Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
A Secure Service Framework for Handling Security Critical Data on the Public Cloud Read chapter Read first chapter

2012 | OriginalPaper | Chapter

6. Controlling Decryption of Personal Health Records in the Cloud

Authors : Yi-Chang Hsu, Jing-Jang Hwang

Published in: Proceedings of the International Conference on IT Convergence and Security 2011

Publisher: Springer Netherlands

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

For personal health record storage systems in the cloud where the information must be encrypted before storage, we propose splitting the decryption key into two parts, where the user owns one part that is called an ownership code or a right-to-decrypt code, while the other part, called a substitute-key-half code, is stored in the system. The decryption key can only be recovered using these two separate secret parts, and the information stored in the system will not disclose any clues that could lead to guessing the decryption key, thus strengthening information protection and ensuring that the personal health records will not be disclosed to anyone without authorization.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Realizing Security Requirements with Physical Properties: A Case Study on Paper Voting
next chapter Access Control Mechanism for XML Document
Literature
1.
AHIMAe-HIM Personal Health Record Work Group (2005) Defining the personal health record. J AHIMA 76(6):24–25
2.
Ferraiolo DF, Sandhu R, Gavrila S, Kuhn DR, Chandramouli R (2001) Proposed NIST standard for role-based access control. ACM Trans Inf Syst Secur 4:224–274CrossRef
3.
Kaelber DC, Jha AK, Johnston D, Middleton B, Bates DW (2008) A research agenda for personal health records (Phrs). J Am Med Inform Assoc 15:729–736CrossRef
4.
5.
6.
7.
Buyya R, Yeo CS, Venugopal S, Broberg J, Brandic I (2008) Cloud computing and emerging it platforms: vision, hype, and reality for delivering computing as the 5th utility. Future Gener Comput Syst 25(6):599–616CrossRef
8.
Weinhardt C, Anandasivam A, Blau B, Borissov N, Meinl T, Michalk W, Stößer J (2009) Cloud computing–a classification, business models, and research directions. Bus Inf Syst Eng 1(5):391–399CrossRef
9.
Cushman R, Froomkin M, Cava A, Abril P, Goodman KW (2010) Ethical, legal and social issues for personal health records and applications. J Biomed Inform 43(5 Supp. 1):S51–S55CrossRef
10.
Parakh A, Kak S (2009) Online data storage using implicit security. Inf Sci 179(19):3323–3333CrossRefMATH
11.
Wang M, Lau C, Matsen FA III, Kim Y (2004) Personal health information management system and its application in referral management. IEEE Trans Inf Technol Biomed 8(3):287–297CrossRef
12.
Markle Foundation (2003) Connecting for Health. The Personal Health Working Group Final Report
13.
14.
Subashini S, Kavitha V (2011) A survey on security issues in service delivery models of cloud computing. J Netw Comput App 34:1–11CrossRef
15.
US National Institute of Standards and Technology (1993) Data encryption standard, Federal Information Processing Standard (FIPS) publication 46–2
16.
US National Institute of Standards and Technology (2001) Advanced encryption standard, Federal Information Processing Standard (FIPS) publication 197
17.
Rivest R, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126MathSciNetCrossRefMATH
18.
Miller V, (1986) Uses of elliptic curves in cryptography, Advances in cryptology–CRYPTO ‘85, Lecture Notes in Computer Science 218: 417–426
19.
Sandhu RS, Samarati P (1994) Access control: principle and practice. IEEE Commun Mag 32(9):40–48CrossRef
20.
Hwang JJ (2009) Partition and recovery of a verifiable digital secret. US Patent No. 7,596,704
Metadata
Title
Controlling Decryption of Personal Health Records in the Cloud
Authors
Yi-Chang Hsu
Jing-Jang Hwang
Copyright Year
2012
Publisher
Springer Netherlands
Book
Proceedings of the International Conference on IT Convergence and Security 2011

Print ISBN: 978-94-007-2910-0

Electronic ISBN: 978-94-007-2911-7

Copyright Year: 2012

DOI
https://doi.org/10.1007/978-94-007-2911-7_6