A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy

Quazi Mamun

doi:10.1007/978-3-319-67071-3_37

A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy

Quazi Mamun

Computing and Mathematics

Research output: Book chapter/Published conference paper › Conference paper

Abstract

In recent years, the electronic health record (eHR) system is regarded as one of the biggest developments in healthcare domains. A personally controlled electronic health record (PCEHR) system, offered by the Australian government makes the health system more agile, reliable, and sustainable. Although the existing PCEHR system is proposed to be fully controlled by the patients, however there are ways for healthcare professionals and database/system operators to reveal the records for corruption as system operators are assumed to be trusted by default. Moreover, as a consequence of increased threats to security of electronic health records, an actual need for a strong and effective authentication and access control methods has raised. Furthermore, due to the sensitive nature of eHRs, the most important challenges towards fine-grained, cryptographically implemented access control schemes which guarantee data privacy and reliability, verifying that only authorized people can access the corresponding health records. Moreover, an uninterrupted application of the security principle of electronic data files necessitates encrypted databases. In this paper we concentrates the above limitations together by proposing a robust authentication scheme and a hybrid access control model to enhance the security and privacy of eHRs. Homomorphic encryption technique is applied in storing and working with the eHRs in the proposed cloud-based PCEHR framework. The proposed model ensures the control of both security and privacy of eHRs accumulated in the cloud database.

Original language	English
Title of host publication	International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence
Editors	Jemal Abawajy, Kim-Kwang Raymond Choo, Rafiqul Islam
Publisher	Springer-Verlag London Ltd.
Pages	304-314
Number of pages	11
Volume	580
ISBN (Electronic)	9783319670713
ISBN (Print)	9783319670706
DOIs	https://doi.org/10.1007/978-3-319-67071-3_37
Publication status	Published - 01 Jan 2018
Event	International Conference on Applications and Techniques in Cyber Security and Intelligence: ATCSI 2017 - Zhejiang Business Technology Institute, Ningbo, China Duration: 16 Jun 2017 → 18 Jun 2017 http://aibd.us/ (Conference website) https://www.springer.com/us/book/9783319670706 (Conference proceedings)

Publication series

Name	Advances in Intelligent Systems and Computing
Volume	580
ISSN (Print)	2194-5357

Conference

Conference	International Conference on Applications and Techniques in Cyber Security and Intelligence
Country	China
City	Ningbo
Period	16/06/17 → 18/06/17
Other	The 2017 International Conference on Applications and Techniques in Cyber Intelligence (ATCI), building on the previous successes in Guangzhou, China (2016), Dallas, USA (2015), Beijing, China (2014), and Sydney, Australia (2013), is proud to be in the 5th consecutive conference year. Previously, the event is known as the International Workshop on Applications and Techniques in Cyber Security (ATCS 2016), held in conjunction with the International Conference on Security and Privacy in Communication Networks (SecureComm). The 2017 International Conference on Applications and Techniques in Cyber Security and Intelligence focuses on all aspects on techniques and applications in cyber and electronics security and intelligence research. The purpose of ATCI 2017 is to provide a forum for presentation and discussion of innovative ideas, cutting edge research results, and novel techniques, methods and applications on all aspects of cyber and electronics security and intelligence.
Internet address	http://aibd.us/ (Conference website) https://www.springer.com/us/book/9783319670706 (Conference proceedings)

Fingerprint

Health

Access control

Authentication

Data privacy

Cryptography

Cite this

Mamun, Q. (2018). A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy. In J. Abawajy, K-K. R. Choo, & R. Islam (Eds.), International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence (Vol. 580, pp. 304-314). (Advances in Intelligent Systems and Computing; Vol. 580). Springer-Verlag London Ltd.. https://doi.org/10.1007/978-3-319-67071-3_37

Mamun, Quazi. / A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy. International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence. editor / Jemal Abawajy ; Kim-Kwang Raymond Choo ; Rafiqul Islam. Vol. 580 Springer-Verlag London Ltd., 2018. pp. 304-314 (Advances in Intelligent Systems and Computing).

@inproceedings{69ac1f4cc4ac4605bc57faef06761c25,

title = "A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy",

abstract = "In recent years, the electronic health record (eHR) system is regarded as one of the biggest developments in healthcare domains. A personally controlled electronic health record (PCEHR) system, offered by the Australian government makes the health system more agile, reliable, and sustainable. Although the existing PCEHR system is proposed to be fully controlled by the patients, however there are ways for healthcare professionals and database/system operators to reveal the records for corruption as system operators are assumed to be trusted by default. Moreover, as a consequence of increased threats to security of electronic health records, an actual need for a strong and effective authentication and access control methods has raised. Furthermore, due to the sensitive nature of eHRs, the most important challenges towards fine-grained, cryptographically implemented access control schemes which guarantee data privacy and reliability, verifying that only authorized people can access the corresponding health records. Moreover, an uninterrupted application of the security principle of electronic data files necessitates encrypted databases. In this paper we concentrates the above limitations together by proposing a robust authentication scheme and a hybrid access control model to enhance the security and privacy of eHRs. Homomorphic encryption technique is applied in storing and working with the eHRs in the proposed cloud-based PCEHR framework. The proposed model ensures the control of both security and privacy of eHRs accumulated in the cloud database.",

keywords = "Access control, Authentication, E-health, Electronic health record, Homomorphic encryption, PCEHR",

author = "Quazi Mamun",

year = "2018",

month = "1",

day = "1",

doi = "10.1007/978-3-319-67071-3_37",

language = "English",

isbn = "9783319670706",

volume = "580",

series = "Advances in Intelligent Systems and Computing",

publisher = "Springer-Verlag London Ltd.",

pages = "304--314",

editor = "Jemal Abawajy and Choo, {Kim-Kwang Raymond} and Rafiqul Islam",

booktitle = "International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence",

address = "Germany",

}

Mamun, Q 2018, A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy. in J Abawajy, K-KR Choo & R Islam (eds), International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence. vol. 580, Advances in Intelligent Systems and Computing, vol. 580, Springer-Verlag London Ltd., pp. 304-314, International Conference on Applications and Techniques in Cyber Security and Intelligence, Ningbo, China, 16/06/17. https://doi.org/10.1007/978-3-319-67071-3_37

A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy. / Mamun, Quazi.

International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence. ed. / Jemal Abawajy; Kim-Kwang Raymond Choo; Rafiqul Islam. Vol. 580 Springer-Verlag London Ltd., 2018. p. 304-314 (Advances in Intelligent Systems and Computing; Vol. 580).

Research output: Book chapter/Published conference paper › Conference paper

TY - GEN

T1 - A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy

AU - Mamun, Quazi

PY - 2018/1/1

Y1 - 2018/1/1

N2 - In recent years, the electronic health record (eHR) system is regarded as one of the biggest developments in healthcare domains. A personally controlled electronic health record (PCEHR) system, offered by the Australian government makes the health system more agile, reliable, and sustainable. Although the existing PCEHR system is proposed to be fully controlled by the patients, however there are ways for healthcare professionals and database/system operators to reveal the records for corruption as system operators are assumed to be trusted by default. Moreover, as a consequence of increased threats to security of electronic health records, an actual need for a strong and effective authentication and access control methods has raised. Furthermore, due to the sensitive nature of eHRs, the most important challenges towards fine-grained, cryptographically implemented access control schemes which guarantee data privacy and reliability, verifying that only authorized people can access the corresponding health records. Moreover, an uninterrupted application of the security principle of electronic data files necessitates encrypted databases. In this paper we concentrates the above limitations together by proposing a robust authentication scheme and a hybrid access control model to enhance the security and privacy of eHRs. Homomorphic encryption technique is applied in storing and working with the eHRs in the proposed cloud-based PCEHR framework. The proposed model ensures the control of both security and privacy of eHRs accumulated in the cloud database.

AB - In recent years, the electronic health record (eHR) system is regarded as one of the biggest developments in healthcare domains. A personally controlled electronic health record (PCEHR) system, offered by the Australian government makes the health system more agile, reliable, and sustainable. Although the existing PCEHR system is proposed to be fully controlled by the patients, however there are ways for healthcare professionals and database/system operators to reveal the records for corruption as system operators are assumed to be trusted by default. Moreover, as a consequence of increased threats to security of electronic health records, an actual need for a strong and effective authentication and access control methods has raised. Furthermore, due to the sensitive nature of eHRs, the most important challenges towards fine-grained, cryptographically implemented access control schemes which guarantee data privacy and reliability, verifying that only authorized people can access the corresponding health records. Moreover, an uninterrupted application of the security principle of electronic data files necessitates encrypted databases. In this paper we concentrates the above limitations together by proposing a robust authentication scheme and a hybrid access control model to enhance the security and privacy of eHRs. Homomorphic encryption technique is applied in storing and working with the eHRs in the proposed cloud-based PCEHR framework. The proposed model ensures the control of both security and privacy of eHRs accumulated in the cloud database.

KW - Access control

KW - Authentication

KW - E-health

KW - Electronic health record

KW - Homomorphic encryption

KW - PCEHR

UR - http://www.scopus.com/inward/record.url?scp=85032691745&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85032691745&partnerID=8YFLogxK

UR - https://www.springerprofessional.de/en/international-conference-on-applications-and-techniques-in-cyber/15153646

UR - http://aibd.us/

U2 - 10.1007/978-3-319-67071-3_37

DO - 10.1007/978-3-319-67071-3_37

M3 - Conference paper

AN - SCOPUS:85032691745

SN - 9783319670706

VL - 580

T3 - Advances in Intelligent Systems and Computing

SP - 304

EP - 314

BT - International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence

A2 - Abawajy, Jemal

A2 - Choo, Kim-Kwang Raymond

A2 - Islam, Rafiqul

PB - Springer-Verlag London Ltd.

ER -

Mamun Q. A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy. In Abawajy J, Choo K-KR, Islam R, editors, International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence. Vol. 580. Springer-Verlag London Ltd. 2018. p. 304-314. (Advances in Intelligent Systems and Computing). https://doi.org/10.1007/978-3-319-67071-3_37

Access to Document

10.1007/978-3-319-67071-3_37