(34.237.124.210) 您好!臺灣時間:2021/03/02 07:37
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:張詠淳
研究生(外文):YUNG-CHUN CHANG
論文名稱:跨平台行動健保卡之設計與實作
論文名稱(外文):On the Design and Implementation of a Cross-platform Mobile Health Insurance Card Application
指導教授:查士朝查士朝引用關係洪政煌洪政煌引用關係
指導教授(外文):Shi-Cho ChaCheng-Huang Hung
口試委員:葉國暉
口試委員(外文):Kuo-Huei Yeh
口試日期:2020-01-08
學位類別:碩士
校院名稱:國立臺灣科技大學
系所名稱:資訊管理系
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2020
畢業學年度:108
語文別:英文
論文頁數:65
中文關鍵詞:近場通訊雙向認證AndroidiOS
外文關鍵詞:Near Field CommunicationTwo-way AuthenticationAndroidiOS
相關次數:
  • 被引用被引用:0
  • 點閱點閱:106
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:30
  • 收藏至我的研究室書目清單書目收藏:0
資訊及通訊科技發展迅速,幾乎人人都擁有智慧型手機,許多的實體 IC 卡片發行商將卡片虛擬化,並且以行動化的應用程式來提供卡片的功能。人們不須再攜帶不同的 IC 卡片,同時,卡片發行商也節省了發行實體卡片的成本。

臺灣於 2003 年發行了國家健康保險 IC 卡,俗稱健保卡。近年來,臺灣政府嘗試健保卡虛擬化的應用。 而 Apple 公司開放了 iOS 13,這點讓我們可以實作基於 NFC 且兼容 Android 與 iOS 雙平台的行動化應用程式。

有鑑於此,本研究提出一個健保卡行動化的框架。第一點,健保卡擁有身分驗證的功能,故行動健保卡也必須設計身分驗證機制;第二點,醫療機構能夠不透過網路存取暫存在健保卡中的健康資料,故本框架使用 NFC 作為不需透過網路進行資料交換的方式;再者,本研究設計之流程考量了雙向驗證、資料加密以及資料完整性, 以達到在無網路的情況下, 使用 NFC 之身分驗證的功能及資料交換的安全。 最後, 基於泛用性, 本實作將同時支援Android 與 iOS。
With the rapid development of information and communications technology, almost everybody has a smartphone. Therefore, more and more physical IC card issuers virtualize the functions of physical IC cards and provide the functions with mobile applications. Consequently, people do not need to bring a lot of IC cards. At meantime, the card issuers can save the cost of issuing physical cards.

Taiwan has launched the National Healthcare Insurance (NHI) IC card in 2003. Recently, the Taiwan government tries to issue mobile applications for NHI IC cards. As the Apple Inc. opens NFC function in iOS 13, we can implement NFC-based mobile application cross the Android and iOS platform.

In light of this, this study proposes a framework for mobile health insurance card (MHIC) application according health insurance card (HIC) for medical services. Firstly, HIC is capable of authentication, so MHIC application must design the authentication mechanism. Secondly, health facilities can access the temporary health data stored in HIC, so MHIC application must design a mechanism that uses NFC technologies as an approach of offline communication for data exchange when the network of health facilities are unavailable. Moreover, this paper designs the process that allow two-way authentication, data encryption and data integrity, thereby enabling authentication and data exchange via NFC without any internet connection. Finally, based on generality, the implementation for MHIC application will support both Android and iOS.
摘要........................................................................................................................ I
ABSTRACT.........................................................................................................II
致謝..................................................................................................................... III
TABLE OF CONTENTS.................................................................................. IV
LIST OF FIGURES .........................................................................................VII
LIST OF TABLES............................................................................................. IX
CHAPTER 1 INTRODUCTION........................................................................1
1.1. OVERVIEW ..............................................................................................1
1.2. OBJECTIVES AND CONTRIBUTION............................................................2
1.3. CHAPTER INTRODUCTION........................................................................3
CHAPTER 2 RELATED WORK ......................................................................4
2.1. HEALTHCARE SYSTEMS IN THE WORLD ..................................................4
2.1.1. Canada Health................................................................................4
2.1.2. The Australia Medicare System .....................................................5
2.1.3. The England National Health Service............................................5
2.2. MOBILE HEALTHCARE APPLICATIONS.....................................................6
2.2.1. NHS Application............................................................................6
2.2.2. Health4Me Application..................................................................6
2.3. PRELIMINARIES FOR NFC TECHNOLOGIES ..............................................6
2.3.1. NFC Technologies..........................................................................7
2.4. NFC APPLICATION................................................................................14
CHAPTER 3 SYSTEM OVERVIEW..............................................................16
3.1. FUNCTIONAL REQUIREMENTS ...............................................................16
3.2. SCENARIO .............................................................................................17
3.2.1. Role Definition.............................................................................17
3.2.2. The Scenario with Internet Access...............................................18
3.2.3. The Scenario without Internet Access..........................................18
3.3. MHIC APPLICATION ARCHITECTURE....................................................19
CHAPTER 4 MAJOR PROCESSES...............................................................21
4.1. NOTATION DEFINITION..........................................................................22
4.2. INITIALIZATION .....................................................................................23
4.2.1. Enrollment Process ......................................................................24
4.2.2. Data Update Process ....................................................................25
4.3. TOKEN GENERATION PROCESS..............................................................25
4.4. OFFLINE COMMUNICATION ...................................................................30
4.4.1. Key Agreement Process ...............................................................31
4.4.2. Two-way Authentication Process.................................................33
4.4.3. Communication Process...............................................................34
CHAPTER 5 IMPLEMENTATION................................................................35
5.1. NFC READER FOR CARD EMULATION MODE ........................................35
5.2. MHIC APPLICATION IMPLEMENTATION ................................................36
5.2.1. Android Version ...........................................................................37
5.2.2. iOS Version ..................................................................................39
5.3. EXPERIMENT.........................................................................................41
5.3.1. Key Agreement and Two-way Authentication .............................41
5.3.2. Communication with Different Packet Sizes...............................44
5.4. SECURITY ANALYSIS.............................................................................46
CHAPTER 6 CONCLUSION ..........................................................................50
REFERENCE.....................................................................................................51
[1] National Health Insuracne Administration Ministry, "National Health Insuracne Administration Ministry of Health and Welfare," 2015. [Online]. Available: https://www.nhi.gov.tw/. [Accessed: 30-Dec-2019].
[2] U.S.News & World, "Best Countries 2019 Global rankings, international news and data insights," 2019.
[3] Government Canada, "Justice Laws Website - Canada Health Act," [Online]. Available: https://laws-lois.justice.gc.ca/eng/acts/C-6/. [Accessed: 30-Dec-2019].
[4] Canada, Health Card Validation Reference Manual, 1.0 ed., 2017.
[5] Parliament of Australia, Medicare: a quick guide, Australia: Parliament of Australia - Department of Parliamentary Services, 2016.
[6] Medicare funded, "Medicare.gov," [Online]. Available: https://www.medicare.gov/forms-help-resources/your-medicare-card. [Accessed: 30-Dec-2019].
[7] wikipedia, "National Health Service," [Online]. Available: https://en.wikipedia.org/wiki/National_Health_Service. [Accessed: 30-Dec-2019].
[8] England National Health Service, "What is an NHS Number?," [Online]. Available: https://www.nhs.uk/using-the-nhs/about-the-nhs/what-is-an-nhs-number. [Accessed: 30-Dec-2019].
[9] NHS, "NHS App," [Online]. Available: https://www.nhs.uk/using-the-nhs/nhs-services/the-nhs-app/. [Accessed: 30-Dec-2019].
[10] Untied HealthCare Services, "United HealthCare," [Online]. Available: https://www.uhc.com/. [Accessed: 30-Dec-2019].
[11] wikipedia, "Near-field communication," [Online]. Available: https://en.wikipedia.org/wiki/Near-field_communication. [Accessed: 30-Dec-2019].
[12] C. Miller, "Exploring the NFC Attack Surface," in Proceedings of Blackhat, 2012, pp. 5-9.
[13] T. Igoe, D. Coleman and B. Jepson, "Beginning NFC", in O'Reilly Media Inc., 2014.
[14] ISO/IEC, ISO/IEC 7816-4:2013 Identification cards — Integrated circuit cards — Part 4: Organization, security and commands for interchange, Iso.org, 2013.
[15] NFC Forum, "What Are The Operating Modes Of NFC Devices?," 17 December 2013. [Online]. Available: https://nfc-forum.org/resources/what-are-the-operating-modes-of-nfc-devices. [Accessed: 30-Dec-2019].
[16] Apple, "WWDC2019," [Online]. Available: https://developer.apple.com/videos/play/wwdc2019/715. [Accessed: 30-Dec-2019].
[17] H. Eun, H. Lee and H. Oh, "Conditional Privacy Preserving Security Protocol for NFC Applications," IEEE Transactions on Consumer Electronics, pp. 153-160, February 2013.
[18] J. Pirrone and M. Huerta, "Hippocratic Protocol Design to Improve Security and Privacy in Healthcare Applications for NFC Smartphone," in Jaffray D. (eds) World Congress on Medical Physics and Biomedical Engineering, Toronto, Canada, 2015.
[19] Z. Wei, Y. Yanjiang, Y. Wu, J. Weng and R. H. Deng, "HIBS-KSharing: Hierarchical Identity-Based Signature Key Sharing for Automotive," IEEE Access, vol. 5, pp. 16314-16323, 21 August 2017.
[20] D. M'Raihi, S. Machani, M. Pei and J. Rydell, "RFC 6238 - TOTP: Time-Based One-Time Password Algorithm," Internet Engineering Task Force (IETF), May 2011. [Online]. Available: https://tools.ietf.org/html/rfc6238. [Accessed: 30-Dec-2019].
[21] ECMA, NFC-SEC-01: NFC-SEC Cryptography Standard using ECDH and AES, 3 ed., ECMA-386 Standard, 2015.
[22] M. S. Turan, E. Barker, W. Burr and L. Chen, NIST Special Publication 800-132 : Recommendation for Password-Based Key Derivation Part1:Storage Applications, NIST Special Publication 800-132, 2010.
[23] wikipedia, "STRIDE (security)," [Online]. Available: https://en.wikipedia.org/wiki/STRIDE_(security). [Accessed: 30-Dec- 2019].
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
系統版面圖檔 系統版面圖檔