I am not a goldfish in a bowl: A privacy preserving framework for RFID based healthcare systems

Abstract

RFID has received considerable attention within the healthcare for almost a decade now. The technology's promise to efficiently track hospital supplies, medical equipment, medications and patients is an attractive proposition to the healthcare industry. However, the prospect of wide spread use of RFID tags in healthcare has also triggered discussions regarding privacy, particularly because RFID data in transit may easily be intercepted. In a nutshell, this technology has not really seen its true potential in healthcare since privacy concerns raised by the tag bearers are not properly addressed by existing protocols and frameworks. The two major types of privacy preservation techniques that are required in an RFID based healthcare are: 1) a privacy preserving authentication protocol is required while sensing RFID tags for different identification and monitoring purposes 2) a privacy preserving access control mechanism is required to restrict unauthorized access of private information while providing healthcare services using the tag ID. In this paper, we propose a component based framework (PriSens-HSAC) that makes an effort to address the above mentioned two privacy issues. To the best of our knowledge, this is the first framework to provide better privacy in RFID based healthcare systems, using authentication and access control technique. © 2012 IEEE.