Research On Unified Identity Authentication System Oriented To Hospital Information Portal

With the rapid development of hospital information construction and the continual improvement and popularization of hospital information portal system, more and more patients order outpatient services and inquiry the medical examination reports through hospital information portal system. The treatment of patient may be given in several hospitals, but the information stored in one hospital can hardly be shared with another hospital. Therefore, when one patient needs to visit several hospital information portal systems at one time, the authentication information needs to be submitted according to the requirements of each system before entering different system. However, as more and more hospital information portal systems are used by patients, the drawbacks of traditional authentication mechanism gradually become apparent. In order to improve the security and manageability of hospital information portal and to improve the efficiency and safety for patients entering the hospital information portal to get various services, in this paper, a unified identity authentication system was studied.Based on intensive study on identity authentication technology, single sign-on technology and LDAP directory service, this paper designed a unified identity authentication system oriented to hospital information portal. The single sign-on model was designed in the system, in which the cross-domain single sign-on could be achieved by the tickets transferring and Cookie, helping patients visit multiple hospital information portal systems with only once sign-on before transparently entering all authorized hospital portal systems. On the basis of detailed logic and pattern design, the unified management and authentication of patient identity information were achieved through LDAP directory service. Given the high security requirements of unified identity authentication system, we focused much effort on the implementation of system security. The MD5 algorithm was used to encrypt the patients' sensitive information and the SSL protocol was used to strengthen the security of data transmission. Moreover, in order to further protect the security of system certification, we designed and implemented the dual-factor identity authentication module based on keystroke dynamics which used the statistical algorithm to analyze the keystroke feature at user entering the password.