Abstract:
The rapid growth of telemedicine has given rise to fears about protecting patient's private
information and data integrity, creating the need for full-security solutions. The purpose of
this study presents a layered security architecture which ensures confidentiality and
traceability, in contrast to the limits of encryption protection with only transport-layer
protections. The method of this architecture implemented four fundamental components:
Time-based One-Time Password (TOTP) user authentication, data encryption for data
confidentiality, fine-grain permissions, and a policy audit log, protected from tampering
using cryptographic chaining. This architecture addresses common threat vectors using the
STRIDE model, showing that it can effectively mitigate important risks like data breaches
and unauthorized modification. By integrating layered authentication, encryption,
permissions, and immutable logging, this architecture enhances the confidentiality and
integrity of telemedicine platforms.
