A flexible role-based secure messaging service: exploiting IBE technology for privacy in health care

Author

Mont, Marco Casassa ; Bramhall, Pete ; Harrison, Keith

Author_Institution

Trusted Syst. Lab., HP Labs., UK

fYear

2003

fDate

1-5 Sept. 2003

Firstpage

432

Lastpage

437

Abstract

The management of private and confidential information is a major problem for dynamic organizations. Secure solutions are needed to exchange confidential documents, protect them against unauthorized accesses and cope with changes of people´s roles and permissions. Traditional cryptographic systems and PKI show their limitations, in terms of flexibility and manageability. This paper describes an innovative technical solution in the area of secure messaging that exploits identifier-based encryption (IBE) technology. It illustrates the advantages against a similar approach based on traditional cryptography and PKI. It discusses a few open issues. Our main contribution is a practical solutions based on IBE technology. A secure messaging system based on IBE has been fully implemented and it is currently used in a trial with a UK health service organization.

Keywords

authorisation; data privacy; electronic data interchange; electronic messaging; health care; medical computing; medical information systems; message authentication; public key cryptography; PKI; confidential information management; cryptographic systems; dynamic organizations; health care privacy; identifier-based encryption; public key cryptography; role-based messaging service; secure messaging service; unauthorized accesses; Cryptography; Electronic mail; Hospitals; Identity-based encryption; Laboratories; Medical services; Message service; Permission; Privacy; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Database and Expert Systems Applications, 2003. Proceedings. 14th International Workshop on

ISSN

1529-4188

Print_ISBN

0-7695-1993-8

Type

conf

DOI

10.1109/DEXA.2003.1232060

Filename

1232060