%0 Journal Article
%@ 0148-5598
%A Masi, Massimiliano
%A Pugliese, Rosario
%A Tiezzi, Francesco
%D 2012
%F eprints:1561
%I Springer
%J Journal of Medical Systems
%K Healthcare Applications, Electronic Health Records, Medical Records Storage and Retrieval, Data Security, Authentication, Model Checking
%N 6
%P 3695-3711
%T Security Analysis of Standards-Driven Communication Protocols for Healthcare Scenarios
%U http://eprints.imtlucca.it/1561/
%V 36
%X The importance of the ElectronicHealth Record (EHR), that stores all healthcare-related data belonging to a patient, has been recognised in recent years by governments, institutions and industry. Initiatives like the Integrating the Healthcare Enterprise (IHE) have been developed for the  definition of standard methodologies for secure and interoperable EHR exchanges among clinics and hospitals. Using the requisites specified by these initiatives, many large scale projects have been set up for enabling healthcare professionals to handle patients’ EHRs. The success of applications developed in these contexts crucially depends on ensuring such security properties as  confidentiality, authentication, and authorization.  In this paper, we first propose a communication   protocol, based on the IHE specifications, for authenticating healthcare professionals and assuring  patients’ safety. By means of a formal analysis  carried out by using the specification language  COWS and the model checker CMC, we reveal a security flaw in the protocol thus demonstrating that to simply adopt the international standards does not guarantee the absence of such type of flaws. We then propose how to emend the IHE  specifications and modify the protocol accordingly.  Finally, we show how to tailor our protocol for application to more critical scenarios with no assumptions on the communication channels. To demonstrate feasibility and effectiveness of our protocols we have fully implemented them.