Abstract
The Technology Safeguard in Health Insurance Portability and Accountability Act (HIPAA) Title II has addressed a way to maintain the integrity and non-repudiation of Electronic Medical Record (EMR). One of the important cryptographic technologies is mentioned in the ACT is digital signature; however, the ordinary digital signature (e.g. DSA, RSA, GQ...) has an inherent weakness: if the key (certificate) is updated, than all signatures, even the ones generated before the update, are no longer trustworthy. Unfortunately, the current most frequently used digital signature schemes are categorized into the ordinary digital signature scheme; therefore, the objective of this paper is to analyze the shortcoming of using ordinary digital signatures in EMR and to propose a method to use forward secure digital signature to sign EMR to ensure that the past EMR signatures remain trustworthy while the key (certificate) is updated.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
U.S. Department of Health & Human Services, Health Insurance Portability and Accountability Act (HIPAA), 1996, http://www.hhs.gov/ocr/privacy/.
Health Certificate Authority (HCA), http://hca.nat.gov.tw/.
Vieira-Marques, P. M., Cruz-Correia, R. J., Robles, S., Cucurull, J., Navarro, G., and Martí, R., Secure integration of distributed medical data using mobile. IEEE Intell. Syst., 47–54, 2006.
Kahn, S., Sheshadri, V., Medical record privacy and security in a digital environment. IT Professional, 46–52, 2008.
Hu, J., Chen, H., Hou, T., A hybrid public key infrastructure solution (HPKI) for HIPAA privacy/security regulations. Comput. Stand. Interfaces, Elsevier, 2009.
Anderson, R., Two remarks on Public Key Cryptology. Invited Lecture, ACM-CCS’97, 1997.
Bellare, M., and Miner, S., A forward-secure digital signature scheme. Advances in Cryptology-Crypto’99, Lecture Notes in Computer Science 1666, pp. 431–448, Springer-Verlag, 1999.
Abdalla, M., and Reyzin, L., A New forward-secure digital signature scheme. Advances in Cryptology-Asiacrypt’00, Lecture Notes in Computer Science1976, pp. 116–126, Springer-Verlag, 2000.
Krawczyk, H., Simple forward-secure signatures from any signature scheme. In Proceedings of the 7th ACM Conference on Computer and Communications Security—CCS’00, pp. 108–115, 2000.
Itkis, G., and Reyzin, L., Forward-secure signatures with optimal signing and verifying. Topics in Cryptology—Crypto’01, Lecture Notes in Computer Science 2139, pp. 441–456, Springer-Verlag, 2001.
Malkin, T., Micciancio, D., and Miner, S., Efficient generic forward-secure signatures with an unbounded number of time period. Advances in Cryptology-Eurocrypto’02, Lecture Notes in Computer Science 2332, pp. 400–417, Springer-Verlag, 2002.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Yu, YC., Huang, TY. & Hou, TW. Forward Secure Digital Signature for Electronic Medical Records. J Med Syst 36, 399–406 (2012). https://doi.org/10.1007/s10916-010-9484-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10916-010-9484-1