Security and Privacy-Preserving Challenges of e-Health Solutions in Cloud Computing

A systematic and comprehensive review of security and privacy-preserving challenges in e-health solutions indicates various privacy preserving approaches to ensure privacy and security of electronic health records (EHRs) in the cloud. This paper highlights the research challenges and directions concerning cyber security to build a comprehensive security model for EHR. We carry an intensive study in the IEEE, Science Direct, Google Scholar, PubMed, and ACM for papers on EHR approach published between 2000 and 2018 and summarized them in terms of the architecture types as well as evaluation strategies. We surveyed, investigated, and reviewed various aspects of several articles and identified the following tasks: 1) EHR security and privacy; 2) security and privacy requirements of e-health data in the cloud; 3) EHR cloud architecture, and; 4) diverse EHR cryptographic and non-cryptographic approaches. We also discuss some crucial issues and the ample opportunities for advanced research related to security and privacy of EHRs. Since big data provide a great mine of information and knowledge in e-Health applications, serious privacy and security challenges that require immediate attention exist. Studies must focus on efficient comprehensive security mechanisms for EHR and also explore techniques to maintain the integrity and confidentiality of patients’ information.

[1]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[2]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[3]  Ahmad-Reza Sadeghi,et al.  Privacy-Preserving ECG Classification With Branching Programs and Neural Networks , 2011, IEEE Transactions on Information Forensics and Security.

[4]  Dong Hoon Lee,et al.  Efficient anonymous attribute-based encryption with access policy hidden for cloud computing , 2017, 2017 International Conference on Progress in Informatics and Computing (PIC).

[5]  Yanfeng Shi,et al.  Attribute-Based Proxy Re-Encryption with Keyword Search , 2014, PloS one.

[6]  Reihaneh Safavi-Naini,et al.  Privacy preserving EHR system using attribute-based infrastructure , 2010, CCSW '10.

[7]  Steven Furnell,et al.  Information security conscious care behaviour formation in organizations , 2015, Comput. Secur..

[8]  Ling Liu,et al.  Searchable Encryption for Healthcare Clouds: A Survey , 2018, IEEE Transactions on Services Computing.

[9]  Samee Ullah Khan,et al.  > REPLACE THIS LINE WITH YOUR PAPER IDENTIFICATION NUMBER (DOUBLE-CLICK HERE TO EDIT) < 1 , 2008 .

[10]  Vinod Vaikuntanathan,et al.  Can homomorphic encryption be practical? , 2011, CCSW '11.

[11]  Hans-Ulrich Prokosch,et al.  A scoping review of cloud computing in healthcare , 2015, BMC Medical Informatics and Decision Making.

[12]  Cong Wang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[13]  G. Hema,et al.  Conjunctive Keyword Search with Designated Tester and Timing Enabled Proxy Re Encryption Function for E-Health Clouds , 2018 .

[14]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[15]  Radha Poovendran,et al.  Distance Bounding Protocols: Authentication Logic Analysis and Collusion Attacks , 2007, Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks.

[16]  G.Anjan Babu V.Pandurangaiah ROBUST AND AUDITABLE ACCESS CONTROL WITH MULTIPLE ATTRIBUTE AUTHORITIES FOR PUBLIC CLOUD STORAGE , 2018 .

[17]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[18]  Cheng Huang,et al.  An Efficient and Privacy-Preserving Biometric Identification Scheme in Cloud Computing , 2018, IEEE Access.

[19]  Ling Liu,et al.  Role-based and time-bound access and management of EHR data , 2014, Secur. Commun. Networks.

[20]  Ali Sunyaev,et al.  Privacy Engineering: Personal Health Records in Cloud Computing Environments , 2011, ICIS.

[21]  Chien-Ding Lee,et al.  A Cryptographic Key Management Solution for HIPAA Privacy/Security Regulations , 2008, IEEE Transactions on Information Technology in Biomedicine.

[22]  Deven McGraw,et al.  Building public trust in uses of Health Insurance Portability and Accountability Act de-identified data , 2013, J. Am. Medical Informatics Assoc..

[23]  Hugo Krawczyk,et al.  Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries , 2013, IACR Cryptol. ePrint Arch..

[24]  Syed Taqi Ali,et al.  A comparative survey of searchable encryption schemes , 2017, 2017 8th International Conference on Computing, Communication and Networking Technologies (ICCCNT).

[25]  Jiguo Li,et al.  KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage , 2017, IEEE Transactions on Services Computing.

[26]  Feipei Lai,et al.  A secure electronic medical record sharing mechanism in the cloud computing platform , 2011, 2011 IEEE 15th International Symposium on Consumer Electronics (ISCE).

[27]  Peter Y. A. Ryan,et al.  Trapdoor Privacy in Asymmetric Searchable Encryption Schemes , 2014, AFRICACRYPT.

[28]  Jameela Al-Jaroodi,et al.  e-Health Cloud: Opportunities and Challenges , 2012, Future Internet.

[29]  Jun Zhang,et al.  Auditing and Revocation Enabled Role-Based Access Control over Outsourced Private EHRs , 2015, 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conference on Embedded Software and Systems.

[30]  Ling Liu,et al.  Security Models and Requirements for Healthcare Application Clouds , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[31]  Vladimir A. Oleshchuk,et al.  A Patient-Centric Attribute Based Access Control Scheme for Secure Sharing of Personal Health Records Using Cloud Computing , 2016, 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC).

[32]  Kurt Rohloff,et al.  Securely Sharing Encrypted Medical Information , 2016, 2016 IEEE First International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE).

[33]  R Amutha,et al.  Secure Data Sharing in Cloud Computing Using Revocable-Storage Identity-Based Encryption , 2017 .

[34]  Willy Susilo,et al.  Chosen-ciphertext secure anonymous conditional proxy re-encryption with keyword search , 2012, Theor. Comput. Sci..

[35]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[36]  Robert H. Deng,et al.  Attribute-based cloud storage with secure provenance over encrypted data , 2018, Future Gener. Comput. Syst..

[37]  Ahmad-Reza Sadeghi,et al.  Securing the e-health cloud , 2010, IHI.

[38]  Xiaohui Liang,et al.  ESPAC: Enabling Security and Patient-centric Access Control for eHealth in cloud computing , 2011, Int. J. Secur. Networks.

[39]  Tarik Nahhal,et al.  Encryption as a service for data healthcare cloud security , 2016, 2016 Fifth International Conference on Future Generation Communication Technologies (FGCT).

[40]  Jin Tong,et al.  Attributed based access control (ABAC) for Web services , 2005, IEEE International Conference on Web Services (ICWS'05).

[41]  Mian Zhang,et al.  Blockchain for healthcare records: A data perspective , 2018, PeerJ Prepr..

[42]  Ravi S. Sandhu,et al.  The NIST model for role-based access control: towards a unified standard , 2000, RBAC '00.

[43]  Hua Wang,et al.  An efficient hash-based algorithm for minimal k-anonymity , 2008, ACSC.

[44]  K Punithasurya,et al.  Analysis of Different Access Control Mechanism in Cloud , 2012 .

[45]  Sushmita Ruj,et al.  Privacy Preserving Access Control with Authentication for Securing Data in Clouds , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).

[46]  Wei Li,et al.  TMACS: A Robust and Verifiable Threshold Multi-Authority Access Control System in Public Cloud Storage , 2016, IEEE Transactions on Parallel and Distributed Systems.

[47]  Shouhuai Xu,et al.  VABKS: Verifiable attribute-based keyword search over outsourced encrypted data , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[48]  Mohiuddin Ahmed,et al.  False Data Injection Attacks in Healthcare , 2017, AusDM.

[49]  Mukesh Singhal,et al.  A secure framework for sharing Electronic Health Records over Clouds , 2016, 2016 IEEE International Conference on Serious Games and Applications for Health (SeGAH).

[50]  Vladimir A. Oleshchuk,et al.  An attribute based access control scheme for secure sharing of electronic health records , 2016, 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom).

[51]  Jyh-Charn Liu,et al.  SAPPHIRE: Anonymity for enhanced control and private collaboration in healthcare clouds , 2012, 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings.

[52]  Jun Pang,et al.  Challenges in eHealth: From Enabling to Enforcing Privacy , 2011, FHIES.

[53]  Clemens Scott Kruse,et al.  Impact of Electronic Health Records on Long-Term Care Facilities: Systematic Review , 2017, JMIR medical informatics.

[54]  M. Aramudhan,et al.  Survey on access control issues in cloud computing , 2016, 2016 International Conference on Emerging Trends in Engineering, Technology and Science (ICETETS).

[55]  Laura M. Roa-Romero,et al.  Standardized access control mechanisms for protecting ISO 13606-based electronic health record systems , 2014, IEEE-EMBS International Conference on Biomedical and Health Informatics (BHI).

[56]  Naman Saxena,et al.  Enhanced timing enabled proxy re-encryption model for E-health data in the public cloud , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[57]  Jian-Guo Bau,et al.  Secure Dynamic Access Control Scheme of PHR in Cloud Computing , 2012, Journal of Medical Systems.

[58]  Rafail Ostrovsky,et al.  Public Key Encryption That Allows PIR Queries , 2007, CRYPTO.

[59]  Ahmad-Reza Sadeghi,et al.  Flexible patient-controlled security for electronic health records , 2012, IHI '12.

[60]  Song Guo,et al.  Privacy-Preserving Access to Big Data in the Cloud , 2016, IEEE Cloud Computing.

[61]  Angelo Esposito,et al.  An access control model for easy management of patient privacy in EHR systems , 2013, 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013).

[62]  Joonsang Baek,et al.  Public Key Encryption with Keyword Search Revisited , 2008, ICCSA.

[63]  Rongxing Lu,et al.  PPDP: An efficient and privacy-preserving disease prediction scheme in cloud-based e-Healthcare system , 2018, Future Gener. Comput. Syst..

[64]  Richard P. Martin,et al.  Detecting and Localizing Wireless Spoofing Attacks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[65]  Yanchun Zhang,et al.  Satisfying Privacy Requirements Before Data Anonymization , 2012, Comput. J..

[66]  Valtteri Niemi,et al.  Man-in-the-Middle in Tunnelled Authentication Protocols , 2003, Security Protocols Workshop.

[67]  D. Richard Kuhn,et al.  Adding Attributes to Role-Based Access Control , 2010, Computer.

[68]  Renato Iannella,et al.  Privacy oriented access control for electronic health records , 2012, WWW 2012.

[69]  Umit Karabiyik,et al.  A secure and cloud-based medical records access scheme for on-road emergencies , 2018, 2018 15th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[70]  Rajendra K. Raj,et al.  Secure Access Control for Health Information Sharing Systems , 2013, 2013 IEEE International Conference on Healthcare Informatics.

[71]  Daisuke Mashima,et al.  Enhancing accountability of electronic health record usage via patient-centric monitoring , 2012, IHI '12.

[72]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[73]  Qiang Tang,et al.  Public-Key Encryption with Registered Keyword Search , 2009, EuroPKI.

[74]  Clemens Scott Kruse,et al.  Security Techniques for the Electronic Health Records , 2017, Journal of Medical Systems.

[75]  Chin-Laung Lei,et al.  Audit-Free Cloud Storage via Deniable , .

[76]  Elisa Bertino,et al.  Multiparty privacy protection for electronic health records , 2013, 2013 IEEE Global Communications Conference (GLOBECOM).

[77]  Yang Yang Attribute-based data retrieval with semantic keyword search for e-health cloud , 2015, Journal of Cloud Computing.

[78]  N. Sasikaladevi,et al.  An Efficient Homomorphic Medical Image Encryption Algorithm For Cloud Storage Security , 2017 .

[79]  Omar Boucelma,et al.  Trusting the Cloud: A PROV + RBAC Approach , 2014, 2014 IEEE 7th International Conference on Cloud Computing.

[80]  Yu-Yi Chen,et al.  A Secure EHR System Based on Hybrid Clouds , 2012, Journal of Medical Systems.

[81]  Craig Gentry,et al.  Implementing Gentry's Fully-Homomorphic Encryption Scheme , 2011, EUROCRYPT.

[82]  Arshdeep Bahga,et al.  A Cloud-based Approach for Interoperable Electronic Health Records (EHRs) , 2013, IEEE Journal of Biomedical and Health Informatics.

[83]  Yong Xiang,et al.  Achieving Secure and Efficient Dynamic Searchable Symmetric Encryption over Medical Cloud Data , 2020, IEEE Transactions on Cloud Computing.

[84]  Xiaohui Liang,et al.  Proxy re-encryption with keyword search , 2010, Inf. Sci..

[85]  Zahir Tari,et al.  Hybrid Cryptographic Access Control for Cloud-Based EHR Systems , 2016, IEEE Cloud Computing.

[86]  Bindu K Gowda,et al.  Hierarchy attribute-based encryption with timing enabled privacy preserving keyword search mechanism for e-health clouds , 2017, 2017 2nd IEEE International Conference on Recent Trends in Electronics, Information & Communication Technology (RTEICT).

[87]  R. Kalaiselvi,et al.  SCALABLE AND SECURE SHARING OF PERSONAL HEALTH RECORDS IN CLOUD COMPUTING , 2016 .

[88]  Jianfeng Wang,et al.  Efficient Verifiable Public Key Encryption with Keyword Search Based on KP-ABE , 2014, 2014 Ninth International Conference on Broadband and Wireless Computing, Communication and Applications.

[89]  Doo-Kwon Baik,et al.  Privacy-Preserving Attribute-Based Access Control Model for XML-Based Electronic Health Record System , 2018, IEEE Access.

[90]  Hao Yue,et al.  RAAC: Robust and Auditable Access Control With Multiple Attribute Authorities for Public Cloud Storage , 2017, IEEE Transactions on Information Forensics and Security.

[91]  Yuguang Fang,et al.  PAAS: A Privacy-Preserving Attribute-Based Authentication System for eHealth Networks , 2012, 2012 IEEE 32nd International Conference on Distributed Computing Systems.

[92]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[93]  Vladimir A. Oleshchuk,et al.  Attribute based access control scheme with controlled access delegation for collaborative E-health environments , 2017, J. Inf. Secur. Appl..

[94]  Nguyen Thanh Hai,et al.  Practical Privacy-Preserving Medical Diagnosis Using Homomorphic Encryption , 2016 .

[95]  Pinyaphat Tasatanattakool,et al.  User authentication algorithm with role-based access control for electronic health systems to prevent abuse of patient privacy , 2017, 2017 3rd IEEE International Conference on Computer and Communications (ICCC).

[96]  Pieter H. Hartel,et al.  Computationally Efficient Searchable Symmetric Encryption , 2010, Secure Data Management.

[97]  Benjamin Edwards,et al.  Hype and Heavy Tails: A Closer Look at Data Breaches , 2016, WEIS.

[98]  Dongxi Liu,et al.  Unified Fine-Grained Access Control for Personal Health Records in Cloud Computing , 2019, IEEE Journal of Biomedical and Health Informatics.

[99]  Jianhua Chen,et al.  Certificateless searchable public key encryption scheme for mobile healthcare system , 2017, Comput. Electr. Eng..

[100]  Ken Sakamura,et al.  Fine-grained access control to medical records in digital healthcare enterprises , 2015, 2015 International Symposium on Networks, Computers and Communications (ISNCC).