Keywords

security, authentication, access control, trust negotiation, surrogate trust negotiation

Abstract

The expanding availability of health information in an electronic format is strategic for industry-wide efforts to improve the quality and reduce the cnst of health care. The implementation of electronic medical record systems has been hindered by inadequate security provisions. This paper describes the use of frust negotiation as a framework for providing authentication and access control services in healthcare information systems. nust negotiation enables two parties with no pre-existing relationship to establish the trust necessary to perform sensitive transactions via the mutual disclosure of attributes contained within digital credentials. An extension of this system, surrogate irusf negoikiion is introduced as a way to meet the security requirements of healthcare delivery systems based on mobile computing devices and wireless communication technologies. These innovative technologies have enormous potential to improve the current state of security in healthcare information systems.

Original Publication Citation

David K. Vawdrey, Tore L. Sundelin, Kent E. Seamons, and Charles D. Knutson. "Trust Negotiation for Authentication and Authorization in Healthcare Information Systems." Proceedings of the 25th Annual International Conference of the IEEE Engineering in Medicine and Biology Society, Cancun, Mexico, September 17-21, 23.