A novel access control protocol using proxy signatures for cloud-based health information exchange. Issue 67 (June 2017)
- Record Type:
- Journal Article
- Title:
- A novel access control protocol using proxy signatures for cloud-based health information exchange. Issue 67 (June 2017)
- Main Title:
- A novel access control protocol using proxy signatures for cloud-based health information exchange
- Authors:
- Chandrasekhar, Santosh
Ibrahim, Ahmed
Singhal, Mukesh - Abstract:
- Abstract: Health Information Exchange (HIE) allows various providers to electronically share patient health information, enhancing healthcare delivery through coordinated patient care. A primary concern in HIEs is the need for explicit authorization of information exchange in an auditable manner. However, we find that existing approaches for authorization in health information systems exhibit several drawbacks in meeting the needs of HIE, with non-cryptographic approaches lacking a secure and reliable mechanism for access policy enforcement, while cryptographic approaches being too expensive, complex and limited in specifying policies. This paper aims to overcome these drawbacks by presenting a simple and efficient patient-centric authorization protocol for information sharing in cloud-based HIE systems. The proposed protocol is built using a novel trapdoor hash-based proxy signature scheme, and ensures that the authorization is authentic with respect to both providers and patients, and complies with the established access control policies. Features of the proposed protocol include auditability, non-interactive and on-demand operation, and specification and secure/reliable enforcement of flexible access control policies. A detailed security and performance analysis shows that the proposed protocol is provably secure against forgery under the discrete log assumption, and achieves the best overall performance compared to other well-known schemes in the literature.
- Is Part Of:
- Computers & security. Issue 67(2017)
- Journal:
- Computers & security
- Issue:
- Issue 67(2017)
- Issue Display:
- Volume 67, Issue 67 (2017)
- Year:
- 2017
- Volume:
- 67
- Issue:
- 67
- Issue Sort Value:
- 2017-0067-0067-0000
- Page Start:
- 73
- Page End:
- 88
- Publication Date:
- 2017-06
- Subjects:
- Cloud-based health information exchange -- HIPAA -- Authentication and authorization in healthcare -- Auditability -- Trapdoor hash functions -- Proxy signatures
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2017.02.008 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 1902.xml