Secure and Plug-in Online Booking Management System: Case study for Medical Appointment Management

  • Han, Fengling (Primary Chief Investigator (PCI))
  • Han, Qinglong (Chief Investigator (CI))
  • Li, Li (Chief Investigator (CI))
  • Ge, Xiaohua (Chief Investigator (CI))
  • Yang, Xuechao (Chief Investigator (CI))

Project: Research

Project Details

Project Description

Health Engine” is an existing app which is widely used in medical centres. The app allows customers/patients to book medical appointments by themselves online. By clicking the booking URL, the available slots of each individual practitioners are shown. This app has the functionality of Change appointment” and “Cancel appointment”.
Even though “Health Engine” is very popular, however, the inline security, scheduling and delay notification are missed in this app. This has resulted in the serious concerns of using this app:
•vulnerability to attacks, such as the eavesdropper and hackers, due to the lack of security protection for the message users input and transmitted;
•infringement of user privacy: e.g., users’ mobile numbers and email addresses may be exposed and disclosed to ads;
•inefficient or user unfriendly, e.g., patients are passively waiting in the case of doctor consultation delay.
The goal of this project is developing a portable online booking management protocol which is secure and has better user interaction.
A set of apps for the proof-of-concept will be developed, focuses on:
•the light-weight secure protection to the message exchanged between the mobile and the management platform;
•the portable plug-in key management protocol to protect the users’ private information so that the admin can manage the operation while could not retrieve the original information;
•real-time scheduling and delay notification.
The proof-of -concept will be tested in the selected medical centres where the doctors and their personal assistants as admin, the patients as customers:
•Patients will be able to book, cancel and modify their booking online.
•The patients’ private information is protected, and the patient will be notified the delay (say more than 30 mins) in case the suffering long delay with a particular medical practitioner’s schedule.
•Admin will have privileges to manage the booking and send customised text messages to patients. However, this management is linked to a booking reference number, and the patients’ private information, including the contact information, is hidden from the admin page.

Medical-related application is just a case study in this project. The online booking platform will be implemented as a plug-in and could be easily adapted to other online booking systems, like student consultations, law practitioners booking as well as hospital booking management, etc.
Effective start/end date1/11/1930/10/21