A security architecture for medical application platforms

dc.contributor.authorSalazar, Carlos
dc.date.accessioned2014-08-14T19:17:44Z
dc.date.available2014-08-14T19:17:44Z
dc.date.graduationmonthAugust
dc.date.issued2014-08-01
dc.date.published2014
dc.description.abstractThe Medical Device Coordination Framework (MDCF) is an open source Medical Application Platform (MAP) that facilitates interoperability between heterogeneous medical devices. The MDCF is designed to be an open test bed for the conceptual architecture described by the Integrated Clinical Environment (ICE) interoperability standard. In contrast to existing medical device connectivity features that only provide data logging and display capabilities, a MAP such as the MDCF also allows medical devices to be controlled by apps. MAPs are predicted to enable many improvements to health care, however they also create new risks to patient safety and privacy that need to be addressed. As a result, MAPs such as the MDCF and other ICE-like systems require the integration of security features. This thesis lays the groundwork for a comprehensive security architecture within the MDCF. Specifically, we address the need for access control, device certification, communication security, and device authentication. We begin by describing a system for ensuring the trustworthiness of medical devices connecting to the MDCF. To demonstrate trustworthiness of a device, we use a chain of cryptographic certificates which uniquely identify that device and may also serve as non- forgeable proof of regulatory approval, safety testing, or compliance testing. Next, we cover the creation and integration of a pluggable, flexible authentication system into the MDCF, and evaluate the performance of proof-of-concept device authentication providers. We also discuss the design and implementation of a communication security system in the MDCF, which enables the creation and use of communication security providers which can provide data confidentiality, integrity, and authenticity. We conclude this work by presenting the requirements and a high level design for a Role-Based Access Control (RBAC) system within the MDCF.
dc.description.advisorEugene Vasserman
dc.description.degreeMaster of Science
dc.description.departmentDepartment of Computing and Information Sciences
dc.description.levelMasters
dc.description.sponsorshipNational Institutes of Health, National Science Foundation
dc.identifier.urihttp://hdl.handle.net/2097/18234
dc.language.isoen_US
dc.publisherKansas State University
dc.rights© the author. This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s).
dc.rights.urihttp://rightsstatements.org/vocab/InC/1.0/
dc.subjectMedical device coordination
dc.subjectComputer security
dc.subjectSecurity architecture
dc.subjectIntegrated clinical environment
dc.subjectMedical application platform
dc.subject.umiComputer Science (0984)
dc.titleA security architecture for medical application platforms
dc.typeThesis

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
CarlosSalazar2014.pdf
Size:
3.58 MB
Format:
Adobe Portable Document Format
Description:
Main article (numbering corrected)

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.62 KB
Format:
Item-specific license agreed upon to submission
Description: