Applying a Secure Authentication Protocol of Personal Health Record System in IOT Environment

• Main Authors: Yeh, Jung, 葉 嶸
• Other Authors: Chen, Tzer-Shyong
• Format: Others
• Language: zh-TW
• Published: 2018
• Online Access: http://ndltd.ncl.edu.tw/handle/spttdc

碩士 === 東海大學 === 資訊管理學系 === 106 === Patient-centered personal health record systems are promoted in past years, aiming to permanently record personal physiological conditions and health improvement plans. The combination with a mature physiological sensing device could establish personal health record system in the Internet of Things environment to rapidly collect personal information which is transmitted to the back-end for reservation and future access. Nevertheless, the transmission of information is opener under the Internet of Things environment. In comparison with past routes, the identity can be more easily stolen or data are intercepted in the transmission process to further steal patients’ medical records and relevant data of medical institutions and health care personnel. Without an effective security mechanism, the users would not trust such a structure to largely affect the use of the system as well as the promotion and quality of long-term health plans. To protect users’ important privacy from hostile attack and even stealing, the owners should have complete authority to manage personal health records and authorize other users. Such a secure identity authentication mechanism could guarantee that merely legal users could log in the system to acquire the system service resources. Aiming at personal health record system under Internet to Things environment, a user identity authentication mechanism with security and privacy allows medical personnel permanently retrieving the user’s health information and assisting in long-term health care plans. With double authentication mechanisms of password and exclusive smart card, the mechanism allows the owners and the authorized users logging in the system and accessing relevant personal records. The use of cryptosystem based on bilinear pairing for two-way user identity authentication could effectively prevent from hostile invasion and stealing behaviors.