Several recent works have proposed and implemented cryptography as a means to preserve privacy and security of patients health data. Nevertheless, the weakest point of electronic health record (EHR) systems that relied on these cryptographic schemes is key management. Thus, this paper presents the development of privacy and security system for cryptography-based-EHR by taking advantage of the uniqueness of fingerprint and iris characteristic features to secure cryptographic keys in a bio-cryptography framework. The results of the system evaluation showed significant improvements in terms of time efficiency of this approach to cryptographic-based-EHR. Both the fuzzy vault and fuzzy commitment demonstrated false acceptance rate (FAR) of 0%, which reduces the likelihood of imposters gaining successful access to the keys protecting patients protected health information. This result also justifies the feasibility of implementing fuzzy key binding scheme in real applications, especially fuzzy vault which demonstrated a better performance during key reconstruction.
Deep Dive into Ensuring patients privacy in a cryptographic-based-electronic health records using bio-cryptography.
Several recent works have proposed and implemented cryptography as a means to preserve privacy and security of patients health data. Nevertheless, the weakest point of electronic health record (EHR) systems that relied on these cryptographic schemes is key management. Thus, this paper presents the development of privacy and security system for cryptography-based-EHR by taking advantage of the uniqueness of fingerprint and iris characteristic features to secure cryptographic keys in a bio-cryptography framework. The results of the system evaluation showed significant improvements in terms of time efficiency of this approach to cryptographic-based-EHR. Both the fuzzy vault and fuzzy commitment demonstrated false acceptance rate (FAR) of 0%, which reduces the likelihood of imposters gaining successful access to the keys protecting patients protected health information. This result also justifies the feasibility of implementing fuzzy key binding scheme in real applications, especially fuzz
Int. J. Electronic Healthcare, Vol. x, No. x, xxxx
1
Copyright © 200x Inderscience Enterprises Ltd.
Ensuring patients’ privacy in a cryptographic-based-
electronic health records using bio-cryptography
Adebayo Omotosho*
Department of Computer Science and Information Technology,
Bells University of Technology,
P.M.B 1015, Ota, Ogun State, Nigeria
Email: bayotosho@gmail.com
*Corresponding author
Justice Emuoyibofarhe
Department of Computer Science and Engineering,
Ladoke Akintola University of Technology,
P.M.B 4000, Ogbomoso, Oyo State, Nigeria
Email: eojustice@gmail.com
Christoph Meinel
Hasso Plattner Institute (HPI) for IT Systems Engineering,
University of Potsdam,
Potsdam, 14482, Germany
Email: meinel@hpi.de
Abstract: Several recent works have proposed and implemented cryptography
as a means to preserve privacy and security of patient’s health data.
Nevertheless, the weakest point of electronic health record (EHR) systems
that relied on these cryptographic schemes is key management. Thus,
this paper presents the development of privacy and security system
for cryptography-based-EHR by taking advantage of the uniqueness of
fingerprint and iris characteristic features to secure cryptographic keys in a
bio-cryptography framework. The results of the system evaluation showed
significant improvements in terms of time efficiency of this approach to
cryptographic-based-EHR. Both the fuzzy vault and fuzzy commitment
demonstrated false acceptance rate (FAR) of 0%, which reduces the likelihood
of imposters gaining successful access to the keys protecting patients’ protected
health information. This result also justifies the feasibility of implementing
fuzzy key binding scheme in real applications, especially fuzzy vault which
demonstrated a better performance during key reconstruction.
Keywords: EHR; electronic health record; biometrics; cryptography; privacy;
accountability.
Reference to this paper should be made as follows: Omotosho, A.,
Emuoyibofarhe, J. and Meinel, C. (xxxx) ‘Ensuring patients’ privacy in a
cryptographic-based-electronic
health
records
using
bio-cryptography’,
Int. J. Electronic Healthcare, Vol. x, No. x, pp.xxx–xxx.
2
A. Omotosho et al.
Biographical notes: Adebayo Omotosho received his PhD in Computer
Science at Ladoke Akintola University of Technology in 2016. He is a
Seasoned Computer Programmer and has taken part in a number of
programming competitions in C/C++/C#. His current research interests are
health informatics, computer security, big data analytics and biometrics.
Justice Emuoyibofarhe is a Professor of Computing at Ladoke Akintola
University of Technology. He received his PhD in 2004. He specialises in
neuro-fuzzy computing computational optimisation. He had post-doctoral
fellowship at the Centre of Excellence for Mobile e-service, University of
Zululand, South Africa in 2006. He is a Member of the IEEE Computational
Intelligence Society. He is also a Visiting Researcher at the Hasso Plattner
Institute, University of Potsdam, Germany. His present research area is in the
application of mobile computing and wireless communication to e-health and
telemedicine.
Christoph Meinel is a German Scientist and a University Professor of
Computer Sciences. He is President and CEO of the Hasso Plattner Institute
(HPI) for IT Systems Engineering at the University of Potsdam (Germany), and
a Professor for Internet Technologies and Systems. Besides his teaching
activities in Potsdam, he is an Honorary Professor at the Technical University
of Beijing (China), a Visiting Professor at the Shanghai University (China), and
a Senior Research Fellow of SnT at the University of Luxembourg. He is a
Chairman or a member of various international scientific boards and program
committees, and has organised several internal symposia and conferences.
1
Introduction
Healthcare Information and Management Systems Society defines electronic health
record (EHR) as “a secure, real-time, point-of-care, patient centric information resource
for clinicians” (HIMSS, 2003). EHR is on the verge of receiving widespread adoption as
an instrument for improving the understanding of the state of health of individuals as it
contains useful, legal and computerised historical health data from a variety of sources.
Over time, a patient’s EHR accumulates significant information, such as identifying
information, hospital visitations, laboratory data, surgery, radiology reports, allergies,
vital signs, immunisations, prescriptions, sexual preference, psychological profiles,
physician progress notes and among other relevant data that defines a medical record
(Mercuri, 2004; Tiwari and Kumar, 2015). The importance of these data to healthcare
providers, patients and cyb
…(Full text truncated)…
This content is AI-processed based on ArXiv data.
