Volume 4 - Issue 1
A Secure ECC-based Electronic Medical Record System
- Kun-Lin Tsai
Tunghai University, Taichung City, Taiwan
kltsai@thu.edu.tw
- Fang-Yie Leu
Tunghai University, Taichung City, Taiwan
- Tien-Han Wu
Tunghai University, Taichung City, Taiwan
- Shin-shiuan Chiou
Tunghai University, Taichung City, Taiwan
- Yu-Wei Liu
Tunghai University, Taichung City, Taiwan
- Han-Yun Liu
Tunghai University, Taichung City, Taiwan
Keywords: elliptic curve cryptography, electronic medical record, communication security, cloud database
Abstract
In recent years, portable devices and wireless communication have been popularly used by people
in their everyday lives. In fact, with these facilities, due to their usage convenience and mobility,
the instantaneity of inpatient care can be significantly improved. Also, many hospitals utilize cloud
systems to store electronic medical records (EMRs). One of the purposes is allowing authorized personnel
to access these records anytime and anywhere. Meanwhile, owning to personal privacy, the
security of transmitting and accessing these records is one of the critical issues in maintaining and
delivering them. In a cryptosystem, when we increase the length of an encryption key, the security
level of the protected system will be higher. But the computation time is also lengthened and data
transmission performance is then worsened. Compared with a popular cryptosystem, the RSA, under
the same security level, Elliptic Curve Cryptography (ECC) requires shorter length of a key than
RSA does. That means it is more suitable being used by portable devices to encrypt delivered data.
Therefore, in this paper, we propose a secure EMR service system, named the ECC-based Secure
EMR System (ESEMR for short) which employs a cloud database, an ECC integration unit, a smart
card, and portable devices to provide users with a secure environment for EMR transmission. The
ECC integration unit which integrates a 256-bit ECC chip, wireless transceiver, smart card interface,
and USB interface for fast computing and reducing the communication load of a portable device can
also securely protect the EMRs when they are delivered between the cloud system and the portable
device so as to enhance their transmission security and the patient care quality.