An Event Driven Hybrid Identity Management Approach to Privacy Enhanced e-Health

Credential-based authorization offers interesting advantages for ubiquitous scenarios involving limited devices such as sensors and personal mobile equipment: the verification can be done locally; it offers a more reduced computational cost than its competitors for issuing, storing, and verification; and it naturally supports rights delegation. The main drawback is the revocation of rights. Revocation requires handling potentially large revocation lists, or using protocols to check the revocation status, bringing extra communication costs not acceptable for sensors and other limited devices. Moreover, the effective revocation consent—considered as a privacy rule in sensitive scenarios—has not been fully addressed. This paper proposes an event-based mechanism empowering a new concept, the sleepyhead credentials, which allows to substitute time constraints and explicit revocation by activating and deactivating authorization rights according to events. Our approach is to integrate this concept in IdM systems in a hybrid model supporting delegation, which can be an interesting alternative for scenarios where revocation of consent and user privacy are critical. The delegation includes a SAML compliant protocol, which we have validated through a proof-of-concept implementation. This article also explains the mathematical model describing the event-based model and offers estimations of the overhead introduced by the system. The paper focus on health care scenarios, where we show the flexibility of the proposed event-based user consent revocation mechanism.

[1]  Pardeep Kumar,et al.  Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey , 2011, Sensors.

[2]  John Leubsdorf,et al.  Privacy and Freedom , 1968 .

[3]  Tau Chen Modeling and analysis of computer communications networks , 1986, J. Am. Soc. Inf. Sci..

[4]  Andrés Marín López,et al.  Enabling SAML for Dynamic Identity Federation Management , 2009, WMNC/PWC.

[5]  Alex Kiss,et al.  The effect of low-complexity patients on emergency department waiting times. , 2007, Annals of emergency medicine.

[6]  Mike Davis,et al.  Cross-Enterprise Security and Privacy Authorization (XSPA) Profile of Security Assertion Markup Language (SAML) for Healthcare , 2008 .

[7]  Audun Jøsang,et al.  Usability and Privacy in Identity Management Architectures , 2007, ACSW.

[8]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[9]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[10]  Antonio F. Gómez-Skarmeta,et al.  An internet of things–based personal device for diabetes therapy management in ambient assisted living (AAL) , 2011, Personal and Ubiquitous Computing.

[11]  Jorge Lobo,et al.  Privacy-Aware Role-Based Access Control , 2007, IEEE Security & Privacy.

[12]  Jolene Galegher,et al.  The Health Insurance Portability and Accountability Act Privacy Rule: A Practical Guide for Researchers , 2004, Medical care.

[13]  Liam Peyton,et al.  Improving cardiac patient flow based on complex event processing , 2011, 2011 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT).

[14]  Chao Liu,et al.  Efficient SIP-Specific Event Notification , 2006, International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies (ICNICONSMCL'06).

[15]  N. Rathlev,et al.  Time series analysis of variables associated with daily mean emergency department length of stay. , 2007, Annals of emergency medicine.

[16]  Joseph Gray Jackson,et al.  Privacy and Freedom , 1968 .

[17]  Edgar A. Whitley,et al.  Informational privacy, consent and the "control" of personal data , 2009, Inf. Secur. Tech. Rep..

[18]  Renato Cesar Sato,et al.  Markov Models in health care. , 2010, Einstein.

[19]  Liam Peyton,et al.  Event-Driven Data Integration for Personal Health Monitoring , 2009 .

[20]  Joonsang Baek,et al.  Authentication and Key Establishment in Dynamic Wireless Sensor Networks , 2010, Sensors.

[21]  Adam Roach,et al.  Session Initiation Protocol (SIP)-Specific Event Notification , 2002, RFC.

[22]  Heejo Lee,et al.  Activity-based Access Control Model to Hospital Information , 2007, 13th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA 2007).

[23]  Jesús Favela,et al.  Quality of Privacy (QoP) for the Design of Ubiquitous Healthcare Applications , 2006, J. Univers. Comput. Sci..

[24]  H. S. Wolff,et al.  iRun: Horizontal and Vertical Shape of a Region-Based Graph Compression , 2022, Sensors.

[25]  W. Ryan,et al.  The problem of privacy: Edward Engberg The spy in the corporate structure and the right to privacy The World Publishing Company, $5.95 , 1967 .

[26]  W. Ryan,et al.  Privacy and freedom: Alan F. Westin Atheneum Publishers, $10 , 1967 .

[27]  Jane Kaye,et al.  Revoking consent: A 'blind spot' in data protection law? , 2010, Comput. Law Secur. Rev..

[28]  Andreas Pfitzmann,et al.  Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[29]  Sadie Creese,et al.  Defining Consent and Revocation Policies , 2010 .

[30]  S. Zeger,et al.  The challenge of predicting demand for emergency department services. , 2008, Academic emergency medicine : official journal of the Society for Academic Emergency Medicine.

[31]  Birgit Pfitzmann Privacy in enterprise identity federation - policies for Liberty 2 single sign on , 2004, Inf. Secur. Tech. Rep..

[32]  Carl M. Harris,et al.  Fundamentals of queueing theory , 1975 .

[33]  Sadie Creese,et al.  A Conceptual Model for Privacy Policies with Consent and Revocation Requirements , 2010, PrimeLife.