Title :
A Patient-Centric Access Control Scheme for Personal Health Records in the Cloud
Author :
Kuo-Hsuan Huang ; En-Chi Chang ; Shao-Jui Wang
Author_Institution :
Dept. of Comput. Sci. & Eng., Tatung Univ., Taipei, Taiwan
Abstract :
In this paper, we describe a scheme that enables patients to exercise complete control over their personal health records (PHR) stored in the cloud whilst also maintaining confidentiality of their data. The design goals of the proposed scheme include: (1) confidentiality of health data, (2) integrity of health data, (3) authenticity of health data, (4) patient-centric fine-grained access control, and (5) revocation of access control. To achieve these goals, we primarily utilize techniques such as Conditional Proxy Re-Encryption, the Advanced Encryption Standard, and the RSA cryptosystem. In our proposed scheme, patients can easily authorize access privileges for their PHR data for various users. Furthermore, this scheme also provides flexible key management and an efficient encryption mechanism.
Keywords :
authorisation; cloud computing; data integrity; medical information systems; public key cryptography; PHR; RSA cryptosystem; access control revocation; advanced encryption standard; cloud; conditional proxy reencryption; health data authenticity; health data confidentiality; health data integrity; patient-centric access control scheme; patient-centric fine-grained access control; personal health records; Access control; Biomedical imaging; Cloud computing; Encryption; Public key; Personal Health Records; access control; cloud; security;
Conference_Titel :
Networking and Distributed Computing (ICNDC), 2013 Fourth International Conference on
Conference_Location :
Los Angeles, CA
Print_ISBN :
978-1-4799-3045-6
DOI :
10.1109/ICNDC.2013.19