轻量级RFID医疗信息系统安全协议的研究

Security protocols for light-weight RFID-enabled healthcare information system

针对未来医疗信息系统中采用轻量级射频识别(RFID)技术的安全与隐私保护问题,构建了医疗信息系统的通用流程模型,并由此提出了既有安全协议的改进方案.新方案利用业务流程中前导关联信息缩减搜索空间.安全分析表明,新方案能够有效平衡不可追踪性与伸缩性矛盾需求,抗击各类攻击,支持RFID标签复用,且与既有EPC C1G2标准兼容.

In order to address the security and privacy issues for future e-healthcare systems using lightweightRFID（radio frequency identification） technology,a generalized medical processing model is built,and an improvedscheme on existing protocols is thus proposed.In this new scheme,information from the immediate predecessors isfully used to reduce the searching space.Security analysis shows that it can effectively tradeoff the conflicts betweenthe security and scalability,resist all kinds of attacks,support the reuse of RFID tags,and conform to current EPC C1G2 standards.