802
views
0
recommends
+1 Recommend
1 collections
    4
    shares

      Celebrating 65 years of The Computer Journal - free-to-read perspectives - bcs.org/tcj65

      scite_
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Sticky-Policy enabled authenticated OOXML for Health Care

      proceedings-article
      , ,
      BCS Health Informatics Scotland (HIS) (HIS)
      mHealth & Inequalities, eHealth for an Ageing Population, Patient Portals and Personal Health Records
      7 & 8 October 2015
      Sticky Policies, eHealth, IBE, DLP, IRM
      Bookmark

            Abstract

            This paper presents a secure medical document sharing model, which addresses confidentiality and authenticity concerns related to cloud-based data protection issues. The paper extends the popular Office Open XML (OOXML) document format with eXtensible Access Control Mark-up Language (XACML) data piece, which defines a sticky-policy and is carried by the document package to enforce data owner access preferences in untrusted networks. Furthermore, it uses Identity Based Encryption (IBE) and Authenticated IBE – two ‘next generation’ public key cryptographic techniques – to guarantee shared data security. The defined model amends the original IBE construction properties and uses an XACML policy to construct a public key. Using such configuration, the authenticated encryption – with associated data applied to the model – ensures the protection of sensitive data. Shared data is thus encrypted and signed, while the public key (i.e. sticky-policy) is attached to encrypted data and remains in plain text. While the technologies used for the proposed model are not in-themselves new, our novel research contribution lays in combining these technologies in our proposed model.

            Content

            Author and article information

            Contributors
            Conference
            October 2015
            October 2015
            : 1-6
            Affiliations
            [0001]Centre for Distributed Computing

            Networks and Security

            Edinburgh Napier University, Edinburgh, UK
            [0002]Centre for Distributed Computing

            Networks and Security

            Edinburgh Napier University, Edinburgh, UK
            [0003]Centre for Distributed Computing

            Networks and Security

            Edinburgh Napier University, Edinburgh, UK
            Article
            10.14236/ewic/HIS2015.3
            88aa91e0-118a-4eec-9d14-19d5a20cc4fd
            © Grzegorz Spyra et al. Published by BCS Proceedings of BCS Health Informatics Scotland 2015 Conference. Research Papers.

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            BCS Health Informatics Scotland (HIS)
            HIS
            Edinburgh, UK
            7 & 8 October 2015
            Electronic Workshops in Computing (eWiC)
            mHealth & Inequalities, eHealth for an Ageing Population, Patient Portals and Personal Health Records
            History
            Product

            1477-9358 BCS Learning & Development

            Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/HIS2015.3
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            Applied computer science,Computer science,Security & Cryptology,Graphics & Multimedia design,General computer science,Human-computer-interaction
            Sticky Policies,DLP,eHealth,IRM,IBE

            Comments

            Comment on this article