Securing Electronic Medical Records Using Attribute-Based Encryption On Mobile Devices
Loading...
Authors
Akinyele, Joseph A.
Pagano, Matthew W.
Green, Matthew D.
Lehmann, Christoph U.
Peterson, Zachary N.J.
Rubin, Aviel D.
Subjects
Security
Advisors
Date of Issue
2011
Date
Publisher
Language
Abstract
We provide a design and implementation of self-protecting
electronic medical records (EMRs) using attribute-based encryption
on mobile devices. Our system allows healthcare
organizations to export EMRs to locations outside of their
trust boundary. In contrast to previous approaches, our solution
is designed to maintain EMR availability even when
providers are o✏ine, i.e., where network connectivity is not
available. To balance the needs of emergency care and patient
privacy, our system is designed to provide fine-grained
encryption and is able to protect individual items within an
EMR, where each encrypted item may have its own access
control policy. We implemented a prototype system using
a new key- and ciphertext-policy attribute-based encryption
library that we developed. Our implementation, which includes
an iPhone app for storing and managing EMRs offline,
allows for flexible and automated policy generation.
An evaluation of our design shows that our ABE library
performs well, has acceptable storage requirements, and is
practical and usable on modern smartphones.
Type
Article
Description
Series/Report No
Department
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
SPSM’11, October 17, 2011, Chicago, Illinois, USA.
Copyright 2011
Distribution Statement
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.