Secure Sharing of Electronic Health Records in Clouds

Similar documents
Secure Sharing of Electronic Medical Records in Cloud Computing

Secure Sharing of Electronic Health Records in Clouds

Secure Sharing of Electronic Medical Records in Cloud Computing. Ruoyu Wu

Horizontal IoT Application Development using Semantic Web Technologies

and Deployment Roadmap for Satellite Ground Systems

Patient-Centric Secure-and-Privacy-Preserving Service-Oriented Architecture for Health Information Integration and Exchange

Fundamental Concepts and Models

Cloudy with Showers of Business Opportunities and a Good Chance of. Security. Transforming the government IT landscape through cloud technology

Cloud-based Identity and Access Control for Diagnostic Imaging Systems

Scalable and secure sharing of data in cloud computing using attribute based encryption

Standards and Interoperability: The DNA of the EHR

Emerging Trends in Health Information Technology: Personal Health Record(PHR) uphr. Nazir Ahmed Vaid ehealth Services (Pvt) Ltd.

CLOUD-HOSTED PROXY BASED COLLABORATION IN MULTI- CLOUD COMPUTING ENVIRONMENTS WITH ABAC METHODS

DESIGN OF A PLATFORM OF VIRTUAL SERVICE CONTAINERS FOR SERVICE ORIENTED CLOUD COMPUTING. Carlos de Alfonso Andrés García Vicente Hernández

The Data Grid: Towards an Architecture for Distributed Management and Analysis of Large Scientific Datasets

Big Data Mining Services and Knowledge Discovery Applications on Clouds

Towards HIPAA-compliant Healthcare Systems in Cloud Computing

International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May ISSN

Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST

Lecture 02b Cloud Computing II

Course Design Document: IS429: Cloud Computing and SaaS Solutions. Version 1.0

SecureCloud: Towards a Comprehensive Security Framework for Cloud Computing Environments

Integration Architecture & (Hybrid) Cloud Scenarios on the Microsoft Business Platform. Gijs in t Veld CTO BizTalk Server MVP BTUG NL, June 7 th 2012

Cloud Application Development (SE808, School of Software, Sun Yat-Sen University) Yabo (Arber) Xu

Benefits of Cloud Computing in EHR implementation

SERVICE-ORIENTED MODELING FRAMEWORK (SOMF ) SERVICE-ORIENTED CONCEPTUALIZATION MODEL LANGUAGE SPECIFICATIONS

Privacy and Security Policies for Healthcare Solutions on the Cloud

ACaaS: Access Control as a Service for IaaS Cloud

Configuring Sites and Understanding AD replication. Dante Villarroel Saavedra

Secure Attack Measure Selection and Intrusion Detection in Virtual Cloud Networks. Karnataka.

Implementing Microsoft Azure Infrastructure Solutions

Understanding and Addressing Architectural Challenges of Cloud- Based Systems

Privacy in Health Informatics

HL7 and SOA Based Distributed Electronic Patient Record Architecture Using Open EMR

Computing Service Provision in P2P Clouds

Version: January 2008 ASTM E-31: EHR and Informatics Standards Education For Health Professional Disciplines. Background

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Core services and the path to the future of the ILHIE

CSO Cloud Computing Study. January 2012

Cross-domain Identity Management System for Cloud Environment

CLOUD COMPUTING AS ENABLER FOR DURABLE IT SOLUTIONS

Security Models and Requirements for Healthcare Application Clouds

SOA CERTIFIED JAVA DEVELOPER (7 Days)

LEADING INNOVATION IN MOBILE HEALTHCARE TECHNOLOGY

HIT Workflow & Redesign Specialist: Curriculum Overview

Benefits of Image-Enabling the EHR

Cloud Computing: Building a New Foundation for Healthcare

Securing Patient Privacy in E-Health Cloud Using Homomorphic Encryption and Access Control

2014 Latin America Cloud Computing Market

Higher National Unit specification: general information

A MODEL OF OPENEHR-BASED ELECTRONIC MEDICAL RECORD IN INDONESIA

Why Private Cloud? Nenad BUNCIC VPSI 29-JUNE-2015 EPFL, SI-EXHEB

Health Information Sharing in Chronic Disease Self Management: A Hybrid Cloud Approach

SERVICE-ORIENTED MODELING FRAMEWORK (SOMF ) SERVICE-ORIENTED BUSINESS INTEGRATION MODEL LANGUAGE SPECIFICATIONS

Course 20533: Implementing Microsoft Azure Infrastructure Solutions

SERVICE-ORIENTED MODELING FRAMEWORK (SOMF ) SERVICE-ORIENTED DISCOVERY AND ANALYSIS MODEL LANGUAGE SPECIFICATIONS

UCOPIA v5.1 NEW FEATURES

NCTA Cloud Architecture

4. Understanding Clinical Data and Workflow Understanding Surveillance Data Exchange Processes Guide and Worksheet

Security Issues in Cloud Computing

CLOUD-BASED DEVELOPMENT OF SMART AND CONNECTED DATA IN HEALTHCARE APPLICATION

A MODEL OF OPENEHR BASED ELECTRONIC MEDICAL RECORD IN INDONESIA

Overview of ehr Development. Slide - 1

ADVENT OF CLOUD COMPUTING TECHNOLOGIES IN HEALTH INFORMATICS Omer K. Jasim, Safia Abbas, El-Sayed M. El-Horbaty, Abdel-Badeeh M.

Open Platform. Clinical Portal. Provider Mobile. Orion Health. Rhapsody Integration Engine. RAD LAB PAYER Rx

Statistical data editing near the source using cloud computing concepts

Topic : Cloud Computing Architecture. Presented by 侯 柏 丞. 朱 信 昱

Cloud Security. Peter Jopling IBM UK Ltd Software Group Hursley Labs. peterjopling IBM Corporation

IMPLEMENTATION OF NETWORK SECURITY MODEL IN CLOUD COMPUTING USING ENCRYPTION TECHNIQUE

Relationship of HL7 EHR System Draft Standard to X12N

SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Framework

Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led

Transcription:

Secure Sharing of Electronic Health Records in Clouds Ruoyu Wu, Gail-Joon Ahn Arizona State University Hongxin Hu Delaware State University The Laboratory of Security Engineering for Future Computing (SEFCOM) URL : sefcom.asu.edu BYENG 486 ASU

Outline Introduction Problem Summary Broker-based Composite EHRs Authorization System Design Implementation and Evaluation Related Work Conclusion and Future Work Q & A Slide 2

Internet-centric Cloud-driven World SaaS Ecosystem PaaS IaaS Slide 3

Healthcare Evolution Paper-based records transform to EHRs EHRs are shifting to Clouds Transform Shift Paper-based Sharing Efficiency Ubiquitous Access EMRs Cost Efficiency Dynamic Scalability Cloud Platform Slide 4

Security and Privacy Identity Management Authentication Trust Management Policy Management Compliance Management Access Control H. Takabi, J. Joshi, and G. Ahn. Security and privacy challenges in cloud computing environments. Security & Privacy, IEEE, 8(6):24 31, 2010. Slide 5

Access Control Issue Cross-domain EHRs integration Diversity of healthcare practitioners Slide 6

Hypothesis We propose a broker-based authorization approach which supports selective sharing of composite EHRs Logical EHR model EHR data schema composition Cross-domain EHR instance aggregation Access control policy specification Slide 7

Broker-based Composite EHRs Authorization Overview Slide 8

Logical EHR Model An EHR object is represented as a tuple T = (r, V, E) r is the root of the whole EHR object; V is a set of nodes within the whole EHR object hierarchical structure E V V is a set of links between nodes. Slide 9

EHR Data Schema Composition Slide 10

Algorithm for Merging Two EHR Data Schemas Slide 11

EHR Data Schema Composition Example r s T s m r d m T d m Merge to Call insertsubschema(t d, r d, T s, r s ) r d = r s -> m = r d Otology Classes Demographic, Demo Gender, Sex DoB, Birthday, Birth Date Slide 12

EHR Data Schema Composition Example Slide 13

Cross-domain EHR Instance Aggregation Slide 14

Policy Specification An access control policy is a tuple acp= (sub, obj v, pur, effect), where A subject sub is defined as a tuple sub = <u, so > or sub = <r, so >; An object obj v is a set of nodes in a sub-schema of T rooted at node v; pur is a set of business practices in healthcare domains; effect {permit,deny} is the authorization effect of the policy. Examples: P1: (<GP, h1>, obj Encounters, {treatment}, permit) P2: (<SP, h2>, obj Medications, {treatment,research}, permit) P3: (<Dr.Nic, h2>, obj Labs, research, deny) Slide 15

Policy Specification Cont d Slide 16

System Design System Architecture Slide 17

Case Study Scenario illustration Slide 18

System workflow Case Study - Cont d Slide 19

Implementation Cloud environment illustration Slide 20

Implementation-Cont'd Home Page & Policy Specification Page Slide 21

Implementation-Cont'd Patient Discovery Page & Composite EHRs Access Page Slide 22

Implementation-Cont'd CONNECT implementation details Slide 23

Evaluation Analyze efficiency and scalability Slide 24

Related Works Selective EHRs sharing Presented a patient-centric authorization framework to secure the sharing of electronic health records[jin'09][jin 11]. Secure EHRs in cloud computing Proposed a patient-centric digital right management (DRM) approach to protect privacy[jafari 11]. Presented a security model for healthcare application clouds[zhang'10]. Presented patient-centric and fine-grained access control mechanism for securing personal health records in cloud computing[li'10]. Slide 25

Conclusion & Contributions We articulate access control issues in healthcare cloud computing environments. A broker-based authorization approach has been presented, which supports selective EHRs sharing. A prototype cloud-based EHRs sharing system has been designed, implemented and evaluated to demonstrate the effectiveness and efficiency of our proposed approach. Slide 26

Future Work We would conduct more comprehensive evaluations on our system with real-world healthcare datasets. We would investigate how to address policy composition issues and how to support fine-grained delegation mechanism for EHRs in cloud computing environments. In addition, we would like to apply our approach to support EHRs sharing using consumer devices such as smart phone and tablet to cover border sections of the whole healthcare ecosystem. Slide 27

Questions Slide 28

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information