Certificate-Based Encryption with Keyword Search: Enabling Secure Authorization in Electronic Health Record
In an e-Health scenario, we study how the practitioners are authorized when they are requesting access to medical documents containing sensitive information. Consider the following scenario. A clinician wants to access and retrieve a patient’s Electronic Health Record (EHR), and this means that the...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Innovative Information Science & Technology Research Group (ISYOU)
2016-11-01
|
| Series: | Journal of Internet Services and Information Security |
| Subjects: | |
| Online Access: | http://isyou.info/jisis/vol6/no4/jisis-2016-vol6-no4-01.pdf |
| _version_ | 1818207826423578624 |
|---|---|
| author | Clémentine Gritti Willy Susilo Thomas Plantard |
| author_facet | Clémentine Gritti Willy Susilo Thomas Plantard |
| author_sort | Clémentine Gritti |
| collection | DOAJ |
| description | In an e-Health scenario, we study how the practitioners are authorized when they are requesting access to medical documents containing sensitive information. Consider the following scenario. A clinician wants to access and retrieve a patient’s Electronic Health Record (EHR), and this means that the clinician must acquire sufficient access right to access this document. As the EHR is within a collection of many other patients, the clinician would need to specify some requirements (such as a keyword) which match the patient’s record, as well as having a valid access right. The complication begins when we do not want the server to learn anything from this query (as the server might be outsourced to other place). To encompass this situation, we define a new cryptographic primitive called Certificate-Based Encryption with Keyword Search (CBEKS), which will be suitable in this scenario. We also specify the corresponding security models, namely computational consistency, indistinguishability against chosen keyword and ciphertext attacks, indistinguishability against keyword-guessing attacks and collusion resistance. We provide a CBEKS construction that is proven secure in the standard model with respect to the aforementioned security models. |
| first_indexed | 2024-12-12T04:35:05Z |
| format | Article |
| id | doaj.art-973fbf330d714b018829bca0e1900dad |
| institution | Directory Open Access Journal |
| issn | 2182-2069 2182-2077 |
| language | English |
| last_indexed | 2024-12-12T04:35:05Z |
| publishDate | 2016-11-01 |
| publisher | Innovative Information Science & Technology Research Group (ISYOU) |
| record_format | Article |
| series | Journal of Internet Services and Information Security |
| spelling | doaj.art-973fbf330d714b018829bca0e1900dad2022-12-22T00:37:59ZengInnovative Information Science & Technology Research Group (ISYOU)Journal of Internet Services and Information Security2182-20692182-20772016-11-0164134Certificate-Based Encryption with Keyword Search: Enabling Secure Authorization in Electronic Health RecordClémentine Gritti0Willy Susilo1Thomas Plantard2University of WollongongUniversity of WollongongUniversity of WollongongIn an e-Health scenario, we study how the practitioners are authorized when they are requesting access to medical documents containing sensitive information. Consider the following scenario. A clinician wants to access and retrieve a patient’s Electronic Health Record (EHR), and this means that the clinician must acquire sufficient access right to access this document. As the EHR is within a collection of many other patients, the clinician would need to specify some requirements (such as a keyword) which match the patient’s record, as well as having a valid access right. The complication begins when we do not want the server to learn anything from this query (as the server might be outsourced to other place). To encompass this situation, we define a new cryptographic primitive called Certificate-Based Encryption with Keyword Search (CBEKS), which will be suitable in this scenario. We also specify the corresponding security models, namely computational consistency, indistinguishability against chosen keyword and ciphertext attacks, indistinguishability against keyword-guessing attacks and collusion resistance. We provide a CBEKS construction that is proven secure in the standard model with respect to the aforementioned security models.http://isyou.info/jisis/vol6/no4/jisis-2016-vol6-no4-01.pdfPublic-Key Encryption with Keyword SearchCertificate-Based EncryptionConsistencyIndistinguishability |
| spellingShingle | Clémentine Gritti Willy Susilo Thomas Plantard Certificate-Based Encryption with Keyword Search: Enabling Secure Authorization in Electronic Health Record Journal of Internet Services and Information Security Public-Key Encryption with Keyword Search Certificate-Based Encryption Consistency Indistinguishability |
| title | Certificate-Based Encryption with Keyword Search: Enabling Secure Authorization in Electronic Health Record |
| title_full | Certificate-Based Encryption with Keyword Search: Enabling Secure Authorization in Electronic Health Record |
| title_fullStr | Certificate-Based Encryption with Keyword Search: Enabling Secure Authorization in Electronic Health Record |
| title_full_unstemmed | Certificate-Based Encryption with Keyword Search: Enabling Secure Authorization in Electronic Health Record |
| title_short | Certificate-Based Encryption with Keyword Search: Enabling Secure Authorization in Electronic Health Record |
| title_sort | certificate based encryption with keyword search enabling secure authorization in electronic health record |
| topic | Public-Key Encryption with Keyword Search Certificate-Based Encryption Consistency Indistinguishability |
| url | http://isyou.info/jisis/vol6/no4/jisis-2016-vol6-no4-01.pdf |
| work_keys_str_mv | AT clementinegritti certificatebasedencryptionwithkeywordsearchenablingsecureauthorizationinelectronichealthrecord AT willysusilo certificatebasedencryptionwithkeywordsearchenablingsecureauthorizationinelectronichealthrecord AT thomasplantard certificatebasedencryptionwithkeywordsearchenablingsecureauthorizationinelectronichealthrecord |