A Patient-Centric Access Control Scheme for Personal Health Records in the Cloud

Author

Kuo-Hsuan Huang ; En-Chi Chang ; Shao-Jui Wang

Author_Institution

Dept. of Comput. Sci. & Eng., Tatung Univ., Taipei, Taiwan

fYear

2013

Firstpage

85

Lastpage

88

Abstract

In this paper, we describe a scheme that enables patients to exercise complete control over their personal health records (PHR) stored in the cloud whilst also maintaining confidentiality of their data. The design goals of the proposed scheme include: (1) confidentiality of health data, (2) integrity of health data, (3) authenticity of health data, (4) patient-centric fine-grained access control, and (5) revocation of access control. To achieve these goals, we primarily utilize techniques such as Conditional Proxy Re-Encryption, the Advanced Encryption Standard, and the RSA cryptosystem. In our proposed scheme, patients can easily authorize access privileges for their PHR data for various users. Furthermore, this scheme also provides flexible key management and an efficient encryption mechanism.

Keywords

authorisation; cloud computing; data integrity; medical information systems; public key cryptography; PHR; RSA cryptosystem; access control revocation; advanced encryption standard; cloud; conditional proxy reencryption; health data authenticity; health data confidentiality; health data integrity; patient-centric access control scheme; patient-centric fine-grained access control; personal health records; Access control; Biomedical imaging; Cloud computing; Encryption; Public key; Personal Health Records; access control; cloud; security;

fLanguage

English

Publisher

ieee

Conference_Titel

Networking and Distributed Computing (ICNDC), 2013 Fourth International Conference on

Conference_Location

Los Angeles, CA

ISSN

2165-4999

Print_ISBN

978-1-4799-3045-6

Type

conf

DOI

10.1109/ICNDC.2013.19

Filename

6919862