Title: dokspot : securely linking healthcare products with online instructions
Authors : Lapagna, Kevin
Zollinger, Moritz
Rennhard, Marc
Strobel, Hans
Derché, Cyrille
Proceedings: HEALTHINFO 2018 : the Third International Conference on Informatics and Assistive Technologies for Health-Care, Medical Support and Wellbeing
Conference details: HEALTHINFO 2018 : the Third International Conference on Informatics and Assistive Technologies for Health-Care, Medical Support and Wellbeing, 14-18 October 2018, Nice, France
Publisher / Ed. Institution : Filodiritto
Issue Date: Oct-2018
License (according to publishing contract) : Licence according to publishing contract
Type of review: Peer review (Publication)
Language : English
Subjects : Web application security; Microservices; Digital signatures; Passwordless signatures; Healthcare product instructions; Online document management system
Subject (DDC) : 005: Computer programming, programs and data
Abstract: Printed instructions for products get replaced more and more by digital versions that are made available over the internet. In safety-sensitive fields such as healthcare products, availability and integrity of these instructions is of highest importance. However, providing and managing instructions online opens the door to a wide range of potential attacks, which may negatively affect availability and integrity. In this paper, dokspot is presented, which is an internet-based service that aims at solving this problem by securely linking healthcare products with online instructions. The key to achieve this is a sophisticated security architecture and the focus of this paper is on the core components of this architecture. This includes a secure workflow to manage online instructions, which prevents, e.g., attacks by malicious insiders. Also, the traditionally monolithic web application architecture was split into role-based microservices, which provides protection even if parts of the system are compromised. Furthermore, digital signatures are utilized to continuously safeguard the lifecycle of online instructions to guarantee their genuineness and integrity. And finally, a passwordless signature scheme is introduced to hide inconvenient extra steps from the users while still maintaining security. Overall, this security architecture makes dokspot highly resistant to a wide range of attacks.
Departement: School of Engineering
Organisational Unit: Institute of Applied Information Technology (InIT)
Publication type: Conference Paper
ISBN: 978-1-61208-675-0
ISSN: 2519-8491
URI: https://digitalcollection.zhaw.ch/handle/11475/8897
Published as part of the ZHAW project : dokspot - Highly Trustworthy Service for Linking Physical Products with Digital Information
Appears in Collections:Publikationen School of Engineering

Files in This Item:
There are no files associated with this item.


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.