Next Article in Journal
Using LS-SVM Based Motion Recognition for Smartphone Indoor Wireless Positioning
Next Article in Special Issue
Mobile, Collaborative Situated Knowledge Creation for Urban Planning
Previous Article in Journal
Self-Learning Variable Structure Control for a Class of Sensor-Actuator Systems
Previous Article in Special Issue
Detection of (In)activity Periods in Human Body Motion Using Inertial Sensors: A Comparative Study
Article Menu

Export Article

Open AccessArticle
Sensors 2012, 12(5), 6129-6154; doi:10.3390/s120506129

An Event Driven Hybrid Identity Management Approach to Privacy Enhanced e-Health

Department of Telematic Engineering, Carlos III University of Madrid, Avda. Universidad 30, 28911, Leganes, Madrid, Spain
*
Author to whom correspondence should be addressed.
Received: 20 March 2012 / Revised: 27 April 2012 / Accepted: 29 April 2012 / Published: 10 May 2012
View Full-Text   |   Download PDF [3235 KB, uploaded 21 June 2014]   |  

Abstract

Credential-based authorization offers interesting advantages for ubiquitous scenarios involving limited devices such as sensors and personal mobile equipment: the verification can be done locally; it offers a more reduced computational cost than its competitors for issuing, storing, and verification; and it naturally supports rights delegation. The main drawback is the revocation of rights. Revocation requires handling potentially large revocation lists, or using protocols to check the revocation status, bringing extra communication costs not acceptable for sensors and other limited devices. Moreover, the effective revocation consent—considered as a privacy rule in sensitive scenarios—has not been fully addressed.This paper proposes an event-based mechanism empowering a new concept, the sleepyhead credentials, which allows to substitute time constraints and explicit revocation by activating and deactivating authorization rights according to events. Our approach is to integrate this concept in IdM systems in a hybrid model supporting delegation, which can be an interesting alternative for scenarios where revocation of consent and user privacy are critical. The delegation includes a SAML compliant protocol, which we have validated through a proof-of-concept implementation. This article also explains the mathematical model describing the event-based model and offers estimations of the overhead introduced by the system. The paper focus on health care scenarios, where we show the flexibility of the proposed event-based user consent revocation mechanism. View Full-Text
Keywords: identity management; privacy; user-centric; federation; revocation consent; delegation; health care; event; theory queue identity management; privacy; user-centric; federation; revocation consent; delegation; health care; event; theory queue
Figures

This is an open access article distributed under the Creative Commons Attribution License (CC BY 3.0).

Scifeed alert for new publications

Never miss any articles matching your research from any publisher
  • Get alerts for new papers matching your research
  • Find out the new papers from selected authors
  • Updated daily for 49'000+ journals and 6000+ publishers
  • Define your Scifeed now

SciFeed Share & Cite This Article

MDPI and ACS Style

Sánchez-Guerrero, R.; Almenárez, F.; Díaz-Sánchez, D.; Marín, A.; Arias, P.; Sanvido, F. An Event Driven Hybrid Identity Management Approach to Privacy Enhanced e-Health. Sensors 2012, 12, 6129-6154.

Show more citation formats Show less citations formats

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Sensors EISSN 1424-8220 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top