2 research outputs found
Health Access Broker: Secure, Patient-Controlled Management of Personal Health Records in the Cloud
Secure and privacy-preserving management of Personal Health Records (PHRs)
has proved to be a major challenge in modern healthcare. Current solutions
generally do not offer patients a choice in where the data is actually stored
and also rely on at least one fully trusted element that patients must also
trust with their data. In this work, we present the Health Access Broker (HAB),
a patient-controlled service for secure PHR sharing that (a) does not impose a
specific storage location (uniquely for a PHR system), and (b) does not assume
any of its components to be fully secure against adversarial threats. Instead,
HAB introduces a novel auditing and intrusion-detection mechanism where its
workflow is securely logged and continuously inspected to provide auditability
of data access and quickly detect any intrusions.Comment: Copy of the paper accepted at 13th International Conference on
Computational Intelligence in Security for Information Systems (CISIS
Health Access Broker: Secure, patient-controlled management of Personal Health Records in the Cloud
Secure and privacy-preserving management of Personal Health Records (PHRs) has proved to be a major challenge in modern healthcare. Current solutions generally do not offer patients a choice in where the data is actually stored, and also rely on at least one fully trusted element that patients must also trust with their data. In this work, we present the Health Access Broker (HAB), a patient-controlled service for secure PHR sharing that (a) does not impose a specific storage location (uniquely for a PHR system), and (b) does not assume any of its components to be fully secure against adversarial threats. Instead, HAB introduces a novel auditing and intrusion-detection mechanism where its workflow is securely logged and continuously inspected to provide auditability of data access and quickly detect any intrusions