Health Access Broker: Secure, Patient-Controlled Management of Personal Health Records in the Cloud

TL;DR

The paper introduces the Health Access Broker (HAB), a novel patient-controlled system for secure, privacy-preserving management of personal health records in the cloud, emphasizing flexibility and intrusion detection.

Contribution

HAB is a new approach that allows flexible storage locations and does not rely on fully trusted components, incorporating continuous auditing and intrusion detection.

Findings

HAB enables secure, patient-controlled health record sharing.

It does not depend on a specific storage location or fully trusted components.

The system provides continuous auditing and intrusion detection for enhanced security.

Abstract

Secure and privacy-preserving management of Personal Health Records (PHRs) has proved to be a major challenge in modern healthcare. Current solutions generally do not offer patients a choice in where the data is actually stored and also rely on at least one fully trusted element that patients must also trust with their data. In this work, we present the Health Access Broker (HAB), a patient-controlled service for secure PHR sharing that (a) does not impose a specific storage location (uniquely for a PHR system), and (b) does not assume any of its components to be fully secure against adversarial threats. Instead, HAB introduces a novel auditing and intrusion-detection mechanism where its workflow is securely logged and continuously inspected to provide auditability of data access and quickly detect any intrusions.