醫院病患的用藥錯誤將導致嚴重健康危害，最終，整體社會也會因救治這些受害病患之醫療與用藥而花費額外的巨大成本。因此，為了避免用藥錯誤，醫院需要一套安全住院病患醫藥管理系統，針對住院病患服藥，採用無線射頻辨識技術之醫藥管理系統，可以提供自動化藥物驗證，並產生相關之服藥證據，這些證據能提供後續發生醫療糾紛之稽核用途。
2011年Peris-Lopez等學者於國際期刊(International Journal of Medical Informatics)提出一套IS-RFID系統，作為加強住院病患用藥安全，然而，該系統並不能有效地偵測拒絕存取服務攻擊，且其所產生之用藥證據係由醫院單方面產生，亦不能成為法庭證據，也就是說，擁有IS-RFID系統之醫院，於必要時具有足夠權限修改用藥證據，因此，本論文採用無線射頻辨識技術，針對安全住院病患用藥管理，提出兩種輕量化之解決方案，其一適用於線上驗證環境，另一為適用於離線驗證環境，除了達成用藥證據之有效性，並可早期偵測拒絕存取服務攻擊。

Medication error can easily cause serious health damage to inpatients in a hospital. Consequently, the whole society has to spend huge amount of extra resources for additional therapies and medication on those affected inpatients. In order to prevent medication errors, secure inpatient medication administration system is required in a hospital. Using RFID technology, such an administration system provides automated medication verification for inpatient’s medicine doses and generates corresponding medication evidence, which may be audited later for medical dispute. Recently, Peris-Lopez et al. (Int. J. Med. Inform., 2011) proposed an IS-RFID system to enhance inpatient medication safety. Nevertheless, IS-RFID system does not efficiently detect the denial of proof attack and the generated medication evidence cannot defend against counterfeit evidence generated from the hospital. That is, the hospital possesses enough privilege from the design of IS-RFID system to modify generated medication evidence whenever it is necessary. Hence, we design two lightweight RFID-based solutions for secure inpatient medication administration, one for online verification environment and the other for offline validation situation, to achieve system security on evidence generation and provide early detection on denial of proof attack.

論文摘要4
ABSTRACT6
ACKNOWLEDGEMENT 誌謝7
LIST OF FIGURES圖索引9
CHAPTER 1.INTRODUCTION10
CHAPTER 1.1.Background11
CHAPTER 1.2.Motivation and Objectives17
CHAPTER 1.3.Dissertation Organization18
CHAPTER 2.LITERATURE REVIEW19
CHAPTER 2.1.Preliminaries19
CHAPTER 2.2.RFID Solutions for Secure Inpatient Medication Administration31
CHAPTER 2.2.1.Huang-Ku’s Solution31
CHAPTER 2.2.2.Chien et al.’s Solution38
CHAPTER 2.2.3.Yu et al.’s Solution44
CHAPTER 3.TWO PROPOSED SOLUTIONS51
CHAPTER 3.1.RFID-based System Model51
CHAPTER 3.2.Proposed Offline Solution62
CHAPTER 3.3.Proposed Online Solution67
CHAPTER 4.SECURITY AND PERFORMANCE ANALYSIS73
CHAPTER 5.CONCLUSION and FUTURE WORK80
BIBLIOGRAPHY82
PUBLICATION LIST著作清單92

[1]Aronson, J. K., “Medication errors: what they are, how they happen, and how to avoid them.” QJM: An International Journal of Medicine, 102(8), pp.513-521, 2009.
[2]Barasz, M., Boros, B., Ligeti, P., Loja, K., and Nagy, D.-A., “Breaking LMAP.” 3rd Workshop on RFID Security, Malaga, Spain, 2007.
[3]Benjamin, D.M., “Reducing medication errors and increasing patient safety: case studies in clinical pharmacology.” Journal of Clinical Pharmacology, 43(7), pp.768-783, 2003.
[4]Berman, A., “Reducing medication errors through naming, labeling, and packaging.” Journal of Medical Systems, 28(1), pp.9-29, 2004.
[5]Bolotnyy, L., and Obins, G., “Generalized Yoking-Proofs for a Group of RFID Tags.” Mobile and Ubiquitous Systems: Networking & Services, San Jose, California, pp.1-4, 2006.
[6]Burmester, M., and Munilla, J., “Lightweight RFID authentication with forward and backward security.” ACM Transactions on Information and System Security, 14(1), Article No. 11, 2011.
[7]Calcagnini, G., Censi, F., Maffia, M., Mainetti, L., Mattei, E., Patrono, L., and Urso, E., “Evaluation of Thermal and Non-thermal Effects of UHF RFID Exposure on Biological Drugs.” IEEE Transactions on Information Technology in Biomedicine, 16(6), pp.1051-1057, 2012.
[8]Catarinucci, L., Colella, R., Blasi, M. D., Patrono, L., and Tarricone L., “Enhanced UHF RFID Tags for Drug Tracing.” Journal of Medical Systems, 36(6), pp.3451-3462, 2012.
[9]Chao, C., Jen, W., Chi, Y., and Lin, B., “Improving patient safety with RFID and mobile technology.” International Journal of Electronic Healthcare, 3, pp.2175-2192, 2007.
[10]Chassin, M. R., and Becher, E. C., “The wrong patient.” Annals of Internal Medicine, 136(11), pp.826-833, 2002.
[11]Chen, C. L., and Wu, C. Y., “Using RFID Yoking Proof Protocol to Enhance Inpatient Medication Safety.” Journal of Medical Systems, 36(5), pp.2849-2864, 2012.
[12]Chien, H. Y., Yang, C. C., Wu, T. C., and Lee, C. F., “Two RFID-based Solutions to Enhance Inpatient Medication Safety.” Journal of Medical Systems, 35(3), pp.369-375, 2009.
[13]Cooper, M. C., “Can a zero defects philosophy be applied to drug errors?” Journal of Advanced Nursing, 21(3), pp.487-491, 1995.
[14]Crawford, S. Y., Cohen, M. R., and Tafesse, E., “Systems factors in the reporting of serious medication errors in hospitals.” Journal of Medical Systems, 27(6), pp.543-551, 2003.
[15]Darianian, M., and Michael, M. P., “A low power pervasive RFID identification system for medication safety in hospital or home Telecare.” 3rd International Symposium Wireless Pervasive Computing, Santorini, Greece, pp. 143-146, 2008.
[16]EPCglobal, “Class-1 Generation 2 UHF Air Interface Protocol Standard Version 1.2.0.” Retrieved from http:// www.gs1.org/gsmp/kc/ epcglobal/ uhfc1g2/uhfc1g2_1_2_0-standard-2008 0511.pdf, 2008.
[17]Ham, H. M., and Song, J. S., “Practical and Secure Yoking-Proof Protocol for RFID.” Journal of the Korea Institute of Information Security and Cryptology, 21(5), pp.83-94, 2011.
[18]Huang, H. H., “Vulnerabilities in Yu et al.'s RFID Lightweight Binding Proof Protocol.” Advances in Information Sciences and Service Sciences, 4(8), pp.337-343, 2012.
[19]Huang, H. H., and Ku, C. Y., “A RFID Grouping Proof Protocol for Medication Safety of Inpatient.” Journal of Medical Systems, 33(6), pp.467-474, 2009.
[20]Huang, H. H., and Ku, C. Y., “A secure method for RFID with key tag in supply chain management.” 34th Annual Meeting of Western Decision Sciences Institute, Vancouver, Canada, pp. 460-462, 2005.
[21]Institute of Medicine of the National Academies, “Preventing Medication Errors: Quality Chasm Series.” The National Academies Press, Washington, DC, 2007.
[22]Jannati, H., and Falahati, A., “Cryptanalysis and enhancement of two low cost RFID authentication protocols.” International Journal of Ubiquitous Computing, 3(1), pp.1-9, 2012.
[23]Janz, B. D., Pitts, M. G., and Otondo, R. F., “Information systems and health care II: back to the future with RFID: Lessons learned - some old, some new.” Communications of the Association for Information Systems, 15, pp.132-148, 2005.
[24]Juels A., and Pappu, R., “Squealing Euros: Privacy protection in RFID-enabled banknotes.” Financial Cryptography, Guadeloupe, French West Indies, pp.103-121, 2003.
[25]Juels, A., “Minimalist Cryptography for Low-Cost RFID Tags.” 4th international conference on Security in Communication Networks, Amalfi, Italy, pp.149-164, 2005.
[26]Juels, A., “Yoking-Proofs for RFID Tags,” First International workshop on Pervasive Computing and Communication Security, Florida, USA, pp.138-143, 2004.
[27]Juels, A., Rivest, R.L., and Szydlo, M., “The blocker tag: Selective blocking of RFID tags for consumer privacy.” 8th ACM Conference on Computer and Communications Security, Philadelphia, USA, pp.103-111, 2003.
[28]Jylh, V., and Saranto, K., “Electronic documentation in medication reconciliation: a challenge for health care professionals.” Applied Nursing Research, 21(4), pp.237-239, 2008.
[29]Kaelber, D. C., and Bates, D. W., “Health information exchange and patient safety.” Journal of Biomedical Informatics, 40(S6), pp.S40-S45, 2007.
[30]Koshy, R., “Navigating the information technology highway: Computer solutions to reduce errors and enhance patient safety.” Transfusion, 45, pp.4189S-4205S, 2005.
[31]Krawczyk, H., Bellare, M., and Canetti, R., “MAC: Keyed hashing for message authentication.” Internet Engineering Task Force RFC 2104, 1997.
[32]Lamport, L., “Constructing digital signatures from a one way function.” Technical Report Technical Report CSL-98, SRI International, 1979.
[33]Li, T., and Wang, G., “Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols.” IFIP Information Security & Privacy Conference, Gauteng, South Africa, pp.14-16, 2007.
[34]Lipmaa, H., and Moriai, S., “Efficient Algorithms for Computing Differential Properties of Addition.” Foundations on Software Engineering, Vienna, Austria, pp.336-350, 2001.
[35]Lo, N. W., and Yeh, K. H., “Anonymous Coexistence Proofs for RFID Tags.” Journal of Information Science and Engineering, 26(4), pp.1213-1230, 2010.
[36]Meiller, Y., Bureau, S., Zhou, W., and Piramuthu, S., “Simulation of a health care knowledge-based system with RFID generated information.” Asian Simulation Technology Conference, Shanghai, China, pp.110-114, 2010.
[37]Menezes, A. J., Oorschot, P. C. V., and Vanstone, S. A., “Handbook of Applied Cryptography.” CRC Press, 1996.
[38]National Coordinating Council for Medication Error Reporting and Prevention, “What is a Medication Error?” Retrieved from http://www.nccmerp.org/ aboutMedErrors.html.
[39]National Coordinating Council for Medication Error Reporting and Prevention, “Recommendations to Enhance Accuracy of Administration of Medications.” Retrieved from http://www.nccmerp. org/council/ council1999-06-29.html.
[40]Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., and Ribagorda, A., “LMAP: A Real Lightweight Mutual Authentication Protocol for Low-cost RFID tags.” 2nd Workshop on RFID Security, Graz, Austria, 2006.
[41]Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M. and Ri-bagorda, A., “Solving the Simultaneous Scanning Problem Anonymously: Clumping Proofs for RFID Tags.” 3rd International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing, Istanbul, Turkey, pp.55-60, 2007.
[42]Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., and Ribagorda, A., “Solving the simultaneous scanning problem anonymously: Clumping proofs for RFID tags.” 3rd International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing, Istanbul, Turkey, pp.55-60, 2007.
[43]Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., and Ribagorda, A., “LAMED - A PRNG for EPC class-1 generation-2 RFID specification.” Computer Standards and Interfaces, 31, pp.88-97, 2009.
[44]Peris-Lopez, P., Orfila, A., Hernandez-Castro, J.C., Van Der Lubbe, J. C. A., “Flaws on RFID grouping-proofs. Guidelines for future sound protocols.” Journal of Network and Computer Applications, 34(3), pp.833-845, 2011.
[45]Peris-Lopez, P., Orfila, A., Mitrokotsa, A., and Van Der Lubbe, J.C.A., “A Comprehensive RFID Solution to Enhance Inpatient Medication Safety.”, Journal of Medical Systems, 80(1), pp.13-24, 2011.
[46]Piramuthu, S., “On Existence Proofs for Multiple RFID Tags.” Pervasive Services, 2006 ACS/IEEE International Conference on, France, pp.317 - 320, 2006.
[47]Piramuthu, S., “Protocols for RFID tag/reader authentication.” Decision Support Systems, 43(3), pp.897-914, 2007.
[48]Saito, J., and Sakurai, K., “Grouping-Proofs for RFID Tags,” AINA International Conference, Taipei, Taiwan, pp.621-624, 2005.
[49]Saito, J., Ryou, J. C., and Sakurai, K., “Enhancing Privacy of Universal Re-encryption Scheme for RFID Tags.” Embedded and Ubiquitous Computing, 3207, pp.879-890, 2004.
[50]Van de Castle B., Kim, J. Pedreira, M. L., Paiva, A., Goossen, W., and Bates, D. W., “Information technology and patient safety in nursing practice: an international perspective.” International Journal of Medical Informatics, 73(7-8), pp.607-614, 2004.
[51]Van de Castle, B., Kim, J., Pedreira, M. L., Paiva, A., Goossen, W., and Bates, D. W., “Information technology and patient safety in nursing practice: an international perspective.” International Journal of Medical Informatics, 73, pp.607-614, 2004.
[52]Walton, S. M., “The pharmacist shortage and medication errors: Issues and evidence.” Journal of Medical Systems, 28(1), pp.59-63, 2004.
[53]Wei, C. H., Huang, M. S., Chin, A. Y., “A Mutual Authentication Protocol for RFID.” IT Professional, 13(2), pp.0-24, 2011.
[54]Weis, S. A., Sarma, S. E.,Rivest, R. L., and Engels, D. W., “Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems.” Security in Pervasive Computing, Boppard, Germany, pp.201-212, 2004.
[55]Weis, S., “Security parallels between people and pervasive devices.” Workshop on Pervasive Computing and Communications Security, Florida, USA, pp.105-109, 2005.
[56]Wickboldt, A.K., and Piramuthu, S., “Patient Safety through RFID: Vulnerabilities in Recently Proposed Grouping Protocols.” Journal of Medical Systems, 36(2), pp.431-435, 2010.
[57]Wu, S., Chen, K., and Zhu, Y., “A Secure Lightweight RFID Binding Proof Protocol for Medication Errors and Patient Safety.” Journal of Medical Systems, 36(5), pp.2743-2749, 2012.
[58]Yang, J., Park, J., Lee, H., Ren, K., and Kim, K., “Mutual authentication protocol for low-cost RFID.” ECRYPT Workshop on RFID and Lightweight Crypto, Graz, Austria, 2005.
[59]Yao, W., Chu, C.H., Li, Z., “The Adoption and Implementation of RFID Technologies in Healthcare: A Literature Review.” Journal of Medical Systems, 36(6), pp.3507-3525, 2012.
[60]Yu, Y. C., Hou, T. W., and Chiang, T. C., “Low Cost RFID Real Lightweight Binding Proof Protocol for Medication Errors and Patient Safety.” Journal of Medical Systems, 36(2), pp. 823-828, 2010.