Implementation of RSA 2048-bit and AES 256-bit with Digital Signature for Secure Electronic Health Record Application
Keywords:Electronic Medical Record, Digital Signature, Cryptography, Java Programming
AbstractThis research addresses the implementation of encryption and digital signature technique for electronic health record to prevent cybercrime such as robbery, modification and unauthorised access. In this research, RSA 2048-bit algorithm, AES 256-bit and SHA 256 will be implemented in Java programming language. Secure Electronic Health Record Information (SEHR) application design is intended to combine given services, such as confidentiality, integrity, authentication, and nonrepudiation. Cryptography is used to ensure the file records and electronic documents for detailed information on the medical past, present and future forecasts that have been given only to the intended patients. The document will be encrypted using an encryption algorithm based on NIST Standard. In the application, there are two schemes, namely the protection and verification scheme. This research uses black-box testing and whitebox testing to test the software input, output, and code without testing the process and design that occurs in the system.We demonstrated the implementation of cryptography in SEHR. The implementation of encryption and digital signature in this research can prevent archive thievery.
M. H. Setiawan, “Perancangan secure electronic health record information system (studi kasus: Rumah sakit pusat angkatan darat gatot soebroto),” Bachelor Thesis, Sekolah Tinggi Sandi Negara, 2011.
L. Wilcox, “Using the electronic medical record to keep hospital patients informed,” Sciences, vol. 10, no. 4, 2010.
J. L. Schnipper, J. A. Linder, M. B. Palchuk, J. S. Einbinder, Q. Li, A. Postilnik, and B. Middleton, “smart forms” in an electronic medical record: documentation-based clinical decision support to improve disease management,” Journal of the American Medical Informatics Association, vol. 15, no. 4, pp. 513–523, 2008.
J. Spruell, D. Vicknair, and D. S., “Xxx,” XXX, 2016.
D. Garets and M. Davis, “Electronic medical records vs. electronic health records: yes, there is a difference,” Policy white paper. Chicago, HIMSS Analytics, pp. 1–14, 2006.
B. Kozier, Praktik keperawatan profesional: Konsep dan perspektif. Jakarta, Indonesia: EGC, 2007.
R. Zhang and L. Liu, “Security models and requirements for healthcare application clouds,” in 2010 IEEE 3rd International Conference on Cloud Computing. IEEE, 2010, pp. 268–275.
TS 18308 Health Informatics-Requirements for an Electronic Health Record Architecture, ANSI ISO Std., 2004.
Recommendation for Transition the Use of Cryptography Algorithms and Key Lenghts., NIST Std. NIST Special Publication 800-131A, 2011.
Guideline for Implementing Cryptography In the
Federal Government., NIST Std. NIST Special Publication 800-21A, 2005.
NCH. (2006) Electronic health records overview. Healthcare Information and Management Systems Society. Download on October 15, 2011. [Online]. Available: http://www.himss.org/electronic-health-records-overview-nih-national-ncenter-research-resources
D. T. Mon, “Defining the differences between the cpr, emr, and ehr.” Journal of AHIMA/American Health Information Management Association, vol. 75, no. 9, pp. 74–5, 2004.
WHO, Electronic health records: manual for developing countries. World Health Organization: Manila: WHO Regional Office for the Western Pacific, 2006.
“Peraturan menteri kesehatan republik indonesia nomor 269/menkes/per/iii/2008 tentang rekam medis.”
A. J. Menezes, P. C. Van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography (1992 CRC Press). ISBN, 1997.
S. P. Singh and R. Maini, “Comparison of data encryption algorithms,” International Journal of Computer Science and Communication, vol. 2, no. 1, pp. 125–127, 2011.
Sumarkidjo and et al, “Jelajah kriptologi,” 2007, national Crypto Agency.
W. Stalling, Cryptography and Network Security, 4th ed. Prentice Hall, 2005.
R. Munir, “Otentikasi dan tanda tangan digital,”Departemen Teknik Informatika, Institut Teknologi Bandung., Tech. Rep., 2004.
W. E. Perry, A Standard for Testing Application Software, 1990. Auerbach Publishers, 1989.
G. J. Myers, C. Sandler, and T. Badgett, The art of software testing. John Wiley & Sons, 2011.
W. C. Hetzel and B. Hetzel, The complete guide to software testing. John Wiley & Sons, Inc., 1991.
IEEE Standard Glossary of Software Engineering Terminology, IEEE Std., Dec 1990.
S. McConnell, Code complete. Pearson Education, 2004.
R. S. Pressman, Software engineering: a practitioner’s approach, 7th ed. Palgrave Macmillan, 2010.
Authors who publish with this journal agree to the following terms:
a. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License - Share Alike that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
b. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
c. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
All articles published Open Access will be immediately and permanently free for everyone to read and download. We are continuously working with our author communities to select the best choice of license options, currently being defined for this journal as follows: Creative Commons Attribution-Share Alike (CC BY-SA)