Journal of Internet Computing and Services (인터넷정보학회논문지)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

Implementation of Dynamic Situation Authentication System for Accessing Medical Information

의료정보 접근을 위한 동적상황인증시스템의 구현

  • Ham, Gyu-Sung (Department of Computer Engineering, Wonkwang University) ;
  • Seo, Own-jeong (Department of Computer.Software Engineering, Wonkwang University) ;
  • Jung, Hoill (Department of Computer.Software Engineering, Wonkwang University) ;
  • Joo, Su-Chong (Department of Computer.Software Engineering, Wonkwang University)
  • Received : 2018.08.03
  • Accepted : 2018.10.10
  • Published : 2018.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

With the development of IT technology recently, medical information systems are being constructed in an integrated u-health environment through cloud services, IoT technologies, and mobile applications. These kinds of medical information systems should provide the medical staff with authorities to access patients' medical information for emergency status treatments or therapeutic purposes. Therefore, in the medical information systems, the reliable and prompt authentication processes are necessary to access the biometric information and the medical information of the patients in charge of the medical staff. However, medical information systems are accessing with simple and static user authentication mechanism using only medical ID / PWD in the present system environment. For this reason, in this paper, we suggest a dynamic situation authentication mechanism that provides transparency of medical information access including various authentication factors considering patient's emergency status condition and dynamic situation authentication system supporting it. Our dynamic Situation Authentication is a combination of user authentication and mobile device authentication, which includes various authentication factor attributes such as emergency status, role of medical staff, their working hours, and their working positions and so forth. We designed and implemented a dynamic situation authentication system including emergency status decision, dynamic situation authentication, and authentication support DB construction. Finally, in order to verify the serviceability of the suggested dynamic situation authentication system, the medical staffs download the mobile application from the medical information server to the medical staff's own mobile device together with the dynamic situation authentication process and the permission to access medical information to the patient and showed access to medical information.

최근 IT 기술의 발전과 함께 클라우드 서비스, IoT 기술 및 모바일 애플리케이션을 통해 통합적인 u-헬스케어 환경기반의 의료정보시스템이 구축되고 있다. 이러한 의료정보시스템에서는 응급 처치나 치료를 목적으로 의료진에게 환자의 의료정보를 접근할 권한이 제공되어야 한다. 따라서 의료정보시스템에서 의료진이 담당하는 환자의 생체정보 및 개인 의료정보에 접근하기 위해서는 신뢰적이고 신속한 인증과정이 필요하다. 그러나 현재 시스템 환경에서는 의료진의 ID/PWD만을 이용하는 단순하고 정적인 사용자 인증기법으로 의료정보시스템을 접근하고 있다. 이러한 이유에서 본 논문에서는 환자가 응급상태조건을 고려한 다양한 인증 요소를 포함한 의료정보접근의 투명성을 제공하는 동적상황인증기법과 이를 지원하는 동적상황인증시스템을 제안하였다. 본 동적상황인증은 사용자 인증과 이동 단말기 인증을 결합한 인증으로, 기존의 사용자 인증 뿐 아니라 의료진이 사용하는 이동 단말기의 인증을 위해 환자의 응급상태, 의료진의 역할, 근무시간, 근무위치 등과 같은 다양한 인증요소 속성들을 사용하였다. 우리는 응급상태판별, 동적상황인증, 인증지원 DB 구축을 포함한 동적상황인증시스템을 설계 및 구현하였다. 마지막으로 제안한 동적상황인증시스템의 서비스 수행성 검증을 위해, 의료진으로 하여금 동적상황인증과정과 그 이후 담당환자에 대한 의료정보접근 허가와 함께 의료정보서버로부터 의료진 자신의 이동 단말기에 모바일 애플리케이션을 내려 받아 실행함으로써 의료정보의 인증 및 접근과정을 보였다.

Keywords

OTJBCD_2018_v19n6_31_f0001.png 이미지

(그림 1) u-의료정보시스템 환경에서 인증절차 (Figure 1) Authentication Procedures in u-Medical Information System Environment

OTJBCD_2018_v19n6_31_f0002.png 이미지

(그림 2) 응급상태를 고려한 동적상황인증의 세부절차 ETD (Figure 2) ETD for showing Detailed Procedures of Dynamic Context Authentication Based on Emergency Status

OTJBCD_2018_v19n6_31_f0003.png 이미지

(그림 3) 동적상황인증과 의료정보접근 지원 ERD 논리적 설계 (Figure 3) Logical Design ERD for Supporting Dynamic Context Authentication and Accessing of Medical Information

OTJBCD_2018_v19n6_31_f0004.png 이미지

(그림 4) 동적 상황 인증 및 의료 정보 접근 지원 의료정보 DB 테이블 (Figure 4) DB Tables Supporting Dynamic Context Authentication and Accessing of Medical Information

OTJBCD_2018_v19n6_31_f0005.png 이미지

(그림 5) 동적상황인증 기법에서 사용자 및 이동 단말기 인증과정 (Figure 5) Procedures of User and Mobile Device Authentication in Dynamic Context Authentication Mechanism

OTJBCD_2018_v19n6_31_f0006.png 이미지

(그림 6) BMS를 이용한 환자의 생체정보수집 환경 (Figure 6) Environment of Patient's Biometric Information Collection Using BMS

OTJBCD_2018_v19n6_31_f0007.png 이미지

(그림 7) 응급상태에서의 Patient와 Medi_Info 테이블내 응급상태 표시 및 환자의 상위등급 의료정보 접근 (Figure 7) Accessing The Higher Leveled-Patient’s Medical Information and Emergency Status Notice in Patient and Medi_Info Tables in Emergency Status

OTJBCD_2018_v19n6_31_f0008.png 이미지

(그림 8) 인증문자 전송 구조 및 응급 메시지 알림 (Figure 8) Authentication Character Transmission Structure and Notification of Emergency Message Notification

OTJBCD_2018_v19n6_31_f0009.png 이미지

(그림 9) 동적상황인증 기반 의료정보 접근 결과 (Figure 9) Accessing Results of Medical Information Based on Dynamic Context Authentication

(표 1) 환자의 생체정보에 대한 응급상태 판별 기준 (Table 1) Emergency Status Criterion for Patient's Biometric Information

OTJBCD_2018_v19n6_31_t0001.png 이미지

References

  1. H. J. Sung, "A study on the Bio Information System (BT+IT+NT) about Accordance of Fusion Technology and Process of Industrialization In Ubiquitous Society", The Korea Society of Information Technology Applications, pp. 387-402, 2007.4. http://www.ndsl.kr/ndsl/search/detail/article/articleSearchResultDetail.do?cn=NPAP08107912
  2. M. U. Aslam, A. Derhab, K. Saleem, and H. Abbas, "A Survey of Authentication Schemes in Telecare Medicine Information Systems", Springer US, Journal of Medical Systems, Vol. 41, No. 1, article no.14, 2017. https://doi.org/10.1007/s10916-016-0658-3
  3. G. Abdelkader, H. S. Naima, and A. P. Adda, "Secure Authentication Approach Based New Mobility Management Schemes for Mobile Communication", Journal of Information Process Systems, Vol. 13, No. 1, pp. 152-173, 2017. http://doi.org/10.3745/JIPS.03.0064
  4. J. W. Kim, HB Chang, "A Study on Design Security Management Evaluation Model for Small-Medium size Healthcare Institutions", Journal of Society for e-Business Studies, Vol. 1, No. 23, pp. 89-102, 2018. http://www.jsebs.org/jsebs/index.php/jsebs/article/view/304
  5. Y. S. Jeong, S. H. Lee, "A Study of Patient's Privacy Protection in U-Healthcare", Journal of the Korea Institute of Information Security & Cryptology, Vol. 22, No. 4, pp. 913-921, 2012. http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/2479
  6. S. C. Joo, "A Study of Dynamic Context Authentication Service for Accessing Medical and Healthcare Information", Proceedings of the 36th KSII Fall Conference, Vol. 18, No. 2, pp. 193-194, 2017.
  7. S. C. Joo, "Design of Dynamic Context Authentication Scheme for Transparent Access of Medical Information", Proceedings of the 36th KSII Fall Conference, Vol. 18, No. 2, pp. 192-193, 2017.
  8. G. S. Ham, O. J. Seo, S. C. Joo, "Implementation of Dynamic Context Authentication for Accessing Medical Information", Proceedings of the 37th KSII Spring Conference, Vol. 19, No. 1, pp. 115-116, 2018.
  9. J. S. Choi, S. E. Kim, S. H. Lee, "Toward Ubiquitous Healthcare Services With a Novel Efficient Cloud Platform", IEEE Transactions on Biomedical Engineering, Vol. 60 , No. 1 , pp 230 - 234, Jan. 2013. https://ieeexplore.ieee.org/document/6324392/ https://doi.org/10.1109/TBME.2012.2222404
  10. W. Li, C. Jung, J. Park, "IoT Healthcare Communication System for IEEE 11073 PHD and IHE PCD-01 Integration Using CoAP", TIIS, Vol. 12, No. 4, pp. 1396-1414, 2018. https://doi.org/10.3837/tiis.2018.04.001
  11. D. G. Korzun, A. V. Borodin, I. A. Timofeev. "Digital Assistance Services for Emergency Situations in Personalized Mobile Healthcare: Smart Space Based Approach", International Conference on Biomedical Engineering and Computational Technologies (SIBIROCON), pp. 62-67, 2015. https://doi.org/10.1109/sibircon.2015.7361852
  12. T. V. Prabhakar, Madhuri Sheethala Iyer, H. S. Jamadagni, P. R. Priyanka, Payal Mondal, V. V. S. Sasi Kiran, Vaishnavi Govindarajan, "Wearabkle Device for Healthcare Application" 2013 Texas Instruments India Educators' Conference, pp. 91-96, 2013. https://ieeexplore.ieee.org/document/6757121
  13. J. K. Lee, H. J. Kim, S. W. Kim, J. Y. Song, S. R. Yoon, "Deep Learning-Based Biological Signal Analysis for Assisting Cardiovascular Disease Diagnosis on Mobile Environment", The Journal of Korean Institute of Communications and Information Sciences, Vol. 42, No. 7, pp. 1470-1476, 2017. https://doi.org/10.7840/kics.2017.42.7.1470
  14. W. Y. Chung. "Multi-Modal Sensing M2M Healthcare Service in WSN", TIIS, Vol. 6, No. 4, pp. 1090-1105, 2012. http://www.itiis.org/digital-library/manuscript/335
  15. Ichiro Yamada, Guillaume Lopez, "Wearable sensing systems for healthcare monitoring", Jun 2012 in 2012 Symposium on VLSI Technology (VLSIT), pp. 1-6, 2012.6. https://doi.org/10.1109/vlsit.2012.6242435
  16. Usman Ahmad Usmani, Mohammed Umar Usmani, "Future Market Trends and Opportunities for Wearable Sensor Technology", IJET Vol. 6(4): 326-330 ISSN: 1793-8236, 2014. https://doi.org/10.7763/ijet.2014.v6.721
  17. Y, Tian, B. Song, M. M. Hassan, E. N. Huh, "A Privacy-aware Graph-based Access Control System for the Healthcare Domain", TIIS, Vol. 6, No. 10, pp. 2708-2730, 2012. http://www.itiis.org/digital-library/manuscript/427
  18. J. Xiong, Z. Yao, J. Ma, X. Liu, Q. Liu, J. Ma, "PRIAM: Privacy Preserving Identity and Access Management Scheme in Cloud", TIIS, Vol. 8, No. 1, pp. 282-304, 2014. https://doi.org/10.3837/tiis.2014.01.017
  19. S. K. Kim, H. J. Hwang, "Security Requirements of Personal Health Service", Journal of Institute of Korean Electrical and Electronics Engineers, Vol. 19, No. 4, pp. 548-556, 2015. https://doi.org/10.7471/ikeee.2015.19.4.548
  20. D. H. Moon, K. H. Kim, S. K. LEE, "Effects of Deep Breathing with Incentive Spirometer on Pulmonary Function and O2 Saturation by Time Process in Patients with Rib Fracture", Journal of the Korea Contents Association, Vol. 15, No. 3, pp. 174-183, 2015. https://doi.org/10.5392/jkca.2015.15.03.174
  21. I. K. Seo, S. H. Yang, "Analysis on the Interface Desing of Electronic Sphygmomanometer focused on User Experience", Journal of Digital Design, Vol. 13, No. 1, pp. 253-262, 2013. https://doi.org/10.17280/jdd.2013.13.1.025