A Security Architecture for Accessing Health Records on Mobile Phones
Using mobile phones to access healthcare data is an upcoming application scenario of increasing importance in the near future. However, important aspects to consider in this context are the high security and privacy requirements for sensitive medical data. Current mobile phones using standard operating systems and software cannot offer appropriate protection for sensitive data, although the hardware platform often offers dedicated security features. Malicious software (malware) like Trojan horses on the mobile phone could gain unauthorized access to sensitive medical data. In this paper, the authors propose a complete security framework to protect medical data (such as electronic health records) and authentication credentials that are used to access e-health servers.