Sciweavers

ESORICS
2012
Springer

Formal Analysis of Privacy in an eHealth Protocol

12 years 2 months ago
Formal Analysis of Privacy in an eHealth Protocol
Given the sensitive nature of health data, privacy of eHealth systems is of prime importance. An eHealth system must enforce that users remain private, even if they are bribed or coerced to reveal themselves or others. Consider e.g. a pharmaceutical company that bribes a pharmacist to reveal information which breaks a doctor’s privacy. In this paper, we first identify and formalise several new but important privacy notions on enforcing doctor privacy. Then we analyse privacy of a complicated and practical eHealth protocol (DLVV08). Our analysis shows to what extent these new properties as well as properties such as anonymity and untraceability are satisfied by the protocol. Finally, we address the found ambiguities which result in privacy flaws, and propose suggestions for fixing them.
Naipeng Dong, Hugo Jonker, Jun Pang
Added 29 Sep 2012
Updated 29 Sep 2012
Type Journal
Year 2012
Where ESORICS
Authors Naipeng Dong, Hugo Jonker, Jun Pang
Comments (0)