A secure heterogeneous mobile authentication and key agreement scheme for e-healthcare cloud systems.

Heterogeneous mobile authentication is a crucial technique to securely retrieve the resource of e-healthcare cloud servers which are commonly implemented in a public key Infrastructure (PKI). Conventionally, a mobile data user can utilize a self-chosen password along with a portable device to request the access privilege of clouds. However, to validate the membership of users, a cloud server usually has to make use of a password table, which not only increases the burden of management, but also raises the possibility of information leakage. In this paper, we propose a secure heterogeneous mobile authentication and key agreement scheme for e-healthcare cloud systems. In our system structure, an e-healthcare cloud server of traditional PKIs does not have to store a password table. A legitimate data user only possesses a security token hardware and keeps an offline updatable password without using any private key. Our scheme is classified into the category of dynamic ID authentication techniques, since a data user is able to preserve his/her anonymity during authentication processes. We formally prove that the proposed mechanism fulfills the essential authenticated key exchange (AKE) security and owns lower computational costs. To further ensure the practical application security, an automatic security validation tool called AVISPA is also adopted to analyze possible attacks and pitfalls of our designed protocol.

A Review of Two-Factor Authentication: Suggested Security Effort Moves to Mandatory.

Two-factor authentication has been available to technology consumers for a long time, and a few years ago businesses and institutions began implementing optional two-factor authentication to improve digital security. Now more universities and hospitals are moving from optional to mandatory two-factor authentication, and employees used to two-factor authentication for their personal digital life must adjust to using two-factor authentication in their work flow. This column will review some of the ongoing and emergent aspects of two-factor authentication to enhance security in an ever-changing digital landscape.

The Need for Identification Cards in Immuno-Oncology 
.

Oncology nurses have worked within the three pillars of cancer care-surgery, chemotherapy, and radiation therapy -for decades. Now, immuno-oncologic (I-O) therapy agents are a new paradigm in cancer treatment. On March 28, 2017, an I-O think tank was held at the Oncology Nursing Society (ONS) in Pittsburgh, PA. This think tank was organized in response to the rapid changes in cancer treatment with the advent of I-O therapies. The think tank appraised the needs of patients receiving these agents and the oncology nurses and healthcare providers caring for them. Seventeen nurse experts from around the country joined seven ONS staff members to discuss the challenges faced by patients receiving these therapies and the nurses who administer the treatments and coordinate the care. 
.

Towards a Cross-domain Infrastructure to Support Electronic Identification and Capability Lookup for Cross-border ePrescription/Patient Summary Services.

Seamless patient identification, as well as locating capabilities of remote services, are considered to be key enablers for large scale deployment of facilities to support the delivery of cross-border healthcare. This work highlights challenges investigated within the context of the Electronic Simple European Networked Services (e-SENS) large scale pilot (LSP) project, aiming to assist the deployment of cross-border, digital, public services through generic, re-usable technical components or Building Blocks (BBs). Through the case for the cross-border ePrescription/Patient Summary (eP/PS) service the paper demonstrates how experience coming from other domains, in regard to electronic identification (eID) and capability lookup, can be utilized in trying to raise technology readiness levels in disease diagnosis and treatment. The need for consolidating the existing outcomes of non-health specific BBs is examined, together with related issues that need to be resolved, for improving technical certainty and making it easier for citizens who travel to use innovative eHealth services, and potentially share personal health records (PHRs) with other providers abroad, in a regulated manner.

Robust and efficient biometrics based password authentication scheme for telecare medicine information systems using extended chaotic maps.

The Telecare Medicine Information Systems (TMISs) provide an efficient communicating platform supporting the patients access health-care delivery services via internet or mobile networks. Authentication becomes an essential need when a remote patient logins into the telecare server. Recently, many extended chaotic maps based authentication schemes using smart cards for TMISs have been proposed. Li et al. proposed a secure smart cards based authentication scheme for TMISs using extended chaotic maps based on Lee's and Jiang et al.'s scheme. In this study, we show that Li et al.'s scheme has still some weaknesses such as violation the session key security, vulnerability to user impersonation attack and lack of local verification. To conquer these flaws, we propose a chaotic maps and smart cards based password authentication scheme by applying biometrics technique and hash function operations. Through the informal and formal security analyses, we demonstrate that our scheme is resilient possible known attacks including the attacks found in Li et al.'s scheme. As compared with the previous authentication schemes, the proposed scheme is more secure and efficient and hence more practical for telemedical environments.

In Case of Emergency - Are ICD-10 Codes Enough?

In an acute emergency, the knowledge of the patient's medical history, allergies, implants, and medication can be crucial. ICD-10 code to document medical diagnoses alone often does not contain enough information. Our comparison of 388 documented diagnoses (ICD-10 codes as well as free text) showed that almost 20% of all coded ICD-10 codes contained less information than the documented free text. Thus, if using ICD-10 codes, free text diagnoses must be a necessary item in the upcoming German Medical Emergency DataSet.