ProductsLogo
LogoStudy Documents
LogoAI Grader
LogoAI Answer
LogoAI Code Checker
LogoPlagiarism Checker
LogoAI Paraphraser
LogoAI Quiz
LogoAI Detector
PricingBlogAbout Us
logo

Security and Cryptography in Healthcare Systems

Verified

Added on  2019/10/18

|7
|3694
|396
Report
AI Summary
The provided assignment content discusses cryptographic algorithms and protocols used in healthcare systems for secure data transmission. The concept of Electronic Health Records (EHR) is also covered. A system model for EHR is illustrated to demonstrate the security management of a healthcare system. The importance of security models and protocols in medical applications is highlighted.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
SECURITY PROTOCOLS USED FOR PROTECTING THE ELECTRONIC HEALTH
RECORDS
ABSTRACT
The technology growth is increasing rapidly
thereby it tends to concentrate on secure
transactions in an Electronic Health Record
system (EHRS). In this model the main
necessity of security protocol is for
authentication. In medical health care most
of the people use their transaction card for
payment so there should be a secure
protocol to protect the user’s authentication
records. For secure transactions
cryptographic protocols should be used
between the two transaction parties to
perform the task securely. In this paper a
study of cryptography protocol is analyzed
to know how the data is secured in
electronic health record system.
1. INTRODUCTION
Cryptography is one of the main techniques
which are used for data security. In e-
healthcare system, various data such as
patient’s personal information, health
information and transactions information are
stored. So these data should be secured
using cryptographic protocols. Cryptography
protocol is used as a security protocol to
protect the data communication between two
members. Generally, cryptography protocol
uses some procedures or schemes to perform
the security mechanism. Consider the
transaction mechanism in the e-health care
system. When the user performs the credit
or debit card transaction some mechanisms
like digital signature schemes are used for
security. Some of the examples of
cryptography protocols are TLS, SSH,
Kerberos, IPSec, etc. Nowadays people
widely use EHRS to build a secure
environment in the medical industry. For
this system, cloud computing is one of the
important factors to provide the
infrastructure for manipulating the data.
Every health care provider has their own
database for EMRs (Electronic Medical
Records). The data are stored in a
centralized system where every patient can
have different health care providers like
specialists, therapists, physicians etc. so
there is a need for cloud infrastructure for
the additional storage of records. EMR
involves in sharing of records that are said to
be electronic health records [1][7].
2. GENERAL SECURITY
PROTOCOLS
In general, there are some security protocols
such as key agreement protocol,
identification and authentication protocol
and Password authentication and key change
protocols [8]
Key agreement
This protocol is used by two users to share
the single key. For example, if a message is
to be sent to bob it should be sent securely
with the secret key. Authentication is given
to the user when he holds the private key or
public key pair. The specific pair of the key
used in such session is called ephemeral
keys. Generally, in key distribution, one
user has the control to edit the key pair but
in key agreement, both the user has the
control to change the key pair and both are
involved in key generation method.
Identification and authentication
protocols
This protocol is used for enabling the user to
create authentication in online. Every user
has a private key or public key that is yet to

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
be verified. During the verification public
key is verified with the identified key to
prove their identity of the user.
Identification and authentication is a similar
process where identification is identifying
the user with the matching keys whereas
authentication is verifying whether the key
is relevant to users key. So the output of the
authentication gives the original user.
Password authentication and key
exchange protocols
In password authentication key and
exchange protocols password is used as a
key whereas in key agreement the key used
is just the secret code. If the user sends the
message with the password then the
challenge is to design the protocol to secure
against dictionary attacks. The user should
be aware of setting the password so that the
intruder may not guess the password.
3. APPLICATION RELATED
SECURITY PROTOCOLS
Security protocols which are used in the
restricted areas of wireless or mobile
communication are WAP protocols,
Bluetooth and ZigBee [8].
WAP protocols
WAP is Wireless Application Protocol. It is
used as a communication protocol for
accessing the data wirelessly in the mobile
network. It provides direct connectivity
between the wireless devices and the
internet. This function can be created using
open source environment and it can be
created using any type of operating system.
BLUETOOTH
Bluetooth is a wireless technology that is
used for sending and receiving the data with
the shorter distance in the mobile networks
using the personal area network. Bluetooth
protocol consists of various protocols such
as baseband, link manager protocol, logical
link control and adaptation layer, service
discovery protocol. Each protocol has their
specifications and its limitations.
ZIGBEE
Zigbee is a communication technology
which is operated with the lower ranges
when compared to the Bluetooth. The aim of
this technology is to provide high range by
using mesh network.
4. DEFINITIONS OF PHR, EHR AND
EMR
The main terms involved in health care
system are PHR (Personal Health Record),
Electronic Medical Record (EMR) and EHR
(Electronic Health Record). Let us see the
definitions for the following terms [1] [11].
PHR
The personal health record is a description
of the patient's health conditions which is
maintained individually by them. There will
be a complete summary of the patient's
health history and it can be obtained by
using the systems like EMR and EHRs. This
information can be accessible from
anywhere and anytime with any devices.
EMR
Electronic Medical Record is an observation
of patient’s details when the patients are
encountered at the health care centre as an
inpatient and outpatient process. The
description of the patients is held by the
healthcare organization. Electronic Medical
Record is created by the inspectors who
need to monitor, document and manage the
health of the patients within the healthcare
organization. The records are created by
them and it is monitored by them in order to
know the details of the patients and to give
treatment accordingly. In EMR there will be
clinic data repository (CDR), clinic decision
Document Page
support system (CDSS), order entry,
medical vocabulary, pharmacy management
and administration record.
EHR
Electronic Health Record is a part of
Electronic Medical Record where the health
record is maintained by the healthcare
organization to monitor the patient. In
general, EHR consists of many patients
details with the worldwide region, state or
community. The main aim of EHR is to
form a document of patient’s record to
support the patients at present and future to
treat them accordingly. This documentation
provides the need for clinicians to patient’s
health care.
5. PROCESS OF EHR
The process of EHR is shown below
Figure 1.System process
The interrelationship between PHR, EHR
and EMR:
Finally, the medical records of patients can
be viewed by PHR, EHR and EMR. All
three are partially overlapped. With the help
of PHR, EHR can be created. With the help
of EMR, EHR is created. The main aim of
health care system is to provide the
healthcare information with the desired
information.
6. METHODOLOGY USED IN EHR
In electronic health record system, usually,
every patient will have the microprocessor
for authentication. The description of the
patients will be secured with the help of
cryptographic algorithms where it is secured
with the basic cryptographic principles such
as confidentiality and authenticity. A certain
algorithm is developed to know which key is
used for the patients and which key is used
for the doctor's accessibility of health
records. The patients is given with the
public key to access the health record
whereas the doctors are provided with the
private key to access the health record of the
patients. The data can be stored and obtained
from anytime and anywhere with the
devices. The description of the patients and
the doctor's prescriptions can be viewed
only with the valid authentication. There are
healthcare professionals to monitor the
patient's health record, document and update
the existing health record [2] [11].
7. SYSTEM MODEL
The system model consists of three modules.
They are EHR data collection and
integration, secure storage and management
and secure usage of data [2][3].
Figure 2. System model
DATA COLLECTION AND
INTEGRATION:
This process is the major task to start the
system management. In order to create the
EHR the patient's history should be
gathered. So the data collection and
integration is done by the healthcare
organization. The main requirement for
integrating the data is before integration the
data should be verified in terms of basic
security principles of cryptography such as
Document Page
confidentiality, integrity and availability.
When the security principles are verified the
data is integrated successfully.
SECURE STORAGE AND
MANAGEMENT
In this module, there are two main
components they are access control
mechanism and secure storage. The
integrated data is encrypted and stored in the
storage server where the data can be
accessed only by the authorized person.
There are different types of access control
mechanism that is used for authentication.
They are role-based access control or
attribute based access control policies. Only
the people with the decryption key can able
to access the encrypted data using some
access control mechanism. For example, If
Alice data should be accessed by someone
then Alice wants to give her own private key
to access the encrypted data.
SECURE USAGE
The data should be used using some
signatures and verification mechanism. The
medical report of the Alice should be
proceeded with the signature algorithm. The
data should be verified at the final stage of
the medical treatment.
Digital signature algorithm
A digital signature algorithm is used for
satisfying the basic principles of
cryptography namely authenticity,
confidentiality and integrity. There are three
steps in performing digital signature. They
are a key generation, signing and verifying.
The digital signature can be represented in
the form of binary digits. The signature is
the representation of rules and parameters
which is considered in the algorithm. The
signature of the user is generated by their
own and it is known as a secret or private
key. Private Key is known only to the user
created. In the study of cryptography, there
are two different keys. One is private key
and other is a public key. The user who has
created the private key only knows that
private key is the secret key. The public key
generated by the user is shared with others
for providing the access but the private key
is used for key generation of the signature
algorithm. The digital signature can be used
in applications like electronic transactions,
data communication, data storage and
application that is in need of integrity and
secure communication of data [4] [9].
In order to use the digital signature, there are
three standards algorithms. They are a
digital signature algorithm, RSA algorithm
and Elliptical Curve Digital Signature
Algorithm. In this key generation of the
digital signature, hash function and message
digest are used. The message digest is used
to obtain the encrypted data. For signature
creation and verification both hash function
and the message digest is used. Using these
two data encryption method improves the
efficiency of data.
Figure 3. Block diagram of digital signature
algorithm

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Key generation
In a key generation, there are two phases.
One is a generation of algorithmic
parameters, another one is a key generation
of private and public keys. For creating the
parameters cryptographic hash function is
used.
The parameters used in DSA are b, d.
B is a prime modulus where the values of b
ranges between 2i-1< p <2i
D is a prime divisor of the prime modulus b-
1
The key generation starts with the prime
numbers using SHA that ranges from 2519 < d
< 2160. After computing, this value R value
is constructed. Then the prime b-value is
formed by rounding the R values to
congruent of 1 mod 2d. The R values which
is generated is then converted to the binary
expression as shown below
r = r1* 2z-1 + r2* 2z-2 + ... + rz-1* 2 + rz ->
{ r1,..., rz }.
Then the above sequence of bits {r1,..., rz } is
converted into an integer rule
{ r1,..., rz } -> r1* 2z-1 + r2* 2z-2 + ... + rz-1* 2 +
rz.
Here the first-bit corresponds to the most
significant bit and last bit corresponds to
least significant bits.
Assume K-1 =l* 160 +n where l and n are
integers and ranges from 0<=b<160
Step 1: consider the sequence of bits up to
160 and fix its length as S in bits.
Step 2: Compute the parameters using the
following expression.
F = SHA-1[S] XOR SHA-1[( S+ 1) mod 2
z ].
Step 3: from F, form the values of d by
considering the most significant bit and least
significant bits from 160 bits to 1.
Step 4: use some algorithm to check
whether the prime number d is 1.
Step 5: if d is not a prime number then
repeat the step 1 until the q value is prime.
Step 6: assume the counter value to be zero
and offset value to be 2.
Step 7: Calculate the values for L =0
Uk = SHA-1[( S + offset + l) mod 2z ].
Step 8: Let T be the integer and consider the
following expression
T = U0 + U1* 2160 + ... + Fn-1* 2(n-1)* 160 + (Fn
mod 2n ) * 2n* 160
and let R = + 2k-1 where values of T ranges
between 0 ≤ T < 2L-1 and hence 2L-1 ≤ R < 2k.
Step 9: Let a = R mod 2d and set b = R -(a -
1).
Step 10: If a < 2k-1 , then repeat step 13.
Step 11: After computation performs the test
on b.
Step 12: test the values if it is satisfied then
go to step 15.
Step 13: consider count = count + 1 and offs
= offs + n + 1.
Step 14: If the value of counter ≥ 212 = 4096
then go to step 1, if the condition is not
satisfied then go to step 7.
Step 15: Use the value of S for the proper
generation of b and d.
Signing
For signing the hash function and the
message M will be considered. Use the
following equation for computing r and s .
p = (zs mod b) mod d
q = (L-1(SHA(N) + sn)) mod d
Document Page
L-1 => multiplicative inverse of N(mod d).
The default message value of SHA(N) is a
160-bit string where the string value is
converted to an integer value. After
completing the signature generation
verification process is started.
Verifying
To implement the verification process the
receiver has to now the b, d, z and the
sender’s public key. The range of
parameters 0 < m′ < d and 0 < n′ < d should
be checked. If both the conditions are failed
then the signature generated should not be
preceded for verification process. The
signature should be processed only when the
range of parameters are satisfied. The
following equations are used for the
computation.
p = (n′)-1 mod d
e1 = ((SHA(N′))b) mod d
e2 = ((p′)n) mod d
q= (((z)e1 (w)e2) mod b) mod d
After computation if the values of q and p
are equal then the signature generated is said
to be valid otherwise the signature is not
valid.
8. PROTOCOL USED IN HEALTH
CARE SYSTEM
There should be a secured protocol
mechanism to protect the data during
communication. Similar protocols used in
the health care system are SSL, TLS and
IPsec
Specific security protocols
Some specific security protocols used in
applications are SSH, TLS and IPSec
SSH
Secure socket shell is a specific security
protocol that provides the secure access to
the computer. It provides secure
authentication and encryption of data in the
network. It is mainly used by the network
administrators to secure the data from the
remote location. By using SSH, one can log
in the computer from the remote location,
execute the commands for moving the files
from one location to another location [6]
[10].
TLS
Transport Layer Security is a security
protocol that is used in applications for
securing the data and privacy during
communication between them. It is widely
used security protocol for communication
between web browser and websites. Some of
the application that uses TLS are instant
messaging, VPN and VOIP (Voice over IP).
TLS consists of two layers namely TLS
record protocol and TLS handshake
protocol. TLS record protocol is used for
provides the secure connection and TLS
handshake protocol is used for
authenticating the server and client where no
encryption and cryptographic algorithms are
executed [5].
IPSec
Internet protocol security is used for
defining the security architecture for IP
traffic in the network. It helps to provide the
security at the internet protocol layers using
authentication, encryption of network.
Internet protocols are used for defining the
cryptographic algorithms for encryption and
decryption of packets, key agreement and
key management protocols [8].
Document Page
9. DISCUSSION AND CONCLUSION
We have considered some security models,
cryptographic algorithms for the healthcare
applications. The concepts related to EHR
are also discussed. A system model for EHR
is illustrated for the security management of
health care system. The importance of
security models and protocols is described in
the medical application.
REFERENCES
[1] Patel, I. Kantzavelou, “Implementing
network security guidelines in health-care
information systems”. In: MEDINFO ’95.
Proceedings of the eighth World Congress
on Medical Informatics. Vancouver Trade
and Convention Centre, Canada. p. 671–
674.
[2] D. Garets and M. Davis, “A HIMSS
Analytics White Paper. Electronic Medical
Records vs. Electronic Health Records: Yes,
There Is a Difference”. January 26, 2006.
http://
www.himssanalytics.org/docs/wp_emr_ehr.
pdf
[3] J. Jin, G.-J. Ahn, H. Hu, M. J.
Covington, and X. Zhang. “Patient-centric
Authorization Framework for Sharing
Electronic Health Records”. Symposium on
Access Control Models and Technologies,
Proceedings of the 14th ACM symposium on
Access control models and technologies,
2009, 125-134.
[4] S. M. Furnell, P.W. Sanders, “Security
management in the health-care
environment”, in: R.A. Greenes, H.E.
Peterson, D.J. Protti, (eds.), MEDINFO ’95,
Proceedings of the eighth World Congress
on Medical Informatics. Canada. p. 675–678
[5] Michel Abdalla and David Pointcheval.
“A scalable password-based group key
exchange protocol in the standard model”.
In Xuejia Lai and Kefei Chen, editors,
ASIACRYPT, volume 4284 of Lecture
Notes in Computer Science, Springer,
2006,pages 332–347.
[6] M. Bellare, T. Kohno, and C.
Namprempre. “The Secure Shell (SSH)
Transport Layer En- cryption Modes”. RFC
4344 (Proposed Standard), January 2006.
[7] Mihir Bellare, Ran Canetti, and Hugo
Krawczyk.” A modular approach to the
design and analysis of authentication and
key exchange protocols (extended
abstract)”. In Jeffrey Scott Vitter, editor,
STOC, ACM, 1998, pages 419– 428.
[8] Mihir Bellare, Marc Fischlin, Shafi
Goldwasser, and Silvio Micali.
“Identification protocols secure against reset
attacks”. In Pfitzmann [260], pages 495–
511.
[9] Mihir Bellare, Sriram Keelveedhi, and
Thomas Ristenpart. “Message-locked
encryption and secure deduplication”. In
Johansson and Nguyen [178], pages 296–
312.
[10] D. Bider and M. Baushke. “SHA-2
Data Integrity Verification for the Secure
Shell (SSH) Transport Layer Protocol”. RFC
6668 (Proposed Standard), July 2012
[11] Firat Kart, Gengxin Miao, L.E. Moser,
P.M. Melliarsmith,” A distributed e-
healthcare system based on the service
oriented articheture”, University of
California, Santa Barbara, CA 93106.
1 out of 7
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]