Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes...
Transcript of Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes...
![Page 1: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/1.jpg)
Patient Controlled Encryption: Ensuring Privacy of Electronic Medical
RecordsMelissa Chase (MSR)
Joint work with Josh Benaloh, Kristin Lauter, and Eric Horvitz
![Page 2: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/2.jpg)
Medical Records
• Traditionally, health providers kept paper files– Transferring data very cumbersome
– Visiting a new doctor requires paperwork– Emergency care often cannot access record
![Page 3: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/3.jpg)
Electronic Medical Records
Movement to:
– Digitize records– Make accessible to network of providers
Patients’
records will be accessible to any provider who treats them
Advantages
– Better care– Reduce costs
President Obama: “all medical records computerized …
within 5 years”
ARR Act: $19 billion
![Page 4: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/4.jpg)
Privacy concerns
• Also dangerous– Much easier to steal digital records
– Much easier to attack remotely accessible system
– Large system is very vulnerable to abuse
ARR Act: Specific objectives:•Secure communications•“Ensure appropriate authorization”•Encryption
![Page 5: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/5.jpg)
Privacy Concerns
• Why are we concerned about privacy?– Want patients to be honest
– Discrimination• Insurance• Employment
• Social stigma (friends/coworkers)
– Medical Identity Theft
![Page 6: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/6.jpg)
Patient Bob
Doctor Alice
Upload health infoUpload health info
Standard Approach to Security: Provider Managed + Access Control
Health Record
Server
patient records
Permission
s?Log File
Must Audit LogsSensitive informationCelebrity records
![Page 7: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/7.jpg)
Privacy Concerns
• Wide access– All or nothing permissions– Even more in large network scenario– Roughly 150 people have access to a patient’s
record in a hospitalization
Patient Controlled Record• grant access only to appropriate part of record• allow patient to identify providers who treat
him
Patient Controlled Record• grant access only to appropriate part of record• allow patient to identify providers who treat
him
![Page 8: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/8.jpg)
Privacy Concerns
• Wide access– All or nothing permissions– Even more in large network scenario– Roughly 150 people have access to a patient’s
record in a hospitalization
• Access control – Theft– Attack– Patient must trust owner/administrator of data
• for physical and electronic security• For privacy (Insider attacks)
![Page 9: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/9.jpg)
Patient BobCreate AccountCreate Account
Upload health infoUpload health info
Search recordSearch record
New Approach: Encryption
Health Record
Server
Bob’s record
Permission
s
![Page 10: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/10.jpg)
Using Cryptography
• Who holds the key?– Server
• Key can be stolen/compromised along with data
– Third party• Somewhat more secure
• How to maintain functionality?
– Patient• What we will look at
?
![Page 11: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/11.jpg)
Patient BobCreate AccountCreate Account
Upload health infoUpload health info
Search recordSearch record
Health Record
Server
Bob’s record
Permission
s
Hide from server = hides from hackers, thieves, etc
Hide from server = hides from hackers, thieves, etc
Must have
key backup
Using Cryptography
![Page 12: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/12.jpg)
Patient BobCreate AccountCreate Account
Upload health infoUpload health info
Search recordSearch record
Health Record
Server
Bob’s record
Permission
s
Doctor Alice
Upload health infoUpload health info
Grant
partial
access
Grant
partial
access Search record
Search record
Pharmacist
Charles
How do we allow
patient to grant
partial access?
How do we allow
patient to grant
partial access?
Using Cryptography
![Page 13: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/13.jpg)
How to grant partial access?
• Two approaches– Hierarchical record sharing:
Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record•Based on standard, efficient primitives (hash functions, block
ciphers)•Also consider how to incorporate searchability
– Re‐encryption based sharing:Functional Re‐Encryption [CCV12]•Easier to revoke users / add revocation date•Easier key management•More complex constructions•Based on bilinear pairing
![Page 14: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/14.jpg)
Hierarchical Record Sharing
Joint work with Eric Horvitz,Kristin Lauter,
and Josh Benaloh
![Page 15: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/15.jpg)
• Assumption on types of delegation– Arrange the record in a hierarchy– Allowable delegations: rights to a category
Grantpartial
access
Grantpartial
access
Hierarchical Record Sharing
![Page 16: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/16.jpg)
Hierarchical Health Records
• Ex:– Give Doctor access to entire record
![Page 17: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/17.jpg)
Hierarchical Health Records
• Ex: – Give Doctor access to entire record
– Give Exercise info to cousin
![Page 18: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/18.jpg)
Hierarchical Health Records
• Ex:– Give Doctor access to entire record
– Give Exercise info to cousin
![Page 19: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/19.jpg)
Hierarchical Health Records
• Ex:– Give Doctor access to entire record
– Give Exercise info to cousin
– Give Eyeglass Prescription to Retailer
![Page 20: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/20.jpg)
Hierarchical Health Records
• Ex:– Give Doctor access to entire record
– Give Exercise info to cousin
– Give Eyeglass Prescription to Retailer
![Page 21: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/21.jpg)
Hierarchical Health Records
• Ex:– Give Doctor access to entire record
– Give Exercise info to cousin
– Give Eyeglass Prescription to Retailer
– Give Dental Information and Allergies and Medications to Dentist
![Page 22: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/22.jpg)
Hierarchical Health Records
• Ex:– Give Doctor access to entire record
– Give Exercise info to cousin
– Give Eyeglass Prescription to Retailer
– Give Dental Information and Allergies and Medications to Dentist
![Page 23: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/23.jpg)
Hierarchical Encryption Symmetric Key [AT83, S88, …]
Public Key: HIBE[GS02, …]
KeyDer
KeyDer
• Security– only have access if an
appropriate key was given
![Page 24: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/24.jpg)
Patient BobCreate AccountCreate Account
Upload health infoUpload health info
Search recordSearch record
Patient Controlled Encryption
Health Record
Server
Bob’s record
Permission
s
![Page 25: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/25.jpg)
Patient BobCreate AccountCreate Account
Upload health infoUpload health info
Search recordSearch record
Patient Controlled Encryption
Health Record
Server
Bob’s record
Permission
s
Doctor Alice
Upload health infoUpload health info
![Page 26: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/26.jpg)
Patient BobCreate AccountCreate Account
Upload health infoUpload health info
Search recordSearch record
Patient Controlled Encryption
Health Record
Server
Bob’s record
Permission
s
Doctor Alice
Upload health infoUpload health info
Grant
partial
access
Grant
partial
access Search record
Search record
Pharmacist
Charles
![Page 27: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/27.jpg)
Patient Controlled Encryption
![Page 28: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/28.jpg)
Re‐Encryption based Sharing
Joint work with Nishanth
Chandranand Vinod
Vaikuntanathan
![Page 29: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/29.jpg)
An example: Cloud storage for patient health records
Bob’s health record
Pharmacist
Research Center
Sister
Doctor
Patient Bob
Medications
Medications
Cardiology
X‐Rays
Access PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
![Page 30: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/30.jpg)
Encrypted Cloud Storage
Bob’s health record
Pharmacist
Research Center
Sister
Doctor
Patient Bob
Medications
Medications
Cardiology
X‐Rays
Access PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Encrypt
files
![Page 31: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/31.jpg)
Encrypted Cloud Storage
Bob’s health record
Pharmacist
Research Center
Sister
Doctor
Patient Bob
Medications
Access PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Encrypt
files
Medications
Cardiology
X‐Rays
![Page 32: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/32.jpg)
Encrypted Cloud Storage
Bob’s health record
Pharmacist
Research Center
Sister
Doctor
Patient Bob
Medications
Access PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Encrypt
files
Medications
Cardiology
X‐Rays
How to
implement
access policy??
![Page 33: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/33.jpg)
Access control for encrypted data
• How can we implement access control when data is encrypted?
• Our goal:– Allow server to perform access control on encrypted data
– Server will:• take files encrypted for Bob• transform them into files encrypted for appropriate recipient
• without decrypting anything.
– Server cannot decrypt!
![Page 34: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/34.jpg)
Access control for encrypted data: Our approach
Bob’s health record
Pharmacist
Research Center
Sister
Doctor
Patient Bob
Medications
Access PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Encrypt
files
Medications
Cardiology
X‐Rays
Generate
policy token
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
![Page 35: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/35.jpg)
Access control for encrypted data: Our approach
Bob’s health record
Pharmacist
Research Center
Sister
Doctor
Patient Bob
Medications
Access PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Encrypt
files
Medications
Cardiology
X‐Rays
Generate
policy token
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
+
+
+
![Page 36: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/36.jpg)
Access control for encrypted data: Our approach
Bob’s health record
Pharmacist
Research Center
Sister
Doctor
Patient Bob
Medications
Access PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Encrypt
files
Medications
Cardiology
X‐Rays
Generate
policy token
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
+
+
+
Correct
recipients
retrieve and
decrypt
![Page 37: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/37.jpg)
Access control for encrypted data: Our approach
Bob’s health record
Pharmacist
Research Center
Sister
Doctor
Patient Bob
Medications
Access PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Encrypt
files
Medications
Cardiology
X‐Rays
Generate
policy token
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
+
+
+
Correct
recipients
retrieve and
decrypt
Server can:•Transform
encrypted files into files
readable by appropriate
recipients•Cannot decrypt
or read any files
(Strong notion of security vs
collusion, etc)
![Page 38: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/38.jpg)
Private Access Control
• Want “private cloud”, where sensitive data is hidden even
from cloud operator• Previous scenario: server can implement policy but cannot
decrypt any ciphertexts• But sometimes the policy itself is private!
E.g.:–Whether patient has chosen to participate in research project –Policy for mental health records–May want to give access to one family member without revealing
that fact to others
• Question: Can we allow the same functionality, but
without revealing the policy, even to the cloud provider?
![Page 39: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/39.jpg)
Access control for encrypted data: Our approach
Bob’s health record
Pharmacist
Research Center
Sister
Doctor
Patient Bob
Medications
Access PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Encrypt
files
Medications
Cardiology
X‐Rays
Generate
policy token
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
+
+
+
Correct
recipients
retrieve and
decrypt
![Page 40: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/40.jpg)
Access control for encrypted data: Our approach
Bob’s health record
Pharmacist
Research Center
Sister
Doctor
Patient Bob
Medications
Access PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Encrypt
files
Generate
policy token
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
Policy tokenPolicy tokenPolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
+
+
+
Correct
recipients
retrieve and
decrypt
Medications
Cardiology
X‐Rays
![Page 41: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/41.jpg)
Access control for encrypted data: Our approach
Bob’s health record
Pharmacist
Research Center
Sister
Doctor
Patient Bob
Medications
Access PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Encrypt
files
Generate
policy token
Policy tokenPolicy token
Policy tokenPolicy token
Policy tokenPolicy token
Policy tokenPolicy token
+
+
+
Correct
recipients
retrieve and
decrypt
Medications
Cardiology
X‐Rays
PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
![Page 42: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/42.jpg)
Access control for encrypted data: Our approach
Bob’s health record
Pharmacist
Research Center
Sister
Doctor
Patient Bob
Medications
Access PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Encrypt
files
Generate
policy token
Policy tokenPolicy token
Policy tokenPolicy token
Policy tokenPolicy token
Policy tokenPolicy token
+
+
+
Correct
recipients
retrieve and
decrypt
Medications
Cardiology
X‐Rays
PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emer
gency info
PolicyDoctor: everythingPharmacist: medicationsResearch: everything except mental healthSister: medications and emergency info
Server can:•Transform encrypted files into files
readable by appropriate recipients•Cannot decrypt or read any files•Cannot learn
anything about policy
(Strong notion of security vs
collusion, etc)
![Page 43: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/43.jpg)
Constructions
• Private access control on encrypted data – Hides policy and tags– For very simple policies
• Construction based on pairings– Relatively mild assumptions about pairing curves
• Can also achieve more efficient constructions where– Policy and tags are not hidden– Fairly general formulas– Similar to work on outsourcing ABE decryption [GHW
2011]
![Page 44: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/44.jpg)
Advantages
• Private data is hidden from server: – Security against server compromise, theft, untrusted
operators,
etc
• As secure as
patient downloading, decrypting, re‐encrypting
– Even if server colludes with recipients
• Patient only online to set/change policy
• Access control is invisible to recipients– Decryptor’s
efficiency independent of policy
– Policy is hidden from recipients– Revocation is invisible for recipients
![Page 45: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/45.jpg)
Conclusions and Future Work
![Page 46: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/46.jpg)
Open Issues
• Additional privacy concerns• Key backup• Identification• Usability ?
![Page 47: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/47.jpg)
Conclusions
• Electronic Medical Records present risks to privacy
• Access control is not sufficient• Encryption + Patient Control is the right approach• 2 approaches for partial access when files are encrypted
– Hierarchical sharing– Re‐encryption based sharing
![Page 48: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/48.jpg)
Questions
![Page 49: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/49.jpg)
![Page 50: Patient Controlled Encryption - NIST · Patient Controlled Encryption [BCHL09] •Assumes hierarchical health record •Based on standard, efficient primitives (hash functions, block](https://reader030.fdocuments.in/reader030/viewer/2022040615/5f0d64fc7e708231d43a234d/html5/thumbnails/50.jpg)