Abstract
As is the case with every other area of digital life, privacy is a major concern in health care also, since online Web services in healthcare domain are increasingly becoming the need of society. The patients’ sensitive personal information (PI) in such an environment is more at the risk of inadvertent disclosure. Safeguarding this PI from malicious users is critical to such systems. The existing standards of privacy policy enforcement like platform for privacy preferences (P3P) given by World Wide Web consortium (W3C) and enterprises privacy authorization language (EPAL) of IBM are not sufficient to protect sensitive PI of users shared online through Web services where multiple such unknown heterogeneous services collaborate to carry out the intended task. The user no longer will be interested in those services in which their privacy is at stake. This trend is hampering the online transactions-based business of many large corporate giants. The need of the hour is to integrate privacy policies along with traditional access control policies in order to address the sensitive information disclosure issue. In this paper, we have suggested how Hippocratic Databases can be efficiently used for dealing with privacy disclosure in healthcare scenarios.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Agrawal, R., Bird P., Grandison, T., Kiernan, J., Logan S., Rjaibi, W.: Extending relational database systems to automatically enforce privacy policies. In: Proceedings of the 21st International Conference on Data Engineering, ICDE ’05, pp. 1013–1022. Washington, DC, USA (2005)
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic databases. In: 28th International Conference on Very Large Databases, Hong Kong (2002)
Bayardo, R., Grandison, T., Johnson, C., Agrawal, R., Asonov, D., Kiernan, J.: Managing disclosure of private health data with Hippocratic databases. IBM Research White Paper (2005)
Rotenberg, M.: The Privacy Law Sourcebook 2000, United States Law, International Law, and Recent Developments. Electronic Privacy Information Center, Washington, DC (2000)
Rotenberg, M.: Fair information practices and the architecture of privacy. Stanford Technology Law Review (2001)
U.S. Department of Health, Education, and Welfare: Records, computers and the Rights of Citizen, Report of the Secretary’s Advisory Committee on Automated Personal Data Systems, xx–xxiii edn (1973)
Bhatia, R., Singh, M.: Trust based privacy preserving access control in web services paradigm. In: the Second IEEE International Conference on Advanced Computing, Networking and Security, ADCONS, pp. 243–246 (2013)
Nadas, A., Frisse, M.E., Sztipanovits, J.: Modeling privacy aware health information exchange systems. In: 1st International Workshop on Engineering EHR Solutions (IWEES), Amsterdam Privacy Conference (2012)
Barth, A., Mitchell, J., Datta, A., Sundaram, S.: Privacy and utility in business processes. In: Computer Security Foundations Symposium, CSF ’07, 20th IEEE, pp. 279–294 (2007)
Datta, A., Franklin, J., Garg, D., Kaynar, D.: A logic of secure systems and its application to trusted computing. In: 30th IEEE Symposium on Security and Privacy, pp. 221–236 (2009)
Lam, P.E., Mitchell, J.C., Sundaram, S.: A formalization of HIPAA for a medical messaging system. In: Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business, Berlin, pp. 73–85. Springer, Heidelberg (2009)
Becker, M.Y., Fournet, C., Gordon, A.D.: SecPAL: design and semantics of a decentralized authorization language. J. Comput. Secur. 18(4), 619–665 (2010)
Craven, R., Lobo, J., Lupu, E., Ma, J., Russo, A., Sloman, M., Bandara, A.: A Formal Framework for Policy Analysis, Imperial College London, Technical Report (2008)
Simko, G., Sztipanovits, J.: Active monitoring using real-time metric linear temporal logic specifications. In: HEALTHINF, pp. 370–373 (2012)
Li, M., Sun, X., Wang, H., Zhang, Y.: Optimal privacy-aware path in hippocratic databases. In: 14th International Conference on Database Systems for Advanced Applications Brisbane, pp. 441–455, Australia (2009)
Nilsson, N. J.: Problem Solving Methods in AI. Mc Graw-Hill, New York (1971)
Rich, E., Knight, K., Nair, S.B.: Artificial Intelligence. Mc Graw-Hill, New York (2009)
Saaty, T.L.: The Analytic Hierarchy Process. McGraw-Hill, New York (1980)
Saaty, T.L.: Fundamentals of Decision Making and Priority Theory with the Analytic Hierarchy Process. RWS Publications, Pittsburg (2000)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer India
About this paper
Cite this paper
Bhatia, R., Singh, M. (2015). Preserving Privacy in Healthcare Web Services Paradigm Through Hippocratic Databases. In: Jain, L., Patnaik, S., Ichalkaranje, N. (eds) Intelligent Computing, Communication and Devices. Advances in Intelligent Systems and Computing, vol 308. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2012-1_19
Download citation
DOI: https://doi.org/10.1007/978-81-322-2012-1_19
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-2011-4
Online ISBN: 978-81-322-2012-1
eBook Packages: EngineeringEngineering (R0)