Abstract
The exponential growth in the digitisation of services implies the handling and storage of large volumes of data. Businesses and services see data sharing and crossing as an opportunity to improve and produce new business opportunities. The health sector is one area where this proves to be true, enabling better and more innovative treatments. Notwithstanding, this raises concerns regarding personal data being treated and processed. In this paper, we present a patient-centric platform for the secure sharing of health records by shifting the control over the data to the patient, therefore, providing a step further towards data sovereignty. Data sharing is performed only with the consent of the patient, allowing it to revoke access at any given time. Furthermore, we also provide a break-glass approach, resorting to Proxy Re-encryption (PRE) and the concept of a centralised trusted entity that possesses instant access to patients’ medical records. Lastly, an analysis is made to assess the performance of the platform’s key operations, and the impact that a PRE scheme has on those operations.
This work was partially supported by the Norte Portugal Regional Operational Programme (NORTE 2020), under the PORTUGAL 2020 Partnership Agreement, through the European Regional Development Fund (ERDF), within project “Cybers SeC IP” (NORTE-01-0145-FEDER-000044).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
References
American National Standards Institute (ANSI) X9.F1 subcommittee. ANSI X9.63 Public key cryptography for the Financial Services Industry: Elliptic curve key agreement and key transport schemes (5 July 1998), working draft version 2.0
Au, M.H., et al.: A general framework for secure sharing of personal health records in cloud system. J. Comput. Syst. Sci. 90, 46–62 (2017). https://doi.org/10.1016/j.jcss.2017.03.002
Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Advances in Cryptology–EUROCRYPT 1998, pp. 127–144 (1998)
Edemacu, K., Park, H.K., Jang, B., Kim, J.W.: Privacy provision in collaborative ehealth with attribute-based encryption: survey, challenges and future directions. IEEE Access 7, 89614–89636 (2019). https://doi.org/10.1109/ACCESS.2019.2925390
ENISA: Engineering personal data sharing - emerging use cases and technologies, January 2023. https://www.enisa.europa.eu/publications/engineering-personal-data-sharing
European Parliament, C.O.T.E.U.: Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance and amending Regulation (EU) 2018/1724 (Data Governance Act) (Text with EEA relevance), May 2022. http://data.europa.eu/eli/reg/2022/868/oj/eng, legislative Body: CONSIL, EP
Fernández-Alemán, J.L., Señor, I.C., Ángel Oliver Lozoya, P., Toval, A.: Security and privacy in electronic health records: a systematic literature review. J. Biomed. Inf. 46(3), 541–562 (2013). https://doi.org/10.1016/j.jbi.2012.12.003
Hanaoka, G., et al.: Generic construction of chosen ciphertext secure proxy re-encryption. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 349–364. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27954-6_22
Inbarani, W.S., Shenbagamoorthy, G., Kumar Charlie, C.: Proxy re-encryption schemes for data storage security in cloud- a survey. Int. J. Eng. Res. Technol. (IJERT) 02(01), 1–5 (2013)
Khan, F.: A comparison of proxy re-encryption schemes - a survey. Int. J. Comput. Sci. Inf. Secur. (IJCSIS) 14, 392–397 (2016)
Kirshanova, E.: Proxy re-encryption from lattices. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 77–94. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54631-0_5
Li, M., Yu, S., Ren, K., Lou, W.: Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICST, vol. 50, pp. 89–106. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16161-2_6
Li, W., Jin, C., Kumari, S., Xiong, H., Kumar, S.: Proxy re-encryption with equality test for secure data sharing in internet of things-based healthcare systems: Na. Trans. Emerging Telecommun. Technol. 33, e3986 (2020). https://doi.org/10.1002/ett.3986
Liang, K., Fang, L., Wong, D., Susilo, W.: A ciphertext-policy attribute-based proxy re-encryption scheme for data sharing in public clouds: a CP-ABPRE for data sharing in public clouds. Concurrency Comput. Pract. Exp. 27 (2014). https://doi.org/10.1002/cpe.3397
NuCypher: pyumbral. https://github.com/nucypher/pyumbral (2018)
Nuñez, D.: Umbral: a threshold proxy re-encryption scheme (2017). https://raw.githubusercontent.com/nucypher/umbral-doc/master/umbral-doc.pdf
Nuñez, D., Agudo, I., Lopez, J.: Proxy re-encryption: analysis of constructions and its application to secure access delegation. J. Netw. Comput. Appl. 87, 193–209 (2017). https://doi.org/10.1016/j.jnca.2017.03.005
Qin, Z., Xiong, H., Wu, S., Batamuliza, J.: A survey of proxy re-encryption for secure data sharing in cloud computing. IEEE Trans. Serv. Comput. 1 (2016). https://doi.org/10.1109/TSC.2016.2551238
Rabieh, K., Akkaya, K., Karabiyik, U., Qamruddin, J.: A secure and cloud-based medical records access scheme for on-road emergencies. In: 2018 15th IEEE Annual Consumer Communications & Networking Conference (CCNC), pp. 1–8 (2018). https://doi.org/10.1109/CCNC.2018.8319175
Ren, C., Dong, X., Shen, J., Cao, Z., Zhou, Y.: Clap-pre: certificateless autonomous path proxy re-encryption for data sharing in the cloud. Appl. Sci. 12(9) (2022). https://doi.org/10.3390/app12094353
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979). https://doi.org/10.1145/359168.359176
Shoup, V.: A proposal for an ISO standard for public key encryption. Cryptology ePrint Archive, Paper 2001/112 (2001). https://eprint.iacr.org/2001/112
Thilakanathan, D., Chen, S., Nepal, S., Calvo, R., Alem, L.: A platform for secure monitoring and sharing of generic health data in the cloud. Future Gener. Comput. Syst. 35, 102–113 (2014), special Section: Integration of Cloud Computing and Body Sensor Networks; Guest Editors: Giancarlo Fortino and Mukaddim Pathan
Xue, L.: DSAS: a secure data sharing and authorized searchable framework for e-healthcare system. IEEE Access 10, 30779–30791 (2022). https://doi.org/10.1109/ACCESS.2022.3153120
Yang, Y., Zheng, X., Guo, W., Liu, X., Chang, V.: Privacy-preserving smart IoT-based healthcare big data storage and self-adaptive access control system. Inf. Sci. 479, 567–592 (2019). https://doi.org/10.1016/j.ins.2018.02.005
Yüksel, B., Küpçü, A.: Öznur Özkasap: research issues for privacy and security of electronic health services. Futur. Gener. Comput. Syst. 68, 1–13 (2017). https://doi.org/10.1016/j.future.2016.08.011
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Rodrigues, B., Amorim, I., Silva, I., Mendes, A. (2024). Patient-Centric Health Data Sovereignty: An Approach Using Proxy Re-Encryption. In: Katsikas, S., et al. Computer Security. ESORICS 2023 International Workshops. ESORICS 2023. Lecture Notes in Computer Science, vol 14398. Springer, Cham. https://doi.org/10.1007/978-3-031-54204-6_11
Download citation
DOI: https://doi.org/10.1007/978-3-031-54204-6_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-54203-9
Online ISBN: 978-3-031-54204-6
eBook Packages: Computer ScienceComputer Science (R0)