TY - CHAP
T1 - Private verification of access on medical data: An initial study
AU - Idalino, Thaís Bardini
AU - Spagnuelo, Dayana
AU - Martina, Jean Everson
PY - 2017
Y1 - 2017
N2 - © Springer International Publishing AG 2017. Patient-centered medical systems promote empowerment of patients, who can decide on the accesses and usage of their personal data. To inspire a sense of trust and encourage the adoption of such systems, it is desired to allow one to verify whether the system has acted in accordance with the patients’ preferences. However, it is argued that even audit logs and usage policies, normally used when verifying such property, may already be enough for one to learn sensitive information, e.g., the medical specialists a given patient has visited in the past. This is not only damaging for the patients, but is also against the interests of the medical system, which may lose back the trust earned and gain a bad reputation. Verifiability should not come at the expense of patients’ privacy. It is, therefore, imperative that these systems take necessary precautions towards patient’s information when providing means for verifiability. In this work we study how to realize that. In particular, we explore how searchable encryption techniques could be applied to allow the verification of systems in a private fashion, providing no information on patient’s sensitive data.
AB - © Springer International Publishing AG 2017. Patient-centered medical systems promote empowerment of patients, who can decide on the accesses and usage of their personal data. To inspire a sense of trust and encourage the adoption of such systems, it is desired to allow one to verify whether the system has acted in accordance with the patients’ preferences. However, it is argued that even audit logs and usage policies, normally used when verifying such property, may already be enough for one to learn sensitive information, e.g., the medical specialists a given patient has visited in the past. This is not only damaging for the patients, but is also against the interests of the medical system, which may lose back the trust earned and gain a bad reputation. Verifiability should not come at the expense of patients’ privacy. It is, therefore, imperative that these systems take necessary precautions towards patient’s information when providing means for verifiability. In this work we study how to realize that. In particular, we explore how searchable encryption techniques could be applied to allow the verification of systems in a private fashion, providing no information on patient’s sensitive data.
KW - Audit
KW - Compliance
KW - Patient-centered medical systems
KW - Privacy
KW - Searchable encryption
KW - Verifiability
UR - http://www.mendeley.com/research/private-verification-access-medical-data-initial-study
U2 - 10.1007/978-3-319-67816-0_6
DO - 10.1007/978-3-319-67816-0_6
M3 - Chapter
SN - 9783319678153
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 86
EP - 103
BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PB - Springer Verlag
ER -