| CPC H04L 9/0825 (2013.01) [H04L 9/0844 (2013.01); H04L 9/3271 (2013.01); H04L 2209/88 (2013.01)] | 8 Claims |
|
1. A method for authorizing user access to medical equipment that is offline from an authentication server via an equipment interface, the method comprising:
storing an authority public key (QB) of an authority asymmetric key pair associated with the authentication server;
providing, to the user via the equipment interface, an authorization challenge indicative of an equipment public key (QA) of a temporary equipment asymmetric key pair generated in the medical equipment each time a user wants to access the medical equipment;
receiving, from the user via the equipment interface, a response code comprising validity information encrypted using a shared key derivable from an authority private key (dB) of the authority asymmetric key pair and the provided equipment public key (QA); and
authorizing, after determining that the validity information is valid, user access to the medical equipment, wherein the validity information is decrypted using the same shared key but derived in the medical equipment using the stored authority public key (QB) and an equipment private key (dA) of the temporary equipment asymmetric key pair,
wherein the authorizing additionally comprises authorizing the user access during a certain time period and authorizing different levels of the user access depending on information comprised in the response code.
|