Fortifying Password Authentication in Integrated Healthcare Delivery Systems
Conference Proceeding Article
Integrated Delivery Systems (IDSs) now become a primary means of care provision in healthcare domain. However, existing password systems (under either the single-server model or the multi-server model) do not provide adequate security when applied to IDSs. We are thus motivated to present a practical password authentication system built upon a novel two-server model. We generalize the two-server model to an architecture of a single control server supporting multiple service servers, tailored to the organizational structure of IDSs. The underlying user authentication and key exchange protocols we propose are password-only, neat, efficient, and robust against off-line dictionary attacks mounted by both servers.
Information Security and Trust
Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security: 2006, Taipei, Taiwan, 21-24 March
City or Country
YANG, Yanjiang; DENG, Robert H.; and Bao, Feng.
Fortifying Password Authentication in Integrated Healthcare Delivery Systems. (2006). Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security: 2006, Taipei, Taiwan, 21-24 March. 255-265. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/545