Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification

Wireless communications play an important role in ensuring ease of access to shared electronic health records (EHR) across health service providers which is essential and significant for prompt patients’ care, especially in cases of emergency medical conditions. With the need to support anytime, any...

Full description

Saved in:
Bibliographic Details
Published in:Wireless networks 2024-08, Vol.30 (6), p.4773-4795
Main Authors: Tan, Kheng-Leong, Chi, Chi-Hung, Lam, Kwok-Yan
Format: Article
Language:English
Subjects:
Access control
Algorithms
Communications Engineering
Computer Communication Networks
Cryptography
Electrical Engineering
Electronic health records
Emergency medical services
Encryption
Engineering
Health services
IT in Business
Networks
Patients
Personal health
Privacy
Threat evaluation
Verification
Wireless communications
Wireless networks
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Wireless communications play an important role in ensuring ease of access to shared electronic health records (EHR) across health service providers which is essential and significant for prompt patients’ care, especially in cases of emergency medical conditions. With the need to support anytime, anywhere access to, potentially bandwidth hungry, medical records, electronic healthcare applications will continue to benefit from advanced wireless network technologies such as 5G and beyond. With sharing, it is crucial to provide patients with security and privacy guarantees, and allow them to certain control of access to their data. Existing solutions mostly assume that patients are available to authorize requests to access their EHR, which is impractical as the patient may be unconscious. This paper proposes a secure and privacy protecting protocol whereby the patient can pre-delegate the authorization for the access of his/her EHR. Our patient(user)-centric proposal combines Self-Sovereign Identity (SSI) concepts and model with Secure Multi-party Computation (SMPC) and Threshold Cryptography (TC) to enable secure identity and authorization verification. A block cipher encryption sharing approach is adopted for the threshold SMPC which extends the AES-GCM symmetric encryption model into a full-fledged cryptographic platform. Two mechanisms are implemented for the block cipher encryption, namely XOR and Cascade, and experiments are conducted to compare them. We conclude that the XOR mechanism can scale for larger thresholds, while Cascade performed better for a lower threshold (≤ 3). This paper also performs a threat analysis of the protocol and approach, and validates its correctness and complexity. We conclude that the approach can achieve the security and privacy protection of the patient’s personal EHR, as well as the autonomy of the patient to control the authorization for the access and sharing.
ISSN:1022-0038
1572-8196
DOI:10.1007/s11276-022-03114-6