A central aspect of eHealth is the electronic healthcare record (EHR) which integrates all relevant medical information of a person and represents a lifelong documentation of the medical history. By virtue of their sensitive character it is crucial that medical data can only be accessed by the patient herself and persons who are directly involved in the treatment of the patient. Since eHealth portals can be accessed via the Internet, security and privacy issues arise that have to be considered carefully. Besides traditional security properties, we mainly focus on additional threats, namely the trivial disclosure attack and the statistical analysis of metadata. Thereby a disclosure attack takes place if a person enforces another person to present her EHR, e.g. during a job interview. Additionally, by applying statistical analysis on the metadata of an eHealth portal, it is possible to determine relevant information (e.g. psychological treatment) which could have negative effects on the patient. In this paper we present a concept including pseudonymization of medical data, identity management, obfuscation of metadata and anonymous authentication to prevent disclosure attacks and statistical analysis.
With the advent of cloud computing, the realization of highly available electronic health records providing location-independent access seems to be very promising. However, cloud computing raises major security issues that need to be addressed particularly within the health care domain. The protection of the privacy of individuals often seems to be left on the sidelines. For instance, common protection against malicious insiders, i.e., non-disclosure agreements, is purely organizational. Clearly, such measures cannot prevent misuses but can at least discourage it. In this paper, we present an approach to storing highly sensitive health data in the cloud whereas the protection of patient's privacy is exclusively based on technical measures, so that users and providers of health records do not need to trust the cloud provider with privacy related issues. Our technical measures comprise anonymous communication and authentication, anonymous yet authorized transactions and pseudonymization of databases.
In this paper we discuss anonymity in context of group based anonymous authentication (GBAA). Methods for GBAA provide mechanisms such that a user is able to prove membership in a group U ⊆ U of authorized users U to a verifier, whereas the verifier does not obtain any information on the actual identity of the authenticating user. They can be used in addition to anonymous communication channels in order to enhance user's privacy if access to services is limited to authorized users, e.g. subscription-based services. We especially focus on attacks against the anonymity of authenticating users which can be mounted by an external adversary or a passive verifier when GBAA is treated as a black box. In particular, we investigate what an adversary can learn by solely observing anonymity sets U used for GBAA and how users can choose their anonymity sets in case of U ⊂ U. Based on the information which can be obtained by adversaries we show that the probability of user identification can be improved.
scite is a Brooklyn-based startup that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.