A Cryptographic Key Management Solution for HIPAA Privacy/Security Regulations
針對 HIPAA 隱私 / 安全規則的一種密碼金鑰管理方法
IEEE Transactions on Information Technology in Biomedicine, VOL. 12, NO. 1,January 2008
Author: Wei-Bin Lee, Chien-Ding Lee
Adviser : 鄭錦楸 教授 Reporter :林彥宏
1
Outline
IntroductionProposed Scheme
Registration PhasesEncryption PhasesDecryption Phases
Dissussionconclusions
2
Introduction
Health Insurance Portability and Accountability Act(HIPAA)
enacted by the United States Congress in 1996
improving healthcare quality
indicate that patients’ privacy should be emphasized
summarizes the status quo of developing the HIPAA in Taiwan
HIPAA is a centralized framework of health information, it can facilitate people to understand about health information issues
increases popular confidence in the confidentiality of health information
internationalization is a tendency
because of difference in history and condition, it is difficult for the HIPAA to directly satisfy different environments
3
Introduction
crucial part of the HIPAA :Privacy Regulations
address the patients’ rights to understand and control the use and disclosure of their protected health information (PHI)
consent exceptions
Security Regulationsbe distinguished by requirement standards and specifications on what to do and how to do it
from different viewpoints to guard integrity, confidentiality, and availability of the health data
4
Introduction
Key management solution is the key to accomplish events:Patient’s Understanding: Digital Signature
Confidentiality: Encryption
Patient’s Control: Knowledge of the Corresponding Key
Data Integrity
Consent Exception
a patient must carry many keys while visiting different hospitals
5
Proposed Scheme
server of the governmental healthcare office (SG)
server of a healthcare provider (SH)
the patient
6
1| whereprimes large are and p-qqp
)GF(in order with thegenerator a be pqg
pgyx x mod key public andkey secret theas choosesSG
KD
KE
h
K
K
key secret with thedecryption theis )(
key secret with theencryption theis )(
functionhash a is )(
7
Proposed Scheme
Registration Phases: SG creates contract which consists of signed consent and patient
dataStep1: choose a random number
Step2: compute as the patient’s master key
Step3: sign the contract as
and
Step4: deliver a health data card with to the patient
w
*qZk
h(w||k)Km w
q p) (gr k modmod
qxr) (h(w)ks - mod1
mw, r, s, K
8
Proposed Scheme
confirm steps:Step1: verify whether
Step2: computer
Step3: computer
Step4: check whether to ensure the content of the
contract
sr 0 and 0
q st - mod1
q p) )y((gr rth(w)t modmod
rr w
qp g q p) g(g xr)t(h(w)xrth(w)t mod) mod(modmod
9
Proposed Scheme
Encryption Phases:
Step1: computer the session key of the patient’s medical record with SH as
Step2: encrypt PHI as
parts remaining theis
ninformatiohealth theofpart PHI theis
R
M
SK
)||Hid)||snh(h(KK mS
patient theofn informatiohealth
entire in thepart unique andcation deidentifi :
provider healthcare theoftion identifica the:
sn
Hid
M
h(M||R)cs(M||cs)ECSK where,
10
Proposed Scheme
Decryption Phases:Consent Case:
patient enter the PIN or biometric information to enable the card
Step1: compute the session key for the and as
Step2: decrypt the encrypted PHI as
Step3: examine the integrity of the whole record by checking
whether
SK Hid sn
)||Hid)||snh(h(KK mS
C
(C)D)s||cMSK(
||R)Mh(sc
Decryption Phases:Consent Exception Case:
Step1: derive the random seed from as
Step2: compute the master key as
Step3: recover the healthcare provider’s session key as
11
Proposed Scheme
k w, r, s
q xrwhsk - mod))((1
mK
)(w||khKm
SK
))(( ||sn||HidKhhK mS
)mod))((()mod))((( q rwh- q rwhkk
xs-βk
qpgg
g
g
yr
qxrwhxsk
qxrwhkx
s
qpgr
qxrwhxsqwh
qxs-xr
qwh
qs-r
k
mod ) mod(
mod )))(((
mod ))((1
mod ) mod(
mod )))(( mod )(
mod
mod )(
mod
12
Dissussion
key generation:key diversification provides a unique cryptographic key for each smart card
efficient, secure, and flexible way to generate and manage keys
key distribution:corresponding can be instantly obtained
unnecessary complicated operations to generation key
key storage:it’s infeasible to derive from
without correct is infeasible
=256bits , =320 bits, total is 72 bytes
smart card is 8192 byte, is restricted 8192-72=8120 bytes
SK
q p gr k mod)mod(k
q xrwhsk - mod))((1 xmK r, s
w
13
Dissussion
Computational Performance: only hash function employ, its computational load is low
and need exponential computations and lead to time consuming
precomputed technology
encryption phase, and
in consent exception, is time consuming
h(w||k)Km
q p) (gr k modmod qxr) (h(w)ks - mod1
)||Hid)||snh(h(KK mS
h(M||R)cs(M||cs)ECSK ,
q xrwhsk - mod))((1
14
Dissussion
Improved digital signature algorithm(DSA)
q p ) y( gr
qsh(w) t
q xr)k( h(w)s
qxr) s( h(w)k
srt
-
modmod
mod
mod
mod1
15
conclusions
they proposed a cryptographic key management solution and complying with the HIPAA privacy/security regulations
in their scheme, the privacy and data integrity of the patient are guaranteed
the rights of the patient are controlled by the key usage
they hope that the scheme can be modified to accommodate further changes in regulations
Top Related