Secure Sharing of Personal Health Records in Cloud ComputingJournal: International Journal of Science and Research (IJSR) (Vol.2, No. 3)
Publication Date: 2013-03-05
Authors : B. Raj Kumar; S. Satyanarayana;
Page : 323-325
Keywords : PHR; patient-centric; Attribute Based Encryption;
Personal health record, or PHR, is a health record where health data and information related to the care of a patient is maintained by the patient. This stands in contrast with the more widely used electronic medical record, which is operated by institutions (such as a hospital) and contains data entered by clinicians or billing data to support insurance claims. The intention of a PHR is to provide a complete and accurate summary of an individual�s medical history which is accessible online. The health data on a PHR might include patient-reported outcome data, lab results, and data from devices such as wireless electronic weighing scales. Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients� control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. Existing Systems In the existing systems, the process uses revocable ABE algorithm. For each patient, the PHR data should be encrypted so that it is scalable with the number of users having access. Also, since there are multiple owners (patients) in a PHR system and every owner would encrypt her PHR files using a different set of cryptographic keys, it is important to reduce the key distribution complexity in such multi-owner settings. Existing cryptographic enforced access control schemes are mostly designed for the single-owner scenarios.
Other Latest Articles
Last modified: 2021-06-30 20:14:29