Summaries - Office of Research & Innovation
Research Summaries
Back Eager: Health Wave-Secure, Federated Protocols for Electronic Medical Records
Fiscal Year | 2011 |
Division | Graduate School of Operational & Information Sciences |
Department | Computer Science |
Investigator(s) | Peterson, Zachary N. |
Sponsor | National Science Foundation (NSF) |
Summary | We propose Health Wave, an experimental framework based on novel cryptographic techniques, providing a fully federated EMR system that supports ubiquitous and secure access to a patient's electronic medical record. Out proposed technologies will provide features not yet seen in existing EMR systems: authentic provenance data, transparent audits with strong attribution, correct and consistent records, ability to meet notions of "meaningful use" and extensible to support future data types and technologies. The HealthWave project extends current research on secure data models for electronic medical records, to the secure protocols used to manage those records: developing novel extensions for existing XML-based EMR standards, extending federation protocols to those models, and extending our earlier work on attribute-based encryption (ABE) in a medical context. We will leverage the existing synchronization capabilities of the Apache Wave protocol to develop novel, attribute-based cryptographic techniques to support strong attribution, provide an unforgettable audit train of modification, securely collect provenance data, provide fine-grained data protection and access control, and provide a consistent view of a patient's federated medical record. Our previous experience in building secure, regulatory complaint systems, indicate that these are ambitious goals, and cannot simply be achieved by applying known cryptographic schemes to exiting EMR standards or federation protocols. This work will require modifying and implementing cryptographic constructs that, to date, have largely been theoretical. It will also likely require inventing new ones when necessary, so that these solutions can be used in a real system. Protocols and data formats will need to be improved to support the metadata and cryptographic material necessary to facilitate the confidentiality, integrity and provenance we require. |
Keywords | Electronic Medical Record Security |
Publications | Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal |
Data | Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal |