SPoC: Protecting Patient Privacy for e-Health Services in the Cloud

The use of digital technologies in providing health care services is in general subsumed under the term e-Health. The Data Capture and Auto Identification Reference (DACAR) project provides an open e-Health service platform that reinforces the integrity, security, confidentiality and auditability of medical data throughout their life-cycle. This paper presents the design and implementation of the core component of this platform, namely the Single Point of Contact (SPoC). A SPoC is essentially a security authority that provides claim-based authentication and authorisation functionalities, and facilitates the development and integration of secure e-Health services hosted within a Cloud Computing environment.

[1]  William J Buchanan,et al.  Novel information sharing syntax for data sharing between police and community partners, using role-based security. , 2010 .

[2]  William J. Buchanan,et al.  DACAR Platform for eHealth Services Cloud , 2011, 2011 IEEE 4th International Conference on Cloud Computing.

[3]  Ibm Redbooks,et al.  Patterns: Service Oriented Architecture And Web Services , 2004 .

[4]  Cédric Pruski,et al.  e-CRL: A Rule-Based Language for Expressing Patient Electronic Consent , 2010, 2010 Second International Conference on eHealth, Telemedicine, and Social Medicine.

[5]  Xiaodong Lin,et al.  Sage: a strong privacy-preserving scheme against global eavesdropping for ehealth systems , 2009, IEEE Journal on Selected Areas in Communications.

[6]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[7]  Marcos Da Silveira,et al.  Protecting Patient Privacy when Sharing Medical Data , 2011, eTELEMED 2011.

[8]  Marco Eichelberg,et al.  Providing Interoperability of eHealth Communities Through Peer-to-Peer Networks , 2010, IEEE Transactions on Information Technology in Biomedicine.

[9]  William J. Buchanan,et al.  Interagency data exchange protocols as computational data protection law , 2010, JURIX.

[10]  Chris J. Mitchell,et al.  Enhancing user authentication in claim-based identity management , 2010, 2010 International Symposium on Collaborative Technologies and Systems.

[11]  Ian Lumb,et al.  A Taxonomy and Survey of Cloud Computing Systems , 2009, 2009 Fifth International Joint Conference on INC, IMS and IDC.

[12]  William J Buchanan,et al.  Analysis of Information governance and patient data protection within primary health care. , 2010 .

[13]  Christoph Meinel,et al.  Enhancing Claim-Based Identity Management by Adding a Credibility Level to the Notion of Claims , 2009, 2009 IEEE International Conference on Services Computing.

[14]  Keith Brown,et al.  A Guide to Claims-Based Identity and Access Control: Patterns & Practices , 2010 .

[15]  Ling Liu,et al.  Security Models and Requirements for Healthcare Application Clouds , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[16]  Daniel Slamanig,et al.  Privacy Aspects of eHealth , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[17]  Hee Jeong Cheong,et al.  Improving Korean Service Delivery System in Health Care: Focusing on National E-health System , 2009, 2009 International Conference on eHealth, Telemedicine, and Social Medicine.

[18]  John Hughes,et al.  Security Assertion Markup Language (SAML) 2.0 Technical Overview , 2004 .

[19]  Roger Clarke,et al.  Viewpoint Paper: e-Consent: The Design And Implementation of Consumer Consent Mechanisms in an Electronic Environment , 2004, J. Am. Medical Informatics Assoc..