ارائه راهکار جهت بهبود امنیت و حریم‌خصوصی در سیستم سلامت همراه با استفاده از سیم‌کارت

میابی جغال, مریم; دوستاری, محمدعلی

ارائه راهکار جهت بهبود امنیت و حریم‌خصوصی در سیستم سلامت همراه با استفاده از سیم‌کارت

نوع مقاله : مقاله پژوهشی

نویسندگان

¹ کارشناسی ارشد دانشگاه شاهد

² استادیار دانشگاه شاهد

چکیده

امروزه استفاده از موبایل در حوزه ارائه خدمات سلامت الکترونیک گسترش یافته است. امنیت و حریم خصوصی کاربران در سلامت الکترونیک از چالش‌های مهم محسوب می‌شود. با توجه به ماهیت دسترس‌پذیری موبایل، اهمیت این چالش بیشتر حس می‌شود. در این مقاله راهکاری جهت بهبود امنیت و حریم خصوصی در سلامت الکترونیک بر روی گوشی‌های هوشمند ارائه شده است. به این منظور ابتدا سازکاری جهت دریافت سیم کارت سلامت توسط متقاضیان ارائه شده است. در ادامه پروتکلهای ارتباطی امن بین ارائه‌دهندگان خدمات درمانی و بیماران که از بستر تلفن همراه استفاده می‌کنند، بیان شده است. در نهایت، به مقایسه طرح پیشنهادی با سایر پژوهش‌ها پرداخته شده و امنیت پروتکل‌های مطرح شده با استفاده از ابزار آویسپا اثبات شده است.

کلیدواژه‌ها

عنوان مقاله [English]

A Scheme for Improvement of Security and Privacy in Mobile Health Systems by Using SIM Card

نویسندگان [English]

M. Mayabi Joghal ¹
M. A. Doostari ²

¹ shahed university

² shahed university

چکیده [English]

Nowadays, mobile devices are going to be widely used in the field of e-health services. Therefore, the security and privacy of users in e-health are considered as major challenges. Due to accessibility nature of mobile, multiple communication capabilities and malware expansion, security in this area is facing major challenges. This article provides a solution to improve the security and privacy of mobile health on smartphones. Accordingly, a mechanism is proposed for obtaining a health SIM card by the applicants. Here, some communication protocols necessary in different treatment settings are provided to enhance the security of transactions between healthcare providers and patients who use mobile phones. Considering the importance of reducing the computational overhead, the elliptic curve cryptography is applied in the proposed protocols. In addition to security, attention has also been paid to anonymity and privacy of patients. Furthermore, a solution is provided for secure storage of information. Finally, the proposed plan is compared with other studies, and the computational overhead is evaluated and the security of the protocols is proved by Avispa tools.

کلیدواژه‌ها [English]

Mobile Health
Security
Privacy
SIM card
Authentication

مراجع

[1] L. DeNardis, “Standards and eHealth,” ITU-T Technology watch report, 2011.##

[2] E. H. Shortliffe and J. J. Cimino, “Biomedical informatics: computer applications in health care and biomedicine,” Springer-Verlag London, 2014.##

[3] M. Kay, J. Santos, and M. Takane, “mHealth: New horizons for health through mobile technologies,” 2011.##

[4] F. Zubaydi, A. Saleh, F. Aloul, and A. Sagahyroon, “Security of mobile health (mHealth) systems,” in Bioinformatics and Bioengineering (BIBE), 2015 IEEE 15th International Conference on, pp. 1-5, 2015.##

[5] S. A. Basheer, “QUESTION 14-2/2: Mobile eHealth solutions for Developing Countries,” International Telecommunication Union, 2010.##

[6] D. Kotz, S. Avancha, and A. Baxi, “A privacy framework for mobile health and home-care systems,” in Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems, pp. 1-12, 2009.##

[7] S. Sadki and H. El Bakkali, “Towards controlled-privacy in e-health: A comparative study,” in Multimedia Computing and Systems (ICMCS), 2014 International Conference on, pp. 674-679, 2014.##

[8] S. Taremi, M. A. Doostari, S. Hajimohseni, M. Maghsoudloo, and M. Mayabi Joghal, “An Innovative Solution for Preventing Relay Attack on Mobile Phones Using TEE,” Journal of Electronical & Cyber Defence, vol. 6, 2017. (in Persion)##

[9] M. U. Aslam, A. Derhab, K. Saleem, H. Abbas, M. Orgun, W. Iqbal, et al., “A Survey of Authentication Schemes in Telecare Medicine Information Systems,” Journal of medical systems, vol. 41, p. 14, 2017.##

[10] I. Kounelis, H. Zhao, and S. Muftic, “Secure Middleware for Mobile Phones and UICC Applications,” in International Conference on Mobile Wireless Middleware, Operating Systems, and Applications, pp. 143-152, 2011.##

[11] D. Hankerson, A. J. Menezes, and S. Vanstone,Guide to elliptic curve cryptography: Springer Science & Business Media, 2006.##

[12] D. Sethia, D. Gupta, T. Mittal, U. Arora, and H. Saran, “NFC based secure mobile healthcare system,” in Communication Systems and Networks (COMSNETS), 2014 Sixth International Conference on, pp. 1-6, 2014.##

[13] A. Lotfi and M. A. Doostari, “A New M-Payment protocol Using SignCryption & Elliptic Curve Cryptography,” Journal of Electronical & Cyber Defence, vol. 1, 2015. (in Persion)##

[14] S. Ray and G. Biswas, “A Certificate Authority (CA)-based cryptographic solution for HIPAA privacy/security regulations,” Journal of King Saud University-Computer and Information Sciences, vol. 26, pp. 170-180, 2014.##

[15] S. Ray and G. Biswas, “Design of an efficient mobile health system for achieving HIPAA privacy-security regulations,” International Journal of Wireless and Mobile Computing, vol. 7, pp. 378-387, 2014.##

[16] M. A. Doostari, M. Mayabi Joghal, and M. Momeny Tazangi, “Design of Protocol Providing Privacy and Anonymity in E-Health using Public Key Infrastructure,” presented at the 4th International Conference on Applied Research in Computer Engineering & Signal Processing, Tehran, 2016. (in Persion)##

[17] S. A. Chaudhry, M. T. Khan, M. K. Khan, and T. Shon, “A multiserver biometric authentication scheme for TMIS using elliptic curve cryptography,” Journal of medical systems, vol. 40, p. 230, 2016.##

[18] R. Amin, S. H. Islam, G. Biswas, M. K. Khan, and N. Kumar, “An efficient and practical smart card based anonymity preserving user authentication scheme for TMIS using elliptic curve cryptography,” Journal of medical systems, vol. 39, p. 180, 2015.##

[19] Apple, “iOS security, ios 8.3 or later,” Apple, 2015.##