Emergency Mobile Access to Personal Health Records Stored on an Untrusted Cloud

Aljumah, Feras; Leung, Raymond Hei Man; Pourzandi, Makan; Debbabi, Mourad

doi:10.1007/978-3-642-37899-7_3

Emergency Mobile Access to Personal Health Records Stored on an Untrusted Cloud

Feras Aljumah²⁰,
Raymond Hei Man Leung²⁰,
Makan Pourzandi²⁰ &
…
Mourad Debbabi²⁰

Conference paper

1400 Accesses
1 Citations

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 7798))

Abstract

When storing files on an untrusted cloud, attribute based encryption is the cryptosystem usually chosen to securely encrypt the files while allowing fine grained access. When storing Personal Health Records (PHR), we find that allowing access to a user’s emergency medical records (EMRs) during an emergency would be difficult to achieve while ensuring privacy preservation. Providing ECPs with unlimited and unrestricted access to EMRs is not an acceptable solution for a privacy view point. In this work our aim is to allow ECPs the ability to access a patient’s EMRs, but only in the case of an emergency, preventing them from abusing their privileges. We propose a solution that solves this problem without requiring the participation of the patient in the process.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 49.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)
Chapter Google Scholar
Pirretti, M., Traynor, P., McDaniel, P., Waters, B.: Secure attribute-based systems. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 99–112. ACM, New York (2006), http://doi.acm.org/10.1145/1180405.1180419
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of the 2007 IEEE Symposium on Security and Privacy, SP 2007, pp. 321–334. IEEE Computer Society, DC (2007), http://dx.doi.org/10.1109/SP.2007.11
Google Scholar
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 89–98. ACM, New York (2006), http://doi.acm.org/10.1145/1180405.1180418
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979), http://doi.acm.org/10.1145/359168.359176
Google Scholar
Li, M., Yu, S., Ren, K., Lou, W.: Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICST, vol. 50, pp. 89–106. Springer, Heidelberg (2010)
Chapter Google Scholar
Gardner, R.W., Garera, S., Pagano, M.W., Green, M., Rubin, A.D.: Securing medical records on smart phones. In: Proceedings of the First ACM Workshop on Security and Privacy in Medical and Home-Care Systems, SPIMACS 2009, pp. 31–40. ACM, New York (2009), http://doi.acm.org/10.1145/1655084.1655090
Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005)
Chapter Google Scholar
Narayan, S., Gagné, M., Safavi-Naini, R.: Privacy preserving ehr system using attribute-based infrastructure. In: Proceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop, CCSW 2010, pp. 47–52. ACM, New York (2010), http://doi.acm.org/10.1145/1866835.1866845
Chapter Google Scholar
Willkomm, D., Machiraju, S., Bolot, J., Wolisz, A.: Primary users in cellular networks: A large-scale measurement study. In: New Frontiers in Dynamic Spectrum Access Networks, DySPAN, pp. 1–11 (2008)
Google Scholar

Download references

Author information

Authors and Affiliations

Concordia University, Montreal, QC, Canada
Feras Aljumah, Raymond Hei Man Leung, Makan Pourzandi & Mourad Debbabi

Authors

Feras Aljumah
View author publications
You can also search for this author in PubMed Google Scholar
Raymond Hei Man Leung
View author publications
You can also search for this author in PubMed Google Scholar
Makan Pourzandi
View author publications
You can also search for this author in PubMed Google Scholar
Mourad Debbabi
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Centre for Applied Informatics, Victoria University, 3011, Melbourne, VIC, Australia
Guangyan Huang & Jing He &
School of Information System, Computing, and Mathematics, Brunel University, UB8 3PH, London, UK
Xiaohui Liu
Department of Computer Science, Ostfalia University of Applied Sciences, Salzdahlumer Str. 46/48, Wolfenbüttel, Germany
Frank Klawonn
Health Economics, Primary Care and Population Sciences, Faculty of Medicine, University of Southampton, Southampton, UK
Guiqing Yao

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Aljumah, F., Leung, R.H.M., Pourzandi, M., Debbabi, M. (2013). Emergency Mobile Access to Personal Health Records Stored on an Untrusted Cloud. In: Huang, G., Liu, X., He, J., Klawonn, F., Yao, G. (eds) Health Information Science. HIS 2013. Lecture Notes in Computer Science, vol 7798. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-37899-7_3

Download citation

DOI: https://doi.org/10.1007/978-3-642-37899-7_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-37898-0
Online ISBN: 978-3-642-37899-7
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics