A Context-Driven Security Framework for Distributed Healthcare Domain
Research Areas: Policy, Law and Management, Human Centric Security,
![[topcap]](/images/floating_sidebar_topcap.png){kind=small}
Research Areas
![[bottomcap]](/images/floating_sidebar_bottomcap.png){kind=small}
Principal Investigator: Arif Ghafoor
The primary objective of the Personal Health Record (PHR) initiative is to empower users (patients) to control their own private medical information not only in terms of management and access but also allowing the sharing of their information with others in a private, secure, and confidential environment. Generally, disclosure of personal information depends on the circumstances of access including the privacy concerns of the individual patient. In particular, for using EHR/PHR technology the overriding public concern is ensuring security and privacy of their health care information, which is a serious technological challenge for the PHR technology developer. Following are the two key barriers to a wider use of PHR.
(a) Inability of a patient to compose consistent and context-aware disclosure policies for his/her collection of Electronic Health Records (HER). These records can be maintained by various heterogeneous health care and government enterprises. The challenge is to provide an intelligent user-friendly and patient-centered environment empowering the user to control access privileges relevant to various contexts.
(b) Secure and privacy-aware interoperability and data sharing among independent healthcare enterprises. The challenge is how to ensure secure sharing of data among multiple health-care enterprises, with potentially diverse security policies and guarantee privacy-preserving data integration among such enterprises.
The objective of this project is to develop a healthcare prototype on NIST’s Policy Machine (PM) for exhibiting our newly developed context-driven policy framework. For the demo, a PHR multimedia database is being implemented which consists of text, images, audio and video data whereby fine-grained access to individual multimedia objects will be implemented based on the roles across multiple healthcare domains.
Keywords: policy, context aware, health care records
Footer
RSS Feeds
Combined XML Feed
News XML Feed Events XML Feed Weblogs XML Feed Security Seminar Podcast
Twitter: @cerias, @ceriasarchive, #cerias
CERIAS, Purdue University / Recitation Building / 656 Oval Drive / West Lafayette IN 47907-2086
phone (765)494-7841 / fax (765)496-3181
Copyright © 2013, Purdue University, all rights reserved. Purdue University is an equal access/equal opportunity university.
If you have trouble accessing this page because of a disability, please contact the CERIAS webmaster at webmaster@cerias.purdue.edu. Some content on this site may require the use of a special plug-in or application. Please visit our plug-ins page for links to download these applications.
Privacy Policy