An approach for privacy policies negotiation in mobile health-Cloud environments

Mobile technologies continue to improve patients´ quality of care. Particularly, with the emergence of Cloud-based mobile services and applications, patients can easily communicate with their physicians and receive the care they deserve. However, due to the increased number of privacy threats in mobile and Cloud computing environments, maximizing patients´ control over their data becomes a necessity. Thus, formal languages to express their privacy preferences are needed. Besides, because of the diversity of actors involved in patient´s care, conflict among privacy policies can take place. In this paper, we present an approach that aims to resolve the problem of conflicting privacy policies based on a Security Policy Negotiation Framework. The major particularity of our solution is that it considers the patient to be a crucial actor in the negotiation process. The different steps of our approach are illustrated through an example of three conflicting privacy policies with different privacy languages.