A framework for authentication of medical reports based on keystroke dynamics

Download
2010
Özdemir, Kazım Musa
Privacy of personal health records is of ultimate importance. Unfortunately, it is easy to obtain illegal access to electronic health records under insufficient security precautions. Access control based on token or username/password is not adequate for applications in health domain which require heightened security. Currently, electronic signature mechanisms are being employed as a strong alternative to classic methods. In addition, biometrics provide more precise results in comparison to electronic signature methods. However, applicability of biometrics in this field has been prohibited by factors such as the need for special hardware, increased implementation costs, and invasiveness of the biometry sensors (eg. iris topology, fingerprint). Behavioral biometrics such as speech, and keystroke dynamics are easier to implement, and do not suffer from the disadvantages mentioned for the static biometrics. Especially, using keystroke dynamics for user authentication is more advantageous than other advanced biometrics because the implementation is inexpensive and continuous identity control is plausible. The aim of this study is to show the feasibility of merging a biometry-based advanced identity verification method together with an initial access control procedure such as password check. In this study, we provide an authentication framework based on measuring similarity of the typing characteristics of medical reporters, while they are typing medical reports. We have made a prototype of the system and provided classification of keystroke timings for each operator. We have generated a testbed and measured similarity of typing patterns of 5 medical reporters upon typing 4 different kinds of medical reports. Our system performs with hundred percent accuracy in identifying the authorized operators from the reports they type. In current practice, electronic signatures are indispensable for health information systems, but our study shows that keystroke dynamics can easily be included in this chain for increased security.

Suggestions

An Extensible security infrastructure for the secondary use of electronic health records in clinical research
Eryılmaz, Elif; Toroslu, İsmail Hakkı; Doğaç, Asuman; Department of Computer Engineering (2013)
In order to facilitate clinical research studies re-using Electronic Health Records (EHR) has a great potential. Besides interoperability, safeguarding the security and privacy of the medical data in the context of secondary use for clinical research is one of the most important challenges in this respect. In order to ensure that the clinical information is shared among EHR systems and clinical research systems in an ethical and safe way, there needs to be standards-based and adaptable security and privacy ...
An XACML based framework for structured patient privacy policy (s3p)
Mizani, Mehrdad Alizadeh; Baykal, Nazife; Department of Medical Informatics (2006)
The emergence of electronic healthcare have caused numerous changes in both substantive and procedural aspects of healthcare processes. Such changes have introduced new risks to patient privacy and information confidentiality. Traditional privacy policies fall too short to respond to privacy needs of patients in electronic healthcare. Structured and enforceable policies are needed in order to protect patient privacy in modern healthcare with its cross organizational information sharing and decision making. ...
A federated semantic metadata registry framework for enabling interoperability across clinical research and care domains
Sınacı, Ali Anıl; Erturkmen, Gokce B. Laleci (Elsevier BV, 2013-10-01)
In order to enable secondary use of Electronic Health Records (EHRs) by bridging the interoperability gap between clinical care and research domains, in this paper, a unified methodology and the supporting framework is introduced which brings together the power of metadata registries (MDR) and semantic web technologies. We introduce a federated semantic metadata registry framework by extending the ISO/IEC 11179 standard, and enable integration of data element registries through Linked Open Data (LOD) princi...
A Multi-layer model for privacy preserving policy making for disclosure of public health data
Alizadeh Mizani, Mehrdad; Baykal, Nazife; Department of Medical Informatics (2013)
Health organizations in Turkey collect ever-increasing amount of individual data are valuable source of information for public health research. However, due to privacy risks, they publish data in aggregated rather than individual forms. The lack of standardized policies regarding secondary uses of health data leads to ineffectiveness of available technical methods. As a result, access to and utilization of person-specific datasets by public health researchers become extremely cumbersome. The bias introduced...
An Advanced personal health record platform for patient empowerment
Postacı, Şenan; Çiçekli Kesim, Nihan; Doğaç, Asuman; Department of Computer Engineering (2012)
In recent years, many Personal Health Record (PHR) systems have been developed to retrieve patients’ Electonic Health Records (EHRs) from external sources. However, current PHRs can provide access to only a small number of EHR systems, since there are many di erent interfaces, data formats and medical terminologies among di erent systems. When this is the case, all these diversity yields high integration costs. Development of such systems is di cult and expensive because of the reasons such as accessing to ...
Citation Formats
K. M. Özdemir, “A framework for authentication of medical reports based on keystroke dynamics,” M.S. - Master of Science, Middle East Technical University, 2010.