EEMCS EPrints Service
Ibraimi, L. and Tang, Qiang and Hartel, P.H. and Jonker, W. (2010) Exploring Type-and-Identity-Based Proxy Re-Encryption Scheme to Securely Manage Personal Health Records. International Journal of Computational Models and Algorithms in Medicine (IJCMAM), 1 (2). pp. 1-21. ISSN 1947-3133
Full text available as:
Official URL: http://dx.doi.org/10.4018/jcmam.2010040101
Commercial Web-based Personal-Health Record (PHR) systems can help patients to share their personal health records (PHRs) anytime from anywhere. PHRs are very sensitive data and an inappropriate disclosure may cause serious problems to an individual. Therefore commercial Web-based PHR systems have to ensure that the patient health data is secured using state-of-the-art mechanisms. In current commercial PHR systems, even though patients have the power to define the access control policy on who can access their data, patients have to trust entirely the access-control manager of the commercial PHR system to properly enforce these policies. Therefore patients hesitate to upload their health data to these systems as the data is processed unencrypted on untrusted platforms. Recent proposals on enforcing access control policies exploit the use of encryption techniques to enforce access control policies. In such systems, information is stored in an encrypted form by the third party and there is no need for an access control manager. This implies that data remains confidential even if the database maintained by the third party is compromised. In this paper we propose a new encryption technique called a type-and-identity-based proxy re-encryption scheme which is suitable to be used in the healthcare setting. The proposed scheme allows users (patients) to securely store their PHRs on commercial Web-based PHRs, and securely share their PHRs with other users (doctors).
Export this item as:
To correct this item please ask your editor
Repository Staff Only: edit this item