A novel decentralized hierarchical access control scheme for the medical scenario

Sigurd Eskeland; Neeli R. Prasad

doi:10.1109/MOBIQW.2006.361772

A novel decentralized hierarchical access control scheme for the medical scenario

Sigurd Eskeland, Neeli R. Prasad

Department of Electronic Systems

Research output: Contribution to book/anthology/report/conference proceeding › Article in proceeding › Research › peer-review

Abstract

Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users.

Original language	English
Title of host publication	2006 Third Annual International Conference on Mobile and Ubiquitous Systems - Workshops
Number of pages	6
Publisher	IEEE Press
Publication date	2006
Pages	403-408
ISBN (Print)	978-0-7803-9791-0
DOIs	https://doi.org/10.1109/MOBIQW.2006.361772
Publication status	Published - 2006

Access to Document

10.1109/MOBIQW.2006.361772

AUB Link

Search for the material in Aalborg University Library's search engine

Cite this

@inproceedings{458f61e8df904ee098f0467572225ae1,

title = "A novel decentralized hierarchical access control scheme for the medical scenario",

abstract = "Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users.",

author = "Sigurd Eskeland and Prasad, {Neeli R.}",

year = "2006",

doi = "10.1109/MOBIQW.2006.361772",

language = "English",

isbn = "978-0-7803-9791-0",

pages = "403--408",

booktitle = "2006 Third Annual International Conference on Mobile and Ubiquitous Systems - Workshops",

publisher = "IEEE Press",

}

TY - GEN

T1 - A novel decentralized hierarchical access control scheme for the medical scenario

AU - Eskeland, Sigurd

AU - Prasad, Neeli R.

PY - 2006

Y1 - 2006

N2 - Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users.

AB - Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users.

U2 - 10.1109/MOBIQW.2006.361772

DO - 10.1109/MOBIQW.2006.361772

M3 - Article in proceeding

SN - 978-0-7803-9791-0

SP - 403

EP - 408

BT - 2006 Third Annual International Conference on Mobile and Ubiquitous Systems - Workshops

PB - IEEE Press

ER -