高安全性電子公共衛生服務 - 遍佈式全域遠距健康照護平台之實作

Abstract

本論文的目的在於建立一套提供電子公共衛生(e-Healthcare)服務的遍佈式遠距健康照護平台(Pervasive Telemonitoring Station)，由於近年來電子病歷(Electronic Medical Record)的崛起，伴隨著醫療資訊的相關議題產生，若健康照護平台普及化後，使用者隨時隨地能夠在公開的場所檢測自己的健康資訊，並傳輸到一個被信任的醫學資料中心保存，留待當作日後就醫診斷的重要依據，如此一來，如何安全的傳輸與保存使用者的個人病歷資料就是其中一項很重要的議題。因此，本篇論文實作健康照護平台所解決的問題，最重要的，就是讓使用者可以使用自己的健保卡或相關可辨識個人的憑證，舉例來說，自然人憑證，使用在公共場所設立的健康照護平台進行健康資訊檢測，達到在公開的環境下利用公共的設備與遠端醫學中心電子病歷系統做安全的私人資料傳輸與保存。本機制所要實現的重點主要在於 (一) 使用者認證 (User Authentication) (二) 使用者授權 (User Authorization) (三) 安全傳輸 (Secure Transmission)，為此，要考量到健康照護平台與電子病歷系統雙方面的安全與傳輸機制，包含兩者的雙向認證與授權，再者，傳輸的資料也要做到保護，以不被惡意第三方竊取為最大原則。

The purpose of this thesis is to implement a pervasive telemonitoring station providing e-Healthcare services. We implement a system for e-Healthcare telemonitoring station to transfer the data securely to a medical center running with Electronic Personally controlled Health Record system (EPHR system). Due to the rising of the Electronic Medical Record (EMR) related services these years, come along with some medical data issues. If the e-Healthcare telemonitoring station become universal, users can measure the health information him/herself everywhere in a public place, and transfer the information diagnosed to a trusted medical data center for saving and seeking medical advices later on, thus, how to transfer and save user’s medical information securely are crucial issues. Therefore, the most important problem we solved in this implementation is to let users use their health IC card or some personal certificate, such as citizen digital certificate, to access the e-Healthcare telemonitoring station and measure their health information in public and also transfer the private personal health data securely to an EPHR system via public equipment. In summary, we need to focus on (1) User Authentication (2) User Authorization and (3) Secure Transmission, which are considerations of mutual security and data transporting within the e-Healthcare telemonitoring station and the EPHR system, including authentication and authorization as well. Besides, we also need to protect the transport data to to be wiretapped.