ABSTRACT
Lightweight computing technology is the trend of future information technology. Related research technologies are applied to electronic health records and electronic medical records, and only consider the mutual authentication of users and the confidentiality of data transmission. In addition, most researches still rely on time-consuming modular exponential calculations, elliptic-curve based signatures and encryption algorithms. However, few studies can fully consider the development of lightweight access control mechanisms for health care information database systems. Physically Unclonable Functions (PUF) devices are based on unique physical changes that occur naturally in the semiconductor manufacturing process, resulting in unique identification and unpredictability. They are used in authentication and encryption mechanisms and have significant improvements in performance. This investigation discusses and analyses on the privacy protection, authorization and access control characteristics of the health care information database, and develops a secure and efficient access control scheme by using PUF technology for health information systems. The proposed access control scheme not only improves the privacy and security of patient medical records, but also makes the entire medical process more efficient.
- The USA government. HIPAA, 1996a; HIPAA, 1996b, pp.104-191.Google Scholar
- Lee W. B. and Lee C.D. 2008. A cryptographic key management solution for HIPAA privacy/security regulations. IEEE Transactions on Information Technology in Biomedicine 12, 1, 34-41.Google ScholarDigital Library
- Wu J.E. 2011. Improved Cryptographic Key Management Scheme for HIPAA Privacy and Security, Master Thesis, Department of Computer Science and Information Engineering Chung Hua University, (Aug. 2011). http://chur.chu.edu.tw/bitstream/987654321/42464/1/GM097020470.pdfGoogle Scholar
- Lee T.-F., Chen P.-Q., and Hwang S.-H. 2017. An extended chaotic map-based HIPAA-compliant key management scheme with revocation of authorization. Communications of the CCISA 23 (Oct. 2017), 55-72.Google Scholar
- R. Maes, "Physically Unclonable Functions: Concept and Constructions" in Physically Unclonable Functions, Springer, pp. 11-48, 2013.Google Scholar
- Herder C., Yu M. D., Koushanfar F., and Devadas S. 2014. Physical Unclonable Functions and Applications: A Tutorial”, in Proceedings of the IEEE, (August 2014), 1126–1141.Google Scholar
- Joshi S., Mohanty S. P., Kougianos E. 2017. Everything you wanted to know about PUFs. IEEE Potentials 36, 6 (Nov./Dec. 2017), 38-46.Google ScholarCross Ref
- Yanambaka V.P., Mohanty S. P., Kougianos E. 2018. Making Use of Manufacturing Process Variations: A Dopingless Transistor Based-PUF for Hardware-Assisted Security. IEEE Transactions on Semiconductor Manufacturing 31, 2, (May 2018) 285 – 294. DOI: 10.1109/TSM.2018.2818180Google ScholarCross Ref
- McGrath T., Bagci I. E., Wang Z. M., Roedig U., Young R. J. 2019. A PUF Taxonomy, Applied Physics Reviews 6 (1), 011303, https://doi.org/10.1063/1.5079407.Google ScholarCross Ref
- A Secure and Efficient Access Control Scheme Based on PUF for Health Information Systems
Recommendations
Secure, efficient and revocable multi-authority access control system in cloud storage
A multi-authority attribute-based access control system for cloud storage is proposed.An adaptively secure multi-authority CP-ABE (MA-CP-ABE) scheme in the standard model.A decryption outsourcing method for the proposed MA-CP-ABE scheme.An attribute-...
Probably Secure Efficient Anonymous Credential Scheme
This article describes how after the concept of anonymous credential systems was introduced in 1985, a number of similar systems have been proposed. However, these systems use zero-knowledge protocols to authenticate users, resulting in inefficient ...
An efficient signcryption for data access control in cloud computing
Data storage is one of main services in cloud computing. How to ensure the confidentiality and authorized access of data is the central issue of data storage. In this paper, we propose a novel data access control scheme that can simultaneously achieve ...
Comments