Privacy-preserving self-serviced medical diagnosis scheme based on secure multi-party computation

Abstract With the development of the “Internet + Intelligent Medical”, patients can online diagnose some common diseases via the Internet. However, during the diagnostic process, there exist many severe problems on privacy for medical sensitive data of patients. To solve these problems, in this paper, we present a new privacy-preserving self-serviced medical diagnosis scheme based on secure multi-party computation (SMC). In our scheme, a registered patient first encrypts his/her medical health data and sends it to the hospital server, then the hospital server calculates the similarity value between the patient’s medical health data and the trait vector of hospital disease. Finally, the hospital server searches for the disease that matches the patient according to the calculated similarity value, and sends the treatment method of this disease to the patient. Specifically, based on homomorphic encryption (HE) and privacy-preserving access control, our self-serviced medical diagnosis scheme can achieve privacy preservation of patient’s medical health data and confidentiality of hospital diagnosis mode. Through detailed security analysis, we show that our scheme can resist various known security threats. In addition, our scheme not only reduces the cost of treatment for the patients and relieves the hospitals’ heavy pressure in the course of diagnosis, but can also predict other diseases of the patients, which can make the patients a more clear understanding of their current physical condition, and the patients can obtain the most appropriate treatment.

[1]  Shafi Goldwasser,et al.  Multi party computations: past and present , 1997, PODC '97.

[2]  Michael Naehrig,et al.  Improved Security for a Ring-Based Fully Homomorphic Encryption Scheme , 2013, IMACC.

[3]  Donald Beaver,et al.  Multiparty computation with faulty majority , 1989, 30th Annual Symposium on Foundations of Computer Science.

[4]  Wenliang Du,et al.  Privacy-preserving cooperative scientific computations , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[5]  Wenliang Du,et al.  Protocols for Secure Remote Database Access with Approximate Matching , 2001, E-Commerce Security and Privacy.

[6]  Joel R. Reidenberg,et al.  Data Privacy Law: A Study of United States Data Protection , 1996 .

[7]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[8]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[9]  Elisa Bertino,et al.  State-of-the-art in privacy preserving data mining , 2004, SGMD.

[10]  Meikang Qiu,et al.  Privacy Protection for Preventing Data Over-Collection in Smart City , 2016, IEEE Transactions on Computers.

[11]  Ashwin Machanavajjhala,et al.  l-Diversity: Privacy Beyond k-Anonymity , 2006, ICDE.

[12]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[13]  Wei Guo,et al.  A Privacy-Preserving Online Medical Prediagnosis Scheme for Cloud Environment , 2018, IEEE Access.

[14]  Shafi Goldwasser,et al.  Machine Learning Classification over Encrypted Data , 2015, NDSS.

[15]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[16]  Helen Nissenbaum,et al.  Privacy in Context - Technology, Policy, and the Integrity of Social Life , 2009 .

[17]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[18]  Weisi Guo,et al.  Google Trends can improve surveillance of Type 2 diabetes , 2017, Scientific Reports.

[19]  Muttukrishnan Rajarajan,et al.  Privacy-Preserving Clinical Decision Support System Using Gaussian Kernel-Based Classification , 2014, IEEE Journal of Biomedical and Health Informatics.

[20]  Michael Naehrig,et al.  Private Predictive Analysis on Encrypted Medical Data , 2014, IACR Cryptol. ePrint Arch..

[21]  Ling Liu,et al.  Location Privacy in Mobile Systems: A Personalized Anonymization Model , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[22]  Ming Li,et al.  Toward Practical Privacy-Preserving Frequent Itemset Mining on Encrypted Cloud Data , 2020, IEEE Transactions on Cloud Computing.

[23]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[24]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[25]  Kyung Sup Kwak,et al.  Security and Privacy Issues in Wireless Sensor Networks for Healthcare Applications , 2010, Journal of Medical Systems.

[26]  Meikang Qiu,et al.  Who Moved My Data? Privacy Protection in Smartphones , 2017, IEEE Communications Magazine.

[27]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[28]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[29]  Xiaoxia Liu,et al.  Efficient and Privacy-Preserving Online Medical Prediagnosis Framework Using Nonlinear SVM , 2017, IEEE Journal of Biomedical and Health Informatics.

[30]  Yudong Zhang,et al.  Privacy-Preserving Self-Helped Medical Diagnosis Scheme Based on Secure Two-Party Computation in Wireless Sensor Networks , 2014, Comput. Math. Methods Medicine.

[31]  Rakesh Agrawal,et al.  Privacy-preserving data mining , 2000, SIGMOD 2000.

[32]  Michael Naehrig,et al.  Privately Evaluating Decision Trees and Random Forests , 2016, IACR Cryptol. ePrint Arch..

[33]  M. Shamim Hossain,et al.  Cloud-assisted Industrial Internet of Things (IIoT) - Enabled framework for health monitoring , 2016, Comput. Networks.

[34]  Julien Bringer,et al.  Privacy-Preserving Biometric Identification Using Secure Multiparty Computation: An Overview and Recent Trends , 2013, IEEE Signal Processing Magazine.

[35]  Sen-Ching S. Cheung,et al.  Secure Multiparty Computation between Distrusted Networks Terminals , 2007, EURASIP J. Inf. Secur..

[36]  Brent Waters,et al.  Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically-Faster, Attribute-Based , 2013, CRYPTO.

[37]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[38]  Xiaodong Lin,et al.  SPOC: A Secure and Privacy-Preserving Opportunistic Computing Framework for Mobile-Healthcare Emergency , 2013, IEEE Transactions on Parallel and Distributed Systems.