TY - GEN
T1 - Design for a secure interoperable cloud-based Personal Health Record service
AU - Hsieh, George
AU - Chen, Rong-Jaye
PY - 2012/12/1
Y1 - 2012/12/1
N2 - Adoption of Personal Health Record (PHR) applications has been slow due to consumers' concerns in security, privacy and trust, and the challenges in interoperability and integration with other Electronic Medical Record (EMR) systems. This paper proposes the design for a secure interoperable cloud-based PHR service. To enhance the portability and interoperability, we use the Continuity of Care Document (CCD) for both storing and exchanging the PHR information for an individual. To provide self-protecting security for each CCD instance, we apply a broad spectrum of security mechanisms-including access control, encryption, and digital signature-in an integrated, embedded, and fine-grained manner, based on open standards such as eXtensible Access Control Markup Language, XML Encryption, XML Signature, and XML Key Management Specification. To support patient-controlled encryption and privacy-preserving keyword search, we use ciphertext-policy attribute-based encryption and public-key encryption with keyword search schemes, again in an integrated, embedded, and fine-grained manner.
AB - Adoption of Personal Health Record (PHR) applications has been slow due to consumers' concerns in security, privacy and trust, and the challenges in interoperability and integration with other Electronic Medical Record (EMR) systems. This paper proposes the design for a secure interoperable cloud-based PHR service. To enhance the portability and interoperability, we use the Continuity of Care Document (CCD) for both storing and exchanging the PHR information for an individual. To provide self-protecting security for each CCD instance, we apply a broad spectrum of security mechanisms-including access control, encryption, and digital signature-in an integrated, embedded, and fine-grained manner, based on open standards such as eXtensible Access Control Markup Language, XML Encryption, XML Signature, and XML Key Management Specification. To support patient-controlled encryption and privacy-preserving keyword search, we use ciphertext-policy attribute-based encryption and public-key encryption with keyword search schemes, again in an integrated, embedded, and fine-grained manner.
KW - XML based security standards
KW - attribute-based encryption
KW - cloud computing
KW - information security
KW - personal health record
UR - http://www.scopus.com/inward/record.url?scp=84874244030&partnerID=8YFLogxK
U2 - 10.1109/CloudCom.2012.6427582
DO - 10.1109/CloudCom.2012.6427582
M3 - Conference contribution
AN - SCOPUS:84874244030
SN - 9781467345095
T3 - CloudCom 2012 - Proceedings: 2012 4th IEEE International Conference on Cloud Computing Technology and Science
SP - 472
EP - 479
BT - CloudCom 2012 - Proceedings
T2 - 2012 4th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2012
Y2 - 3 December 2012 through 6 December 2012
ER -