Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content

Advertisement

SpringerLink
Log in

A Patient Privacy Protection Scheme for Medical Information System

  • Original Paper
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

In medical information systems, there are a lot of confidential information about patient privacy. It is therefore an important problem how to prevent patient’s personal privacy information from being disclosed. Although traditional security protection strategies (such as identity authentication and authorization access control) can well ensure data integrity, they cannot prevent system’s internal staff (such as administrators) from accessing and disclosing patient privacy information. In this paper, we present an effective scheme to protect patients’ personal privacy for a medical information system. In the scheme, privacy data before being stored in the database of the server of a medical information system would be encrypted using traditional encryption algorithms, so that the data even if being disclosed are also difficult to be decrypted and understood. However, to execute various kinds of query operations over the encrypted data efficiently, we would also augment the encrypted data with additional index, so as to process as much of the query as possible at the server side, without the need to decrypt the data. Thus, in this paper, we mainly explore how the index of privacy data is constructed, and how a query operation over privacy data is translated into a new query over the corresponding index so that it can be executed at the server side immediately. Finally, both theoretical analysis and experimental evaluation validate the practicality and effectiveness of our proposed scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

Notes

  1. http://www.chinadaily.com.cn/

References

  1. Domingo-Ferrer, J., New privacy homomorphism and applications. Inf. Process. Lett. 5(60):277–282, 1994.

    MathSciNet  Google Scholar 

  2. Easttom, C., Computer security fundamentals. 2nd edn. Upper Saddle River: Prentice Hall, 2011.

    Google Scholar 

  3. Grau, S., Allen, T., and Sherkat, N., Silog: Speech input logon. Knowl.-Based Syst. 7(22):535–539, 2009.

    Article  Google Scholar 

  4. Hakan, H., Bala, L., and Chen, L., Executing sql over encrypted data in the database service provider model. In: Proceedings of SIGMOD’ 02, pp. 216–227, 2002.

  5. Popa, R. A., Redfield, C. M. S., Zeldovich, N., and Balakrishnan, H, CryptDB: Protecting confidentiality with encrypted query processing. In: Proceedings of SOSP’ 11, pp. 85–100, 2011.

  6. Wu, Z., Xu, G., Zong, Y., Yi, X., Chen, E., and Zhang, Z., Executing sql queries over encrypted character strings in the database-as-service model. Knowl.-Based Syst. 12(35):332–348, 2012.

    Article  Google Scholar 

  7. He, D. B., Chen, J. H., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 3(36):1989–1995, 2012.

    Google Scholar 

  8. Hwang, M. S., and Li, L. H., A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 1(46):28–30, 2012.

    Google Scholar 

  9. Lee, J. K., Ryu, S. R., and Yoo, K. Y., Fingerprint-based remote user authentication scheme using smart cards. Electron. Lett. 12(38):554–555, 2002.

    Article  Google Scholar 

  10. Lee, T. F., and Liu, C. M., A secure smart-card based authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 3(37):9941–9948, 2013.

    Article  Google Scholar 

  11. Li, C. T., Secure smart card based password authentication scheme with user anonymity. Inform. Technol. Control. 2(40):157–162, 2011.

    Google Scholar 

  12. Murugesan, M., and Clifton, C., Providing privacy through plausibly deniable search. In: Proceedings of SIAM’ 09, pp. 768–780, 2009.

  13. Rivest, R., Adleman, L., and Dertouzos, M. L., On data banks and privacy homomorphism: Foundation of secure computation. New York: Academic Press, 1978.

    Google Scholar 

  14. Sandhu, R. S., and Samarati, P., Access control: Principles and practice. IEEE Commun. Mag. 9(32): 40–48, 1994.

    Article  Google Scholar 

  15. Wei, J., Hu, X., and Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 6(36):3597–3604, 2012.

    Article  Google Scholar 

  16. Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 3(36):1529–1535, 2012.

    Article  Google Scholar 

  17. Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 6(36): 3833–3841, 2012.

    Article  Google Scholar 

Download references

Acknowledgments

The work in this paper is supported by grants from the National Natural Science Foundation of China (Nos.61202171, 61272018 and 61303113), the China Postdoctoral Science Foundation funded projects (Nos.2012M521251 and 2013T60623) and the Zhejiang Provincial Natural Science Foundation of China (Nos. LY12F01016 and Q13F020034).

Author information

Authors and Affiliations

  1. Northwestern Polytechnical University, 710072, Xi’an, Shanxi, People’s Republic of China

    Chenglang Lu & Mingyong Liu

  2. Oujiang College, Wenzhou University, 325035, Wenzhou, Zhejiang, People’s Republic of China

    Zongda Wu & Junfang Guo

  3. Wenzhou Hospital of Integrated Traditional Chinese and Western Medicine, Wenzhou, 325088, Zhejiang, China

    Wei Chen

Authors
  1. Chenglang Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zongda Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mingyong Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wei Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Junfang Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zongda Wu.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Lu, C., Wu, Z., Liu, M. et al. A Patient Privacy Protection Scheme for Medical Information System. J Med Syst 37, 9982 (2013). https://doi.org/10.1007/s10916-013-9982-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-013-9982-z

Keywords

Search

Navigation