Cryptology ePrint Archive: Report 2010/565

Self-Protecting Electronic Medical Records Using Attribute-Based Encryption

Joseph A. Akinyele and Christoph U. Lehmann and Matthew D. Green and Matthew W. Pagano and Zachary N. J. Peterson and Aviel D. Rubin

Abstract: We provide a design and implementation of self-protecting electronic medical records (EMRs) using attribute-based encryption. Our system allows healthcare organizations to export EMRs to storage locations outside of their trust boundary, including mobile devices, Regional Health Information Organizations (RHIOs), and cloud systems such as Google Health. In contrast to some previous approaches to this problem, our solution is designed to maintain EMR availability even when providers are offline, i.e., where network connectivity is not available (for example, during a natural disaster). To balance the needs of emergency care and patient privacy, our system is designed to provide for fine-grained encryption and is able to protect individual items within an EMR, where each encrypted item may have its own access control policy. To validate our architecture, we implemented a prototype system using a new dual-policy attribute-based encryption library that we developed. Our implementation, which includes an iPhone app for storing and managing EMRs offline, allows for flexible and automatic policy generation. An evaluation of our design shows that our ABE library performs well, has acceptable storage requirements, and is practical and usable on modern smartphones.

Category / Keywords: implementation / implementation, attribute-based encryption, public-key cryptography, electronic medical record, personal health record, self protecting, iphone app, mobile device, continuity of care record, access control, medical security

Date: received 5 Nov 2010, last revised 18 Nov 2010

Contact author: mpagano at cs jhu edu

Available format(s): PDF | BibTeX Citation

Version: 20101118:220821 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]