| Summary: | 博士 === 國立成功大學 === 製造資訊與系統研究所碩博士班 === 101 === Integrated EPR information systems support convenient and rapid e-medicine services. Passwords play an important role for each user, such as a doctor, a nurse or a patient, to achieve a secure and efficient authentication scheme for an integrated EPR information system that safeguards electronic patient records (EPRs), and helps health-care workers and medical personnel to make correct clinical decisions rapidly.
This research develops an efficient password-based authentication scheme for an integrated EPR information system. Compared with related approaches, the proposed scheme not only has a lower computational cost and does not require verifier tables for storing the secret information of the users, but also withstands various attacks such as password guessing attacks, stolen-verifier attacks, server spoofing attacks, impersonation attacks.
Additionally, the group password-based authenticated key agreement (GPAKE) scheme allowed a group of users, such as doctors, nurses and patients, to establish a common session key using password authentication. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for an integrated EPR information system. It does not require using the server or public keys of the users. Each user only remembers its weak password shared with a trusted server, and can thus obtain a common session key. Then, all users can securely communicate using this session key. The proposed two protocols are not only effective, but also highly secure.
|
|---|
