research-article

Patient controlled encryption: ensuring privacy of electronic medical records

Authors:

Kristin LauterAuthors Info & Claims

CCSW '09: Proceedings of the 2009 ACM workshop on Cloud computing security

Pages 103 - 114

https://doi.org/10.1145/1655008.1655024

Published: 13 November 2009 Publication History

Abstract

We explore the challenge of preserving patients' privacy in electronic health record systems. We argue that security in such systems should be enforced via encryption as well as access control. Furthermore, we argue for approaches that enable patients to generate and store encryption keys, so that the patients' privacy is protected should the host data center be compromised. The standard argument against such an approach is that encryption would interfere with the functionality of the system. However, we show that we can build an efficient system that allows patients both to share partial access rights with others, and to perform searches over their records. We formalize the requirements of a Patient Controlled Encryption scheme, and give several instantiations, based on existing cryptographic primitives and protocols, each achieving a different set of properties.

References

[1]

Michel Abdalla, Mihir Bellare, Dario Catalano, Eike Kiltz, Tadayoshi Kohno, Tanja Lange, John Malone-Lee, Gregory Neven, Pascal Paillier, and Haixia Shi. Searchable encryption revisited: Consistency properties, relation to anonymous ibe, and extensions. J. Cryptology, 21(3):350--391, 2008.

Digital Library

[2]

Selim G. Akl and Peter D. Taylor. Cryptographic solution to a problem of access control in a hierarchy. ACM Trans. Comput. Syst., 1(3):239--248, 1983.

Digital Library

[3]

Mikhail J. Atallah, Marina Blanton, Nelly Fazio, and Keith B. Frikken. Dynamic and efficient key management for access hierarchies. ACM Trans. Inf. Syst. Secur., 12(3):1--43, 2009.

Digital Library

[4]

Josh Benaloh. Key compression and its application to digital fingerprinting. Technical Report Technical Report, Microsoft Research, 2009.

[5]

Matt Blaze. A cryptographic file system for UNIX. In ACM Conference on Computer and Communications Security, pages 158--165, 1993.

Digital Library

[6]

Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. Public key encryption with keyword search. In EUROCRYPT, pages 506--522, 2004.

[7]

Ran Canetti, Shai Halevi, and Jonathan Katz. Chosen-ciphertext security from identity-based encryption. In EUROCRYPT, pages 207--222, 2004.

[8]

Reza Curtmola, Juan A. Garay, Seny Kamara, and Rafail Ostrovsky. Searchable symmetric encryption: improved definitions and efficient constructions. In ACM Conference on Computer and Communications Security, pages 79--88, 2006.

Digital Library

[9]

Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, and Pierangela Samarati. Over-encryption: management of access control evolution on outsourced data. In VLDB '07: Proceedings of the 33rd international conference on Very large data bases, pages 123--134. VLDB Endowment, 2007.

Digital Library

[10]

Kevin Fu. Group sharing and random access in cryptographic storage file systems. Master's thesis, Massachusetts Institute of Technology, June 1999.

[11]

Craig Gentry and Alice Silverberg. Hierarchical ID-based cryptography. In Yuliang Zheng, editor, Advances in Cryptology --- ASIACRYPT 2002, volume 2501 of Lecture Notes in Computer Science, pages 548--566. Springer Verlag, 2002.

Digital Library

[12]

Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters. Attribute-based encryption for fine-grained access control of encrypted data. In ACM Conference on Computer and Communications Security, pages 89--98, 2006.

Digital Library

[13]

Urs Hengartner and Peter Steenkiste. Exploiting hierarchical identity-based encryption for access control to pervasive computing information. In SECURECOMM '05: Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks, pages 384--396, Washington, DC, USA, 2005. IEEE Computer Society.

Digital Library

[14]

Gerome Miklau and Dan Suciu. Controlling access to published data using cryptography. In VLDB '2003: Proceedings of the 29th international conference on Very large data bases, pages 898--909. VLDB Endowment, 2003.

Digital Library

[15]

Amit Sahai and Brent Waters. Fuzzy identity-based encryption. In EUROCRYPT, pages 457--473, 2005.

Digital Library

[16]

Ravi S. Sandhu. Cryptographic implementation of a tree hierarchy for access control. Inf. Process. Lett., 27(2):95--98, 1988.

Digital Library

[17]

Adi Shamir. On the generation of cryptographically strong pseudorandom sequences. In ACM Transaction on Computer Systems, volume 1, pages 38--44, 1983.

Digital Library

[18]

Adi Shamir. Identity-based cryptosystems and signature schemes. In George Robert Blakley and David Chaum, editors, Advances in Cryptology --- CRYPTO '84, volume 196 of Lecture Notes in Computer Science, pages 47--53. Springer Verlag, 1985.

Digital Library

Cited By

Walid RJoshi KChoi S(2024)Comparison of attribute-based encryption schemes in securing healthcare systemsScientific Reports10.1038/s41598-024-57692-w14:1Online publication date: 26-Mar-2024
https://doi.org/10.1038/s41598-024-57692-w
Bokhari MMasroor AHanafi B(2024)Securing data transmission channels between smart devices and the cloud using homomorphic encryption for blood pressure monitoring sensorsInternational Journal of Information Technology10.1007/s41870-024-02195-0Online publication date: 16-Sep-2024
https://doi.org/10.1007/s41870-024-02195-0
Kothari RJain KChoudhary N(2024)Internet of Things Applicable Authentication and Authorization Based on a Two-Layer Blockchain ApproachPower Engineering and Intelligent Systems10.1007/978-981-97-6710-6_30(385-397)Online publication date: 29-Oct-2024
https://doi.org/10.1007/978-981-97-6710-6_30
Show More Cited By

Index Terms

Patient controlled encryption: ensuring privacy of electronic medical records
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption

Recommendations

A computational model to protect patient data from location-based re-identification

Objective: Health care organizations must preserve a patient's anonymity when disclosing personal data. Traditionally, patient identity has been protected by stripping identifiers from sensitive data such as DNA. However, simple automated methods can re-...
Secure construction of k-unlinkable patient records from distributed providers

Objectives: Healthcare organizations must adopt measures to uphold their patients' right to anonymity when sharing sensitive records, such as DNA sequences, to publicly accessible databanks. This is often achieved by suppressing patient identifiable ...
Meeting the Security Requirements of Electronic Medical Records in the ERA of High-Speed Computing

This study has two objectives. First, it aims to develop a system with a highly secured approach to transmitting electronic medical records (EMRs), and second, it aims to identify entities that transmit private patient information without permission. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCSW '09: Proceedings of the 2009 ACM workshop on Cloud computing security

November 2009

144 pages

ISBN:9781605587844

DOI:10.1145/1655008

Program Chairs:
Radu Sion
Stony Brook University, USA
,
Dawn Song
University of California, Berkeley, USA

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 November 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '09

Sponsor:

SIGSAC

CCS '09: 16th ACM Conference on Computer and Communications Security 2009

November 13, 2009

Illinois, Chicago, USA

Acceptance Rates

Overall Acceptance Rate 37 of 108 submissions, 34%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

192
Total Citations
View Citations
2,548
Total Downloads

Downloads (Last 12 months)73
Downloads (Last 6 weeks)8

Reflects downloads up to 18 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Walid RJoshi KChoi S(2024)Comparison of attribute-based encryption schemes in securing healthcare systemsScientific Reports10.1038/s41598-024-57692-w14:1Online publication date: 26-Mar-2024
https://doi.org/10.1038/s41598-024-57692-w
Bokhari MMasroor AHanafi B(2024)Securing data transmission channels between smart devices and the cloud using homomorphic encryption for blood pressure monitoring sensorsInternational Journal of Information Technology10.1007/s41870-024-02195-0Online publication date: 16-Sep-2024
https://doi.org/10.1007/s41870-024-02195-0
Kothari RJain KChoudhary N(2024)Internet of Things Applicable Authentication and Authorization Based on a Two-Layer Blockchain ApproachPower Engineering and Intelligent Systems10.1007/978-981-97-6710-6_30(385-397)Online publication date: 29-Oct-2024
https://doi.org/10.1007/978-981-97-6710-6_30
Gadad VSowmyarani C. N. (2023)A Comprehensive Review of Privacy Preserving Data Publishing (PPDP) Algorithms for Multiple Sensitive Attributes (MSA)Information Security and Privacy in Smart Devices10.4018/978-1-6684-5991-1.ch006(142-193)Online publication date: 31-Mar-2023
https://doi.org/10.4018/978-1-6684-5991-1.ch006
Sreeja Lekshmi R J R. Sowmiya (2023)Secure And Efficient Access Control Over Blockchain PHR Cloud Storage SystemInternational Journal of Scientific Research in Science and Technology10.32628/IJSRST52310539(312-321)Online publication date: 10-Sep-2023
https://doi.org/10.32628/IJSRST52310539
Li SZhang YXu CCheng NLiu ZDu YShen X(2023)HealthFort: A Cloud-Based eHealth System With Conditional Forward Transparency and Secure Provenance via BlockchainIEEE Transactions on Mobile Computing10.1109/TMC.2022.319904822:11(6508-6525)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TMC.2022.3199048
Liu JJiang WSun RBashir AAlshehri MHua QYu K(2023)Conditional Anonymous Remote Healthcare Data Sharing Over BlockchainIEEE Journal of Biomedical and Health Informatics10.1109/JBHI.2022.318339727:5(2231-2242)Online publication date: May-2023
https://doi.org/10.1109/JBHI.2022.3183397
Agrawal MAnwar MJindal R(2023)FedCER - Emotion Recognition Using 2D-CNN in Decentralized Federated Learning Environment2023 6th International Conference on Information Systems and Computer Networks (ISCON)10.1109/ISCON57294.2023.10112028(1-5)Online publication date: 3-Mar-2023
https://doi.org/10.1109/ISCON57294.2023.10112028
Kaushik SGandhi C(2023)Secure Data Sharing in Cloud Environment using Mobile Technology2023 Second International Conference on Informatics (ICI)10.1109/ICI60088.2023.10421342(1-6)Online publication date: 23-Nov-2023
https://doi.org/10.1109/ICI60088.2023.10421342
Krishna BSapthami ISrivani MRupani R(2023)Security of Electronic Health Record using Attribute based Encryption on Cloud2023 4th International Conference on Electronics and Sustainable Communication Systems (ICESC)10.1109/ICESC57686.2023.10193532(627-632)Online publication date: 6-Jul-2023
https://doi.org/10.1109/ICESC57686.2023.10193532
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents