Popis: |
Third-party based mobile health monitoring systems are vulnerable to threats not only imposed by outsiders but also authorized insiders, e.g. employees of the third-party service provider. This paper examines issues in this context and proposes a novel framework, called a secure and ID privacy preserving framework (SPDC), to facilitate secure and ID privacy-preserving data collections from remote patients. The framework has a number of properties: (i) it supports three different modes of data collections and different treatment of data with two levels of urgency, (ii) it protects the confidentiality and authenticity of data being collected, (iii) it preserves patients' ID privacy against external entities as well as entities that are involved in facilitating the data collections, (iv) it uses distributed load-sharing so that no single entity is wholly responsible for the task of data collections. The ideas used in achieving these properties include the use of structured use of multiple data collection servers and multi-level hierarchical pseudonyms to hide patients' IDs as well as their communication patterns, and the separation of duties and pseudonym and blind-token based authentication methods so that patients' can be identified and authenticated without revealing their real IDs. Security analysis against design requirements and anonymity evaluation using entropy method are carried out to demonstrate that the framework can resists attacks on data security and protects the patients' IDs from being revealed to unauthorized entities. |