Tampere University of Technology

TUTCRIS Research Portal

A break-glass protocol based on ciphertext-policy attribute-based encryption to access medical records in the cloud

Research output: Contribution to journalArticleScientificpeer-review

Details

Original languageEnglish
Pages (from-to)103-119
Number of pages17
JournalAnnales des Telecommunications/Annals of Telecommunications
Volume75
Issue number3-4
DOIs
Publication statusPublished - 2020
Publication typeA1 Journal article-refereed

Abstract

In emergency care, fast and efficient treatment is vital. The availability of Electronic Medical Records (EMR) allows healthcare professionals to access a patient’s data promptly, which facilitates the decision-making process and saves time by not repeating medical procedures. Unfortunately, the complete EMR of a patient is often not available during an emergency situation to all treatment teams. Cloud services emerge as a promising solution to this problem by allowing ubiquitous access to information. However, EMR storage and sharing through clouds raise several concerns about security and privacy. To this end, we propose a protocol through which all treatment teams involved in the emergency care can securely decrypt relevant data from the patient’s EMR and add new information about the patient’s status. Furthermore, our protocol ensures that treatment teams will only access the patient’s EMR for the period during which the patient is under their care. Finally, we present a formal security analysis of our protocol and some initial experimental results.

ASJC Scopus subject areas

Keywords

  • Access control, Break-glass access, Ciphertext-policy attribute-based encryption, e-health privacy, Electronic medical records, Emergency care, Secure cloud storage

Publication forum classification