1
Department of Computer Science and Engineering, Karunya Institute of Technology and Sciences, Coimbatore, India
(zionshibin@gmail.com)
2
Department of Computer Science and Engineering, Karunya Institute of Technology and Sciences, Coimbatore, India
(onesimu@gmail.com)
3
Department of Electronics and Communication Engineering, Karunya Institute of Technology and Sciences, Coimbatore, India
(martinsagayam.k@gmail.com)
4
Faculty of Computers and Artificial Intelligence, Beni-Suef University, Beni-Suef, 62511, Egypt
(elngar_7@yahoo.co.uk)
Abstract :
Security plays a major role in most fields including the pharmaceutical field. Authorization and Authentication are the key concepts in supporting notable areas of the cyber-health world. HIPAA's (Health Insurance Portability and Accountability Act) ultimate focus is to preserve the privacy of the health records of an individual without disclosing it and preventing the data from unauthorized access. A complaint key management solution is applied to the patient's health records to reduce the risk factor while engaging with cryptographic mechanisms. Though there are many existing cryptographic algorithms such as Elliptic curve cryptography, and Elgammal's key exchange algorithm which provides security to the access of patient's health records, the proposed key management solution will overlay the same variant of security to the Electronic Health Records (EHR). This paper provides the countermeasures for improving security and suggests a key recovery mechanism for the protection of keys used in the security mechanism.
Keywords :
Health Insurance Portability and Accountability Act (HIPAA); Electronic Protected Health Information (ePHI); Key management; RFID cards
References :
[1] Alese, B. K., Philemon, E. D., &Falaki, S. O. Comparative analysis of public-key encryption schemes.
International Journal of Engineering and Technology, 2(9), 1552-1568. (2012).
[2] Clarke, A., & Steele, R. Secure and reliable distributed health records: Achieving query assurance
across repositories of encrypted health data. In 2012 45th Hawaii International Conference on System
Sciences (pp. 3021-3029).IEEE. (2012).
[3] Lee, C. D., Ho, K. I. J., & Lee, W. B. A novel key management solution for reinforcing compliance
with HIPAA privacy/security regulations. IEEE Transactions on Information Technology in
Biomedicine, 15(4), 550-556.(2011).
[4] Dr. Najib A. kofahi.An empirical study to compare the performance of some symmetric and
asymmetric ciphers. International Journal of Security and Its Applications, 7(5), 1-16.(2013).
[5] Huang, H. F., & Liu, K. C. Efficient key management for preserving HIPAA regulations. Journal of
Systems and Software, 84(1), 113-119. (2011).
[6] Hu, J., Chen, H. H., &Hou, T. W. A hybrid public key infrastructure solution (HPKI) for HIPAA
privacy/security regulations. Computer Standards & Interfaces, 32(5-6), 274-280. (2010)
[7] Li, J., Lee, J. S., & Chang, C. C. Preserving PHI in compliance with HIPAA privacy/security
regulations using cryptographic techniques. In 2008 International Conference on Intelligent
Information Hiding and Multimedia Signal Processing (pp. 1545-1548). IEEE. (2008).
[8] David, S., Xavier, B., & Kathrine, J. W. A panoramic overview on fast encryption techniques for
outsourced data in mobile cloud computing environment.In 2017 International Conference on
Inventive Computing and Informatics (ICICI) (pp. 476-480).IEEE. (2018).
[9] Dunlop, L. Electronic health records: Interoperability challenges Patients' right to privacy. Shidler JL
Com. & Tech., 3, 1. (2006).
[10] Hripcsak, G., & Albers, D. J. Next-generation phenotyping of electronic health records. Journal of the
American Medical Informatics Association, 20(1), 117-121. (2013).
[11] Benaloh, J., Chase, M., Horvitz, E., &Lauter, K. Patient controlled encryption: ensuring privacy of
electronic medical records. In Proceedings of the 2009 ACM workshop on Cloud computing security
(pp. 103-114). (2009).
[12] Krasner, J. Using Elliptic Curve Cryptography (ECC) for Enhanced Embedded Security-Financial
Advantages of ECC over RSA or Diffie-Hellman (DH). Embedded Market Forecasters, American
Technology. (2004).
[13] Sun, J., Zhu, X., Zhang, C., & Fang, Y. HCPP: Cryptography based secure EHR system for patient
privacy and emergency healthcare. In 2011 31st International Conference on Distributed Computing
Systems (pp. 373-382).IEEE. (2011).
[14] Großschädl, J., Page, D., & Tillich, S. Efficient java implementation of elliptic curve cryptography for
J2ME-Enabled mobile devices. In IFIP international workshop on information security theory and
practice (pp. 189-207).Springer, Berlin, Heidelberg.(2012).
[15] Bos, J. W., Halderman, J. A., Heninger, N., Moore, J., Naehrig, M., &Wustrow, E. Elliptic curve
cryptography in practice. In International Conference on Financial Cryptography and Data Security
(pp. 157-175).Springer, Berlin, Heidelberg. (2014).
[16] Meystre, S. M., Savova, G. K., Kipper-Schuler, K. C., & Hurdle, J. F. Extracting information from
textual documents in the electronic health record: a review of recent research. Yearbook of medical
informatics, 17(01), 128-144. (2008).
[17] Palojoki, S., Mäkelä, M., Lehtonen, L., &Saranto, K. An analysis of electronic health record–related
patient safety incidents.Health informatics journal, 23(2), 134-145. (2017).
[18] Vijayakumar, P., Anand, K., Bose, S., Maheswari, V., Kowsalya, R., &Kannan, A. Hierarchical key
management scheme for securing mobile agents with optimal computation time. Procedia engineering,
38, 1432-1443. (2012).
[19] McDonald, Clement. J., Tang, P. C., &Hripcsak, G. Electronic health record systems.In Biomedical
Informatics (pp. 391-421).Springer, London. (2014).
[20] Mirkovic, J., Bryhni, H., &Ruland, C. M. Secure solution for mobile access to patient's health care
record. In 2011 IEEE 13th International Conference on e-Health Networking, Applications and
Services (pp. 296-303).IEEE. (2011).
[21] Hripcsak, G., Albers, D. J., &Perotte, A. Parameterizing time in electronic health record studies.
Journal of the American Medical Informatics Association, 22(4), 794-804. (2015).
[22] Ratwani, R. M., Fairbanks, R. J., Hettinger, A. Z., & Benda, N. C. Electronic health record usability:
analysis of the user-centered design processes of eleven electronic health record vendors. Journal of
the American Medical Informatics Association, 22(6), 1179-1182. (2015).
[23] Sciancalepore, S., Piro, G., Boggia, G., & Bianchi, G. Public key authentication and key agreement in
IoT devices with minimal airtime consumption. IEEE Embedded Systems Letters, 9(1), 1-4. (2016).
[24] Gupta, K., &Silakari, S. Ecc over rsa for asymmetric encryption: A review. International Journal of
Computer Science Issues (IJCSI), 8(3), 370.(2011).
[25] Fraser, H., Biondich, P., Moodley, D., Choi, S., Mamlin, B., &Szolovits, P. Implementing electronic
medical record systems in developing countries. Journal of Innovation in Health Informatics, 13(2),
83-95. (2005).
[26] Krawczyk, H. Cryptographic extraction and key derivation: The HKDF scheme. In Annual Cryptology
Conference (pp. 631-648).Springer, Berlin, Heidelberg. (2010).
[27] Yang, Y., Han, X., Bao, F., & Deng, R. H. A smart-card-enabled privacy preserving E-prescription
system. IEEE Transactions on Information Technology in Biomedicine, 8(1), 47-58. (2004).
[28] Ray, S., &Biswas, G. P. A Certificate Authority (CA)-based cryptographic solution for HIPAA
privacy/security regulations. Journal of King Saud University-Computer and Information Sciences,
26(2), 170-180. (2014).
[29] Sicuranza, M., & Esposito, A. An access control model for easy management of patient privacy in
EHR systems.In 8th International Conference for Internet Technology and Secured Transactions
(ICITST
Style | # |
---|---|
MLA | Shibin David, Andrew J, K. Martin Sagayam, Ahmed A. Elngar. "Augmenting security for electronic patient health record (ePHR) monitoring system using cryptographic key management schemes." Fusion: Practice and Applications, Vol. 5, No. 2, 2021 ,PP. 51-61 (Doi : https://doi.org/10.54216/FPA.050201) |
APA | Shibin David, Andrew J, K. Martin Sagayam, Ahmed A. Elngar. (2021). Augmenting security for electronic patient health record (ePHR) monitoring system using cryptographic key management schemes. Journal of Fusion: Practice and Applications, 5 ( 2 ), 51-61 (Doi : https://doi.org/10.54216/FPA.050201) |
Chicago | Shibin David, Andrew J, K. Martin Sagayam, Ahmed A. Elngar. "Augmenting security for electronic patient health record (ePHR) monitoring system using cryptographic key management schemes." Journal of Fusion: Practice and Applications, 5 no. 2 (2021): 51-61 (Doi : https://doi.org/10.54216/FPA.050201) |
Harvard | Shibin David, Andrew J, K. Martin Sagayam, Ahmed A. Elngar. (2021). Augmenting security for electronic patient health record (ePHR) monitoring system using cryptographic key management schemes. Journal of Fusion: Practice and Applications, 5 ( 2 ), 51-61 (Doi : https://doi.org/10.54216/FPA.050201) |
Vancouver | Shibin David, Andrew J, K. Martin Sagayam, Ahmed A. Elngar. Augmenting security for electronic patient health record (ePHR) monitoring system using cryptographic key management schemes. Journal of Fusion: Practice and Applications, (2021); 5 ( 2 ): 51-61 (Doi : https://doi.org/10.54216/FPA.050201) |
IEEE | Shibin David, Andrew J, K. Martin Sagayam, Ahmed A. Elngar, Augmenting security for electronic patient health record (ePHR) monitoring system using cryptographic key management schemes, Journal of Fusion: Practice and Applications, Vol. 5 , No. 2 , (2021) : 51-61 (Doi : https://doi.org/10.54216/FPA.050201) |