Secure architecture to manage EHR’s in cloud using SSE and ABE

Cloud computing turns up as an advanced computing model in all business domains. It is a novel interactive data model to realize industries and users who store data in cloud servers. The healthcare sector is one of the major industries for working with the enormous amount of data. With the advent of cloud computing, many healthcare organizations are motivated towards outsourcing their medical records, which are called Electronic Health Records (EHR’s) from local sites to the cloud environment. Outsourcing this sensitive data (i.e. EHR’s) helps organizations to provide cost-effective personalized services to patients. However, securing outsourcing data is a problematic issue. This paper proposes a Searchable Symmetric Encryption (SSE) and Attribute-Based Encryption (ABE) secure architecture to build privacy in the health care systems using the private cloud. Our system provides efficient key management using a pseudorandom number generator to avoid unauthorized access and preserving privacy in EHR’s storage. With the help of modified SSE, we can hide both keyword and access pattern, and improve search efficiency. The system provides EHR’s access in the emergency (when data owner does not meet the requirements) with the help of the ABE. Role-based login is another technique that is provided to monitor EHR’s activities to prevent misbehavior. Through the analysis of the proposed architecture, the privacy and efficiency in the cloud data is guaranteed.

[1]  Yuguang Fang,et al.  An Identity-Based Security System for User Privacy in Vehicular Ad Hoc Networks , 2010, IEEE Transactions on Parallel and Distributed Systems.

[2]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[3]  Yuguang Fang,et al.  CAM: Cloud-Assisted Privacy Preserving Mobile Health Monitoring , 2013, IEEE Transactions on Information Forensics and Security.

[4]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[5]  Jun Pang,et al.  Challenges in eHealth: From Enabling to Enforcing Privacy , 2011, FHIES.

[6]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[7]  Eric Horvitz,et al.  Patient controlled encryption: ensuring privacy of electronic medical records , 2009, CCSW '09.

[8]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[9]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[10]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[11]  Robert H. Deng,et al.  Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage , 2014, IEEE Transactions on Parallel and Distributed Systems.

[12]  B. E. Reddy,et al.  An Efficient Cloud Framework for Health Care Monitoring System , 2012, 2012 International Symposium on Cloud and Services Computing.

[13]  Thomas A. Horan,et al.  Design and field test of an mHealth system for emergency medical services , 2013 .

[14]  Ofir Ben-Assuli,et al.  The influence of EHR components on admission decisions , 2012, AMCIS.

[15]  Carlos H. Salvador,et al.  Envisioning patient safety in Telehealth: a research perspective , 2014, Health and technology.

[16]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[17]  Laurence T. Yang,et al.  Shared Authority Based Privacy-Preserving Authentication Protocol in Cloud Computing , 2015, IEEE Transactions on Parallel and Distributed Systems.

[18]  Huiqun Yu,et al.  Securing Personal Health Records in the Cloud by Enforcing Sticky Policies , 2013 .