Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

A security architecture for accessing health records on mobile phones

: Dmitrienko, A.; Hadzic, Z.; Löhr, H.; Winandy, M.; Sadeghi, A.-R.

Traver, V. ; Institute for Systems and Technologies of Information, Control and Communication -INSTICC-, Setubal:
HEALTHINF 2011 - Proceedings of the International Conference on Health Informatics : Rome, Italy. January 26-29, 2011
SciTePress, 2011
ISBN: 978-989-8425-34-8
International Conference on Health Informatics (HEALTHINF) <2011, Rome>
Fraunhofer SIT ()

Using mobile phones to access healthcare data is an upcoming application scenario of increasing importance in the near future. However, important aspects to consider in this context are the high security and privacy requirements for sensitive medical data. Current mobile phones using standard operating systems and software cannot offer appropriate protection for sensitive data, although the hardware platform often offers dedicated security features. Malicious software (malware) like Trojan horses on the mobile phone could gain unauthorized access to sensitive medical data. In this paper, we propose a complete security framework to protect medical data (such as electronic health records) and authentication credentials that are used to access e-health servers. Derived from a generic architecture that can be used for PCs, we introduce a security architecture specifically for mobile phones, based on existing hardware security extensions. We describe security building blocks , including trusted hardware features, a security kernel providing isolated application environments as well as a secure graphical user interface, and a trusted wallet (TruWallet) for secure authentication to e-health servers. Moreover, we present a prototype implementation of the trusted wallet on a current smartphone: the Nokia N900. Based on our architecture, health care professionals can safely and securely process medical data on their mobile phones without the risk of disclosing sensitive information as compared to commodity mobile operating systems.