Using Attribute-Based Access Control for Remote Healthcare Monitoring

Remote Healthcare Monitoring (RHM) IoT infrastructure uses sensors and smartphones to collect vital parameters from patients. These parameters pertaining to medical records are shared with healthcare professionals at geographically distant locations to provide timely medical care. RHM applications deployed on IoT infrastructure must address the issues of security and privacy in a constrained environment. We present our H-Plane framework for RHM and propose the use of the NIST Next Generation Access Control (NGAC) framework for specifying and enforcing access control policies.

[1]  Dilraj Nadarajan,et al.  A Low Cost Remote Cardiac Monitoring Framework for Rural Regions , 2016, EAI Endorsed Trans. Self Adapt. Syst..

[2]  Indrajit Ray,et al.  Attribute Based Access Control for Healthcare Resources , 2017, ABAC '17.

[3]  Indrajit Ray,et al.  Applying attribute based access control for privacy preserving health data disclosure , 2016, 2016 IEEE-EMBS International Conference on Biomedical and Health Informatics (BHI).

[4]  Samee Ullah Khan,et al.  > REPLACE THIS LINE WITH YOUR PAPER IDENTIFICATION NUMBER (DOUBLE-CLICK HERE TO EDIT) < 1 , 2008 .

[5]  Prajakta Kulkarni,et al.  mPHASiS: Mobile patient healthcare and sensor information system , 2011, J. Netw. Comput. Appl..

[6]  Olga Boric-Lubecke,et al.  E-healthcare: Remote monitoring, privacy, and security , 2014, 2014 IEEE MTT-S International Microwave Symposium (IMS2014).

[7]  Ramaswamy Chandramouli,et al.  A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications , 2015 .

[8]  S. Sastry,et al.  Security and Privacy Issues with Health Care Information Technology , 2006, 2006 International Conference of the IEEE Engineering in Medicine and Biology Society.

[9]  Sasikanth Avancha,et al.  A privacy framework for mobile health and home-care systems , 2009, SPIMACS '09.

[10]  Ming Li,et al.  Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings , 2010, SecureComm.

[11]  Edward A. Lee,et al.  Toward a Global Data Infrastructure , 2016, IEEE Internet Computing.

[12]  Jun Zhou,et al.  PSMPA: Patient Self-Controllable and Multi-Level Privacy-Preserving Cooperative Authentication in Distributedm-Healthcare Cloud Computing System , 2015, IEEE Transactions on Parallel and Distributed Systems.

[13]  Lei Huang,et al.  MIAPS: A web-based system for remotely accessing and presenting medical images , 2014, Comput. Methods Programs Biomed..

[14]  Edward A. Lee,et al.  The Cloud is Not Enough: Saving IoT from the Cloud , 2015, HotStorage.

[15]  David F. Ferraiolo,et al.  Policy Machine: Features, Architecture, and Specification , 2014 .

[16]  Wei Ren,et al.  A Robust and Flexible Access Control Scheme for Cloud-IoT Paradigm with Application to Remote Mobile Medical Monitoring , 2015, 2015 Third International Conference on Robot, Vision and Signal Processing (RVSP).

[17]  P. Venkat Rangan,et al.  H-Plane: Intelligent Data Management for Mobile Healthcare Applications , 2016, MobiWIS.

[18]  Anthoniraj Amalanathan,et al.  Unifying the Access Control Mechanism for the Enterprises Using XACML Policy Levels , 2015 .

[19]  Eve Maler,et al.  User-managed access to web resources , 2010, DIM '10.