nach oben

Journal of Medical Systems

Erschienen in:

01.12.2013 | Original Paper

A Patient Privacy Protection Scheme for Medical Information System

verfasst von: Chenglang Lu, Zongda Wu, Mingyong Liu, Wei Chen, Junfang Guo

Erschienen in: Journal of Medical Systems | Ausgabe 6/2013

Einloggen, um Zugang zu erhalten

Abstract

In medical information systems, there are a lot of confidential information about patient privacy. It is therefore an important problem how to prevent patient’s personal privacy information from being disclosed. Although traditional security protection strategies (such as identity authentication and authorization access control) can well ensure data integrity, they cannot prevent system’s internal staff (such as administrators) from accessing and disclosing patient privacy information. In this paper, we present an effective scheme to protect patients’ personal privacy for a medical information system. In the scheme, privacy data before being stored in the database of the server of a medical information system would be encrypted using traditional encryption algorithms, so that the data even if being disclosed are also difficult to be decrypted and understood. However, to execute various kinds of query operations over the encrypted data efficiently, we would also augment the encrypted data with additional index, so as to process as much of the query as possible at the server side, without the need to decrypt the data. Thus, in this paper, we mainly explore how the index of privacy data is constructed, and how a query operation over privacy data is translated into a new query over the corresponding index so that it can be executed at the server side immediately. Finally, both theoretical analysis and experimental evaluation validate the practicality and effectiveness of our proposed scheme.

http://www.chinadaily.com.cn/

Domingo-Ferrer, J., New privacy homomorphism and applications. Inf. Process. Lett. 5(60):277–282, 1994.MathSciNet

Easttom, C., Computer security fundamentals. 2nd edn. Upper Saddle River: Prentice Hall, 2011.

Grau, S., Allen, T., and Sherkat, N., Silog: Speech input logon. Knowl.-Based Syst. 7(22):535–539, 2009.CrossRef

Hakan, H., Bala, L., and Chen, L., Executing sql over encrypted data in the database service provider model. In: Proceedings of SIGMOD’ 02, pp. 216–227, 2002.

Popa, R. A., Redfield, C. M. S., Zeldovich, N., and Balakrishnan, H, CryptDB: Protecting confidentiality with encrypted query processing. In: Proceedings of SOSP’ 11, pp. 85–100, 2011.

Wu, Z., Xu, G., Zong, Y., Yi, X., Chen, E., and Zhang, Z., Executing sql queries over encrypted character strings in the database-as-service model. Knowl.-Based Syst. 12(35):332–348, 2012.CrossRef

He, D. B., Chen, J. H., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 3(36):1989–1995, 2012.

Hwang, M. S., and Li, L. H., A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 1(46):28–30, 2012.

Lee, J. K., Ryu, S. R., and Yoo, K. Y., Fingerprint-based remote user authentication scheme using smart cards. Electron. Lett. 12(38):554–555, 2002.CrossRef

10.

Lee, T. F., and Liu, C. M., A secure smart-card based authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 3(37):9941–9948, 2013.CrossRef

11.

Li, C. T., Secure smart card based password authentication scheme with user anonymity. Inform. Technol. Control. 2(40):157–162, 2011.

12.

Murugesan, M., and Clifton, C., Providing privacy through plausibly deniable search. In: Proceedings of SIAM’ 09, pp. 768–780, 2009.

13.

Rivest, R., Adleman, L., and Dertouzos, M. L., On data banks and privacy homomorphism: Foundation of secure computation. New York: Academic Press, 1978.

14.

Sandhu, R. S., and Samarati, P., Access control: Principles and practice. IEEE Commun. Mag. 9(32): 40–48, 1994.CrossRef

15.

Wei, J., Hu, X., and Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 6(36):3597–3604, 2012.CrossRef

16.

Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 3(36):1529–1535, 2012.CrossRef

17.

Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 6(36): 3833–3841, 2012.CrossRef

Titel: A Patient Privacy Protection Scheme for Medical Information System
verfasst von: Chenglang Lu
Zongda Wu
Mingyong Liu
Wei Chen
Junfang Guo
Publikationsdatum: 01.12.2013
Verlag: Springer US
Erschienen in: Journal of Medical Systems / Ausgabe 6/2013
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI: https://doi.org/10.1007/s10916-013-9982-z

Springer Medizin

Abstract

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Weitere Artikel der Ausgabe 6/2013

Understanding the Mediating Effects of Relationship Quality on Technology Acceptance: An Empirical Study of E-Appointment System

A Robust Uniqueness-and-Anonymity-Preserving Remote User Authentication Scheme for Connected Health Care

SAMS – A Systems Architecture for Developing Intelligent Health Information Systems

RFID Authentication Protocol to Enhance Patient Medication Safety

Perceived Usefulness of Data Entry Tools in Medical Encounters: A Survey

Privacy Preserving Index for Encrypted Electronic Medical Records