Skip to main content
placeholder image

Multi-authority security framework for scalable EHR systems

Journal Article


Abstract


  • Electronic health record (EHR) systems can be operated in a large-scale distributed environment, such as cloud computing, which might have to be managed by multiple authorities who control the access to patient records. In this way, a large amount of data from patients can be hosted on a large-scale distributed system. Unfortunately, the security of such systems is usually inadequate, which results in the hindrance of the EHR systems adoption in practice. Attribute-based systems have been a popular choice that could provide a flexible and reliable access control to EHR databases, which are usually managed by a single authority, who is responsible for setting up the system's policy. In a large-scale distributed system, it might be necessary to have multiple authorities, who can handle users located in different areas. Nevertheless, one of the challenges is how to enable multiple authorities with a single access policy. In this paper, we provide a sound solution to this issue. Our EHR system provides a secure environment for EHR users to use the system conveniently and provide the flexibility and scalability.

Publication Date


  • 2016

Citation


  • Rezaeibagha, F., Mu, Y., Susilo, W. & Win, K. (2016). Multi-authority security framework for scalable EHR systems. International Journal of Medical Engineering and Informatics, 8 (4), 390-408.

Scopus Eid


  • 2-s2.0-84990250519

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers1/1956

Number Of Pages


  • 18

Start Page


  • 390

End Page


  • 408

Volume


  • 8

Issue


  • 4

Place Of Publication


  • United Kingdom

Abstract


  • Electronic health record (EHR) systems can be operated in a large-scale distributed environment, such as cloud computing, which might have to be managed by multiple authorities who control the access to patient records. In this way, a large amount of data from patients can be hosted on a large-scale distributed system. Unfortunately, the security of such systems is usually inadequate, which results in the hindrance of the EHR systems adoption in practice. Attribute-based systems have been a popular choice that could provide a flexible and reliable access control to EHR databases, which are usually managed by a single authority, who is responsible for setting up the system's policy. In a large-scale distributed system, it might be necessary to have multiple authorities, who can handle users located in different areas. Nevertheless, one of the challenges is how to enable multiple authorities with a single access policy. In this paper, we provide a sound solution to this issue. Our EHR system provides a secure environment for EHR users to use the system conveniently and provide the flexibility and scalability.

Publication Date


  • 2016

Citation


  • Rezaeibagha, F., Mu, Y., Susilo, W. & Win, K. (2016). Multi-authority security framework for scalable EHR systems. International Journal of Medical Engineering and Informatics, 8 (4), 390-408.

Scopus Eid


  • 2-s2.0-84990250519

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers1/1956

Number Of Pages


  • 18

Start Page


  • 390

End Page


  • 408

Volume


  • 8

Issue


  • 4

Place Of Publication


  • United Kingdom