A Decentralized Pseudonym Scheme for Cloud-based eHealth Systems

Liangyu Xu, Armin B. Cremers

Abstract

A decentralized pseudonym scheme is proposed for providing storage, encryption and authentication of patients’ EHRs in cloud-based eHealth systems. The pseudonyms of a patient are generated from the patient’s secrets and each of them is used as the index of an EHR entry of the patient. An encryption key derived from the pseudonym can be used to encrypt the corresponding EHR entry. The pseudonyms can also be used for the patient proving the ownership of the EHR without disclosing the identity of the patient. Some protocols and remarks for using the pseudonym scheme are also discussed.

References

  1. Alemán, J. L. F., Señor, I. C., Lozoya, P. Á. O., Toval, A., 2013. Security and privacy in electronic health records: A systematic literature review. Journal of biomedical informatics.
  2. Alhaqbani, B., Fidge, C., 2008. Privacy-preserving electronic health record linkage using pseudonym identifiers. HealthCom 2008. 10th International Conference on e-health Network- ing, Applications and Services: IEEE. pp. 108-117.
  3. Deng, M., Petkovic, M., Nalin, M., Baroni, I., 2011. A Home Healthcare System in the Cloud--Addressing Security and Privacy Challenges. 2011 International Conference on Cloud Computing: IEEE. pp. 549-556.
  4. Garets, D., Davis, M., 2006. Electronic medical records vs. electronic health records: yes, there is a difference. Policy white paper. Chicago, HIMSS Analytics.
  5. Li, Z.-R., Chang, E.-C., Huang, K.-H., Lai, F., 2011. A secure electronic medical record sharing mechanism in the cloud computing platform., 15th International Symposium on Consumer Electronics (ISCE): IEEE. pp. 98-103.
  6. Lim, C. H., Lee, P. J., 1997. A key recovery attack on discrete log-based schemes using a prime order subgroup. In Advances in Cryptology-CRYPTO'97, pp. 249-263: Springer.
  7. Löhr, H., Sadeghi, A.-R., Winandy, M., 2010. Securing the e-health cloud. Proceedings of the 1st ACM International Health Informatics Symposium: ACM. pp. 220-229.
  8. Lysyanskaya, A., Rivest, R. L., Sahai, A., Wolf, S., 2000. Pseudonym systems. Selected Areas in Cryptography: pp. 184-199.
  9. McCurley, K. S., 1990. The discrete logarithm problem. Proc. of Symp. in Applied Math. pp. 49-74.
  10. Mell, P., Grance, T., 2011. The NIST definition of cloud computing (draft). NIST special publication, 800 (145): 7.
  11. Microsoft., 2007. HealthVault. www.healthvault.com.
  12. Pfitzmann, A., Köhntopp, M., 2001. Anonymity, unobservability, and pseudonymity-a proposal for terminology. Designing privacy enhancing technologies: Springer. pp. 1-9.
  13. Rui, Z., Ling, L., 2010, 5-10 July 2010. Security Models and Requirements for Healthcare Application Clouds. IEEE 3rd International Conference on Cloud Computing: IEEE. pp. 268-275.
  14. Ruland, C. M., Brynhi, H., Andersen, R., Bryhni, T., 2008. Developing a shared electronic health record for patients and clinicians. Studies in health technology and informatics, 136: 57-62.
  15. Schneier, B., 1996. Applied cryptography. Protocols, Algorithms, and Source Code in C/Bruce Schneier: John Wiley, Sons, Inc.
  16. Stingl, C., Slamanig, D., 2008. Privacy-enhancing methods for e-health applications: how to prevent statistical analyses and attacks. International Journal of Business Intelligence and Data Mining, 3 (3): 236- 254.
  17. Tang, P. C., Ash, J. S., Bates, D. W., Overhage, J. M., Sands, D. Z., 2006. Personal health records: definitions, benefits, and strategies for overcoming barriers to adoption. J Am Med Inform Assoc, 13 (2): 121-6.
Download


Paper Citation


in Harvard Style

Xu L. and Cremers A. (2014). A Decentralized Pseudonym Scheme for Cloud-based eHealth Systems . In Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2014) ISBN 978-989-758-010-9, pages 230-237. DOI: 10.5220/0004747602300237


in Bibtex Style

@conference{healthinf14,
author={Liangyu Xu and Armin B. Cremers},
title={A Decentralized Pseudonym Scheme for Cloud-based eHealth Systems},
booktitle={Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2014)},
year={2014},
pages={230-237},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004747602300237},
isbn={978-989-758-010-9},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2014)
TI - A Decentralized Pseudonym Scheme for Cloud-based eHealth Systems
SN - 978-989-758-010-9
AU - Xu L.
AU - Cremers A.
PY - 2014
SP - 230
EP - 237
DO - 10.5220/0004747602300237