nach oben

Journal of Medical Systems

Erschienen in:

01.06.2012 | ORIGINAL PAPER

Redactable Signatures for Signed CDA Documents

verfasst von: Zhen-Yu Wu, Chih-Wen Hsueh, Cheng-Yu Tsai, Feipei Lai, Hung-Chang Lee, Yufang Chung

Erschienen in: Journal of Medical Systems | Ausgabe 3/2012

Einloggen, um Zugang zu erhalten

Abstract

The Clinical Document Architecture, introduced by Health Level Seven, is a XML-based standard intending to specify the encoding, structure, and semantics of clinical documents for exchange. Since the clinical document is in XML form, its authenticity and integrity could be guaranteed by the use of the XML signature published by W3C. While a clinical document wants to conceal some personal or private information, the document needs to be redacted. It makes the signed signature of the original clinical document not be verified. The redactable signature is thus proposed to enable verification for the redacted document. Only a little research does the implementation of the redactable signature, and there still not exists an appropriate scheme for the clinical document. This paper will investigate the existing web-technologies and find a compact and applicable model to implement a suitable redactable signature for the clinical document viewer.

The Health Level Seven International home page. Available at http://www.hl7.org/.

Eastlake, D., Solo, D., and Reagle, J., XML-signature syntax and processing. first edition of a recommendation, W3C, 2002. Available at http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/.

Tsumoto, S., Mining diagnostic rules from clinical databases using routh sets and medical diagnostic model. Inf Sci 162(2):65–80, 2004.CrossRef

Hsu, C.-C., and Ho, C.-S., A new hybrid case-based architecture for medical diagnosis. Inf Sci 166(1–4):231–247, 2004.CrossRef

Ulieru, M., Hadzic, M., and Chang, E., Soft computing agents for e-Health in application to the research and control of unknown diseases. Inf Sci 176(9):1190–1214, 2006.MATHCrossRef

Miyazaki, K., Susaki, S., Iwamura, M., Matsumoto, T., Sasaki, R., and Yoshiura, H., Digital documents sanitizing problem. IEICE Technical Report ISEC2003-20, 2003.

Miyazaki, K., Iwamura, M., Matsumoto, T., Sasaki, R., Yoshiura, H., Tezuka, S., and Imai, H., Digitally signed document sanitizing scheme with disclosure condition control. IEICE Trans 88(1):239–246, 2005.CrossRef

Slamanig, D., and Stingl, C., Disclosing verifiable partial information of signed cda documents using generalized redactable signatures. In: e-Health Networking, Applications and Services, 2009. Healthcom 2009, pp. 146–152, 2009.

National Institute of Standards and Technology, “Digital signature standard,” 1994.

10.

Rivest, R. L., Shamir, A., and Adleman, L., A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126, 1978.MathSciNetMATHCrossRef

11.

Johnson, R., Molnar, D., Song, D. X., and Wagner, D., Homomorphic signature schemes. In: CT-RSA ’02: Proceedings of the The Cryptographer’s Track at the RSA Conference on Topics in Cryptology, pp. 244–262, 2002.

12.

Rivest, R., Two new signature schemes, Presented at Cambridge seminar, 2001. Available at http://www.cl.cam.ac.uk/Research/Security/seminars/2000/rivest-tss.pdf.

13.

Micali, S., and Rivest, R., Transitive signature schemes. In: CT-RSA ’02: Proceedings of the The Cryptographer’s Track at the RSA Conference on Topics in Cryptology, pp. 236–243, 2002.

14.

Bellare, M., Goldreich, O., and Goldwasser, S., Incremental cryptography: The case of hashing and signing. In: Proceedings of advances in cryptology—Crypto 1994, Vol. 839 of LNCS, pp. 216-233, Springer-Verlag, 1994.

15.

Bellare, M., Goldreich, O., and Goldwasser, S., Incremental cryptography and application to virus protection. In: proceedings of the 27th ACM Symposium on the Theory of Computing, pp. 45–56, 1995.

16.

Steinfeld, R., Bull, L., and Zheng, Y., Content extraction signatures. In International Conference on Information Security and Cryptology 2001, Vol. 2288 of LNCS, pp. 163–205, Springer-Verlag, 2001.

17.

Ateniese, G., Chou, D. H., de Medeiros, B., and Tsudik, G., Sanitizable Signatures. In 10th European Symposium on Research in Computer Security—ESORICS 2005, Vol. 3679 of LNCS, pp. 159–177, Springer-Verlag, 2005.

18.

Chang, E. C., Lim, C. L., and Xu, J., Short redactable signatures using random trees. In: CT-RSA ’09: Proceedings of the The Cryptographer’s Track at the RSA Conference on Topics in Cryptology, Vol. 5473 of LNCS, pp. 133–147, Springer-Verlag, 2009.

19.

Haber, S., Hatano, Y., Honda, Y., Horne, W., Miyazaki, K., Sander, T., Tezoku, S., and Yao, D., Efficient signature schemes supporting redaction, pseudonymization, and data deidentification. In: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2008, pp. 353–362, 2008.

20.

Dolin, R., Alschuler, L., Boyer, S., Beebe, C., Behlen, F., Biron, P., and Shabo, A., HL7 clinical document architecture, release 2. J Am Med Inform Assoc 13(1):30–39, 2006.CrossRef

21.

Huang, K.-H., Hsieh, S.-H., Chang, Y.-J., Lai, F., Hsieh, S.-L., and Lee, H.-H., Application of portable CDA for secure clinical-document exchange. J Med Syst 34(4):531–539, 2010.CrossRef

22.

Chang, Y., Lai, J., Cheng, P., and Lai, F., Portable cda for the exchange of clinical documents. In: e-Health Networking, Application and Services, 2007 9th International Conference, pp. 1–5, 2007.

23.

Haomin, L., Huilong, D., Xudong, L., and Zhengxing, H., A clinical document repository for cda documents. In: Bioinformatics and Biomedical Engineering, 2007. ICBBE 2007, pp. 1084–1087, 2007.

24.

M. Treins, O. Cure, and G. Salzano, “On the interest of using HL7 cda release 2 for the exchange of annotated medical documents,” In Computer-Based Medical Systems, 2006. CBMS 2006. 19th IEEE International Symposium on, pp. 524–532, 2006.

25.

Diffie, W., and Hellman, M., New directions in cryptology. IEEE Trans Inf Theory 22(6):644–654, 1976.MathSciNetMATHCrossRef

26.

Stallings, W., Cryptography and network security: principal and practices. Prentice Hall, 4th Edition, 2005.

27.

ElGamal, T., A public key cryptosystem and signature scheme based on discrete logarithms. IEEE Trans Inf 31(4):469–472, 1985.MathSciNetMATHCrossRef

28.

Berners-Lee, T., Fielding, R., and Masinter, L., Uniform Resource Identifier (URI): Generic Syntax, RFC 3986 (Standard), 2005.

29.

Yee, B., Sehr, D., Dardyk, G., Chen, J., Muth, R., Ormandy, T., Okasaka, S., Narula, N., and Fullagar, N., Native client: A sandbox for portable, untrusted x86 native code. In: Security and Privacy, 2009 30th IEEE Symposium on, 2009.

30.

Kay, M., Chamberlin, D., Robie, J., Fernandez, M. F., Simeon, J., Boag, S., and Berglund, A., XML path language (XPath) 2.0. W3C recommendation, W3C, Jan. 2007. Available at http://www.w3.org/TR/2007/REC-xpath20-20070123/.

31.

The JSON format home page. Available at http://www.json.org/.

32.

Microsoft Developer Network (MSDN), “Applying the principle of least privilege to user accounts on windows xp,” 2006.

Titel: Redactable Signatures for Signed CDA Documents
verfasst von: Zhen-Yu Wu
Chih-Wen Hsueh
Cheng-Yu Tsai
Feipei Lai
Hung-Chang Lee
Yufang Chung
Publikationsdatum: 01.06.2012
Verlag: Springer US
Erschienen in: Journal of Medical Systems / Ausgabe 3/2012
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI: https://doi.org/10.1007/s10916-010-9639-0

Springer Medizin

Abstract

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Weitere Artikel der Ausgabe 3/2012

Telemetry Design of a Vital Sign Recording System

Computer Vision Approach to Morphometric Feature Analysis of Basal Cell Nuclei for Evaluating Malignant Potentiality of Oral Submucous Fibrosis

An Ultra Low-power and Traffic-adaptive Medium Access Control Protocol for Wireless Body Area Network

MEDWISE: An Innovative Public Health Information System Infrastructure

The Enhancement of Security in Healthcare Information Systems

A Novel Web-enabled Healthcare Solution on HealthVault System