Long-term verifiability of healthcare records’ authenticity This is an HTML working draft that led to an article publication. A reference to this work should always be done using the following citation: Dimitrios Lekkas, Dimitris Gritzalis, "Long-term verifiability of healthcare records authenticity", In IMIA Working Conference on Security in Health Information Systems, Dijon, France, (April 2006) This material is presented to ensure timely dissemination of research and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by all the copyright holders. In most cases, these works may not be reposted or distributed without the explicit permission of the copyright holders. Long-term verifiability of healthcare records authenticity Dimitrios Lekkas 1 and Dimitris Gritzalis 2 1 Dept. of Product and Systems Design Engineering, University of the Aegean Syros GR-84100, e-mail: dlek@aegean.gr 2 Information Security and Critical Infrastructure Protection Research Group Dept. of Informatics, Athens University of Economics and Business (AUEB) 76 Patission Ave., Athens GR-10434, e-mail: dgrit@aueb.gr Abstract The paper deals with the long-term validation of the authen-ticity of electronic healthcare records (EHR). Although the attributes of data authenticity, i.e. integrity and origin ve-ri-fi-a-bi-lity, can be pre-served by digital signatures, the necessary period for the re-ten-tion of EHR is far beyond the lifespan of a simple digital signature. This lifespan is restricted by the va-li-di-ty period of the re-le-vant keys and the digital certi-fi-ca-tes, by the future unavailability of signa-tu-re-verification data, and by suppression of trust relationships. In this paper, the notariza-ti-on paradigm is exploited, and a mec-hanism for cumulative notarization of signed EHR is propo-sed. The paper proposes a suc-ces-sive trust transition towards new entities, modern technologies, and refreshed data. According to the paper, a future relying par--ty will have to trust only the information provided by the last no-ta-ry, in order to verify the va-li--dity of the initially signed EHR, thus eliminating any dependency on ceased en-ti-ti-es, obsolete data, or weak old technologies. Keywords file:///C|/Documents and Settings/dlek/My Documents/Papers/IMIA_longterm/2006IMIA.htm (1 of 10)15/9/2006 11:43:50 ••