Journal of the Korea Academia-Industrial cooperation Society (한국산학기술학회논문지)

The Korea Academia-Industrial cooperation Society (한국산학기술학회)
권호 표지
DOI QR코드

DOI QR Code

Design of Integrated Authentication Scheme for Safe Personal Information Management in a U-Health Environment

U-Health환경에서 안전한 개인정보 관리를 위한 통합 인증스키마 설계

  • Min, So-Yeon (Department of Information Communication, Seoil University) ;
  • Jin, Byung-Wook (Department of Computer Science, Soongsil University)
  • Received : 2014.05.27
  • Accepted : 2014.06.12
  • Published : 2014.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

The U-health service provides medical services with patients anytime or anywhere and is defined as the service that combines information and communication technology with health and medical service. However, it causes some troubles, such as the disclosure of patients' medical information or data spills (personal information extrusion). Moreover, it has the weak point of the security threats associated with data based on existing wire-wireless systems because it conducts data transmission and reception through the network. Therefore, this paper suggests a safe personal information management system by designing integrated certification schema that will help compensate for the weaknesses of the U-health service. In the proposal, the protocols for user information, certification between medical institution and users, data communication encryption & decryption, and user information disuse were designed by applying the ID-Based Encryption, and analyzed such existing systems and PKI Based-based communication process, securely and safely.

U-health Service는 환자와 의료진과의 언제 어디에서나 의료서비스를 제공하는 것을 지칭하며 정보통신 기술과 보건의료를 융합한 서비스로 정의하고 있다. 그러나 환자의 의료정보, 개인정보 유출과 같은 사례가 발생하고 있고, 또한 네트워크를 통하여 데이터 송수신을 계승하므로써 기존 유 무선기반의 보안위협사항을 계승하는 취약점이 있다. 그러므로 본 논문에서는 U-Health Service에서 발생하는 취약점을 보완하고자 통합 인증스키마를 설계하여 안정한 개인정보에 대한 관리 시스템을 제안하였다. 제안프로토콜에서는 ID-Based Encryption을 활용하여 사용자 등록, 의료기관과 사용자간의 인증, 데이터 통신 암 복호화, 사용자 정보 폐기에 대한 프로토콜을 설계하였으며, 이에 따른 기존시스템 및 PKI Based 기반 통신과정과 보안성과 안전성에 관하여 분석하였다.

Keywords

References

  1. Chan-Yong Park, "Technical Trend of U-Healthcare Standardization", No. 25, Vol 4, pp.48-59 2011.8
  2. A Development of Standard and Bio-Authentication Technology for Telemedicine, KISA, 2007.12
  3. TTA, Information Security Reference Model for u-Health Service, TTA, 2010.12.
  4. TTA, Health Data Gateway, Server Protocol, 2011.6
  5. TTA, u-Health Service Reference Model, TTA, 2010.12
  6. Adi Shamir. "Identity-Based Cryptosystems and signature System". SpringerLink. 1985
  7. Dan Boneh, Matthew Franklin. "Identity-Based Encryption from the Weil Pairing". Crypto. 2001
  8. M. Martinez-Espronceda et al., "Standard- Based Homecare Challenge: Advances of ISO/IEEE11073 for u-Health," Series in Biomedical Engineering, Handbook of Digital Homecare, Oct. 2009, pp.179-202. DOI: http://dx.doi.org/10.1007/978-3-642-01387-4_9

Cited by

  1. Design The User Authentication Framework Using u-health System vol.13, pp.5, 2015, https://doi.org/10.14400/JDC.2015.13.5.219
  2. Designed OTP Generation Method Using Health Information vol.13, pp.8, 2015, https://doi.org/10.14400/JDC.2015.13.8.315