PAX: Using Pseudonymization and Anonymization to Protect Patients’ Identities and Data in the Healthcare System

. 2019 Apr 27;16(9):1490. doi: 10.3390/ijerph16091490

$C_{i}$	Client entity
$C S$ , $A S$ , $D S$	Central server, Attributes server and Data server
$M S$	Master secret/Master signature
$S S$	One secret sharing
$S_{I D}$ , $O_{I D}$	Subject ID, Object ID
$S_{R}$ , $O_{R}$	Subject role, Object role
$U R_{i}$	User’s role (patient, patient relative or provider)
$C N_{i}$	Client’s number
$R N_{i}$	Role’s number
$U N_{i}$	User’s number
$S P$ , $O P$	Subject ’s pseudonym and Object ’s pseudonym
$S_{s p}$ , $S_{o p}$	Signature of $S P$ and Signature of $O P$
$R N_{s p}$ , $U N_{s p}$	$R N_{i}$ , $U N_{i}$ for $S P$
$R N_{o p}$ , $U N_{o p}$	$R N_{i}$ , $U N_{i}$ for $O P$
N, $S N$	Random nonces and random secret nonce
$T S$	Timestamp
$C_{i} S_{j}$	Signature generated by $C_{i}$ and j is signature number
$C S S_{j}$	Signature generated by $C S$
$A S S_{j}$	Signature generated by $A S$
$D S S_{j}$	Signature generated by $D S$
\|\|, ⊕, $t m$	Concatenation operation, Exclusive or operation and Temporary