Doctor of Philosophy
School of Computing and Information Technology
Rezaeibagha, Fatemeh, Secure and Privacy-Preserved Solutions for Distributed Electronic Health Systems, Doctor of Philosophy thesis, School of Computing and Information Technology, University of Wollongong, 2017. http://ro.uow.edu.au/theses1/167
With the development of online services, the traditional paper-based healthcare services are replaced by the Electronic Health Record System (EHRS) that has contributed significantly to the improvement of individual well-being and public health. In recent years, advances in EHRS have ameliorated the integration among various medical practitioners and healthcare givers where medical data could be accessed more conveniently. This has not only accelerated decision-making procedures but also saved the users time and money vastly. However, the adoption of EHRS has arisen a common concern about security and privacy as EHR accumulates sensitive health data. Therefore, protection of patient privacy and security of EHR must be considered in designing the EHRS. Although a number of mature cryptographic tools could be adopted, the nature of complexity of EHRS and sophistical data access requirements among medical stakeholders in EHRS have made the tasks challenging.
While one of the advantages of EHRS is data sharing, it poses difficulties about how to control data sharing so that security and privacy can be ensured. In this thesis, we present several novel techniques, which can help to solve some critical problems we have identified in EHRS. One of the major tools we developed in this thesis is novel access control technologies for EHRS to solve the security and privacy issues. The challenge we face is that EHRS is usually operated in a distributed environment. Although we need to ensure flexibility and scalability in data sharing, data security against potential attacks must be achieved. Traditional access control systems are not sufficient.
In this thesis, we adopt novel encryption techniques such as attribute-based encryption and authenticated encryption to achieve access control for the special needs of EHRS. We allow multiple authorities to better manage the distributed EHRS such as those operated in the cloud. We present the security protocols in order to demonstrate how to apply our approaches to real world EHR application.
As an important part of access control technology, access control policies are the core of the entire system. We investigate various access control policies for EHRS. We present a policy integration approach as a novel solution based on a policy similarity, which has provided a new way for EHRS in cloud computing, where two or more access control policies can be integrated in order to suit the need of policy management. We use XACML as an example to show how this can be done in practice. We also provide a novel approach for access control policy transformation in cloud computing, where the policy for the private patient records in a private cloud can be transformed into a di↵erent policy which can handle access rights for different stakeholders.
This thesis also covers the user mobility issues in EHRS. We proposed several security protocols that capture secure communication between patients and doctors who are located in different locations. Our proposed protocols achieve authentication, confidentiality and anonymity features in remote telemedicine systems. Our protocols are the first of this kind, which provide sound solutions to user mobility in EHRS.
Within the scope of this thesis, we present an approach to manage a patient monitoring system in order to provide efficient authentication and confidentiality to patient data transmission. Again, we assume that our system is set up in a distributed environment. We propose a new signcryption scheme which o↵ers the feature of homomorphism. Therefore, the signencrypted patient data items can be automatically aggregated without the need of decryption. Our scheme is the first provably secure homomorphic signcryption scheme, in that the previous solution is not provably secure.