A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy

Research output: Book chapter/Published conference paperConference paper

Abstract

In recent years, the electronic health record (eHR) system is regarded as one of the biggest developments in healthcare domains. A personally controlled electronic health record (PCEHR) system, offered by the Australian government makes the health system more agile, reliable, and sustainable. Although the existing PCEHR system is proposed to be fully controlled by the patients, however there are ways for healthcare professionals and database/system operators to reveal the records for corruption as system operators are assumed to be trusted by default. Moreover, as a consequence of increased threats to security of electronic health records, an actual need for a strong and effective authentication and access control methods has raised. Furthermore, due to the sensitive nature of eHRs, the most important challenges towards fine-grained, cryptographically implemented access control schemes which guarantee data privacy and reliability, verifying that only authorized people can access the corresponding health records. Moreover, an uninterrupted application of the security principle of electronic data files necessitates encrypted databases. In this paper we concentrates the above limitations together by proposing a robust authentication scheme and a hybrid access control model to enhance the security and privacy of eHRs. Homomorphic encryption technique is applied in storing and working with the eHRs in the proposed cloud-based PCEHR framework. The proposed model ensures the control of both security and privacy of eHRs accumulated in the cloud database.
Original languageEnglish
Title of host publicationInternational Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence
EditorsJemal Abawajy, Kim-Kwang Raymond Choo, Rafiqul Islam
PublisherSpringer-Verlag London Ltd.
Pages304-314
Number of pages11
Volume580
ISBN (Electronic)9783319670713
ISBN (Print)9783319670706
DOIs
Publication statusPublished - 01 Jan 2018
EventInternational Conference on Applications and Techniques in Cyber Security and Intelligence: ATCSI 2017 - Zhejiang Business Technology Institute, Ningbo, China
Duration: 16 Jun 201718 Jun 2017
http://aibd.us/ (Conference website)
https://www.springer.com/us/book/9783319670706 (Conference proceedings)

Publication series

NameAdvances in Intelligent Systems and Computing
Volume580
ISSN (Print)2194-5357

Conference

ConferenceInternational Conference on Applications and Techniques in Cyber Security and Intelligence
CountryChina
CityNingbo
Period16/06/1718/06/17
OtherThe 2017 International Conference on Applications and Techniques in Cyber Intelligence (ATCI), building on the previous successes in Guangzhou, China (2016), Dallas, USA (2015), Beijing, China (2014), and Sydney, Australia (2013), is proud to be in the 5th consecutive conference year. Previously, the event is known as the International Workshop on Applications and Techniques in Cyber Security (ATCS 2016), held in conjunction with the International Conference on Security and Privacy in Communication Networks (SecureComm).

The 2017 International Conference on Applications and Techniques in Cyber Security and Intelligence focuses on all aspects on techniques and applications in cyber and electronics security and intelligence research. The purpose of ATCI 2017 is to provide a forum for presentation and discussion of innovative ideas, cutting edge research results, and novel techniques, methods and applications on all aspects of cyber and electronics security and intelligence.
Internet address

Fingerprint

Health
Access control
Authentication
Data privacy
Cryptography

Cite this

Mamun, Q. (2018). A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy. In J. Abawajy, K-K. R. Choo, & R. Islam (Eds.), International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence (Vol. 580, pp. 304-314). (Advances in Intelligent Systems and Computing; Vol. 580). Springer-Verlag London Ltd.. https://doi.org/10.1007/978-3-319-67071-3_37
Mamun, Quazi. / A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy. International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence. editor / Jemal Abawajy ; Kim-Kwang Raymond Choo ; Rafiqul Islam. Vol. 580 Springer-Verlag London Ltd., 2018. pp. 304-314 (Advances in Intelligent Systems and Computing).
@inproceedings{69ac1f4cc4ac4605bc57faef06761c25,
title = "A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy",
abstract = "In recent years, the electronic health record (eHR) system is regarded as one of the biggest developments in healthcare domains. A personally controlled electronic health record (PCEHR) system, offered by the Australian government makes the health system more agile, reliable, and sustainable. Although the existing PCEHR system is proposed to be fully controlled by the patients, however there are ways for healthcare professionals and database/system operators to reveal the records for corruption as system operators are assumed to be trusted by default. Moreover, as a consequence of increased threats to security of electronic health records, an actual need for a strong and effective authentication and access control methods has raised. Furthermore, due to the sensitive nature of eHRs, the most important challenges towards fine-grained, cryptographically implemented access control schemes which guarantee data privacy and reliability, verifying that only authorized people can access the corresponding health records. Moreover, an uninterrupted application of the security principle of electronic data files necessitates encrypted databases. In this paper we concentrates the above limitations together by proposing a robust authentication scheme and a hybrid access control model to enhance the security and privacy of eHRs. Homomorphic encryption technique is applied in storing and working with the eHRs in the proposed cloud-based PCEHR framework. The proposed model ensures the control of both security and privacy of eHRs accumulated in the cloud database.",
keywords = "Access control, Authentication, E-health, Electronic health record, Homomorphic encryption, PCEHR",
author = "Quazi Mamun",
year = "2018",
month = "1",
day = "1",
doi = "10.1007/978-3-319-67071-3_37",
language = "English",
isbn = "9783319670706",
volume = "580",
series = "Advances in Intelligent Systems and Computing",
publisher = "Springer-Verlag London Ltd.",
pages = "304--314",
editor = "Jemal Abawajy and Choo, {Kim-Kwang Raymond} and Rafiqul Islam",
booktitle = "International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence",
address = "Germany",

}

Mamun, Q 2018, A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy. in J Abawajy, K-KR Choo & R Islam (eds), International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence. vol. 580, Advances in Intelligent Systems and Computing, vol. 580, Springer-Verlag London Ltd., pp. 304-314, International Conference on Applications and Techniques in Cyber Security and Intelligence, Ningbo, China, 16/06/17. https://doi.org/10.1007/978-3-319-67071-3_37

A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy. / Mamun, Quazi.

International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence. ed. / Jemal Abawajy; Kim-Kwang Raymond Choo; Rafiqul Islam. Vol. 580 Springer-Verlag London Ltd., 2018. p. 304-314 (Advances in Intelligent Systems and Computing; Vol. 580).

Research output: Book chapter/Published conference paperConference paper

TY - GEN

T1 - A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy

AU - Mamun, Quazi

PY - 2018/1/1

Y1 - 2018/1/1

N2 - In recent years, the electronic health record (eHR) system is regarded as one of the biggest developments in healthcare domains. A personally controlled electronic health record (PCEHR) system, offered by the Australian government makes the health system more agile, reliable, and sustainable. Although the existing PCEHR system is proposed to be fully controlled by the patients, however there are ways for healthcare professionals and database/system operators to reveal the records for corruption as system operators are assumed to be trusted by default. Moreover, as a consequence of increased threats to security of electronic health records, an actual need for a strong and effective authentication and access control methods has raised. Furthermore, due to the sensitive nature of eHRs, the most important challenges towards fine-grained, cryptographically implemented access control schemes which guarantee data privacy and reliability, verifying that only authorized people can access the corresponding health records. Moreover, an uninterrupted application of the security principle of electronic data files necessitates encrypted databases. In this paper we concentrates the above limitations together by proposing a robust authentication scheme and a hybrid access control model to enhance the security and privacy of eHRs. Homomorphic encryption technique is applied in storing and working with the eHRs in the proposed cloud-based PCEHR framework. The proposed model ensures the control of both security and privacy of eHRs accumulated in the cloud database.

AB - In recent years, the electronic health record (eHR) system is regarded as one of the biggest developments in healthcare domains. A personally controlled electronic health record (PCEHR) system, offered by the Australian government makes the health system more agile, reliable, and sustainable. Although the existing PCEHR system is proposed to be fully controlled by the patients, however there are ways for healthcare professionals and database/system operators to reveal the records for corruption as system operators are assumed to be trusted by default. Moreover, as a consequence of increased threats to security of electronic health records, an actual need for a strong and effective authentication and access control methods has raised. Furthermore, due to the sensitive nature of eHRs, the most important challenges towards fine-grained, cryptographically implemented access control schemes which guarantee data privacy and reliability, verifying that only authorized people can access the corresponding health records. Moreover, an uninterrupted application of the security principle of electronic data files necessitates encrypted databases. In this paper we concentrates the above limitations together by proposing a robust authentication scheme and a hybrid access control model to enhance the security and privacy of eHRs. Homomorphic encryption technique is applied in storing and working with the eHRs in the proposed cloud-based PCEHR framework. The proposed model ensures the control of both security and privacy of eHRs accumulated in the cloud database.

KW - Access control

KW - Authentication

KW - E-health

KW - Electronic health record

KW - Homomorphic encryption

KW - PCEHR

UR - http://www.scopus.com/inward/record.url?scp=85032691745&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85032691745&partnerID=8YFLogxK

UR - https://www.springerprofessional.de/en/international-conference-on-applications-and-techniques-in-cyber/15153646

UR - http://aibd.us/

U2 - 10.1007/978-3-319-67071-3_37

DO - 10.1007/978-3-319-67071-3_37

M3 - Conference paper

AN - SCOPUS:85032691745

SN - 9783319670706

VL - 580

T3 - Advances in Intelligent Systems and Computing

SP - 304

EP - 314

BT - International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence

A2 - Abawajy, Jemal

A2 - Choo, Kim-Kwang Raymond

A2 - Islam, Rafiqul

PB - Springer-Verlag London Ltd.

ER -

Mamun Q. A conceptual framework of personally controlled electronic health record (PCEHR) system to enhance security and privacy. In Abawajy J, Choo K-KR, Islam R, editors, International Conference on Applications and Techniques in Cyber Security and Intelligence - Applications and Techniques in Cyber Security and Intelligence. Vol. 580. Springer-Verlag London Ltd. 2018. p. 304-314. (Advances in Intelligent Systems and Computing). https://doi.org/10.1007/978-3-319-67071-3_37