{"id":"https://openalex.org/W2166707323","doi":"https://doi.org/10.1145/2557547.2557576","title":"Privacy-preserving audit for broker-based health information exchange","display_name":"Privacy-preserving audit for broker-based health information exchange","publication_year":2014,"publication_date":"2014-02-25","ids":{"openalex":"https://openalex.org/W2166707323","doi":"https://doi.org/10.1145/2557547.2557576","mag":"2166707323"},"language":"en","primary_location":{"id":"doi:10.1145/2557547.2557576","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2557547.2557576","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 4th ACM conference on Data and application security and privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5014205621","display_name":"Se Eun Oh","orcid":"https://orcid.org/0009-0000-7100-4613"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Se Eun Oh","raw_affiliation_strings":["University of Illinois at Urbana-Champaign, Urbana, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign, Urbana, USA","institution_ids":["https://openalex.org/I157725225"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5028648835","display_name":"Ji Young Chun","orcid":"https://orcid.org/0000-0002-5329-8918"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ji Young Chun","raw_affiliation_strings":["University of Illinois at Urbana-Champaign, Urbana, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign, Urbana, USA","institution_ids":["https://openalex.org/I157725225"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087946116","display_name":"Limin Jia","orcid":"https://orcid.org/0000-0002-8160-349X"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Limin Jia","raw_affiliation_strings":["Carnegie Mellon University, Pittsburgh, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, Pittsburgh, USA","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026719321","display_name":"Deepak Garg","orcid":"https://orcid.org/0000-0002-0888-3093"},"institutions":[{"id":"https://openalex.org/I4210121786","display_name":"Max Planck Institute for Software Systems","ror":"https://ror.org/02pe2kf23","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210121786"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Deepak Garg","raw_affiliation_strings":["Max Planck Institute for Software Systems, Kaiserslautern and Saarbr\u00fccken, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Max Planck Institute for Software Systems, Kaiserslautern and Saarbr\u00fccken, Germany","institution_ids":["https://openalex.org/I4210121786"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031954035","display_name":"Carl A. Gunter","orcid":"https://orcid.org/0009-0006-6943-0684"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Carl A. Gunter","raw_affiliation_strings":["University of Illinois at Urbana-Champaign, Urbana, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign, Urbana, USA","institution_ids":["https://openalex.org/I157725225"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111177928","display_name":"Anupam Datta","orcid":"https://orcid.org/0000-0001-9520-5196"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Anupam Datta","raw_affiliation_strings":["Carnegie Mellon University, Pittsburgh, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, Pittsburgh, USA","institution_ids":["https://openalex.org/I74973139"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5014205621"],"corresponding_institution_ids":["https://openalex.org/I157725225"],"apc_list":null,"apc_paid":null,"fwci":3.2798,"has_fulltext":false,"cited_by_count":9,"citation_normalized_percentile":{"value":0.93438074,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"313","last_page":"320"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.8280472755432129},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6096633076667786},{"id":"https://openalex.org/keywords/health-information-exchange","display_name":"Health information exchange","score":0.5701780319213867},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5607678294181824},{"id":"https://openalex.org/keywords/audit-trail","display_name":"Audit trail","score":0.5217410326004028},{"id":"https://openalex.org/keywords/information-security-audit","display_name":"Information security audit","score":0.508021354675293},{"id":"https://openalex.org/keywords/information-sharing","display_name":"Information sharing","score":0.4905199408531189},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.4889873266220093},{"id":"https://openalex.org/keywords/information-exchange","display_name":"Information exchange","score":0.48027634620666504},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.4575575590133667},{"id":"https://openalex.org/keywords/data-exchange","display_name":"Data exchange","score":0.42439407110214233},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.3216293752193451},{"id":"https://openalex.org/keywords/health-information","display_name":"Health information","score":0.2749490737915039},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.25260671973228455},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.24249666929244995},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.23682844638824463},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.22272175550460815},{"id":"https://openalex.org/keywords/health-care","display_name":"Health care","score":0.13129422068595886}],"concepts":[{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.8280472755432129},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6096633076667786},{"id":"https://openalex.org/C2778759051","wikidata":"https://www.wikidata.org/wiki/Q5691085","display_name":"Health information exchange","level":4,"score":0.5701780319213867},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5607678294181824},{"id":"https://openalex.org/C80958533","wikidata":"https://www.wikidata.org/wiki/Q1047174","display_name":"Audit trail","level":3,"score":0.5217410326004028},{"id":"https://openalex.org/C39358052","wikidata":"https://www.wikidata.org/wiki/Q2578632","display_name":"Information security audit","level":5,"score":0.508021354675293},{"id":"https://openalex.org/C2776854237","wikidata":"https://www.wikidata.org/wiki/Q6031064","display_name":"Information sharing","level":2,"score":0.4905199408531189},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.4889873266220093},{"id":"https://openalex.org/C189693848","wikidata":"https://www.wikidata.org/wiki/Q6031064","display_name":"Information exchange","level":2,"score":0.48027634620666504},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.4575575590133667},{"id":"https://openalex.org/C15845906","wikidata":"https://www.wikidata.org/wiki/Q1172338","display_name":"Data exchange","level":2,"score":0.42439407110214233},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.3216293752193451},{"id":"https://openalex.org/C2982795734","wikidata":"https://www.wikidata.org/wiki/Q870895","display_name":"Health information","level":3,"score":0.2749490737915039},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.25260671973228455},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.24249666929244995},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.23682844638824463},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.22272175550460815},{"id":"https://openalex.org/C160735492","wikidata":"https://www.wikidata.org/wiki/Q31207","display_name":"Health care","level":2,"score":0.13129422068595886},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C50522688","wikidata":"https://www.wikidata.org/wiki/Q189833","display_name":"Economic growth","level":1,"score":0.0},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.0},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.0},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/2557547.2557576","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2557547.2557576","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 4th ACM conference on Data and application security and privacy","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.646.5067","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.646.5067","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://seclab.illinois.edu/wp-content/uploads/2014/02/spy106-ohA.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.677.7509","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.677.7509","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.mpi-sws.org/%7Edg/papers/codaspy2014.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W8287904","https://openalex.org/W1483177297","https://openalex.org/W1517435425","https://openalex.org/W1581671536","https://openalex.org/W1583184426","https://openalex.org/W1591941310","https://openalex.org/W1663548395","https://openalex.org/W1825341937","https://openalex.org/W1987593503","https://openalex.org/W2016056743","https://openalex.org/W2022953760","https://openalex.org/W2031188261","https://openalex.org/W2049452590","https://openalex.org/W2096063762","https://openalex.org/W2101994403","https://openalex.org/W2115345989","https://openalex.org/W2116556172","https://openalex.org/W2120269359","https://openalex.org/W2138018104","https://openalex.org/W2153385696","https://openalex.org/W2560678000","https://openalex.org/W6600354236"],"related_works":["https://openalex.org/W2805708434","https://openalex.org/W1976038767","https://openalex.org/W2126034072","https://openalex.org/W1833893427","https://openalex.org/W4205201754","https://openalex.org/W4226054113","https://openalex.org/W2068402150","https://openalex.org/W2942211944","https://openalex.org/W1863969272","https://openalex.org/W61666660"],"abstract_inverted_index":{"Developments":[0],"in":[1,58,65,102,110,143],"health":[2],"information":[3,41,64,108],"technology":[4],"have":[5],"encouraged":[6],"the":[7,20,30,38,66,92,107,129,167],"establishment":[8],"of":[9,22,40,48,81,91,131,140,160],"distributed":[10],"systems":[11],"known":[12],"as":[13],"Health":[14],"Information":[15],"Exchanges":[16],"(HIEs)":[17],"to":[18,36,73,79,136],"enable":[19],"sharing":[21],"patient":[23,51],"records":[24],"between":[25,148],"institutions.":[26],"In":[27,85],"many":[28],"cases,":[29],"parties":[31],"running":[32],"these":[33,75],"exchanges":[34,76],"wish":[35],"limit":[37],"amount":[39],"they":[42],"are":[43],"responsible":[44],"for":[45,98,117,126,163],"holding":[46],"because":[47],"sensitivities":[49],"about":[50],"information.":[52],"Hence,":[53],"there":[54],"is":[55,71,121],"an":[56,158],"interest":[57],"broker-based":[59,100],"HIEs":[60,101,165],"that":[61,105],"keep":[62],"limited":[63],"exchange":[67],"repositories.":[68],"However,":[69],"it":[70],"essential":[72],"audit":[74,111,127],"carefully":[77],"due":[78],"risks":[80],"inappropriate":[82],"data":[83,141],"sharing.":[84],"this":[86],"paper,":[87],"we":[88],"consider":[89],"some":[90],"requirements":[93],"and":[94,113,128,145,150,170],"present":[95],"a":[96,103,146,161],"design":[97],"auditing":[99,164],"way":[104],"controls":[106],"available":[109],"logs":[112],"regulates":[114],"their":[115],"release":[116,139],"investigations.":[118],"Our":[119],"approach":[120],"based":[122],"on":[123],"formal":[124],"rules":[125],"use":[130],"Hierarchical":[132],"Identity-Based":[133],"Encryption":[134],"(HIBE)":[135],"support":[137],"staged":[138],"needed":[142],"audits":[144],"balance":[147],"automated":[149],"manual":[151],"reviews.":[152],"We":[153],"test":[154],"our":[155],"methodology":[156],"via":[157],"extension":[159],"standard":[162],"called":[166],"Audit":[168],"Trail":[169],"Node":[171],"Authentication":[172],"Profile":[173],"(ATNA)":[174],"protocol.":[175]},"counts_by_year":[{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":2}],"updated_date":"2026-04-29T09:16:38.111599","created_date":"2025-10-10T00:00:00"}