Multi Authority Access Control in a Cloud EHR System with MA-ABE

Sharad Dixit, Karuna P. Joshi, Seung Geol Choi
2019 2019 IEEE International Conference on Edge Computing (EDGE)  
With the rapid adoption of Cloud-based Electronic Health Record (EHR) systems, health providers are particularly concerned about managing data privacy on the cloud. Existing approaches have either a scalability bottleneck by requiring that patients approve each sharing of their medical data or a trust bottleneck by having a single authority control every access thereby creating the problem of a single point of attack. To address both these bottlenecks, we have developed a novel framework that
more » ... ables policy based multi-authority access authorization to EHR systems accessed by multiple care providers from different locations or organizations. This framework, which resides on the Edge, has been built using the Multi-Authority Attribute Based Encryption (MA-ABE) and Semantic Web technologies to provide a secure, semantically rich approach to facilitate secure data sharing among organizations who manage different attributes of end users using a shared dataset. In this paper, we describe our novel approach along with the proof of concept prototype that we created to evaluate our framework.
doi:10.1109/edge.2019.00032 dblp:conf/edge/DixitJC19 fatcat:7m4j3ukxmvhzlhfff66gvenvia