Fortifying Password Authentication in Integrated Healthcare Delivery Systems

Author

Yanjiang YANG, Singapore Management UniversityFollow
Robert H. DENG, Singapore Management UniversityFollow
Feng BAO, Singapore Management UniversityFollow

Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

3-2006

Abstract

Integrated Delivery Systems (IDSs) now become a primary means of care provision in healthcare domain. However, existing password systems (under either the single-server model or the multi-server model) do not provide adequate security when applied to IDSs. We are thus motivated to present a practical password authentication system built upon a novel two-server model. We generalize the two-server model to an architecture of a single control server supporting multiple service servers, tailored to the organizational structure of IDSs. The underlying user authentication and key exchange protocols we propose are password-only, neat, efficient, and robust against off-line dictionary attacks mounted by both servers.

Discipline

Information Security | Medicine and Health Sciences

Research Areas

Cybersecurity

Publication

ASIACCS '06: Proceedings of the ACM Symposium on Information, Computer and Communications Security: Taipei, Taiwan, 21-24 March

First Page

255

Last Page

265

ISBN

9781595932723

Identifier

10.1145/1128817.1128855

Publisher

ACM

City or Country

New York

Citation

YANG, Yanjiang; DENG, Robert H.; and BAO, Feng. Fortifying Password Authentication in Integrated Healthcare Delivery Systems. (2006). ASIACCS '06: Proceedings of the ACM Symposium on Information, Computer and Communications Security: Taipei, Taiwan, 21-24 March. 255-265.
Available at: https://ink.library.smu.edu.sg/sis_research/545

Copyright Owner and License

Publisher

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1145/1128817.1128855