ABSTRACT
We provide a design and implementation of self-protecting electronic medical records (EMRs) using attribute-based encryption on mobile devices. Our system allows healthcare organizations to export EMRs to locations outside of their trust boundary. In contrast to previous approaches, our solution is designed to maintain EMR availability even when providers are offline, i.e., where network connectivity is not available. To balance the needs of emergency care and patient privacy, our system is designed to provide fine-grained encryption and is able to protect individual items within an EMR, where each encrypted item may have its own access control policy. We implemented a prototype system using a new key- and ciphertext-policy attribute-based encryption library that we developed. Our implementation, which includes an iPhone app for storing and managing EMRs offline, allows for flexible and automated policy generation. An evaluation of our design shows that our ABE library performs well, has acceptable storage requirements, and is practical and usable on modern smartphones.
- Advance Directives Information Sheet. http://www.mva.maryland.gov/Resources/AdvanceDirective.pdf.Google Scholar
- iPhone Developer Reference. http://developer.apple.com/iPhone/library/navigation/index.html.Google Scholar
- Stanford Pairing-Based Crypto Library. http://crypto.stanford.edu/pbc/.Google Scholar
- War in the fifth domain. The Economist, 396(8689), 2010.Google Scholar
- 104th United States Congress. Health Insurance Portability and Accountability A (HIPPA), 1996. http://aspe.hhs.gov/admnsimp/pl104191.htm; Last access: August 16, 2004.Google Scholar
- Gail-Joon Ahn and Badrinath Mohan. Role-based authorization in decentralized health care environments. In 18th ACM on Applied Computing, 2003. Google ScholarDigital Library
- ASTM International. ASTM E2369 - 05e1 Standard Specification for Continuity of Care Record (CCR), 2009.Google Scholar
- Moritz Y. Becker and Peter Sewell. Cassandra: flexible trust management, applied to electronic health records. In 17th IEEE CSFW, 2004. Google ScholarDigital Library
- Josh Benaioh, Melissa Chase, Eric Horvitz, and Kristin Lauter. Patient controlled encryption: Ensuring privacy of electronic medical records. In ACM CCSW '09, pages 103--114. ACM, 2009. Google ScholarDigital Library
- John Bethencourt. Ciphertext-policy Attribute-Based Encryption library, 2006. Available at http://acsc.cs.utexas.edu/cpabe/. Google ScholarDigital Library
- John Bethencourt, Amit Sahai, and Brent Waters. Ciphertext-policy attribute-based encryption. In 2007 IEEE Security and Privacy, pages 321--334. IEEE Computer Society, 2007. Google ScholarDigital Library
- Alexandra Boldyreva, Vipul Goyal, and Virendra Kumar. Identity-based encryption with efficient revocation. In 15th ACM CCS '08, pages 417--426. ACM, 2008. Google ScholarDigital Library
- Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. Public key encryption with keyword search. In EUROCRYPT '04, volume 3027 of LNCS, pages 506--522. Springer, 2004.Google Scholar
- Carol Franc Buck. Designing a consumer-centered personal health record. Technical report, California Health Foundation, March 2007.Google Scholar
- United States Congress. Health Information Technology for Economic and Clinical Health (HITECH) Act, Title XIII of Division A and Title IV of Division B of the American Recovery and Reinvestment Act of 2009 (ARRA), 2009.Google Scholar
- Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters. Attribute-based encryption for fine-grained access control of encrypted data. In 13th ACM CCS '06, pages 89--98. ACM, 2006. Google ScholarDigital Library
- Matthew Green, Susan Hohenberger, and Brent Waters. Outsourcing the decryption of ABE ciphertexts. In In Proceedings of USENIX Security 2011, 2011. Google ScholarDigital Library
- Live Hacking. Android browser data stealing vulnerability, 2010. http://www.livehacking.com/2010/11/23/android-browser-data-stealing-vulnerability/.Google Scholar
- Health Level Seven, Inc. and ASTM International. Continuity of Care Document (CCD), 2009.Google Scholar
- Luan Ibraimi, Muhammad Asim, and Milan Petkovic. Secure management of personal health records by applying attribute-based encryption, July 2009.Google Scholar
- Luan Ibraimi, Milan Petkovic, Svetla Nikova, Pieter Hartel, and Willem Jonker. Mediated ciphertext-policy attribute-based encryption and its application. In WISA, 2009. Google ScholarDigital Library
- George R. Kim and Christoph U. Lehmann. Pediatric aspects of inpatient health information technology systems. In Pediatrics, volume 122, 2008.Google Scholar
- Nicole Lewis. EMR data theft booming. InformationWeek, 2010.Google Scholar
- Allison Lewko, Amit Sahai, and Brent Waters. Revocation systems with very small private keys. In IEEE Symposium on Security and Privacy. IEEE, 2010. Google ScholarDigital Library
- Sarah A. Lister. Hurricane Katrina: The public health and medical response. CRS Report for Congress, September 2005.Google Scholar
- Steve Lohr. G.E. and Intel join forces on health technologies. New York Times, 3 April 2009.Google Scholar
- Feisal Nanji. Security challenges of electronic medical records. ComputerWorld, 2009.Google Scholar
- Shivaramakrishnan Narayan, Martin Gagne, and Reihaneh Safavi-Naini. Privacy preserving ehr system using attribute-based infrastructure. In ACM CCSW, 2010. Google ScholarDigital Library
- M. Pirretti, P. Traynor, P. McDaniel, and B. Waters. Secure atrribute-based systems. In ACM CCS '06, 2006. Google ScholarDigital Library
- QuantiaMD. Patient privacy concerns are 1 barrier to doctor adoption of mobile devices, 2011. http://blog.veriphyr.com/2011/06/patient-privacy-tablet-smartphone.html.Google Scholar
- Amit Sahai and Brent Waters. Fuzzy identity-based encryption. In Advances in Cryptology, EUROCRYPT, pages 457--473, 2005. Google ScholarDigital Library
- R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. In IEEE Computer, 1996. Google ScholarDigital Library
- Paul C. Tang, Joan S. Ash, David W. Bates, J. Marc Overhage, and Daniel Z. Sands. Personal health records: Definitions, benefits, and strategies for overcoming barriers to adoption. Journal of the American Medical Informatics Association, 13(2):121--126, 2006.Google ScholarCross Ref
- Patrick Traynor, Kevin Butler, William Enck, and Patrick McDaniel. Realizing massive-scale conditional access systems through attribute-based cryptosystems. In In Proceedings of the ISOC Network & Distributed System Security Symposium (NDSS), 2008.Google Scholar
- Micky Tripathi, David Delano, Barbara Lund, and Lynda Rudolph. Engaging patients for health information exchange. Health Affairs, 28(2):435--443, March 2009.Google ScholarCross Ref
- U.S. Department of Health and Human Services. The nationwide privacy and security framework for electronic exchange of individually identifiable health information. ONC for Health Information Technology, December 2008.Google Scholar
- Brent Waters. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. Cryptology ePrint Archive, Report 2008/290, 2008.Google Scholar
- Brent Waters. Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions. In Advances in Cryptology CRYPTO 2009, pages 619--636. Springer, 2009. Google ScholarDigital Library
- Wei-Chuen Yau, Swee-Huay Heng, and Bok-Min Goi. Off-line keyword guessing attacks on recent public key encryption with keyword search schemes. In Autonomic and TC, volume 5060 of Lecture in CS, pages 100--105. Springer Berlin / Heidelberg, 2008. Google ScholarDigital Library
- Longhua Zhang, Gail-Joon Ahn, and Bei-Tseng Chu. A role-based delegation framework for healthcare information systems. In ACM SACMAT, 2002. Google ScholarDigital Library
Index Terms
- Securing electronic medical records using attribute-based encryption on mobile devices
Recommendations
Attribute-based encryption schemes with constant-size ciphertexts
Attribute-based encryption (ABE), as introduced by Sahai and Waters, allows for fine-grained access control on encrypted data. In its key-policy flavor (the dual ciphertext-policy scenario proceeds the other way around), the primitive enables senders to ...
Flexible attribute-based encryption applicable to secure e-healthcare records
In e-healthcare record systems (EHRS), attribute-based encryption (ABE) appears as a natural way to achieve fine-grained access control on health records. Some proposals exploit key-policy ABE (KP-ABE) to protect privacy in such a way that all users are ...
Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption
Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health ...
Comments