AC-ABAC: Attribute-based access control for electronic medical records during acute care

Acute care demands fast response and procedures from the healthcare professionals involved in the emergency. The availability of electronic medical records (EMR) enables acute care teams to access patient data promptly, which is critical for proper treatment. The EMR contains sensitive data, so proper access control is a necessity. However, acute care situations entail the introduction of dynamic authorisation techniques that are able to swiftly grant access to the acute care teams during the treatment and that at the same time can revoke it as soon as the treatment is over. In this work, our contributions are threefold. First, we propose a step-by-step methodology that defines dynamic and fine-grained access control in acute care incidents. Then, we applied this methodology with the Amsterdam University Medical Center acute stroke care teams, resulting in a new model coined ’Acute Care Attribute-Based Access Control (AC-ABAC)’. AC-ABAC implements access control policies that take into account contextual attributes for dynamically sharing patient data with the appropriate healthcare professionals during the life cycle of acute care. Finally, we evaluate the performance and show the feasibility and correctness of AC-ABAC through a prototype implementation of the model and simulation of patient data requests in various scenarios. The results show that the most complex policy evaluation takes on average 194.89 ms, which is considered worthwhile when compared to the added value to the system's security and the acute care process

AC-AC: Dynamic revocable access control for acute care teams to access medical records

Acute care demands the collaboration of multiple healthcare professionals and various organisations. During an emergency, the availability of Electronic Medical Records (EMR) allows acute care teams to access a patient's data promptly, which facilitates the decision-making process. Cloud solutions offer an environment to store and share patients' EMR. However, security and privacy issues arise, which affect the availability of the patients' EMR. Inspired by a hybrid encryption scheme combining Dynamic index-based Symmetric Searchable Encryption (DSSE) and Attribute-Based Encryption (ABE), we proposed the data Access Control for Acute Care teams (AC-AC). AC-AC is a dynamic revocable access control protocol that enables break-glass access for an authorised member of an acute care team that is treating the patient. The proposed protocol allows a team to grant and revoke access for other teams to the patient's EMR dynamically according to the treatment's demands. We present a formal security analysis proving that AC-AC protocol is resilient to multiple attacks. Finally, we analysed the overhead in time complexity for the protocol execution and experimented with each algorithm. The experimental expected execution time for the AC-AC algorithms was below 170 ms, therefore feasible for an acute care timeline

Blockchain reputation-based consensus: A scalable and resilient mechanism for distributed mistrusting applications

Consensus mechanisms in blockchain applications allow mistrusting peers to agree on the global state of the chain. Most of the existing consensus mechanisms, however, are constrained by low efficiency and high energy consumption. In this paper, we propose the Blockchain Reputation-Based Consensus (BRBC) mechanism in which a node must have the reputation score higher than a given network trust threshold before being allowed to insert a new block in the chain. A randomly-selected set of judges monitors the behaviour of each node involved in the consensus and updates the node reputation score. Every cooperative behaviour results in a reward, and a non-cooperative or malicious behaviour results in a punishment. BRBC also uses the reputation score to revoke access to nodes with a reputation score below a given threshold. We present a security analysis, and we demonstrate that BRBC resists against a set of known attacks in the blockchain network. Finally, we simulate a blockchain network to assert the mechanism scalability and resilience to malicious actions in various network scenarios and different rates of malicious actions. The results show BRBC to be efficient to expel all nodes that acted with more than 50% of malicious actions