Web service based sheltered Medi Helper

Abstract

The veracity and secrecy of medical information which is transacted over the Internet is vulnerable to attack. But the transaction of such details is mandatory in order to avail the luxury of medical services anywhere, anytime. Especially in a web service enabled system for hospital management, it becomes necessary to address these security issues. This paper presents a VDM++ based specification for modelling a security framework for web services with non repudiation to ensure that a party in a dispute cannot repudiate, or refute the validity of a statement or contract. This model presents the procedure and technical options to have a secure communication over Internet with web services. Based on the model, the Medi - Helper is developed to use the technologies of WS-Security and WS-Policy, WSRN in order to create encrypted messages so that the Patient's medical records are not tampered with when relayed over Internet, and are sent in a reliable manner. In addition to authentication, integrity, confidentiality, as proposed in this paper security framework for healthcare based web services is equipped with non repudiation which is not inclusive in many existing frameworks. © Springer-Verlag Berlin Heidelberg 2011.