Securing medical records on smart phones

Authors:
Ryan W. Gardner;Sujata Garera;Matthew W. Pagano;Matthew Green;Aviel D. Rubin
Affiliations:
Johns Hopkins University, Baltimore, MD, USA;Johns Hopkins University, Baltimore, MD, USA;Johns Hopkins University, Baltimore, MD, USA;Johns Hopkins University, Baltimore, MD, USA;Johns Hopkins University, Baltimore, MD, USA
Venue:
Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems
Year:
2009

Citing 20
Cited 7

Optimistic security: a new access control paradigm

Proceedings of the 1999 workshop on New security paradigms
How to share a secret

Communications of the ACM
Server-Assisted Generation of a Strong Secret from a Password

WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
AMON: A Wearable Medical Computer for High Risk Patients

ISWC '02 Proceedings of the 6th IEEE International Symposium on Wearable Computers
A secure and reliable bootstrap architecture

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
How to Break Access Control in a Controlled Manner

CBMS '06 Proceedings of the 19th IEEE Symposium on Computer-Based Medical Systems
Attribute-based encryption for fine-grained access control of encrypted data

Proceedings of the 13th ACM conference on Computer and communications security
Rendezvous-based access control for medical records in the pre-hospital environment

Proceedings of the 1st ACM SIGMOBILE international workshop on Systems and networking support for healthcare and assisted living environments
Design and implementation of a TCG-based integrity measurement architecture

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Ciphertext-Policy Attribute-Based Encryption

SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Attribute-based encryption with non-monotonic access structures

Proceedings of the 14th ACM conference on Computer and communications security
Biometric Based Cryptographic Key Generation from Faces

DICTA '07 Proceedings of the 9th Biennial Conference of the Australian Pattern Recognition Society on Digital Image Computing Techniques and Applications
WAITER: A Wearable Personal Healthcare and Emergency Aid System

PERCOM '08 Proceedings of the 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications
Mobile phones assisting with health self-care: a diabetes case study

Proceedings of the 10th international conference on Human computer interaction with mobile devices and services
Towards practical biometric key generation with randomized biometric templates

Proceedings of the 15th ACM conference on Computer and communications security
A Novel Cryptosystem Based on Iris Key Generation

ICNC '08 Proceedings of the 2008 Fourth International Conference on Natural Computation - Volume 04
The practical subtleties of biometric key generation

SS'08 Proceedings of the 17th conference on Security symposium
Collusion resistant broadcast encryption with short ciphertexts and private keys

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
A tag-based data model for privacy-preserving medical applications

EDBT'06 Proceedings of the 2006 international conference on Current Trends in Database Technology
A New Method for Generating an Invariant Iris Private Key Based on the Fuzzy Vault System

IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics

MeD-Lights: a usable metaphor for patient controlled access to electronic health records

Proceedings of the 1st ACM International Health Informatics Symposium
Enhancing accountability of electronic health record usage via patient-centric monitoring

Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
Protecting health information on mobile devices

Proceedings of the second ACM conference on Data and Application Security and Privacy
An amulet for trustworthy wearable mHealth

Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications
Attribute-Based encryption with break-glass

WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Biometric access control for e-health records in pre-hospital care

Proceedings of the Joint EDBT/ICDT 2013 Workshops
Emergency mobile access to personal health records stored on an untrusted cloud

HIS'13 Proceedings of the second international conference on Health Information Science

Quantified Score

Hi-index	0.00

Visualization

Abstract

There is an inherent conflict between the desire to maintain privacy of one's medical records and the need to make those records available during an emergency. To satisfy both objectives, we introduce a flexible architecture for the secure storage of medical records on smart phones. In our system, a person can view her records at any time, and emergency medical personnel can view the records as long as the person is present (even if she is unconscious). Our solution allows for efficient revocation of access rights and is robust against adversaries who can access the phone's storage offline.