Skip to main content

Advertisement

SpringerLink
Log in

A Password-Based User Authentication Scheme for the Integrated EPR Information System

  • Original Paper
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

With the rapid development of the Internet, digitization and electronic orientation are required in various applications of our daily life. For e-medicine, establishing Electronic patient records (EPRs) for all the patients has become the top issue during the last decade. Simultaneously, constructing an integrated EPR information system of all the patients is beneficial because it can provide medical institutions and the academia with most of the patients’ information in details for them to make correct decisions and clinical decisions, to maintain and analyze patients’ health. Also beneficial to doctors and scholars, the EPR system can give them record linkage for researches, payment audits, or other services bound to be developed and integrated into medicine. To tackle the illegal access and to prevent the information from theft during transmission over the insecure Internet, we propose a password-based user authentication scheme suitable for information integration.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Takeda, H., Matsumura, Y., and Kuwata, S., Architecture for networked electronic patient record systems. Int. J. Med. Inform. 60(2):161–167, 2000.

    Article  Google Scholar 

  2. Chan, A. T. S., Cao, J., Chan, H., and Young, G., A web-enabled framework for smart card application in health services. Commun. ACM 44(9):77–82, 2001.

    Article  Google Scholar 

  3. Wang, D. W., Liu, D. R., and Chen, Y. C., A mechanism to verify the integrity of computer-based patient records. J. China Assoc. Med. Inform. 10:71–84, 1999.

    Google Scholar 

  4. Gritzalis, S., Lambrinoudakis, C., Lekkas, D., and Deftereos, S., Technicl guidelines for enhancing privacy and data protection in modern electronic medical environments. IEEE Trans. Inf. Technol. Biomed. 9(3):413–423, 2005.

    Article  Google Scholar 

  5. Dolin, R. H., Alschuler, L., Beebe, C., Biron, P. V., Boyer, S. L., Essin, D., Kimber, E., Lincoln, T., and Mattison, J. E., The HL7 clinical document architecture. J. Am. Med. Inform. Assoc. 8(6), 2001.

  6. Huston, T., Security issues for implementation of E-Medical records. Commun ACM 44(9), 2001.

  7. Ball, E., Chadwick, D. W., and Mundy, D., Patient privacy in electronic prescription transfer. IEEE Secur. & Privacy Mag. 1(2):77–80, 2003.

    Article  Google Scholar 

  8. Yang, Y., Han, X., Bao, F., and Deng, R. H., A smart-card-enabled privacy preserving E-Prescription system. IEEE Trans. Inf. Technol. Biomed. 8(1):47–58, 2004.

    Article  Google Scholar 

  9. Um, K. S., Kwak, Y. S., Cho, H., and Kim, I. K., Development of an HL7 interface engine, based on tree structure and streaming algorithm, for large-size messages which include image data. Comput. Meth. Programs Biomed. 80:126–140, 2005.

    Article  Google Scholar 

  10. Ping, X.-O., Ko, L.-F., Shang, R.-J., and Lai, F., Dynamic Messages Creation Method for HL7 Based Healthcare Information System. HEALTHCOM 2007, 2007.

  11. Hsieh, J.-C., A novel DICOM-based 12-lead electrocardiogram documentary system. J. Electrocardiol. 40:S81–S87, 2007.

    Google Scholar 

  12. Dolin, R. H., Rishel, W., Biron, P. V., Spinosa, J., and Mattison, J. E., SGML and XML as Interchange Formats for HL7 Messages. J. Am. Med. Inform. Assoc. 1998.

  13. McAuliffe, M. J., Lalonde, F. M., McGarry, D., Gandler, W., Csaky, K., and Trus, B. L., Medical image processing, Analysis and visualization in clinical research. CBMS 2001. Proceedings. 14th IEEE Symposium.:381–386, 2001.

  14. Pereira, J., Lamelo, A., and Vazquez-Naya, I. M., Design and implementation of a DICOM PACS with secure access via Internet. Proceedings of the 23 rd Annual EMBS International Conference.:3724–3727, 2001.

  15. Lu, R., Cao, Z., Chai, Z., and Liang, X., A simple user authentication scheme for grid computing. Int. J. Netw. Secur. 7(2):202–206, 2008.

    Google Scholar 

  16. Chen, C.-L., Chen, Y.-Y., and Chen, Y.-H., Group-based authentication to protect digital content for business applications. Int. J. Innovative Comput. Inf. Control 5(5):1243–1251, 2009.

    Google Scholar 

  17. Zhang, L.-J., and Zhou, Q., CCOA: Cloud computing open architecture. ICWS 2009:607–616, 2009.

    Google Scholar 

  18. Lamport, L., Password authentication with insecure communication. Commun. ACM. 24, 1981.

  19. Ateniese, G., Cutmola, R., de Meideiros, B., and Davis, D., Medical information privacy assurance: Cryptographic and system aspects. Third Conference on Security in Communication Networks, 2002.

  20. Rash, M. C., Privacy concerns hinder electronic medical records. The Business Journal of the Greater Triad Area, April 4, 2005.

  21. Yee, G., Korba, L., and Song, R., Ensuring privacy for E-health services, In Proceedings of the First International Conference on Availability, Reliability and Security, 2006.

  22. Lin, C. H., and Lai, Y. Y., A flexible biometrics remote user authentication scheme. Comput. Stand. Interfaces 27(1):19–23, 2004.

    Article  Google Scholar 

  23. Lee, N. Y., and Chiu, Y. C., Improved remote authentication scheme with smart card. Comput. Stand. Interfaces 27(2):177–180, 2005.

    Article  Google Scholar 

  24. Wang, Y. Y., Liu, J. Y., Xiao, F. X., and Dan, J., A more efficient and secure dynamic ID-based remote user authentication scheme. Comput. Commun. 32:583–585, 2009.

    Article  Google Scholar 

  25. Yoon, E., and Yoo, K., An efficient password authentication schemes without using the server public key for grid computing. GCC 2005, LNCS 3795, 149–154, 2005.

  26. Foster, I., and Kesselman, C., The grid: Blueprint for a new computing infrastructure. 2nd revised edition, Morgan Kaufmann Publishers In, 2003.

  27. Schneier, B., and Shostack, A., Breaking up is hard to do: Modeling security threats for smart cards. Proceedings of USENIX Workshop on Smart Card Technology. 175–185, 1999.

  28. Stallings, W., Cryptography and network security, principles and practice. 3 rd Edition. Prentice Hall, 2003.

  29. Snyder, A. M., and Weaver, A. C., The e-logistics of securing distributed medical data. INDIN 2003. 207–216, 2003.

  30. Rankl, W., and Effing, W., Smart card handbook. John Wiley & Sons, ISBN 0-471-96720-3, 1997.

  31. Guthery, S. B., and Jurgensen, T. M., SmartCard Developer’s Kit, Macmillan Technical Publishing. ISBN 1-57870-027-2, http://www.scdk.com, 1998.

Download references

Acknowledgement

This work was supported partially by National Science Council, Taiwan under Grants NSC 98-2221-E-029-025.

Author information

Author notes

  1. Zhen-Yu Wu

    Present address: , #1 Roosevelt Rd. Sec. 4, Taipei, Taiwan, 106, Republic of China

Authors and Affiliations

  1. Department of Computer Science and Information Engineering, National Taiwan University, Taipei, Taiwan

    Zhen-Yu Wu & Feipei Lai

  2. Department of Electrical Engineering, Tunghai University, Taichung, Taiwan

    Yufang Chung

  3. Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan

    Feipei Lai

  4. Department of Information Management, Tunghai University, Taichung, Taiwan

    Tzer-Shyong Chen

  5. Graduate Institute of Biomedical Electronics and Bioinformatics, National Taiwan University, Taipei, Taiwan

    Feipei Lai

Authors
  1. Zhen-Yu Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yufang Chung
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Feipei Lai
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tzer-Shyong Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zhen-Yu Wu.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Wu, ZY., Chung, Y., Lai, F. et al. A Password-Based User Authentication Scheme for the Integrated EPR Information System. J Med Syst 36, 631–638 (2012). https://doi.org/10.1007/s10916-010-9527-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10916-010-9527-7

Keywords

Search

Navigation