8th IEEE International Conference on Big Data Security on Cloud (BigDataSecurity 2022)
Semantically Rich Access Control in Cloud EHR Systems Based on MA-ABE
May 7, 2022
Winner of the Best Paper Award in the conference
With the rapid implementation of Cloud-based Electronic Health Record (EHR) systems, health providers are specifically concerned about handling data privacy on the cloud. Existing methods have either scalability issues by requiring that patients grant access to their medical data or a trust issue by having a single authority, thereby creating the problem of a single point of attack. Hence there is a need to develop an EHR system that addresses these bottlenecks for safe, secure, and easy cloud-based EHR management. To address these bottlenecks, we have developed a novel framework that allows policy-based multi-authority access permission to Electronic Health Record systems used by multiple care providers from various places or organizations. This framework, residing on the Edge, has been built using the Multi-Authority Attribute Based Encryption (MA-ABE) and Semantic Web technologies to provide a safe, semantically rich approach to facilitate secure data sharing among organizations who manage different attributes of end-users using a shared dataset. This paper describes our novel approach and the proof of concept prototype that we created to evaluate our framework.