Embed Size (px)
Citation preview
A BIO CRYPTOGRAPHIC APPROACH FOR IMPROVING THE SECURITY OF ELECTRONIC HEALTH RECORDS
byAKINSEYE GEORGE KINGSLEY
&DAMILOLA ODUBOTE
DEPARTEMENT OF COMPUTER SCIENCE2009/0869 & 2009/1219
SUPERVISED BYPROF. D .O ADEWUNMI
&MR A. OMOTOSHO
SUBMITTED TO THE DEPARTMENT OF COMPUTER SCIENCE,IN PARTIAL FULFILMENT FOR THE REQUIREMENTS FOR THE AWARD OF THE DEGREE OF BACHELOR OF TECHNOLOGY (B.TECH) IN COMPUTER SCIENCE.
DECEMBER 2013
INTRODUCTIONEHR(Electronic Health Records) has become too important and can be used by attackers to harm people in
political races or normal people living their day to day lives or even sons look to claim their inheritance.
It is now necessary for Electronic Health Records to be protected and Bio-cryptography is one of the methods
that can be used.
Bio-cryptography Simply means the combination of Biometrics and Cryptography.
Biometrics means using Human signatures or body parts to protect information and serve as a key. Voice
recognition, fingerprint and iris are common examples of biometric techniques.
Cryptography on the other hands means the use of either symmetric or asymmetric keys to protect sensitive data
After bio-cryptography has been used protect the Electronic Health Record , the Biometric template used, can
now be stored on different platform but preferable Fuzzy Vaults.
STATEMENT OF PROBLEMBio-Cryptography as a method of protecting electronic health records is widely adopted worldwide according to
(Brands.2003), (Meingast etal.2006), (Prebakaran, etal.2011) and (Sun, etal. 2011).Bio-cryptographic methodology
helps in key management of Important and sensitive data such as health records which may contain patients report
such as pregnancy report, past medical history, blood test result, mental history, HIV/AIDS status etc. are often
transmitted within industries, offices and companies over protected or unprotected network every day. This exposes
this data to hostile attacks and threats from illegal persons. The suggestion of this data getting into the incorrect
hands cannot be overstated. The research will work using key management in a cryptographic framework.
AIMThe aim of this study is to develop a bio-cryptographic approach for
improving the security of electronic health records
OBJECTIVES• To develop a proposed plan for securing Electronic health records
• To protect electronic health records both within one trusted domain of a hospital or other providers
• To make recommendations based on finding
REVIEW OF RELATED LITERATURE WORKSYEAR SUMMARY DRAWBACK
Nanadakumar and Jain, 2008 This paper discussed multi biometric templates security using fuzzy vault.
Storage of multiple templates is
required for the same user.
Eskander etal, 2011 This paper discusses signature based fuzzy vaults with boosted feature selection.
If attacked a signature verification system, its accuracy will be meaningless. Enhancing the Fuzzy vault accuracy have to be more investigated.
Palacios etal, 2011 This paper discusses biometric access control for e-Health Records in pre-hospital Care
The method is not cost effective and it is not user friendly
METHODOLOGY • Review of related works.
• Developed the model for bio-cryptography using JAVA, C++,
MATHLAB.
• Gathering Electronic health records from near by hospitals.
• Using an eye scanner to encrypt sensitive electronic health records
• Storage of Biometric data in the fuzzy Vault.
SYSTEM MODELS
Iris
USED A GENRATED KEY/
PIN
FUZZY VAULT
Organization
EHR
Doctor
FIngerprint
Doctor
FingerPrint
Regenerate the Keys
BIOMETRIC + KEY
Person Person
CONFIRM IDENTITYIris
ENROLLMENT
LOGIN
LOGIN
BIOMETRIC TEMPLATE DISCARDED
ENCRYPTION MODEL
BIOMETRICS
FUZZY VAULT
KEY
POLYNOMIAL BINARY
DECRYPTION MODEL
FUZZY VAULT
BINARY
POLYNOMIAL IDENTIICATION COMPLETE
IDENTIFICATION INCORRECT
STOP
DECRYPT
USE CASE DIAGRAM 1
User
Register
Login
Capture iris image
register key Authenticate user
<uses>
<uses><uses>
<uses>
<uses>
USE CASE DIAGRAM 2
PHYSICIAN(S)
PATIENTSPARAMEDICS
SIGN UP
BIOMETRIC AUTHENTICATION
GET ACCEESS TO EHR
EMERGENCY DATA(car accident)
ACCESS BASIC INFORMATION
ORGANAIZATIONS
SYSTEM REQUIREMENTS
Software requirements
Microsoft windows XP or higher
Hardware requirements Memory: 2 Gigabyte RAM or higher Hard disk Space: 1Gigabyte or higher Peripherals: Mouse, Keyboard, Monitor 16bit Video graphics Adaptor (VGA) 1.5 GHz or higher processor
RESULT(HOME PAGE)
RESULT CONT.(Capture Page)
RESULT CONT.(Captured iris)
RESULT CONT.(Registration)
RESULT CONT.(Iris authentication page)
SIGNIFICANCE OF STUDY
• This research is significant because of the importance of electronic health records
and how they are kept worldwide. In our world today anybody with means can
walk in and access the electronic health record of anybody he/she want by bribing
the desk staff or even the hospital doctors without the consent of owner. Electronic
health records can win elections or even destroy lives. Therefore it is necessary to
find a way to protect such sensitive data and bio-cryptography would be an effective
method. If all EHR databases are secured by bio-cryptographic approaches, the
health sector will benefit immensely and would be able to stand firm in terms of
information security.
CONCLUSION
• In conclusion, the need to reform the medical sector by imputing bio-
cryptography into the protection of electronic health records is very
importance. The Medical sector will gain immensely from the
induction of biometrics into the protection of electronic health records
and it will be necessary world-wide.
REFERENCES
H.A. Salman, (2013) Fuzzy Bio-Cryptography Key Generation, Computer Science Department,
and University of Technology, on ACIT'2012 Dec.10-13 ISSN: 1812-0857, 2013.
S. Meenakshi and G. Padmavathi, 2010 Securing Revocable Iris and Retinal Templates using
Combined User and Soft Biometric based Password Hardened Multimodal Fuzzy Vault, 2010.
M.Meingast, T.Roosta, S.Sastry, (2006.) “Security and Privacy Issues with Health Care
Information Technology”, Department of Electrical Engineering and Computer Sciences,
University of California, Berkeley
THANK YOU
