Patient-centric authorization framework for sharing electronic health records

Jin, Jing; Ahn, Gail-Joon; Hu, Hongxin; Covington, Michael J.; Zhang, Xinwen

doi:10.1145/1542207.1542228

Cited by 60 publications

(41 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Other related work include general conflict resolution mechanisms for access control [12,15,16,17,18,20] and learn-based generation of privacy policies for OSNs [11,22,23]. All of those related work are orthogonal to our work.…”

Section: Related Workmentioning

confidence: 99%

“…Since some strategies, such as specificity-overrides and recency-overrides are nondeterministic, and deny-overrides strategy is too restricted in general for conflict resolution, it is desirable to combine these strategies together to achieve a more effective conflict resolution. Thus, a strategy chain can be constructed to address this issue, which has been discussed in our previous work [17,18].…”

Section: Policy Conflict Resolution In One Partymentioning

confidence: 99%

See 1 more Smart Citation

Multiparty Authorization Framework for Data Sharing in Online Social Networks

Ahn

2011

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. Online social networks (OSNs) have experienced tremendous growth in recent years and become a de facto portal for hundreds of millions of Internet users. These OSNs offer attractive means for digital social interactions and information sharing, but also raise a number of security and privacy issues. While OSNs allow users to restrict access to shared data, they currently do not provide effective mechanisms to enforce privacy concerns over data associated with multiple users. In this paper, we propose a multiparty authorization framework that enables collaborative management of shared data in OSNs. An access control model is formulated to capture the essence of multiparty authorization requirements. We also demonstrate the applicability of our approach by implementing a proof-of-concept prototype hosted in Facebook.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Policy Conflict Resolution In One Partymentioning

confidence: 99%

Multiparty Authorization Framework for Data Sharing in Online Social Networks

Ahn

2011

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…And, to the best of my knowledge, this challenge has not been met by the various recent attempts-such as [5,12,23,19]-to implement a governance mechanism for NHIN. Meeting this challenge is the objective of this paper.…”

Section: C5 the Evolution Of Policies While The System Operatesmentioning

confidence: 99%

“…By and large, even the more recent attempts at the governance of EHR exchange within an NHIN-like network, such as [5,12,23,19], seem unconcerned about the characteristics of an NHIN identified in Section 1. In particular, none of them supports a conformance hierarchy of policies.…”

Section: Related Workmentioning

confidence: 99%

“…Yet, some researchers complain about certain limitations of conventional AC mechanisms. For example, [12] complains about the inflexibility of RBAC, and its lack of state; and [9] points out the need to ensure proper reporting, which requires proactive capabilities such as the concept of obligations in LGI. Finally, in areas closely related to the governance of NHIN, Joshi et al [13] state that "secure interoperability between institutions poses a major challenge which has not been met so far," referring to just one of the qualities we are concerned with.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Model for the Governance of Federated Healthcare Information Systems

Minsky

2010

2010 IEEE International Symposium on Policies for Distributed Systems and Networks

View full text Add to dashboard Cite

show abstract

Security approach to controlling access to personal health records in healthcare service

Chen

Liao

Chang

et al. 2015

Security Comm Networks

View full text Add to dashboard Cite

The changing information technology and the constant progress of medical technologies have gradually changed traditional paper-based medical records into low-cost electronic health records. The broad application of electronic health records allows a medical information exchange model being developed, called personal health records (PHR), which are the personal health medical information managed and maintained by the user. In consideration of PHR being a patient's health medical information, the privacy setting and the access authority have to be strictly controlled. In addition to providing users with reasonable access authorities, the PHR system has to avoid the illegal access of unauthorized single users or groups. The idea of publickey cryptosystems and Lagrange interpolating polynomial is applied to construct a high-security and efficient encryption scheme so that PHR users could execute the access system in a secure environment.

show abstract

Patient-centric authorization framework for sharing electronic health records

Cited by 60 publications

References 16 publications

Multiparty Authorization Framework for Data Sharing in Online Social Networks

Multiparty Authorization Framework for Data Sharing in Online Social Networks

A Model for the Governance of Federated Healthcare Information Systems

Security approach to controlling access to personal health records in healthcare service

Contact Info

Product

Resources

About