4

I'm storing some healthcare data on a mobile phone and I'd like to know what the best system of encryption is, to keep the data secure. It's basically a bunch of model objects, that I'm serializing and storing using NSKeyedArchiver / the equivalent on Blackberry (the name eludes me for now)

Any tips? I don't want to make up security protocols as I go along, but one of the other threads suggested the following approach.

  • Generate a public / private key pair
  • Store the public key
  • Encrypt the private key with a hash of the user's password.
  • Use the public key to encrypt the byte stream.
  • Decrypt the pvt key, keep it in memory, whenever the user logs in, and decrypt the stored data as needed.

Is there a more standard way of doing this?

Thanks,
Teja.

Edit: I appreciate it that you're trying to help me, but the things currently being discussed are business level discussions, on which I have no control of. So rephrasing my question, if you ignore that it's healthcare data, but some confidential data, say a password, how would you go about doing it?

Tejaswi Yerukalapudi
  • 8,987
  • 12
  • 60
  • 101
  • To be quite honest - you are looking in the wrong spot... a mobile phone to hold healthcare data - that sounds .... your employer/boss should have dealt with this logistical nightmare instead of leaving you to look for advice from us... I wouldn't even impart that information...that's too.... confidential.... – t0mm13b Aug 25 '10 at 23:43
  • 1
    @tommieb75: would it be ok for u with Laptops? – vikingosegundo Aug 25 '10 at 23:46
  • 1
    To follow up from my opinion, not alone that, who is going to be carrying the mobile phone...?? what happens if it gets stolen? mislaid? is the data extremely confidential - does it hold patient data... it shouldn't even be on a mobile phone!!! – t0mm13b Aug 25 '10 at 23:46
  • @vikingsegundo: laptops do not even come into the question, the OP clearly stated mobile phone... – t0mm13b Aug 25 '10 at 23:48
  • Crag's post below has hit the nail on the head - I didn't even know of HIPPA... but it shows someone has to be accountable and responsible... – t0mm13b Aug 25 '10 at 23:49
  • "A user-selected eight-character password with numbers, mixed case, and symbols, reaches an estimated 30-bit strength, according to NIST. 2^30 is only one billion permutations and would take an average of 16 minutes to crack." -- [Wikipedia: Password Strength](http://en.wikipedia.org/wiki/Password_strength#Time_needed_for_password_searches) – Zaz Sep 14 '10 at 20:34

4 Answers4

6

There might be an easier way for secure data storage. With iOS 4.0 apple introduced system provided encryption of application documents. This means that the OS is responsible for doing all the encryption and decyryption in a fairly transparent way.

Applications that work with sensitive user data can now take advantage of the built-in encryption available on some devices to protect that data. When your application designates a particular file as protected, the system stores that file on-disk in an encrypted format. While the device is locked, the contents of the file are inaccessible to both your application and to any potential intruders. However, when the device is unlocked by the user, a decryption key is created to allow your application to access the file.

So only when your app is active, the files can be read back in unencrypted format. But the nice thing is that they are always encrypted on disk. So even if someone jailbreaks the device, or backs it up, the retrieved files are worthless.

This was probably introduced to conform to some specific data security standard that is required. I can't find that anywhere though.

For more info see the iOS 4.0 release notes.

Stefan Arentz
  • 34,311
  • 8
  • 67
  • 88
  • Thanks, that really helps, but I really need to hold out for that security protocol because I need to implement this across Blackberry, Droid and iPhone 3.0+. – Tejaswi Yerukalapudi Sep 11 '10 at 17:42
2

http://en.wikipedia.org/wiki/HIPAA

Make sure you read and understand this!

edit: Sorry, didn't even bother to check to see where the OP is from, but even if they aren't from the USA there are still some good practices to follow in HIPAA.

Josh Lee
  • 171,072
  • 38
  • 269
  • 275
Crag
  • 458
  • 4
  • 14
  • Welcome Crag to SO forum +1 from me... you've spoken my exact thoughts and concerns I have left in the comments above the OP's question! – t0mm13b Aug 25 '10 at 23:50
  • Does HIPPA ban you from saving data on a device though? (Obviously with proper encryption and everything). I'm slightly concerned about the physical safeguards piece, the part about "restricting access to authorized personnel only" Like someone else said, healthcare reports and data do get saved on laptops. What do you do in the scenario that the laptop is lost? On top of this, Apple/RIM give you the option to remote wipe a device. The whole deal with storing the data on the device might not be that absurd. – Tejaswi Yerukalapudi Aug 26 '10 at 00:22
  • HIPPA aside (note what hotpaw2 says about lacking applicability to one device - not criticising your answer Crag), why is the data so sensitive and unable to be protected by sufficiently strong encryption simply because it is medical in nature? Anyone here use 1Password or similar? – Adam Eberbach Aug 26 '10 at 06:46
0

HIPPA is a business practice and total system level privacy/security regulation. As such, an app can't comply by itself on random hardware for a random user. You need to determine how your app fits into a client health care provider's total regulatory compliance process before you can determine what algorithm might be found to comply with that process.

hotpaw2
  • 70,107
  • 14
  • 90
  • 153
0

My best advice would be, don't store sensitive data in the user's mobile phone.

If that is not an option for you, then some kind of public/private key encryption, such as one you described, would be the next best option.

William Niu
  • 15,798
  • 7
  • 53
  • 93