Authentication options:
2. Two-factor authentication: is a security process in which the user
provides two means of identification, one of which is typically a physical
token, such as a card, and the other of which is typically something memorized,
such as a security code. In this context, the two factors involved are sometimes
spoken of as something you have and something you know (Rouse, 2005).
An example of two factor authentication in healthcare IT would be using a
fingerprint scanner and a key card access to enter a secured room in a hospital.
3. One-time passwords:
is
a password that is valid for only one login session or transaction (Wikipedia).
An example of a one-time password in healthcare IT would be if the doctor had
access to the patient database and gave the nurse a one-time password to
retrieve a patient’s file.
4. Synchronous tokens: A synchronous token is time-based and generates a
value that is used in authentication. The token value is valid for a set period
of time before it changes and is based on a secret key held by both the token
(usually a sealed device) and the server providing authentication services
(Bragg).
An example of a synchronous token in healthcare IT is when the IT professional
is sent a challenge by the server. The IT professional enters the challenge into
the token device. The device
returns a value and the IT professional types it back to the sever for access.
5. Asynchronous tokens: An asynchronous token uses a challenge-response
mechanism to determine whether the user is valid. After the user enters the
identification value, the authentication server sends a challenge value. The
user then enters that value into the token device, which then returns a value
called a token. The user sends that value back to the server, which validates it
to the username (Bragg).
An example of a synchronous token in healthcare IT is used to protect outside
users from logging in under saved usernames that are not really them.
6. Smart cards: small device that resembles a credit card but contains an
embedded microprocessor to
store and process information. Magnetic-stripe cards, which store a very small
amount of information and have no processing capability of their own, can be
thought of as primitive smart cards (Free Dictionary).
An example of a smart card in healthcare IT is when a doctor uses a key card to
swipe and enter a secured room in the hospital.
7. Authentication based on physical attributes:
This is when a guard or receptionist has the keys to open a gate to allow
a visitor through.
An example of authentication based on physical attributes can be used in a
healthcare IT environment by having a biometric scanner that leads to an
archived room.
8. Single sign-on technologies: Single sign on technology promises to
address password problems, improve productivity and reduce cost by giving users
access to all applications after signing into the network just once
(Imprivata).
An example of a single sign on technology that can be used in a healthcare IT
environment is having a doctor sign onto the computer once and can view all
records and edit files without having to retype the password or enter another
one.
Works Cited
Bragg,
Roberta. "CISSP Security Management and Practices." InformIT:
The Trusted Technology Source for IT Pros and Developers. 20 Dec. 2002. Web.
14 Mar. 2013. <http://www.informit.com/articles/article.aspx?p=30287>.
"One-time
Password." Wikipedia.
Wikimedia Foundation, 26 Feb. 2013. Web. 14 Mar. 2013.
<http://en.wikipedia.org/wiki/One-time_password>.
Rouse,
Margaret. "Two-factor Authentication." What
Is ? Sept. 2005. Web. 14 Mar.
2013.
<http://searchsecurity.techtarget.com/definition/two-factor-authentication>.
"Single Sign
on Technology Solves Password Challenges." Single
Sign On Technology. 2012. Web. 14 Mar. 2013.
<http://www.imprivata.com/single_sign_on_technology>.
The Free
Dictionary. N.p., 2013.
Web. 14 Mar. 2013. <http://encyclopedia2.thefreedictionary.com/smart+card>.