Model-Driven Application-Level Encryption for the Privacy of E-health Data

We propose a novel model-driven application-level encryption solution to protect the privacy and confidentiality of health data in response to the growing public concern about the privacy of health data. Domain experts specify sensitive data which are to be protected by encryption in the application´s domain model. Security experts specify the cryptographic parameters used for the encryption in a security configuration. Both specifications are highly flexible to support different granularities of data to be encrypted and appropriate security levels. Based on the domain model, our code generator for Model-Driven Software Development generates code and configuration artifacts to control the encryption and decryption logic in the application and perform database schema modifications. Our encryption infrastructure outside the database (hence, application-level encryption) utilizes the security configuration to perform encryption and decryption.The generator relieves application developers from a significant amount of migration work required by application-level encryption. Hence, our approach combines the flexibility, security and independence from database vendors of application-level encryption and the transparency of database-level encryption. Our model-driven application-level encryption has been integrated into our eHealth Framework, a comprehensive platform for the development of electronic health care solutions. Our approach can be applied to other domains as well.