Korean Ministry of Health Welfare is planning for telemedicine system in order to prepare for upcoming ubiquitous clinical environment. Telemedicine system implies overcoming a limitation of time and space from patient perspective. However, such attempts are encountered with strong opposition from medical community as we experienced in the previous implementation of the Act for Separation of Drug Prescription and Dispensing. One of the reasons for strong opposition is insufficient security policy for personal clinical information during telemedicine service. In addition, small hospitals fear that telemedicine may cause a strain toward large hospitals.
Purpose of this study was to develop a security model for telemedicine system using a cloud-based network in order to strengthen a capacity of small hospitals and to protect against illegal access to patient information. Specifically, hypothetical telemedicine cluster environment was constructed for regional hospitals in Gyunggi-do and defensive cooperative security model was designed using information sharing between systems and authentication methods in order to protect against illegal information collection attack under ubiquitous clinical environment in the future.
In this study, a security model was developed to defend against a high level hacking technique such as IP Spoofing which uses DDoS attack. First, an authentication was used to screen an unauthorized access using trace-back information. Second, user information was analyzed for authorizing access of clinical information. Finally, active defensive cooperative model was developed to defend against illegal attack and to increase service usability using mutual invasive information sharing between systems and authentication methods for telemedicine cluster.
Emerging cluster computing environment requires ubiquitous clinical environment using the internet of things (IoT) and security model to protect against illegal information disclosure and to increase service usability.
This study shed a light on meeting a variety of needs for medical staffs by providing clinical information based on simulation model with authentication procedure.