簡易檢索 / 詳目顯示
| 研究生: |
張詠淳 YUNG-CHUN CHANG |
|---|---|
| 論文名稱: |
跨平台行動健保卡之設計與實作 On the Design and Implementation of a Cross-platform Mobile Health Insurance Card Application |
| 指導教授: |
查士朝
Shi-Cho Cha 洪政煌 Cheng-Huang Hung |
| 口試委員: |
葉國暉
Kuo-Huei Yeh |
| 學位類別: |
碩士 Master |
| 系所名稱: |
管理學院 - 資訊管理系 Department of Information Management |
| 論文出版年: | 2020 |
| 畢業學年度: | 108 |
| 語文別: | 英文 |
| 論文頁數: | 65 |
| 中文關鍵詞: | 近場通訊 、雙向認證 、Android 、iOS |
| 外文關鍵詞: | Near Field Communication, Two-way Authentication, Android, iOS |
| 相關次數: | 點閱:312 下載:18 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
資訊及通訊科技發展迅速,幾乎人人都擁有智慧型手機,許多的實體 IC 卡片發行商將卡片虛擬化,並且以行動化的應用程式來提供卡片的功能。人們不須再攜帶不同的 IC 卡片,同時,卡片發行商也節省了發行實體卡片的成本。
臺灣於 2003 年發行了國家健康保險 IC 卡,俗稱健保卡。近年來,臺灣政府嘗試健保卡虛擬化的應用。 而 Apple 公司開放了 iOS 13,這點讓我們可以實作基於 NFC 且兼容 Android 與 iOS 雙平台的行動化應用程式。
有鑑於此,本研究提出一個健保卡行動化的框架。第一點,健保卡擁有身分驗證的功能,故行動健保卡也必須設計身分驗證機制;第二點,醫療機構能夠不透過網路存取暫存在健保卡中的健康資料,故本框架使用 NFC 作為不需透過網路進行資料交換的方式;再者,本研究設計之流程考量了雙向驗證、資料加密以及資料完整性, 以達到在無網路的情況下, 使用 NFC 之身分驗證的功能及資料交換的安全。 最後, 基於泛用性, 本實作將同時支援Android 與 iOS。
With the rapid development of information and communications technology, almost everybody has a smartphone. Therefore, more and more physical IC card issuers virtualize the functions of physical IC cards and provide the functions with mobile applications. Consequently, people do not need to bring a lot of IC cards. At meantime, the card issuers can save the cost of issuing physical cards.
Taiwan has launched the National Healthcare Insurance (NHI) IC card in 2003. Recently, the Taiwan government tries to issue mobile applications for NHI IC cards. As the Apple Inc. opens NFC function in iOS 13, we can implement NFC-based mobile application cross the Android and iOS platform.
In light of this, this study proposes a framework for mobile health insurance card (MHIC) application according health insurance card (HIC) for medical services. Firstly, HIC is capable of authentication, so MHIC application must design the authentication mechanism. Secondly, health facilities can access the temporary health data stored in HIC, so MHIC application must design a mechanism that uses NFC technologies as an approach of offline communication for data exchange when the network of health facilities are unavailable. Moreover, this paper designs the process that allow two-way authentication, data encryption and data integrity, thereby enabling authentication and data exchange via NFC without any internet connection. Finally, based on generality, the implementation for MHIC application will support both Android and iOS.
[1] National Health Insuracne Administration Ministry, "National Health Insuracne Administration Ministry of Health and Welfare," 2015. [Online]. Available: https://www.nhi.gov.tw/. [Accessed: 30-Dec-2019].
[2] U.S.News & World, "Best Countries 2019 Global rankings, international news and data insights," 2019.
[3] Government Canada, "Justice Laws Website - Canada Health Act," [Online]. Available: https://laws-lois.justice.gc.ca/eng/acts/C-6/. [Accessed: 30-Dec-2019].
[4] Canada, Health Card Validation Reference Manual, 1.0 ed., 2017.
[5] Parliament of Australia, Medicare: a quick guide, Australia: Parliament of Australia - Department of Parliamentary Services, 2016.
[6] Medicare funded, "Medicare.gov," [Online]. Available: https://www.medicare.gov/forms-help-resources/your-medicare-card. [Accessed: 30-Dec-2019].
[7] wikipedia, "National Health Service," [Online]. Available: https://en.wikipedia.org/wiki/National_Health_Service. [Accessed: 30-Dec-2019].
[8] England National Health Service, "What is an NHS Number?," [Online]. Available: https://www.nhs.uk/using-the-nhs/about-the-nhs/what-is-an-nhs-number. [Accessed: 30-Dec-2019].
[9] NHS, "NHS App," [Online]. Available: https://www.nhs.uk/using-the-nhs/nhs-services/the-nhs-app/. [Accessed: 30-Dec-2019].
[10] Untied HealthCare Services, "United HealthCare," [Online]. Available: https://www.uhc.com/. [Accessed: 30-Dec-2019].
[11] wikipedia, "Near-field communication," [Online]. Available: https://en.wikipedia.org/wiki/Near-field_communication. [Accessed: 30-Dec-2019].
[12] C. Miller, "Exploring the NFC Attack Surface," in Proceedings of Blackhat, 2012, pp. 5-9.
[13] T. Igoe, D. Coleman and B. Jepson, "Beginning NFC", in O'Reilly Media Inc., 2014.
[14] ISO/IEC, ISO/IEC 7816-4:2013 Identification cards — Integrated circuit cards — Part 4: Organization, security and commands for interchange, Iso.org, 2013.
[15] NFC Forum, "What Are The Operating Modes Of NFC Devices?," 17 December 2013. [Online]. Available: https://nfc-forum.org/resources/what-are-the-operating-modes-of-nfc-devices. [Accessed: 30-Dec-2019].
[16] Apple, "WWDC2019," [Online]. Available: https://developer.apple.com/videos/play/wwdc2019/715. [Accessed: 30-Dec-2019].
[17] H. Eun, H. Lee and H. Oh, "Conditional Privacy Preserving Security Protocol for NFC Applications," IEEE Transactions on Consumer Electronics, pp. 153-160, February 2013.
[18] J. Pirrone and M. Huerta, "Hippocratic Protocol Design to Improve Security and Privacy in Healthcare Applications for NFC Smartphone," in Jaffray D. (eds) World Congress on Medical Physics and Biomedical Engineering, Toronto, Canada, 2015.
[19] Z. Wei, Y. Yanjiang, Y. Wu, J. Weng and R. H. Deng, "HIBS-KSharing: Hierarchical Identity-Based Signature Key Sharing for Automotive," IEEE Access, vol. 5, pp. 16314-16323, 21 August 2017.
[20] D. M'Raihi, S. Machani, M. Pei and J. Rydell, "RFC 6238 - TOTP: Time-Based One-Time Password Algorithm," Internet Engineering Task Force (IETF), May 2011. [Online]. Available: https://tools.ietf.org/html/rfc6238. [Accessed: 30-Dec-2019].
[21] ECMA, NFC-SEC-01: NFC-SEC Cryptography Standard using ECDH and AES, 3 ed., ECMA-386 Standard, 2015.
[22] M. S. Turan, E. Barker, W. Burr and L. Chen, NIST Special Publication 800-132 : Recommendation for Password-Based Key Derivation Part1:Storage Applications, NIST Special Publication 800-132, 2010.
[23] wikipedia, "STRIDE (security)," [Online]. Available: https://en.wikipedia.org/wiki/STRIDE_(security). [Accessed: 30-Dec- 2019].
