nach oben

Journal of Medical Systems

Erschienen in:

01.08.2012 | Original Paper

A Reliable User Authentication and Key Agreement Scheme for Web-Based Hospital-Acquired Infection Surveillance Information System

verfasst von: Zhen-Yu Wu, Yi-Ju Tseng, Yufang Chung, Yee-Chun Chen, Feipei Lai

Erschienen in: Journal of Medical Systems | Ausgabe 4/2012

Einloggen, um Zugang zu erhalten

Abstract

With the rapid development of the Internet, both digitization and electronic orientation are required on various applications in the daily life. For hospital-acquired infection control, a Web-based Hospital-acquired Infection Surveillance System was implemented. Clinical data from different hospitals and systems were collected and analyzed. The hospital-acquired infection screening rules in this system utilized this information to detect different patterns of defined hospital-acquired infection. Moreover, these data were integrated into the user interface of a signal entry point to assist physicians and healthcare providers in making decisions. Based on Service-Oriented Architecture, web-service techniques which were suitable for integrating heterogeneous platforms, protocols, and applications, were used. In summary, this system simplifies the workflow of hospital infection control and improves the healthcare quality. However, it is probable for attackers to intercept the process of data transmission or access to the user interface. To tackle the illegal access and to prevent the information from being stolen during transmission over the insecure Internet, a password-based user authentication scheme is proposed for information integrity.

Richards, M. J., Edwards, J. R., Culver, D. H., and Gaynes, R. P., Nosocomial infections in combined medical-surgical intensive care units in the United States. Infect. Control Hosp. Epidemiol. 21:510–515, 2000.CrossRef

Tambyah, P. A., Knasinski, V., and Maki, D. G., The direct costs of nosocomial catheter-associated urinary tract infection in the era of managed care. Infect. Control Hosp. Epidemiol. 23:27–31, 2002.CrossRef

Rosenthal, V. D., Maki, D. G., Mehta, A., Alvarez-Moreno, C., Leblebicioglu, H., Higuera, F., et al., International nosocomial infection control consortium report, data summary for 2002–2007, issued January 2008. Am. J. Infect. Control 36:627–637, 2008.CrossRef

Rosenthal, V. D., Maki, D. G., and Graves, N., The international nosocomial infection control consortium (INICC): goals and objectives, description of surveillance methods, and operational activities. Am. J. Infect. Control 36:e1–e12, 2008.CrossRef

Haley, R. W., Quade, D., Freeman, H. E., and Bennett, J. V., Study on the efficacy of nosocomial infection control (Senic Project) - summary of study design. Am. J. Epidemiol. 111:472–485, 1980.

Gastmeier, P., Geffers, C., Brandt, C., Zuschneid, I., Sohr, D., Schwab, F., et al., Effectiveness of a nationwide nosocomial infection surveillance system for reducing nosocomial infections. J. Hosp. Infect. 64:16–22, 2006.CrossRef

Chung, Y. F., Wu, Z. Y., and Chen, T. S., Ring signature scheme for ECC-based anonymous signcryption. Comput Stand Interfaces 31(4):669–674, 2009.CrossRef

Ball, E., Chadwick, D. W., and Mundy, D., “Patient privacy in electronic prescription transfer,” Security & Privacy. IEEE 1:77–80, 2003.

Yee, G., Korba, L., and Song, R., “Ensuring privacy for e-health services,” in Availability, Reliability and Security, 2006. ARES 2006. The First International Conference on, 2006, pp. 8.

10.

Yoon, E.-J. and Yoo, K.-Y., “An efficient password authentication schemes without using the server public key for grid computing,” In: H. Zhuge and G. Fox, (Eds.), Grid and Cooperative Computing - GCC 2005. vol. 3795, ed: Springer Berlin/Heidelberg, 2005, pp. 149–154.

11.

Lamport, L., “Password authentication with insecure communication,”. Commun. ACM 24:770–772, 1981.CrossRef

12.

Wu, Z. Y., Chung, Y. F., Lai, F., and Chen, T. S., "A password-based user authentication scheme for the integrated EPR information system," Journal of Medical Systems, doi:10.1007/s10916-010-9527-7, Available online May 27, 2010.

13.

Lee, N.-Y., and Chiu, Y.-C., Improved remote authentication scheme with smart card. Comput Stand Interfaces 27:177–180, 2005.CrossRef

14.

Wang, Y.-Y., Liu, J.-Y., Xiao, F.-X., and Dan, J., A more efficient and secure dynamic ID-based remote user authentication scheme. Comput. Commun. 32:583–585, 2009.CrossRef

15.

M. Meg, “Strategies for the successful implementation of workflow systems within healthcare: a cross case comparison,” in The 36th Annual Hawaii International Conference on System Sciences, 2003, pp. 166–175.

16.

R. Bunge, S. Chung, B. Endicott-Popovsky, and D. McLane, “An operational framework for service oriented architecture network security,” presented at the Proceedings of the Proceedings of the 41st Annual Hawaii International Conference on System Sciences, 2008.

17.

Pierce, M., Fox, G., Youn, C., Mock, S., Mueller, K., and Balsoy, O., “Interoperable web services for computational portals,” presented at the Proceedings of the 2002 ACM/IEEE conference on Supercomputing. Baltimore, Maryland, 2002.

18.

Lewis, G. A., Morris, E., Simanta, S., Wrage, L., “Common Misconceptions about Service-Oriented Architecture,” presented at the Proceedings of the Sixth International IEEE Conference on Commercial-off-the-Shelf (COTS)-Based Software Systems, 2007, pp. 123–130.

19.

Ko, L.-F., Lin, J.-C., Chen, C.-H., Chang, J.-S., Lai, F., Hsu, K.-P., et al., “HL7 middleware framework for healthcare information system,” in e-Health Networking, Applications and Services, 2006. HEALTHCOM 2006. 8th International Conference on, 2006, pp. 152–156.

20.

Hsieh, S. H., Hsieh, S. L., Weng, Y. C., Yang, T. H., Feipei, L., Cheng, P. H., et al., “Middleware based inpatient healthcare information system,” presented at the Bioinformatics and Bioengineering, 2007. BIBE 2007. Proceedings of the 7th IEEE International Conference on, 2007.

21.

Yang, T. H., Cheng, P. H., Yang, C. H., Lai, F., Chen, C. L., Lee, H. H., et al., “A scalable multi-tier architecture for the National Taiwan University Hospital Information System based on HL7 Standard,” presented at the Proceedings of the 19th IEEE Symposium on Computer-Based Medical Systems, 2006.

22.

Health Leval Seven, “HL7 Standard v2.5,” ed, 2003, p. 14.

23.

Horan, T. C., Andrus, M., and Dudeck, M. A., CDC/NHSN surveillance definition of health care-associated infection and criteria for specific types of infections in the acute care setting. Am. J. Infect. Control 36:309–332, 2008.CrossRef

24.

Tseng, Y.-J., Chen, Y.-C., Lin, H.-C., Wu, J.-H., Chen, M.-Y., and Lai, F., “A web-based hospital-acquired infection surveillance information system,” in Information Technology and Applications in Biomedicine (ITAB), 2010 10th IEEE International Conference on, 2010, pp. 1–4.

25.

Kristof, S., Sofie Van, H., Kristof, T., Kristof, L., Filip De, T., Kirsten, C., et al., “Design of software services for computer-based infection control and antibiotic management in the intensive care unit,” in International Conference on eHealth, Telemedicine, and Social Medicine, 2009, pp. 87–92.

26.

Wu, J.-H., Chen, Y.-C., Hsieh, S. h., Lin, H.-C., Chen, Y.-Y., Cheng, P.-H., et al., “Real-time automated MDRO surveillance system.,” presented at the The 2009 International Conference on Bioinformatics & Computational Biology, Monte Carlo Resort, Las Vegas, Nevada, USA, 2009.

27.

Lu, R., Cao, Z., Chai, Z., and Liang, X., A simple user authentication scheme for grid computing. International Journal of Network Security 7:202–206, 2008.

28.

Hsiang, H.-C., and Shih, W.-K., Weaknesses and improvements of the Yoon–Ryu–Yoo remote user authentication scheme using smart cards Weaknesses and improvements of the Yoon–Ryu–Yoo remote user authentication scheme using smart cards. Comput. Commun. 32(4):649–652, 2009.CrossRef

29.

Xu, J., Zhu, W. T., and Feng, D. G., An improved smart card based password authentication scheme with provable security. Comput Stand Interfaces 31(4):723–728, 2009.CrossRef

30.

Liu, J. Y., Zhou, A. M., and Gao, M. X., A new mutual authentication scheme based on nonce and smart cards. Comput. Commun. 31(10):2205–2209, 2008.CrossRef

31.

Stallings, W., “Cryptography and network security: principal and practices,” 5th Edition. Prentice Hall, 2010.

Titel: A Reliable User Authentication and Key Agreement Scheme for Web-Based Hospital-Acquired Infection Surveillance Information System
verfasst von: Zhen-Yu Wu
Yi-Ju Tseng
Yufang Chung
Yee-Chun Chen
Feipei Lai
Publikationsdatum: 01.08.2012
Verlag: Springer US
Erschienen in: Journal of Medical Systems / Ausgabe 4/2012
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI: https://doi.org/10.1007/s10916-011-9727-9

Springer Medizin

Abstract

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Weitere Artikel der Ausgabe 4/2012

Image Analysis Tools for Evaluation of Microscopic Views of Immunohistochemically Stained Specimen in Medical Research–a Review

A Telematic Tool to Predict the Risk of Colorectal Cancer in White Men and Women: ColoRectal Cancer Alert (CRCA)

Discovering Mammography-based Machine Learning Classifiers for Breast Cancer Diagnosis

A Data-Mining Framework for Transnational Healthcare System

Data Mining Techniques for Assisting the Diagnosis of Pressure Ulcer Development in Surgical Patients

An Image Processing Application for the Localization and Segmentation of Lymphoblast Cell Using Peripheral Blood Images