Applications in Health Care using Public-Key Certificates and Attribute Certificates
نویسندگان
چکیده
Security infrastructures are increasingly used in the health care and welfare sector, particularly for providing security, like confidentiality, authenticity, integrity, nonrepudiation, and auditing. Especially within the health care sector, there is a need for different kinds of certificates, namely public-key certificates and attribute certificates. This necessity is caused by the huge range of processes and procedures deriving from different application areas within the health care sector. Due to that, this leads to a large amount of specific and different roles, rules, access rights, and permissions for each health professional. An important security token within health care is represented by the smart card, called health professional card (HPC). Existing solutions e.g. the German HPC, prototypes, and European as well as national projects, activities, and initiatives, show the state of the art with respect to certificates. Finally, we point out unsolved problems regarding security infrastructures, jurisdiction, data protection, and advertizing via Internet.
منابع مشابه
PKI based Access Control with Attribute Certificates for Data held on Smartcards
Common smartcard systems are not capable of providing effective Data Access Control in distributed IT-infrastructures with high configuration dynamics. The crucial points of that approach are resource consumption and inflexibility. The storage capacity of actual smartcards is clearly insufficient to store large certificate databases required by distributed services and applications. The exchang...
متن کاملPKI-based secure mobile access to electronic health services and data.
Recent research works examine the potential employment of public-key cryptography schemes in e-health environments. In such systems, where a Public Key Infrastructure (PKI) is established beforehand, Attribute Certificates (ACs) and public key enabled protocols like TLS, can provide the appropriate mechanisms to effectively support authentication, authorization and confidentiality services. In ...
متن کاملA First Approach to Provide Anonymity in Attribute Certificates
This paper focus on two security services for internet applications: authorization and anonymity. Traditional authorization solutions are not very helpful for many of the Internet applications; however, attribute certificates proposed by ITU-T seems to be well suited and provide adequate solution. On the other hand, special attention is paid to the fact that many of the operations and transacti...
متن کاملReasoning about Joint Administration of Access Policies for Coalition Resources
We argue that joint administration of access policies for a dynamic coalition formed by autonomous domains requires that these domains set up a coalition authority that distributes attribute certificates authorizing access to policy objects (e.g., ACLs). Control over the issuance of such certificates is retained by member domains separately holding shares of the joint coalition authority’s priv...
متن کاملA Framework for Adaptive Information Security Systems : A Holistic Investigation
This paper describes a security system for authorization in open networks. Authorization means authority to access certain resources, to perform certain operations, or to use certain system functions. In this paper, the authorization system bases on use of attribute certificates. An attribute certificate is a signed object containing authorization attributes of a user. Before checking whether a...
متن کامل