TY - GEN
T1 - Multi-part file encryption for electronic health records cloud
AU - Hei, Xiali
AU - Lin, Shan
N1 - Publisher Copyright: Copyright © 2014 ACM.
PY - 2014/8/11
Y1 - 2014/8/11
N2 - The rapid advancements of mobile technologies promote many applications for public health, such as continuous health monitoring. The inherent mobility of these applications imposes new security and privacy challenges. Since mobile devices usually use public network, such as WiFi, to transfer patient data, patient data is exposed to various security breaches. Moreover, patient data stored on cloud servers are also exposed to malicious attacks. Therefore, it's crucial to encrypt patient data for secure transfer and storage. To address this problem, we present a new access control model for managing patient data. Our approach utilizes a key server for key assignment, which associates a key with each user based on his specific role in medical applications. The doctors, nurses, family members, and insurance companies of a patient can access different sets of patient data from cloud given their keys. Different from existing attribute based encryption, which protects data from inappropriate disclosure for individual files, our design provides a finegrained access control scheme that protects any specified part of a file. Our role-based access control provides high security, accuracy, and update flexibility for patient data management. Performance evaluations of our solution are stated in the paper.
AB - The rapid advancements of mobile technologies promote many applications for public health, such as continuous health monitoring. The inherent mobility of these applications imposes new security and privacy challenges. Since mobile devices usually use public network, such as WiFi, to transfer patient data, patient data is exposed to various security breaches. Moreover, patient data stored on cloud servers are also exposed to malicious attacks. Therefore, it's crucial to encrypt patient data for secure transfer and storage. To address this problem, we present a new access control model for managing patient data. Our approach utilizes a key server for key assignment, which associates a key with each user based on his specific role in medical applications. The doctors, nurses, family members, and insurance companies of a patient can access different sets of patient data from cloud given their keys. Different from existing attribute based encryption, which protects data from inappropriate disclosure for individual files, our design provides a finegrained access control scheme that protects any specified part of a file. Our role-based access control provides high security, accuracy, and update flexibility for patient data management. Performance evaluations of our solution are stated in the paper.
KW - Attributed based encryption
KW - Field-level security
KW - SubSet Sum problem, electronic health records, mHealth
UR - https://www.scopus.com/pages/publications/84938409408
U2 - 10.1145/2633651.2637473
DO - 10.1145/2633651.2637473
M3 - Conference contribution
T3 - Proceedings of the International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc)
SP - 31
EP - 36
BT - Proceedings of the 4th ACM MobiHoc Workshop on Pervasive Wireless Healthcare, MobileHealth 2014
PB - Association for Computing Machinery
T2 - 4th ACM MobiHoc Workshop on Pervasive Wireless Healthcare, MobileHealth 2014
Y2 - 11 August 2014
ER -