Multi Authority Access Control in a Cloud EHR System with MA-ABE

Author/Creator ORCID

Date

2019-07-08

Department

Program

Citation of Original Publication

Sharad Dixit, Karuna Pande Joshi, and SeungGeol Choi, Multi Authority Access Control in a Cloud EHR System with MA-ABE, IEEE International Conference on Edge Computing (EDGE 2019), https://ebiquity.umbc.edu/paper/html/id/858/Multi-Authority-Access-Control-in-a-Cloud-EHR-System-with-MA-ABE

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
©2019 IEEE

Abstract

With the rapid adoption of Cloud-based Electronic Health Record (EHR) systems, health providers are particularly concerned about managing data privacy on the cloud. Existing approaches have either a scalability bottleneck by requiring that patients approve each sharing of their medical data or a trust bottleneck by having a single authority control every access thereby creating the problem of a single point of attack. To address both these bottlenecks, we have developed a novel framework that enables policy based multi-authority access authorization to EHR systems accessed by multiple care providers from different locations or organizations. This framework, which resides on the Edge, has been built using the Multi-Authority Attribute Based Encryption (MA-ABE) and Semantic Web technologies to provide a secure, semantically rich approach to facilitate secure data sharing among organizations who manage different attributes of end users using a shared dataset. In this paper, we describe our novel approach along with the proof of concept prototype that we created to evaluate our framework.