research-article

Privacy preserving EHR system using attribute-based infrastructure

Authors:

Shivaramakrishnan Narayan,

Reihaneh Safavi-NainiAuthors Info & Claims

CCSW '10: Proceedings of the 2010 ACM workshop on Cloud computing security workshop

Pages 47 - 52

https://doi.org/10.1145/1866835.1866845

Published: 08 October 2010 Publication History

Abstract

Secure management of Electronic Health Records (EHR) in a distributed computing environment such as cloud computing where computing resources including storage is provided by a third party service provider is a challenging task. In this paper, we explore techniques which guarantees security and privacy of medical data stored in the cloud. We show how new primitives in attribute-based cryptography can be used to construct a secure and privacy-preserving EHR system that enables patients to share their data among healthcare providers in a flexible, dynamic and scalable manner.

References

[1]

}}Health insurance portability and accountability act of 1996. U.S. Government Printing Office, 1996.

[2]

}}Recommendations for the interpretation and application of the personal information protection and electronic documents act (s.c.2000, c.5) in the health research context. Technical report, Canadian Institutes of Health Research, November 2001.

[3]

}}N. Attrapadung and H. Imai. Conjunctive broadcast and attribute-based encryption. In Pairing '09: The 3rd International Conference on Pairing-Based Cryptography, volume 5671 of Lecture Notes in Computer Science, pages 248--265. Springer-Verlag, 2009.

Digital Library

[4]

}}J. Benaloh, M. Chase, E. Horvitz, and K. Lauter. Patient controlled encryption: Ensuring privacy in medical health records. In ACM CCSW 2009, 2009.

Digital Library

[5]

}}J. Bethencourt, A. Sahai, and B. Waters. Ciphertext-policy attribute-based encryption. In IEEE Symposium on Security and Privacy, 2007, SP '07, pages 321--334. IEEE Xplore, 2007.

Digital Library

[6]

}}L. Fang, W. Susilo, C. Ge, and J. Wang. A secure channel free public key encryption with keyword search scheme without random oracle. In CANS '09: Proceedings of the 8th International Conference on Cryptology and Network Security, pages 248--258. Springer-Verlag, 2009.

Digital Library

[7]

}}J. Hu, H. Chen, and T. Hou. A hybrid public key infrastructure solution (HPKI) for HIPAA privacy/security regulations. Computer Standards and Interfaces, 32(5-6):274--280, 2009.

Digital Library

[8]

}}Google Inc. Google health. https://www.google.com/health/, 2009.

[9]

}}S. Kamara and K. Lauter. Cryptographic cloud storage. In Financial Cryptography: Workshop on Real-Life Cryptographic Protocols and Standardization - 2010, volume 6052 of Lecture Notes in Computer Science. Springer-Verlag, 2010.

Digital Library

[10]

}}W. B. lee and C. D. Lee. A cryptographic key management solution for HIPAA privacy/security regulations. IEEE Transactions on Information Technology in Biomedicine, 12:34--41, 2008.

Digital Library

[11]

}}A. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters. Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In Advances in Cryptology-EUROCRYPT 2010, volume 6110 of Lecture Notes in Computer Science, pages 62--91. Springer-Verlag, 2010.

Digital Library

[12]

}}K. Mandl, W. Simons, W. Crawford, and J. Abbett. Indivo: a personally controlled health record for health information exchange and communication. BMC Medical Informatics and Decision Making, 7(1):25, 2007.

[13]

}}Microsoft. Microsoft healthvault. http://www.healthvault.com/personal/websites-overview.html, 2009.

[14]

}}A. Sahai and B. Waters. Fuzzy identity-based encryption. In Advances in Cryptology-EUROCRYPT 2005, volume 3494 of Lecture Notes in Computer Science, pages 457--473. Springer Berlin/Heidelberg, 2005.

Digital Library

[15]

}}P. Szolovits, J. Doyle, W. J. Long, I. Kohane, and S. G. Pauker. Guardian angel: Patient-centered health information systems. Technical report, 1994.

Digital Library

[16]

}}W. D. Yu and M. A. Chekhanovskiy. An electronic health record content protection system using smartcard and PMR. In 9th International Conference on e-Health Networking, Application and Services, 2007, pages 11--18. IEEE Xplore, 2007.

Cited By

Chen DZhang LLiao ZDai HZhang NShen XPang M(2024)Flexible and Fine-Grained Access Control for EHR in Blockchain-Assisted E-Healthcare SystemsIEEE Internet of Things Journal10.1109/JIOT.2023.332838211:6(10992-11007)Online publication date: 15-Mar-2024
https://doi.org/10.1109/JIOT.2023.3328382
Jastaniah KZhang NMustafa M(2024)Efficient Privacy-Friendly and Flexible Wearable Data Processing With User-Centric Access ControlIEEE Access10.1109/ACCESS.2024.336700012(37012-37029)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3367000
Walid RJoshi KChoi S(2024)Comparison of attribute-based encryption schemes in securing healthcare systemsScientific Reports10.1038/s41598-024-57692-w14:1Online publication date: 26-Mar-2024
https://doi.org/10.1038/s41598-024-57692-w
Show More Cited By

Index Terms

Privacy preserving EHR system using attribute-based infrastructure
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption

Recommendations

A novel approach for privacy homomorphism using attribute-based encryption

In CRYPTO'13, Gentry et al. proposed the first homomorphic encryption HE scheme for the attribute-based encryption ABE. However, Gentry's scheme requires the same index for encryption of each ciphertext and supports only the key-policy ABE. Indeed, in ...
Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation

Personal health record (PHR) service is an emerging model for health information exchange. In PHR systems, patient's health records and information are maintained by the patient himself through the Web. In reality, PHRs are often outsourced to be stored ...
An Efficient Cloud-Based Personal Health Records System Using Attribute-Based Encryption and Anonymous Multi-receiver Identity-Based Encryption
3PGCIC '14: Proceedings of the 2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing

As an emerging patient-centric model of health information exchange, cloud-based personal health record (PHR) system holds great promise for empowering patients and ensuring more effective delivery of health care. In this paper, we propose a novel ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCSW '10: Proceedings of the 2010 ACM workshop on Cloud computing security workshop

October 2010

118 pages

ISBN:9781450300896

DOI:10.1145/1866835

Program Chairs:
Adrian Perrig
Carnegie Mellon University, USA
,
Radu Sion
Stony Brook University, USA

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 October 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '10

Sponsor:

SIGSAC

CCS '10: 17th ACM Conference on Computer and Communications Security 2010

October 8, 2010

Illinois, Chicago, USA

Acceptance Rates

Overall Acceptance Rate 37 of 108 submissions, 34%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

159
Total Citations
View Citations
2,392
Total Downloads

Downloads (Last 12 months)20
Downloads (Last 6 weeks)4

Reflects downloads up to 20 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Chen DZhang LLiao ZDai HZhang NShen XPang M(2024)Flexible and Fine-Grained Access Control for EHR in Blockchain-Assisted E-Healthcare SystemsIEEE Internet of Things Journal10.1109/JIOT.2023.332838211:6(10992-11007)Online publication date: 15-Mar-2024
https://doi.org/10.1109/JIOT.2023.3328382
Jastaniah KZhang NMustafa M(2024)Efficient Privacy-Friendly and Flexible Wearable Data Processing With User-Centric Access ControlIEEE Access10.1109/ACCESS.2024.336700012(37012-37029)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3367000
Walid RJoshi KChoi S(2024)Comparison of attribute-based encryption schemes in securing healthcare systemsScientific Reports10.1038/s41598-024-57692-w14:1Online publication date: 26-Mar-2024
https://doi.org/10.1038/s41598-024-57692-w
Zhao YWeng JLiu JCai M(2024)Enabling privacy-preserving medication analysis in distributed EHR systemsJournal of Information Security and Applications10.1016/j.jisa.2024.10374982(103749)Online publication date: May-2024
https://doi.org/10.1016/j.jisa.2024.103749
Wang YTao YWang HGe CZhou L(2024)ACMDS: An Anonymous Collaborative Medical Data Sharing Scheme Based on BlockchainWeb and Big Data10.1007/978-981-97-7241-4_17(261-277)Online publication date: 31-Aug-2024
https://dl.acm.org/doi/10.1007/978-981-97-7241-4_17
ÖZTÜRK GSARAN NDOĞANAKSOY A(2023)Modified Attribute-Based Authentication for Multi-Agent SystemsInternational Journal of Information Security Science10.55859/ijiss.129458012:3(1-13)Online publication date: 30-Sep-2023
https://doi.org/10.55859/ijiss.1294580
Pan HZhang YLiu JSi XYao ZZhao L(2023)MD-S3C3International Journal of Digital Crime and Forensics10.4018/IJDCF.32921915:1(1-24)Online publication date: 29-Aug-2023
https://doi.org/10.4018/IJDCF.329219
Li SZhang YXu CCheng NLiu ZDu YShen X(2023)HealthFort: A Cloud-Based eHealth System With Conditional Forward Transparency and Secure Provenance via BlockchainIEEE Transactions on Mobile Computing10.1109/TMC.2022.319904822:11(6508-6525)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TMC.2022.3199048
Krishna BSapthami ISrivani MRupani R(2023)Security of Electronic Health Record using Attribute based Encryption on Cloud2023 4th International Conference on Electronics and Sustainable Communication Systems (ICESC)10.1109/ICESC57686.2023.10193532(627-632)Online publication date: 6-Jul-2023
https://doi.org/10.1109/ICESC57686.2023.10193532
Walid RJoshi KGeol Choi S(2023)Semantically Rich Differential Access to Secure Cloud EHR2023 IEEE 9th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS)10.1109/BigDataSecurity-HPSC-IDS58521.2023.00012(1-9)Online publication date: May-2023
https://doi.org/10.1109/BigDataSecurity-HPSC-IDS58521.2023.00012
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents