Integrated Framework for Telebiometric
data protection in Korea
Anne Shin,
Hanyang Cyber University
Dec. 7 2010
This work was supported by the ICT
Standardization program of MKE(The Ministry of Knowledge Economy).
Geneva, 6-7 December 2010
Addressing security challenges on a global scale
2
Case of Telehealth Service Using Biometrics
(1 of 3)
Geneva, 6-7 December 2010
Addressing security challenges on a global scale
3
Case of Telehealth Service Using Biometrics
(2 of 3)
Korea : LG CNS – Touch Doctor TeleHealth Service
- User Authentication based Fingerprint(1,000Users) : ’08.08
Geneva, 6-7 December 2010
Addressing security challenges on a global scale
4
Case of Telehealth Service Using Biometrics
(3 of 3)
Korea : KonKuk Hospital EMR( Electronic Medical Record)
- Doctor Authentication based Fingerprint(200Users) : ’06.12
Fingerprint based Access Control
SSO
Biometric Center
Biometric Center
DB server
SSO Agent
Crypto Agent
Biometric Agent
JAVA VM
UNIX
HTTP/HTTPS
TCP/IP
Crypto Agent
Biometric Agent
JAVA VM
UNIX
HTTP/HTTPS
TCP/IP
User Info.
Fingerprint
Info.
UNIX
HTTP/HTTPS
TCP/IP
UNIX
HTTP/HTTPS
TCP/IP
L4 Switch
Fingerprint Verification
Fingerprint Enrollment
Doctor Desktop
Biometric Agent
Crypto Agent
SSO Agent
Windows OS
TCP/IP
Fingerprint Sensor
Geneva, 6-7 December 2010
Addressing security challenges on a global scale
5
Integrated in the telemedicine and
telehealth environment
Telehealth provides medical services related to a
user’s health and life. Therefore, if there are any errors
in user authentication, fatal medical problems may
ensue. As a result, biometrics should be used for
enhanced user identification processes.
If sufferers of chronic disease access telehealth services,
the current password or PKI-based user authentication
systems are quite inconvenient, as they require the
input of a password. If biometrics is adopted, user
convenience will be enhanced with the use of physical
feature information, such as the face or a fingerprint.
Geneva, 6-7 December 2010
Addressing security challenges on a global scale
6
Public Health Center
What is it?
A health center is a regional healthcare organization
which provides services to protect local residents
from disease and keep them healthy.
It is installed in each city, county and district pursuant
to ordinance by the local government concerned
Geneva, 6-7 December 2010
Addressing security challenges on a global scale
7
Public Health Center
What does it do?
As specified in Article 9 of Regional Health Act, a health
center performs a variety of work ranging from fostering
public health to study of healthcare services in the region,
which can be categorized into 16 as follows.
1. Health improvement, health education and nutrition
enhancement
2. Control, management and treatment of epidemic
3. Maternity aids and family planning
4. Health services for elders
5. Public sanitization and food safety
Geneva, 6-7 December 2010
Addressing security challenges on a global scale
8
Public Health Center
What does it do?
6. Tasks on guiding medical professionals and organizations
7. Tasks on guiding medical engineer, medical recorder and glasses makers
8. Work on emergency treatment
9. Providing guidance for public clinic doctors, treatment personnel and health clinics
pursuant
to Special Law on Healthcare for Rural Areas.
10. Work related to pharmacists and control of drugs and psychotropic medicine
11. Management in connection with metal health
12. Healthcare services provided at homes or social welfare institutions
13. Treatment and diagnosis of disease for the local residents and monitoring of people
with chronic degenerative diseases
14. Experiments or tests associated with healthcare
15. Rehabilitation efforts for the disabled and other welfare initiatives pursuant to the
enforcement decrees by the health ministry.
16. Other work associated with improvement of health for local residents and research
projects.
Geneva, 6-7 December 2010
Addressing security challenges on a global scale
9
Public Health Care Use case
Geneva, 6-7 December 2010
Addressing security challenges on a global scale
10
System Configuration
Geneva, 6-7 December 2010
Addressing security challenges on a global scale
11
Authentication Method using PKI
Geneva, 6-7 December 2010
Addressing security challenges on a global scale
12
Biometric-based u-Healthcare
Integration Model
U-Health terminal
Sensor
U-Health center
Medical information
storage in Center
Acquire
Health information
Health information
Personal
Terminal
identification identification
information Information
Health
Store
information
Transmit
Receive
Personal information
storage in Terminal
Terminal identification
information
User identification
information
Reference
Compare
Personal information
storage in Center
User identification
information
Terminal identification
information
Compare
Bio sensor
Geneva, 6-7 December 2010
Acquire
Addressing security challenges on a global scale
13