Creating Cryptographically Enforced Access Control for a Patient Health Record system

Antoine Gansel, August Karlsson, Remi Hendriks & Frank Nijeboer

Cryptographically Enforced Access Control

Why need it?

So there are enough reasons...

Requirements for the System

Actors

Dynamic Attributes

Reading Rights

Write-only Permissions

Actors

Patients

Hospitals

Health Clubs

Doctors, Insurance, Employers etc.

Actors

Dynamic Attributes

Reading Rights

Write-only Permissions

Dynamic Attributes

Patients can share with whomever they want

These other users are not necessarily known at the start

Actors

Dynamic Attributes

Reading Rights

Write-only Permissions

Reading Rights

Enforcing read access

Some are read-only

Actors

Dynamic Attributes

Reading Rights

Write-only Permissions

Some actors should only write to the system

How can we enforce write permissions?

Encryption Scheme

Like the Multi-Auth ABE schemes in the lectures

Except...

Attribute-set does not need to be defined during setup

The attribute-set can grow with this scheme

Why is this useful?

Nr. of doctors and patients not constant

We can now use UUIDs as attributes

Proposed Model

Global Authority

Local Authority

Client

Database

Global Authority

Generate global parameters

That's it :)

Global Authority

Local Authority

Client

Database

Local Authority

Creates keys for the clients

Decides what attributes the clients have

Global Authority

Local Authority

Client

Database

Client

Can be any party in the system

Has its own UUID

Can grant write access to the database for its own PHR

Global Authority

Local Authority

Client

Database

Contains encrypted data

Enforces write access

Encryption

Hybrid Approach

Message -> Symmetric Encryption

Symmetric Key -> Previously mentioned ABE Scheme

Our Solution

Programming Language

Code Layout

APIs

GUI

Programming Language

Python

Charm Crypto

Programming Language

Code Layout

APIs

GUI

Code Layout

└── sdm_assignment
   ├── data
   │   ├── models
   │   ├── repositories
   │   └── schemas
   ├── routers
   └── setup.py

├── sdm_assignment
│   ├── data
│   │   ├── models
│   │   ├── repositories
│   │   └── schemas
│   ├── routers
│   └── setup.py
├── client.py
├── data_server.py
├── local_auth.py
├── global_auth.py
└── setup_server.py

Creating Cryptographically Enforced Access Control for a Patient Health Record system

Cryptographically Enforced Access Control

Why need it?

So there are enough reasons...

Requirements for the System

Actors

Dynamic Attributes

Reading Rights

Write-only Permissions

Actors

Actors

Dynamic Attributes

Reading Rights

Write-only Permissions

Dynamic Attributes

Actors

Dynamic Attributes

Reading Rights

Write-only Permissions

Reading Rights

Actors

Dynamic Attributes

Reading Rights

Write-only Permissions

Write-only Permissions

Encryption Scheme

Like the Multi-Auth ABE schemes in the lectures

Except...

Why is this useful?

Proposed Model

Global Authority

Local Authority

Client

Database

Global Authority

Global Authority

Local Authority

Client

Database

Local Authority

Global Authority

Local Authority

Client

Database

Client

Global Authority

Local Authority

Client

Database

Database

Encryption

Encryption

Our Solution

Programming Language

Code Layout

APIs

GUI

Programming Language

Programming Language

Code Layout

APIs

GUI

Code Layout

Programming Language

Code Layout

APIs

GUI

APIs

Programming Language

Code Layout

APIs

GUI

GUI

Demo

Q&A