In recent years, the electronic health record (eHR) system is regarded as one of the biggest developments in healthcare domains. A personally controlled electronic health record (PCEHR) system, offered by the Australian government makes the health system more agile, reliable, and sustainable. Although the existing PCEHR system is proposed to be fully controlled by the patients, however there are ways for healthcare professionals and database/system operators to reveal the records for corruption as system operators are assumed to be trusted by default. Moreover, as a consequence of increased threats to security of electronic health records, an actual need for a strong and effective authentication and access control methods has raised. Furthermore, due to the sensitive nature of eHRs, the most important challenges towards fine-grained, cryptographically implemented access control schemes which guarantee data privacy and reliability, verifying that only authorized people can access the corresponding health records. Moreover, an uninterrupted application of the security principle of electronic data files necessitates encrypted databases. In this paper we concentrates the above limitations together by proposing a robust authentication scheme and a hybrid access control model to enhance the security and privacy of eHRs. Homomorphic encryption technique is applied in storing and working with the eHRs in the proposed cloud-based PCEHR framework. The proposed model ensures the control of both security and privacy of eHRs accumulated in the cloud database.
|Title of host publication||International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence|
|Editors||Jemal Abawajy, Kim-Kwang Raymond Choo, Rafiqul Islam|
|Publisher||Springer-Verlag London Ltd.|
|Number of pages||11|
|Publication status||Published - 01 Jan 2018|
|Event||International Conference on Applications and Techniques in Cyber Security and Intelligence: ATCSI 2017 - Zhejiang Business Technology Institute, Ningbo, China|
Duration: 16 Jun 2017 → 18 Jun 2017
http://aibd.us/ (Conference website)
https://www.springer.com/us/book/9783319670706 (Conference proceedings)
|Name||Advances in Intelligent Systems and Computing|
|Conference||International Conference on Applications and Techniques in Cyber Security and Intelligence|
|Period||16/06/17 → 18/06/17|
|Other||The 2017 International Conference on Applications and Techniques in Cyber Intelligence (ATCI), building on the previous successes in Guangzhou, China (2016), Dallas, USA (2015), Beijing, China (2014), and Sydney, Australia (2013), is proud to be in the 5th consecutive conference year. Previously, the event is known as the International Workshop on Applications and Techniques in Cyber Security (ATCS 2016), held in conjunction with the International Conference on Security and Privacy in Communication Networks (SecureComm). |
The 2017 International Conference on Applications and Techniques in Cyber Security and Intelligence focuses on all aspects on techniques and applications in cyber and electronics security and intelligence research. The purpose of ATCI 2017 is to provide a forum for presentation and discussion of innovative ideas, cutting edge research results, and novel techniques, methods and applications on all aspects of cyber and electronics security and intelligence.
Mamun, Q. (2018). A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy. In J. Abawajy, K-K. R. Choo, & R. Islam (Eds.), International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence (Vol. 580, pp. 304-314). (Advances in Intelligent Systems and Computing; Vol. 580). Springer-Verlag London Ltd.. https://doi.org/10.1007/978-3-319-67071-3_37