Blog
About

  • Record: found
  • Abstract: found
  • Article: found
Is Open Access

Sticky-Policy enabled authenticated OOXML for Health Care

, ,

BCS Health Informatics Scotland (HIS) (HIS)

mHealth & Inequalities, eHealth for an Ageing Population, Patient Portals and Personal Health Records

7 & 8 October 2015

Sticky Policies, eHealth, IBE, DLP, IRM

Read this article at

Bookmark
      There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

      Abstract

      This paper presents a secure medical document sharing model, which addresses confidentiality and authenticity concerns related to cloud-based data protection issues. The paper extends the popular Office Open XML (OOXML) document format with eXtensible Access Control Mark-up Language (XACML) data piece, which defines a sticky-policy and is carried by the document package to enforce data owner access preferences in untrusted networks. Furthermore, it uses Identity Based Encryption (IBE) and Authenticated IBE – two ‘next generation’ public key cryptographic techniques – to guarantee shared data security. The defined model amends the original IBE construction properties and uses an XACML policy to construct a public key. Using such configuration, the authenticated encryption – with associated data applied to the model – ensures the protection of sensitive data. Shared data is thus encrypted and signed, while the public key (i.e. sticky-policy) is attached to encrypted data and remains in plain text. While the technologies used for the proposed model are not in-themselves new, our novel research contribution lays in combining these technologies in our proposed model.

      Related collections

      Most cited references 5

      • Record: found
      • Abstract: not found
      • Book Chapter: not found

      Identity-Based Cryptosystems and Signature Schemes

       Adi Shamir (1985)
        Bookmark
        • Record: found
        • Abstract: found
        • Article: not found

        A review on the state-of-the-art privacy-preserving approaches in the e-health clouds.

        Cloud computing is emerging as a new computing paradigm in the healthcare sector besides other business domains. Large numbers of health organizations have started shifting the electronic health information to the cloud environment. Introducing the cloud services in the health sector not only facilitates the exchange of electronic medical records among the hospitals and clinics, but also enables the cloud to act as a medical record storage center. Moreover, shifting to the cloud environment relieves the healthcare organizations of the tedious tasks of infrastructure management and also minimizes development and maintenance costs. Nonetheless, storing the patient health data in the third-party servers also entails serious threats to data privacy. Because of probable disclosure of medical records stored and exchanged in the cloud, the patients' privacy concerns should essentially be considered when designing the security and privacy mechanisms. Various approaches have been used to preserve the privacy of the health information in the cloud environment. This survey aims to encompass the state-of-the-art privacy-preserving approaches employed in the e-Health clouds. Moreover, the privacy-preserving approaches are classified into cryptographic and noncryptographic approaches and taxonomy of the approaches is also presented. Furthermore, the strengths and weaknesses of the presented approaches are reported and some open issues are highlighted.
          Bookmark
          • Record: found
          • Abstract: not found
          • Article: not found

          An enhancement of the Role-Based Access Control model to facilitate information access management in context of team collaboration and workflow

            Bookmark

            Author and article information

            Affiliations
            Centre for Distributed Computing

            Networks and Security

            Edinburgh Napier University, Edinburgh, UK
            Centre for Distributed Computing

            Networks and Security

            Edinburgh Napier University, Edinburgh, UK
            Centre for Distributed Computing

            Networks and Security

            Edinburgh Napier University, Edinburgh, UK
            Contributors
            Conference
            October 2015
            October 2015
            : 1-6
            10.14236/ewic/HIS2015.3
            © Grzegorz Spyra et al. Published by BCS Proceedings of BCS Health Informatics Scotland 2015 Conference. Research Papers.

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            BCS Health Informatics Scotland (HIS)
            HIS
            Edinburgh, UK
            7 & 8 October 2015
            Electronic Workshops in Computing (eWiC)
            mHealth & Inequalities, eHealth for an Ageing Population, Patient Portals and Personal Health Records
            Product
            Product Information: 1477-9358 BCS Learning & Development
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            Comments

            Comment on this article