Title: An access control model for cloud-based EMR federation

Authors: Anant V. Nimkar; Soumya K. Ghosh

Addresses: School of Information Technology, Indian Institute of Technology, Kharagpur, India ' School of Information Technology, Indian Institute of Technology, Kharagpur, India

Abstract: Pharmaceutical companies and researchers need a huge collection of health records for an epidemiological study where spread and control of diseases are investigated. Huge collection is not only the requirement in an epidemiological study, but the collection of health records must be from diverse geographical area to perform unbiased experimentation. This requirement is currently addressed through the health record exchange which results in delay and extra communication overhead because of per record negotiation. This paper presents a cloud-based architecture for the federation of entities from healthcare ecosystem and provides an economical and scalable solution. The paper also investigates the security issues on federated health records to maintain patients' privacy. It finally proposes EMR federation access control model (EMR-FACM) to authorise subjects over objects through the companion identity and label space model (ILSM) and federation services. The theoretical study attempts to prove the correctness of proposed EMR-FACM.

Keywords: security; access control modelling; medical healthcare; cloud computing; electronic medical records; EMRs; cloud-based EMR federation; federated health records; patient privacy.

DOI: 10.1504/IJTMCC.2014.067369

International Journal of Trust Management in Computing and Communications, 2014 Vol.2 No.4, pp.330 - 352

Received: 29 May 2014
Accepted: 22 Jul 2014

Published online: 21 Feb 2015 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article