Visible to the public Attribute Based Encryption for Secure Access to Cloud Based EHR Systems

TitleAttribute Based Encryption for Secure Access to Cloud Based EHR Systems
Publication TypeConference Paper
Year of Publication2018
AuthorsJoshi, M., Joshi, K., Finin, T.
Conference Name2018 IEEE 11th International Conference on Cloud Computing (CLOUD)
Date Publishedjul
KeywordsAccess Broker, Access Control, Attribute Based Access Control (ABAC), attribute based encryption, Attribute Based Encryption (ABE), authorisation, authorization delegation mechanism, authorization models, cloud based EHR systems, cloud computing, cloud storage, cloud-based EHRs access authority, cloud-based electronic medical records services, Collaboration, cryptography, data access authorization, data breaches, data privacy, easy cloud-based EHR management, Electronic Health Record (EHR), electronic health records, Encryption, health record, Human Behavior, Knowledge Graph (Ontology), medical organization, medical providers, Medical services, Ontologies, Organizations, patient centric approach, patient data, patient records, policy-based governance, pubcrawl, safe cloud-based EHR management, Scalability, secure access delegation, secure cloud-based EHR management, Semantic Web, service management
AbstractMedical organizations find it challenging to adopt cloud-based electronic medical records services, due to the risk of data breaches and the resulting compromise of patient data. Existing authorization models follow a patient centric approach for EHR management where the responsibility of authorizing data access is handled at the patients' end. This however creates a significant overhead for the patient who has to authorize every access of their health record. This is not practical given the multiple personnel involved in providing care and that at times the patient may not be in a state to provide this authorization. Hence there is a need of developing a proper authorization delegation mechanism for safe, secure and easy cloud-based EHR management. We have developed a novel, centralized, attribute based authorization mechanism that uses Attribute Based Encryption (ABE) and allows for delegated secure access of patient records. This mechanism transfers the service management overhead from the patient to the medical organization and allows easy delegation of cloud-based EHR's access authority to the medical providers. In this paper, we describe this novel ABE approach as well as the prototype system that we have created to illustrate it.
Citation Keyjoshi_attribute_2018