Gå til hovedinnhold
0
Jump to main content

Attribute Based Cryptographic Enforcements for Security and Privacy in E-health Environments

Harsha Sandaruwan Gardiyawasam Pussewalage is defending his PhD-thesis “Attribute Based Cryptographic Enforcements for Security and Privacy in E-health environments” Thursday 2 May 2019. (Photo: Private)

In relation to the above stated scenarios, our objective is to propose efficient attribute based cryptographic constructions that enable access anonymization and controlled access delegatability.

Harsha Sandaruwan Gardiyawasam Pussewalage

PhD-Candidate

In his doctoral thesis “Attribute Based Cryptographic Enforcements for Security and Privacy in E-health environments" Harsha Sandaruwan Gardiyawasam Pussewalage has been studying how electronic healthcare technology can be used efficiently by health personell without losing patients privacy.

Harsha Sandaruwan Gardiyawasam Pussewalage has followed the PhD-programme at the Faculty of Engineering and Science with specialisation in ICT.

Summary of the thesis by Harsha Sandaruwan Gardiyawasam Pussewalage:

Attribute Based Cryptographic Enforcements for Security and Privacy in E-health Environments

In the last few decades, there have been significant efforts in integrating information and communication technologies into healthcare practices.

This new paradigm commonly known as electronic healthcare (e-health) allows provisioning of healthcare services at an affordable price to its consumers while enabling a platform for efficient inter-domain health information exchange.

Sensitive information

Although such benefits exist, given that health information of patients contain a lot of sensitive information, secure sharing of patient records is of utmost importance to ensure the privacy of the patients. In addition, the linkability of different user access sessions over patient health information could also lead to the violation of patient privacy as well as the privacy of the accessing user.

Furthermore, to strengthen the access flexibility in collaborative e-health environments, access delegation plays a vital role. However, access delegation has to be enforced in a controlled manner, and it is a research area that has not received significant attention.

Two scenarios are examined

In this dissertation, we considered two application scenarios that resemble a collaborative

e-health environment.

In the first scenario, the health information of patients are stored under the control of a local healthcare provider (LHP), and we require the health information to be shared with the healthcare professionals of LHP as well as users from other domains in a flexible and a privacy preserving manner.

In the second scenario, we considered the case where health information of patients are stored in a third-party cloud platform which brings the challenge of enforcing flexible and privacy preserving access over the encrypted data.

Proposes cryptographic constructions

In relation to the above stated scenarios, our objective is to propose efficient attribute based cryptographic constructions that enable access anonymization and controlled access delegatability.

To achieve this objective, in this dissertation, we propose seven attribute based cryptographic constructions which not only enable the aforementioned characteristics but also ensure secure, privacy preserving and flexible access to the stored health information of patients.

Disputation facts:

The Candidate: Harsha Sandaruwan Gardiyawasam Pussewalage was born in Galle, Sri Lanka in 1986. He received his B.Sc. (Engineering) degree from the Faculty of Engineering, University of Ruhuna, Sri Lanka, in 2010 and his M.Sc. degree in Information and Communication Technology (ICT) from the University of Agder (UiA), Norway in 2013. His Ph.D. study was performed at the Department of ICT, UiA from Aug. 2015 to Dec. 2018. He also worked as a lecturer in the Department of Electrical and Information Engineering, University of Ruhuna from Dec. 2010 to Aug. 2011 and Jul. 2013 to Mar. 2014. His current research interest covers various areas related to information security, including attribute based access control, privacy preserving protocols, blockchain technology and bio-cryptography.

The trial lecture and the public defense will take place at Room C2 040, Campus Grimstad Thursday 2 May 2019. Associate Professor Morgan Konnestad, Department of Information and Communication Technology, will chair the disputation.

Trial lecture at 10:15 a.m.

Dissertation at 12:15 p.m.

Given topic for trial lecture"Cryptographic improvements in TLS 1.3 over 1.2: Whys and hows"

Thesis title“Attribute Based Cryptographic Enforcements for Security and Privacy in E-health environments”

Search for the thesis in AURA - Agder University Research Archive, a digital archive of scientific papers, theses and dissertations from the academic staff and students at the University of Agder. The thesis will also be available at the University Library, and some copies will also be available for loan at the auditorium where the disputation takes place.

Opponents:

First opponent: Professor James B. D. Joshi, School of Computing and Information, University of Pittsburgh

Second opponent: Professor Øyvind Ytrehus, Department of Informatics, University of Bergen

Professor Ole-Christoffer Granmo, Department of ICT, UiA is appointed as the administrator for the assessment commitee.

Supervisors were Professor Vladimir Oleshchuk, UiA (main supervisor) and Professor Geir Myrdahl Køien (supervisor)