Security in Wireless Medical Networks

In the medical scenario, electronic information management and wireless computer networks provide ubiquitous access possibilities to medical databases which may comprise hundreds of thousands of electronic patient records (EPRs). Such records may contain personal and highly sensitive patient data, and it is therefore necessary to limit the accessibility of such data to only concerning medical personnel. Criteria for granting (or authorization) of EPR access should be based on legitimacy and the need-to-know principle, meaning that only medical personnel that is going to provide medical care to a given patient should be granted access to the necessary medical data of the concerning patient they are going to provide care for. EPR access control based on such criteria would help to prevent illegitimate persons from accessing patient data. This could be implemented by means of patient consent, where EPR access is provided to legitimate medical practitioners due to the consent of the pertaining patient. It could also be implemented by group consensus, where the consensus of a minimum number of concerned participants could qualify for authorization of EPR access. Hence, a given number of associated medical practitioners, e.g., a medical team, could be recognized as a proper basis for trust. Since medical care is often provided by medical teams, the consensus of a minimum number of the team members would thus act as a qualifying criterion for such teams to acquire EPR access. The hierarchical ranking of medical practitioners is significant, since higher ranking implies more privileges. Medical practitioners of higher ranking (e.g., medical doctors) are accordingly in position to be entrusted access to more sensitive medical data than practitioners of lower ranking (e.g., nurses). An essential hierarchical security requirement is to ensure that the medical practitioners are only granted access to EPR data whose confidentiality level is in agreement with the user ranking, and to EPR data associated with the underlying confidentiality levels. In addition to the mentioned accessibility issues, protection of communicated data to and among multiple users is likewise of essential interest in the medical scenario. In this thesis, we present a number of cryptographic methods for secure establishment of EPR access according to the mentioned issues, and methods for secure transmission of medical data over insecure wireless networks.