Security Analysis and Implementation of Web-based Telemedicine Services with a Four-tier Architecture

Amiya K. Maji; Arpita Mukhoty; Arun K. Majumdar; Jayanta Mukhopadhyay; Shamik Sural; Soubhik Paul; Bandana Majumdar

1st International ICST Workshop on Connectivity, Mobility and Patients' Comfort

Research Article

Security Analysis and Implementation of Web-based Telemedicine Services with a Four-tier Architecture

Download820 downloads

Cite: BibTeX Plain Text

@INPROCEEDINGS{10.4108/ICST.PERVASIVEHEALTH2008.2518,
    author={Amiya K. Maji and Arpita Mukhoty and Arun K. Majumdar and Jayanta Mukhopadhyay and Shamik Sural and Soubhik Paul and Bandana Majumdar},
    title={Security Analysis and Implementation of Web-based Telemedicine Services with a Four-tier Architecture},
    proceedings={1st International ICST Workshop on Connectivity, Mobility and Patients' Comfort},
    publisher={IEEE},
    proceedings_a={CMPC},
    year={2010},
    month={5},
    keywords={multi-tier; telemedicine; vulnerability analysis; ehealth; web based},
    doi={10.4108/ICST.PERVASIVEHEALTH2008.2518}
}

Amiya K. Maji
Arpita Mukhoty
Arun K. Majumdar
Jayanta Mukhopadhyay
Shamik Sural
Soubhik Paul
Bandana Majumdar
Year: 2010
Security Analysis and Implementation of Web-based Telemedicine Services with a Four-tier Architecture
CMPC
IEEE
DOI: 10.4108/ICST.PERVASIVEHEALTH2008.2518

Amiya K. Maji¹^,*, Arpita Mukhoty¹^,*, Arun K. Majumdar¹^,*, Jayanta Mukhopadhyay¹^,*, Shamik Sural¹^,*, Soubhik Paul¹^,*, Bandana Majumdar¹^,*

1: Indian Institute of Technology Kharagpur, India

*Contact email: amiya@cse.iitkgp.ernet.in, amukhoty@cse.iitkgp.ernet.in, akmj@cse.iitkgp.ernet.in, jay@cse.iitkgp.ernet.in, shamik@cse.iitkgp.ernet.in, spaul@cse.iitkgp.ernet.in, m_bandana@cse.iitkgp.ernet.in

Abstract

Security of Telemedicine applications is not often given adequate importance by the developers and healthcare administrators primarily to reduce cost. Though some security safeguards are employed by these applications to comply with existing medical data security and privacy regulations, these are not adequate in today’s context. Moreover, in a web-based application environment not only the data but also the application itself is vulnerable to attackers. Keeping these concerns in mind, we present the design of a web-based, four-tier Telemedicine System named iMedik which is accessible over desktops as well as handheld devices. We have illustrated how the proposed system differs from existing three-tier web applications. The compliance status of the application with HIPAA Security Guidelines has also been noted. The security measures described in our approach look into the four-tier architecture from an attacker’s viewpoint and present a simple road map for developing secure e-health application with anywhere, anytime availability. Keywords

Keywords: multi-tier; telemedicine; vulnerability analysis; ehealth; web based

Published: 2010-05-16
Publisher: IEEE
Modified: 2010-05-16

: http://dx.doi.org/10.4108/ICST.PERVASIVEHEALTH2008.2518