Please use this identifier to cite or link to this item:
Publication type: Conference paper
Type of review: Peer review (publication)
Title: Dokspot : securely linking healthcare products with online instructions
Authors: Lapagna, Kevin
Zollinger, Moritz
Rennhard, Marc
Strobel, Hans
Derché, Cyrille
DOI: 10.21256/zhaw-5000
Proceedings: HEALTHINFO 2018 : the Third International Conference on Informatics and Assistive Technologies for Health-Care, Medical Support and Wellbeing
Conference details: HEALTHINFO 2018, Nice, France, 14-18 October 2018
Issue Date: 2018
Publisher / Ed. Institution: IARIA
ISBN: 978-1-61208-675-0
ISSN: 2519-8491
Language: English
Subjects: Web application security; Microservices; Digital signatures; Passwordless signatures; Healthcare product instructions; Online document management system
Subject (DDC): 005: Computer programming, programs and data
Abstract: Printed instructions for products get replaced more and more by digital versions that are made available over the internet. In safety-sensitive fields such as healthcare products, availability and integrity of these instructions is of highest importance. However, providing and managing instructions online opens the door to a wide range of potential attacks, which may negatively affect availability and integrity. In this paper, dokspot is presented, which is an internet-based service that aims at solving this problem by securely linking healthcare products with online instructions. The key to achieve this is a sophisticated security architecture and the focus of this paper is on the core components of this architecture. This includes a secure workflow to manage online instructions, which prevents, e.g., attacks by malicious insiders. Also, the traditionally monolithic web application architecture was split into role-based microservices, which provides protection even if parts of the system are compromised. Furthermore, digital signatures are utilized to continuously safeguard the lifecycle of online instructions to guarantee their genuineness and integrity. And finally, a passwordless signature scheme is introduced to hide inconvenient extra steps from the users while still maintaining security. Overall, this security architecture makes dokspot highly resistant to a wide range of attacks.
Fulltext version: Accepted version
License (according to publishing contract): Licence according to publishing contract
Departement: School of Engineering
Organisational Unit: Institute of Applied Information Technology (InIT)
Published as part of the ZHAW project: dokspot - Highly Trustworthy Service for Linking Physical Products with Digital Information
Appears in collections:Publikationen School of Engineering

Files in This Item:
File Description SizeFormat 
2018_Lapagna_Dokspot.pdf1.6 MBAdobe PDFThumbnail

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.