Abstract
The introduction of e-Health applications has not only brought benefits, but also raised serious concerns regarding security and privacy of health data. The increasing demands of accessing health data, highlighted critical questions and challenges concerning the confidentiality of electronic patient records and the efficiency of accessing these records. Therefore, the aim of this paper is to provide secure and efficient access to electronic patient records. In this paper, we propose a novel protocol called the Linkable Anonymous Access protocol (LAA). We formally verify and analyse the protocol against security properties such as secrecy and authentication using the Casper/FDR2 verification tool. In addition, we have implemented the protocol using the Java technology to evaluate its performance. Our formal security analysis and performance evaluation proved that the LAA protocol supports secure access to electronic patient records without compromising performance.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Alvarez, R.C.: The promise of e-health - A canadian perspective. Ehealth International 1(1) (September 2002)
Pang, C., Hansen, D.: Improved record linkage for encrypted identifying data, Sydney, Austrailia, pp. 164–168 (2006)
Addas, R., Zhang, N.: An enhanced approach to supporting controlled access to eprs with three levels of identity privacy preservations. In: Holzinger, A., Simonic, K.-M. (eds.) USAB 2011. LNCS, vol. 7058, pp. 547–561. Springer, Heidelberg (2011)
Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)
Lowe, G.: An attack on the needham-schroeder public-key authentication protocol. Information Processing Letters 56(3), 131–133 (1995)
Kim, I.G., Choi, J.Y.: Formal verification of pap and eap-md5 protocols in wireless networks: Fdr model checking. In: 18th International Conference on Advanced Information Networking and Applications, AINA 2004, vol. 2, pp. 264–269 (2004)
Lowe, G.: Casper: A compiler for the analysis of security protocols, pp. 18–30 (June 1997)
Formal System (Europe) LTD.: Failure-divergences refinement fdr2 manual (2010)
Kim, I.G., Kim, H.S., Lee, J.Y., Choi, J.Y.: Analysis and modification of ask mobile security protocol. In: The Second IEEE International Workshop on Mobile Commerce and Services, WMCS 2005, pp. 79–83 (2005)
Kim, H.S., Oh, J.H., Choi, J.Y., Kim, J.W.: The vulnerabilities analysis and design of the security protocol for rfid system. In: The Sixth IEEE International Conference on Computer and Information Technology, CIT 2006, p. 152 (2006)
Chan, P., Lee, R., Kramer, D.: The Java Class Libraries, Volume 1: Supplement for the Java 2 Platform, Standard Edition, V 1.2., vol. 1. Addison-Wesley Professional (1999)
Gilbert, H., Handschuh, H.: Security Analysis of SHA-256 and Sisters. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 175–193. Springer, Heidelberg (2004)
Blömer, J., Seifert, J.-P.: Fault based cryptanalysis of the advanced encryption standard (aes). In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 162–181. Springer, Heidelberg (2003)
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 120–126 (1978)
Wagner, D., Schneier, B.: Analysis of the ssl 3.0 protocol. In: Proceedings of the Second Unix Workshop on Electronic Commerce, pp. 29–40. USENIX Association (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 IFIP International Federation for Information Processing
About this paper
Cite this paper
Addas, R., Zhang, N. (2014). Formal Security Analysis and Performance Evaluation of the Linkable Anonymous Access Protocol. In: Linawati, Mahendra, M.S., Neuhold, E.J., Tjoa, A.M., You, I. (eds) Information and Communication Technology. ICT-EurAsia 2014. Lecture Notes in Computer Science, vol 8407. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-55032-4_51
Download citation
DOI: https://doi.org/10.1007/978-3-642-55032-4_51
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-55031-7
Online ISBN: 978-3-642-55032-4
eBook Packages: Computer ScienceComputer Science (R0)