Ollerer Gerald, Mense Alexander
University of Applied Sciences Technikum Wien, Vienna, Austria.
Stud Health Technol Inform. 2014;200:140-5.
Data from personal health devices is expected to be an important part of personalized care in future, but communication frameworks for such data create new challenges for security and privacy. Continua Health Alliance has been very active and successful in defining guidelines and a reference architecture for transmitting personal health device data based on well-known international standards. But looking at the security definitions, the concepts are still facing open issues and weaknesses like identity management or missing end-2end (E2E) encryption. This paper presents an approach for an E2E encryption framework based on Continua's reference architecture and the underlying base standards. It introduces the basic process and proposes necessary extensions to the architecture as well as to the standardized protocols of ISO/IEEE 11073 and HL7 version 2.
个人健康设备的数据有望在未来成为个性化医疗的重要组成部分,但此类数据的通信框架给安全和隐私带来了新挑战。持续健康联盟(Continua Health Alliance)在基于知名国际标准定义传输个人健康设备数据的指南和参考架构方面一直非常积极且取得了成功。但从安全定义来看,这些概念仍面临身份管理或缺少端到端(E2E)加密等未解决的问题和弱点。本文提出了一种基于持续健康联盟参考架构及基础标准的端到端加密框架方法。它介绍了基本流程,并提出了对该架构以及ISO/IEEE 11073和HL7第2版标准化协议的必要扩展。
