Title: Privacy-enhancing methods for e-health applications: how to prevent statistical analyses and attacks

Authors: Christian Stingl, Daniel Slamanig

Addresses: School of Medical Information Technology, Carinthia University of Applied Sciences, Primoschgasse 10, 9020 Klagenfurt, Austria. ' School of Medical Information Technology, Carinthia University of Applied Sciences, Primoschgasse 10, 9020 Klagenfurt, Austria

Abstract: This paper investigates the privacy issues in the context of e-health and will especially consider e-health portals which provide patients access to Electronic Health Records (EHRs). Since e-health portals can be accessed via the internet, security and privacy issues arise that have to be considered carefully. Besides the traditional security properties, we focus mainly on additional threats, namely the disclosure attack, the anonymity set attack and statistical analysis of metadata. A disclosure attack takes place if a person |motivates| or even forces another one to present her EHR. We propose so-called multiple identities, which help to eliminate this attack. In the context of anonymous authentication, we will point out weaknesses regarding the choice of anonymity sets. Additionally, by applying statistical analysis on the metadata of an e-health portal, it is possible to determine relevant information which could have negative effects on the patient. We present a concept that includes pseudonymisation of e-health portals, multiple identities, obfuscation of metadata and anonymity methods to prevent the above-mentioned attacks and make statistical analysis difficult. Furthermore, all privacy-enhancing methods do not rely on application-layer mechanisms (which in general can easily be bypassed by insiders), but are based on cryptographic primitives which are state of the art.

Keywords: anonymity set attacks; disclosure attacks; e-health portals; electronic health records; EHR; privacy; electronic healthcare; metadata analysis; anonymous authentication; security; pseudonymisation; cryptographic primitives; cryptography.

DOI: 10.1504/IJBIDM.2008.022135

International Journal of Business Intelligence and Data Mining, 2008 Vol.3 No.3, pp.236 - 254

Published online: 19 Dec 2008 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article