Definición e importancia en la capacitación docente.

This section picks up from chapter five – conceptual and participatory designs. In this section, we present the implementation of M-Health App system based on patients’ requirements and needs described in chapter five. For example, the need to improve system navigations, terminologies, and inclusion of dates showing when a particular medication was taken.

Additionally, based on the requirements identified in chapter four, it was evident that a healthcare tool that offers the following capabilities is needed;

1. Provide an offline access of patients records,

2. Empower patients to own their health records on mobile phones, given the steady increase in the ownership of the devices in Uganda.

3. Reduces the time taken by healthcare providers searching for patients’ records, 4. Enable the patients to use familiar authentication methods such as PINs to minimise

unauthorised access of their records.

Additionally, it was further observed that representational identifiers such as pictures and/or images are useful to semi-literate or illiterate user to navigate the PHR system (Ghosh et al., 2003; Medhi et al., 2006; Parikh & Lazowska, 2006). Therefore, we developed a PHR system distributed on mobile phone with the following features: “Login in”, “Download Records”,

“View Records”, and “Emergency Information”.

Development of the system was carried out using the Android platform and J2ME. We selected Android for mobile devices due to several factors: Android was chosen because it is open

122

source (Nauman et al., 2010); and secondly, it is the most popular operating system that runs on the widest selection of smartphones whose costs are rapidly declining (Goldman, 2011).

Similarly, Java 2 Micro Edition (J2ME) provides a platform for developing applications that are executed on resource constrained devices such as mobile phones (Lawton, 2002). Besides, it supports several security components of the standard public-key cryptosystem and other cryptographic functions (Kawahara et al., 2006). Other reasons why Java 2 Micro Edition is suitable for developing mobile phone applications include;

1. It offers strong wireless support and enables programming applications that accesses a broad range of content formats, e.g. text, XML, serialized Java objects, etc. (Kawahara et al., 2006).

2. It has the capacity to develop powerful applications, and it is platform independent. (i.e.

It supports execution of application on any device supporting CLDC/MIDP, regardless of the underlying operating system)

3. Application developers can implement interactive applications with rich graphics that offer enhanced user experience, since graphics can typically be generated locally without bandwidth demand (Kenteris et al., 2009).

4. It enables synchronization between the server and mobile application (Kenteris et al., 2009).

6.11.1 Implementing IBE Architecture in M-Health App System

As stated earlier, the IBE functions only constitute part of the proposed architecture. Our aim was to develop a user-friendly PHR system that protects and securely shares patient’s records on mobile phones using IBE infrastructure. To achieve this goal, there was a need for an IBE library that supports Elliptic Curve Cryptographic (ECC) operations and bilinear pairing functions (Miller, 1986; Blake, Seroussi, & Smart, 1999).

6.11.2 Bilinear Pairing

In cryptography, bilinear pairing relies on the existence of efficiently computable paring on some groups, mostly based on elliptic curves (Boneh & Franklin’ 2001). It was proposed by Boneh and Franklin in 2001. The key advantage of bilinear paring is that key generation is efficient and more precise (Joye & Neven, 2009).

123

6.11.3 Bilinear Pairing-Based Cryptographic Libraries

There are number of pairing-based cryptographic libraries that have been design to provide bilinear pairing functions and Elliptic Curve operations. Among the libraries include: bouncy castle library, Pairing-Based Cryptography (PBC) Library, MIRACL library, jPBC and jpair libraries. In the next subsection, we analyse some of these libraries and choose the most appropriate library for our system.

6.11.3.1 Bouncy Castle Library

Bouncy Castle is a Java implementation of cryptographic algorithms that was developed by the Legion of the Bouncy Castle (Bouncy Castle website, 2012). The Bouncy Castle package is organised so that it contains a lightweight API suitable for use in any environment including J2ME. It further contains a lightweight cryptography API for C# and provides routines for ECC functions. However, literature reveals that some of the ECC features are poorly integrated and thus not appropriate for our system (Kihidis, Chalkias, & Stephanides, 2010)

6.11.3.2 Pairing-Based Cryptography (PBC) Library

The Pairing-Based Cryptography provides a lightweight cryptography API for the C language (Stanford website, 2012). It provides routines such as elliptic curve generation, elliptic curve arithmetic and Weil pairing implementation. The drawback of PBC library in regard to our architecture is the use of C programming language for the development of IBE functions. Once used in our architecture, it involves the “porting” of the code from C to Java and this will add unnecessary complexity to our system and thus do not offer a feasible solution for our case.

6.11.3.3 Performance Measurements

Dong (2010) performed an experiment on MacBook Pro (2.5 GHZ Core Duo, 4G Ram comparing the performance of IBE libraries; jpair (Dong, 2010); MIRACL (MIRACL crypto SDK website, 2012); jPBC (jPBC website, 2012), and PBC (Stanford website, 2012). Table 6.1 below describes the results.

124 Table 6-1: Performance Analysis of IBE libraries

Nos. Library Performance

(Msec) Environment Analysis

1 MIRACL 13 C/C++ Shareware, dependencies

on external libraries

2 jPBC 16 Java port Dependencies on

external libraries

3 PBC 2 C Dependencies on

external libraries

4 jpair 13 Purely Java No dependencies, and

Android supported library

Results from Table 6.1 indicate that jpair and MIRACL are the fastest IBE libraries taking 13 msec, followed by jPBC with 16 msec. This means that jpair and MIRACL are appropriate for our system. However, since MIRACL is a C software library, porting C to Java will create several overheads (Kihidis et al., 2010). Therefore, jpair remains the most suitable IBE library for our architecture. It is a Java implementation with no dependencies on external libraries.

More specifically, jpair supports the supersingular curve y² = x³ + x over the field Fp for some prime p = 3 mod 4. An advantage of using this curve is that the number of points on the curve is exactly p+1 and so, you can generate the parameters of a random pairing easily (Dong, 2010).

6.11.4 Implementing jpair Library in M-Health App System

As stated earlier, the IBE library implemented in our system is jpair. An advantage of using jpair library is that it was implemented using Java, and has no dependencies on external libraries. Table 6.2 in Appendix 6.1 presents the symbolic representation of jpair operations used in our system. These operations are combined with AES operations (Figure 6.5) in order to support secure and efficient processing of patients’ records. The operations are classified into five steps (described in section 6.10): Key generation, data encryption, key encryption, key decryption and data decryption.

125

Figure 6.5: The Inner Processes of the Encryption Operations of our Architecture sk represents the session key, Pk^e and Pk^d represents the public and private keys computed by the TA)