用于可扩展EHR系统的多授权安全框架

F. Rezaeibagha, Y. Mu, W. Susilo, K. Win
{"title":"用于可扩展EHR系统的多授权安全框架","authors":"F. Rezaeibagha, Y. Mu, W. Susilo, K. Win","doi":"10.1504/IJMEI.2016.079368","DOIUrl":null,"url":null,"abstract":"Electronic health record (EHR) systems can be operated in a large-scale distributed environment, such as cloud computing, which might have to be managed by multiple authorities who control the access to patient records. In this way, a large amount of data from patients can be hosted on a large-scale distributed system. Unfortunately, the security of such systems is usually inadequate, which results in the hindrance of the EHR systems adoption in practice. Attribute-based systems have been a popular choice that could provide a flexible and reliable access control to EHR databases, which are usually managed by a single authority, who is responsible for setting up the system's policy. In a large-scale distributed system, it might be necessary to have multiple authorities, who can handle users located in different areas. Nevertheless, one of the challenges is how to enable multiple authorities with a single access policy. In this paper, we provide a sound solution to this issue. Our EHR system provides a secure environment for EHR users to use the system conveniently and provide the flexibility and scalability.","PeriodicalId":193362,"journal":{"name":"Int. J. Medical Eng. Informatics","volume":"86 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Multi-authority security framework for scalable EHR systems\",\"authors\":\"F. Rezaeibagha, Y. Mu, W. Susilo, K. Win\",\"doi\":\"10.1504/IJMEI.2016.079368\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Electronic health record (EHR) systems can be operated in a large-scale distributed environment, such as cloud computing, which might have to be managed by multiple authorities who control the access to patient records. In this way, a large amount of data from patients can be hosted on a large-scale distributed system. Unfortunately, the security of such systems is usually inadequate, which results in the hindrance of the EHR systems adoption in practice. Attribute-based systems have been a popular choice that could provide a flexible and reliable access control to EHR databases, which are usually managed by a single authority, who is responsible for setting up the system's policy. In a large-scale distributed system, it might be necessary to have multiple authorities, who can handle users located in different areas. Nevertheless, one of the challenges is how to enable multiple authorities with a single access policy. In this paper, we provide a sound solution to this issue. Our EHR system provides a secure environment for EHR users to use the system conveniently and provide the flexibility and scalability.\",\"PeriodicalId\":193362,\"journal\":{\"name\":\"Int. J. Medical Eng. Informatics\",\"volume\":\"86 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-09-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Int. J. Medical Eng. Informatics\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1504/IJMEI.2016.079368\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Medical Eng. Informatics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/IJMEI.2016.079368","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4

摘要

电子健康记录(EHR)系统可以在云计算等大规模分布式环境中运行,这可能必须由控制对患者记录访问的多个机构进行管理。通过这种方式,患者的大量数据可以托管在一个大规模的分布式系统上。不幸的是,这些系统的安全性通常是不足的,这导致了在实践中采用电子病历系统的障碍。基于属性的系统一直是一种流行的选择,它可以为EHR数据库提供灵活可靠的访问控制,这些数据库通常由一个负责设置系统策略的权威机构管理。在大规模分布式系统中,可能需要多个权限,这些权限可以处理位于不同区域的用户。然而,挑战之一是如何使用单个访问策略启用多个授权。在本文中,我们为这个问题提供了一个完善的解决方案。我们的电子病历系统为电子病历用户提供了一个安全、方便的使用环境,并提供了灵活性和可扩展性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Multi-authority security framework for scalable EHR systems
Electronic health record (EHR) systems can be operated in a large-scale distributed environment, such as cloud computing, which might have to be managed by multiple authorities who control the access to patient records. In this way, a large amount of data from patients can be hosted on a large-scale distributed system. Unfortunately, the security of such systems is usually inadequate, which results in the hindrance of the EHR systems adoption in practice. Attribute-based systems have been a popular choice that could provide a flexible and reliable access control to EHR databases, which are usually managed by a single authority, who is responsible for setting up the system's policy. In a large-scale distributed system, it might be necessary to have multiple authorities, who can handle users located in different areas. Nevertheless, one of the challenges is how to enable multiple authorities with a single access policy. In this paper, we provide a sound solution to this issue. Our EHR system provides a secure environment for EHR users to use the system conveniently and provide the flexibility and scalability.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信