security protection on trust delegated medical data in public mobile networks
DESCRIPTION
Security Protection on Trust Delegated Medical Data in Public Mobile Networks. Dasun Weerasinghe, Muttukrishnan Rajarajan and Veselin Rakocevic Mobile Networks Research Group School of Engineering and Mathematical Sciences City University London. Outline of the Presentation. Motivation - PowerPoint PPT PresentationTRANSCRIPT
Security Protection on Trust Delegated Medical Data in Public Mobile Networks
Dasun Weerasinghe, Muttukrishnan Rajarajan and Veselin Rakocevic Mobile Networks Research GroupSchool of Engineering and Mathematical SciencesCity University London.
Outline of the Presentation
Motivation Proposed solution Trust Negotiation Protocol Security tokens Security Capsule Implementation
Motivation
Private Medical Center
A & E
Relying Service Provider
Medical Healthcare Personal
Requesting Service Provider
Problem statement
Medical Healthcare Personal authenticates to the Dynamic Trust Negotiation network
Trust negotiation between the Relying service provider and the Requesting service provider
Securely transmit sensitive data from the relying service provider to the Medical Healthcare Personal mobile device
Data security at the mobile device
Proposed Architecture
Proposed protocol phases
Medical Healthcare Personal registers and authenticates in the Dynamic Trust Negotiation Network
Trust Negotiation between Relying Service Provider and Requesting Service Provider
Sensitive attributes are shared to Medical Healthcare Personal in a secure channel.
Proposed protocol phases (Contd.) Medical Healthcare Personal– MHP
Requesting Service Provider– RequestingSP
Relying Service Provider– RelyingSP
Authentication and Trust Negotiation Server-
ATNS
MHP registers and authenticates with ATNS
ATNS EngineMHP
1. Login Token 2. Login Token
3. Check Past
records
4. Evaluate the Trust
Trust EvaluationEngine
Trust Mapping Database
RequestingSP5. Authentication
Token
Trust Negotiation between MHP and RelyingSP
ATNS Engine
MHP1. RecordAccess (PatientID,
Authentication Token)
4. TrustChallenge Token
2. Check Past
records
2. Evaluate the Trust
Trust EvaluationEngine
Trust Mapping Database
RelyingSP
3. Trust Recommended Token
6. TrustChallengeResponse
5. TrustChallenge Token
7. Trust Token
Sensitive attributes are shared to MHP
MHPRelying SPEncrypted Data
Trust Token is stored inside the MHP’s mobile device
Data protection at the mobile device Data transmission in Encrypted format The decryption key for the data decryption
will be generated in the mobile device Decryption key generation using the identity
and key parameters in the mobile device Real-time authorization for the data access Permanent data deletion after the data
utilization
Security Capsule Architecture
Conclusion
Negotiate trust between different entities in a healthcare domain
Trust negotiation architecture Trust negotiation protocol for message
communication Data protection in the mobile device Security capsule architecture
Q & A