Dixit, SharadJoshi, Karuna P.Choi, Seung Geol2019-10-172019-10-172019-07-08Sharad Dixit, Karuna Pande Joshi, and SeungGeol Choi, Multi Authority Access Control in a Cloud EHR System with MA-ABE, IEEE International Conference on Edge Computing (EDGE 2019), https://ebiquity.umbc.edu/paper/html/id/858/Multi-Authority-Access-Control-in-a-Cloud-EHR-System-with-MA-ABEhttp://hdl.handle.net/11603/15880With the rapid adoption of Cloud-based Electronic Health Record (EHR) systems, health providers are particularly concerned about managing data privacy on the cloud. Existing approaches have either a scalability bottleneck by requiring that patients approve each sharing of their medical data or a trust bottleneck by having a single authority control every access thereby creating the problem of a single point of attack. To address both these bottlenecks, we have developed a novel framework that enables policy based multi-authority access authorization to EHR systems accessed by multiple care providers from different locations or organizations. This framework, which resides on the Edge, has been built using the Multi-Authority Attribute Based Encryption (MA-ABE) and Semantic Web technologies to provide a secure, semantically rich approach to facilitate secure data sharing among organizations who manage different attributes of end users using a shared dataset. In this paper, we describe our novel approach along with the proof of concept prototype that we created to evaluate our framework.3 pagesen-USThis item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.©2019 IEEEMulti-Authority Attribute Based Encryption (MA-ABE)Attribute Based Access Control (ABAC)Knowledge Graph (Ontologies)Cloud ComputingAccess HandlerDocument Processor & Crypto ModuleText