Home // eTELEMED 2016, The Eighth International Conference on eHealth, Telemedicine, and Social Medicine // View article

Three Levels of Access Control to Personal Health Records in a Healthcare Cloud

Authors:
Gabriel Sanchez Bautista
Ning Zhang

Keywords: eHealth; Attribute-based encryption; Secret sharing; Access control; Multilevel

Abstract:
We present a novel access control framework (3LAC), which supports multiple levels of access privileges. 3LAC is aimed to tackle the privacy issues in existing access control solutions to access patients’ records in cloud computing environments. In 3LAC, we propose an access control framework that extends the Ciphertext-Policy Attribute-Based Encryption (CP-ABE) with the integration of secret sharing in a way that different number of shares are needed to reconstruct a level-key. In this research work, we introduce the idea of level-keys. Level-keys are used to authenticate users when requesting the generation of private keys to decrypt patients’ data. Level-keys are split into different shares and users will request the shares to different level-key authorities (LKAs). The number of shares needed to reconstruct the level-key depends on the level of access privilege of the user. As the level of access privilege increases, the number of shares needed also increases. In a healthcare cloud context, 3 levels of access privileges have been identified, L1- Access to de-identified data-objects, L2- Access to individual data-objects and L3- Access to a large set of data-objects of a patient. The 3LAC framework incorporates a CP-ABE based 3-level access control model and the design of 4 protocols: 1- Upload data-object (UDO) , 2- Share acquisition (SAc), 3- Private key acquisition (PrKAc) and 4- Access to data-objects (ADO).

Pages: 160 to 164

Copyright: Copyright (c) IARIA, 2016

Publication date: April 24, 2016

Published in: conference

ISSN: 2308-4359

ISBN: 978-1-61208-470-1

Location: Venice, Italy

Dates: from April 24, 2016 to April 28, 2016