1. Patient’s privacy protection with anonymous access to medical services Dasun Weerasinghe, Kalid Elmufti, M Rajarajan, Veselin Rakocevic Mobile Networks Research Group School of Engineering and Mathematical Sciences City University London

2. Outline of the Presentation Motivation factor Anonymous access medial environment Propose protocol Security tokens Risk analysis Conclusion

3. Motivation factor Overstretched and under budgeted health sector Data transmission in the Internet/mobile network Sensitive medical information Possibility of selling medical information Patient’s privacy Patient’s anonymity

4. Anonymous Access Medical Environment

5. Protocol Anonymous authentication and access to Healthcare service providers (HSP) Patients access medications over the Internet or Mobile networks Assumptions  Patients register with Healthcare Service Unit (HSU)  HSP are registered with HSU 2 phases in the protocol  Patient registration with the HSP  Patient authentication and anonymous service access

6. Patient registration with the HSP HSP Registration Token, tsK Confirmation for User Registration Registration Token, Service Information HSP Patient HSUHSP Request to Register for a service Registration Request Token RT= eHSP (sHSU [UID|TS]) RRT = eHSP (sHSU [UID|TS|tsK|KeyLifeTime])

7. Security Tokens in Registration Registration Token  RT = eHSP (sHSU [UID|TS]) String Timestamp Registration Request Token  RRT = eHSP (sHSU [UID|TS|tsK|KeyLifeTime]) String Timestamp Key

8. Patient authentication and anonymous service access HSUHSP User Token, tsK, key life time User Token HSUHSP Patient HSUHSP Request to access HSP Service Request Confirmation Authentication Service Response UT = eHSP (sHSU [TUID|TS|tsK|KeyLifeTime])

9. Security Tokens in Request Access User Token  UT = eHSP (sHSU [TUID|TS|tsK|KeyLifeTime]) String Timestamp Key Time

10. Risk Analysis User Anonymity  HSP identifies patient with a temporary identity  Temporary identity doesn’t relate with the true identity Message Privacy  Patient’s health information doesn't relate with true identities Message confidentiality  Messages are encrypted User Authentication and Authorization  Secure authentication credentials are used  User tokens are generated by HSU

11. Risk Analysis (Contd.) Replay Attacks  Unable to reuse the previous login authentication messages  Attackers are unable to alter timestamps Audit trials  HSU logs login and service access requests  HSP logs service requests Reverse identity track  HSU maintains mapping between a temporary identity and the true identity  In a critical medical situation

12. Prototype development Fully developed this protocol as a prototype Functional with  Temporary identity  XML Signature  XML Encryption/Decryption  Key management Technology and standards  XML Security  Single-Sign-On (SSO)  Liberty Alliance standards If anyone interested then I can do a demo

13. Conclusion Patient access the medical environment without providing the identity Anonymous access medical environment Protocol with message formats Security tokens for authentication and authorization Risk analysis of the protocol

14. Q & A ??????

15. Thank you !!!!!