Securing Electronic Medical Records Using Attribute-Based Encryption On Mobile Devices
Akinyele, Joseph A.
Pagano, Matthew W.
Green, Matthew D.
Lehmann, Christoph U.
Peterson, Zachary N.J.
Rubin, Aviel D.
MetadataShow full item record
We provide a design and implementation of self-protecting electronic medical records (EMRs) using attribute-based encryption on mobile devices. Our system allows healthcare organizations to export EMRs to locations outside of their trust boundary. In contrast to previous approaches, our solution is designed to maintain EMR availability even when providers are o✏ine, i.e., where network connectivity is not available. To balance the needs of emergency care and patient privacy, our system is designed to provide fine-grained encryption and is able to protect individual items within an EMR, where each encrypted item may have its own access control policy. We implemented a prototype system using a new key- and ciphertext-policy attribute-based encryption library that we developed. Our implementation, which includes an iPhone app for storing and managing EMRs offline, allows for flexible and automated policy generation. An evaluation of our design shows that our ABE library performs well, has acceptable storage requirements, and is practical and usable on modern smartphones.
Showing items related by title, author, creator and subject.
Akinyele, Joseph A.; Lehmann, Christoph U.; Green, Matthew D.; Pagano, Matthew W.; Peterson, Zachary N.J.; Rubin, Aviel D. (2010);We provide a design and implementation of self-protecting electronic medical records (EMRs) us- ing attribute-based encryption. Our system allows healthcare organizations to export EMRs to storage locations outside of ...
The impact on quality of service when using security-enabling filters to provide for the security of run-time extensible virtual environments Salles, Ernesto J. (Monterey, California. Naval Postgraduate School, 2002-09);The Naval Postgraduate School is developing NPSNET-V, a Run-Time Extensible Virtual Environment (RTEVE) framework. RTEVEs differ from traditional VEs in that applications within the environment can both discover and use ...
Ware, Ryan T. (Monterey, California. Naval Postgraduate School, 2010-06);In this thesis, we attempt to analyze the effectiveness of defense-in-depth mechanisms. As an example of defense-indepth, we study two layers of encryption to protect network traffic. At a quick glance, two layers of ...