Collaborative eHealth Meets Security: Privacy-Enhancing Patient Profile Management

Collaborative healthcare environments offer potential benefits, including enhancing the healthcare quality delivered to patients and reducing costs. As a direct consequence, sharing of electronic health records (EHRs) among healthcare providers has experienced a noteworthy growth in the last years, since it enables physicians to remotely monitor patients’ health and enables individuals to manage their own health data more easily. However, these scenarios face significant challenges regarding security and privacy of the extremely sensitive information contained in EHRs. Thus, a flexible, efficient, and standards-based solution is indispensable to guarantee selective identity information disclosure and preserve patient's privacy. We propose a privacy-aware profile management approach that empowers the patient role, enabling him to bring together various healthcare providers as well as user-generated claims into an unique credential. User profiles are represented through an adaptive Merkle Tree, for which we formalize the underlying mathematical model. Furthermore, performance of the proposed solution is empirically validated through simulation experiments.

[1]  Xiaohui Liang,et al.  PEC: A privacy-preserving emergency call scheme for mobile healthcare social networks , 2011, Journal of Communications and Networks.

[2]  Xiaolei Dong,et al.  Securing m-healthcare social networks: challenges, countermeasures and future directions , 2013, IEEE Wireless Communications.

[3]  Jolene Galegher,et al.  The Health Insurance Portability and Accountability Act Privacy Rule: A Practical Guide for Researchers , 2004, Medical care.

[4]  Upkar Varshney,et al.  Pervasive Healthcare and Wireless Health Monitoring , 2007, Mob. Networks Appl..

[5]  F. Kargl,et al.  Security, Privacy and Legal Issues in Pervasive eHealth Monitoring Systems , 2008, 2008 7th International Conference on Mobile Business.

[6]  Lionel Brunie,et al.  A Decentralized Anonymity-Preserving Reputation System with Constant-time Score Retrieval , 2016, IACR Cryptol. ePrint Arch..

[7]  Xiaodong Lin,et al.  SPOC: A Secure and Privacy-Preserving Opportunistic Computing Framework for Mobile-Healthcare Emergency , 2013, IEEE Transactions on Parallel and Distributed Systems.

[8]  WhitsonGeorge Health Level Seven , 2009, Definitions.

[9]  Miyoung Jang,et al.  A New Query Integrity Verification Method with Cluster-based Data Transformation in Cloud Computing Environment , 2015 .

[10]  William Pugh,et al.  Skip Lists: A Probabilistic Alternative to Balanced Trees , 1989, WADS.

[11]  Allison Bishop,et al.  Why Proving HIBE Systems Secure Is Difficult , 2014, EUROCRYPT.

[12]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[13]  William R. Claycomb,et al.  Authenticated Dictionary-Based Attribute Sharing in Federated Identity Management , 2009, 2009 Sixth International Conference on Information Technology: New Generations.

[14]  Gabriel Ghinita,et al.  Privacy for Location-based Services , 2013, Privacy for Location-based Services.

[15]  Christian Paquin,et al.  U-Prove Technology Overview V1.1 (Revision 2) , 2013 .

[16]  Thomas Page,et al.  The application of hash chains and hash structures to cryptography , 2009 .

[17]  Andrés Marín López,et al.  An Event Driven Hybrid Identity Management Approach to Privacy Enhanced e-Health , 2012, Sensors.

[18]  John A. Stankovic,et al.  Wireless Sensor Networks for Home Health Care , 2013, PECCS.

[19]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[20]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[21]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .

[22]  Josep Domingo-Ferrer,et al.  Flexible attribute-based encryption applicable to secure e-healthcare records , 2015, International Journal of Information Security.

[23]  Jiguo Li,et al.  Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation , 2014, International Journal of Information Security.

[24]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[25]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[26]  Pan Li,et al.  Cloud-Assisted Mobile-Access of Health Data With Privacy and Auditability , 2014, IEEE Journal of Biomedical and Health Informatics.

[27]  Daniel A. Garcia-Ulloa,et al.  A Survey on Privacy in Mobile Crowd Sensing Task Management , 2014 .

[28]  Elisa Bertino,et al.  An Interoperable Approach to Multifactor Identity Verification , 2009, Computer.

[29]  Kyung Sup Kwak,et al.  Security and Privacy Issues in Wireless Sensor Networks for Healthcare Applications , 2010, Journal of Medical Systems.

[30]  Douglas M. Blough,et al.  User-Centric Identity Management Architecture Using Credential-Holding Identity Agents , 2012 .

[31]  Yasuo Hatano,et al.  Efficient signature schemes supporting redaction, pseudonymization, and data deidentification , 2008, ASIACCS '08.

[32]  Mark L. Braunstein,et al.  Health Informatics in the Cloud , 2012, SpringerBriefs in Computer Science.

[33]  Elisa Bertino,et al.  Structural signatures for tree data structures , 2008, Proc. VLDB Endow..