Secure data-exchange protocol in a cloud-based collaborative health care environment

Cloud-based big data frameworks help collaborative healthcare service providers to efficiently store and manage large-scale health data. In such frameworks each cloud data source is autonomous and exchanges data with another cloud using pair-wise communication for user queries by creating an on-the-fly data-exchange session. The frameworks provide a platform for sharing or exchanging health data residing in multiple clouds for the purpose of data analysis, decision making, and improving patients’ treatment. As healthcare data are extremely sensitive, security is vital when sharing such data in a collaborative framework. Since clouds may exchange sensitive patient health data over an insecure channel, the sensitive data might be accessed or intercepted by malicious users or intruders. In this circumstance, a central third-party security mechanism (e.g., Public Key Infrastructure) can not protect confidential data. Concerning pair-wise, on-the-fly data exchange, this paper presents a two-phase security protocol that uses pairing-based cryptography. Each cloud computes a secret session key dynamically by computing a pairing in an elliptic curve. Validating the presented protocol, a formal verification proves that the proposed protocol is robust and safe against the masquerade, man-in-the-middle, and replay attacks.

[1]  H. T. Mouftah,et al.  Session-wise private data exchange in eHealth peer-to-peer database management systems , 2011, Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics.

[2]  R.T.Subhalakshmi,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute-Based Encryption , 2016 .

[3]  M. Anwar Hossain,et al.  Privacy preserving secure data exchange in mobile P2P cloud healthcare environment , 2016, Peer-to-Peer Netw. Appl..

[4]  Kalai Anand Ratnam,et al.  Cloud services - Enhancing the Malaysian healthcare sector , 2012, 2012 International Conference on Computer & Information Science (ICCIS).

[5]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[6]  Yaser Jararweh,et al.  Internet of surveillance: a cloud supported large-scale wireless surveillance system , 2016, The Journal of Supercomputing.

[7]  Siani Pearson,et al.  Taking account of privacy when designing cloud computing services , 2009, 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing.

[8]  Tony Thomas,et al.  Cloud Based Medical Image Exchange-Security Challenges , 2012 .

[9]  Jian-Guo Bau,et al.  Secure Dynamic Access Control Scheme of PHR in Cloud Computing , 2012, Journal of Medical Systems.

[10]  Kostas E. Psannis,et al.  Secure integration of IoT and Cloud Computing , 2018, Future Gener. Comput. Syst..

[11]  G. Lakpathi,et al.  Identity-Based Encryption with Outsourced Revocation in Cloud Computing , 2016 .

[12]  Ozalp Babaoglu,et al.  Peer-to-Peer Cloud Computing ! , 2014 .

[13]  Ming Li,et al.  Authorized Private Keyword Search over Encrypted Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[14]  S. Nepal,et al.  Facilitating Secure Sharing of Personal Health Data in the Cloud , 2016, JMIR medical informatics.

[15]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[16]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[17]  Mehedi Masud Secure Data Exchange in P2P Data Sharing Systems in eHealth Perspective , 2012 .

[18]  Alan H. Karp,et al.  Fusion: Managing Healthcare Records at Cloud Scale , 2012, Computer.

[19]  Brij Bhooshan Gupta,et al.  Enhancing the Browser-Side Context-Aware Sanitization of Suspicious HTML5 Code for Halting the DOM-Based XSS Vulnerabilities in Cloud , 2017, Int. J. Cloud Appl. Comput..

[20]  Jin Li,et al.  Secure Deduplication with Efficient and Reliable Convergent Key Management , 2014, IEEE Transactions on Parallel and Distributed Systems.

[21]  Fatos Xhafa,et al.  L-EncDB: A lightweight framework for privacy-preserving data queries in cloud computing , 2015, Knowl. Based Syst..

[22]  Ruchika Asija,et al.  Healthcare SaaS Based on a Data Model with Built-In Security and Privacy , 2016, Int. J. Cloud Appl. Comput..

[23]  Ayman I. Kayssi,et al.  Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing Architectures , 2009, 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing.

[24]  H. T. Mouftah,et al.  Cryptographic security models for eHealth P2P database management systems network , 2011, 2011 Ninth Annual International Conference on Privacy, Security and Trust.

[25]  Ying Chen,et al.  Rapid Provisioning of Cloud Infrastructure Leveraging Peer-to-Peer Networks , 2009, 2009 29th IEEE International Conference on Distributed Computing Systems Workshops.

[26]  Paulo S. L. M. Barreto,et al.  Efficient Algorithms for Pairing-Based Cryptosystems , 2002, CRYPTO.

[27]  M. Phil,et al.  PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING , 2015 .

[28]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[29]  Mehedi Masud,et al.  Towards Secure Data Exchange in Peer-to-Peer Data Management Systems , 2014 .

[30]  Marten van Dijk,et al.  On the Impossibility of Cryptography Alone for Privacy-Preserving Cloud Computing , 2010, HotSec.

[31]  何晨光,et al.  Toward Ubiquitous Healthcare Services with A Novel Efficient Cloud Platform , 2012 .

[32]  Xiaotie Deng,et al.  TinyPairing: Computing Tate Pairing on Sensor Nodes with Higher Speed and Less Memory , 2009, 2009 Eighth IEEE International Symposium on Network Computing and Applications.

[33]  Siani Pearson,et al.  A Privacy Manager for Cloud Computing , 2009, CloudCom.

[34]  Zhihua Xia,et al.  A Privacy-Preserving and Copy-Deterrence Content-Based Image Retrieval Scheme in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[35]  Ilias Maglogiannis,et al.  Mobile healthcare information management utilizing Cloud Computing and Android OS , 2010, 2010 Annual International Conference of the IEEE Engineering in Medicine and Biology.

[36]  Li Chen,et al.  The building of cloud computing environment for e-health , 2010, 2010 International Conference on E-Health Networking Digital Ecosystems and Technologies (EDT).