Privacy-Preserving Search Over Encrypted Personal Health Record In Multi-Source Cloud

Cloud-based Personal Health Record systems (CB-PHR) have great potential in facilitating the management of individual health records. Security and privacy concerns are among the main obstacles for the wide adoption of CB-PHR systems. In this paper, we consider a multi-source CB-PHR system in which multiple data providers, such as hospitals and physicians are authorized by individual data owners to upload their personal health data to an untrusted public cloud. The health data are submitted in an encrypted form to ensure data security, and each data provider also submits encrypted data indexes to enable queries over the encrypted data. We propose a novel Multi-Source Order-Preserving Symmetric Encryption (MOPSE) scheme whereby the cloud can merge the encrypted data indexes from multiple data providers without knowing the index content. MOPSE enables efficient and privacy-preserving query processing in that a data user can submit a single data query, the cloud can process over the encrypted data from all related data providers without knowing the query content. We also propose an enhanced scheme, MOPSE+, to more efficiently support the data queries by hierarchical data providers. Extensive analysis and experiments over real data sets demonstrate the efficacy and efficiency of MOPSE and MOPSE+.

[1]  Yeim-Kuan Chang,et al.  Fast binary and multiway prefix searches for packet forwarding , 2007, Comput. Networks.

[2]  CHATLA. LEELA SHANKAR,et al.  Privacy-and Integrity-Preserving Range Queries in Sensor Networks , 2014 .

[3]  Kaiping Xue,et al.  Security Analysis of Attribute Revocation in Multi-Authority Data Access Control for Cloud Storage System , 2015 .

[4]  Yaping Lin,et al.  Efficient and privacy-preserving search in multi-source personal health record clouds , 2015, 2015 IEEE Symposium on Computers and Communication (ISCC).

[5]  Eric Horvitz,et al.  Patient controlled encryption: ensuring privacy of electronic medical records , 2009, CCSW '09.

[6]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[7]  Yuguang Fang,et al.  HCPP: Cryptography Based Secure EHR System for Patient Privacy and Emergency Healthcare , 2011, 2011 31st International Conference on Distributed Computing Systems.

[8]  Bo Sheng,et al.  Verifiable Privacy-Preserving Range Query in Two-Tiered Sensor Networks , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[9]  Yaping Lin,et al.  A secure hierarchical deduplication system in cloud storage , 2016, 2016 IEEE/ACM 24th International Symposium on Quality of Service (IWQoS).

[10]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[11]  Rui Li,et al.  A digital watermarking approach to secure and precise range query processing in sensor networks , 2013, 2013 Proceedings IEEE INFOCOM.

[12]  Jinjun Chen,et al.  Efficient Searchable Symmetric Encryption for Storing Multiple Source Data on Cloud , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[13]  Tatsuaki Okamoto,et al.  Hierarchical Predicate Encryption for Inner-Products , 2009, ASIACRYPT.

[14]  Jie Wu,et al.  Efficient information retrieval for ranked queries in cost-effective cloud environments , 2012, 2012 Proceedings IEEE INFOCOM.

[15]  Jian Wang,et al.  Collusion-resisting secure nearest neighbor query over encrypted data in cloud, revisited , 2016, 2016 IEEE/ACM 24th International Symposium on Quality of Service (IWQoS).

[16]  Baisa L. Gunjal,et al.  Privacy Preserving Ranked Multi-Keyword Search for Multiple Data Owners in Cloud Computing , 2016 .

[17]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[18]  R. Kalaiselvi,et al.  SCALABLE AND SECURE SHARING OF PERSONAL HEALTH RECORDS IN CLOUD COMPUTING , 2016 .

[19]  Xiang-Yang Li,et al.  Privacy preserving cloud data access with multi-authorities , 2012, 2013 Proceedings IEEE INFOCOM.

[20]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[21]  Yue Zhang,et al.  Secure k-NN Query on Encrypted Cloud Data with Limited Key-Disclosure and Offline Data Owner , 2016, PAKDD.

[22]  Alex X. Liu,et al.  SafeQ: Secure and Efficient Query Processing in Sensor Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[23]  Rui Zhang,et al.  Secure multidimensional range queries in sensor networks , 2009, MobiHoc '09.

[24]  Nenghai Yu,et al.  CABE: A New Comparable Attribute-Based Encryption Construction with 0-Encoding and 1-Encoding , 2017, IEEE Transactions on Computers.

[25]  Hao Yue,et al.  RAAC: Robust and Auditable Access Control With Multiple Attribute Authorities for Public Cloud Storage , 2017, IEEE Transactions on Information Forensics and Security.

[26]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[27]  Joseph K. Liu,et al.  Secure sharing of Personal Health Records in cloud computing: Ciphertext-Policy Attribute-Based Signcryption , 2015, Future Gener. Comput. Syst..

[28]  Rui Zhang,et al.  Secure Range Queries in Tiered Sensor Networks , 2009, IEEE INFOCOM 2009.

[29]  Xiaohua Jia,et al.  DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems , 2013, IEEE Transactions on Information Forensics and Security.

[30]  Xingxin Li,et al.  An efficient and secure ridge regression outsourcing scheme in wearable devices , 2017, Comput. Electr. Eng..

[31]  Cong Wang,et al.  A privacy-aware cloud-assisted healthcare monitoring system via compressive sensing , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[32]  Gene Tsudik,et al.  A Framework for Efficient Storage Security in RDBMS , 2004, EDBT.

[33]  Aris M. Ouksel,et al.  Multidimensional B-trees for associative searching in database systems , 1982, Inf. Syst..

[34]  Ming Li,et al.  Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings , 2010, SecureComm.

[35]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[36]  Nathan Chenette,et al.  Order-Preserving Encryption Revisited: Improved Security Analysis and Alternative Solutions , 2011, CRYPTO.

[37]  Tsuyoshi Takagi,et al.  Secure and controllable k-NN query over encrypted cloud data with key confidentiality , 2016, J. Parallel Distributed Comput..

[38]  Qin Liu,et al.  Cooperative private searching in clouds , 2012, J. Parallel Distributed Comput..

[39]  Nenghai Yu,et al.  Two-Cloud Secure Database for Numeric-Related SQL Range Queries With Privacy Preserving , 2017, IEEE Transactions on Information Forensics and Security.

[40]  Zheng Qin,et al.  MPOPE: Multi-provider Order-Preserving Encryption for Cloud Data Privacy , 2017, SecureComm.

[41]  Ming Li,et al.  Authorized Private Keyword Search over Encrypted Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.