CLOUD ASSISTED MOBILE ACCESS OF HEALTH DATA WITH PRIVACY AND AUDITABILITY
Keywords:
Access control, auditability, eHealth, privacyAbstract
Motivated by the privacy issues, curbing the adoption of electronic healthcare systems and the wild success of cloud service models, we propose to build privacy into mobile healthcare systems with the help of the private cloud. Our system offers salient features including efficient key management, privacy-preserving data storage, and retrieval, especially for retrieval at emergencies, and auditability for misusing health data. Specifically, we propose to integrate key management from pseudorandom number generator for unlink ability, a secure indexing method for privacy preserving keyword search which hides both search and access patterns based on redundancy, and integrate the concept of attribute based encryption with threshold signing for providing role-based access control with auditability to prevent potential misbehavior,in both normal and emergency cases.
References
U.S. Department of Health & Human Service, “Breaches
Affecting 500 orMore Individuals,” (2001). [Online].
Available: http://www.hhs.gov/ocr/privacy/hipaa/administrative/
breachnotificationrule/breachtool.html
P. Ray and J.Wimalasiri, “The need for technical solutions for
maintaining the privacy of EHR,” in Proc. IEEE 28th Annu.
Int. Conf., New York City,NY, USA, Sep. 2006, pp.
–4689.
M. C. Mont, P. Bramhall, and K. Harrison, “A flexible rolebased
secure messaging service: Exploiting IBE technology
for privacy in health care,” presented at the 14th Int.
Workshop Database Expert Syst. Appl., Prague, Czech
Republic, 2003.
G. Ateniese, R. Curtmola, B. de Medeiros, and D. Davis,
“Medical information privacy assurance: Cryptographic and
system aspects,” presented at the 3rd Conf. Security
Commun. Netw.,Amalfi, Italy, Sep. 2002.
L. Zhang, G. J. Ahn, and B. T. Chu, “A role-based delegation
framework for healthcare information systems,” in 7th ACM
Symp. Access Control Models Technol., Monterey, CA, USA,
, pp. 125–134.
L. Zhang, G. J. Ahn, and B. T. Chu, “A rule-based framework
for rolebaseddelegation and revocation,” ACM Trans. Inf.
Syst. Security, vol. 6,no. 3, pp. 404–441, 2003.
D. Boneh and M. Franklin, “Identity-based encryption from
the Weilpairing. Extended abstract in CRYPTO 2001,” SIAM
J. Comput., vol. 32,no. 3, pp. 586–615, 2003.
J. Sun, C. Zhang, Y. Zhang, and Y. Fang, “An identity-based
security system for user privacy in vehicular ad hoc
networks,” IEEE Trans. Parallel Distrib. Syst., vol. 21, no. 9,
pp. 1227–1239, Sep. 2010.
J. Sun, X. Zhu, and Y. Fang, “Preserving privacy in emergency
response based on wireless body sensor networks,” in Proc.
IEEE Global Telecommun.Conf., Dec. 2010, pp. 1–6.
J. Sun, X. Zhu, and Y. Fang, “Privacy and emergency response
in e-healthcare leveraging wireless body sensor networks,”
IEEE Wireless Commun., vol. 17, no. 1, pp. 66–73, Feb. 2010.
Additional Files
Published
How to Cite
Issue
Section
License
Copyright (c) 2015 International Education and Research Journal (IERJ)
This work is licensed under a Creative Commons Attribution 4.0 International License.