Title :
Securing patient-centric personal health records sharing system in cloud computing
Author :
Chen Danwei ; Chen Linling ; Fan Xiaowei ; He Liwen ; Pan Su ; Hu Ruoxiang
Author_Institution :
Nanjing Univ. of Posts & Telecommun., Nanjing, China
Abstract :
Personal health record (PHR) enables patients to manage their own electronic medical records (EMR) in a centralized way, and it is often outsourced to be stored in a third-party server. In this paper we propose a novel secure and scalable system for sharing PHRs. We focus on the multiple data owner scenario, and divide the users in the system into multiple security domains that greatly reduce the key management complexity for owners and users. A high degree of patient privacy is guaranteed by exploiting hierarchical and multi-authority attribute-sets based encryption (HM-ASBE). Our system not only supports compound attributes due to flexible attribute sets combinations, but also achieves fine-grained access control. Our scheme supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios.
Keywords :
authorisation; cloud computing; computational complexity; cryptography; medical information systems; EMR; PHR; break-glass access; cloud computing; electronic medical records; emergency scenarios; fine-grained access control; management complexity; multiauthority attribute-sets based encryption; multiple security domains; on-demand user-attribute revocation; patient privacy; patient-centric personal health records sharing system security; third-party server; Access control; Cloud computing; Encryption; Gold; Medical services; Servers; attribute-based encryption; data privacy; fine-grained access control; personal health records;
Journal_Title :
Communications, China
DOI :
10.1109/CC.2014.7022535
