Utilizing Homomorphic Encryption to Implement Secure and Private Medical Cloud Computing

With a large number of commercially-available noninvasive health monitoring sensors today, remote health monitoring of patients in their homes is becoming widespread. In remote health monitoring, acquired sensory data is transferred into a private or public cloud for storage and processing. While simple encryption techniques can assure data privacy in the case of private clouds, ensuring data privacy becomes a lot more challenging when a public cloud (e.g., Amazon EC2) is used to store and process data. We present an approach that eliminates data privacy concerns in the public cloud scenario, by utilizing an emerging encryption technique called Fully Homomorphic Encryption (FHE). The ability of FHE to allow computations without actually observing the data itself makes it an attractive option for certain medical applications. In this paper, we use cardiac health monitoring for our feasibility assessment and demonstrate the advantages and challenges of our approach by utilizing a well-established FHE library called HElib.

[1]  Harold S. Stone,et al.  A Parallel Algorithm for the Efficient Solution of a General Class of Recurrence Equations , 1973, IEEE Transactions on Computers.

[2]  Karen A. Scarfone,et al.  SP 800-111. Guide to Storage Encryption Technologies for End User Devices , 2007 .

[3]  Wei Liu,et al.  Accessing Big Data in the Cloud Using Mobile Devices , 2014 .

[4]  日経BP社,et al.  Amazon Web Services完全ソリューションガイド , 2016 .

[5]  Jiye Shi,et al.  Use of Network Latency Profiling and Redundancy for Cloud Server Selection , 2014, 2014 IEEE 7th International Conference on Cloud Computing.

[6]  Craig Gentry,et al.  Homomorphic Evaluation of the AES Circuit , 2012, IACR Cryptol. ePrint Arch..

[7]  John E. Savage,et al.  Models of computation - exploring the power of computing , 1998 .

[8]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[9]  Tolga Soyata,et al.  Towards Privacy-Preserving Medical Cloud Computing Using Homomorphic Encryption , 2020, Virtual and Mobile Healthcare.

[10]  Muthuramakrishnan Venkitasubramaniam,et al.  Cloud-based secure health monitoring: Optimizing fully-homomorphic encryption for streaming algorithms , 2014, 2014 IEEE Globecom Workshops (GC Wkshps).

[11]  R. Shah,et al.  Drug‐induced QT interval prolongation: regulatory perspectives and drug development , 2004, Annals of medicine.

[12]  Dirk Fox,et al.  Advanced Encryption Standard (AES) , 1999, Datenschutz und Datensicherheit.

[13]  Christopher S. Wallace,et al.  A Suggestion for a Fast Multiplier , 1964, IEEE Trans. Electron. Comput..

[14]  Wendi B. Heinzelman,et al.  Cloud-Vision: Real-time face recognition using a mobile-cloudlet-cloud acceleration architecture , 2012, 2012 IEEE Symposium on Computers and Communications (ISCC).

[15]  Jiaquan Xu,et al.  Deaths: preliminary data for 2011. , 2012 .

[16]  Wendi Heinzelman,et al.  COMBAT: mobile-Cloud-based cOmpute/coMmunications infrastructure for BATtlefield applications , 2012, Defense, Security, and Sensing.

[17]  Tolga Soyata,et al.  AXaaS: Case for acceleration as a service , 2014, 2014 IEEE Globecom Workshops (GC Wkshps).

[18]  J. Couderc The telemetric and holter ECG warehouse initiative (THEW): A data repository for the design, implementation and validation of ECG-related technologies , 2010, 2010 Annual International Conference of the IEEE Engineering in Medicine and Biology.

[19]  Minseok Kwon,et al.  A Tutorial on Network Latency and Its Measurements , 2015 .

[20]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[21]  Abrar H. Shah,et al.  Dofetilide‐Induced Long QT and Torsades de Pointes , 2007, Annals of noninvasive electrocardiology : the official journal of the International Society for Holter and Noninvasive Electrocardiology, Inc.

[22]  W Zareba,et al.  Static and dynamic electrocardiographic patterns preceding torsades de pointes in the acquired and congenital long QT syndrome , 2010, 2010 Computing in Cardiology.

[23]  H. Bazett,et al.  AN ANALYSIS OF THE TIME‐RELATIONS OF ELECTROCARDIOGRAMS. , 1997 .

[24]  Tolga Soyata,et al.  Medical Data Analytics in the Cloud Using Homomorphic Encryption , 2016 .

[25]  Jean-Philippe Couderc,et al.  Cloud‐Based Privacy‐Preserving Remote ECG Monitoring and Surveillance , 2015, Annals of noninvasive electrocardiology : the official journal of the International Society for Holter and Noninvasive Electrocardiology, Inc.

[26]  A. Meyer The Health Insurance Portability and Accountability Act. , 1997, Tennessee medicine : journal of the Tennessee Medical Association.

[27]  H. T. Mouftah,et al.  Accelerating Mobile-Cloud Computing : A Survey , 2013 .

[28]  Frederik Vercauteren,et al.  Fully homomorphic SIMD operations , 2012, Designs, Codes and Cryptography.

[29]  Vinod Vaikuntanathan,et al.  Can homomorphic encryption be practical? , 2011, CCSW '11.

[30]  Michael C. Huang,et al.  Assessment of cloud-based health monitoring using Homomorphic Encryption , 2013, 2013 IEEE 31st International Conference on Computer Design (ICCD).

[31]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[32]  Muthuramakrishnan Venkitasubramaniam,et al.  Secure Health Monitoring in the Cloud Using Homomorphic Encryption: A Branching-Program Formulation , 2015 .

[33]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .