2012 41st International Conference on Parallel Processing Workshops (2012)
Pittsburgh, PA, USA USA
Sept. 10, 2012 to Sept. 13, 2012
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICPPW.2012.42
Nowadays Electronic Health Records (EHRs) is a preferred method to store patients' health records. The emergence of cloud computing services provides users with flexible access, large storage capability and low costs, which motivate EHR maintainers to consider migrating EHR data from their own storage to the cloud. However, securing EHRs in cloud is a major challenge. Several security properties need to be satisfied, such as data privacy, fine-grained access control and scalable access between different clouds. In this paper, we propose a secure and scalable framework for EHR data sharing which combines Identity-based Encryption and Attribute-based Encryption together to enforce access control policies. Through this framework a fine-grained access control scheme on EHR can be enforced and scalable access between different clouds is enabled. We also propose a novel design to address the problem of improper data access caused by a user with multiple roles and access rights to an EHR.
Servers, Access control, Medical services, Encryption, Public key, Databases, attribute-based encryption, Electronic Health Records, multi-cloud computing, fine-grained access control, interleaving roles, identity-based encryption
J. Huang, M. Sharaf and C. Huang, "A Hierarchical Framework for Secure and Scalable EHR Sharing and Access Control in Multi-cloud," 2012 41st International Conference on Parallel Processing Workshops(ICPPW), Pittsburgh, PA, USA USA, 2012, pp. 279-287.