We present rendezvous-based access control for access control in the pre-hospital environment. Rendezvous-based access control is a simple cryptographic access control method that provides access if and only if patient and health worker meet in the physical world. Access is provided locally and does not depend on connectivity with remote systems. It is therefore suitable in an environment with small mobile devices that have local connectivity but may be disconnected now and then from remote systems. It is designed to protect against aggregation threats without letting the patients carry their own medical data. A system can then be implemented where the tokens carried by the patients are simple and robust which is easily managed. We believe that our mechanism provides a useful alternative to remote access to a centralized system and to patients carrying their own medical record (on a smartcard e.g.). Categories and Subject Descriptors J.3 [Life and Medical Sciences]: Medical informatio...
Feike W. Dillema, Simone Lupetti