By Topic

SAPPHIRE: Anonymity for enhanced control and private collaboration in healthcare clouds

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Pecarina, J. ; Dept. of Comput. Sci. & Eng., Texas A&M Univ., College Station, TX, USA ; Shi Pu ; Jyh-Charn Liu

Existing cloud storage systems lack privacy aware architectures that meet accessibility goals for complex collaboration. This deficiency is fully realized in the healthcare industry, where cloud-enabling technology blurs the ownership boundary of health and wellness information. Whether among traditional `stovepiped' data silos, health information exchanges or personally controlled health information repositories, various forms of privacy neglect are common practice. We propose a paradigm shift in the interaction of users with cloud services that removes unwarranted trust in the cloud service provider and provisions accessibility for collaborators. To realize the paradigm shift, it is necessary to provide anonymity in data storage and separate the administration of access policy and authorization from the mechanisms used for enforcement. The dispensation of authorizations in the SAPPHIRE architecture bootstraps a traditional Kerberos ticket-based approach with `trust verifications'. In our evaluation, we prove the security properties of the SAPPHIRE architecture and implement a small scale prototype. Our analysis shows that SAPPHIRE is a viable extension of collaborative health information systems through the provision of anonymity and enhanced policy administration for the primary data owner.

Published in:

Cloud Computing Technology and Science (CloudCom), 2012 IEEE 4th International Conference on

Date of Conference:

3-6 Dec. 2012