Format

Send to

Choose Destination
J Biomed Inform. 2016 Apr;60:270-85. doi: 10.1016/j.jbi.2016.02.006. Epub 2016 Feb 13.

Analysis of ISO/IEEE 11073 built-in security and its potential IHE-based extensibility.

Author information

1
eHealthZ Research Group, Communications Networks and Information Technologies for E-health and Quality of Experience Group (CeNITEQ), Aragón Institute of Engineering Research (University of Zaragoza), Edif. Ada Byron, C/María de Luna 3, 50018 Zaragoza, Spain. Electronic address: orubio@unizar.es.
2
Department of Electrical and Electronic Engineering, Public University of Navarre, Campus de Arrosada, 31006 Pamplona, Spain. Electronic address: jesusdaniel.trigo@unavarra.es.
3
eHealthZ Research Group, Communications Networks and Information Technologies for E-health and Quality of Experience Group (CeNITEQ), Aragón Institute of Engineering Research (University of Zaragoza), Edif. Ada Byron, C/María de Luna 3, 50018 Zaragoza, Spain. Electronic address: alesanco@unizar.es.
4
Department of Electrical and Electronic Engineering, Public University of Navarre, Campus de Arrosada, 31006 Pamplona, Spain. Electronic address: lserrano@unavarra.es.
5
eHealthZ Research Group, Communications Networks and Information Technologies for E-health and Quality of Experience Group (CeNITEQ), Aragón Institute of Engineering Research (University of Zaragoza), Edif. Ada Byron, C/María de Luna 3, 50018 Zaragoza, Spain. Electronic address: jogarmo@unizar.es.

Abstract

The ISO/IEEE 11073 standard for Personal Health Devices (X73PHD) aims to ensure interoperability between Personal Health Devices and aggregators-e.g. health appliances, routers-in ambulatory setups. The Integrating the Healthcare Enterprise (IHE) initiative promotes the coordinated use of different standards in healthcare systems (e.g. Personal/Electronic Health Records, alert managers, Clinical Decision Support Systems) by defining profiles intended for medical use cases. X73PHD provides a robust syntactic model and a comprehensive terminology, but it places limited emphasis on security and on interoperability with IHE-compliant systems and frameworks. However, the implementation of eHealth/mHealth applications in environments such as health and fitness monitoring, independent living and disease management (i.e. the X73PHD domains) increasingly requires features such as secure connections to mobile aggregators-e.g. smartphones, tablets-, the sharing of devices among different users with privacy, and interoperability with certain IHE-compliant healthcare systems. This work proposes a comprehensive IHE-based X73PHD extension consisting of additive layers adapted to different eHealth/mHealth applications, after having analyzed the features of X73PHD (especially its built-in security), IHE profiles related with these applications and other research works. Both the new features proposed for each layer and the procedures to support them have been carefully chosen to minimize the impact on X73PHD, on its architecture (in terms of delays and overhead) and on its framework. Such implications are thoroughly analyzed in this paper. As a result, an extended model of X73PHD is proposed, preserving its essential features while extending them with added value.

KEYWORDS:

Authentication; IHE; ISO/IEEE 11073; Privacy; Security

PMID:
26883877
DOI:
10.1016/j.jbi.2016.02.006
[Indexed for MEDLINE]
Free full text

Supplemental Content

Full text links

Icon for Elsevier Science
Loading ...
Support Center