Slashdot Mirror
Rapid Authentication Systems?
Barrington Johnson asks: "I am an emergency physician, and am looking for a solution for authentication which is compatible with rapid logons and logoffs. We have several web-based terminals into which we put information. The web application gives a real-time representation of the emergency department, so it is important that it is kept up to date. We have an opportunity to re-design our system, and I know that if I make the authentication process too difficult e.g. username+password, doctors will store up their data entry, and do it all in one go, removing the real-time usefulness of the display. At what level (application/browser/system) should authentication occur, and what method would be best?" Might a smartcard-based authentication system work well in this situation?
Maybe you could use something like USB Keys for easier authentication? I didn't think it got any easier than a username and a password.
Disagreeing with me does not mean you get to mod me troll.
A restaurant-type system might be best/fastest.
Perhaps forgo authentication? Or make it concurrent with data entry? A "secret" 4-6 char UID field that whoever fills-in when they enter other data (vitals).
A nice device, allows over-ride if you loose it, and instant unlock as need be.
wireless lock
=================
Unix is very user friendly, it's just picky about who its friends are.
Maybe consider 2 tiers of authentication.
First level being a 4 digit pin that can be easily entered at a login screen that will allow view access to all the important data.
Second level, require a username and password if anyone actualy wants to modify something.
symetrix. We are building a religion, a limited edition.
I am an emergency physician
Hire a professional web designer that specializes in security. I wouldn't want people to expect me to be a doctor, and I wouldn't want a doctor designing a secure web site for me.
No offense, but for something like medical records, stick to what you went to school for.
Depending on your network setup, host-based auth might be best. You could assign a specific IP address based on a DHCP Client-ID and have the web app look up the client's address in a table to determine if it's allowed automatic access (ie, to jump straight to an authorized state), or otherwise to prompt for a username/password, and thereby set the authorized state.
You could augment with a PIN or password, too. They're actually quite easy to implement...infact, you could do the authentication in Java within the web app.
http://www.ibutton.com
-psy
Don't trust those large prescriptions of opiate based painkillers by the mysterious "Dr. Hightimes"
How secure are the workstations? If the public can get at them then security is still a big concern. If not, a simple 4 digit pin as others suggested might be enough. However, if its feasible that a unknown person could have a few minutes unobserved at the machine, then I would look for something a little more secure
How quick is quick? Smart cards, or USB keys could be quick, but if in a hurry, Doctors may not want to fumble around with something else they have to carry around... and what if they forgot it at home. Typing username - TAB - password - ENTER is usally very quick for anyone that has typed their username and password a few times. However, it could be inconvenient if the doctors are not usually standing/sitting with both hands free. What is the environment like? Do they sit at a desk, or quickly pass one of these terminals, click a few buttons, and continue on? If they're time spend at the terminal is measured in minutes, 5 seconds to log on wouldn't be inappropriate. If its measured in seconds, something quicker should be investigated.
What's the budget like? Bio-metric sensors are always an option, like a thumb print scanner. However, these would be slightly more costly that a small USB key, but eliminate remembering passwords/pins and carring around an ID card/USB key.
I'm not sure how sensitive the data is, but I'm assuming its relatively low. (Please don't go on a tangent here, there is little to no security involved with paper files...)
The quickest/easiest/cheapest way would be to use a standard mag strip reader or an RFID tag with no pin/password etc, just a swipe, and someway to "logout".
If more security is needed or possibly variable security needed (maybe 1st screen is kinda public domain, but to get more details you need more authentication), then a smartcard that uses its serial number as a token like in the RFID or mag strip example I just gave, and then the user would have to put in a PIN to get the more sensitive data.
The fortunate thing is that all 3 technologies are pretty inexpensive and easy to work with.
Try a different approach... instead of having to log in and out of a web page each time, log in once (per shift) and take your session with you.
The Sun Ray will allow you to log in using both your smartcard and your login/password combo.
Once logged in, you can launch your web browser and log into whatever you need (and whatever other apps you need).
Now, if you need to run away... just yank out your smartcard and the Sun Ray is available to someone else (they have to login at this point).
When you got back, or to another Sun Ray, just slap your smartcard in, and type in your password, and everything is still running (on the Sun Ray Server), but the display has been redirected to where-ever you are.
This does not put applications to sleep, they stay running the whole time, it's only the display that's been redirected.
This is called "hot-desking" and is incredibly handy.
Sun has a bunch of info on their Sun Ray web page... be sure to take a look at the tour on the right side.
They're very inexpensive, and if one breaks, you treat it like a telephone... you just plug a new one in and it is instantly available! (zero desktop maintenance)
- Preferences: Solaris 10 (servers), Ubuntu (desktops), Solaris 11 (personal servers) -
One suggestion here is to hire a security professional. That is not a bad idea.
However I have a better one. Hire me! (Better for me, at least). But seriously, if you can't figure out the best solution, you certainly are not going to get it solved here. Bring in a consultant who specializes in this aspect of your business (ER management) and have them explain the options.
It is not clear what your requirements are, but I am not sure this is a good candidate for a "technology" solution. Charts are still the standard method for tracking in ER environments and a good old-fashioned white board is a pretty good way to track assignments. No matter what the solution, if the doctor has to go away from the patient to check status or update status the system is going to be always out of date (hence charts hanging on for so long).
I know this isn't the sexiest solution but you need to prepare yourself for the boring solutions when you present this problem.
I'll post anonymously just so I don't get flamed ... yes, I work at Sun ... blah :)
... but having a session stay loaded with smartcard auth would definitely be the quickest method of allowing nomadic data entry.
A SunRay server + terminals would seem ideal here. Pop your smartcard in, log in once in the morning, pull the card out and walk away. Need to enter something? Walk to an available terminal anywhere on the same network and pop your card in again. Your session appears. Rinse, wash, repeat. No keyboard input except during the login.
If you have enough memory you can just keep the sessions running indefinitely. I would highly recommend the client software be set to auto-save data every X minutes in case of the rare need to reboot. Or you could kill sessions every X hours (1, 4, 8, 12, 24, whatever) of inactivity.
So far I have yet to see a system do this kind of thing better than SunRay terminals, but there are most definitely similar solutions out there. Whatever fits best, go for it
There has also been work done (I believe by Tadpole and others) to create wireless 802.11b SunRay terminals, which opens up another realm of portability.
It is more productive to voice thoughtful opinions (reply) than to judge (moderate) others.
Those are the two items that will make a system secure. I would say proximity RFID reader + pin code.
When the Dr walks up it unlocks and askes for a pin ( it already knows who you are ). Once the pin is entered you are set... once the RFID leaves range ( 5-8 ft ) the station would automaticly lock. I personally think this would be the best of all worlds. I would not skimp on the proximity sensor for a card swipe since locking the station is still important, and the card is one more thing that they would have to keep clean. As much as the slashdot crew hares RFID it could be very handy you have to admit.
Something like a timed ticket+ibuttons would work.
Doctor arrives at work, logs in his user/password then simply taps his ibutton on whatever system he wants to use. Hit's the logout button when he's done, and moves on to the next machine.
Why do the login/pass thing in the morning? Because people lose small things like ibuttons. So each morning when you login (and for the next 8 hours or however long until the login ticket expires) the ibutton supplies is the new "key". If you lose it, simply get a new one and login again.
ibutton url
Why is authentication needed?
In an ER situtation, there must be hundreds of things lying around that unauthorised people MUST NOT mess with, or people die and other people get fired. Just define the terminal as one of those things.
Stick a dummy video camera pointing at the keyboard, and tell all the unauthorised staff they'll get fired if they are seen touching it.
If you need to identify who is making entries, give every doctor a dedicated function key, and refuse any entires that are not preceded by a fkey press.
A pizza of radius z and thickness a has a volume of pi z z a
1) Magnetic stripes on the neck-worn ID tags which contain a unique sequence of characters which are the equivalent of/tied to a doctor's username/password. Require the doctors to swipe them everywhere to input data. Periodically require doctors to re-key their cards.
2) Keep a central authentication system, but also mirror authentication information locally to wherever a doctor authenticates so subsequent authentications go quickly.
3) Disallow record editing after hours without permission. Counsel doctors who habitually require after-hours editing.
USB Wireless Security Lock, if it can tell the difference between Bob and Tom, for example, would be ideal, for starters.
... see my point? You are pretty clear that your users have a low tolerance for the barriers that security will put in place ... but you don't clearly tell us how "high" those barriers need to be. Not to be pointed, but it kinda concerns me that you didn't, because it suggests that you, yourself don't know ... and that is the very first thing you should determine
You haven't really asked an answerable question, however, since you didn't tell us what the exact security requirements are.
e.g., just don't secure the damn thing would be a legitimate response in some circumstances (probably not this one, granted).
Identifying a suitable solution depends on determining just how 'secure' the system needs to be; there are different requirements for securing, say, gas pumps, ATMs, cash registers, nukular-missile-launcher consoles, pr0n viewing consoles, etc.
especially if this system could potentially have any of my personal/medical/financial information on it
It seems like you could use a BlueTooth device to authenticate. The same way that if you have a BlueTooth cell-phone the screensaver on a mac will shut off when you get close to the system.
Another smartcard slow-down problem -- where would they keep the cards? In a pocket (and possibly left at home) means it's going to be much slower (where's that darned card?), and possibly inaccessible. On a cord around the neck? That might be a bad idea -- I read an article about how doctors are now strongly discouraged from using neckties - a study found they tend to be teeming with bacteria; whenever he leans forward, it drags in... whatever he's standing next to. Plus, what's the last thing you do after washing your hands? That's right, check the mirror and straighten the tie....
If you do come up with a workable solution using a card, biometrics, whatever -- make sure they can always fall back to the simple username password solution. Many will find this quicker, and especially if you're using any newish, complex tech, you have to have a backup solution.
There are only 10 types of people: those who understand decimal, those who don't, and, uh, 8 other types I forget.
There's a company somewhere out there that makes a product called Air Badges. They are the normal radio-reflector type plastic laminated badges, but they sense proximity. You can configure your computer to log in automaticially if you are within 3-32 feet of a computer, and then log you out if you walk away.
It can be augmented with a password.
Part of the problem is that you'll need the computer to log in to your previous session, so that you can continue where you were typing, if you walk 10' over to check the patient, then back to enter the data. That implies some sort of terminal services, VNC, etc.etc.
I'd suggest patenting the approach, get some venture capital, then produce it as a product. Medical equipment is generally overpriced, anyway.
..at some place like Applebees and watch the waitstaff work. Every person active on the floor has a badge with a magstrip that's attached to a ripcord on their belt. Every time they need to use a register they have to swipe their card for access, and when they walk away I'm sure they're required to logoff. It's all touchscreen and the units seem to update very quickly (screen refresh, zero wait time, etc...). I'd bet the whole system is tightly controled and transactions are tied back to exact individual employees. If it can be done in the food industry I'm sure it can be adapted to your set of goals. It might be a challenge to get things to work this fast in a webapp environment though.
There have been other posts suggesting different styles of keyfob wireless access that authenticate you when you approach the machine, but the Applebees scenario also shows how that wouldn't work. During a lunch or dinner rush those places can get crowded and there's potential for multiple waitstaff to be standing close to a register. It would be a tricky and overcomplex game for the machine to try to decide which person to pay attention to.
Since the article is about speed, and just incase the magstrip cards aren't fast enough for you, you could use the same method but switch to proximity RFID tags. I know RFID has been a buzzword lately, but don't forget that's what Exxon has been using in their "Tigerpass" (or whatever they're called) fobs for a long time now. No swiping, just hold it within an inch or two and you're good to go. RFID security passes are usually accompanied by a secondary confirmation that you actually do want gain access, something like a fullscreen button that you have to tap immediately after passing your badge. It helps keep the system from being activated or a user logging on simple by being to near the console.
Also, I don't and never have worked at Applebees. This is just what I've noticed on the last trip or two.
I'm against picketing, but I don't know how to show it.
Use a portable device for data collection, i.e. a PDA, or Tablet PC, or one of the various intermediate form-factors. When the user is ready, data is transmitted either wirelessly or by briefly docking the device. Authentication is inherent in the ID of the transmitting device. If user-acceptance of data-entry into a small device is a problem, then spread around some full-size docking keyboards for shared use.
Also, I'd bet money that there are already vendors or VARs who offer vertically-integrated solutions for your requirements.
The fact that you have to ask slashdot means your security is weak and needs a serious audit, pronto.
re: shiny things, consider a biometric fingerprint scanner.
[o]_O
Call a proper systems integrator.
You could use one of the fingerprint scanners, they're pretty cheap now. Also a while back I remember hearing about a system that used a webcam, and automatically recognized you when you walked up to the computer.
Depending on the level of security you need, you could just as easily not have any authentication at all, and just tell unauthorized users not to touch it.