medigraphic.com
ISSN 1684-1859 (Print)

2020, Number 2

<< Back Next >>

Revista Cubana de Informática Médica 2020; 12 (2)

PKI-based trust scheme for the exchange of electronic clinical information in the XAVIA HIS system

Urquijo MY, Orellana GA

Language: Spanish
References: 15
Page:
PDF size: 513.45 Kb.


ABSTRACT

Computer security has become a necessity and a right for all citizens. The IT systems used in the health sector have much easier and more sustainable digital storage and guarantee the privacy and integrity of information, which are sensitive issues. In Cuba, there is no centralized PKI (Public Key Infrastructure) scheme at the national level that promotes and guarantees the security of sensitive information in the public health system, which puts the authenticity, integrity and confidentiality of personal medical data at risk. The aim of our work was to design a security structure centered on PKI among health institutions, based on the national public key infrastructure as root certificate authority (CA). In order to achieve this, a documentary analysis was carried out on the current state of the art in the subject; as well as interviews with administrative staff, hospital managers and specialists in computer security, which allowed the research bases to be created. As a result, a trust scheme was obtained that promotes the secure exchange of patients' medical records between health institutions. The implementation of a PKI infrastructure in the health sector allows institutions to exchange medical records through a network with a high level of security.


REFERENCES

  1. CUBA, Ministerio De Salud Pública De Cuba. Plan de desarrollo y uso de las Tecnologías de la Información y Comunicaciones del Sistema Nacional de Salud 2017 - 2021. Revista de Información científica para la Dirección en Salud. 2017.

  2. Gómez A, Plazzotta F, Campos F, Martínez M, Severino J, Pedernera F, et al. Desarrollo de un sistema para la firma digital de Registros Médicos. En II Congreso de Tecnologías de Información en Salud 2006.

  3. Castro Martínez FJ. Gestor de certificados digitales con PKI [tesis de graduación]. Universidad Carlos III de Madrid. 2013. [citado 11 Ene 2020]. Disponible en: https://e-archivo.uc3m.es/bitstream/handle/10016/25903/PFC_FranciscoJavier_Castro_Martinez.pdf

  4. Ministerio del interior. Resolución No. 2/2016. Gaceta Oficial, de la República de Cuba [Internet]. 2016. [citado 11 Ene 2020]. Disponible en: https://www.gacetaoficial.gob.cu/codbuscar.php.

  5. Gallardo Urbini IM. Certificados digitales: de una arquitectura jerárquica y centralizada a una distribuida y descentralizada [tesis de maestría]. Argentina: Universidad Nacional de La Plata. [citado 11 Ene 2020]. Disponible en: http://sedici.unlp.edu.ar/handle/10915/72076

  6. Ben Bouker Hmaddouch S. Estudio, propuesta y desarrollo de componentes avanzados para una PKI Híbrida [tesis carrera]. España: Universidad Politécnica de Cataluña.

  7. Slagell A, Bonilla R, Yurcik W. A survey of PKI components and scalability issues. In 2006 IEEE International Performance Computing and Communications Conference. 2006 Apr 10.

  8. Selvakumaraswamy S, Govindaswamy U. Efficient Transmission of PKI Certificates using Elliptic Curve Cryptography and its Variants. International Arab Journal of Information Technology (IAJIT). 2016 Jan;13(1). Revisar

  9. Barker E. Guideline for using cryptographic standards in the federal government: Cryptographic mechanisms. National Institute of Standards and Technology; 2016 Mar 11.

  10. Chokhani S, Ford W, Sabett R, Merrill CR, Wu SS. Internet X. 509 Public Key Infrastructure Certificate Policy and Certification Practices Framework. RFC. 2003 Nov;(3647):1-94.

  11. Gallagher P. Digital signature standard (DSS). Federal Information Processing Standards Publications.2013;FIPS:186-93.

  12. Cuno A. Conceptos de Firma Digital. Identidad digital. La identificación desde los registros parroquiales al DNI electrónico. 2015. Lima Perú. RENIEC. Pags 107-73. [citado 11 Ene 2020]. Disponible en: https://www.iidh.ed.cr/capel/media/1479/indentidad-digital-la-identificaci%C3%B3n-desde-los-registros-parroquiales-al-dni-electr%C3%B3nico.pdf

  13. Hawanna V, Kulkarni VY, Rane RA, Mestri P, Panchal S. Risk Rating System of X. 509 Certificates. Procedia Computer Science. 2016 Jan 1(89):152-61.

  14. Escobar PP, del Fresno M, Arguiñarena E. Transacciones electrónicas seguras en salud. ResearchGate [Internet]. 2007 [cited 2019 Mar 4]. Available from: https://www.researchgate.net/publication/260311227_Transacciones_electronicas_seguras_en_salud.

  15. Ledo D. Infraestructura de firma y validación digital de los documentos clínicos electrónicos generados por el sistema alas HIS. 2011 [tesis carrera]. Cuba: Universidad de las Ciencias Informáticas.




2020     |     www.medigraphic.com