News

Student tutors for the course Data Modelling wanted (winter term 2021/22)


IT-Project Data Souvereignty in winter termin 2021/22


Business Intelligence: Washing Gold in Times of Information Overload


See all news.


Campusplan

campusplan_image

You can find us here.




PERiMETER - Pseudonymization and Personal Metadata Encryption for Privacy-preserving Searchable Documents

Authors: J. Heurix, M. Karlinger, T. Neubauer
Paper: Karl12a (2012)
Citation: Health Systems Journal, Vol. 1, Issue 1, pp. 46-57, Palgrave Macmillan Publ., S. Brailsford, P. Harper, C. LeRouge, F. Cobb Payton (eds.), ISSN 2047-6965, 2012.
Resources: Copy  (In order to obtain the copy please send an email with subject  Karl12a  to dke.win@jku.at)


Abstract:

The average costs of data leakage are steadily on the rise. Especially in healthcare, the disclosure of sensitive information may have unfavorable consequences for the patient. As a consequence, several data security and access control mechanisms have been introduced, ranging from data encryption to intrusion detection or role-based access control, doing a great work in protecting sensitive information. However, the majority of these concepts are centrally controlled by administrators who are a major threat to the patients’ privacy. Apart from administrators, other internal persons, such as hospital staff members, may exploit their access rights to snoop around in private health data. This work presents PERiMETER, a security protocol for data privacy that is strictly controlled by the data owner. It integrates pseudonymization and encryption to create a methodology that uses pseudonyms as access control mechanism, protects secret cryptographic keys by a layer-based security model, and provides privacy-preserving querying.