A Novel Decentralized Hierarchical Access Control Scheme for the Medical Scenario

Author

Eskeland, Sigurd ; Prasad, Neeli R.

Author_Institution

Center for TeleInFrastruct., Aalborg Univ.

fYear

2006

fDate

38899

Firstpage

1

Lastpage

6

Abstract

Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users

Keywords

authorisation; cryptography; data privacy; database management systems; decentralised control; information retrieval; medical information systems; authorizations; cryptographic access control; decentralized hierarchical access control; electronic patient records; medical professionals; personal medical data; Access control; Authorization; Cryptography; Data security; Identity-based encryption; Information security; Information technology; Paramagnetic resonance; Permission; Personnel; Access control; ID-based encryption; hierachical group key agreement;

fLanguage

English

Publisher

ieee

Conference_Titel

Mobile and Ubiquitous Systems: Networking & Services, 2006 Third Annual International Conference on

Conference_Location

San Jose, CA

Print_ISBN

1-4244-0498-3

Electronic_ISBN

1-4244-0499-1

Type

conf

DOI

10.1109/MOBIQ.2006.340440

Filename

4141793