Abstract |
The existence of secure methods for authenticating user identity in applications and services of a healthcare telematics network is necessary for protecting the confidentiality and accountability, both in the application and communication level. The secure user authentication is a fundamental requirement for the proper and secure function of access control systems. Consequently, the authentication of users of telematic services and healthcare information systems is a critical parameter, which also influences the degree of acceptance of the new telematic technologies from the healthcare professional users. Another service, which is absolutely necessary for the security of a healthcare telematic services network, is the generation and verification of electronic signatures. Electronic signatures are necessary for signing sensitive medical information, to guarantee authentication of the origin, integrity, and non-repudiation of the signed data. This master thesis researches the fundamental problem of (a) user authentication and (b) electronic signatures in a healthcare telematics services network. The suitable technological framework was selected after evaluation of different technological solutions. Finally, a model for strong user authentication and a mechanism for generation and verification of qualified electronic signatures (based on the European Community Directive) were designed and implemented. The technological framework was selected to provide the maximum possible security level for designing and implementing the above two services. The framework is based on the Public Key Infrastructure (PKI), asymmetric cryptography, and X.509 Certificates. The Certificates are generated and managed by a Trusted Certification Authority, which acts as a Trusted Third Party (TTP). For the provision of maximum security level the public key certificate of the user is checked every time that it is used for its validity and revocation status. Finally, the user private keys are generated, stored and used for executing cryptographic functions on a smart card with cryptographic co-processor. Smart cards provide mobility and full protection of private keys in a physical device.
|