Blockchain-Enabled Next Generation Access Control

dc.contributor.authorDong, Yibinen
dc.contributor.authorMun, Seong K.en
dc.contributor.authorWang, Yueen
dc.description.abstractIn the past two decades, longitudinal personal health record (LPHR) adoption rate has been low in the United States. Patients’ privacy and security concerns was the primary negative factor impacting LPHR adoption. Patients desire to control the privacy of their own LPHR in multiple information systems at various facilities. However, little is known how to model and construct a scalable and interoperable LPHR with patient-controlled privacy and confidentiality that preserves patients’ health information integrity and availability. Understanding this problem and proposing a practical solution are considered important to increase LPHR adoption rate and improve the efficiency as well as the quality of care. Even though having the state-of-the-art encryption methodologies being applied to patients’ data, without a set of secure access control policies being implemented, LPHR patient data privacy is not guaranteed due to insider threats. We proposed a definition of “secure LPHR” and argued LPHR is secure when the security and privacy requirements are fulfilled through adopting an access control security model. In searching for an access control model, we enhanced the National Institute of Standards and Technology (NIST) next generation access control (NGAC) model by replacing the centralized access control policy database with a permissioned blockchain peer-to-peer database, which not only eases the race condition in NGAC, but also provides patient-managed access control policy update capability. We proposed a novel blockchain-enabled next generation access control (BeNGAC) model to protect security and privacy of LPHR. We sketched BeNGAC and LPHR architectures and identified limitations of the design.en
dc.description.versionPublished versionen
dc.format.extentPages 319-328en
dc.identifier.orcidMun, Seong [0000-0001-9661-7918]en
dc.identifier.orcidWang, Yue [0000-0002-1788-1102]en
dc.identifier.volume320 LNNSen
dc.rightsIn Copyrighten
dc.titleBlockchain-Enabled Next Generation Access Controlen
dc.title.serialLecture Notes in Networks and Systemsen
dc.typeConference proceedingen
dc.type.otherConference Proceedingen
pubs.organisational-group/Virginia Techen
pubs.organisational-group/Virginia Tech/Scienceen
pubs.organisational-group/Virginia Tech/Science/Physicsen
pubs.organisational-group/Virginia Tech/Engineeringen
pubs.organisational-group/Virginia Tech/Engineering/Electrical and Computer Engineeringen
pubs.organisational-group/Virginia Tech/Faculty of Health Sciencesen
pubs.organisational-group/Virginia Tech/All T&R Facultyen
pubs.organisational-group/Virginia Tech/Engineering/COE T&R Facultyen
pubs.organisational-group/Virginia Tech/Science/COS T&R Facultyen


Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
396.8 KB
Adobe Portable Document Format
Published version