Christian Stingl scite author profile

Christian Stingl

13Publications

42Citation Statements Received

94Citation Statements Given

How they've been cited

How they cite others

213

Affiliations

Carinthia University of Applied Sciences

Publications

Order By: Most citations

Privacy Aspects of eHealth

Slamanig¹,

Stingl²

2008

View full text Add to dashboard

A central aspect of eHealth is the electronic healthcare record (EHR) which integrates all relevant medical information of a person and represents a lifelong documentation of the medical history. By virtue of their sensitive character it is crucial that medical data can only be accessed by the patient herself and persons who are directly involved in the treatment of the patient. Since eHealth portals can be accessed via the Internet, security and privacy issues arise that have to be considered carefully. Besides traditional security properties, we mainly focus on additional threats, namely the trivial disclosure attack and the statistical analysis of metadata. Thereby a disclosure attack takes place if a person enforces another person to present her EHR, e.g. during a job interview. Additionally, by applying statistical analysis on the metadata of an eHealth portal, it is possible to determine relevant information (e.g. psychological treatment) which could have negative effects on the patient. In this paper we present a concept including pseudonymization of medical data, identity management, obfuscation of metadata and anonymous authentication to prevent disclosure attacks and statistical analysis.

show abstract

Disclosing verifiable partial information of signed CDA documents using generalized redactable signatures

Slamanig¹,

Stingl²

2009

View full text Add to dashboard

Health Records and the Cloud Computing Paradigm from a Privacy Perspective

Stingl¹,

Slamanig²

2011

Journal of Healthcare Engineering

View full text Add to dashboard

With the advent of cloud computing, the realization of highly available electronic health records providing location-independent access seems to be very promising. However, cloud computing raises major security issues that need to be addressed particularly within the health care domain. The protection of the privacy of individuals often seems to be left on the sidelines. For instance, common protection against malicious insiders, i.e., non-disclosure agreements, is purely organizational. Clearly, such measures cannot prevent misuses but can at least discourage it. In this paper, we present an approach to storing highly sensitive health data in the cloud whereas the protection of patient's privacy is exclusively based on technical measures, so that users and providers of health records do not need to trust the cloud provider with privacy related issues. Our technical measures comprise anonymous communication and authentication, anonymous yet authorized transactions and pseudonymization of databases.

show abstract

Privacy-enhancing methods for e-health applications: how to prevent statistical analyses and attacks

Stingl¹,

Slamanig²

2008

IJBIDM

View full text Add to dashboard

The Degree of Privacy in Web-based Electronic Health Records

Slamanig¹,

Stingl

2009

View full text Add to dashboard

Investigating Anonymity in Group Based Anonymous Authentication

Slamanig

Stingl²

2009

View full text Add to dashboard

In this paper we discuss anonymity in context of group based anonymous authentication (GBAA). Methods for GBAA provide mechanisms such that a user is able to prove membership in a group U ⊆ U of authorized users U to a verifier, whereas the verifier does not obtain any information on the actual identity of the authenticating user. They can be used in addition to anonymous communication channels in order to enhance user's privacy if access to services is limited to authorized users, e.g. subscription-based services. We especially focus on attacks against the anonymity of authenticating users which can be mounted by an external adversary or a passive verifier when GBAA is treated as a black box. In particular, we investigate what an adversary can learn by solely observing anonymity sets U used for GBAA and how users can choose their anonymity sets in case of U ⊂ U. Based on the information which can be obtained by adversaries we show that the probability of user identification can be improved.

show abstract

Electronic Health Records: An Enhanced Security Paradigm to Preserve Patient’s Privacy

Slamanig

Stingl

2010

View full text Add to dashboard

Anonymity and Application Privacy in Context of Mobile Computing in eHealth

Slamanig¹,

Stingl²,

Menard

et al. 2009

View full text Add to dashboard

scite is a Brooklyn-based startup that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers