Skip to main content
Springer Nature Link
Log in

Redactable Signatures for Signed CDA Documents

  • ORIGINAL PAPER
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

The Clinical Document Architecture, introduced by Health Level Seven, is a XML-based standard intending to specify the encoding, structure, and semantics of clinical documents for exchange. Since the clinical document is in XML form, its authenticity and integrity could be guaranteed by the use of the XML signature published by W3C. While a clinical document wants to conceal some personal or private information, the document needs to be redacted. It makes the signed signature of the original clinical document not be verified. The redactable signature is thus proposed to enable verification for the redacted document. Only a little research does the implementation of the redactable signature, and there still not exists an appropriate scheme for the clinical document. This paper will investigate the existing web-technologies and find a compact and applicable model to implement a suitable redactable signature for the clinical document viewer.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15

Similar content being viewed by others

References

  1. The Health Level Seven International home page. Available at http://www.hl7.org/.

  2. Eastlake, D., Solo, D., and Reagle, J., XML-signature syntax and processing. first edition of a recommendation, W3C, 2002. Available at http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/.

  3. Tsumoto, S., Mining diagnostic rules from clinical databases using routh sets and medical diagnostic model. Inf Sci 162(2):65–80, 2004.

    Article  Google Scholar 

  4. Hsu, C.-C., and Ho, C.-S., A new hybrid case-based architecture for medical diagnosis. Inf Sci 166(1–4):231–247, 2004.

    Article  Google Scholar 

  5. Ulieru, M., Hadzic, M., and Chang, E., Soft computing agents for e-Health in application to the research and control of unknown diseases. Inf Sci 176(9):1190–1214, 2006.

    Article  MATH  Google Scholar 

  6. Miyazaki, K., Susaki, S., Iwamura, M., Matsumoto, T., Sasaki, R., and Yoshiura, H., Digital documents sanitizing problem. IEICE Technical Report ISEC2003-20, 2003.

  7. Miyazaki, K., Iwamura, M., Matsumoto, T., Sasaki, R., Yoshiura, H., Tezuka, S., and Imai, H., Digitally signed document sanitizing scheme with disclosure condition control. IEICE Trans 88(1):239–246, 2005.

    Article  Google Scholar 

  8. Slamanig, D., and Stingl, C., Disclosing verifiable partial information of signed cda documents using generalized redactable signatures. In: e-Health Networking, Applications and Services, 2009. Healthcom 2009, pp. 146–152, 2009.

  9. National Institute of Standards and Technology, “Digital signature standard,” 1994.

  10. Rivest, R. L., Shamir, A., and Adleman, L., A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126, 1978.

    Article  MathSciNet  MATH  Google Scholar 

  11. Johnson, R., Molnar, D., Song, D. X., and Wagner, D., Homomorphic signature schemes. In: CT-RSA ’02: Proceedings of the The Cryptographer’s Track at the RSA Conference on Topics in Cryptology, pp. 244–262, 2002.

  12. Rivest, R., Two new signature schemes, Presented at Cambridge seminar, 2001. Available at http://www.cl.cam.ac.uk/Research/Security/seminars/2000/rivest-tss.pdf.

  13. Micali, S., and Rivest, R., Transitive signature schemes. In: CT-RSA ’02: Proceedings of the The Cryptographer’s Track at the RSA Conference on Topics in Cryptology, pp. 236–243, 2002.

  14. Bellare, M., Goldreich, O., and Goldwasser, S., Incremental cryptography: The case of hashing and signing. In: Proceedings of advances in cryptology—Crypto 1994, Vol. 839 of LNCS, pp. 216-233, Springer-Verlag, 1994.

  15. Bellare, M., Goldreich, O., and Goldwasser, S., Incremental cryptography and application to virus protection. In: proceedings of the 27th ACM Symposium on the Theory of Computing, pp. 45–56, 1995.

  16. Steinfeld, R., Bull, L., and Zheng, Y., Content extraction signatures. In International Conference on Information Security and Cryptology 2001, Vol. 2288 of LNCS, pp. 163–205, Springer-Verlag, 2001.

  17. Ateniese, G., Chou, D. H., de Medeiros, B., and Tsudik, G., Sanitizable Signatures. In 10th European Symposium on Research in Computer Security—ESORICS 2005, Vol. 3679 of LNCS, pp. 159–177, Springer-Verlag, 2005.

  18. Chang, E. C., Lim, C. L., and Xu, J., Short redactable signatures using random trees. In: CT-RSA ’09: Proceedings of the The Cryptographer’s Track at the RSA Conference on Topics in Cryptology, Vol. 5473 of LNCS, pp. 133–147, Springer-Verlag, 2009.

  19. Haber, S., Hatano, Y., Honda, Y., Horne, W., Miyazaki, K., Sander, T., Tezoku, S., and Yao, D., Efficient signature schemes supporting redaction, pseudonymization, and data deidentification. In: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2008, pp. 353–362, 2008.

  20. Dolin, R., Alschuler, L., Boyer, S., Beebe, C., Behlen, F., Biron, P., and Shabo, A., HL7 clinical document architecture, release 2. J Am Med Inform Assoc 13(1):30–39, 2006.

    Article  Google Scholar 

  21. Huang, K.-H., Hsieh, S.-H., Chang, Y.-J., Lai, F., Hsieh, S.-L., and Lee, H.-H., Application of portable CDA for secure clinical-document exchange. J Med Syst 34(4):531–539, 2010.

    Article  Google Scholar 

  22. Chang, Y., Lai, J., Cheng, P., and Lai, F., Portable cda for the exchange of clinical documents. In: e-Health Networking, Application and Services, 2007 9th International Conference, pp. 1–5, 2007.

  23. Haomin, L., Huilong, D., Xudong, L., and Zhengxing, H., A clinical document repository for cda documents. In: Bioinformatics and Biomedical Engineering, 2007. ICBBE 2007, pp. 1084–1087, 2007.

  24. M. Treins, O. Cure, and G. Salzano, “On the interest of using HL7 cda release 2 for the exchange of annotated medical documents,” In Computer-Based Medical Systems, 2006. CBMS 2006. 19th IEEE International Symposium on, pp. 524–532, 2006.

  25. Diffie, W., and Hellman, M., New directions in cryptology. IEEE Trans Inf Theory 22(6):644–654, 1976.

    Article  MathSciNet  MATH  Google Scholar 

  26. Stallings, W., Cryptography and network security: principal and practices. Prentice Hall, 4th Edition, 2005.

  27. ElGamal, T., A public key cryptosystem and signature scheme based on discrete logarithms. IEEE Trans Inf 31(4):469–472, 1985.

    Article  MathSciNet  MATH  Google Scholar 

  28. Berners-Lee, T., Fielding, R., and Masinter, L., Uniform Resource Identifier (URI): Generic Syntax, RFC 3986 (Standard), 2005.

  29. Yee, B., Sehr, D., Dardyk, G., Chen, J., Muth, R., Ormandy, T., Okasaka, S., Narula, N., and Fullagar, N., Native client: A sandbox for portable, untrusted x86 native code. In: Security and Privacy, 2009 30th IEEE Symposium on, 2009.

  30. Kay, M., Chamberlin, D., Robie, J., Fernandez, M. F., Simeon, J., Boag, S., and Berglund, A., XML path language (XPath) 2.0. W3C recommendation, W3C, Jan. 2007. Available at http://www.w3.org/TR/2007/REC-xpath20-20070123/.

  31. The JSON format home page. Available at http://www.json.org/.

  32. Microsoft Developer Network (MSDN), “Applying the principle of least privilege to user accounts on windows xp,” 2006.

Download references

Acknowledgement

This work was supported partially by National Science Council, Taiwan under Grants NSC 99-2221-E-029-023.

Author information

Authors and Affiliations

  1. Department of Computer Science and Information Engineering, National Taiwan University, Taipei, Taiwan

    Zhen-Yu Wu, Chih-Wen Hsueh, Cheng-Yu Tsai & Feipei Lai

  2. Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan

    Feipei Lai

  3. Department of Information Management, Tamkang University, Taipei, Taiwan

    Hung-Chang Lee

  4. Graduate Institute of Biomedical Electronics and Bioinformatics, National Taiwan University, Taipei, Taiwan

    Feipei Lai

  5. Department of Electrical Engineering, Tunghai University, Taipei, Taiwan

    Yufang Chung

  6. Graduate Institute of Networking and Multimedia, National Taiwan University, Taipei, Taiwan

    Chih-Wen Hsueh

Authors
  1. Zhen-Yu Wu
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Chih-Wen Hsueh
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Cheng-Yu Tsai
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Feipei Lai
    View author publications

    You can also search for this author inPubMed Google Scholar

  5. Hung-Chang Lee
    View author publications

    You can also search for this author inPubMed Google Scholar

  6. Yufang Chung
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Zhen-Yu Wu.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Wu, ZY., Hsueh, CW., Tsai, CY. et al. Redactable Signatures for Signed CDA Documents. J Med Syst 36, 1795–1808 (2012). https://doi.org/10.1007/s10916-010-9639-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10916-010-9639-0

Keywords