CLOUD ASSISTED MOBILE ACCESS OF HEALTH DATA WITH PRIVACY AND AUDITABILITY

Amruta Bamane, Shreyal Gajare, Shital Jawarkar, Vrushali Ghutugade

Abstract


Motivated by the privacy issues, curbing the adoption of electronic healthcare systems and the wild success of cloud service models, we propose to build privacy into mobile healthcare systems with the help of the private cloud. Our system offers salient features including efficient key management, privacy-preserving data storage, and retrieval, especially for retrieval at emergencies, and auditability for misusing health data. Specifically, we propose to integrate key management from pseudorandom number generator for unlink ability, a secure indexing method for privacy preserving keyword search which hides both search and access patterns based on redundancy, and integrate the concept of attribute based encryption with threshold signing for providing role-based access control with auditability to prevent potential misbehavior,in both normal and emergency cases.

Keywords


Access control, auditability, eHealth, privacy.

Full Text:

PDF

References


U.S. Department of Health & Human Service, “Breaches Affecting 500 orMore Individuals,” (2001). [Online]. Available: http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html

P. Ray and J.Wimalasiri, “The need for technical solutions for maintaining the privacy of EHR,” in Proc. IEEE 28th Annu. Int. Conf., New York City,NY, USA, Sep. 2006, pp. 4686–4689.

M. C. Mont, P. Bramhall, and K. Harrison, “A flexible role-based secure messaging service: Exploiting IBE technology for privacy in health care,” presented at the 14th Int. Workshop Database Expert Syst. Appl., Prague,

Czech Republic, 2003.

G. Ateniese, R. Curtmola, B. de Medeiros, and D. Davis, “Medical information privacy assurance: Cryptographic and system aspects,” presented at the 3rd Conf. Security Commun. Netw.,Amalfi, Italy, Sep. 2002.

L. Zhang, G. J. Ahn, and B. T. Chu, “A role-based delegation framework for healthcare information systems,” in 7th ACM Symp. Access Control Models Technol., Monterey, CA, USA, 2002, pp. 125–134.

L. Zhang, G. J. Ahn, and B. T. Chu, “A rule-based framework for rolebaseddelegation and revocation,” ACM Trans. Inf. Syst. Security, vol. 6,no. 3, pp. 404–441, 2003.

D. Boneh and M. Franklin, “Identity-based encryption from the Weilpairing. Extended abstract in CRYPTO 2001,” SIAM J. Comput., vol. 32,no. 3, pp. 586–615, 2003.

J. Sun, C. Zhang, Y. Zhang, and Y. Fang, “An identity-based security system for user privacy in vehicular ad hoc networks,” IEEE Trans. Parallel Distrib. Syst., vol. 21, no. 9, pp. 1227–1239, Sep. 2010.

J. Sun, X. Zhu, and Y. Fang, “Preserving privacy in emergency response based on wireless body sensor networks,” in Proc. IEEE Global Telecommun.Conf., Dec. 2010, pp. 1–6.

J. Sun, X. Zhu, and Y. Fang, “Privacy and emergency response in e-healthcare leveraging wireless body sensor networks,” IEEE Wireless Commun., vol. 17, no. 1, pp. 66–73, Feb. 2010.


Refbacks





Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

Copyright © 2017 INTERNATIONAL EDUCATION AND RESEARCH JOURNAL