Rendezvous-based access control for medical records in the pre-hospital environment

Authors:
Feike W. Dillema;Simone Lupetti
Affiliations:
University of Tromsø;University of Tromsø
Venue:
Proceedings of the 1st ACM SIGMOBILE international workshop on Systems and networking support for healthcare and assisted living environments
Year:
2007

Citing 11
Cited 2

Consistency in a partitioned network: a survey

ACM Computing Surveys (CSUR)
Programming semantics for multiprogrammed computations

Communications of the ACM
The Design of Rijndael

The Design of Rijndael
Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish)

Fast Software Encryption, Cambridge Security Workshop
Protection

ACM SIGOPS Operating Systems Review
A security policy model for clinical information systems

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
HIT and MIS: implications of health information technology and medical information systems

Communications of the ACM - The digital society
The Cambridge CAP computer and its operating system (Operating and programming systems series)

The Cambridge CAP computer and its operating system (Operating and programming systems series)
A survey and analysis of Electronic Healthcare Record standards

ACM Computing Surveys (CSUR)
Audit-Based Access Control for Electronic Health Records

Electronic Notes in Theoretical Computer Science (ENTCS)

Securing medical records on smart phones

Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems
Biometric access control for e-health records in pre-hospital care

Proceedings of the Joint EDBT/ICDT 2013 Workshops

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present rendezvous-based access control for access control in the pre-hospital environment. Rendezvous-based access control is a simple cryptographic access control method that provides access if and only if patient and health worker meet in the physical world. Access is provided locally and does not depend on connectivity with remote systems. It is therefore suitable in an environment with small mobile devices that have local connectivity but may be disconnected now and then from remote systems. It is designed to protect against aggregation threats without letting the patients carry their own medical data. A system can then be implemented where the tokens carried by the patients are simple and robust which is easily managed. We believe that our mechanism provides a useful alternative to remote access to a centralized system and to patients carrying their own medical record (on a smartcard e.g.).