Abstract
This paper presents a secure medical document sharing model, which addresses confidentiality and authenticity concerns related to cloud-based data protection issues. The paper extends the popular Office Open XML (OOXML) document format with eXtensible Access Control Mark-up Language (XACML) data piece, which defines a sticky-policy and is carried by the document package to enforce data owner access preferences in untrusted networks. Furthermore, it uses Identity Based Encryption (IBE) and Authenticated IBE – two ‘next generation’ public key cryptographic techniques – to guarantee shared data security. The defined model amends the original IBE construction properties and uses an XACML policy to construct a public key. Using such configuration, the authenticated encryption – with associated data applied to the model – ensures the protection of sensitive data. Shared data is thus encrypted and signed, while the public key (i.e. sticky-policy) is attached to encrypted data and remains in plain text. While the technologies used for the proposed model are not in-themselves new, our novel research contribution lays in combining these technologies in our proposed model.
Highlights
Several eHealth projects aim to deliver an eHealth platform that would allow health-care institutions to securely host patients’ data in a public Internet space
Cryptographic techniques used by cloud providers deliver protection from an outsider but not a service provider
Having two policy implementations based on transactional databases, it is easy to derive query time assuming it is equal to natural logarithm of total records number
Summary
Several eHealth projects aim to deliver an eHealth platform that would allow health-care institutions to securely host patients’ data in a public Internet space. Economical factors are promoting moving data towards cloud-based solutions, where personal data is exposed into the public through Internet channels, and entirely hosted on semi-trusted cloud-based platforms. Cryptographic techniques used by cloud providers deliver protection from an outsider but not a service provider. Vulnerabilities allowed a group of researchers to compromise an entire National In-patients Sample (NIS) system security and reveal sensitive personal data [1]. Several works aim to deliver secure solutions ready for the cloud, supporting legacy systems from health-care and educational institutions, enterprise systems and other domains [2,3]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
