A comprehensive RFID solution to enhance inpatient medication safety

Errors involving medication administration can be costly, both in financial and in human terms. Indeed, there is much potential for errors due to the complexity of the medication administration process. Nurses are often singled out as the only responsible of these errors because they are in charge of drug administration. Nevertheless, the interventions of every actor involved in the process and the system design itself contribute to errors (Wakefield et al. (1998) [23]). Proper inpatient medication safety systems can help to reduce such errors in hospitals. In this paper, we review in depth two recent proposals (Chien et al. (2010) [7]; Huang and Ku (2009) [12]) that pursue the aforementioned objective. Unfortunately, they fail in their attempt mainly due to their security faults but interesting ideas can be drawn from both. These security faults refer to impersonation and replay attacks that could produce the generation of a forged proof stating that certain medication was administered to an inpatient when it was not. We propose a leading-edge solution to enhance inpatient medication safety based on RFID technology that overcomes these weaknesses. Our solution, named Inpatient Safety RFID system (IS-RFID), takes into account the Information Technology (IT) infrastructure of a hospital and covers every phase of the drug administration process. From a practical perspective, our system can be easily integrated within hospital IT infrastructures, has a moderate cost, is very ease to use and deals with security aspects as a key point.This work was partially supported by the Netherlands Organization for Scientific Research (NWO) under the RUBICON grant "Intrusion Detection in Ubiquitous Computing Technologies" awarded to Aikaterini Mitrokotsa.Publicad

Probabilistic yoking proofs for large scale IoT systems

Yoking (or grouping) proofs were introduced in 2004 as a security construction for RFID applications in which it is needed to build an evidence that several objects have been scanned simultaneously or, at least, within a short time. Such protocols were designed for scenarios where only a few tags (typically just two) are involved, so issues such as preventing an object from abandoning the proof right after being interrogated simply do not make sense. The idea, however, is very interesting for many Internet of Things (IoT) applications where a potentially large population of objects must be grouped together. In this paper we address this issue by presenting the notion of Probabilistic Yoking Proofs (PYP) and introducing three main criteria to assess their performance: cost, security, and fairness. Our proposal combines the message structure found in classical grouping proof constructions with an iterative Poisson sampling process where the probability of each object being sampled varies over time. We introduce a number of mechanisms to apply fluctuations to each object's sampling probability and present different sampling strategies. Our experimental results confirm that most strategies achieve good security and fairness levels while keeping the overall protocol cost down. (C) 2015 Elsevier B.V. All rights reserved.This work was supported by the MINECO Grant TIN2013 46469 R (SPINY: Security and Privacy in the Internet of You)

CRYPTANALYSIS AND ENHANCEMENT OF TWO LOW COST RFID AUTHENTICATION PROTOCOLS

ABSTRAC

Security protocols for EPC class-1 Gen-2 RFID multi-tag systems

The objective of the research is to develop security protocols for EPC C1G2 RFID Passive Tags in the areas of ownership transfer and grouping proof

Arquitectura de segurança para a prestação de serviços de saúde em mobilidade

Dissertação de mestrado integrado em Engenharia de ComunicaçõesO crescente custo associado ao tratamento de pacientes leva à sua relocação para o próprio domicílio. Esta relocação conduz à necessidade de uso de ferramentas automatizadas permitindo a diminuição dos erros que a mesma acarreta. O uso de Radio Frequency Identi cation (RFID) permite não só a identi cação dos medicamentos como também de pacientes, médicos, enfermeiros e qualquer outro tipo de prestador de cuidados de saúde. A combinação do uso de identi cação de etiquetas RFID com soluções Internet of Things (IoT) bem estruturadas e seguras permite um acesso fácil e ubíquo a registos médicos, oferecendo em simultâneo controlo e segurança a todas as interacções. Nesta dissertação é de nida uma arquitectura de segurança, facilmente implementável em plataformas móveis, que permite o estabelecimento e gestão de um serviço de prescrições médicas, num contexto de mobilidade usando Registo Pessoal de Saúde (PHR) electrónico. Esta arquitectura de segurança tem como objectivo o uso com uma aplicação móvel de saúde (M-Health) através de um interface simples e intuitivo, suportado pela tecnologia RFID. Esta arquitectura, capaz de suportar interacções seguras e autenticadas, vai permitir uma fácil implementa ção de aplicações M-Health. É apresentado o caso especial de administração de medicamentos e o sistema controlo de medicação ubíqua, de acordo com o contexto da IoT. A arquitectura de segurança e os seus protocolos, juntamente com o serviço seguro Ambient Assisted Living (AAL) para controlo de medicação, são analisados no contexto da IoT. De forma a veri car a exequibilidade dos protocolos e da arquitectura de segurança, foram implementadas aplicações protótipos ( xas e móveis) que permitem veri car o funcionamento total do sistema. Foram ainda efectuados alguns testes de segurança e desempenho para veri car a usabilidade de todo o sistema.The increasing healthcare costs leads to their relocation to their own homes. This leads to the need of automated tools allowing the decrease errors that this entails. The use of Radio Frequency Identi cation (RFID) technology allows not only drug identi- cation, but also identi cation of patient, physicians, nurses or any other healthcare giver. The combination of RFID tag identi cation with structured and secured Internet of Things (IoT) solutions allows an ubiquitous and easy access to medical records, while providing control and security to all interactions. In this thesis is de ned a security architecture, easily deployable on mobile platforms, which would allow to establish and manage a medication prescription service in mobility context, making use of electronic Personal Health Record (PHR). This security architecture is aimed to be used with a mobile e-health application (M-Health) through a simple and intuitive interface, supported by RFID technology. This architecture, able to support secured and authenticated interactions, will enable an easy deployment of m-health applications. The special case of drug administration and ubiquitous medication control system, along with the corresponding IoT context, is presented. The secuirity architecture and its protocols, along with a general Ambient Assisted Living (AAL) secure service for medication control, is then analyzed int the context of IoT. To verify the architecture and protocols implementability, they were deployed prototype applications (Fixed and mobile) allowing the veri cation of the whole system operating. They were also made some security and performance tests allowing system usability veri cation

Distributed Group Authentication for RFID Supply Management

We investigate an application of Radio Frequency Identification (RFID) referred to in the literature as group scanning, in which an RFID reader device interrogates several RFID tags to establish “simultaneous” presence of a group of tags. Our goal is to study the group scanning problem in strong adversarial settings and show how group scanning can be used in distributed applications for supply chain management. We present a security framework for group scanning and give a formal description of the attending security requirements. Our model is based on the Universal Composability framework and supports re-usability (through modularity of security guarantees). We propose two novel protocols that realize group scanning in this security model, based on off-the-shelf components such as low-cost (highly optimized) pseudorandom functions, and show how these can be integrated into RFID supply-chain management system

TECHNOLOGIES INVOLVED IN THE PROMOTION OF PATIENT SAFETY IN THE MEDICATION PROCESS: AN INTEGRATIVE REVIEW

This study sought to identify technologies existing in the literature and their use in promoting patient safety in the medication process. An integrative review was performed in the following databases: Latin American and Caribbean Health Sciences Literature, Medical Literature Analysis and Retrieval System Online, Spanish Bibliographic Index of Health Sciences, Nursing Database, PubMed Central, Cumulative Index to Nursing and Allied Health Literature, Web of Science and SciVerse Scopus, including articles published between 2013 and 2017. Twenty international articles composed the final sample, ten (50%) published in the year 2014. Eleven technologies were identified, with prevalence of four regarding prescribed steps (36.3%) and four regarding drug administration (36.3%), with the technologies most investigated being: Radio Frequency Identification, Computerized Physician Order Entry and Bar-Code- Assisted Medication Administration.Este estudo buscou identificar na literatura as tecnologias existentes e seu uso na promoção da segurança do paciente no processo de medicação. Trata-se de uma revisão integrativa realizada nas bases de dados: Literatura Latino-Americana e do Caribe em Ciências da Saúde, Medical Literature Analysisand Retrieval System Online, Índice Bibliográfico Espanhol de Ciências da Saúde, Base de Dados de Enfermagem, PubMed Central, Cumulative Index to Nursing and Allied Health Literature, Web Of Science e SciVerse Scopus, abrangendo artigos publicados entre 2013 e 2017. Vinte artigos internacionais compuseram a amostra final, sendo dez (50%) publicados no ano de 2014. Onze tecnologias foram identificadas, com prevalência das etapas de prescrição quatro (36,3%) e administração de medicamentos quatro (36,3%), sendo as tecnologias mais abordadas: Radio Frequency Identification, Computerized Physician Order Entry e Bar-Code-Assisted Medication Administration.Este estudio tuvo el propósito de identificar, en la literatura, las tecnologías existentes así como su uso en la promoción de seguridad del paciente en el proceso de medicación. Es una revisión integrativa realizada en las bases de datos: Literatura Latinoamericana y de Caribe en Ciencias de la Salud, Medical Literature Analysisand Retrieval System Online, Índice Bibliográfico Español de Ciencias de la Salud, Base de Datos de Enfermería, PubMed Central, Cumulative Index to Nursing and Allied Health Literature, Web Of Science y SciVerse Scopus, abarcando artículos publicados entre 2013 y 2017. Veinte artículos internacionales hicieron parte de la muestra final, siendo diez (50%) publicados en el año de 2014. Once tecnologías fueron identificadas, con predominancia de las etapas de prescripción, cuatro (36,3%), y administración de medicamentos, cuatro (36,3%), siendo las tecnologías más abordadas: Radio Frequency Identification, Computerized Physician Order Entry yBar-Code-Assisted Medication Administration

Security Analysis of Niu et al. Authentication and Ownership Management Protocol

Over the past decade, besides authentication, ownership management protocols have been suggested to transfer or delegate the ownership of RFID tagged items. Recently, Niu et al. have proposed an authentication and ownership management protocol based on 16-bit pseudo random number generators and exclusive-or operations which both can be easily implemented on low-cost RFID passive tags in EPC global Class-1 Generation-2 standard. They claim that their protocol offers location and data privacy and also resists against desynchronization attack. In this paper, we analyze the security of their proposed authentication and ownership management protocol and show that the protocol is vulnerable to secret disclosure and desynchronization attacks. The complexity of most of the attacks are only two runs of the protocol and the success probability of the attacks are almost 1