUTER SECURITY; ELECTRONIC MEDICAL RECORD; HUMAN; INFORMATION PROCESSING; INFORMATION TECHNOLOGY; INTEGRATED ELECTRONIC PATIENT RECORD INFORMATION SYSTEM; INTERNET; MEDICAL INFORMATION SYSTEM; PASSWORD BASED USER AUTHENTICATION SCHEME; SMART CARD; THEFT; INFORMATION SYSTEM; INSTRUMENTATION; MEDICAL RECORD; METHODOLOGY; ORGANIZATION AND MANAGEMENT; SYSTEM ANALYSIS;

COMPUTER SECURITY; ELECTRONIC HEALTH RECORDS; HUMANS; INFORMATION SYSTEMS; INTERNET; MEDICAL RECORD LINKAGE; SYSTEMS INTEGRATION;

EID: 84863200393     PISSN: 01485598     EISSN: 1573689X     Source Type: Journal    
DOI: 10.1007/s10916-010-9527-7     Document Type: Article

References (31)

1. Takeda, H., Matsumura, Y., and Kuwata, S., Architecture for networked electronic patient record systems. Int. J. Med. Inform. 60(2):161-167, 2000. (Pubitemid 32036977)
2. Chan, A. T. S., Cao, J., Chan, H., and Young, G., A web-enabled framework for smart card application in health services. Commun. ACM 44(9):77-82, 2001. (Pubitemid 33642861)
3. Wang, D. W., Liu, D. R., and Chen, Y. C., A mechanism to verify the integrity of computer-based patient records. J. China Assoc. Med. Inform. 10:71-84, 1999.
4. Gritzalis, S., Lambrinoudakis, C., Lekkas, D., and Deftereos, S., Technicl guidelines for enhancing privacy and data protection in modern electronic medical environments. IEEE Trans. Inf. Technol. Biomed. 9(3):413-423, 2005. (Pubitemid 41388208)
5. Dolin, R. H., Alschuler, L., Beebe, C., Biron, P. V., Boyer, S. L., Essin, D., Kimber, E., Lincoln, T., and Mattison, J. E., The HL7 clinical document architecture. J. Am. Med. Inform. Assoc. 8(6), 2001.
6. Huston, T., Security issues for implementation of E-Medical records. Commun ACM 44(9), 2001.
7. Ball, E., Chadwick, D. W., and Mundy, D., Patient privacy in electronic prescription transfer. IEEE Secur. & Privacy Mag. 1 (2):77-80, 2003.
8. Yang, Y., Han, X., Bao, F., and Deng, R. H., A smart-card-enabled privacy preserving E-Prescription system. IEEE Trans. Inf. Technol. Biomed. 8(1):47-58, 2004.
9. Um, K. S., Kwak, Y. S., Cho, H., and Kim, I. K., Development of an HL7 interface engine, based on tree structure and streaming algorithm, for large-size messages which include image data. Comput. Meth. Programs Biomed. 80:126-140, 2005. (Pubitemid 41501436)
10. Ping, X.-O., Ko, L.-F., Shang, R.-J., and Lai, F., Dynamic Messages Creation Method for HL7 Based Healthcare Information System. HEALTHCOM 2007, 2007.
11. Hsieh, J.-C., A novel DICOM-based 12-lead electrocardiogram documentary system. J. Electrocardiol. 40:S81-S87, 2007.
12. Dolin, R. H., Rishel, W., Biron, P. V., Spinosa, J., and Mattison, J. E., SGML and XML as Interchange Formats for HL7 Messages. J. Am. Med. Inform. Assoc. 1998.
13. McAuliffe, M. J., Lalonde, F. M., McGarry, D., Gandler, W., Csaky, K., and Trus, B. L., Medical image processing, Analysis and visualization in clinical research. CBMS 2001. Proceedings. 14th IEEE Symposium.:381-386, 2001.
14. Pereira, J., Lamelo, A., and Vazquez-Naya, I. M., Design and implementation of a DICOM PACS with secure access via Internet. Proceedings of the 23 rd Annual EMBS International Conference.:3724-3727, 2001. (Pubitemid 35389490)
15. Lu, R., Cao, Z., Chai, Z., and Liang, X., A simple user authentication scheme for grid computing. Int. J. Netw. Secur. 7 (2):202-206, 2008.
16. Chen, C.-L., Chen, Y.-Y., and Chen, Y.-H., Group-based authentication to protect digital content for business applications. Int. J. Innovative Comput. Inf. Control 5(5):1243-1251, 2009.
17. Zhang, L.-J., and Zhou, Q., CCOA: Cloud computing open architecture. ICWS 2009:607-616, 2009.
18. Lamport, L., Password authentication with insecure communication. Commun. ACM. 24, 1981.
19. Ateniese, G., Cutmola, R., de Meideiros, B., and Davis, D., Medical information privacy assurance: Cryptographic and system aspects. Third Conference on Security in Communication Networks, 2002.
20. Rash, M. C., Privacy concerns hinder electronic medical records. The Business Journal of the Greater Triad Area, April 4, 2005.
21. Yee, G., Korba, L., and Song, R., Ensuring privacy for E-health services, In Proceedings of the First International Conference on Availability, Reliability and Security, 2006.
22. Lin, C. H., and Lai, Y. Y., A flexible biometrics remote user authentication scheme. Comput. Stand. Interfaces 27(1):19-23, 2004.
23. Lee, N. Y., and Chiu, Y. C., Improved remote authentication scheme with smart card. Comput. Stand. Interfaces 27(2):177-180, 2005.
24. Wang, Y. Y., Liu, J. Y., Xiao, F. X., and Dan, J., A more efficient and secure dynamic ID-based remote user authentication scheme. Comput. Commun. 32:583-585, 2009.
25. Yoon, E., and Yoo, K., An efficient password authentication schemes without using the server public key for grid computing. GCC 2005, LNCS 3795, 149-154, 2005. (Pubitemid 43774698)
26. Foster, I., and Kesselman, C., The grid: Blueprint for a new computing infrastructure. 2nd revised edition, Morgan Kaufmann Publishers In, 2003.
27. Schneier, B., and Shostack, A., Breaking up is hard to do: Modeling security threats for smart cards. Proceedings of USENIX Workshop on Smart Card Technology. 175-185, 1999.
28. Stallings, W., Cryptography and network security, principles and practice. 3 rd Edition. Prentice Hall, 2003.
29. Snyder, A. M., and Weaver, A. C., The e-logistics of securing distributed medical data. INDIN 2003. 207-216, 2003.
30. Rankl, W., and Effing, W., Smart card handbook. John Wiley & Sons, ISBN 0-471-96720-3, 1997.
31. Guthery, S. B., and Jurgensen, T. M., SmartCard Developer's Kit, Macmillan Technical Publishing. ISBN 1-57870-027-2, http://www.scdk.com, 1998.