In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
Ninth International Network Conference (INC 2012)
Title: An Access Control Framework for Protecting Mobile Health Records: The Case Study of Developing Countries
Author(s): Richard Ssembatya
Keywords: Role Based Access Control, Attribute-Based Encryption, Mobile Health Records
Abstract: Mobile health records are a good way of providing users with on-demand access to health care data. Standard approaches of securing health records include role-based access control (RBAC) because this is a flexible approach to assign permissions to a wide variety of users. However, RBAC models are not designed to enforce fine-grained access control. For instance, in mobile health record systems, it is difficult to configure a policy that permits a patient to selectively share his/her personal records with healthcare workers. Therefore, defining policies that express application-level security requirements with respect to mobile records is challenging. In this paper, we present an RBAC inspired framework that provides fine-grained encryption for mobile health records where patient records have different access control policies. Our proposed framework ensures that the data can be made available securely offline. This approach can leverage systems where information needs to be shared securely under constraints of energy and/or Internet coverage.
Download count: 1110
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.