Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification

Wireless communications play an important role in ensuring ease of access to shared electronic health records (EHR) across health service providers which is essential and significant for prompt patients’ care, especially in cases of emergency medical conditions. With the need to support anytime, any...

Full description

Saved in:
Bibliographic Details
Main Authors: Tan, Kheng Leong, Chi, Chi-Hung, Lam, Kwok-Yan
Other Authors: School of Computer Science and Engineering
Format: Article
Language:English
Published: 2023
Subjects:
Online Access:https://hdl.handle.net/10356/168440
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-168440
record_format dspace
spelling sg-ntu-dr.10356-1684402023-06-02T15:36:08Z Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification Tan, Kheng Leong Chi, Chi-Hung Lam, Kwok-Yan School of Computer Science and Engineering Strategic Centre for Research in Privacy-Preserving Technologies and Systems Engineering::Computer science and engineering Cryptographic Controls Algorithm/Protocol Design and Analysis Wireless communications play an important role in ensuring ease of access to shared electronic health records (EHR) across health service providers which is essential and significant for prompt patients’ care, especially in cases of emergency medical conditions. With the need to support anytime, anywhere access to, potentially bandwidth hungry, medical records, electronic healthcare applications will continue to benefit from advanced wireless network technologies such as 5G and beyond. With sharing, it is crucial to provide patients with security and privacy guarantees, and allow them to certain control of access to their data. Existing solutions mostly assume that patients are available to authorize requests to access their EHR, which is impractical as the patient may be unconscious. This paper proposes a secure and privacy protecting protocol whereby the patient can pre-delegate the authorization for the access of his/her EHR. Our patient(user)-centric proposal combines Self-Sovereign Identity (SSI) concepts and model with Secure Multi-party Computation (SMPC) and Threshold Cryptography (TC) to enable secure identity and authorization verification. A block cipher encryption sharing approach is adopted for the threshold SMPC which extends the AES-GCM symmetric encryption model into a full-fledged cryptographic platform. Two mechanisms are implemented for the block cipher encryption, namely XOR and Cascade, and experiments are conducted to compare them. We conclude that the XOR mechanism can scale for larger thresholds, while Cascade performed better for a lower threshold (≤ 3). This paper also performs a threat analysis of the protocol and approach, and validates its correctness and complexity. We conclude that the approach can achieve the security and privacy protection of the patient’s personal EHR, as well as the autonomy of the patient to control the authorization for the access and sharing. National Research Foundation (NRF) Submitted/Accepted version This work was supported by the National Research Foundation, Singapore under its Strategic Capability Research Centres Funding Initiative. 2023-05-31T06:40:19Z 2023-05-31T06:40:19Z 2022 Journal Article Tan, K. L., Chi, C. & Lam, K. (2022). Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification. Wireless Networks. https://dx.doi.org/10.1007/s11276-022-03114-6 1022-003- https://hdl.handle.net/10356/168440 10.1007/s11276-022-03114-6 2-s2.0-85138749496 en Wireless Networks © 2022 The Author(s), under exclusive licence to Springer Science Business Media, LLC, part of Springer Nature. All rights reserved. This version of the article has been accepted for publication, after peer review and is subject to Springer Nature’s AM terms of use, but is not the Version of Record and does not reflect post-acceptance improvements, or any corrections. The Version of Record is available online at: http://dx.doi.org/10.1007/s11276-022-03114-6. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic Engineering::Computer science and engineering
Cryptographic Controls
Algorithm/Protocol Design and Analysis
spellingShingle Engineering::Computer science and engineering
Cryptographic Controls
Algorithm/Protocol Design and Analysis
Tan, Kheng Leong
Chi, Chi-Hung
Lam, Kwok-Yan
Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification
description Wireless communications play an important role in ensuring ease of access to shared electronic health records (EHR) across health service providers which is essential and significant for prompt patients’ care, especially in cases of emergency medical conditions. With the need to support anytime, anywhere access to, potentially bandwidth hungry, medical records, electronic healthcare applications will continue to benefit from advanced wireless network technologies such as 5G and beyond. With sharing, it is crucial to provide patients with security and privacy guarantees, and allow them to certain control of access to their data. Existing solutions mostly assume that patients are available to authorize requests to access their EHR, which is impractical as the patient may be unconscious. This paper proposes a secure and privacy protecting protocol whereby the patient can pre-delegate the authorization for the access of his/her EHR. Our patient(user)-centric proposal combines Self-Sovereign Identity (SSI) concepts and model with Secure Multi-party Computation (SMPC) and Threshold Cryptography (TC) to enable secure identity and authorization verification. A block cipher encryption sharing approach is adopted for the threshold SMPC which extends the AES-GCM symmetric encryption model into a full-fledged cryptographic platform. Two mechanisms are implemented for the block cipher encryption, namely XOR and Cascade, and experiments are conducted to compare them. We conclude that the XOR mechanism can scale for larger thresholds, while Cascade performed better for a lower threshold (≤ 3). This paper also performs a threat analysis of the protocol and approach, and validates its correctness and complexity. We conclude that the approach can achieve the security and privacy protection of the patient’s personal EHR, as well as the autonomy of the patient to control the authorization for the access and sharing.
author2 School of Computer Science and Engineering
author_facet School of Computer Science and Engineering
Tan, Kheng Leong
Chi, Chi-Hung
Lam, Kwok-Yan
format Article
author Tan, Kheng Leong
Chi, Chi-Hung
Lam, Kwok-Yan
author_sort Tan, Kheng Leong
title Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification
title_short Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification
title_full Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification
title_fullStr Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification
title_full_unstemmed Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification
title_sort secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification
publishDate 2023
url https://hdl.handle.net/10356/168440
_version_ 1772827422960386048