XML-based encryption signature of electronic medical records
XML-based Signature for Electronic Patient Record System Wang Yixiong a Zhaofu Yi b Tse-Sheng Chen c
Kung University, Department of Engineering Science
b [email protected] c [email protected]
Summary
This research is based on XML Signature / medical personnel, methods to construct a set of credentials for the hospitals use electronic medical records system. In the electronic medical record system, using XML syntax description of electronic signatures, encryption technology, to solve some of the traditional signature of a signature file can not be signed with multiple problems, and address multiple medical distinction between powers and responsibilities of the role of the professional division of the electronic signature problem.
Keywords: XML signature, electronic medical records, X.509 certificates Abstract
This research is based on XML signature and Healthcare Professional Card to build an EPRs (Electronic Patient Record System). We use XML technology to describe Electronic Encryption, which can resolve Multi-Electronic Encryption in a patient document to improve the past partially
encryption. We also apply XML tool to implement Electronic Signature which can solve Multi-
Electronic Signatures when a patient's record needs many healthcare workers to have their Electronic Signatures.
Key Words: XML Signature, Electronic Patient Record, X.509 Certificate One. Introduction
U.S. federal government in 1996 passed the Health Insurance Act, also known as the Federal Health Insurance Portability and Accountability Act (Health Insurance Portability and Accountability Act; HIPAA)[11], standardized application and patient medical information privacy bill; specify that all the health care system, including insurers, medical providers, employers must comply with relevant regulations.
Asked the health care system should fulfill the responsibility to protect patient medical information to ensure that the information will not be disclosed.
National Department of Health to promote the public key infrastructure, medical Certificate Authority (Health Certificate Authority; HCA),medical personnel cards, medical institutions cards and in the Republic of China 93 March 3 Notice "medical institutions to implement electronic medical records Guidelines" Act [2]. The
third point that, "electronic documentation production, preservation of records, should be through the Department of Health Medical Certificate Authority issuing certificates of medical personnel card or medical institution card making, and provides electronic medical records using the medical personnel card to sign, record the time of signature, shall not remove, electronic medical records should be kept a record of changes to medical personnel card pin to modify the part of the sign, and record the time of signature.
II. XML Security
XML is proposed in 1998 by the W3C, XML is a markup language, using nested tag syntax to build custom tags and attributes file, a XML document, the root element (root element) contains several elements in( element) and attributes (attributes).
In an open network environment, send XML file is very dangerous and not safe.
To ensure the safety of XML document exchange and transmission; a result, many experts and scholars on XML security practices, W3C XML Security will be divided into XML Encryption (Encryption) [9], XML Digital Signature (Digital signature) [10]
and XML Access Control (Access Control) [7] and so on.
2-1 XML Encryption
Traditional encryption methods can only do on a first encrypt the whole
document, not part of the document to do encryption, and can not use a different file for each part of the secret key to do encryption; in e-business environment on the more prosperous the traditional the use of encryption technology has been
limited, in order to solve this problem, W3C in September 2000 formed a team of XML encryption, allowing users to more easily use XML encryption, and encrypted content can be a document, an element a sub-element or an attribute value.
Figure 1 XML Encryption, XML Encryption description labels in Table 1 [9].
Figure 4 Structure of Electronic Medical Records
Figure 1 XML Encryption schema example Table 1 XML Encryption element content description
Element Narrative Description
EncryptedData xmlns XML file references the name of the space
Type INA quoted the definition of good style
CipherData All encrypted information packages for this tag.
CipherValue Plaintext encrypted content generated.
EncryptionMethod Encryption algorithm used to use Xpath way to describe.
Ds: keyInfo Key information.
Ds: keyName Name of the corresponding key.
2-3XML digital signature
The traditional signature is Chaum and vanHeyst introduced in 1991 [8], the limit is the same document, the signatories can not be responsible for some of the contents of the signature. Lu and Chen [7] proposed the idea of using XML and
Wu proposed meet the practical approach, so that users can customize the scope of separate files, so that the signing of a document more flexible.
W3C in December 2000 formed the theme of an XML signature team, the team to collect opinions from all sides, through the introduction of XML signature mark to discuss methods and standards.
An XML signature file structure shown in Figure 2, <Signature> tag is used to package the signature information, <SignedInfo>markup contains signature information, such as: treatment summary, signature method, hash digest algorithm methods used (such as SHA-1, MD5, etc.), hash digest value, the
location of signature elements of the corresponding reference. Users can for part of the signature, Yuzuo XML signature, first of all need to do the message hash algorithms, hash digest algorithm described in <DigestMethod> tag, hash digest is described in <DigestValue>mark, the signature part of the content corresponding to the uniform resource identifier (Uniform Resource identifer; URI) marking
<Reference> describes, the next to the private key of the hash message digest is encrypted, the resulting ciphertext stored in <SignatureValue>, the private key The information stored in <KeyInfo> tags, XML-DSigtags shown in Table 2.
Figure 2 XML Signature schema example Table2 XML Signature structure description
Elements Narrative Description
Signature WholeXMLdocument root node.
SignedInfo Signature required
information, such as the message digest,
signature method and producing the message digest value and so on.
CanonicalizationMethod
In the signature before removing blank on abstracts and line break to make it into a
standard format, in order to prevent validation errors generated.
SignatureMethod XMLsignature algorithm to use records.
DigestMethod Recordedcontent throughXMLsignature hash message digest algorithm.
DigestValue Summary of the contents of the store.
Reference Describe the signature of the corresponding part of the article location (URI).
2-4 ML the type of electronic signature mode
XML signature method of packaging under the following three types of models:
1. Enveloped Signature:signature of such practice is wrapped in <Signature>
tag, an XML file can have multiple XML signature. Figure 3 (a) below.
2. Enveloping Signature:Signature wrap the data was signed; approach is to add a root element <Signature> will need to be a seal of the packet with the message body and signature. Figure 3 (b) below.
3. Detached Signature:signature to be signed with the contents of open and, in the way of signature to use the reference signature of the contents of
packages recently, and use the signature reference URI to point out is the location of the original data storage. Figure 3 (c) below.
Figure 3 XML signature types chart
Participation. Signature electronic medical records, medical roles and responsibilities
Electronic medical records electronic medical records from the data structure, the role of electronic medical records and medical responsibilities between mode of electronic medical records produced the distinction. According to structural characteristics of electronic medical records in terms of medical history
information is a tree structure, such as a medical record with demographic data, diagnosis of a physician prescription. The pattern of medical records from the hospital to distinguish: there is outpatient, emergency, hospital medical records of the three types of common electronic medical record of a patient is a physician's diagnosis, medical testing reports, pharmacists and other pharmaceutical
confirmed; emergency medical record shows that many physicians are
consultation, the number of copies of inspection reports, formatted Assessment Scale, and observation; medical records often contain more number of parts shown in Figure 4, the number of physicians may be combined record of diagnosis and prescription and your doctor, nurse 24 hours three shifts a day per person will in turn take care of the patient care record record, medical testing reports,
dispensing pharmacists, nutritionists formula, psychological counseling, social workers, which will be recorded in the medical records of patients. Before
discharge, by a physician is responsible for (each hospital may have different branch of the different management models, the attending physician or other physicians, etc.) are summarized in a "medical discharge summaries."
Figure 4 Structure of Electronic Medical Records 3-1 Role and Services
Health care operations in accordance with the role of different professional and responsible business different, have different permissions and authority to write electronic medical records. If doctors only write to take care of the patient diagnosis, prescription and other information, the nurses take care of the patient care is only written records and other information, a medical testing only write permissions and other inspection reports. Check permissions to read electronic medical records by health care management strategies may be different and have different management style to read, such as doctors and nurses taking care of patients may have to read all the information.
Retrieve medical information from the U.S. media working group and report generation [5] The pattern of health care documents, medical information retrieval methods that have handwriting input, voice input, PC input, document imaging, medical equipment acquisition, clinical imaging ( Video, X-rays,
Ultrasound, nuclear), and the report generated methods are handwritten documents, sound recordings, speech-recognition, computer click, computer keyboard, light pen and mouse input, scanning documents, optical character recognition in Figure 5 said.
Figure 5 reports of medical information retrieval methods and a relationship map
Application of XML encryption / signature ensures the transmission and processing of medical information integrity and transaction non-repudiation mechanism. To protect patient privacy, electronic medical records according to their differences in structure, content of different medical information, medical roles different types of medical records generated by different XML signature technology can be applied to solve different types of electronic information signature. Table 3:
Table 3 medical role compared with the electronic medical record data types
Role Types of medical services
Data types
MD Primary
diagnosis of a primary diagnosis 2
Text-based report, scale
Nurse Administration, injections, vital signs
Text, numerical reports, inventory
Medical testing
Inspection reports, images, ECG, X-rays, ultrasound ...
reports
Text, numeric, multi-media type, file type report Pharmacists Pharmacy
modulation
Text, numerical report
Dietitian Food recipes Text-based report, scale
Social workers
Psychological counseling
Text-based report, scale
System administrator
Information Systems Management
To a physician from the A and B physician referral XML signature by electronic medical records were an example XML signature way. An electronic medical record basic information will be patient, A physician only to the original medical records a diagnosis and management of his signature for some, B MD 2, only the original medical records of his own diagnosis and management of part of the signature is responsible, a copies of medical records is structured as follows:
Figure 6 XML Enveloped Signature signature diagram of electronic medical records
The XML encryption / signature file is shown in Figure 6, diagram, XML encryption as shown in Figure 7, the electronic medical record contains the signatures of two doctors, in particular to illustrate the XML encryption and decryption referral hospitals and referral number will not be encryption. In other words, referral
hospitals and medical record numbers to express delivery, to show the encryption and the encryption of XML documents is not the difference. Cover the entire XML Signature XML Encryption, a longer length of occupancy information, we will be XML Signature also to Figure 8 shows the contents of an XML signature.
Figure 7 A two physicians XML signature encrypted files
<Hospital ID> record of the Uniform Code of medical institutions, the sources pointed out that the referral hospital, <ReferralID> record of referral hospitals and referral tracking number. XML Encryption structure hidden important
information: patient information and diagnosis of two physicians, prescription, time signature and the signature information. <EncryptedData> is the cipher text district information, including encryption, encryption parameters <CipherData>
and ciphertext <CipherValue> so. Ciphertext types of documents declassified in the receiver, you can restore the original plaintext Figure 8:
Figure 8, the contents of the referral XML electronic signature
One<Signature> UECBMHVibGluM ... </ Signature> XML Signature records the contents of the referral, as shown in Figure 9:
Figure 9, the contents of the referral XML electronic signature
XML Signature <SignedInfo>, <CanonicalizationMethod> XML signature processing summary, the original XML signature processing Method is defined in the URL:
http:// ww w.w3.org / T R/2001 / RE C-xml-c14n-20010315; <SignatureMethod> record signature algorithm, the original XML signature processing Method is defined in theURL: http://www.w3.org/2000/09/xmldsig # rsa- sha1; <Reference> signature corresponding to the reference position, <DigestMethod> recorded message digest algorithm, http://www.w3.org/2000/09/ xmldsig # sha1 digest algorithm recorded the original set; <DigestValue> hash algorithm after the message digest value.
<SignatureValue> Record the signature algorithm for the signature value. <Keyinfo>
Is the signature using the public key information, <KeyValue> tag value is to use public key RSA exponentiation, <X509SubjectName> tag is issued Certificate
Management Center user name, <X509IssuerSerial> tags and <X509IssuerName>tag is the certificate issuer name and serial number, <X509Certificate> label is X.509 certificate format representation, it records the user certificate information. An
electronic medical records in several signature, signature and the emergence of XML will be repeated several times.
Wantonly. Discussion
Described using the XML signature syntax to do electronic signature, the
signature does not reject the traditional technology, but e-signature technology to the traditional object model and XML syntax of the combination. XML Signature with XML syntax tree data structure, which makes the XML signature syntax to deal with a traditional signature files can not handle some of the XML signature and a signature can use different keys do different signature issue.
Because the structure of XML signature, there are three types, Enveloped Signature, Enveloping Signature, Detached Signature, we analyze the following three types of XML signatures that the relationship between law and order electronic medical records as follows:
Table 6 XML signature and electronic medical records compare properties
Signature electronic medical records
Kinds of data
Envelope d
Envelopin g
Detache d
Text-based report
Numeric report
File Type Report
Graphic images
Media type
As can be seen from Table 6 general text type and numeric suitable Enveloped Signature and Enveloping Signature signature structure for the image file, multimedia-based methods such as electronic medical records are attached information are more suitable Detached Signature of the structure is used for signature .
Table 7 XML signature and electronic signature comparison chart
Medical record signature requirements
Envelope d
Envelopin g
Detache d
Single sign
Full text
Part of the file
Multi signe d
Co- signature
△ △
Electronic signature from the signature characteristic way in terms of electronic medical records, electronic medical record if a situation requires only a signature, then the Enveloped Signature, Enveloping Signature, Detached Signature can use all three types of XML signatures; if an electronic medical records needs is more than a common way of signature is Detached Signature can be applied to a common signature. Comparing Table 6 and Table 7 we get a conclusion, Detached
Signature approach can be applied to electronic medical records of all data types with a single sign, the use of multi-signed, is worth to research and development model.
Wu. Conclusion
Medical institutions to a traditional paper medical records transferred to a fully paperless electronic medical record difficult point is the more difficult the larger the hospital size, hospital medical records of more the longer the more
intractable, the earlier the more the hospital information technology difficult to convert medical records, hospital medical equipment, the more difficult types tend to have the old.
From the Department of Health "Medical Guidelines sector that electronic medical records" requirement of electronic medical records system to be tampering with the Fang Zhi Zhi and Shi Yong rights management features in terms of control mechanisms, this research uses XML data Geshichuli electronic medical records, Wei Lai can be easily and HL7 version 3 Shenkao information model (Reference Information Model; RIM) [12], and the W3C, OASIS organization defined by combining a number of ways. Such as: XML Access Control Markup Language (Extensible Access Control Markup Language; XACML) [6], Web Service and other integration, build a complete electronic medical records exchange system.
Lu. References
1. Department of Health, Department of Health Medical Certificate Authority certificate standard, and 92 years on May 21, the first edition.
http://hca.doh.gov.tw/
2. Zhang sound, Zhao Jianming, Lai Kai Song, Xie Jiangqing, Tse-Sheng Chen, Tam group, Yang Zequan (2001), "Build a PC / SC based small-scale test of electronic medical information security," the International Medical
Informatics 2001 MIST2001 Symposium proceedings, Republic of China Society of Medical Informatics, the first 114-119 pages.
3. Zhang sound, Lai Kai Song, Zhao Jianming, Liu Choi, Chan Po Chu, Xie Jiangqing (91), the "medical referral inspection, disease reporting and the integration of National Health Insurance IC card application," Department of Health, 91 hospitals reported the results of electronic medical records .
4. Lai River Song, Han Liang, Zhang sincere book (October 2001), modern cryptography and its applications, second edition, Taipei: Chung-Computer, published nine brush.
5. Consensus Workgroup on Health Information Capture and Report generation (June 2002),
"Healthcare Documentation: A Report on information Capture and Report generation".
6. OASIS Standard (Feb. 2003), XACML 1.0 Specification Set, http://www.
oasis-open.org / committees / XACM L
7. TCWu, CCHwang, and DJGuan (2001), "Delegated multisignature scheme with document decomposition," The Journal of Systems and Software, vol.55, pp.321-328.
8. T. Hardjono and Y. Zheng (1993), "A practical digital multisignature scheme based on discrete logarithms," Advances in Crypto-AUSCRYP '92, pp.122-132.
9. W3C (Dec 2002), "XML Encryption Syntax and Processing.", W3C Candidate Recommendation, http://www.w3.org/TR/2002/CR-xmlenc-core-20020802/
10. W3C (Feb 2002), "XML Signature Syntax and Processing.", W3C Recommendation,.
http://www.w3. org / TR/2002/REC-xmldsig-core-20020212 /
11. http://www.hipaa.org/
12. http://www.hl7.org/
![Figure 1 XML Encryption, XML Encryption description labels in Table 1 [9].](https://thumb-ap.123doks.com/thumbv2/9libinfo/7393180.99499/3.892.132.480.470.933/figure-xml-encryption-xml-encryption-description-labels-table.webp)
