Professional Documents
Culture Documents
A New Approach For A Healthcare Network Architectu
A New Approach For A Healthcare Network Architectu
net/publication/228656220
CITATIONS READS
2 3,473
4 authors:
All content following this page was uploaded by Marian Alexandru on 12 November 2014.
Abstract: - The paper presents an original approach for organizing a network that allows hospital actors to manage and
have access to databases remotely and in a secure manner. The architecture, based on the concepts of SONA (Service
Oriented Network Architecture) is designed taken into consideration some important characteristics: scalability,
integration with other existing hospital networks, remote and secure resource access, user friendliness, and complete
data security. This was achieved using two main approaches. The first one was concerned with internal security, being
implemented through user permissions and smartcard token based authentication. The second approach was concerned
with attacks originated outside the network. In order to prevent system penetrations or data interception VPN tunnels
and traffic filters were configured at the edge of each structural component.
Key-Words: Hospital network security, smartcard, Hospital information systems, System architecture
OAM OAM
OAM Server
Internet
Gateway Gateway
different and heterogeneous medical information database server that holds the actual resources. The
systems in order to establish an enterprise hospital client and server sites are interconnected through the
information system, and propose an architecture design Infrastructure component that consists of gateways that
system using digital neural network system in hospital, aggregate outbound traffic from all the sites. This
implemented at a Chinese hospital. No aspects regarding component ensures data security of the traffic passing
the secure access and security of data are introduced. through either public or private networks.
search mechanism allows users to retrieve data based on to organize the information, we have structured it in a
different criteria. We chose the patients’ ID, name and tabbed manner. By clicking the desired button on the
chart number as the possible search options. All of these top of the panel, the user is able to control what
can be used together or individually. The advantage of information is displayed. Each of these buttons
this technique is that if the doctor is familiar with the corresponds to a portion of the patient’s standardized
patient, he can retrieve exactly the data that s/he is chart. One of our goals in the implementation of the
looking for. Another option of the search engine is the software is to maintain a familiar view of the
possibility to control which time period of the patients’ information, thus easing the transition to the digitized
medical history is displayed. Each record in the database system, for the medical staff. Most of them have been
has a corresponding date allowing the system to retrieve using paper charts with a standardized format for many
only part of the entire medical history. The user has the years. Using a different data organization format would
option to choose between the past six months, the last make it very difficult for the digitized system to be
year, past 5 years and the entire life. This offers a high largely accepted. For example, the information from the
granularity in regards to data manipulation on the user first pages of the standardized chart is presented in
part. figure 4, representing the “Visit Details” tab.
The search result is displayed in the form of the
patient name, the user being able to choose between
viewing the patient’s details or medical history. The
patient details window, as seen in figure 3, corresponds
to information found on the first page of the
standardized medical chart. This information includes
demographic data about the patient such as name,
address and citizenship. General medical history records
are also displayed: blood type, RH, allergies, and, for
newborns or young children, the weight at birth and
Apgar score. This allows medical staff to quickly
identify each patient.
The client can also insert data into the system. The the client side to the server-farm side and vice-versa, as
database will update its contents almost instantaneously, well as the logical path between sites. In most cases, the
thus enabling the possibility to access this information connection between the different sites is created through
quickly by other users. For example, other experts from a public network, such as the Internet. There is also the
different hospitals could assist a doctor treating a rare possibility of deploying a private communication
condition as soon as s/he uploads the patient’s backbone, exponentially raising the costs of the system,
information. but offering full control of the data flow. The
Based on the user permissions issued by the Domain architecture was designed to use inter-site
Controller (Active Directory), the user can edit the communication over the Internet.
current chart of the patient in treatment. In order to have The central component of this solution is the use of
full control over the permissions, the system must be encrypted tunnels. This is done by implementing Virtual
aware of the shifts and the on-call doctors. To ensure the Private Networks (VPNs) between gateways. By
system’s flexibility, the administrative personnel have communication through VPNs, we can ensure that data
the possibility to input the entire schedule of the hospital passes in an encrypted way through the public data
in a separate database. In conjunction with this database, network. VPN technology deploys its own Certificate
the Domain Controller assigns the necessary Authority on the VPN server. This server is located on
permissions to each member of the hospital staff. This is the same site as the Domain Controller and databases,
done in order to increase security in the system and to which is the server farm. By using digital certificates
maximize the efficiency of human resources’ issued by this authority, we can ensure which gateways
administration. can participate in the VPN community. This method
One of the most important features is the users’ completely eliminates the risk of man-in-the-middle
ability to collaborate on the same patient’s chart. In the attacks. These attacks consist of a rogue gateway trying
vast majority of cases the treatment process requires to gain access to the VPN community, thus intercepting
multiple examinations from different medical data traffic between the logical sites. By using strong
specialties. In order to ensure this possibility, every traffic encryption, we can ensure that even if the data is
department has the right to edit only the fields regarding intercepted, it cannot be deciphered.
its specialty. This is done by direct interaction with the Besides creating the VPN tunnels, the gateways filter
Domain Controller. Active Directory has the possibility the traffic, protecting sites from external attacks. The
to group users in Organizational Units (OU). By filtering policies are based on each institution’s needs,
assigning all the users to their respective OUs and in being highly adaptable, thus providing security for any
conjunction with the hospital schedule, the system other applications used in hospitals.
guarantees parallel input from all the staff attending the For the infrastructure we implemented two solutions,
patient, without the possibility of overwriting each one being proprietary, and the other open-source. The
others’ data. For example, the surgery department can proprietary solution involves the use of Checkpoint
input only information regarding the surgical procedure software and equipment. It has the advantage of being
performed on the patient, while the laboratory staff can the best enforcement option available for enterprise
only insert test results, with the possibility of all of these environments. This infrastructure has a three tier
being done simultaneously. architecture consisting of the enforcement part using
In order to enhance its functionality, the client offers Checkpoint VPN-1, the firewall management server
the user the possibility to view his on-call schedule and using SmartCenter, and the administration tier using the
his patients’ appointments. This additionally improves SmartConsole software suite. The main advantages are
user experience, by taking advantage of an all-in-one the centralized management system, via SmartCenter,
platform, which offers users all information regarding and a highly optimized enforcement engine, while the
their work. main disadvantage is cost-related.
Similar results can be obtained using the open-source
2.3 Securing the connection solution, deploying Linux machines running openVPN
Through the use of the Domain Controller, we for the encrypted tunnels and IP tables for the filtering
ensured data security among the system’s users. But in decisions. The main advantage of using this solution is
order to implement a completely secure solution, the the low cost hardware and free software. Using the
connection between the client and the server must also open-source solution has the disadvantages of reduced
have strict enforcement rules and policies. performance compared to a Checkpoint system and
As our system architecture suggests, the limited central management mechanisms.
infrastructure has two gateways, which apply packet- Any of the two solutions are widely used, according
filtering techniques on data sending or receiving from to each environment’s needs, achieving traffic
encryption and secure data transfers.