{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,16]],"date-time":"2026-03-16T17:46:57Z","timestamp":1773683217173,"version":"3.50.1"},"reference-count":44,"publisher":"Wiley","issue":"6","license":[{"start":{"date-parts":[[2013,6,21]],"date-time":"2013-06-21T00:00:00Z","timestamp":1371772800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/http\/onlinelibrary.wiley.com\/termsAndConditions#vor"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security Comm Networks"],"published-print":{"date-parts":[[2014,6]]},"abstract":"<jats:title>ABSTRACT<\/jats:title><jats:p>Security and privacy are widely recognized as important requirements for access and management of electronic health record (EHR) data. In this paper, we argue that EHR data need to be managed with customizable access control in both spatial and temporal dimensions. We present a role\u2010based and time\u2010bound access control (RBTBAC) model that provides more flexibility in both roles (spatial capability) and time (temporal capability) dimensions to control the access of sensitive data. Through algorithmic combination of role\u2010based access control and time\u2010bound key management, our RBTBAC model has two salient features. First, we have developed a privacy\u2010aware and dynamic key structure for role\u2010based privacy aware access and management of EHR data, focusing on the consistency of access authorization (including data and time interval) with the activated role of user. In addition to role\u2010based access, a path\u2010invisible EHR structure is built for preserving privacy of patients. Second, we have employed a time tree method for generating time granule values, offering fine granularity of time\u2010bound access authorization and control. Our initial experimental results show that tree\u2010like time structure can improve the performance of the key management scheme significantly, and RBTBAC model is more suitable than existing solutions for EHR data management because it offers high\u2010efficiency and better security and privacy. Copyright \u00a9 2013 John Wiley &amp; Sons, Ltd.<\/jats:p>","DOI":"10.1002\/sec.817","type":"journal-article","created":{"date-parts":[[2013,6,21]],"date-time":"2013-06-21T17:07:16Z","timestamp":1371834436000},"page":"994-1015","source":"Crossref","is-referenced-by-count":42,"title":["Role\u2010based and time\u2010bound access and management of EHR data"],"prefix":"10.1002","volume":"7","author":[{"given":"Rui","family":"Zhang","sequence":"first","affiliation":[{"name":"State Key Laboratory of Information Security, Institute of Information Engineering Chinese Academy of Sciences  Beijing China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ling","family":"Liu","sequence":"additional","affiliation":[{"name":"College of Computing Georgia Institute of Technology  Atlanta GA U.S.A."}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rui","family":"Xue","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Information Security, Institute of Information Engineering Chinese Academy of Sciences  Beijing China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"311","published-online":{"date-parts":[[2013,6,21]]},"reference":[{"key":"e_1_2_11_2_1","unstructured":"Electronic health record. Available at:https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/http\/en.wikipedia.org\/wiki\/Electronic\u2010health\u2010record[accessed at 21\/10\/2010.]"},{"key":"e_1_2_11_3_1","unstructured":"Health insurance portability and accountability act (HIPAA) (August 211996). (Accessed October 2011)."},{"key":"e_1_2_11_4_1","unstructured":"Health information technology for economic and clinical health (HITECH) act title xiii of division a and title iv of division b of the american recovery and reinvestment act of 2009 (arra) 2009. (Accessed November 2011)."},{"key":"e_1_2_11_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/CLOUD.2010.62"},{"key":"e_1_2_11_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2002.994695"},{"key":"e_1_2_11_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/69.979981"},{"key":"e_1_2_11_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2004.59"},{"key":"e_1_2_11_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0920-5489(03)00073-4"},{"key":"e_1_2_11_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1099554.1099629"},{"key":"e_1_2_11_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2006.15"},{"key":"e_1_2_11_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2007.70241"},{"issue":"2","key":"e_1_2_11_13_1","first-page":"3241","article-title":"A pratical time bound hierarchical key scheme","volume":"5","author":"Liu JQ","year":"2009","journal-title":"International Journal of Innovative Computing, Information and Control"},{"key":"e_1_2_11_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2003.1209023"},{"key":"e_1_2_11_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSN.2009.51"},{"key":"e_1_2_11_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.485845"},{"key":"e_1_2_11_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/300830.300832"},{"key":"e_1_2_11_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/344287.344301"},{"key":"e_1_2_11_19_1","volume-title":"Introduction to Modern Cryptography","author":"Katz J","year":"2008"},{"key":"e_1_2_11_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2005.152"},{"key":"e_1_2_11_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2009.15"},{"key":"e_1_2_11_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/APSCC.2008.167"},{"key":"e_1_2_11_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2012.61"},{"key":"e_1_2_11_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.485845"},{"key":"e_1_2_11_25_1","unstructured":"ChadwickDW MundyD.Policy based electronic transmission of prescriptions Proceedings of the POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks 2003 Lake Como Italy 2003;197\u2013206."},{"key":"e_1_2_11_26_1","doi-asserted-by":"publisher","DOI":"10.1049\/ip-sen:20045038"},{"key":"e_1_2_11_27_1","unstructured":"BeckerMY SewellP.Cassandra: flexible trust management applied to electronic health records Proceedings of the 17th IEEE Computer Security Foundations Workshop 2004 Pacific Grove CA 2004;139\u2013154."},{"key":"e_1_2_11_28_1","first-page":"340","article-title":"Access control model for sharing composite electronic health records","author":"Jin J","year":"2008","journal-title":"CollaborateCom"},{"key":"e_1_2_11_29_1","unstructured":"(SAIC)SAIC.Role\u2010based access control (RBAC) role engineering process version 3.0 2004."},{"key":"e_1_2_11_30_1","unstructured":"MohanA BauerD BloughDM AhamadM KrishnanR LiuL MashimaD PalanisamyB.A patient\u2010centric attribute\u2010based source\u2010verifiable framework for health record sharing 2009."},{"key":"e_1_2_11_31_1","unstructured":"Medvault: Ensuring security and privacy for medical data. Available at:https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/http\/medvault.gtisc.gatech.edu\/. (Accessed November 2009)."},{"key":"e_1_2_11_32_1","unstructured":"HagnerM.Security infrastructure and national patent summary 2007."},{"key":"e_1_2_11_33_1","unstructured":"Extensible access control markup language (XACML) version 2.0 February 12005."},{"key":"e_1_2_11_34_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10916-009-9279-4"},{"key":"e_1_2_11_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/357369.357372"},{"key":"e_1_2_11_36_1","doi-asserted-by":"publisher","DOI":"10.1016\/0020-0190(88)90099-3"},{"key":"e_1_2_11_37_1","series-title":"VLDB \u201907","first-page":"123","volume-title":"Proceedings of the 33rd International Conference on Very Large Data Bases","author":"di Vimercati SDC","year":"2007"},{"key":"e_1_2_11_38_1","unstructured":"RivestRL FuK FuKE.Group sharing and random access in cryptographic storage file systems.Technical Report Masters thesis MIT 1999."},{"key":"e_1_2_11_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/775412.775432"},{"key":"e_1_2_11_40_1","doi-asserted-by":"publisher","DOI":"10.1504\/IJICS.2008.022489"},{"key":"e_1_2_11_41_1","doi-asserted-by":"crossref","unstructured":"SinghA LiuLing.Sharoes: A data sharing platform for outsourced enterprise storage environments IEEE 24th International Conference on Data Engineering 2008. ICDE 2008 Cancun Mexico 2008;993\u20131002.","DOI":"10.1109\/ICDE.2008.4497508"},{"key":"e_1_2_11_42_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2005.07.002"},{"key":"e_1_2_11_43_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.csi.2004.07.001"},{"key":"e_1_2_11_44_1","first-page":"1684","volume-title":"CCS \u201906: Proceedings of the 13th ACM Conference on Computer and Communications Security","author":"Ateniese G","year":"2006"},{"key":"e_1_2_11_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1266840.1266861"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/api.wiley.com\/onlinelibrary\/tdm\/v1\/articles\/10.1002%2Fsec.817","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/api.wiley.com\/onlinelibrary\/tdm\/v1\/articles\/10.1002%2Fsec.817","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/onlinelibrary.wiley.com\/doi\/pdf\/10.1002\/sec.817","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,10,4]],"date-time":"2023-10-04T22:15:54Z","timestamp":1696457754000},"score":1,"resource":{"primary":{"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/onlinelibrary.wiley.com\/doi\/10.1002\/sec.817"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,6,21]]},"references-count":44,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2014,6]]}},"alternative-id":["10.1002\/sec.817"],"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/doi.org\/10.1002\/sec.817","archive":["Portico"],"relation":{},"ISSN":["1939-0114","1939-0122"],"issn-type":[{"value":"1939-0114","type":"print"},{"value":"1939-0122","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013,6,21]]}}}