Collaborative and Secure Sharing of Healthcare Data in Multi-Clouds (original) (raw)
Related papers
Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients' control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semi-trusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multi-authority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability and efficiency of our proposed scheme.
Cloud Computing servers provides promising platform for storage of data. Sharing of personal medical records is an emerging patient centric model of health information exchange, which is often outsourced to store at third party, such as cloud providers. The confidentiality of the medical records is major problem when patients use commercial cloud servers to store their medical records because it can be view by everyone, to assure the patients' control over access to their own medical records; it is a promising method to encrypt the files before outsourcing and access control should be enforced though cryptography instead of role based access control. There are various other issues such as risks of privacy exposure, scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. To achieve fine grained and scalable data access control for medical records stored in semi trusted servers, we leverage attribute based encryption (ABE) techniques to encrypt each patient's medical record file. In this paper, we describe a new approach which enables secure storage and controlled sharing of patient's health data. We explore keypolicy attribute based encryption and multi-authority attribute based encryption to enforce patient access control policy such that everyone can download the data ,but only authorize user can view the medical records. This project also supports multiple owner scenarios and divides the users in the system into multiple security domains that greatly reduce the key management complexity for owners and users. A high degree of patient privacy is guaranteed by exploiting multi-authority ABE. In this paper we presents the detail design of modules and implementation Packages of the proposed framework.
HealthShare: Using Attribute-Based Encryption for Secure Data Sharing between Multiple Clouds
2017 IEEE 30th International Symposium on Computer-Based Medical Systems (CBMS), 2017
In this invited paper, we propose HealthSharea forward-looking approach for secure ehealth data sharing between multiple organizations that are hosting patients' data in different clouds. The proposed protocol is based on a Revocable Key-Policy Attribute-Based Encryption scheme and allows users to share encrypted health records based on a policy that has been defined by the data owner (i.e. patient, a member of the hospital, etc). Furthermore, access to a malicious or compromised user/organization can be easily revoked without the need to generate fresh encryption keys.
Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients' control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semi-trusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multi-authority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability and efficiency of our proposed scheme.
Personal health record (PHR) is often seen as a patient-centric model of health information exchange. However there has been privacy concerns when information is outsourced to be stored at a third party. Also when patient is given full control of his own PHR, he proves to be inefficient in maintaining the information. Yet, issues such as risks of privacy exposure, Scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. Thus, in this paper, we propose a novel framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multi-authority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability and efficiency of our proposed scheme.
Secret Sharing for Health Data in Multi-Provider Clouds
The accelerated adoption of cloud computing among enterprises is due to the multiple benefits the technology provides, one of them the simplification of inter-organizational information sharing, which is of utmost importance in healthcare. Nevertheless, moving sensitive health records to the cloud still implies severe security and privacy risks. With this background, we present a novel secure architecture for sharing electronic health records in a cloud environment. We first conducted a systematic literature review and interviews with different experts from the German healthcare industry that allowed us to derive real-world processes and corresponding security and privacy requirements. Based on these results, we designed our multi-provider cloud architecture that satisfies many of the requirements by providing increased availability, confidentiality and integrity of the medical records stored in the cloud. This architecture features secret sharing as an important measure to distribute health records as fragments to different cloud services, which can provide higher redundancy and additional security and privacy protection in the case of key compromise, broken encryption algorithms or their insecure implementation. Finally, we evaluate and select a secret-sharing algorithm for our multi-cloud architecture. We implemented both Shamir's secret-sharing scheme and Rabin's information dispersal algorithm and performed several experiments measuring the execution time. Our results indicate that an adoption of Rabin's algorithm would create a low overhead, giving strong indicators to the feasibility of our approach.
Securing Personal Health Records in Cloud Utilizing Multi Authority Attribute Based Encryption
Personal health record is keep up in the bring together server to keep up patient’s personal and diagnosis information Personal health record (PHR) is a developing patient-driven model of wellbeing data trade, which is regularly outsourced to be put away at an outsider, for example, cloud providers. Nonetheless, there have been wide security concerns as personal health data could be presented to those outsider servers and to unapproved gatherings. The security plans are utilized to ensure individual information from free. To guarantee the patients' control over access to their PHRs, it is a swearing up and down to method to scramble the PHRs before outsourcing .In this paper we propose novel patient-driven framework and suite of component for information access control to PHR's put away in semi trusted servers. To accomplish fine-grained and versatile information access control for PHRs, we influence attribute based encryption (ABE) methods to scramble each patient’s PHR record. Information holder redesigns the Personal information into outsider cloud server farms. Various information managers can get to the same information values. Our scheme helps effective on-interest client/attribute renouncement.
IJERT-Security of Personal Health Records through Attribute Based Encryption in Cloud Computing
International Journal of Engineering Research and Technology (IJERT), 2014
https://www.ijert.org/security-of-personal-health-records-through-attribute-based-encryption-in-cloud-computing https://www.ijert.org/research/security-of-personal-health-records-through-attribute-based-encryption-in-cloud-computing-IJERTV3IS10816.pdf Now-a-days sensitive data like PHRs are stored on third-party server such as cloud.Recently, PHR system is evolved as a patient-centric model of health information exchange. In order to reduce the operational cost of specialized data centres and to use elastic resources of cloud, the PHR service providers are shifting their PHR application services into the cloud. To secure PHRs and to achieve fine grained access control, new technique of public-cryptosystem called as Attribute Based Encryption (ABE) is used. Various issues like scalability, key management, and efficient user revocation are handled in proposed system. The main focus is given on multi-owner and multi-authority scenario. The users in the system are divided into public and private domains. Proposed system enables dynamic modification of access policies or file attributes. In emergency scenario, break-glass access is provided. It supports on-demand revocation of user or attribute. Proposed system is robust in terms of security, scalability and efficiency.
Secure Sharing of Electronic Health Records in Clouds
Proceedings of the 8th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, 2012
In modern healthcare environments, healthcare providers are more willing to shift their electronic medical record systems to clouds. Instead of building and maintaining dedicated data centers, this paradigm enables to achieve lower operational cost and better interoperability with other healthcare providers. However, the adoption of cloud computing in healthcare systems may also raise many security challenges associated with authentication, identity management, access control, trust management, and so on. In this paper, we focus on access control issues in electronic medical record systems in clouds. We propose a systematic access control mechanism to support selective sharing of composite electronic health records (EHRs) aggregated from various healthcare providers in clouds. Our approach ensures that privacy concerns are accommodated for processing access requests to patients' healthcare information. We also demonstrate the feasibility and efficiency of our approach by implementing a proof-of-concept prototype along with evaluation results.
Attribute-Based Encryption for Reliable and Secure Sharing of PHR in Cloud Computing
2015
In this paper we investigating on Personal health record (PHR),which is a patient-centric model of health information exchange, and is stored at a third party i.e., cloud providers. But there are concerns such as personal health information can be exposed to third party servers and to unauthorized parties. In order to assure the patients’ authority over approach to their personal PHRs, it is an assuring method to encrypt the PHRs before outsourcing. These are issues like elastic access, reliability in key management; privacy exposure and efficient user revocation have continued to be the most significant dispute towards accomplishing fine-grained, cryptographically imposed data access control. Sequentially to have control for data access to PHRs stored in semi trusted severs, a novel patient-centric structure and a suite of methods is proposed in this paper. We leverage attribute-based encryption (ABE) practices to attain scalable and fine grained data access control for personal he...