TY - GEN
T1 - PAAS
T2 - 32nd IEEE International Conference on Distributed Computing Systems, ICDCS 2012
AU - Guo, Linke
AU - Zhang, Chi
AU - Sun, Jinyuan
AU - Fang, Yuguang
N1 - Publication details (e.g. title, author(s), publication statuses and dates) are captured on an “AS IS” and “AS AVAILABLE” basis at the time of record harvesting from the data source. Suggestions for further amendments or supplementary information can be sent to [email protected].
PY - 2012
Y1 - 2012
N2 - Recently, eHealth systems have replaced paper based medical system due to its prominent features of convenience and accuracy. Also, since the medical data can be stored on any kind of digital devices, people can easily obtain medical services at any time and any place. However, privacy concern over patient medical data draws an increasing attention. In the current eHealth networks, patients are assigned multiple attributes which directly reflect their symptoms, undergoing treatments, etc. Those life-threatened attributes need to be verified by an authorized medical facilities, such as hospitals and clinics. When there is a need for medical services, patients have to be authenticated by showing their identities and the corresponding attributes in order to take appropriate healthcare actions. However, directly disclosing those attributes for verification may expose real identities. Therefore, existing eHealth systems fail to preserve patients' private attribute information while maintaining original functionalities of medical services. To solve this dilemma, we propose a framework called PAAS which leverages users' verifiable attributes to authenticate users in eHealth systems while preserving their privacy issues. In our system, instead of letting centralized infrastructures take care of authentication, our scheme only involves two end users. We also offer authentication strategies with progressive privacy requirements among patients or between patients and physicians. Based on the security and efficiency analysis, we show our framework is better than existing eHealth systems in terms of privacy preservation and practicality. © 2012 IEEE.
AB - Recently, eHealth systems have replaced paper based medical system due to its prominent features of convenience and accuracy. Also, since the medical data can be stored on any kind of digital devices, people can easily obtain medical services at any time and any place. However, privacy concern over patient medical data draws an increasing attention. In the current eHealth networks, patients are assigned multiple attributes which directly reflect their symptoms, undergoing treatments, etc. Those life-threatened attributes need to be verified by an authorized medical facilities, such as hospitals and clinics. When there is a need for medical services, patients have to be authenticated by showing their identities and the corresponding attributes in order to take appropriate healthcare actions. However, directly disclosing those attributes for verification may expose real identities. Therefore, existing eHealth systems fail to preserve patients' private attribute information while maintaining original functionalities of medical services. To solve this dilemma, we propose a framework called PAAS which leverages users' verifiable attributes to authenticate users in eHealth systems while preserving their privacy issues. In our system, instead of letting centralized infrastructures take care of authentication, our scheme only involves two end users. We also offer authentication strategies with progressive privacy requirements among patients or between patients and physicians. Based on the security and efficiency analysis, we show our framework is better than existing eHealth systems in terms of privacy preservation and practicality. © 2012 IEEE.
KW - Authentication
KW - Homomorphic encryption
KW - Non-interactive witness-indistinguishable
KW - Non-interactive zero-knowledge proof
UR - http://www.scopus.com/inward/record.url?scp=84866889971&partnerID=8YFLogxK
UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-84866889971&origin=recordpage
U2 - 10.1109/ICDCS.2012.45
DO - 10.1109/ICDCS.2012.45
M3 - RGC 32 - Refereed conference paper (with host publication)
T3 - Proceedings - International Conference on Distributed Computing Systems
SP - 224
EP - 233
BT - Proceedings - 32nd IEEE International Conference on Distributed Computing Systems, ICDCS 2012
Y2 - 18 June 2012 through 21 June 2012
ER -