A teleassistance protocol based on joint watermarking–encryption evidence for identification of liabilities in case of litigation

Abstract

Objectives: Teleassistance is defined as the help provided through a telemedicine network by a practitioner to another one faced with a difficult situation. Beyond securing communication, another main issue is to provide evidence that some data have been exchanged in order to determine the liabilities of each practitioner involved in a telemedicine session in case of litigation.Material and methods: The purpose of this work is the definition of a teleassistance protocol that allows achieving these goals. To do so, we first identify needs in terms of security and evidence considering the example of the French legislation and then propose a secure teleassistance protocol that takes advantage of the Joint Watermarking–Encryption (JWE) approach. The originality of this approach is that it offers watermarking functionalities in both encrypted and decrypted domains and is compliant with the DICOM standard.Results: We describe the functioning of the proposed teleassistance protocol. This protocol is able to secure exchanged data and bring evidence that an exchange took place and that data have been communicated. The security analysis of our protocol shows that it is resistant to non-repudiation issues and collusion attacks.Conclusion: The use of joint watermarking–encryption allows i) ensuring confidentiality of exchanged data while giving access to proofs of their integrity and of their origins even though data are encrypted; and ii) identifying which data were involved in a telemedicine session by means of secure links established between them. The proposed protocol is compliant with the DICOM standard.