Peifung E. Lam
John C. Mitchell
ABSTRACT
Regulations and policies regarding Electronic Health Information (EHI) are increasingly complex. Federal and State policy makers have called for both education to increase stakeholder understanding of complex policies and improved systems that impose policy restrictions on access and transmission of EHI. Building on prior work formalizing privacy laws as logic programs, we prove that for any privacy policy that conforms to patterns evident in HIPAA, there exists a finite representative hospital database that illustrates how the law applies in all possible hospitals. This representative illustrative example can support new education, new policy development, and new policy debugging tools. Addressing the need for secure transmission of usable EHI, we show how policy formalized as a logic program can also be used to automatically generate a form of access control policy used in Attribute-Based Encryption (ABE). This approach, testable using our representative hospital model, makes it possible to share policy-encrypted data on untrusted cloud servers, or send strategically encrypted data across potentially insecure networks. As part of our study, we built a prototype to secure Health Information Exchange (HIE), with automatically generated ABE policies, and measure its performance.
- A. Barth, A. Datta, J. C. Mitchell, and H. Nissenbaum, "Privacy and contextual integrity: Framework and applications," in IEEE Symposium on Security and Privacy. IEEE Computer Society, 2006, pp. 184--198. Google Scholar
Digital Library
- A. Barth, J. Mitchell, A. Datta, and S. Sundaram, "Privacy and Utility in Business Processes," Computer Security Foundations Symposium, IEEE, vol. 0, pp. 279--294, 2007. Google ScholarDigital Library
- P. E. Lam, J. C. Mitchell, and S. Sundaram, "A Formalization of HIPAA for a Medical Messaging System," Lecture Notes in Comp. Sci., vol. 5695, pp. 73--85, 2009. Google ScholarDigital Library
- SHARPS, "Strategic Healthcare IT Advanced Research Projects on Security," http://sharps.org.Google Scholar
- J. White, J. Daniel, S. Posnack, and L. L. Dimitropoulos, "Privacy and Security Solutions for Interoperable Health Information Exchange - Assessment of Variation and Analysis of Solutions," 2007. {Online}. Available: http://healthit.hhs.gov/portal/server.pt/document/877834/avas_508.pdfGoogle Scholar
- A. Appari, D. Anthony, and M. E. Johnson., "HIPAA Compliance: An Examination of Institutional and Market Forces." Proceedings of the 8th Workshop on Economics of Information Security, London, 2009.Google Scholar
- M. I. Harrison, R. Koppel, and S. BarLev, "Unintended Consequences of Information Technologies in Health Care - An Interactive Sociotechnical Analysis." Journal of American Medical Informatics Association, 2007.Google Scholar
- L. O. Gostin, J. G. Hodge, and R. O. Valdiserri, "Informational Privacy and the Public's Health: The Model State Public Privacy Act." American Journal of Public Health, 2001.Google Scholar
- Markle Foundation, "The Connecting for Health Common Framework." http://www.connectingforhealth.org/.Google Scholar
- M. E. F. et al., "A Regional Health Information Exchange: Architecture and Implementation." Proceedings of AMIA Annual Symposium, 2008.Google Scholar
- P. Ashley, S. Hada, G. Karjoth, C. Powers, and M. Schunter, "Enterprise privacy authorization language (EPAL 1.1)," http://www.zurich.ibm.com/security/enterprise-privacy/epal/Specification/, 2003.Google Scholar
- M. Backes, G. Karjoth, W. Bagga, and M. Schunter, "Efficient Comparison of Enterprise Privacy Policies," in Proceedings of the 2004 ACM Symposium on Applied Computing, ser. SAC '04. New York, NY, USA: ACM, 2004, pp. 375--382. Google ScholarDigital Library
- A. Anderson, D. E. A. Nadalin, B. Parducci, F. S. E. Coyne, M. M. H. Lockhart, P. H. M. Kudo, S. P. R. Jacobson, S. A. S. Godik, and T. Moses, "Extensible Access Control Markup Language (XACML) v2.0," 2004.Google Scholar
- J. Reagle and L. F. Cranor, "The Platform for Privacy Preferences," Commun. ACM, vol. 42, pp. 48--55, 1999. Google ScholarDigital Library
- H. Deyoung, D. Garg, D. Kaynar, and A. Datta, "PrivacyLFP: A Logic of Privacy with Fixed Points 5," 2010.Google Scholar
- T. Breaux and A. Anton, "Analyzing Regulatory Rules for Privacy and Security Requirements," IEEE Transactions on Software Engineering, vol. 34, pp. 5--20, 2008. Google ScholarDigital Library
- M. J. May, C. A. Gunter, and I. Lee, "Privacy APIs: Access Control Techniques to Analyze and Verify Legal Privacy Policies," in Proceedings of the 19th IEEE workshop on Computer Security Foundations. Washington, DC, USA: IEEE Computer Society, 2006, pp. 85--97. Google ScholarDigital Library
- J. Mathe, J. Martin, P. Miller, A. Ledeczi, L. Weavind, A. Nadas, A. Miller, D. Maron, and J. Sztipanovits., "A Model-Integrated, Guideline Driven, Clinical Decision Support System." IEEE Software, 2009. Google ScholarDigital Library
- K. Balasubramanian, A. Gokhale, G. Karsai, J. Sztipanovits, and S. Neema. "Developing Applications Using Model Driven Design Environments." IEEE Computer, 2006. Google ScholarDigital Library
- L. E. Olson, C. A. Gunter, and P. Madhusudan., "A Formal Framework for Reflective Database Access Control Policies." ACM Conference on Computer and Communications Security, 2008. Google ScholarDigital Library
- L. Olson, C. A. Gunter, and S. P. Olson., "A Medical Database Case Study for Reflective Databases Access Control." Security and Privacy in Medical and Homecare Systems, 2009. Google ScholarDigital Library
- R. Ostrovsky, A. Sahai, and B. Waters, "Attribute-based Encryption with Non-Monotonic Access Structures," in Proceedings of the 14th ACM conference on Computer and Communications Security, ser. CCS '07. New York, NY, USA: ACM, 2007, pp. 195--203. Google ScholarDigital Library
- T. Nishide, K. Yoneyama, and K. Ohta, "Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures," in Proceedings of the 6th International Conference on Applied Cryptography and Network Security, ser. ACNS'08. Springer-Verlag, 2008, pp. 111--129. Google ScholarDigital Library
- V. Goyal, O. Pandey, A. Sahai, and B. Waters, "Attribute-Based Encryption for Fine-grained Access Control of Encrypted Data," in Proceedings of the 13th ACM conference on Computer and Communications Security, ser. CCS '06. ACM, 2006, pp. 89--98. Google ScholarDigital Library
- J. Bethencourt, A. Sahai, and B. Waters, "Ciphertext-Policy Attribute-Based Encryption," in Proceedings of the 2007 IEEE Symposium on Security and Privacy, ser. SP '07. Washington, DC, USA: IEEE Computer Society, 2007, pp. 321--334. Google ScholarDigital Library
- R. Bobba, O. Fatemieh, F. Khan, A. Khan, C. A. Gunter, H. Khurana, and M. Prabhakaran, "Attribute-Based Messaging: Access Control and Confidentiality," ACM Trans. Inf. Syst. Secur., vol. 13, pp. 31:1--31:35, December 2010. Google ScholarDigital Library
- P. E. Lam, J. C. Mitchell, and S. Sundaram, "A Formalization of HIPAA for a Medical Messaging System," in Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business, ser. TrustBus '09. Springer-Verlag, 2009, pp. 73--85. Google ScholarDigital Library
- "FEATURES: Functional Encryption Applicable to Usable and Really Effective Security," 2010, http://spar.isi.jhu.edu/features/index.html.Google Scholar
- U. Nilsson and J. Maluszynski, Logic, Programming, and PROLOG. New York: John Wiley & Sons, Inc., 1995. Google ScholarDigital Library
- S. Ceri, G. Gottlob, and L. Tanca, Logic programming and databases. New York: Springer-Verlag, 1990. Google ScholarDigital Library
- B. Waters, "Ciphertext-Policy Attribute-Based Encryption: an Expressive, Efficient, and Provably Secure Realization," in Public Key Cryptography (PKC 2011). Berlin, Heidelberg: Springer-Verlag, 2011, pp. 53--70. Google ScholarDigital Library
- "JLog - Prolog in Java," 2011. {Online}. Available: http://jlogic.sourceforge.net/Google Scholar
Index Terms
- Declarative privacy policy: finite models and attribute-based encryption
Recommendations
Privacy policies of personal health records: an evaluation of their effectiveness in protecting patient information
IHI '10: Proceedings of the 1st ACM International Health Informatics SymposiumIn recent years, there has been growing demand by patients for access to their own health information via tools like Personal Health Records [1]. The Markle Foundation [2] defines the Personal Health Record (PHR) as an electronic application through ...
A comprehensive privacy-aware authorization framework founded on HIPAA privacy rules
IHI '10: Proceedings of the 1st ACM International Health Informatics SymposiumHealth care entities publish privacy polices that are aligned with government regulations such as Health Insurance Portability and Accountability Act (HIPPA) and promise to use and disclose health data according to the stated policies. However actual ...
PriPoCoG: Guiding Policy Authors to Define GDPR-Compliant Privacy Policies
Trust, Privacy and Security in Digital BusinessAbstractThe General Data Protection Regulation (GDPR) makes the creation of compliant privacy policies a complex process. Our goal is to support policy authors during the creation of privacy policies, by providing them feedback on the privacy policy they ...
Comments