| dc.description.abstract | Mobile health records are a good way of providing users with on-demand access to health care
data. Standard approaches of securing health records include role-based access control
(RBAC) because this is a flexible approach to assign permissions to a wide variety of users.
However, traditional RBAC models are not designed to enforce fine-grained access control.
For instance, in mobile health record systems, it is difficult to configure a policy that permits a
patient to selectively share his/her personal records with healthcare workers. Therefore,
defining policies that express application-level security requirements with respect to mobile
records is challenging. In this paper, we present an RBAC inspired framework that provides
fine-grained encryption for mobile health records where patient records have different access
control policies. Our proposed framework ensures that the data can be made available securely
offline. This approach can leverage systems where information needs to be shared securely
under constraints of energy and/or Internet coverage. | en_US |
