MS Computer Science, May 2018
Maithilee Joshi was associated with the KnACC lab from 2016-2018. Maithilee worked on the Oblivious Cloud – Secure Cloud Storage and Access project that was funded by ONR.
She is currently working at Amazon.
Maithilee successfully defended her Master’s thesis in May 2018.
Thesis Title: Attribute-Based Schemes for Secure Access To Cloud-based EHR Systems
Thesis Abstract: Medical organizations find it challenging to adopt cloud-based electronic medical records services, due to the risk of data breaches and the resulting compromise of patient data. Existing authorization models follow a patient-centric approach for EHR management where the responsibility of authorizing data access is handled at the patients’ end. This, however, creates significant overhead for the patient who has to authorize every access to their health record. This is not practical given the multiple personnel involved in providing care and that at times the patient may not be in a state to provide this authorization. Hence there is a need for developing a proper authorization delegation mechanism for safe, secure and easy cloud-based EHR management.
This thesis presents a novel, centralized, attribute-based authorization mechanism that uses Attribute-Based Encryption (ABE) and allows for delegated secure access to patient records. This mechanism transfers the service management overhead from the patient to the medical organization and allows easy delegation of cloud-based EHR’s access authority to the care providers.
Publications
- Maithilee P. Joshi, Karuna P. Joshi, and Tim Finin, “Delegated Authorization Framework for EHR Services using Attribute Based Encryption“, IEEE Transactions on Services Computing, doi: 10.1109/TSC.2019.2917438, 2019.
- Maithilee P Joshi, Karuna Pande Joshi, and Tim Finin, “Attribute Based Encryption for Secure Access to Cloud Based EHR Systems”, Proceedings of the IEEE International Conference on Cloud Computing (CLOUD), July 2018.
- Maithilee P Joshi, Sudip Mittal, Karuna Pande Joshi, and Tim Finin, “Semantically Rich, Oblivious Access Control Using ABAC for Secure Cloud Storage”, Proceedings of the First IEEE International Conference on Edge Computing, June 2017.