A security architecture for medical application platforms

K-REx Repository

Show simple item record

dc.contributor.author Salazar, Carlos
dc.date.accessioned 2014-08-14T19:17:44Z
dc.date.available 2014-08-14T19:17:44Z
dc.date.issued 2014-08-14
dc.identifier.uri http://hdl.handle.net/2097/18234
dc.description.abstract The Medical Device Coordination Framework (MDCF) is an open source Medical Application Platform (MAP) that facilitates interoperability between heterogeneous medical devices. The MDCF is designed to be an open test bed for the conceptual architecture described by the Integrated Clinical Environment (ICE) interoperability standard. In contrast to existing medical device connectivity features that only provide data logging and display capabilities, a MAP such as the MDCF also allows medical devices to be controlled by apps. MAPs are predicted to enable many improvements to health care, however they also create new risks to patient safety and privacy that need to be addressed. As a result, MAPs such as the MDCF and other ICE-like systems require the integration of security features. This thesis lays the groundwork for a comprehensive security architecture within the MDCF. Specifically, we address the need for access control, device certification, communication security, and device authentication. We begin by describing a system for ensuring the trustworthiness of medical devices connecting to the MDCF. To demonstrate trustworthiness of a device, we use a chain of cryptographic certificates which uniquely identify that device and may also serve as non- forgeable proof of regulatory approval, safety testing, or compliance testing. Next, we cover the creation and integration of a pluggable, flexible authentication system into the MDCF, and evaluate the performance of proof-of-concept device authentication providers. We also discuss the design and implementation of a communication security system in the MDCF, which enables the creation and use of communication security providers which can provide data confidentiality, integrity, and authenticity. We conclude this work by presenting the requirements and a high level design for a Role-Based Access Control (RBAC) system within the MDCF. en_US
dc.description.sponsorship National Institutes of Health, National Science Foundation en_US
dc.language.iso en_US en_US
dc.publisher Kansas State University en
dc.subject Medical device coordination en_US
dc.subject Computer security en_US
dc.subject Security architecture en_US
dc.subject Integrated clinical environment en_US
dc.subject Medical application platform en_US
dc.title A security architecture for medical application platforms en_US
dc.type Thesis en_US
dc.description.degree Master of Science en_US
dc.description.level Masters en_US
dc.description.department Department of Computing and Information Sciences en_US
dc.description.advisor Eugene Vasserman en_US
dc.subject.umi Computer Science (0984) en_US
dc.date.published 2014 en_US
dc.date.graduationmonth August en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search K-REx

Advanced Search


My Account


Center for the

Advancement of Digital