Privacy-Preserving Data Sharing using Multi-layer Access Control Model in Electronic Health Environment
DOI:
https://doi.org/10.4108/eai.13-7-2018.159356Keywords:
Electronic Health Records, security, privacy, MLAC, cyber-attacks, ProvenanceAbstract
Electronic Health Data (EHD) is an emerging health information exchange model that facilitates healthcare providers and patients to efficiently store and share their private healthcare information from any place and at any time as per demand. Generally, Cloud services provide the infrastructure by reducing the cost of storing, processing and updating information with improved efficiency and quality. However, the privacy of Electronic Health Records (EHR) is a significant hurdle while outsourcing private health data in the cloud because there is a higher peril of leaking health information to unauthorized parties. Several existing techniques are able to analyse the security and privacy issues associated with e-healthcare services. These methods are designed for single database, or databases, with an authentication centre and thus cannot adequately protect the data from insider attacks. Therefore, this research study mainly focusses on how to ensure the patient privacy while sharing the sensitive data between same or different organisations as well as healthcare providers in a cloud environment. This paper proposes a multi-layer access control mechanism named MLAC Model to construct a secure and privacy-preserving EHR system that enables patients to share their data with stakeholders. In this paper, we use a Dual layer access control model named Pseudo-Role Attribute based access control (PR-ABAC) mechanism that integrates attributes with roles for the secure sharing of EHR between multiple collaborators. The proposed framework also uses the concept of Provenance to ensure the Integrity of patient data. This work is expected to provide a foundation for developing security solutions against cyber-attacks, and thus contribute to the robustness of healthcare information sharing environments.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2022 EAI Endorsed Transactions on Scalable Information Systems
This work is licensed under a Creative Commons Attribution 3.0 Unported License.
This is an open access article distributed under the terms of the CC BY-NC-SA 4.0, which permits copying, redistributing, remixing, transformation, and building upon the material in any medium so long as the original work is properly cited.