Smart cards should have keypads and beepers

Increasingly, computers are used to write pharmaceutical prescriptions and other medical documents. In most cases, the “signing” of these documents is a sad affair involving some simple checking of checkboxes and clicking of buttons. The application usually takes it from there, attesting to anyone willing to believe it that the logged on user (whoever that may be in reality) clicked the click and thereby took responsibility for the whole thing.

In more sophisticated systems, an actual digital signature is applied to the prescription. If we’re lucky, it’s also done in the right way (except I’ve never heard of a system doing it right), with digital signatures. If we’re even more lucky, that digital signature is not kept on the computer, a floppy, a USB flash memory or a dumb card (a magnetic stripe card or memory card), but on a smart card with microprocessor. But even then, we’re far from safe.
Continue reading “Smart cards should have keypads and beepers”

The Semantics of Signing

When we apply a digital signature to a data structure, we only apply it to the data actually present in the structure. But most of that data is only meaningful in relation to external data tables, and used with certain applications, which can change without influencing the signature on the data structure. This is a serious problem in many application areas, but in none as much as in medical informatics.
Continue reading “The Semantics of Signing”

Medical data communication systems, next generation

A discussion of how future medical information communication systems could be built for maximum security and openness. Multiple actors do want and need access to the architecture so they can freely select components to fit into the architecture. These components can be conversion engines and scripts, maintenance systems, encryption and signature systems, and communication links.

Those medical institutions, labs and care providers that have moved over to computerized medical records usually are able to send requests, reports and other communications to each other using computer networks. Often, this is done by third party systems that centralize the conversion of the data. These third parties usually also provide the communication infrastructure and the necessary client applications, but it’s a cultural thing, so it varies a bit from country to country. For a number of reasons, I do think the time has passed for these third parties, even though they’ll probably be in business for a while longer. Nothing in medical computing changes very quickly.
Continue reading “Medical data communication systems, next generation”

Authenticating transactions, not people

Two-factor authentication using hardware tokens to log on to internet banking sites (among other things) is intended to make banking over the Internet more secure. It turns out that it isn’t as great as it seems to be on first blush. Bruce Schneier has talked about this problem several times. Why is this problem so difficult?
Continue reading “Authenticating transactions, not people”

Proving membership online

If you’re a member of some organization, or have some certification that entitles you to sign up for services somewhere, you need to be able to prove that you have that credential somehow. In real life, you’d carry a plastic card issued by a reliable organization and that you could flash in the face of whomever needs to see it. But how do you do this in the Etherworld?
Continue reading “Proving membership online”

Microsoft’s logon model problem

After using Windows in one version or another for many years, I got myself an Apple iBook just three months ago. I use that iBook for everything I can use it, that is, everything except developing applications, since my customers still are stuck with Windows. What has struck me with the iBook is that working as a non-admin on these machines is absolutely no problem, while it’s an incredible pain in the derriere if you try to do that under Windows.
Continue reading “Microsoft’s logon model problem”