Xu, Liangyu: Pseudonymization and its Application to Cloud-based eHealth Systems. - Bonn, 2017. - Dissertation, Rheinische Friedrich-Wilhelms-Universität Bonn.
Online-Ausgabe in bonndoc: https://nbn-resolving.org/urn:nbn:de:hbz:5n-47084
urn: https://nbn-resolving.org/urn:nbn:de:hbz:5n-47084,
author = {{Liangyu Xu}},
title = {Pseudonymization and its Application to Cloud-based eHealth Systems},
school = {Rheinische Friedrich-Wilhelms-Universität Bonn},
year = 2017,
month = may,

note = {Responding to the security and privacy issues of information systems, we propose a novel pseudonym solution. This pseudonym solution has provable security to protect the identities of users by employing user-generated pseudonyms. It also provides an encryption scheme to protect the security of the users’ data stored in the public network. Moreover, the pseudonym solution also provides the authentication of pseudonyms without disclosing the users’ identity information. Thus the dependences on powerful trusted third parties and on the trustworthiness of system administrators may be appreciably alleviated.
Electronic healthcare systems (eHealth systems), as one kind of everyday information system, with the ability to store and share patients’ health data efficiently, have to manage in-formation of an extremely personal nature. As a consequence of known cases of abuse and attacks, the security of the health data and the privacy of patients are a great concern for many people and thus becoming obstacles to the acceptance and spread of eHealth systems. In this thesis, we survey current eHealth systems in both research and practice, analyzing potential threats to the security and privacy. Cloud-based eHealth systems, in particular, enable applications with many new features in data storing and sharing. We analyze the new issues on security and privacy when cloud technology is introduced into eHealth systems.
We demonstrate that our proposed pseudonym solution can be successfully applied to cloud-based eHealth systems. Firstly, we utilize the pseudonym scheme and encryption scheme for storing and retrieving the electronic health records (EHR) in the cloud. The identities of patients and the confidentiality of EHR contents are provably guaranteed by advanced cryptographic algorithms. Secondly, we utilize the pseudonym solution to protect the privacy of patients from the health insurance companies. Only necessary information about patients is disclosed to the health insurance companies, without interrupting the cur-rent normal business processes of health insurance. At last, based on the pseudonym solution, we propose a new procedure for the secondary use of the health data. The new procedure protects the privacy of patients properly and enables patients’ full control and clear consent over their health data to be secondarily used.
A prototypical application of a cloud-based eHealth system implementing our proposed solution is presented in order to exhibit the practicability of the solution and to provide intuitive experiences. Some performance estimations of the proposed solution based on the implementation are also provided.},

url = {http://hdl.handle.net/20.500.11811/7178}

The following license files are associated with this item: