Online at Will: A Novel Protocol for Mutual Authentication in Peer-to-Peer Networks for Patient-Centered Health Care Information Systems
Proceedings of the 54th Hawaii International Conference on System Sciences (HICSS 2021), Virtual Conference
10 Pages Posted: 18 Oct 2020
Date Written: January 5, 2021
Patient-centered health care information sys-tems (PHSs) on peer-to-peer (P2P) networks promise decentralization benefits. P2P PHSs, such as decen-tralized personal health records or interoperable Covid-19 proximity trackers, can enhance data sover-eignty and resilience to single points of failure, but the openness of P2P networks introduces new security issues. We propose a novel, simple, and secure mutual authentication protocol that supports offline access, leverages independent and stateless encryption ser-vices, and enables patients and medical professionals to establish secure connections when using P2P PHSs. Our protocol includes a virtual smart card (software-based) feature to ease integration of authentication features of emerging national health-IT infrastruc-tures. The security evaluation shows that our protocol resists most online and offline threats while exhibiting performance comparable to traditional, albeit less secure, password-based authentication methods. Our protocol serves as foundation for the design and im-plementation of P2P PHSs that will make use of P2P PHSs more secure and trustworthy.
Keywords: Peer-to-Peer, Health IT, Authentication, Information Security
JEL Classification: L86
Suggested Citation: Suggested Citation