Hide/Show Apps

A framework for authentication of medical reports based on keystroke dynamics

Özdemir, Kazım Musa
Privacy of personal health records is of ultimate importance. Unfortunately, it is easy to obtain illegal access to electronic health records under insufficient security precautions. Access control based on token or username/password is not adequate for applications in health domain which require heightened security. Currently, electronic signature mechanisms are being employed as a strong alternative to classic methods. In addition, biometrics provide more precise results in comparison to electronic signature methods. However, applicability of biometrics in this field has been prohibited by factors such as the need for special hardware, increased implementation costs, and invasiveness of the biometry sensors (eg. iris topology, fingerprint). Behavioral biometrics such as speech, and keystroke dynamics are easier to implement, and do not suffer from the disadvantages mentioned for the static biometrics. Especially, using keystroke dynamics for user authentication is more advantageous than other advanced biometrics because the implementation is inexpensive and continuous identity control is plausible. The aim of this study is to show the feasibility of merging a biometry-based advanced identity verification method together with an initial access control procedure such as password check. In this study, we provide an authentication framework based on measuring similarity of the typing characteristics of medical reporters, while they are typing medical reports. We have made a prototype of the system and provided classification of keystroke timings for each operator. We have generated a testbed and measured similarity of typing patterns of 5 medical reporters upon typing 4 different kinds of medical reports. Our system performs with hundred percent accuracy in identifying the authorized operators from the reports they type. In current practice, electronic signatures are indispensable for health information systems, but our study shows that keystroke dynamics can easily be included in this chain for increased security.