Dynamic access control model for privacy preserving personalized healthcare in cloud environment.

ACCESS control; MEDICAL care; MEDICAL databases; INFORMATION retrieval; STAKEHOLDERS; INFORMATION retrieval standards; INFORMATION storage & retrieval systems; INTERNET standards; MEDICAL records; MATHEMATICAL models; MEDICAL ethics; PRIVACY; THEORY; STANDARDS

When sharing and storing healthcare data in a cloud environment, access control is a central issue for preserving data privacy as a patient's personal health data may be accessed without permission from many stakeholders. Specifically, dynamic authorization for the access of data is required because personal health data is stored in cloud storage via wearable devices. Therefore, we propose a dynamic access control model for preserving the privacy of personal healthcare data in a cloud environment. The proposed model considers context information for dynamic access. According to the proposed model, access control can be dynamically determined by changing the context information; this means that even for a subject with the same role in the cloud, access permission is defined differently depending on the context information and access condition. Furthermore, we experiment the ability of the proposed model to provide correct responses by representing a dynamic access decision with real-life personalized healthcare system scenarios. [ABSTRACT FROM AUTHOR]

Copyright of Technology & Health Care is the property of IOS Press and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)