Blog
About

100
views
0
recommends
+1 Recommend
1 collections
    4
    shares
      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      Sticky-Policy enabled authenticated OOXML for Health Care

      , ,

      BCS Health Informatics Scotland (HIS) (HIS)

      mHealth & Inequalities, eHealth for an Ageing Population, Patient Portals and Personal Health Records

      7 & 8 October 2015

      Sticky Policies, eHealth, IBE, DLP, IRM

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          This paper presents a secure medical document sharing model, which addresses confidentiality and authenticity concerns related to cloud-based data protection issues. The paper extends the popular Office Open XML (OOXML) document format with eXtensible Access Control Mark-up Language (XACML) data piece, which defines a sticky-policy and is carried by the document package to enforce data owner access preferences in untrusted networks. Furthermore, it uses Identity Based Encryption (IBE) and Authenticated IBE – two ‘next generation’ public key cryptographic techniques – to guarantee shared data security. The defined model amends the original IBE construction properties and uses an XACML policy to construct a public key. Using such configuration, the authenticated encryption – with associated data applied to the model – ensures the protection of sensitive data. Shared data is thus encrypted and signed, while the public key (i.e. sticky-policy) is attached to encrypted data and remains in plain text. While the technologies used for the proposed model are not in-themselves new, our novel research contribution lays in combining these technologies in our proposed model.

          Related collections

          Most cited references 5

          • Record: found
          • Abstract: not found
          • Book Chapter: not found

          Identity-Based Cryptosystems and Signature Schemes

           Adi Shamir (1985)
            Bookmark
            • Record: found
            • Abstract: found
            • Article: not found

            A review on the state-of-the-art privacy-preserving approaches in the e-health clouds.

            Cloud computing is emerging as a new computing paradigm in the healthcare sector besides other business domains. Large numbers of health organizations have started shifting the electronic health information to the cloud environment. Introducing the cloud services in the health sector not only facilitates the exchange of electronic medical records among the hospitals and clinics, but also enables the cloud to act as a medical record storage center. Moreover, shifting to the cloud environment relieves the healthcare organizations of the tedious tasks of infrastructure management and also minimizes development and maintenance costs. Nonetheless, storing the patient health data in the third-party servers also entails serious threats to data privacy. Because of probable disclosure of medical records stored and exchanged in the cloud, the patients' privacy concerns should essentially be considered when designing the security and privacy mechanisms. Various approaches have been used to preserve the privacy of the health information in the cloud environment. This survey aims to encompass the state-of-the-art privacy-preserving approaches employed in the e-Health clouds. Moreover, the privacy-preserving approaches are classified into cryptographic and noncryptographic approaches and taxonomy of the approaches is also presented. Furthermore, the strengths and weaknesses of the presented approaches are reported and some open issues are highlighted.
              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              An enhancement of the Role-Based Access Control model to facilitate information access management in context of team collaboration and workflow

                Bookmark

                Author and article information

                Contributors
                Conference
                October 2015
                October 2015
                : 1-6
                Affiliations
                Centre for Distributed Computing

                Networks and Security

                Edinburgh Napier University, Edinburgh, UK
                Centre for Distributed Computing

                Networks and Security

                Edinburgh Napier University, Edinburgh, UK
                Centre for Distributed Computing

                Networks and Security

                Edinburgh Napier University, Edinburgh, UK
                10.14236/ewic/HIS2015.3
                © Grzegorz Spyra et al. Published by BCS Proceedings of BCS Health Informatics Scotland 2015 Conference. Research Papers.

                This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

                BCS Health Informatics Scotland (HIS)
                HIS
                Edinburgh, UK
                7 & 8 October 2015
                Electronic Workshops in Computing (eWiC)
                mHealth & Inequalities, eHealth for an Ageing Population, Patient Portals and Personal Health Records
                Product
                Product Information: 1477-9358 BCS Learning & Development
                Self URI (journal page): https://ewic.bcs.org/
                Categories
                Electronic Workshops in Computing

                Comments

                Comment on this article