Skip to Main Content
An identification access control mechanism applied in healthcare information systems is proposed to provide users' confidentiality and non-repudiation for any entry. User's confidentiality could be achieved by encrypting users' private identity codes (IDs) such as their social security number or national health insurance code into readable encrypted IDs. The non-repudiation could be achieved by using a challenge-response identification scheme with a healthcare authentication server (HAS) and random numbers. Approximately eight million Taiwanese social security numbers were tested in this study. The experimental results show that the encrypted IDs could support the use of unique characteristics for healthcare researchers' or investigators' statistical analysis.
Date of Conference: 24-26 April 2003