A new architecture for secure storage and sharing of health records in the cloud using federated identity attributes

Cloud computing is a technological service that has become a trend. This paradigm adds many benefits to storage of personal health records (PHR) and electronic health records (EHR), such as availability and on-demand provisioning. It also facilitates sharing of health records among doctors, family members, friends and clinicians in general. However, this technology increases the risk of leaking sensitive health data. Aiming at mitigating this problem, we present here a new architecture that takes advantage of identity federation for secure storage and sharing of PHR and EHR in the cloud environment.

[1]  Massimo Villari,et al.  Delegation across storage clouds: on-boarding federation as a case study , 2013, Scalable Comput. Pract. Exp..

[2]  David W. Chadwick,et al.  Adding Federated Identity Management to OpenStack , 2013, Journal of Grid Computing.

[3]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[4]  Guang Gong,et al.  OAuth and ABE based authorization in semi-trusted cloud computing: aauth , 2011, DataCloud-SC '11.

[5]  Qiming Huang,et al.  Securable Personal Health Records using ciphertext policy attribute based encryption , 2012, 2012 IEEE 14th International Conference on e-Health Networking, Applications and Services (Healthcom).

[6]  Sugata Sanyal,et al.  Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques , 2012, ArXiv.

[7]  Harry Fulgencio,et al.  What challenges have to be faced when using the cloud for e-health services? , 2013, 2013 IEEE 15th International Conference on e-Health Networking, Applications and Services (Healthcom 2013).

[8]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[9]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[10]  R. Kalaiselvi,et al.  SCALABLE AND SECURE SHARING OF PERSONAL HEALTH RECORDS IN CLOUD COMPUTING , 2016 .

[11]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[12]  Eiji Okamoto,et al.  Construction of a Multi-domain Functional Encryption System on Functional Information Infrastructure , 2013, 2013 16th International Conference on Network-Based Information Systems.

[13]  Cheng-Chi Lee,et al.  A Survey on Attribute-based Encryption Schemes of Access Control in Cloud Environments , 2013, Int. J. Netw. Secur..

[14]  Rajendra K. Raj,et al.  Secure Access for Healthcare Data in the Cloud Using Ciphertext-Policy Attribute-Based Encryption , 2012, 2012 IEEE 28th International Conference on Data Engineering Workshops.

[15]  Dick Hardt,et al.  The OAuth 2.0 Authorization Framework , 2012, RFC.