L.Priya, J. Jeyalakshmi and S. Usha, Rajalakshmi Engineering College, India

The veracity and secrecy of medical information which is transacted over the Internet is vulnerable to attack. But the transaction of such details is mandatory in order to avail the luxury of medical services anywhere, anytime. Especially in a web service enabled system for hospital management, it becomes necessary to address these security issues. It is mandatory that the services guarantee message delivery to software applications, with a chosen level of quality of service (QoS). This paper presents a VDM++ based specification for modelling a security framework for web services with non repudiation to ensure that a party in a dispute cannot repudiate, or refute the validity of a statement or contract and it is ensured that the transaction happens in a reliable manner. This model presents the procedure and technical options to have a secure communication over Internet with web services. Based on the model the Medi - Helper is developed to use the technologies of WS-Security, WS-Reliability and WS-Policy, WSRN in order to create encrypted messages so that the Patient’s medical records are not tampered with when relayed over Internet, and are sent in a reliable manner. In addition to authentication, integrity, confidentiality, as proposed in this paper security framework for healthcare based web services is equipped with non repudiation which is not inclusive in many existing frameworks.

Web Services, WS-Policy, WS-Reliability, METRO, WS-Security, Web Services Security, e – Healthcare, SOAP, VDM++, Security Framework, Formal