Journal of Medical Systems

, Volume 36, Issue 6, pp 4005–4020

Secure Dynamic Access Control Scheme of PHR in Cloud Computing

  • Tzer-Shyong Chen
  • Chia-Hui Liu
  • Tzer-Long Chen
  • Chin-Sheng Chen
  • Jian-Guo Bau
  • Tzu-Ching Lin
Original Paper

DOI: 10.1007/s10916-012-9873-8

Cite this article as:
Chen, TS., Liu, CH., Chen, TL. et al. J Med Syst (2012) 36: 4005. doi:10.1007/s10916-012-9873-8

Abstract

With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system “personal health records (PHR)” is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access scheme in Cloud computing environments is proven flexible and secure and could effectively correspond to real-time appending and deleting user access authorization and appending and revising PHR records.

Keywords

Personal health records Cloud computing Access control Key management Lagrange interpolation 

Copyright information

© Springer Science+Business Media, LLC 2012

Authors and Affiliations

  • Tzer-Shyong Chen
    • 1
  • Chia-Hui Liu
    • 2
  • Tzer-Long Chen
    • 3
  • Chin-Sheng Chen
    • 4
  • Jian-Guo Bau
    • 5
  • Tzu-Ching Lin
    • 1
  1. 1.Department of Information ManagementTunghai UniversityTaichungTaiwan
  2. 2.Department of Digital Literature and ArtsSt. John’s UniversityTaipeiTaiwan
  3. 3.Department of Information ManagementTaiwan UniversityTaipeiTaiwan
  4. 4.Department of StatisticsTunghai UniversityTaichungTaiwan
  5. 5.Department of Biomedical EngineeringHungkuang UniversityTaichungTaiwan

Personalised recommendations