@inproceedings{cfba318cc0c0458f93bc729dfb1e72c5,
title = "Secure access delegation of encrypted medical information",
abstract = "The design of modern medical data information systems is driven by the need to collect and present data to authorized users. For collected medical data to be effective and improve patient treatment it must be transported from a device, aggregated, and analyzed to produce results that can be shared with care providers. Medical data may be analyzed and used years after collection at different locations because data sources and care providers often operate on different time scales and are geographically distributed. The need for distributed and long-term medical data storage thus requires an effective security model to delegate data access. Current data access delegation models do not provide end-to-end protection. An effective delegation model must keep data encrypted at all times and avoid the need to share decryption keys to avoid security vulnerabilities. We present a secure information architecture and prototype to implement such a model with end-to-end data encryption while restricting data access to designated recipients. Our architecture integrates recent Proxy Re-Encryption (PRE) advances into a client-server based security model that can be applied to open Internet communications. We discuss design tradeoffs and show experimental results. Our architecture lowers health care data management costs by enabling the secure outsourcing of data hosting to low-cost cloud computing environments. The architecture will also reduce the vulnerability of health care data systems to security challenges such as attacks compromising confidentiality and malicious insiders.",
author = "{Deb Gupta}, Arnab and Yuriy Polyakov and Kurt Rohloff",
note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 10th International Symposium on Medical Information and Communication Technology, ISMICT 2016 ; Conference date: 20-03-2016 Through 23-03-2016",
year = "2016",
month = jun,
day = "23",
doi = "10.1109/ISMICT.2016.7498900",
language = "English (US)",
series = "International Symposium on Medical Information and Communication Technology, ISMICT",
publisher = "IEEE Computer Society",
booktitle = "2016 10th International Symposium on Medical Information and Communication Technology, ISMICT 2016",
address = "United States",
}