Dies ist eine Übersichtsseite mit Metadaten zu dieser wissenschaftlichen Arbeit. Der vollständige Artikel ist beim Verlag verfügbar.
Encryption Characteristics of Two USB-based Personal Health Record Devices
31
Zitationen
2
Autoren
2007
Jahr
Abstract
Personal health records (PHRs) hold great promise for empowering patients and increasing the accuracy and completeness of health information. We reviewed two small USB-based PHR devices that allow a patient to easily store and transport their personal health information. Both devices offer password protection and encryption features. Analysis of the devices shows that they store their data in a Microsoft Access database. Due to a flaw in the encryption of this database, recovering the user's password can be accomplished with minimal effort. Our analysis also showed that, rather than encrypting health information with the password chosen by the user, the devices stored the user's password as a string in the database and then encrypted that database with a common password set by the manufacturer. This is another serious vulnerability. This article describes the weaknesses we discovered, outlines three critical flaws with the security model used by the devices, and recommends four guidelines for improving the security of similar devices.
Ähnliche Arbeiten
Machine Learning in Medicine
2019 · 3.773 Zit.
Systematic Review: Impact of Health Information Technology on Quality, Efficiency, and Costs of Medical Care
2006 · 3.173 Zit.
Effects of Computerized Clinical Decision Support Systems on Practitioner Performance and Patient Outcomes
2005 · 2.970 Zit.
Studies in health technology and informatics
2008 · 2.903 Zit.
An overview of clinical decision support systems: benefits, risks, and strategies for success
2020 · 2.716 Zit.