Security Architecture and Its Implementation in a Multi Mobile Agent E-Hospital

This thesis describes the design and the implementation of a security architecture for an e-hospital. The e-hospital uses mobile agent technologies in its function implementation. The mobile agent technology has notable advantages over the traditional client/server technology. However, its advantages make it more vulnerable to threats. We use ISO17799, an international standard for Information security management, as our guide to approach the security problems in this e-hospital. We reach the security objectives for this e-hospital by risk assessments of the current system, compliance with the patients' privacy protection regulations and the consideration of end users' requirements. We divide the whole e-hospital into different domains according to their security levels and propose protections for each domain. We use identity-based two party key agreement protocols to address the network security in this e-hospital. Finally, we extend Bagga and Molva's policy-based cryptographic scheme to address the end user's access control and non-repudiation. Our proposed cryptographic scheme is based on the hardness of the Generalized Bilinear Diffie-Hellman Problem (GBDH problem) in groups. We implement our proposed cryptographic scheme in Java. The test results show that the performance of our proposed cryptographic scheme is acceptable using the elliptic curve defined over large prime fields.