Research Output

Sticky-Policy enabled authenticated OOXML for Health Care

  This paper proposes a secure medical document sharing construction, which addresses confidentiality and authenticity concerns related to cloud-based data protection issues. The paper extends the popular Office Open XML (OOXML) document format with eXtensible Access Control Mark-up Language (XACML) data which is defined with a sticky-policy and is carried by the document package to enforce data owner access preferences in untrusted networks. Furthermore, it uses Identity Based Encryption (IBE) and Authenticated IBE, which are two next generation public key cryptographic techniques to guarantee data security. The defined model amends the original IBE construction properties and uses an XACML policy as a public key. With this the authenticated encryption, with associated data concept applied to the model, ensures the protection of sensitive data. Shared data is thus encrypted and signed, while the public key (i.e. sticky-policy) is attached to encrypted data remains in plain text format.

  • Date:

    07 October 2015

  • Publication Status:


  • Publisher

    BCS Health Informatics

  • DOI:


  • Library of Congress:

    QA76 Computer software

  • Dewey Decimal Classification:

    005.8 Data security


Spyra, G., Buchanan, W. J., & Ekonomou, E. (2015). Sticky-Policy enabled authenticated OOXML for Health Care. In Proceedings of BCS Health Informatics Scotland 2015 Conferencedoi:10.14236/ewic/HIS2015.3



Cybersecurity; health information systems; business management;

Monthly Views:

Available Documents