A dynamic data security mechanism based on position aware Merkle tree for health rehabilitation services over cloud

Cloud computing paradigm has simplified the delivery of diverse services with the federated organization of computing hardware, storage, software, and services. Many organizations have embraced cloud-based business models to cater to the dynamism of clients. Utility computing harnesses the cloud computing infrastructure to provide services on demand to the customers. It frees the clients from the burden of establishing expensive infrastructures, under-utilization, and wastage of resources, etc. Utility computing provides a wide range of services including storage, computing, networking, web hosting, email, groupware, and data center services. Almost all enterprise models are centered on these services to provide reliable solutions to the clients. In recent years, healthcare industries have resorted to cloud-based solutions to deliver services to remote clients. Rehabilitation is a vital component of healthcare, ascribing to the restoration of the physical, mental and sensory elements of patients. Telerehabilitation services are provided over the cloud for convenience of the healthcare providers and clients. However, these services require maintenance of medical records in the cloud storage for immediate access to the patients and caregivers. Data security is an important concern in such environments in protecting the privacy of a patient. It is required to implement stringent mechanisms for proof generation and verification for authentication and integrity checks. This paper presents a novel publicly certifiable method for the above requirements. This approach is based on a position aware Merkle tree, which employs a 3-tuple scheme, which has been testified for its robustness in providing authentication and data integrity services. The experimental results with the proposed system and performance metrics demonstrate the appropriateness of the system in health rehabilitation services.

[1]  Xiaohua Jia,et al.  An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing , 2013, IEEE Transactions on Parallel and Distributed Systems.

[2]  Li Xu,et al.  A secure remote data integrity checking cloud storage system from threshold encryption , 2014, Journal of Ambient Intelligence and Humanized Computing.

[3]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[4]  Dharma P. Agrawal,et al.  Advances in Security and Privacy of Multimedia Big Data in Mobile and Cloud Computing , 2017, Multimedia Tools and Applications.

[5]  Jamal Bentahar,et al.  Refined game-theoretic approach to improve authenticity of outsourced databases , 2017, J. Ambient Intell. Humaniz. Comput..

[6]  Jean-Jacques Quisquater,et al.  Remote Integrity Checking - How to Trust Files Stored on Untrusted Servers , 2003, IICIS.

[7]  Syam Kumar Pasupuleti,et al.  A new verifiable outsourced ciphertext-policy attribute based encryption for big data privacy and access control in cloud , 2018, Journal of Ambient Intelligence and Humanized Computing.

[8]  Mehmet Sabır Kiraz,et al.  A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing , 2016, Journal of Ambient Intelligence and Humanized Computing.

[9]  Eugene H. Spafford,et al.  Secure outsourcing of scientific computations , 2001, Adv. Comput..

[10]  Mario Ciampi,et al.  An access control model to minimize the data exchange in the information retrieval , 2015, Journal of Ambient Intelligence and Humanized Computing.

[11]  Beng Chin Ooi,et al.  Efficient B-tree based indexing for cloud data processing , 2010, Proc. VLDB Endow..

[12]  Nenghai Yu,et al.  A Privacy-Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability , 2011, IEEE Transactions on Knowledge and Data Engineering.

[13]  Junbeom Hur,et al.  An Online Data-Oriented Authentication Based on Merkle Tree with Improved Reliability , 2017, 2017 IEEE International Conference on Web Services (ICWS).

[14]  Gregory Levitin,et al.  Co-residence based data vulnerability vs. security in cloud computing system with random server assignment , 2018, Eur. J. Oper. Res..

[15]  Reza Curtmola,et al.  Auditable Version Control Systems , 2014, NDSS.

[16]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[17]  Li,et al.  Design and Analysis of Cloud Upper Limb Rehabilitation System Based on Motion Tracking for Post-Stroke Patients , 2019 .

[18]  Syed Asad Hussain,et al.  Multilevel classification of security concerns in cloud computing , 2017 .

[19]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[20]  Anna Lysyanskaya,et al.  How to Securely Outsource Cryptographic Computations , 2005, TCC.

[21]  Miguel A. Teruel,et al.  Influence awareness: considering motivation in computer-assisted rehabilitation , 2019, J. Ambient Intell. Humaniz. Comput..

[22]  Dongqing Xie,et al.  A certificateless signature scheme and a certificateless public auditing scheme with authority trust level 3+ , 2017 .

[23]  Xiaohua Jia,et al.  Data storage auditing service in cloud computing: challenges, methods and opportunities , 2011, World Wide Web.

[24]  Yael Tauman Kalai,et al.  Delegating computation: interactive proofs for muggles , 2008, STOC.

[25]  Yoojae Won,et al.  Guaranteeing the integrity and reliability of distributed personal information access records , 2018, Journal of Ambient Intelligence and Humanized Computing.

[26]  Juan Zhang,et al.  Efficient privacy-preserving third-party auditing for ambient intelligence systems , 2016, J. Ambient Intell. Humaniz. Comput..

[27]  Craig Gentry,et al.  Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers , 2010, CRYPTO.

[28]  Paulo S. L. M. Barreto,et al.  Demonstrating data possession and uncheatable data transfer , 2006, IACR Cryptol. ePrint Arch..

[29]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[30]  Wenliang Du,et al.  Secure multi-party computation problems and their applications: a review and open problems , 2001, NSPW '01.

[31]  Chunming Tang,et al.  Efficient outsourcing schemes of modular exponentiations with checkability for untrusted cloud server , 2015, J. Ambient Intell. Humaniz. Comput..

[32]  Lin Zhong,et al.  An Effective Integrity Verification Scheme of Cloud Data Based on BLS Signature , 2018, Secur. Commun. Networks.

[33]  Philippe Golle,et al.  Uncheatable Distributed Computations , 2001, CT-RSA.